On Mon, 2009-07-13 at 11:27 +0200, Laurent Goujon wrote: > Ok, I think I have the overall idea... the nm applet wraps user connections > in order to intercept activation and provides username and password. I'm > tempted to do something similar to system connections. Good idea?
So system settings are interesting WRT VPNs. The point of system settings is to be available *before* login and across fast-user-switches. As such, they aren't a great fit for user-specific VPNs. They would be for say certificate-based OpenVPN connections or point-to-point VPNs between two servers, say. It seems like what you really want to do is to add some GConf "mandatory" settings that contain the connection details. I can't think of anything that would be user-specific, so you'd add them once in your initial login sequence for the user. These wouldn't be able to be changed by the user (since they are mandatory, only root can change them), but the user would still be asked for the password when they logged in. Since you're using tokens, you'll want to set the "Always Ask" option for the user password. Dan > Laurent > ----- Mail Original ----- > De: "Laurent Goujon" <[email protected]> > À: [email protected] > Envoyé: Vendredi 10 Juillet 2009 18:03:03 GMT +01:00 Amsterdam / Berlin / > Berne / Rome / Stockholm / Vienne > Objet: vpnc System-wide settings > > Hi, > > I'm trying to put in place system-wide settings for vpn(c). The idea is that > an user has nothing to configure, he just has to check under VPN connections > and click on one of the available connections. The user should just be > prompted for (possibly) his username and his password. > > So far, I managed to create configuration files and by placing them under > /etc/NetworkManager/system-connections/ to make them appear. Unfortunately > I'm unable to make them work. If I don't put Xauth username = <username> into > the config file, NetworkManager/vpnc manager complains that this config > setting is lacking (and after some debugging it appears that default username > is simply NULL), and if I force this settings, it is Xauth password which is > missing (although I set into the configfile that it should be asked to the > user). That become problematic since I use rsa tokens (so password is > different each time). > > I suspect that since these are system-wide connections, they shouldn't depend > of user informations, am i right? Any way to extend system configuration to > support user interaction? Or a way to quickly import vpn configuration into > user profile? > > Thanks in advance, > > Laurent Goujon > > System config: > NetworkManager 0.7.0.99 on RHEL5 > _______________________________________________ > NetworkManager-list mailing list > [email protected] > http://mail.gnome.org/mailman/listinfo/networkmanager-list > _______________________________________________ > NetworkManager-list mailing list > [email protected] > http://mail.gnome.org/mailman/listinfo/networkmanager-list _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
