Re: How to avoid using policy kit with openvpn

[matti kaasinen <matti kaasinen gmail com>]

2016-12-15 18:41 GMT+02:00 Dan Williams <dcbw redhat com>:

> *route add default dev eth0 metric 99*
> So, everything is fine!

That implies that the default route was not set up correctly
beforehand.  What's the output of "ip route" before you add that
default route?

Yes, there was no default route set at all. In fact it should have been created by avahi-autoipd.action script command:

ip route add default dev "$2" metric "$METRIC" scope link ||:

Somehow this did not do the trick. I changed that to:

ip route add default dev "$2" metric "$METRIC"||:

Default route was produced after that. I did not check that command manually, but I suppose that ip command is coming from busybox and do not support ip command properly. It's also possibly that I had ordinary ip command installed in that older set-up, I don

I found out just before leaving office that connection did not recover after unplugging and plugging again. It could come from the fact that I did not fix "CONFLICT|UNBIND|STOP" branch of avahi-autoipd.action script that seems also having these "scope link" statements. I'll check that tomorrow

You might try setting the "never-default" option in the VPN
connection's config to "true", to indicate that the VPN shouldn't grab
the default route.

I'll check this tomorrow.

Thanks,

Matti