Ubuntu
strongswan package

  1. Bug #1773956
  2. Comment #0

Comment 0 for bug 1773956

Revision history for this message
Jean-Daniel Dupas (xooloo) wrote :

When using the HA plugin, charon-systemd try to read '@{PROC}/@{pid}/net/ipt_CLUSTERIP/' and to write in files into '@{PROC}/@{pid}/net/ipt_CLUSTERIP/'

So the 2 rules may be append to charon-systemd.apparmor.conf

# Cluster IP
@{PROC}/@{pid}/net/ipt_CLUSTERIP/ r,
@{PROC}/@{pid}/net/ipt_CLUSTERIP/* rw,