GNOME Bugzilla – Bug 792588
File creation failed (Permission denied)
Last modified: 2018-01-17 09:48:54 UTC
When I try to connect using fortisslvpn, I receive the following error: jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <info> [1516130486.7549] audit: op="connection-activate" uuid="d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1" name="Zoop - AWS N. Virginia" pid=5311 uid=1000 result="success" jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <info> [1516130486.7629] vpn-connection[0x558b648744a0,d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia",0]: Started the VPN service, PID 6094 jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <info> [1516130486.7705] vpn-connection[0x558b648744a0,d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia",0]: Saw the service appear; activating connection jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <info> [1516130486.7812] vpn-connection[0x558b648744a0,d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia",0]: VPN connection: (ConnectInteractive) reply received jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <warn> [1516130486.7823] vpn-connection[0x558b648744a0,d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia",0]: VPN connection: failed to connect: 'Falha ao criar arquivo “/d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1.config.WN6LCZ”: Permission denied' jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <info> [1516130486.7835] vpn-connection[0x558b648744a0,d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia",0]: VPN plugin: state changed: stopped (6) jan 16 17:21:26 localhost.localdomain NetworkManager[897]: <info> [1516130486.7841] vpn-connection[0x558b648744a0,d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia",0]: VPN service disappeared jan 16 17:22:46 localhost.localdomain NetworkManager[897]: <info> [1516130566.2472] keyfile: update /etc/NetworkManager/system-connections/Zoop - AWS N. Virginia (d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1,"Zoop - AWS N. Virginia") As you can see on the line 5, he try to create a file named "/d4e0bf1e-9d73-46d5-a350-a5d8a6f081f1.config.WN6LCZ" somewhere and gives PermissionDenied. The path is not specified in the error, so I'm kinda lost here. Some info about my system: Fedora release 27 (Twenty Seven) Linux localhost.localdomain 4.14.13-300.fc27.x86_64 #1 SMP Thu Jan 11 04:00:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux NetworkManager.x86_64 1:1.8.4-7.fc27 NetworkManager-fortisslvpn.x86_64 1.2.6-3.fc27 NetworkManager-fortisslvpn-gnome.x86_64 1.2.6-3.fc27 openfortivpn.x86_64 1.5.0-1.fc27
probably a SELinux denial. The path should not tried to be created in / https://git.gnome.org/browse/network-manager-fortisslvpn/tree/src/nm-fortisslvpn-service.c?id=ee1e87b480f237cf6ae2cfa451750c18729a8f8b#n609 : priv->config_file = g_strdup_printf (NM_FORTISSLVPN_STATEDIR "/%s.config", nm_connection_get_uuid (connection)); It's a bug in the fedora package, which fails to set NM_FORTISSLVPN_STATEDIR to something reasonable.
The bug was in 1.2.6 package, it's fixed upstream by https://git.gnome.org/browse/network-manager-fortisslvpn/commit/?id=e5d476076e068f58ef4fa938f09945159fce36a6