On Wed, 2013-07-24 at 16:23 -0500, KodaK wrote:
> I'm running the following in RHEL6:
> 
> NetworkManager-glib-0.8.1-43.el6.x86_64
> NetworkManager-0.8.1-43.el6.x86_64
> NetworkManager-vpnc-0.8.0-1.git20100411.el6.x86_64
> NetworkManager-gnome-0.8.1-43.el6.x86_64
> 
> When I try to connect to our VPN when the password is expiring, the
> cisco box displays a message similar to "Your password expires in 14
> days.  Would you like to change it now?" and then NetworkManager
> chokes.
> 
> This forces me to change my password prematurely.  This almost always
> happens to coincide with weekends where I'm on call.
> 
> I'm at wit's end.  I've been looking through my box to try and find
> where this dialog is handled, and the only thing I can find is a
> binary nm-vpnc-auth-dialog.  I can't find any documentation on this,
> or how I can force it to do what I want.  I can't find any expect
> scripts (which is what I would expect, ha!)  I've worn out the
> googles.  I keep going in circles and I haven't seen anyone else with
> this exact problem.  (Not saying it's not out there, I just haven't
> found it.)

Unfortunately vpnc is not very cooperative in being controlled by
another process and thus this fails when vpnc wants more information.
Due to this deficiency with vpnc, NM-vpnc runs vpnc in "one-shot" mode
and if there's any additional information required, the vpnc process
will terminate ("non-interactive can't re-use secrets" is typically the
message).

I've recently done some work in NM and NM-vpnc to handle server requests
for information, and that's under review right now in the
dcbw/vpn-need-secrets (for NM git) and dcbw/need-secrets (NM-vpnc git)
branches.  This depends on patches to vpnc itself that aren't picked up
yet, to allow vpnc to take input from a controlling process and not
always read a tty.

Can you run vpnc with "Debug 99" and reply with the sequence that it
uses to present this question?  I'm interested in the specific prompt
vpnc prints out when this happens, so that I can account for it in these
branches.  Is the message "Answer for VPN xxx@xxx:"?

Dan

_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Reply via email to