I *finally* figured out the root cause, my custom kernel. In Ubuntu, the
following lines are a requirement to make Strongswan function properly:
gebruiker@Delta:~/Documenten/Ronald/linux-git$ cat /usr/src/config | grep
DEVTMPFS
CONFIG_DEVTMPFS=y
CONFIG_DEVTMPFS_MOUNT=y
/dev/urandom still looks t
Sidenote, this was with a vanilla 4.6.4 from the strongswan.org website.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1014361
Title:
Strongswan fails to access /dev/urandom
To manage notifications
I managed to narrow it down, Ubuntu compiles Strongswan with:
--with-capabilities=libcap
I changed this to:
--with-capabilities=no
And now it works! I have *no* idea what caused libcap functionality to
fail. This 32-bit Ubuntu uses the same kernel configuration (as far as
generic kernel configu
I dug some more. This is just getting better, look:
root@Delta:~# lsof /dev/urandom
lsof: WARNING: can't stat() fuse.gvfs-fuse-daemon file system
/home/gebruiker/.gvfs
Output information may be incomplete.
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
smbd 2714
** Description changed:
I'm having issue's getting strongswan to work on Ubuntu. First of all, I
find it quite weird that ipsec is not capable of running as an
unprivileged user (like in Gentoo). But I guess this has something todo
with the fact that Ubuntu distributes binary packages.
Good suggestion, no dice though.
gebruiker@Delta:~$ sudo ipsec stop
Stopping strongSwan IPsec...
gebruiker@Delta:~$ sudo ipsec start
Starting strongSwan 4.5.2 IPsec [starter]...
!! Your strongswan.conf contains manual plugin load options for
!! pluto and/or charon. This is recommended for experts
Is this perhaps related to http://askubuntu.com/questions/30115/root-
cannot-access-dev-urandom?
Does it work if you use
$ sudo ipsec start
$ sudo ipsec up remote
instead of running these commands from a root shell?
--
You received this bug notification because you are a member of Ubuntu
Bugs,
** Description changed:
I'm having issue's getting strongswan to work on Ubuntu. First of all, I
find it quite weird that ipsec is not capable of running as an
unprivileged user (like in Gentoo). But I guess this has something todo
with the fact that Ubuntu distributes binary packages.
P.S. This is with ubuntu 12.04 and strongswan 4.5.2-1.2.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1014361
Title:
Strongswan fails to access /dev/urandom
To manage notifications about this bug
** Attachment added: "config"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1014361/+attachment/3193790/+files/config
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1014361
Title:
Str
** Attachment added: "ipsec.conf"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1014361/+attachment/3193788/+files/ipsec.conf
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1014361
Titl
** Attachment added: "strongswan.conf"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1014361/+attachment/3193789/+files/strongswan.conf
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/101
** Attachment added: "starter"
https://bugs.launchpad.net/bugs/1014361/+attachment/3193787/+files/starter
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1014361
Title:
Strongswan fails to access /
13 matches
Mail list logo
