Age | Commit message (Collapse) | Author |
|
we make a distinction between the system-wide bitmask-root, which should
be placed there by the maintainers of whatever packages your
distribution uses, and the bitmask-root that is placed by the bundles
(using polkit).
since the bundles copying over the helper from user-writeable folders
is a potential attack vector, we prefer to use the package's version if
present.
also, if we cannot find either, we abort the launching of the VPN. we've
discussed that this might move to the service initialization instead,
but I think the cases in which this is needed should be rare.
I fix also a corner-case in which we were using getcwd() at import time.
if you execute code and then remove the installation path, this will
raise a traceback in bitmaskctl. I think it's nicer to catch the error
properly when starting.
|
|
|
|
|
|
|
|
- correctly start the openvpn process canary
- use helper to fix tearing down of the vpn
|
|
|
|
with these fixes, I'm able to finally launch openvpn and firewall on
osx. :)
all that's left for a minimum vpn release is packaging and installing
all the helpers in the proper place.
|
|
|
|
|
|
- Improve tests too: add entry in resolv.conf, not done without
resolvconf
|
|
|
|
|
|
|
|
|
|
- simple status parsing
- add separate firewall status
- set status for abnormal termination
|
|
|
|
non functional at the moment, but started doing some cleanup
|