GNOME Bugzilla – Bug 625247
Add support for passing a file as configuration file
Last modified: 2010-07-27 22:05:52 UTC
Actually, I want to use a openvpn configuration that contains tags that this plugin doesn't support. And so, it's not loaded correctly. It would be easier to support the --config openvpn argument (think about new configuration tags implemented in the future). Openvpn could be run almost similar to how the service daemon does: /usr/sbin/openvpn --writepid /var/run/openvpn.myconfig.pid --daemon ovpn-myconfig --status /var/run/openvpn.myconfig.status 10 --cd /etc/openvpn --config /etc/openvpn/myconfig.conf --script-security 2 Dan (as I think you are the unique maintainer), if you agree with this idea I would like to start working on it, adding a new "connection type" called NM_OPENVPN_CONTYPE_CONFIG. Questions: Which directory should configuration files be saved?
This isn't going to be supported because all the options have to be validated anyway, otherwise there's a security hole. The openvpn daemon runs as root, and passing arbitrary configuration data to it from a user session isn't particularly responsible. What we should do is identify what options aren't yet supported that you need, and add support for those through the existing plugin. Which options do you nheed that aren't supported?
Yes you are right, I didn't realize that openvpn was run as root. At the moment, the options that I have found that are not supported are: +#define ROUTE_TAG "route" +#define SOCKET_FLAGS_TAG "socket-flags" +#define KEEPALIVE_TAG "keepalive" +#define PING_TAG "ping" +#define DHCP_OPTION_TAG "dhcp-option" I'm working on it. So, closing bug...