Arch Linux User Repository

Just a couple of things I thought can be used to improve this package, if I'm wrong on any of them, please excuse me:

1) Hard-coding number of threads in make isn't something useful, I think it should either be make or make -j$(nproc), the first one leaves to the user if he has changed all its make to use another number of threads or not and the second one just uses all threads to build the package, either way make -j4 isn't useful.

2) By default /etc/sudoers.d permissions is 640 and if you change its permission after mkdir its folder, it would prevent warning saying:

"warning: directory permissions differ on /etc/sudoers.d/ filesystem: 750 package: 755".

3) As it doesn't work without adding a line from patch to /etc/sudoers.d and it should be run from terminal using sudo, having a file in /usr/share/applications which doesn't work is useless, so I suggest changing Exec line from:

Exec=/usr/bin/openfortigui

to

Exec=/usr/bin/sudo /usr/bin/openfortigui

in /usr/share/applications/openfortigui.desktop.

@wayneb You just need to add this line your sudoers file: youruser ALL=NOPASSWD:SETENV: /usr/bin/openfortigui

Same problem for 0.8.2-1 As a workarund you can setup a config file in openfortivpn -c /etc/openfortivpn/config

As an example you can use what openfortigui generated from : ~/.openfortigui/vpnprofiles

@wayneb sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper... As a workaround configure and use openfortivpn manually via terminal openfortivpn -c /etc/openfortivpn/config

Upgrade from 0.8.0-2 to 0.8.2-1 caused all of my VPN profiles to stop working with error message: sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper

Version 0.8.0-2 integrate lightman patch.

Latest version 0.80 does not connect, with password set. But does not ask for OTP. Original forticlient on console works.

Log is sparse: Aug. 1 20:47:06 openfortiGUI::Debug: client api helo command:: 0 ::name:: "xyz" Aug. 1 20:47:06 openfortiGUI::Debug: active-tab:: 0 Aug. 1 20:47:06 openfortiGUI::Debug: start vpn: "xyz" active-tab:: 0 Aug. 1 20:47:06 openfortiGUI::Debug: client disconnected:: "xyz" Aug. 1 20:47:06 openfortiGUI::Debug: vpnManager::onClientVPNStatusChanged() "xyz" status 0 Aug. 1 20:47:06 openfortiGUI::Debug: MainWindow::onClientVPNStatusChanged:: "xyz" ::status:: 0

Hi all, I wrote a little patch that allows the client to run in the user environment, so useful tray icon, no pkexec needed, vpn configs/logs in user's home (thus editable without root permissions) and other little benefits.

Moreover AES key and IV are stored in gnome-keyring, which is a big plus for security.

For this to work without password you need to add this in /etc/sudoers:

youruser ALL=NOPASSWD:SETENV: /usr/bin/openfortigui

The magic here is done by the "-E" sudo argument, which preserves the user's environment in the privileged process.

@macfly it would be great if you would include that to the PKGBUILD If not, here is the code for anyone else interested.

https://pastebin.com/58Vcaq2N

It's fixed :)

@macfly: sorry marked out-of-date by error. I'm an idiot