Description of problem: StrongSwan cannot drop its privileges after startup. Version-Release number of selected component (if applicable): strongswan-5.9.0-2.fc33.x86_64 How reproducible: Always Steps to Reproduce: 1. Setup an unpriviled user for StrongSwan to drop privileges to. 2. Configure StrongSwan to drop its privileges 3. Start the VPN Actual results: StrongSwan is not built with libcap support, so StrongSwan is not able to do its job after it has dropped privileges. Expected results: StrongSwan is built with libcap support, so even after dropping privileges, it still retains enough capabilities to function. Additional info:
Put up https://src.fedoraproject.org/rpms/strongswan/pull-request/11 to fix this
FEDORA-2021-394a40648b has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.
This still needs to be backported to Fedora 33 and 34.
strongswan-5.9.1-1.fc33 and strongswan-5.9.1-1.fc34 should both include this already.
(In reply to Davide Cavalca from comment #4) > strongswan-5.9.1-1.fc33 and strongswan-5.9.1-1.fc34 should both include this > already. Good catch, thanks!