apparmor: allow charon, charon-systemd and swanctl to read ssl keys from common locations (!12) · Merge requests · Debian / strongswan

With the popularity of ACME clients providing access to free "official" TLS certs some users want to make use of those with strongSwan. The too restrictive AppArmor policy caused grief to some users which reported about it on the upstream mailing list:

https://lists.strongswan.org/pipermail/users/2017-February/010537.html https://lists.strongswan.org/pipermail/users/2021-October/015121.html

Signed-off-by: Simon Deziel simon@sdeziel.info

apparmor: allow charon, charon-systemd and swanctl to read ssl keys from common locations

Merge request reports