If you re-enable the Apparmor profile and set your connection to not auto start (use "auto=add") when do you get the access denial on /dev/tty? Is it after restarting the strongswan service or when you call "ipsec up $conn"?
Lastly, would you mind providing an obfuscated version of your ipsec.secrets and ipsec.conf?
If you re-enable the Apparmor profile and set your connection to not auto start (use "auto=add") when do you get the access denial on /dev/tty? Is it after restarting the strongswan service or when you call "ipsec up $conn"?
Lastly, would you mind providing an obfuscated version of your ipsec.secrets and ipsec.conf?