|
|
Hi Alon, This GUI does use the management interface to communicate with the openvpn daemon. The privileged account access is merely for starting the openvpn daemon. The GUI does not need to run as root. There is a setuid-root executable "gopenvpnstart" which does nothing but start openvpn and contains a minimal amount of code. I modeled this after the Tunnelblick GUI on MacOS, which uses a setuid root executable called "openvpnstart" to start up OpenVPN. If you don't want to use the setuid executable, you can #define USE_GKSU in the code and then it will use gksu to ask you for root access. (gksu instead of sudo since this is a Gtk GUI app.) Would you prefer to start the openvpn daemon yourself with sudo? I imagine there are usage scenarios like smart cards that I haven't thought about since I don't do them myself. Gary On Feb 8, 2007, at 11:58 AM, Alon Bar-Lev wrote: > Hello, > > Great news. > > From the description it seems that you don't use the management > interface of openvpn, so you require privilege account... > It will also not work for people who which to use smartcards with > openvpn. > > I hope I am mistaken, but if not, please consider to use the > management interface as the primary interface for openvpn, and allow > stop/start daemon using sudo. > > Best Regards, > Alon Bar-Lev. > > On 2/8/07, Gary Grossman <ggrossman@xxxxxxxxxxxxx> wrote: >> Hi, >> >> I've written a lightweight GUI for OpenVPN on Linux, based on Gtk2. >> It's similar to the Tunnelblick OpenVPN GUI available for MacOS X. >> >> "gopenvpn is a simple graphical front-end for OpenVPN, the open >> source VPN solution. >> >> It provides a GNOME system tray icon from which OpenVPN connections >> can be started and stopped, and a dialog from which OpenVPN's logs >> can be viewed. It can manage multiple simultaneous connections, and >> graphically indicates when you're connected to a VPN tunnel. " >> >> Source code is available at: http://gopenvpn.sourceforge.net/ >> >> If you have difficulty setting it up, find bugs, or would like to >> contribute, please let me know. >> >> Gary >> >> --------------------------------------------------------------------- >> ---- >> security? >> Get stuff done quickly with pre-integrated technology to make your >> job easier. >> Geronimo >> cmd=lnk&kid=120709&bid=263057&dat=121642 >> _______________________________________________ >> Openvpn-users mailing list >> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx >> https://lists.sourceforge.net/lists/listinfo/openvpn-users >> ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |