repeated with more care to ensure profiles are actually unloaded running this twice, confirms profiles are now not loaded
$ for profile in $(find . | egrep "charon|ipsec" | grep -v local); do sudo apparmor_parser -R /etc/apparmor.d/$profile; done apparmor_parser: Unable to remove "/usr/lib/ipsec/lookip". Profile doesn't exist apparmor_parser: Unable to remove "/usr/sbin/charon-systemd". Profile doesn't exist apparmor_parser: Unable to remove "/usr/lib/ipsec/stroke". Profile doesn't exist apparmor_parser: Unable to remove "/usr/lib/ipsec/charon". Profile doesn't exist and, the aa-status confirms $ sudo aa-status | egrep "ipsec|charon" (EMPTY) --- RETRY - ffs, connection STILL hangs, but these rejected charon messages in dmesg are no longer happening (so maybe those are a legit bug/issue with the profile to be fixed, but a red-herring to my primary issue) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1786250 Title: strongswan (charon) is rejected by apparmor to read /proc/<PID>/fd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1786250/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
