Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)

From: Thomas Haller <thaller redhat com>
To: Dave Conroy <dave tiredofit ca>, networkmanager-list gnome org
Subject: Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)
Date: Fri, 15 Apr 2016 12:15:52 +0200

Hi Dave,


On Fri, 2016-04-15 at 06:04 +0200, Dave Conroy wrote:

I've just subscribed to a VPN service that has multiple locations,
and imported all the necessary .ovpn files into Network Manager.
It seems that I do not have the option to disconnect from the VPNs
when connected, and upon choosing another location it creates another
tun device.


You mean, you would like to have a configuration option in your VPN
"connection", so that when activating another specific VPN connection,
the former gets automatically disconnected?

No, NetworkManager doesn't have a concept of ~conflicting~ connections.
When you activate connection A, you'd have to manually disconnect
connection B.

I've made the change to no success to
/etc/NetworkManager/VPN/openvpn-service.name
supports-multiple-connections=false
Yet it still connects multiple locations without disconnecting the
previous connection.


That shouldn't happen. Did you restart NM after changing the file? But
I suspect the file /etc/NetworkManager/VPN/openvpn-service.name is
ignored and instead it uses /usr/lib/NetworkManager/VPN/openvpn-
service.name. The file in /etc only exists for backward compatibility,
in 1.2, the location of this file moved to /usr/lib.

Changing supports-multiple-connection=false actually should give you
the conflicting behavior, but that doesn't sound like the right
approach. First of all, openvpn-service.name is not user-configuration. 
This setting is here to tell NetworkManager that this plugin is new
enough to support multiple activations of Openvpn connections
(simultaneously). It's not here to implement ~conflicting connections~.

Before 1.2, VPN plugins did not support to activate more then once at a
time. Old plugins were always supports-multiple-connections=false.

Furthermore, I've set it to specifically use tun0 for my connections
yet upon trying to load another connection even after "disabling" the
VPN (I use Cinnamon Desktop) it says that it cannot access tun0 as
the device is busy. I can disconnect via nmctl


Yes, you can disconnect with nmcli.

but was wondering if there was a way that I could force
NetworkManaager to only use one VPN connection at a time, releasing
back tun0 to be used again.


No, such a concept doesn't exist (up to now).

Error Code:
ERROR: Cannot ioctl TUNSETIFF tun0: Device or resource busy
(errno=16)


openvpn said that? Yes, that sounds expected, right?



Thomas

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: Allow Single connection only via networkmanager-openvpn (reuse tun0?)
  - From: Dave Conroy

References:
- Allow Single connection only via networkmanager-openvpn (reuse tun0?)
  - From: Dave Conroy

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]