package:strongswan-plugin-farp may need apparmor config change
OS : Ubuntu 14.04 LTS server i386 ( with all packages obtained from Ubuntu repos )
Kernel : Linux 3.13.0-66-generic, i686
Running StrongSwan 5.1.2.
Found it was necessary to edit the apparmor profile to permit "strongswan-
be loaded at 'ipsec start'.
Reproducable 100% of time.
Following errors are reported in
"/var/log/
Nov 6 14:39:55 00[NET] opening ARP packet socket failed: Permission denied
Nov 6 14:39:55 00[LIB] plugin 'farp': failed to load - farp_plugin_create returned NULL
"/var/log/syslog" :
Nov 6 14:39:55 VMserver1 kernel: [15238.662619] type=1400 audit(144682079
Nov 6 14:39:55 VMserver1 kernel: [15238.677435] type=1400 audit(144682079
Proposed fix
------------
--- /etc/apparmor.
+++ /tmp/tmpvcipywp2 2015-11-06 16:46:16.552658984 +0000
@@ -27,6 +27,8 @@
# network all,
network raw,
+ network packet dgram,
+
/bin/dash mrPUx,
/etc/
/etc/ipsec.conf r,
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Steven Bishop for more information if necessary.