Hi,
could you add to the apparmor profile of charon this line
@{PROC}/@{pid}/fd/ r,
Then reload it via:
sudo apparmor_parser -r /etc/apparmor.d/usr.lib.ipsec.charon
While I never have heard of charon needing this, if the above works you could add it for youself as a config and I could make it part of future packages.
If the above makes those messages disappear but shows new apparmor denies afterwards let me know.
Hi, /@{pid} /fd/ r, d/usr.lib. ipsec.charon
could you add to the apparmor profile of charon this line
@{PROC}
Then reload it via:
sudo apparmor_parser -r /etc/apparmor.
While I never have heard of charon needing this, if the above works you could add it for youself as a config and I could make it part of future packages.
If the above makes those messages disappear but shows new apparmor denies afterwards let me know.