I am attempting to create a new snap of the openfortivpn VPN client to take over maintenance of the existing snap.
The existing snap had been created 2 years ago from this snapcraft.yaml file and does not seem to be working anymore - at least not on Ubuntu 18.04. Not sure why it doesn’t work anymore, the error message feels like the network-bind plug is not been taken into account but is strangely garbled:
$ sudo /snap/bin/openfortivpn -u xxxxxxx xxxxx.xxxx.de:443
WARN: Could not load config file "/etc/openfortivpn/config" (No such file or directory).
VPN account password:
12972: 2 12972: � 12972: e.so.2ERROR: gethostbyname: Unknown server error
INFO: Closed connection to gateway.
ERROR: connect: Connection refused
INFO: Could not log out.
$
Anyway, let’s focus on the new prototype snap built from a snapcraft.yaml file directly inspired by the existing one. I have declared plugs [network-bind ppp] and the snap builds smoothly but fails to run as if the ppp plug wasn’t sufficient:
$ sudo /snap/bin/openfortivpn-test.openfortivpn -u xxxxxxx xxxxx.xxxx.de:443
WARN: Could not load config file "/usr/etc/openfortivpn/config" (No such file or directory).
VPN account password:
INFO: Connected to gateway.
INFO: Authenticated.
INFO: Remote gateway has allocated a VPN.
Couldn't open the /dev/ppp device: Operation not permitted
/snap/openfortivpn-test/current/usr/sbin/pppd: Sorry - this system lacks PPP kernel support
/snap/openfortivpn-test/current/usr/sbin/pppd: Sorry - this system lacks PPP kernel support
ERROR: read: Input/output error
INFO: Cancelling threads...
ERROR: pppd: The kernel does not support PPP, for example, the PPP kernel driver is not included or cannot be loaded.
INFO: Terminated pppd.
INFO: Closed connection to gateway.
INFO: Logged out.
$
Indeed I should have documented this: connecting the ppp plug does not help:
$ sudo snap connect openfortivpn-test:ppp
$
$ snap connections openfortivpn-test
Interface Plug Slot Notes
network-bind openfortivpn-test:network-bind :network-bind -
ppp openfortivpn-test:ppp :ppp manual
$
$ sudo /snap/bin/openfortivpn-test.openfortivpn -u xxxxxxx xxxxx.xxxx.de:443
WARN: Could not load config file "/etc/openfortivpn/config" (No such file or directory).
VPN account password:
INFO: Connected to gateway.
INFO: Authenticated.
INFO: Remote gateway has allocated a VPN.
Couldn't open the /dev/ppp device: Operation not permitted
/snap/openfortivpn-test/current/usr/sbin/pppd: Sorry - this system lacks PPP kernel support
/snap/openfortivpn-test/current/usr/sbin/pppd: Sorry - this system lacks PPP kernel support
ERROR: read: Input/output error
INFO: Cancelling threads...
ERROR: pppd: The kernel does not support PPP, for example, the PPP kernel driver is not included or cannot be loaded.
INFO: Terminated pppd.
INFO: Closed connection to gateway.
INFO: Logged out.
$
This doesn’t make sense to me because passing an absolute system path instead of a path relative to the snap kind of breaks confinement. I’ve tried this and execv() fails with an error message such as /usr/sbin/pppd: No such file or directory: