Android GUI for tinc
Guus Sliepen
guus at tinc-vpn.org
Tue Sep 25 16:44:45 CEST 2012
On Mon, Sep 24, 2012 at 05:03:18PM +0200, Vil Brekin wrote:
> As for tinc on linux, you'll need a TUN/TAP device on android as well
> (my app is just a basic GUI over the standard tinc daemon). I'm not
> sure it's available on every ROM. I use CM9/10 on a SGS2, and the
> driver is included in the kernel.
> Same, you can disable root usage in the application (in the settings),
> but it's probably needed to access the TUN/TAP device anyway...
I just verified that the following works on Linux:
tincd -n <netname> -D -o Device=/dev/fd/0 </dev/net/tun
Which means you can pass any filedescriptor to tincd (but you must use the -D
option). So the following should allow you to start the tincd binary as an
ordinary user, but have it use a filedescriptor that root opened:
sudo -u <user> tincd -n <netname> -D -o Device=/dev/fd/0 </dev/net/tun
Normally that is not so useful, since you could just as well use tincd's own
--user option. However I see that Android has a VpnService class that creates
a VPN interface the official way (but presumably it still uses a tun device
under the hood). The GUI could use the above trick to pass the filedescriptor
you get from the VpnService class to the tincd instance it starts. But the GUI
is then also responsible for adding addresses and routes on that interface.
http://developer.android.com/reference/android/net/VpnService.html
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120925/fca5c5b8/attachment.pgp>
More information about the tinc
mailing list