My server generates an ovpn certificate that I use to create my connection in network-manager. I can successfully create it but, when I try to activate it, it activates for few seconds and then stops. When I check my logs at syslog I see
Code: Select all
May 6 11:23:56 Mercury NetworkManager[1176]: <info> [1525598636.8096] audit: op="connection-activate" uuid="ac57d5fc-a043-4e61-9ace-4b4cd27ed111" name="OpenVPN QNAP Server" pid=3026 uid=1000 result="success"
May 6 11:23:56 Mercury NetworkManager[1176]: <info> [1525598636.8157] vpn-connection[0xfa4210,ac57d5fc-a043-4e61-9ace-4b4cd27ed111,"OpenVPN QNAP Server",0]: Started the VPN service, PID 8025
May 6 11:23:56 Mercury NetworkManager[1176]: (nm-openvpn-service:8025): nm-openvpn-WARNING **: Failed to initialize a plugin instance: Connection ":1.97" is not allowed to own the service "org.freedesktop.NetworkManager.openvpn.Connection_4" due to security policies in the configuration file
May 6 11:24:01 Mercury NetworkManager[1176]: <warn> [1525598641.8998] vpn-connection[0xfa4210,ac57d5fc-a043-4e61-9ace-4b4cd27ed111,"OpenVPN QNAP Server",0]: Timed out waiting for the service to start
Code: Select all
<!DOCTYPE busconfig PUBLIC
“-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN”
“http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd”>
<busconfig>
<policy user=”root”>
<allow own=”org.freedesktop.NetworkManager.openvpn”/>
<allow send_destination=”org.freedesktop.NetworkManager.openvpn”/>
</policy>
<policy user=”at_console”>
<allow own=”org.freedesktop.NetworkManager.vpnc”/>
<allow send_destination=”org.freedesktop.NetworkManager.vpnc”/>
</policy>
<policy context=”default”>
<deny own=”org.freedesktop.NetworkManager.openvpn”/>
<deny send_destination=”org.freedesktop.NetworkManager.openvpn”/>
</policy>
</busconfig>
I've tried several things but I'm not finding good documentation neither on this configuration for network manager in the network manager site neither how this relates to policy kit. Takin a look to the file I saw this .vpnc lines that looked a bit weird for me. I tried to add lines in this file with my user (I'm doing this with my admin user) following the pattern of other lines of the file, adding my user to network and netdev groups with no sucess.
If I change the file, either the file has incorrect format of changes have no effect on my configuration.
Does someone know how to configure properly this policies ?
Cheers!
Helio