diff options
Diffstat (limited to 'src/leap/eip')
-rw-r--r-- | src/leap/eip/conductor.py | 6 | ||||
-rw-r--r-- | src/leap/eip/config.py | 13 |
2 files changed, 14 insertions, 5 deletions
diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py index eeb7f8f8..7b927143 100644 --- a/src/leap/eip/conductor.py +++ b/src/leap/eip/conductor.py @@ -10,7 +10,7 @@ from leap.util.coroutines import spawn_and_watch_process from leap.eip.config import (get_config, build_ovpn_command, - EIPNoPkexecAvailable) + EIPNoPkexecAvailable, EIPNoPolkitAuthAgentAvailable) from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError @@ -90,6 +90,7 @@ to be triggered for each one of them. self.proto = None self.missing_pkexec = False + self.missing_auth_agent = False self.command = None self.args = None @@ -132,6 +133,9 @@ to be triggered for each one of them. try: command, args = build_ovpn_command(config, debug=self.debug) + except EIPNoPolkitAuthAgentAvailable: + command = args = None + self.missing_auth_agent = True except EIPNoPkexecAvailable: command = args = None self.missing_pkexec = True diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py index 4577837a..9583720e 100644 --- a/src/leap/eip/config.py +++ b/src/leap/eip/config.py @@ -4,13 +4,18 @@ import os import platform from leap.util.fileutil import which, mkdir_p -from leap.baseapp.permcheck import is_pkexec_in_system +from leap.baseapp.permcheck import (is_pkexec_in_system, + is_auth_agent_running) class EIPNoPkexecAvailable(Exception): pass +class EIPNoPolkitAuthAgentAvailable(Exception): + pass + + def build_ovpn_options(daemon=False): """ build a list of options @@ -34,6 +39,7 @@ def build_ovpn_options(daemon=False): opts = [] opts.append('--persist-tun') + opts.append('--persist-key') # set user and group opts.append('--user') @@ -104,9 +110,8 @@ def build_ovpn_command(config, debug=False): if not is_pkexec_in_system(): raise EIPNoPkexecAvailable - #TBD -- - #if not is_auth_agent_running() - # raise EIPNoPolkitAuthAgentAvailable + if not is_auth_agent_running(): + raise EIPNoPolkitAuthAgentAvailable command.append('pkexec') |