Checkpoint R80+ VPN client chroot wrapper
. getDistro(): cleaner and faster, status improved . missing TAB in help . add modprobe tun outside the chroot . adding sudo permissions logic fixed . Changes for compatibility with Bookworm chroot, for using it in 2023 . deal with old CShell launcher bug, lost socket file . PATH fixed . Devuan support, no metapackage firefox . PCLinuxOS LD_PRELOAD bug . debootstrap pool name changed . code for empty SUDO_USER . message Firefox policy not installed . Alpine, NuTyx, EulixOS support added . more distributions tested (see README)
. Ubuntu 22.10 breaks resolvconf, now also tests for systemd-resolved /run file for Debian family . debootstrap files used from Debian pool were deleted, changed for new Debian names . debootstrap tar.gz URL corrected . debootstrap script+files now installed from tar.gz source when dpkg in the host distribution is not available . adds make to needed packages, except SUSE . does away with jq to improve compatibility . which replaced by command -v for better compatibility . xorg-xauth package added to Arch setup . Arch distribution also uses systemd-networkd, in addition to Network Manager . adds KaOS and Loc-OS Linux support and Kwort Linux preliminary support . forces Arch/KaOS Firefox policy location . adds new policy command line option for using when chroot is installed before Firefox, vpn.sh policy . SPLIT routing directives better handled, + and - commands. See README . alternative configuration file, option -f/--file for having several configured VPNs . added chroot location to configuration file, $CHROOT . code linted . more distributions and versions tested. See README
Fix selfupdate not upgrading if chroot never successfuly installed Fix selfupdate when installed via deb/rpm package Fix bugs running in Slackware after replacing wget with curl Fix bug running in Fedora Rawhide 37, gnutls bug reported by myself to RedHat team debootstrap ignores Debian keyring for fixing issues where host keyring is very old User messages improved Support added for Deepin 23 and Miracle Linux Implements rmchroot command to delete chroot only (and unlike uninstall, keep script)
. adds support for Navy Linux and pakOS firefox profiles location . test the group of SUDO_USER/user non-privileged user using the script, for giving sudo or wheel sudoers messages . addresses upgrade of script /usr/bin/vpn.sh installed by deb/rpm package . showing Checkpoint side certificate, openssl s_client does not stall anymore . replaces wget(s) by curl, several distros/versions with recurrent wget/gnuTLS bugs, including Fedora FC 37 beta . RedHat/rpm packages: dpkg dont assume implicit dependencies, name it
fixes Slackware setup bug adds VPN remote X.509 certificate display to status Debian pool debootstrap now 1.0.127 adds support for AmOs Linux, PCLinuxOS, Mandriva LX 5.0, AaricKDE, Mandrake family/older RH style, OpenEuler/Euler Linux more fixes to sudo logic, correct logic between non-root vs root code cleaning, independent functions for each distribution install procedures loosely made deb and rpm package
. Fix Debian apt/_apt bug, chroot / must be at least mode 755 (rwxr-xr-x). . ArchLabs deboostrap does not have dpkg as a dependency; never assume things. . typo in SNAP firefox policies directory name fixed . non-documented selfdownload option . error in grep detecting RedHat . chroot detection warns but does not abort . changes for Rocky 9 . supports PeuxOS . upgrades debootstrap if too old . BOSS and OB2D distributions support . sudo privileges check
Code cleaning. Delete redundant code dealing with resolv.conf and Firefox profiles. Script more stable. DNS double checks for not to mess up DNS. Better Debian and Ubuntu derivates support. More distributions tested. Gives up if no sudo installed and asks for it to be installed. Replaces Trisquel debootstrap. MX and Pardus support for different Firefox profile directories. Warns if a Firefox profile is already installed. Replaces debootstrap with a more recent one in Slackware. Saner EPEL setup, needs testing. Gentoo maintenance commands. SUSE improvements. More distros tested. Compatibility with Kamarada Linux/OpenSUSE Desktop. Archcraft distribution support. Much simplified Arch DNS handling. Whoever used this script in Arch using the last versions, after installing this version but before running it should : delete the /etc/NetworkManager/conf.d/rc-manager.conf file remove the openresolv package restart NetworkManager.
Linting, bug building chroot Fix nscd "feature" that was causing problems in SUSE, but can potentially manifest in another distributions: avoid sharing /run/nscd between host and chroot. DNS fix, when failing DNS queries, at least Debian derivates were not creating a proper resolv.conf in the 1st time chroot creation phase Mageia 8 support and minor RedHat fixes Slackware support added Adds support for Void Linux Linux Deepin basic support Gentoo support added Added RHEL support. Improved support for Oracle Linux. SLES working now too. RedHat added. Slackware 15.1 beta working now. Salix 15.0 working (Slackware based) EndeavourOS tested. Need of compiling packages in Slackware better dealt. EPEL need better detected. Firefox "distribution" directories better detected, the name varies more than thought. Warns if another Firefox policy already present.
dnf instead of yum, dnf check-update More compatibility creating cshell host group and user Latest versions of Debian, Ubuntu, RedHat, CentOS, Fedora, Arch and SUSE distribution family working now. Installs Mobile Access Portal certificate policy acceptance for Firefox in more locations. Handles more Checkpoint/cshell_install.sh versions. Experimental support for older post Mobile Access Portal older versions (--oldjava). Handles better errors and DNS configurations. Adds sudoers line automatically. fixed cut and paste bug handling DNS in Debian