What | Removed | Added |
---|---|---|
CC | jimc@math.ucla.edu |
Mee too. In Tumbleweed as of 2017-10-01, for NetworkManager-1.8.4-1.1.x86_64 NetworkManager-strongswan-1.4.2-1.1.x86_64 strongswan-ipsec-5.6.0-1.1.x86_64 A laptop has NetworkManager-strongswan installed, but not strongswan-ipsec. I turn on the StrongSwan VPN, whose configuration used to work. Syslog shows charon-nm was started, but a dialog box appears saying: Failed to initialize VPN plugin: Connection ":1.49" is not allowed to own the service "org.freedesktop.NetworkManager.strongswan" due to security policies in the configuration file. This is not a lie; /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf from NetworkManager-1.8.4-1.1.x86_64 allows root to own org.freedesktop.NetworkManager.strongswan but not any users. My workaround was to steal /etc/dbus-1/system.d/nm-strongswan-service.conf off the server. This file is provided by strongswan-ipsec which the server does have. https://bugzilla.opensuse.org/show_bug.cgi?id=1035555 appears to be a duplicate of this bug. So is https://bugzilla.redhat.com/show_bug.cgi?id=1379537 OP Daniel Uvehag (2016-09-27), nm-strongswan-service.conf is missing, workaround by installing from the previous package version. Clearly the distro manager has to do something about this, but what? Maybe NetworkManager-strongswan should depend on strongswan-ipsec (hiss, boo). Maybe a package that both of them depend on should include /etc/dbus-1/system.d/nm-strongswan-service.conf . Actually, since nm-strongswan-service.conf is explicitly named for NetworkManager, maybe NetworkManager-strongswan is the best place for it. Does strongswan-ipsec actually use this file?