On Thursday, 7 July 2016 21:25:39 UTC-4, Seán McCord wrote: > > If this is for an ad-hoc VPN connection, you should be able to build and > run it inside `toolbox`. Otherwise, as Nick said: run it in a container. > Because it requires the ability to create tun/tap devices, it will need to > be a privileged container with access to at least `/dev`, and you may need > to add `ExecStartPre=/usr/sbin/modprobe tun` in your systemd/fleet unit for > it. >
What is "toolbox"? As I mentioned to Nick, I couldn't run vpnc in a container, probably because I didn't run it inside one that was privileged. What is the purpose of "/usr/sbin/modprobe tun"? > It looks like it only links to libraries which are present in CoreOS, > though, so if you do have to run it bare, for some reason, you can probably > copy the binary over from Ubuntu: > > ~/d/v/vpnc-0.5.3 $ ldd vpnc > linux-vdso.so.1 (0x00007ffe1647d000) > libgcrypt.so.20 => /usr/lib64/libgcrypt.so.20 (0x00007f410eabd000) > libgpg-error.so.0 => /usr/lib64/libgpg-error.so.0 (0x00007f410e8aa000) > libc.so.6 => /lib64/libc.so.6 (0x00007f410e50d000) > /lib64/ld-linux-x86-64.so.2 (0x00007f410eda0000) > This is encouraging. Is there any particular location where I should or should not copy the binary so that it isn't overwritten by the CoreOS update process? Derek >
