Hello, and thanks for your advice. openconnect was running as root on the N9, and it works fine on an i386 opensuse linux installation. I will see if I can find out what the troian is doing, might take some time however, as I am doing this in my sparetime and I'm not a programmer to begin with. Can you give me a hint, how to watch the network traffic between the troian and the vpn server ? Thanks, Markus On Thursday 03 November 2011 13.35:24 you wrote: > On Thu, 2011-11-03 at 12:25 +0100, Markus Weiss wrote: > > So it looks like openconnect cannot change the user. > > Hm, interesting. Is it running as root to start with? I'm not sure why > it wouldn't be able to setuid() in that case. > > And if it was already running as 'user' then it would even have tried to > change; it would skip the setuid() call. > > > It looks like openconnect cannot change the user the usual way on > > Meego/Harmattan. If i set the csd-user to root, the vpn server sends a > > csd troian horse for i386 architecture, that the N9 cannot run. > > How can I deal with this ? Do I need a wrapper script ? > > Can anyone advise me, how such a wrapper would have to look like ? > > Your diagnosis seems correct ? it's giving you an i386-specific > 'trojan'. The first thing to check is that this actually works OK on a > desktop Linux box. > > Then you have two options. One is to install qemu-i386 and some i386 > libraries, so you can actually run i386 ELF executables on the N9. > That's quite a lot of overhead, but might be relatively simple to set > up. > > The better option is probably to work out what the trojan is doing, and > write a 'wrapper' of your own which emulates it. A year or two ago, > there was some discussion on the mailing list about what the CSD trojan > does; ISTR it usually downloads an XML file which describes a bunch of > tests for it to run, and its result is a simple text string POSTed back > to the 'csd_starturl' location. > > You could probably get away with using a 'wrapper' which just uses curl > to post the expected answer to the appropriate URL, having watched it on > a desktop box to see what it's doing.
