[Bug 1505222] Re: strongSwan AppArmor prevents CRL caching
Robie Basak
1505222 at bugs.launchpad.net
Tue Oct 20 10:38:09 UTC 2015
Confirmed based on
https://wiki.strongswan.org/projects/strongswan/wiki/ConfigSetupSection:
"if enabled, certificate revocation lists (CRLs) fetched via HTTP or
LDAP will be cached in /etc/ipsec.d/crls/ under a unique file name
derived from the certification authority's public key"
So /etc/ipsec.d/crls/* does need write access in the AppArmor profile as
you have suggested.
** Changed in: strongswan (Ubuntu)
Status: New => Triaged
** Tags added: bitesize
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1505222
Title:
strongSwan AppArmor prevents CRL caching
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1505222/+subscriptions
More information about the Ubuntu-server-bugs
mailing list