Hi, On Wed, 2015-09-30 at 10:42 +0200, Guy Godfroy wrote: > Hello, > > My idea is to allow regular users to establish VPN tunnels on > specific > network namespaces (netns) via nscli command. > So I wonder if network-manager can handle several namespaces and how.
No. We should probably have a proper netns one day, but we're not there yet. > If not, a solution would be to launch one network-manager instance > per > netns. But I don't know how to tell to nmcli which instance of > network-manager to refer to. If a system dbus is available, NetworkManager acquires a name on a system bus and nmcli uses the system bus to talk to it. If there's no system bus a private socket is used. For your namespaced NetworkManager instances you probably want to go with the second option. Therefore, in addition to net ns you need to create a separate mount ns and mount a private /run instance. That would shadow the system-wide dbus socket and NM will use its private socket there. Then just run nmcli in the same mount namespace as the daemon. > > Is there a better solution? > Thanks for your attention. > > Guy Godfroy Lubo _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
