|
|
As far I can tell, running openvpn without root privileges is pretty much impossible. As stated earlier, if it's not the tap/tun device, it's setting up the routing tables (openvpn needs to setup routes to be usefull) or bridging devices. All these actions require root privileges. Even if you could have openvpn do EVERYthing, and give it suid bit, you still need to set that bit as root? afaik you can't tar the binary with the 'proper' permissions and then simply untar it suid root, if you could, that would bring interesting ways to get into boxen :) So basically, you can't. It's not possible. Xavier Grehant schreef: But editing the sudoers file requires admin privileges or talking to the admin.. Xavier On 6/28/07, Ralf Hildebrandt wrote: * Xavier Grehant : I want to open a vpn between Linux machines without root privileges and without talking to the admin. Indeed I need to repetitively link via a vpn a number of machines where I'm not root, and that belong different admins. It seems that openvpn always needs to access the tun/tap device, which requires admin privileges. Is there any workaround? sudo? -- Ralf Hildebrandt (i.A. des IT-Zentrums) Ralf.Hildebrandt@xxxxxxxxxx Charite - Universitätsmedizin Berlin Tel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-Berlin Fax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to plonk@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |