On Fri, 2017-01-27 at 23:55 +0000, Patrick O'Callaghan wrote:
> On Fri, 2017-01-27 at 14:53 -0800, Mike Wright wrote:
>> On 01/27/2017 02:36 PM, Patrick O'Callaghan wrote:
>>> I have a subscription to a commercial VPN provider and would like to
>>> configure certain applications to always use VPN connections as far as
>>> the provider while everything else goes through as normal. Note that
>>> this needs to work for arbitrary remote sites so the VPN is basically
>>> acting as a proxy rather than me controlling both ends of the
>>> connection, so e.g. an SSH tunnel won't do it.
>>>
>>> I looked into this a while ago and there are several suggestions on the
>>> Web as to how to do this on Linux, but those I tried didn't work for
>>> me. At least one idea seemed to involve setting up an alternate network
>>> name space with its own routing, but it's been a while and I'm afraid
I
>>> didn't take note of the details.
>>
>> Hi Patrick,
>>
>> Stéphane Graber of Ubuntu's LXC/D container world has done several
>> things with VPN from passing the vpn to a container where the container
>> sees it as just another eth device, to managing his sundry VPN
>> connections via namespacing.
>>
>> His words:
>>
>> """
>> The code is available at: git clone
>>
git://github.com/stgraber/vpn-container. Then it’s as simple as:
>> ./start-vpn VPN-NAME CONFIG
>> """
>>
>> The approach is discussed at
https://www.stgraber.org/category/lxc/.
>> Search for VPN in containers for the specific section.
>
> Thanks. The versions I'd seen before didn't involve containers but I'll
> take a look.
Decided to try this, but there's a dependency on something called
uidmap which doesn't seem to exist for Fedora (according to both dnf
search and Google).
I'm not sure about uidmap. What about newuidmap and newgidmap?