Hello Chris,
I have done some troubleshooting as I would like to see my VPN AppVM
automatically connect to my OpenVPN after it has been started up.
On Thu, 3 Jan 2019 at 19:55, Chris Laprise <tas...@posteo.net> wrote:
> I'm not sure. Probably you'd have to use Qubes 'binddirs'.
> You might want to test NM Autoconnect first, by disconnecting then
> re-connecting the virtual eth0 interface. You may encounter what we did
> (when step 4 was written): erratic behavior from NM that fails to
> reconnect the vpn.
>
I took a look at the following two files, which are identical
/rw/config/NM-system-connections/qubes-uplink-eth0
/etc/NetworkManager/system-connections/qubes-uplink-eth0
[802-3-ethernet]
duplex=full
[ethernet]
mac-address=00:16:3e:5e:6c:00
[connection]
id=VM uplink eth0
uuid=de85f79b-8c3d-405f-a652-cb4c10b4f9ef
type=802-3-ethernet
[ipv4]
method=manual
may-fail=false
dns=10.139.1.1;10.139.1.2
addresses1=10.137.0.17;32;10.137.0.5
[ipv6]
method=ignore
Launching Network Manager and Edit the connection "VM uplink eth0":
Tab: General
[X] Automatically connect to VPN when using this connection
OpenVPN-ExpressVPN
If I then reopen the configuration files above, the content has been
changed:
[ethernet]
mac-address=00:16:3E:5E:6C:00
mac-address-blacklist=
[connection]
id=VM uplink eth0
uuid=de85f79b-8c3d-405f-a652-cb4c10b4f9ef
type=ethernet
interface-name=eth0
***permissions=
***secondaries=e3ced633-e808-408c-be1b-577522e7b28a;
***timestamp=1546548963
[ipv4]
method=manual
may-fail=false
dns=10.139.1.1;10.139.1.2;
address1=10.137.0.17/32,10.137.0.5
***dns-search=
[ipv6]
method=ignore
***addr-gen-mode=eui64
***dns-search=
***ip6-privacy=0
Lines with marked with *** have been added after applying the change
(Autoconnect ...) in Network Manager.
I think the most important line is this one under [connection]:
secondaries=e3ced633-e808-408c-be1b-577522e7b28a;
As mentioned already this line references to UUID of the
OpenVPN-NetworkManager-config file which seems to be launched after the 1st
connection has been established.
As soon as I restart the VPN AppVM will reconnect the eth0 interface, but
NOT automatically initialize the OpenVPN connection.
I have to manually enable the VPN connection and the connection will be
established.
The changes to the config file stated above are lost and the config file
looks again like this:
cat /rw/config/NM-system-connections/qubes-uplink-eth0
[802-3-ethernet]
duplex=full
[ethernet]
mac-address=00:16:3e:5e:6c:00
[connection]
id=VM uplink eth0
uuid=de85f79b-8c3d-405f-a652-cb4c10b4f9ef
type=802-3-ethernet
[ipv4]
method=manual
may-fail=false
dns=10.139.1.1;10.139.1.2
addresses1=10.137.0.17;32;10.137.0.5
[ipv6]
method=ignore
The obvious question which would maybe solve the autoconnection problem is:
How can I make persistent changes to the following file/s which will
survice the AppVM reboot:
/rw/config/NM-system-connections/qubes-uplink-eth0
/etc/NetworkManager/system-connections/qubes-uplink-eth0
I tried to edit the file via ...
vi /rw/config/NM-system-connections/qubes-uplink-eth0
.. and got the following error message:
E325: ATTENTION
Found a swap file by the name
"/rw/config/NM-system-connections/.qubes-uplink-eth0.swp"
owned by: root dated: Thu Jan 3 01:48:00 2019
file name: /rw/config/NM-system-connections/qubes-uplink-eth0
modified: YES
user name: root host name: sys-vpn
process ID: 3232
While opening file "/rw/config/NM-system-connections/qubes-uplink-eth0"
dated: Thu Jan 3 22:19:37 2019
NEWER than swap file!
(1) Another program may be editing the same file. If this is the case,
be careful not to end up with two different instances of the same
file when making changes. Quit, or continue with caution.
(2) An edit session for this file crashed.
If this is the case, use ":recover" or "vim -r
/rw/config/NM-system-connections/qubes-uplink-eth0"
to recover the changes (see ":help recovery").
If you did this already, delete the swap file
"/rw/config/NM-system-connections/.qubes-uplink-eth0.swp"
to avoid this message.
"/rw/config/NM-system-connections/qubes-uplink-eth0" 18L, 286C
- O
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/CAJ3yz2tWq7uBvn8aN1w_D6Pj6v%2BurOth65ZEqa%3DrUqQinpKWzw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
