summaryrefslogtreecommitdiff
path: root/src/leap/eip
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/eip')
-rw-r--r--src/leap/eip/conductor.py6
-rw-r--r--src/leap/eip/config.py13
2 files changed, 14 insertions, 5 deletions
diff --git a/src/leap/eip/conductor.py b/src/leap/eip/conductor.py
index eeb7f8f8..7b927143 100644
--- a/src/leap/eip/conductor.py
+++ b/src/leap/eip/conductor.py
@@ -10,7 +10,7 @@ from leap.util.coroutines import spawn_and_watch_process
from leap.eip.config import (get_config, build_ovpn_command,
- EIPNoPkexecAvailable)
+ EIPNoPkexecAvailable, EIPNoPolkitAuthAgentAvailable)
from leap.eip.vpnwatcher import EIPConnectionStatus, status_watcher
from leap.eip.vpnmanager import OpenVPNManager, ConnectionRefusedError
@@ -90,6 +90,7 @@ to be triggered for each one of them.
self.proto = None
self.missing_pkexec = False
+ self.missing_auth_agent = False
self.command = None
self.args = None
@@ -132,6 +133,9 @@ to be triggered for each one of them.
try:
command, args = build_ovpn_command(config,
debug=self.debug)
+ except EIPNoPolkitAuthAgentAvailable:
+ command = args = None
+ self.missing_auth_agent = True
except EIPNoPkexecAvailable:
command = args = None
self.missing_pkexec = True
diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py
index 4577837a..9583720e 100644
--- a/src/leap/eip/config.py
+++ b/src/leap/eip/config.py
@@ -4,13 +4,18 @@ import os
import platform
from leap.util.fileutil import which, mkdir_p
-from leap.baseapp.permcheck import is_pkexec_in_system
+from leap.baseapp.permcheck import (is_pkexec_in_system,
+ is_auth_agent_running)
class EIPNoPkexecAvailable(Exception):
pass
+class EIPNoPolkitAuthAgentAvailable(Exception):
+ pass
+
+
def build_ovpn_options(daemon=False):
"""
build a list of options
@@ -34,6 +39,7 @@ def build_ovpn_options(daemon=False):
opts = []
opts.append('--persist-tun')
+ opts.append('--persist-key')
# set user and group
opts.append('--user')
@@ -104,9 +110,8 @@ def build_ovpn_command(config, debug=False):
if not is_pkexec_in_system():
raise EIPNoPkexecAvailable
- #TBD --
- #if not is_auth_agent_running()
- # raise EIPNoPolkitAuthAgentAvailable
+ if not is_auth_agent_running():
+ raise EIPNoPolkitAuthAgentAvailable
command.append('pkexec')