feat(openvpn): OPENVPN_PROCESS_USER and deprecates OPENVPN_ROOT
This commit is contained in:
Quentin McGaw
@@ -79,7 +79,7 @@ ENV VPNSP=pia \
|
|||||||
OPENVPN_FLAGS= \
|
OPENVPN_FLAGS= \
|
||||||
OPENVPN_CIPHER= \
|
OPENVPN_CIPHER= \
|
||||||
OPENVPN_AUTH= \
|
OPENVPN_AUTH= \
|
||||||
OPENVPN_ROOT=yes \
|
OPENVPN_PROCESS_USER= \
|
||||||
OPENVPN_TARGET_IP= \
|
OPENVPN_TARGET_IP= \
|
||||||
OPENVPN_IPV6=off \
|
OPENVPN_IPV6=off \
|
||||||
OPENVPN_CUSTOM_CONFIG= \
|
OPENVPN_CUSTOM_CONFIG= \
|
||||||
|
|||||||
@@ -244,7 +244,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
|
|||||||
// set it for Unbound
|
// set it for Unbound
|
||||||
// TODO remove this when migrating to qdm12/dns v2
|
// TODO remove this when migrating to qdm12/dns v2
|
||||||
allSettings.DNS.DoT.Unbound.Username = nonRootUsername
|
allSettings.DNS.DoT.Unbound.Username = nonRootUsername
|
||||||
allSettings.VPN.OpenVPN.ProcUser = nonRootUsername
|
allSettings.VPN.OpenVPN.ProcessUser = nonRootUsername
|
||||||
|
|
||||||
if err := os.Chown("/etc/unbound", puid, pgid); err != nil {
|
if err := os.Chown("/etc/unbound", puid, pgid); err != nil {
|
||||||
return err
|
return err
|
||||||
|
|||||||
@@ -61,15 +61,10 @@ type OpenVPN struct {
|
|||||||
// Interface is the OpenVPN device interface name.
|
// Interface is the OpenVPN device interface name.
|
||||||
// It cannot be an empty string in the internal state.
|
// It cannot be an empty string in the internal state.
|
||||||
Interface string
|
Interface string
|
||||||
// Root is true if OpenVPN is to be run as root,
|
// ProcessUser is the OpenVPN process OS username
|
||||||
// and false otherwise. It cannot be nil in the
|
// to use. It cannot be empty in the internal state.
|
||||||
// internal state.
|
// It defaults to 'root'.
|
||||||
Root *bool
|
ProcessUser string
|
||||||
// ProcUser is the OpenVPN process OS username
|
|
||||||
// to use. It cannot be nil in the internal state.
|
|
||||||
// This is set and injected at runtime.
|
|
||||||
// TODO only use ProcUser and not Root field.
|
|
||||||
ProcUser string
|
|
||||||
// Verbosity is the OpenVPN verbosity level from 0 to 6.
|
// Verbosity is the OpenVPN verbosity level from 0 to 6.
|
||||||
// It cannot be nil in the internal state.
|
// It cannot be nil in the internal state.
|
||||||
Verbosity *int
|
Verbosity *int
|
||||||
@@ -175,8 +170,7 @@ func (o *OpenVPN) copy() (copied OpenVPN) {
|
|||||||
IPv6: helpers.CopyBoolPtr(o.IPv6),
|
IPv6: helpers.CopyBoolPtr(o.IPv6),
|
||||||
MSSFix: helpers.CopyUint16Ptr(o.MSSFix),
|
MSSFix: helpers.CopyUint16Ptr(o.MSSFix),
|
||||||
Interface: o.Interface,
|
Interface: o.Interface,
|
||||||
Root: helpers.CopyBoolPtr(o.Root),
|
ProcessUser: o.ProcessUser,
|
||||||
ProcUser: o.ProcUser,
|
|
||||||
Verbosity: helpers.CopyIntPtr(o.Verbosity),
|
Verbosity: helpers.CopyIntPtr(o.Verbosity),
|
||||||
Flags: helpers.CopyStringSlice(o.Flags),
|
Flags: helpers.CopyStringSlice(o.Flags),
|
||||||
}
|
}
|
||||||
@@ -197,8 +191,7 @@ func (o *OpenVPN) mergeWith(other OpenVPN) {
|
|||||||
o.IPv6 = helpers.MergeWithBool(o.IPv6, other.IPv6)
|
o.IPv6 = helpers.MergeWithBool(o.IPv6, other.IPv6)
|
||||||
o.MSSFix = helpers.MergeWithUint16(o.MSSFix, other.MSSFix)
|
o.MSSFix = helpers.MergeWithUint16(o.MSSFix, other.MSSFix)
|
||||||
o.Interface = helpers.MergeWithString(o.Interface, other.Interface)
|
o.Interface = helpers.MergeWithString(o.Interface, other.Interface)
|
||||||
o.Root = helpers.MergeWithBool(o.Root, other.Root)
|
o.ProcessUser = helpers.MergeWithString(o.ProcessUser, other.ProcessUser)
|
||||||
o.ProcUser = helpers.MergeWithString(o.ProcUser, other.ProcUser)
|
|
||||||
o.Verbosity = helpers.MergeWithIntPtr(o.Verbosity, other.Verbosity)
|
o.Verbosity = helpers.MergeWithIntPtr(o.Verbosity, other.Verbosity)
|
||||||
o.Flags = helpers.MergeStringSlices(o.Flags, other.Flags)
|
o.Flags = helpers.MergeStringSlices(o.Flags, other.Flags)
|
||||||
}
|
}
|
||||||
@@ -219,8 +212,7 @@ func (o *OpenVPN) overrideWith(other OpenVPN) {
|
|||||||
o.IPv6 = helpers.OverrideWithBool(o.IPv6, other.IPv6)
|
o.IPv6 = helpers.OverrideWithBool(o.IPv6, other.IPv6)
|
||||||
o.MSSFix = helpers.OverrideWithUint16(o.MSSFix, other.MSSFix)
|
o.MSSFix = helpers.OverrideWithUint16(o.MSSFix, other.MSSFix)
|
||||||
o.Interface = helpers.OverrideWithString(o.Interface, other.Interface)
|
o.Interface = helpers.OverrideWithString(o.Interface, other.Interface)
|
||||||
o.Root = helpers.OverrideWithBool(o.Root, other.Root)
|
o.ProcessUser = helpers.OverrideWithString(o.ProcessUser, other.ProcessUser)
|
||||||
o.ProcUser = helpers.OverrideWithString(o.ProcUser, other.ProcUser)
|
|
||||||
o.Verbosity = helpers.OverrideWithIntPtr(o.Verbosity, other.Verbosity)
|
o.Verbosity = helpers.OverrideWithIntPtr(o.Verbosity, other.Verbosity)
|
||||||
o.Flags = helpers.OverrideWithStringSlice(o.Flags, other.Flags)
|
o.Flags = helpers.OverrideWithStringSlice(o.Flags, other.Flags)
|
||||||
}
|
}
|
||||||
@@ -245,8 +237,7 @@ func (o *OpenVPN) setDefaults(vpnProvider string) {
|
|||||||
o.IPv6 = helpers.DefaultBool(o.IPv6, false)
|
o.IPv6 = helpers.DefaultBool(o.IPv6, false)
|
||||||
o.MSSFix = helpers.DefaultUint16(o.MSSFix, 0)
|
o.MSSFix = helpers.DefaultUint16(o.MSSFix, 0)
|
||||||
o.Interface = helpers.DefaultString(o.Interface, "tun0")
|
o.Interface = helpers.DefaultString(o.Interface, "tun0")
|
||||||
o.Root = helpers.DefaultBool(o.Root, true)
|
o.ProcessUser = helpers.DefaultString(o.ProcessUser, "root")
|
||||||
o.ProcUser = helpers.DefaultString(o.ProcUser, "root")
|
|
||||||
o.Verbosity = helpers.DefaultInt(o.Verbosity, 1)
|
o.Verbosity = helpers.DefaultInt(o.Verbosity, 1)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -294,14 +285,7 @@ func (o OpenVPN) toLinesNode() (node *gotree.Node) {
|
|||||||
node.Appendf("Network interface: %s", o.Interface)
|
node.Appendf("Network interface: %s", o.Interface)
|
||||||
}
|
}
|
||||||
|
|
||||||
processUser := "root"
|
node.Appendf("Run OpenVPN as: %s", o.ProcessUser)
|
||||||
if !*o.Root {
|
|
||||||
processUser = "some non root user" // TODO
|
|
||||||
if o.ProcUser != "" {
|
|
||||||
processUser = o.ProcUser
|
|
||||||
}
|
|
||||||
}
|
|
||||||
node.Appendf("Run OpenVPN as: %s", processUser)
|
|
||||||
|
|
||||||
node.Appendf("Verbosity level: %d", *o.Verbosity)
|
node.Appendf("Verbosity level: %d", *o.Verbosity)
|
||||||
|
|
||||||
|
|||||||
24
internal/configuration/sources/env/openvpn.go
vendored
24
internal/configuration/sources/env/openvpn.go
vendored
@@ -52,13 +52,11 @@ func (r *Reader) readOpenVPN() (
|
|||||||
|
|
||||||
openVPN.Interface = os.Getenv("OPENVPN_INTERFACE")
|
openVPN.Interface = os.Getenv("OPENVPN_INTERFACE")
|
||||||
|
|
||||||
openVPN.Root, err = envToBoolPtr("OPENVPN_ROOT")
|
openVPN.ProcessUser, err = r.readOpenVPNProcessUser()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return openVPN, fmt.Errorf("environment variable OPENVPN_ROOT: %w", err)
|
return openVPN, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO ProcUser once Root is deprecated.
|
|
||||||
|
|
||||||
openVPN.Verbosity, err = envToIntPtr("OPENVPN_VERBOSITY")
|
openVPN.Verbosity, err = envToIntPtr("OPENVPN_VERBOSITY")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return openVPN, fmt.Errorf("environment variable OPENVPN_VERBOSITY: %w", err)
|
return openVPN, fmt.Errorf("environment variable OPENVPN_VERBOSITY: %w", err)
|
||||||
@@ -123,3 +121,21 @@ func (r *Reader) readPIAEncryptionPreset() (presetPtr *string) {
|
|||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (r *Reader) readOpenVPNProcessUser() (processUser string, err error) {
|
||||||
|
// Retro-compatibility
|
||||||
|
root, err := envToBoolPtr("OPENVPN_ROOT")
|
||||||
|
if err != nil {
|
||||||
|
r.onRetroActive("OPENVPN_ROOT", "OPENVPN_PROCESS_USER")
|
||||||
|
return "", fmt.Errorf("environment variable OPENVPN_ROOT: %w", err)
|
||||||
|
} else if root != nil {
|
||||||
|
r.onRetroActive("OPENVPN_ROOT", "OPENVPN_PROCESS_USER")
|
||||||
|
if *root {
|
||||||
|
return "root", nil
|
||||||
|
}
|
||||||
|
const defaultNonRootUser = "nonrootuser"
|
||||||
|
return defaultNonRootUser, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return os.Getenv("OPENVPN_PROCESS_USER"), nil
|
||||||
|
}
|
||||||
|
|||||||
@@ -88,8 +88,8 @@ func modifyConfig(lines []string, connection models.Connection,
|
|||||||
modified = append(modified, `pull-filter ignore "route-ipv6"`)
|
modified = append(modified, `pull-filter ignore "route-ipv6"`)
|
||||||
modified = append(modified, `pull-filter ignore "ifconfig-ipv6"`)
|
modified = append(modified, `pull-filter ignore "ifconfig-ipv6"`)
|
||||||
}
|
}
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
modified = append(modified, "user "+settings.ProcUser)
|
modified = append(modified, "user "+settings.ProcessUser)
|
||||||
modified = append(modified, "persist-tun")
|
modified = append(modified, "persist-tun")
|
||||||
modified = append(modified, "persist-key")
|
modified = append(modified, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -10,7 +10,6 @@ import (
|
|||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
func boolPtr(b bool) *bool { return &b }
|
|
||||||
func intPtr(n int) *int { return &n }
|
func intPtr(n int) *int { return &n }
|
||||||
func uint16Ptr(n uint16) *uint16 { return &n }
|
func uint16Ptr(n uint16) *uint16 { return &n }
|
||||||
func stringPtr(s string) *string { return &s }
|
func stringPtr(s string) *string { return &s }
|
||||||
@@ -36,14 +35,13 @@ func Test_modifyConfig(t *testing.T) {
|
|||||||
"auth bla",
|
"auth bla",
|
||||||
},
|
},
|
||||||
settings: settings.OpenVPN{
|
settings: settings.OpenVPN{
|
||||||
User: "user",
|
User: "user",
|
||||||
Ciphers: []string{"cipher"},
|
Ciphers: []string{"cipher"},
|
||||||
Auth: stringPtr("auth"),
|
Auth: stringPtr("auth"),
|
||||||
MSSFix: uint16Ptr(1000),
|
MSSFix: uint16Ptr(1000),
|
||||||
Root: boolPtr(false),
|
ProcessUser: "procuser",
|
||||||
ProcUser: "procuser",
|
Interface: "tun3",
|
||||||
Interface: "tun3",
|
Verbosity: intPtr(0),
|
||||||
Verbosity: intPtr(0),
|
|
||||||
}.WithDefaults(constants.Custom),
|
}.WithDefaults(constants.Custom),
|
||||||
connection: models.Connection{
|
connection: models.Connection{
|
||||||
IP: net.IPv4(1, 2, 3, 4),
|
IP: net.IPv4(1, 2, 3, 4),
|
||||||
|
|||||||
@@ -57,8 +57,8 @@ func (c *Cyberghost) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -62,8 +62,8 @@ func (p *Provider) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -61,8 +61,8 @@ func (f *Fastestvpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "ping 15") // FastestVPN specific
|
lines = append(lines, "ping 15") // FastestVPN specific
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -53,8 +53,8 @@ func (h *HideMyAss) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -54,8 +54,8 @@ func (i *Ipvanish) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -59,8 +59,8 @@ func (i *Ivpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -58,8 +58,8 @@ func (m *Mullvad) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, `pull-filter ignore "ifconfig-ipv6"`)
|
lines = append(lines, `pull-filter ignore "ifconfig-ipv6"`)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -62,8 +62,8 @@ func (n *Nordvpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -61,8 +61,8 @@ func (p *Perfectprivacy) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -48,8 +48,8 @@ func (p *Privado) BuildConf(connection models.Connection,
|
|||||||
|
|
||||||
lines = append(lines, utils.CipherLines(settings.Ciphers, settings.Version)...)
|
lines = append(lines, utils.CipherLines(settings.Ciphers, settings.Version)...)
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -72,8 +72,8 @@ func (p *PIA) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -51,8 +51,8 @@ func (p *Privatevpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -61,8 +61,8 @@ func (p *Protonvpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -54,8 +54,8 @@ func (p *Purevpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "mssfix "+strconv.Itoa(int(*settings.MSSFix)))
|
lines = append(lines, "mssfix "+strconv.Itoa(int(*settings.MSSFix)))
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -61,8 +61,8 @@ func (s *Surfshark) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -59,8 +59,8 @@ func (t *Torguard) BuildConf(connection models.Connection,
|
|||||||
|
|
||||||
lines = append(lines, utils.CipherLines(settings.Ciphers, settings.Version)...)
|
lines = append(lines, utils.CipherLines(settings.Ciphers, settings.Version)...)
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -54,8 +54,8 @@ func (p *Provider) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -54,8 +54,8 @@ func (v *Vyprvpn) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -55,8 +55,8 @@ func (w *Wevpn) BuildConf(connection models.Connection,
|
|||||||
|
|
||||||
lines = append(lines, utils.CipherLines(settings.Ciphers, settings.Version)...)
|
lines = append(lines, utils.CipherLines(settings.Ciphers, settings.Version)...)
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -58,8 +58,8 @@ func (w *Windscribe) BuildConf(connection models.Connection,
|
|||||||
lines = append(lines, "explicit-exit-notify")
|
lines = append(lines, "explicit-exit-notify")
|
||||||
}
|
}
|
||||||
|
|
||||||
if !*settings.Root {
|
if settings.ProcessUser != "root" {
|
||||||
lines = append(lines, "user "+settings.ProcUser)
|
lines = append(lines, "user "+settings.ProcessUser)
|
||||||
lines = append(lines, "persist-tun")
|
lines = append(lines, "persist-tun")
|
||||||
lines = append(lines, "persist-key")
|
lines = append(lines, "persist-key")
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user