On 03/17/18 05:49, Martin Wagner wrote: > On Sat, 2018-03-17 at 04:33 +0800, Ed Greshko wrote: >> On 03/17/18 00:36, Martin Wagner wrote: >>> On Thu, 2018-03-15 at 16:21 +0800, Ed Greshko wrote: >>>> You've said you have things set to activate a VPN connection for >>>> the >>>> ethernet >>>> interface, yes? >>>> >>>> What type of VPN are you using? I don't have my VPN activated >>>> automatically. But >>>> when it comes to OpenVPN there are 2 choices for saving the >>>> password. Either for one >>>> user and encrypted or for all users and un-encrypted. I would >>>> think >>>> that for the VPN >>>> to be activated without your having logged-in it would have to >>>> have >>>> been saved >>>> un-encrypted for all users. >>>> >>>> I just tested it on a VPN and unless I have the PW saved for all >>>> the >>>> interface will >>>> not come up on boot. >>> I think you're on to something. When I inspected the log files I >>> found >>> the following that's logged during startup. >>> >>> vpn-connection[]: Failed to request VPN secrets #3: No agents were >>> available for this request. >>> >>> But I do have the 'Make available to other users' enabled in the >>> settings for this VPN profile. The certificate for the VPN provider >>> is >>> in a folder under /home/mainuser. If that location would make any >>> difference? >> Yes, it would. >> >> The problem you now have is that you've placed the certs in a non- >> standard location. >> This means they will have the wrong selinux context. >> >> The easiest thing to do is delete the VPN profiles and say "yes" when >> it prompts to >> place the certs in the standard location of >> >> ~/.local/share/networkmanagement/certificates/<Connection Name> >> >> They will then have selinux context like this... >> >> [egreshko@meimei US-West]$ pwd >> /home/egreshko/.local/share/networkmanagement/certificates/US-West >> [egreshko@meimei US-West]$ ls -Z >> unconfined_u:object_r:home_cert_t:s0 ca.crt >> unconfined_u:object_r:home_cert_t:s0 cert.crt >> unconfined_u:object_r:home_cert_t:s0 private.key >> unconfined_u:object_r:home_cert_t:s0 tls_auth.key > Thanks for the help. I finally got it working. I think that the actual > problem was that I had missed that there's an icon to the right in the > password field. I got the VPN working at startup after changing its > value to 'Store the password for all users' Yes, that was the setting I was referring to in my original response. Sorry for not being more clear. Good to hear it is all working now. -- Conjecture is just a conclusion based on incomplete information. It isn't a fact.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
