I want to run openvpn every time I log on, but currently I run

sudo openvpn --config <myconfig> --auth-user-pass <user/pass>

every time. Is there a way to make it run that automatically and not need my password?

I could make it launch a terminal and run a script but is there a way that would not require me to type my password every time? Can I maybe give myself permissions to whatever openvpn needs so it doesn’t need sudo? How do I find out what those permissions are? Is this the right place to ask?

I’m running KDE/Plasma 6 on Manjaro should that matter

edit: Thanks all! I’m going to try the systemd option, if I can’t get that working I’ll fall back to the cronjob option, and failing that changing openvpn to not need a password for sudo and launching a script at kde statup.

  • Supermariofan67@programming.dev
    link
    fedilink
    arrow-up
    5
    ·
    9 months ago

    For this in particular, look into setting up NetworkManager to do the openvpn configuration, it has that functionality built in. Otherwise, systemd unit file

    • just some guy
      link
      fedilink
      arrow-up
      3
      ·
      9 months ago

      I don’t use open VPN so I don’t know for sure, but I think you’re right as the best way to go. Pretty sure I recall Network Manager having an option to set a vpn to be always on when a network connection is made and an option to save credentials.

  • lurch (he/him)
    link
    fedilink
    arrow-up
    3
    ·
    9 months ago

    AFAIK you can allow it in the sudoers file to not need a password, if you keep the sudo.

    idk how KDE autostarts, tho.

  • UID_Zero@infosec.pub
    link
    fedilink
    English
    arrow-up
    3
    ·
    9 months ago

    Look into editing the sudoers file. Add a line that allows you to run openvpn with the NOPASSWD option.

    I strongly recommend not using that for everything, just the specific commands you need to run non-interactively.

    • ReCursing@kbin.socialOP
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      I didn’t know that was an option! Sounds generally insecure but if the other options here don’t work out this should solve it. Thanks!

      • UID_Zero@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        It’s only as insecure as you make it. It’s an option, it needs to be used responsibly.

  • Atemu@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    If you’re using NetworkManager, I’d recommend you to use it to create a VPN profile instead and connect to that on startup through the unprivileged nmcli.