-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Fabrice,
On 03/19/2015 09:22 AM, Fabrice Barconnière wrote: > I've configured VPN on Ubuntu Trusty with strongSwan 5.1.2 and > connections are OK. > But when i execute "ipsec statusall" command, it replies : > "reading from socket failed: Permission denied" > > When i suppress "/etc/apparmor.d/usr.lib.ipsec.stroke" AppArmor > profile, the command replies correctly. Are you running with reduced privileges [1] by any chance? If yes, then Ubuntu has almost everything in place (properly compiled, user "strongswan" created by the package, etc). The only missing pieces are little tweaks to the charon and stroke Apparmor profiles. Those are available as patches at [2]. Regards, Simon 1: https://wiki.strongswan.org/projects/strongswan/wiki/ReducedPrivileges 2: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1333655 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJVCtAxXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ1NjVDMzc0QUZCQUQyRkM2MjBDNkMxQkI3 MkZFMERBRTkwMEIyQzM0AAoJEHL+Da6QCyw0UGQP/17EChoBdN0g+BusuoKxhpVr jOM/6fXTSaySziBjvXZGGHLox35z4xFWR2nSHhKM2p/mKFfsAQ/M+zGCFgyXMTYr 8DR1jowMbeXj6K0yh8DZOfgxhptV8+b8lrP8S7mz1Ba9zLM0vZVGu+xryXIO/dUD Q3ceW2HIB3UEg5uTumuuyxUsW4fHgNLZcVhMQvxZvHLE4TaOxD1WYfBtFnOnDwBd eemDilbADnXU8Bx+HnyLHxqb+8Y6wNOpat/XaonSckgG+5Q7Sm95X4Qkj4wy/m3h ydLPW4PZFvBMeBqcVF6iwcVyGHeKSF3qxt+fQIyABHpcXwkI2ukl8QiZyLY1MI9w bJEq4cTBIizMcDLj8rkXgm1FWiUcXnVUMGnJxaBZPlBQJgu3oOwfvDUTFeB6I3FV DlOd1v5twqpBDwwTB8lp6KsJGduIqPFSOWI5VnPUIpG4QtL2TsHGmibytPixe5MC H+V6JKo8NC6el7Z5rWPhQkPxErTcFerDrIoMJmD9dKW3A1IlVWAbHthDSSxueY8j ASR/y3Qr8wW/NH4zMiP6Jnlqc0vzIc4/ibkrQsVKbdBuDg6kMfOYlUoqKcEhwi7/ RyqD0FszIGvQW9esE/4KLZTGjrRiJmmqYJ+Kf4Izt2H4dNXP8BwHCcTCJTHEs6Ur Y+f5TqVqOaaqhkfxFLAb =VwaL -----END PGP SIGNATURE----- _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
