[Pkg-utopia-maintainers] Bug#527975: Bug#527975: Lost ability to start OpenVPN connection after upgrade

Michael Biebl biebl at debian.org
Sat May 9 22:14:21 UTC 2009 

severity 527975 normal
tags 527975 -tags
thanks

Jeff Licquia wrote:
> Package: network-manager-openvpn
> Version: 0.7.1-1
> Severity: grave
> Tags: patch
> 
> After upgrading from the previous version of the package in squeeze to 
> the current version, I was unable to start the OpenVPN connection I use 
> to secure my wireless network.
> 
> Looking in /var/log/syslog revealed this:
> 
> May  9 17:03:15 lflap2 NetworkManager: <info>  VPN plugin state changed: 
> 3
> May  9 17:03:15 lflap2 NetworkManager: <info>  VPN connection 'Home (at 
> home)' (Connect) reply received.
> May  9 17:03:15 lflap2 NetworkManager: <WARN>  
> nm_vpn_connection_connect_cb(): VPN connection 'Home (at home)' failed 
> to connect: 'No VPN secrets!'.
> May  9 17:03:15 lflap2 NetworkManager: <WARN>  
> connection_state_changed(): Could not process the request because no VPN 
> connection was active.
> May  9 17:03:15 lflap2 NetworkManager: <info>  Policy set 'Auto LICQUIA' 
> (wlan0) as default for routing and DNS.
> 
> Searching on the phrase "No VPN secrets" brought me to this Ubuntu bug:
> 
> https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/360818
> 
> which contained this patch for the vpnc plugin:
> 
> --- nm-vpnc-service.conf.fixed	2009-04-18 17:56:45.000000000 -0500
> +++ nm-vpnc-service.conf	2009-04-18 17:57:37.000000000 -0500
> @@ -6,6 +6,10 @@
>  		<allow own="org.freedesktop.NetworkManager.vpnc"/>
>  		<allow 
> send_destination="org.freedesktop.NetworkManager.vpnc"/>
>  	</policy>
> +	<policy user="at_console">
> +		<allow own="org.freedesktop.NetworkManager.vpnc"/>
> +		<allow 
> send_destination="org.freedesktop.NetworkManager.vpnc"/>
> +	</policy>
>  	<policy context="default">
>  		<deny own="org.freedesktop.NetworkManager.vpnc"/>
>  		<deny 
> send_destination="org.freedesktop.NetworkManager.vpnc"/>
> 
> (Sorry if that's all screwed up; time to switch my default editor.)
> 
> Applying that patch to /etc/dbus-1/system.d/nm-openvpn-service.conf, 
> logging out, and logging back in caused OpenVPN support to work again.
> 
> Why grave?  Without this patch, I found it impossible to use OpenVPN 
> from NetworkManager.  That seems to qualify as "making the package 
> unusable for all or most users".

Have you actually read the bug report? Your proposed patch opens a security hole
and doesn't really fix the issue (it's a very ugly and bad workaround)

The problem you run into only happens when you are logged in as root, which is
not the norm on linux, thus only severity normal.

Michael
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20090510/096979ec/attachment.pgp>

More information about the Pkg-utopia-maintainers mailing list