Project

General

Profile

Tâche #10948

Scénario #10794: Faire fonctionner les VPN sur EOLE 2.5

apparmor empêche la commande "ipsec statusall"

Added by Fabrice Barconnière about 6 years ago. Updated about 6 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Target version:
Start date:
02/26/2015
Due date:
% Done:

0%

Estimated time:
3.00 h
Spent time:
Remaining (hours):
0.0

Description

root@sphynx:~# ipsec statusall
reading from socket failed: Permission denied

Après suppression des fichiers apparmor liés à stronSwan et reload de la conf apparmor :
root@sphynx:~# ipsec statusall
Status of IKE charon daemon (strongSwan 5.1.2, Linux 3.16.0-31-generic, x86_64):
  uptime: 14 minutes, since Mar 18 14:30:54 2015
  malloc: sbrk 1486848, mmap 0, used 322912, free 1163936
  worker threads: 27 of 32 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 0
  loaded plugins: charon test-vectors aes sha1 sha2 md5 random nonce x509 revocation constraints pkcs1 pkcs8 pem openssl xcbc cmac hmac ctr ccm gcm attr kernel-netlink resolve socket-default stroke updown eap-identity addrblock
Listening IP addresses:
  192.168.0.11
  172.30.101.11
Connections:
Sphynx-amon_1-adm-eth1:  192.168.0.11...192.168.0.31  IKEv1/2, dpddelay=120s
Sphynx-amon_1-adm-eth1:   local:  [C=fr, O=gouv, OU=education, OU=ac-test, CN=sphynx] uses public key authentication
Sphynx-amon_1-adm-eth1:    cert:  "C=fr, O=gouv, OU=education, OU=ac-test, CN=sphynx" 
Sphynx-amon_1-adm-eth1:   remote: [C=fr, O=gouv, OU=education, OU=ac-test, CN=amon] uses public key authentication
Sphynx-amon_1-adm-eth1:   child:  172.30.101.0/24 === 10.1.1.0/24 TUNNEL, dpdaction=clear
Security Associations (0 up, 0 connecting):
  none

History

#1 Updated by Daniel Dehennin about 6 years ago

  • Status changed from Nouveau to En cours

#2 Updated by Daniel Dehennin about 6 years ago

  • Assigned To set to Daniel Dehennin

#3 Updated by Daniel Dehennin about 6 years ago

  • Distribution changed from EOLE 2.4 to EOLE 2.5

#4 Updated by Daniel Dehennin about 6 years ago

Avant instanciation du serveur, la commande ne pose pas de problème.

Le problème apparaît après instanciation.

#5 Updated by Gilles Grandgérard about 6 years ago

  • Status changed from En cours to Résolu

#6 Updated by Daniel Dehennin about 6 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) changed from 3.0 to 0.0

Also available in: Atom PDF