Would break existing stored passwords and preferences. They'd lose their saved passwords and preferences.
#Tunnelblick deployed version full#
We could include the full path to theĭocument as part of the key, but then if someone moves the document Keys in the Keychain that store passwords, for example, contain the If a document has a configuration with the same name as aĬonfiguration in Deploy or in ~/Library.Configurations or in anotherĭocument that has already been opened, what do we do? (We're alsoįacing this issue if/when we allow aggregation of ~/Library./Ĭonfiguration configs with Deploy configs.) The MAIN QUESTION (assuming the above, of course), is what to do about To be connected when the document is opened. * The CONFIGNAMEautoConnect preference would cause the configuration Initialized but the user can modify them and they will be persistent. Opened (only copying preferences that don't exist yet), so they are Would be copied to the user's normal preferences when the document is If there was a forced preference that specifically allows it.
* In a deployed version of Tunnelblick, documents would only be opened * Other than that, the document is used "as is", i.e., it isn't copied (I think the user would needĪdmin permission to move the document, however.) Since the ownership/permissions of theĭocument itself are not modified (only its contents), the user can This would usually only happen the first time the document If necessary, the user isĪsked for an admin username/password so that the ownership/permissionsĬan be set. Permissions depending on what each item is. The contents of Deploy are - owned by root:wheel with various Sets the ownership/permissions of its contents in the same way that * When Tunnelblick opens the document, it verifies and (if necessary) Tunnelblick automatically tries to connectĪny configurations that have the "autoConnect" preference set. If the contents were in Deploy or in ~/Library/Application Support/ Launched (if it isn't already running), and Tunnelblick adds theĭocuments' configurations to the list of available configurations, as * When a user double-clicks a Tunnelblick document, Tunnelblick is "Deploy" folder or in ~/Library/Application Support/Tunnelblick/ The bundle would contain a mix of configuration files, keys,Ĭertificates, and shell scripts - the stuff that is usually in a
* A Tunnelblick "document" would be an OS X bundle with an extension If you have further questions about using Tunnelblick, please use Tunnelblick's Discussion Group for questions - !forum/tunnelblick-discuss.Tunnelblick "packages" came up a while ago in an Issue ( /p/tunnelblick/issues/detail?id=122). And when it launches, it will start the VPN if it is set to "When Tunnelblick launches". Tunnelblick will launch when you log in if it is running when you log out (or shut down or restart). It is likely that selecting "When Tunnelblick launches" and have Tunnelblick launch when you log in will be sufficient for your needs. If you are trying to make sure nobody can "eavesdrop" on your network connection, this brief time period is a time when they can.įor that reason, few people use the "When computer starts" option - and it could be buggy (I speak as the developer/maintainer of Tunnelblick). If you have a "Private" configuration, you can change it to "Shared" (and thus enable the "When computer starts" setting) by selecting the configuration in the list on the left, then clicking the little "gear" icon at the bottom of the list, then clicking "Make Configuration Shared."Įven with "When computer starts" selected, there is a time during the computer startup when the VPN has not been established but network operations take place (among other things, to start the VPN!), so there is network traffic that is not sent through the VPN. The "When computer starts" setting will only be available if the configuration is what Tunnelblick calls a "Shared" configuration, or if the version of Tunnelblick you have is what is called a "Deployed" version (with the configurations built into the application). The default setting is "Manually", but you can set it to connect "When Tunnelblick launches" or "When computer starts". Tunnelblick itself has an option to start when the computer starts - on the "Settings" tab of the "Configurations" panel of the "VPN Details." window, there is a setting named "Connect".
#Tunnelblick deployed version software#
(That is why you need Tunnelblick to use the VPN - OS X does not include software to handle an OpenVPN-based VPN.) Tunnelblick is used to start/stop/manage an "OpenVPN" VPN, which is different. It can only be used to start a VPN that is the type of VPN built into OS X - an "L2TP over IPSec" or "PPTP", or "Cisco IPSec" VPN. "System Events" is an Apple-supplied function.
0 kommentar(er)
