# Display the table, so we know it is correct. kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# echo initdone initdone kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# : ==== end ==== kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# ../../pluto/bin/ipsec-look.sh kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# : ==== cut ==== kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# ipsec auto --status whack: Pluto is not running (no "/run/pluto/pluto.ctl") kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec auto --status' <<<<<<<<<<tuc<<<<<<<<<<: ==== tuc ==== kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# ../bin/check-for-core.sh kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi type=AVC msg=audit(1566844133.486:265910): avc: denied { write } for pid=7504 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=295084539 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1 type=AVC msg=audit(1566844133.996:266013): avc: denied { write } for pid=8463 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=63889669 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1 kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]# : ==== end ==== kroot@swantest:/home/build/libreswan/testing/pluto/xauth-pluto-05\[root@nic xauth-pluto-05]#