[prev in list] [next in list] [prev in thread] [next in thread]
List: qubes-devel
Subject: Re: [qubes-devel] Starting qubes-openvpn-client.service from Qubes VM Manager -> vpnvm -> VM setting
From: Joanna Rutkowska <joanna () invisiblethingslab ! com>
Date: 2015-01-13 11:05:07
Message-ID: 54B4FBE3.1060707 () invisiblethingslab ! com
[Download RAW message or body]
On 01/13/15 03:02, Marek Marczykowski-Górecki wrote:
> On Sun, Jan 11, 2015 at 11:56:45PM -0800, Frank Schäckermann wrote:
> >
> >
> > On Sunday, January 11, 2015 at 11:53:21 PM UTC+1, Marek
> > Marczykowski-Górecki wrote:
> > >
> > > On Sun, Jan 11, 2015 at 02:34:00PM -0800, Frank Schäckermann wrote:
> > > > But since it is a service, I thought the most elegant way would be to
> > > use
> > > > the Services tab in the VM settings of Qubes VM Manager for the vpnvm.
> > > That
> > > > would require any user to only set up the /rw/config/openvpn directory
> > > with
> > > > the right openvpn configuration in a newly created proxy vm, add the
> > > > service to the list of that vm and voila has a proxy vm opening up
> > > another
> > > > VPN connection. No network-manager hassle at all. Maybe a small python
> > > > script could be added that gets started from qubes-openvpn-up-down and
> > > > checks the status of the VPN connection every so many seconds
> > > visualizing
> > > > it through an icon in the system-tray. This way Qubes would have a very
> > > > nice built-in support for OpenVPN.
> > > >
> > > > To test that approach, I added qubes-openvpn-client to the services list
> > > of
> > > > vpnvm and enabled/checked it.
> > > >
> > > > I also removed the code from rc.local in vpnvm and restarted the vm. But
> > > > the service is not started automatically on boot as I would have
> > > expected,
> > > > since it is enabled in the VM settings.
> > > >
> > > > What am I missing?
> > >
> > > That service tab doesn't automatically enable/disable any service in the
> > > VM. The service must be aware of such possibility. Take a look here:
> > > https://wiki.qubes-os.org/wiki/QubesService
> > >
> > > Basically you need to add to service file:
> > > ConditionPathExists=/var/run/qubes-service/qubes-openvpn-client
> > >
> > > Then enable the service. It will be really started only if above file
> > > exists - the file is created when you enable the service in Qubes
> > > Manager.
> > >
> >
> > Great! Thanks! It is now working as I want it to!
> >
> > I will create the status-indicator script now and then - if you are
> > interested - make everything available to you for inclusion in Qubes. Or
> > should I try to make it into it's own rpm package? Any coding guidelines I
> > need to adhere to?
>
> Joanna, do we want this as an rpm package
> (qubes-app-linux-openvpn-launcher), perhaps even installed by default)?
> Or just a tutorial somewhere on the wiki? The tutorial is ready in the
> first message of this thread.
>
Yes, an rpm package for bringing all this up automatically would be great!
Thanks,
joanna.
--
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/54B4FBE3.1060707%40invisiblethingslab.com.
For more options, visit https://groups.google.com/d/optout.
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic