[Bug 1470277] [NEW] strongswan apparmor profile doesn't permit xauth-pam
Eric Heydrick
1470277 at bugs.launchpad.net
Tue Jun 30 23:29:06 UTC 2015
Public bug reported:
When using the strongswan xauth-pam plugin I get an error at startup
regarding missing capabilities and the plugin doesn't load.
---
xauth-pam plugin requires CAP_AUDIT_WRITE capability
plugin 'xauth-pam': failed to load - xauth_pam_plugin_create returned NULL
---
If I add "capability audit_write," to
/etc/apparmor.d/local/usr.lib.ipsec.charon it works. I would expect the
plugin to work without modifying the local apparmor profile.
Package info:
strongswan:
Installed: 5.1.2-0ubuntu2.3
Candidate: 5.1.2-0ubuntu2.3
strongswan-plugin-xauth-pam:
Installed: 5.1.2-0ubuntu2.3
Candidate: 5.1.2-0ubuntu2.3
Ubuntu info:
Description: Ubuntu 14.04.2 LTS
Release: 14.04
** Affects: strongswan (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to strongswan in Ubuntu.
https://bugs.launchpad.net/bugs/1470277
Title:
strongswan apparmor profile doesn't permit xauth-pam
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1470277/+subscriptions
More information about the Ubuntu-server-bugs
mailing list