Hi Jonathan, On Tue, Oct 21, 2014 at 05:45:11AM -0400, Jonathan K. Bullard wrote: > On Tue, Oct 21, 2014 at 5:11 AM, Gert Doering <g...@greenie.muc.de> wrote: > > This will hopefully be fixed in 2.4 with the interactive service, we just > > need to find time for Heiko to find the code and send it to us :-) (but > > I've already seen it last year) > > Is there any documentation for the new "interactive service"? I assume > it is part of the separation of privileges that was discussed a while > ago.
Yes, exactly. In essence, you have a windows service running with full
privileges, which is instructed by the GUI to run an openvpn.exe process
(with user privs, so OpenVPN can't do damage) and OpenVPN communicates
back to the service what should be ifconfig'ed and what routes should
be installed. So the network config is done by the service, and
undone when OpenVPN exits or crashes.
> If no docs, can anyone point me to the commits, or the names of
> the modules / routines involved, or anything else that might help me
> integrate this into Tunnelblick? Thanks.
Unfortunately, right now, there is nothing at all yet - there is most of
the code, but it's still living in Heiko's private tree. We plan to meet
in person in November ("Munich Hackathon") and hopefully this will unravel
the knot that's holding up this change.
How do you handle things in Tunnelblick today? Run OpenVPN "as root"?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpZBHdIC5TN_.pgp
Description: PGP signature
