On Sat, 2018-03-17 at 04:33 +0800, Ed Greshko wrote: > On 03/17/18 00:36, Martin Wagner wrote: > > On Thu, 2018-03-15 at 16:21 +0800, Ed Greshko wrote: > > > You've said you have things set to activate a VPN connection for > > > the > > > ethernet > > > interface, yes? > > > > > > What type of VPN are you using? I don't have my VPN activated > > > automatically. But > > > when it comes to OpenVPN there are 2 choices for saving the > > > password. Either for one > > > user and encrypted or for all users and un-encrypted. I would > > > think > > > that for the VPN > > > to be activated without your having logged-in it would have to > > > have > > > been saved > > > un-encrypted for all users. > > > > > > I just tested it on a VPN and unless I have the PW saved for all > > > the > > > interface will > > > not come up on boot. > > > > I think you're on to something. When I inspected the log files I > > found > > the following that's logged during startup. > > > > vpn-connection[]: Failed to request VPN secrets #3: No agents were > > available for this request. > > > > But I do have the 'Make available to other users' enabled in the > > settings for this VPN profile. The certificate for the VPN provider > > is > > in a folder under /home/mainuser. If that location would make any > > difference? > > Yes, it would. > > The problem you now have is that you've placed the certs in a non- > standard location. > This means they will have the wrong selinux context. > > The easiest thing to do is delete the VPN profiles and say "yes" when > it prompts to > place the certs in the standard location of > > ~/.local/share/networkmanagement/certificates/<Connection Name> > > They will then have selinux context like this... > > [egreshko@meimei US-West]$ pwd > /home/egreshko/.local/share/networkmanagement/certificates/US-West > [egreshko@meimei US-West]$ ls -Z > unconfined_u:object_r:home_cert_t:s0 ca.crt > unconfined_u:object_r:home_cert_t:s0 cert.crt > unconfined_u:object_r:home_cert_t:s0 private.key > unconfined_u:object_r:home_cert_t:s0 tls_auth.key Thanks for the help. I finally got it working. I think that the actual problem was that I had missed that there's an icon to the right in the password field. I got the VPN working at startup after changing its value to 'Store the password for all users' _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
