[Openswan Users] Permission denied on /proc/net/ipsec_* stuff
Paul Wouters
paul at xelerance.com
Wed Jun 28 22:46:12 CEST 2006
On Wed, 28 Jun 2006, Mihajlo Cvetanovi wrote:
> I played with kernel and openswan and something went wrong. Can't really tell
> what caused it, but when ipsec module is inserted into kernel all those
> /proc/net/ipsec_* links go to some undefined state. The part of the directory
> list looks like this:
>
> ...
> -r--r--r-- 1 root root 0 Jun 28 18:08 pf_key_registered
> -r--r--r-- 1 root root 0 Jun 28 18:08 pf_key_supported
> ?--------- ? ? ? ? ? /proc/net/ipsec_eroute
> ?--------- ? ? ? ? ? /proc/net/ipsec_klipsdebug
> ?--------- ? ? ? ? ? /proc/net/ipsec_spi
> ?--------- ? ? ? ? ? /proc/net/ipsec_spigrp
> ?--------- ? ? ? ? ? /proc/net/ipsec_tncfg
> ?--------- ? ? ? ? ? /proc/net/ipsec_version
> -r--r--r-- 1 root root 0 Jun 28 18:08 protocols
> -r--r--r-- 1 root root 0 Jun 28 18:08 psched
I have never seen this.
Which kernel and which openswan versions are you using. Does the kernel
do SElinux and is it disabled or enabled? If enabled, try disabling it,
because no one has tested SElinux+openswan (not even redhat)
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list