On Tue, 2009-04-07 at 11:23 -0400, Paul Wouters wrote: > Openswan has a GSoC project submission for this. One of the issues is > the architecture of NM, which focusses on user-based, and the the > architecture of ipsec, which is host-based. This creates some issues, > one of which is where and how to store and pass user/host credentials.
NetworkManager has all those problems anyway -- they aren't specific to IPSec. Other VPNs, wireless and even wired connections are system-wide things; once they're set up, any user can use them. None of it is _really_ a per-user thing. It's a complete pain in the arse that my wireless network doesn't come up after I reboot my laptop, for example, until I physically walk up to it and log in. This _used_ to work in early versions of NetworkManager, but then broke because of this misguided per-user thing. (I do actually want to set up VPN connectivity which doesn't tell the kernel about itself at all, but just listens as a SOCKS server and provides access to the VPN that way, thus giving access to the VPN _without_ necessarily giving access to arbitrary users and untrusted code on the box in question. But that's outside the scope of NetworkManager discussion). -- dwmw2 _______________________________________________ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list