Interface for accessing /dev/net/tun

Jamie Bennett jamie.bennett at canonical.com
Mon Sep 5 10:51:33 UTC 2016


On 03/09/16 at 12:45pm, Casey Marshall wrote:
> I'm trying to write a snap for OpenVPN with some wrapper scripts that automate
> PKI setup, IP masq, etc. My goal is to be able to setup an OpenVPN server with
> a single command, and then issue new clients with a single command. I'm using
> strict mode, because that's how I roll.
> 
> I've added the firewall-control and network-control plugs, and that allowed
> some things to work (like setting up IP masq, etc.). However openvpn cannot
> start up, it's getting denied from opening /dev/net/tap, https://github.com/
> cmars/easy-openvpn-pkg/blob/master/TODO.md#
> tuntap-access-for-openvpn-in-strict-mode
> 
> Would it be reasonable to contribute a patch to snapd adding the tun and/or tap
> devices to the network-control interface? Or would these constitute a new
> interface?

As this interface is just a network device, albeit for user space programs, it
makes sense for this to be part of the network-control interface IMHO.

> -Casey

Regards,
Jamie.

> -- 
> Snapcraft mailing list
> Snapcraft at lists.snapcraft.io
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft





More information about the Snapcraft mailing list