Bug 625247 – Add support for passing a file as configuration file

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 625247 - Add support for passing a file as configuration file


Summary:	Add support for passing a file as configuration file


Status:	RESOLVED WONTFIX

Product:	NetworkManager
Classification:	Platform
Component:	VPN: openvpn
Version:	git master
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	Dan Williams
QA Contact:	Dan Williams

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2010-07-25 16:53 UTC by Pablo Castellano (IRC: pablog)
Modified:	2010-07-27 22:05 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Pablo Castellano (IRC: pablog) 2010-07-25 16:53:54 UTC

Actually, I want to use a openvpn configuration that contains tags that this plugin doesn't support. And so, it's not loaded correctly.

It would be easier to support the --config openvpn argument (think about new configuration tags implemented in the future). Openvpn could be run almost similar to how the service daemon does:

/usr/sbin/openvpn --writepid /var/run/openvpn.myconfig.pid --daemon ovpn-myconfig --status /var/run/openvpn.myconfig.status 10 --cd /etc/openvpn --config /etc/openvpn/myconfig.conf --script-security 2

Dan (as I think you are the unique maintainer), if you agree with this idea I would like to start working on it, adding a new "connection type" called NM_OPENVPN_CONTYPE_CONFIG.


Questions:
Which directory should configuration files be saved?

Comment 1 Dan Williams 2010-07-27 19:36:41 UTC

This isn't going to be supported because all the options have to be validated anyway, otherwise there's a security hole.  The openvpn daemon runs as root, and passing arbitrary configuration data to it from a user session isn't particularly responsible.

What we should do is identify what options aren't yet supported that you need, and add support for those through the existing plugin.

Which options do you nheed that aren't supported?

Comment 2 Pablo Castellano (IRC: pablog) 2010-07-27 22:05:52 UTC

Yes you are right, I didn't realize that openvpn was run as root.

At the moment, the options that I have found that are not supported are:

+#define ROUTE_TAG "route"
+#define SOCKET_FLAGS_TAG "socket-flags"
+#define KEEPALIVE_TAG "keepalive"
+#define PING_TAG "ping"
+#define DHCP_OPTION_TAG "dhcp-option"

I'm working on it.
So, closing bug...