On Mon, 2016-06-13 at 12:46 -0400, Martin Langhoff wrote:
Hi List! is there a practical way to get openvpn commandline to talk to NM to have NM update resolv.conf with the DNS settings coming from the VPN endpoint? I regularly find in the field openvpn setups which refuse to work well with NM's openvpn support. Sometimes I can file the relevant bugs, chase the whole thing down, etc. Sometimes I can't. I am not sure what complexities prevent a more straightforward import of ovpn files that 'just works', I can only bear witness that it has very rarely Just Worked for me. openvpn cli luckily always works. Is there a way to tell it to send the right dbus msg? thank you,
Hi, when you use openvpn directly, you configure all it's options explicitly, either via command line or .ovpn configration file. When you use nm-openvpn plugin, you create a "connection" (profile) via one of the client tools (nm-connection-editor, nmcli) or via import from ovpn file. In any case, this does not understand every option, because some are not implemented and others don't make sense in the context of NetworkManager (e.g. running as server). Also, NM wants to configure IP addressing and DNS itself, it does not allow openvpn to do that. Then, nm-openvpn spawns openvpn with command line arguments based on the connection. openvpn doesn't communitcate via D-Bus. It gets executed by nm-openvpn-service with command line options, and it calls back to NM via --up /usr/libexec/nm-openvpn-service-openvpn-helper If something doesn't work, then there is no other way then to open a bug about it and fix it in nm-openvpn/NetworkManager. That said, import of ovpn file is supposed to just work. What didn't work for you there? Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part