Giancarlo Razzolini <grazzolini@archlinux.org> on Fri, 2016/12/02 13:52:
Em dezembro 2, 2016 10:50 Christian Hesse escreveu:
Wondering if this is possible without hard coded interface names... You would have to use %i in openvpn-unprivileged@.service:
ExecStartPre=-/usr/bin/openvpn --rmtun --dev %i ExecStartPre=/usr/bin/openvpn --mktun %i ... ExecStart=/usr/bin/openvpn --config %i.conf --dev %i ...
However... You should base your work on the new upstream systemd units.
Well, that would require calling the file with the same name as the interface being used, but it would definetely work. Since we now have a run dir, all that would be needed is this "unprivileged" systemd unit. I think the need for an unprivileged iproute could be easily addressed by the user itself, manually.
Well, you could provide a sudoers file, a wrapper with 'sudo /usr/bin/ip $@' and add '--iproute /path/to/wrapper' in your unit file. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}