first of all thanks so much for openconnect!! I d/l entire mailing list to search for my prob, only got a couple hits but none were addressing mine specifically. my openconnect (3.11) setup runs perfect with sudo. now I want to run as non-root. during boot (linux amd64/gentoo) I run this: /sbin/ip tuntap add dev tun0 mode tun user mark /sbin/ip link set tun0 up user owns tun0: cat /sys/class/net/tun0/owner 500 ls -la /dev/net/tun: crw-rw-rw- 1 root root 10, 200 Aug 14 06:29 /dev/net/tun this is my openconnect cmd line: echo pw | /usr/bin/openconnect --syslog -i tun0 --user=name --authgroup=group --passwd-on-stdin --background --script=/etc/openconnect/openconnect.sh vpn_site syslog shows this: Got CONNECT response: HTTP/1.1 200 OK CSTP connected. DPD 30, Keepalive 20 RTNETLINK answers: Operation not permitted Cannot open "/proc/sys/net/ipv4/route/flush" SIOCSIFADDR: Permission denied SIOCSIFFLAGS: Permission denied SIOCSIFDSTADDR: Permission denied SIOCSIFFLAGS: Permission denied SIOCSIFNETMASK: Permission denied SIOCSIFMTU: Operation not permitted SIOCSIFFLAGS: Permission denied RTNETLINK answers: Operation not permitted Cannot open "/proc/sys/net/ipv4/route/flush" RTNETLINK answers: Operation not permitted Cannot open "/proc/sys/net/ipv4/route/flush" RTNETLINK answers: Operation not permitted Cannot open "/proc/sys/net/ipv4/route/flush" RTNETLINK answers: Operation not permitted Cannot open "/proc/sys/net/ipv4/route/flush" SIOCSIFMTU: Operation not permitted Connected tun0 as 192.168.160.155, using SSL Continuing in background; pid 17435 it seems my linux user doesn't have privs for something? is there a way to resolve that (I don't really know what's trying to be done except perhaps set up routing with the vpn). the other posts I saw on this were aug 2009 and that user was running as non-root and only had the trouble when shutting down, so it seems this does work but I'm not sure why not for me. btw I tried ocproxy as a way around this and while it got me logged in fine to the vpn, there's an additional login I need to do once on the vpn but was no matter what I tried was unable to do so (iirc somewhere I saw a proxy for vpn may not work for everyone?) thanks for looking at this.
