From 2ab05b9350570a10bff82cb761ee1c2dcea13bcb Mon Sep 17 00:00:00 2001 From: "Quentin McGaw (desktop)" Date: Tue, 14 Sep 2021 14:54:59 +0000 Subject: [PATCH] Maint: OpenVPN: only add `persist-tun` when running without root --- internal/provider/custom/openvpnconf.go | 2 ++ internal/provider/custom/openvpnconf_test.go | 1 + internal/provider/cyberghost/openvpnconf.go | 2 +- internal/provider/fastestvpn/openvpnconf.go | 1 + internal/provider/hidemyass/openvpnconf.go | 1 + internal/provider/ipvanish/openvpnconf.go | 1 + internal/provider/ivpn/openvpnconf.go | 1 + internal/provider/mullvad/openvpnconf.go | 1 + internal/provider/nordvpn/openvpnconf.go | 1 + internal/provider/privado/openvpnconf.go | 1 + internal/provider/privateinternetaccess/openvpnconf.go | 1 + internal/provider/privatevpn/openvpnconf.go | 1 + internal/provider/protonvpn/openvpnconf.go | 1 + internal/provider/purevpn/openvpnconf.go | 1 + internal/provider/surfshark/openvpnconf.go | 1 + internal/provider/torguard/openvpnconf.go | 1 + internal/provider/vpnunlimited/openvpnconf.go | 1 + internal/provider/vyprvpn/openvpnconf.go | 1 + internal/provider/windscribe/openvpnconf.go | 1 + maintenance.md | 1 - 20 files changed, 20 insertions(+), 2 deletions(-) diff --git a/internal/provider/custom/openvpnconf.go b/internal/provider/custom/openvpnconf.go index 4b526162..4b7edba9 100644 --- a/internal/provider/custom/openvpnconf.go +++ b/internal/provider/custom/openvpnconf.go @@ -40,6 +40,7 @@ func modifyConfig(lines []string, connection models.Connection, line == "pull-filter ignore \"auth-token\"", line == "auth-retry nointeract", line == "suppress-timestamps", + line == "persist-tun", // Remove values always modified strings.HasPrefix(line, "verb "), strings.HasPrefix(line, "auth-user-pass "), @@ -88,6 +89,7 @@ func modifyConfig(lines []string, connection models.Connection, } if !settings.Root { modified = append(modified, "user "+settings.ProcUser) + modified = append(modified, "persist-tun") } modified = append(modified, "") // trailing line diff --git a/internal/provider/custom/openvpnconf_test.go b/internal/provider/custom/openvpnconf_test.go index 702b40e4..2b025b9d 100644 --- a/internal/provider/custom/openvpnconf_test.go +++ b/internal/provider/custom/openvpnconf_test.go @@ -63,6 +63,7 @@ func Test_modifyConfig(t *testing.T) { "pull-filter ignore \"route-ipv6\"", "pull-filter ignore \"ifconfig-ipv6\"", "user procuser", + "persist-tun", "", }, }, diff --git a/internal/provider/cyberghost/openvpnconf.go b/internal/provider/cyberghost/openvpnconf.go index 70b3bac3..aaf0c4d5 100644 --- a/internal/provider/cyberghost/openvpnconf.go +++ b/internal/provider/cyberghost/openvpnconf.go @@ -25,7 +25,6 @@ func (c *Cyberghost) BuildConf(connection models.Connection, "dev " + settings.Interface, "nobind", "persist-key", - "persist-tun", "remote-cert-tls server", "ping 10", "ping-exit 60", @@ -60,6 +59,7 @@ func (c *Cyberghost) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/internal/provider/fastestvpn/openvpnconf.go b/internal/provider/fastestvpn/openvpnconf.go index 16f7dd6b..d3660d60 100644 --- a/internal/provider/fastestvpn/openvpnconf.go +++ b/internal/provider/fastestvpn/openvpnconf.go @@ -58,6 +58,7 @@ func (f *Fastestvpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/hidemyass/openvpnconf.go b/internal/provider/hidemyass/openvpnconf.go index 3b90e4d7..d6ff2c5b 100644 --- a/internal/provider/hidemyass/openvpnconf.go +++ b/internal/provider/hidemyass/openvpnconf.go @@ -54,6 +54,7 @@ func (h *HideMyAss) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/ipvanish/openvpnconf.go b/internal/provider/ipvanish/openvpnconf.go index 4a6ad6a7..68a476e2 100644 --- a/internal/provider/ipvanish/openvpnconf.go +++ b/internal/provider/ipvanish/openvpnconf.go @@ -52,6 +52,7 @@ func (i *Ipvanish) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/ivpn/openvpnconf.go b/internal/provider/ivpn/openvpnconf.go index c4aa5e71..31a895f4 100644 --- a/internal/provider/ivpn/openvpnconf.go +++ b/internal/provider/ivpn/openvpnconf.go @@ -59,6 +59,7 @@ func (i *Ivpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/mullvad/openvpnconf.go b/internal/provider/mullvad/openvpnconf.go index da180256..caf7a2d0 100644 --- a/internal/provider/mullvad/openvpnconf.go +++ b/internal/provider/mullvad/openvpnconf.go @@ -61,6 +61,7 @@ func (m *Mullvad) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/internal/provider/nordvpn/openvpnconf.go b/internal/provider/nordvpn/openvpnconf.go index cd24a0ad..496c8e35 100644 --- a/internal/provider/nordvpn/openvpnconf.go +++ b/internal/provider/nordvpn/openvpnconf.go @@ -63,6 +63,7 @@ func (n *Nordvpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/privado/openvpnconf.go b/internal/provider/privado/openvpnconf.go index 5c32c949..3e2381b9 100644 --- a/internal/provider/privado/openvpnconf.go +++ b/internal/provider/privado/openvpnconf.go @@ -51,6 +51,7 @@ func (p *Privado) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/internal/provider/privateinternetaccess/openvpnconf.go b/internal/provider/privateinternetaccess/openvpnconf.go index 8f95fd01..aeccbe5e 100644 --- a/internal/provider/privateinternetaccess/openvpnconf.go +++ b/internal/provider/privateinternetaccess/openvpnconf.go @@ -73,6 +73,7 @@ func (p *PIA) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/internal/provider/privatevpn/openvpnconf.go b/internal/provider/privatevpn/openvpnconf.go index 7aad5129..46f6aea6 100644 --- a/internal/provider/privatevpn/openvpnconf.go +++ b/internal/provider/privatevpn/openvpnconf.go @@ -52,6 +52,7 @@ func (p *Privatevpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/internal/provider/protonvpn/openvpnconf.go b/internal/provider/protonvpn/openvpnconf.go index 625c78ad..727c7000 100644 --- a/internal/provider/protonvpn/openvpnconf.go +++ b/internal/provider/protonvpn/openvpnconf.go @@ -63,6 +63,7 @@ func (p *Protonvpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/purevpn/openvpnconf.go b/internal/provider/purevpn/openvpnconf.go index 25c05005..b7bc38c3 100644 --- a/internal/provider/purevpn/openvpnconf.go +++ b/internal/provider/purevpn/openvpnconf.go @@ -60,6 +60,7 @@ func (p *Purevpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/surfshark/openvpnconf.go b/internal/provider/surfshark/openvpnconf.go index 0455e8be..4e5b3652 100644 --- a/internal/provider/surfshark/openvpnconf.go +++ b/internal/provider/surfshark/openvpnconf.go @@ -60,6 +60,7 @@ func (s *Surfshark) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/torguard/openvpnconf.go b/internal/provider/torguard/openvpnconf.go index 3f264ebb..6ad227d0 100644 --- a/internal/provider/torguard/openvpnconf.go +++ b/internal/provider/torguard/openvpnconf.go @@ -61,6 +61,7 @@ func (t *Torguard) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if connection.Protocol == constants.UDP { diff --git a/internal/provider/vpnunlimited/openvpnconf.go b/internal/provider/vpnunlimited/openvpnconf.go index 3d5e097d..ff4b685c 100644 --- a/internal/provider/vpnunlimited/openvpnconf.go +++ b/internal/provider/vpnunlimited/openvpnconf.go @@ -52,6 +52,7 @@ func (p *Provider) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if !settings.IPv6 { diff --git a/internal/provider/vyprvpn/openvpnconf.go b/internal/provider/vyprvpn/openvpnconf.go index b8c920d1..f33a7e88 100644 --- a/internal/provider/vyprvpn/openvpnconf.go +++ b/internal/provider/vyprvpn/openvpnconf.go @@ -52,6 +52,7 @@ func (v *Vyprvpn) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/internal/provider/windscribe/openvpnconf.go b/internal/provider/windscribe/openvpnconf.go index fb6aba57..8ba70d2b 100644 --- a/internal/provider/windscribe/openvpnconf.go +++ b/internal/provider/windscribe/openvpnconf.go @@ -58,6 +58,7 @@ func (w *Windscribe) BuildConf(connection models.Connection, if !settings.Root { lines = append(lines, "user "+settings.ProcUser) + lines = append(lines, "persist-tun") } if settings.MSSFix > 0 { diff --git a/maintenance.md b/maintenance.md index 014201ab..7b85a956 100644 --- a/maintenance.md +++ b/maintenance.md @@ -4,7 +4,6 @@ - Remove duplicate `/gluetun` directory creation - Remove firewall shadowsocks input port? -- Re-add `persist-tun`? Run openvpn without root? - Remove `script-security` option - `ncp-ciphers` to `data-ciphers` - Remove `ncp-disable`