Ras*_*guy 6 users networkmanager vpn
In continuation of my last question about using netns as a relugar user, I'm now looking for a way to open VPN tunnels as a regular user.
So I naturally thought about network-manager. Any user can use it for any VPN.
I could just allow opening VPN tunnels by editing the sudoer file, but I really would rather not do that.
So I'm wondering how to use it in different network namespaces. According to this source, network-manager might support netns, if I understand correctly the sentence :
The interface must be configured manually because ifupdown does not support namespaces yet, and it would use the same /run/network/ifstate file which tracks the interfaces of the main namespace (this is also a good argument in favour of something persistent like Network Manager...).
Thanks.
EDIT: At the moment I didn't figured out how to tells to network-manager to manage several namespaces. My idea is now to launch several instances of network-manager (as root) in each namespace. The fact is that I cannot lauch several instances of network-manager. From syslog:
<error> [1443615747.550129] [nm-dbus-manager.c:808] nm_dbus_manager_start_service(): Could not acquire the NetworkManager service as it is already taken.
您链接到的博客文章仅列出了ip netns命令,并且正是在此上下文中(不幸的是您在引用时遗漏了)ifupdown提到了,只有网络管理员。为了使用多个网络管理器实例,您需要首先根据可能的挂载命名空间和 IPC 隔离它们(请阅读:dbus unix 套接字 IPC,如果我没有记错的话)。加入网络命名空间或创建自己的隔离只是沙箱或隔离网络管理器的一系列复杂步骤中的最后一步。您可能最好从一些容器开始,并将所有必需的基础设施内容放入其中……但这会导致各种问题,尤其是网络容器的强制 IPAM 内容,具体取决于您选择的网络驱动程序模型。