Re: apparmor="DENIED" operation="open" profile="/usr/lib/ipsec/charon" name="/run/NetworkManager/resolv.conf"

[Reco]

On Sat, Mar 21, 2020 at 10:52:53AM +0300, Reco wrote:
> > What I figure out is the problem is that somehow, apparmor denies to 
> > network-manager the ability to provide a valid resolv.conf file.
> > So ipsec can't add a DNS server to my VPN connection.
> 
> For that particular file it's:

Forgot a coma:

echo "/run/NetworkManager/resolv.conf rwk," \
        >> /etc/apparmor.d/local/usr.lib.ipsec.charon
aa-complain /usr/lib/ipsec/charon
aa-enforce /usr/lib/ipsec/charon
 
Reco