The officially official Devuan Forum!

You are not logged in.

#1 2022-05-10 17:09:36

draden
Member
Registered: 2022-04-21
Posts: 2  

OPENVPN - Setting up service for a given user

My aim is to forget the use of sudo / su command for starting openvpn service on Devuan. Running it so has the possibility for some hostile parties to gain control of its terminal session -which is unlikely- but I would like to make it a way more secure.

For the first step I'd create a user with only access to /etc/openvpn:
sudo adduser vpnhandler
sudo chown -R vpnhandler:vpnhandler /etc/openvpn

Then it would be great to set it up as a service which is auto-started by vpnhandler so I don't have to type openvpn xxxxx.ovpn in the terminal every time with that user.


Can someone help me with this? I'm open to any idea.

Offline

#2 2022-05-19 11:21:18

czeekaj
Member
Registered: 2019-06-12
Posts: 71  

Re: OPENVPN - Setting up service for a given user

you'll have to move openvpn from /sbin into /usr/local/bin
I'd suggest trying to use network manager or some user side application with VPN support.

As of now I have not tried and always ran it as root.
Potentially you can try experimenting with firejail or fakeroot .

Offline

Board footer