Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/strongswan: run as non-root | Timo Teräs | 2015-05-01 | 1 | -0/+30 |
Make charon use 'ipsec' user and group, and enable the libcap support as few capabilities need to be retained for configuring IPsec SAs in to kernel. This also introduces charon.initd which starts charon daemon only and uses swanctl for configuration. It is a little bit more light weight than running the 'starter' which seems to be deprecated. Also the config format is completely different, but more flexible and extensive. |