ryan-lee@plucky-client:~$ apt policy apparmor
apparmor:
Installed: 4.1.0~beta5-0ubuntu14.1
Candidate: 4.1.0~beta5-0ubuntu14.1
Version table:
*** 4.1.0~beta5-0ubuntu14.1 100
100 http://us.archive.ubuntu.com/ubuntu plucky-proposed/main amd64 Pack>
100 /var/lib/dpkg/status
4.1.0~beta5-0ubuntu14 500
500 http://us.archive.ubuntu.com/ubuntu plucky/main amd64 Packages
ryan-lee@plucky-server:~$ apt policy apparmor
apparmor:
Installed: 4.1.0~beta5-0ubuntu14.1
Candidate: 4.1.0~beta5-0ubuntu14.1
Version table:
*** 4.1.0~beta5-0ubuntu14.1 100
100 http://us.archive.ubuntu.com/ubuntu plucky-proposed/main amd64 Pack>
100 /var/lib/dpkg/status
4.1.0~beta5-0ubuntu14 500
500 http://us.archive.ubuntu.com/ubuntu plucky/main amd64 Packages
`sudo aa-status` shows openvpn, openvpn//ip, and openvpn//update-resolv
profiles loaded on both machines.
With the configs, `sudo openvpn [config].conf` opens an openvpn tunnel
successfuly, with "Peer Connection Initialized with [AF_INET][ip-addr]"
and "Initialization Sequence Completed" printed on both ends of the
connection, and the client also printing "/etc/openvpn/update-resolv-
conf tun0 1500 0 10.4.13.2 10.4.13.1 init".
ryan-lee@plucky-client:~$ cat ~/Desktop/openvpn-client.conf
remote plucky-server.local
dev tun
proto udp
cipher aes-256-cbc
ifconfig 10.4.13.2 10.4.13.1
secret secret.key
script-security 2
dhcp-option DNS 9.9.9.9
dhcp-option DOMAIN ubuntu.com
up /etc/openvpn/update-resolv-conf
up-restart
down /etc/openvpn/update-resolv-conf
down-pre
ryan-lee@plucky-client:~$ ping 10.4.13.1
PING 10.4.13.1 (10.4.13.1) 56(84) bytes of data.
64 bytes from 10.4.13.1: icmp_seq=1 ttl=64 time=1.85 ms
64 bytes from 10.4.13.1: icmp_seq=2 ttl=64 time=0.937 ms
64 bytes from 10.4.13.1: icmp_seq=3 ttl=64 time=1.17 ms
64 bytes from 10.4.13.1: icmp_seq=4 ttl=64 time=1.47 ms
^C
--- 10.4.13.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 0.937/1.358/1.854/0.343 ms
The output of `resolvctl status` on plucky-client includes the following:
Link 3 (tun0)
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 9.9.9.9
DNS Servers: 9.9.9.9
DNS Domain: ubuntu.com
Default Route: yes
ryan-lee@plucky-server:~$ cat ~/Desktop/openvpn-server.conf
dev tun
proto udp
cipher aes-256-cbc
ifconfig 10.4.13.1 10.4.13.2
secret secret.key
ryan-lee@plucky-server:~$ ping 10.4.13.2
PING 10.4.13.2 (10.4.13.2) 56(84) bytes of data.
64 bytes from 10.4.13.2: icmp_seq=1 ttl=64 time=1.38 ms
64 bytes from 10.4.13.2: icmp_seq=2 ttl=64 time=1.40 ms
64 bytes from 10.4.13.2: icmp_seq=3 ttl=64 time=1.23 ms
64 bytes from 10.4.13.2: icmp_seq=4 ttl=64 time=1.08 ms
^C
--- 10.4.13.2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 1.076/1.272/1.397/0.130 ms
Test plan verification successful.
** Tags removed: verification-needed verification-needed-plucky
** Tags added: verification-done verification-done-plucky
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107596
Title:
Apparmor is missing rule for openvpn to set DNS domain
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2107596/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
