Open OmanF opened 1 year ago
Savolro
commented
1 year ago Hi and thank you for your feedback! Arch and derived distros were removed from the supported distributions list with c7272c0
I am changing tag and label for this issue in case instead of closing so it could be used for Arch Linux support tracking
FabioLolix
commented
1 year ago Hello, 2 days ago I've seen that the client have become open source; I have some experience in Arch packaging so I tried to build through a pkgbuild.
The pkgbuilds are not 100% complete and I'm not using nordvpn, they can be found here: Stable https://github.com/FabioLolix/AURFIX/blob/main/n/nordvpn/PKGBUILD VCS https://github.com/FabioLolix/AURFIX/blob/main/n/nordvpn-git/PKGBUILD
Some observations and problems I had:
Error: open .env: no such file or directory
go build don't work$ go build
no Go files in /home/fabio/Dev/Github/AURFIX/n/nordvpn-git/src/nordvpn-linux-buildmode=pie make the build fail, not compatible with -race enable+ go build -race -tags '"telio drop"' -ldflags '-linkmode=external -X '\''main.Version=3.16.0+54c9d7e'\'' -X '\''main.Environment=dev'\'' -X '\''main.Hash=54c9d7e'\'' -X '\''main.Arch=amd64'\'' -X '\''main.PackageType=source'\'' -X '\''main.Salt=f1nd1ngn3m0'\'' -X '\''main.EventsDomain=http://example.com'\'' -X '\''main.EventsSubdomain=subdomain'\'' -X '\''main.FirebaseToken='\''' -o /home/fabio/Dev/Github/AURFIX/n/nordvpn-git/src/nordvpn-linux/bin/amd64/nordfileshared
-buildmode=pie not supported when -race is enabled
Error: running "ci/compile.sh " failed with exit code 1Both go build and -buildmode=pie are mentioned several times in BUILD.md
luisgabrielroldan
commented
1 year ago Hey! I have been using nordvpn on my Arch Linux for months... But now It became opensource and for some reason is not working anymore?
Savolro
commented
1 year ago Hello, 2 days ago I've seen that the client have become open source; I have some experience in Arch packaging so I tried to build through a pkgbuild.
The pkgbuilds are not 100% complete and I'm not using nordvpn, they can be found here: Stable https://github.com/FabioLolix/AURFIX/blob/main/n/nordvpn/PKGBUILD VCS https://github.com/FabioLolix/AURFIX/blob/main/n/nordvpn-git/PKGBUILD
Some observations and problems I had:
- 2 git submodules are configure but are not public (and not used?) https://github.com/NordSecurity/nordvpn-linux/blob/main/.gitmodules
- In BUILD.md -> Development builds is missing a " in the command
- A .env file is needed otherwise mage fail
Error: open .env: no such file or directory
go builddon't work$ go build no Go files in /home/fabio/Dev/Github/AURFIX/n/nordvpn-git/src/nordvpn-linux
- Using
-buildmode=piemake the build fail, not compatible with -race enable+ go build -race -tags '"telio drop"' -ldflags '-linkmode=external -X '\''main.Version=3.16.0+54c9d7e'\'' -X '\''main.Environment=dev'\'' -X '\''main.Hash=54c9d7e'\'' -X '\''main.Arch=amd64'\'' -X '\''main.PackageType=source'\'' -X '\''main.Salt=f1nd1ngn3m0'\'' -X '\''main.EventsDomain=http://example.com'\'' -X '\''main.EventsSubdomain=subdomain'\'' -X '\''main.FirebaseToken='\''' -o /home/fabio/Dev/Github/AURFIX/n/nordvpn-git/src/nordvpn-linux/bin/amd64/nordfileshared -buildmode=pie not supported when -race is enabled Error: running "ci/compile.sh " failed with exit code 1Both
go buildand-buildmode=pieare mentioned several times in BUILD.md
Hi and thank you for your input on this!
events/moose). Lack of it does not break any user-facing functionality of the application, therefore, app should compile and work fine without it. If it causes any problems with compilation, please report them..env file, we'll try to see if it's worth making some default value map. Do you have any problems with having an empty .env file?-race and -buildmode=pie incompatibility. buildmode=pie is not needed for development builds, therefore -race is used in order to help us detect race conditions. As I can see, you are using mage in your PKGBUILD scripts. our magefiles use ci/compile.sh script which should ensure that these flags are not used in a same build. How did you encounter such an issue?Savolro
commented
1 year ago Hey! I have been using nordvpn on my Arch Linux for months... But now It became opensource and for some reason is not working anymore?
Hi! We are not supporting Arch Linux officially yet. Chances are you were using an AUR package which is maintained by community. You should contact the AUR package maintainers until we can have an official Arch Linux support.
edt-xx
commented
1 year ago Building using the nordvpn-git package from Arch's aur creates a package but the nordvpnd daemon gets: nordvpnd[184006]: 2023/04/28 18:12:40 cipher: message authentication failed Any ideas as to what is missing or is building incorrectly?
The nordvpn-bin aur package based on the .deb works though. It would be nice if your support people, after telling us that you do not support Arch, could mention that they would suggest trying the nordvpn-bin package. Suspect this will lead to happier customers - know it would have when I attempted to chat with your support people (I was not at all a happy camper and I have been using nordvpn on Arch for three years...)
Savolro
commented
1 year ago Building using the nordvpn-git package from Arch's aur creates a package but the nordvpnd daemon gets: nordvpnd[184006]: 2023/04/28 18:12:40 cipher: message authentication failed Any ideas as to what is missing or is building incorrectly?
The nordvpn-bin aur package based on the .deb works though. It would be nice if your support people, after telling us that you do not support Arch, could mention that they would suggest trying the nordvpn-bin package. Suspect this will lead to happier customers - know it would have when I attempted to chat with your support people (I was not at all a happy camper and I have been using nordvpn on Arch for three years...)
I think the error might come from here https://github.com/NordSecurity/nordvpn-linux/blob/main/config/manager.go#L128
Could you please try removing /var/lib/nordvpn/data/settings.dat from your machine and then restart the nordvpnd?
The issue might be caused by different encryption keys used for encrypting (using our build) and decrypting (using your build) the settings.dat file. This encryption key is named SALT, which is bypassed to the nordvpnd during build time. The reason it is done is that service credentials are kept there.
edt-xx
commented
1 year ago Removing the settings.dat does indeed fix nordvpnd. Thank You. The login process using nordvpn-git does not work though... (reverted to nordvpn-bin, restarted nordvpnd, did nordvpn login and it works). It would seem that using nordvpn-git the process that runs after the web login is not working correctly. No idea how to debug this though.
bartoszWojciechO
commented
1 year ago Hi @edt-xx, in regards to nordvpn-git, did you log out of the system after installing and running usermod -aG? Webpage login opens up a new terminal, if the old session is used then group memberships are not updated.
Normally, when executing any other command, you would see this error message:
Whoops! Permission denied accessing /run/nordvpn/nordvpnd.sock.
Run 'usermod -aG nordvpn $USER' to fix this issue and log out of OS afterwards for this to take an effect.But the new terminal opened during the login process shows up only for a split second, so it is easy to miss.
edt-xx
commented
1 year ago My user was already in the group. That was not the problem. Is there any way to get logs from that terminal session? (eg. can I change something in the source to pipe the output to a file to see what is happening? )
bartoszWojciechO
commented
1 year ago There is a .desktop file in /usr/share/applications, it adds a custom protocol handler so that browser login calls a nordvpn command. Normally it looks like this:
[Desktop Entry]
Version=1.0
Type=Application
Name=NordVPN
Comment=The best online VPN service for speed and security.
Icon=nordvpn
MimeType=x-scheme-handler/nordvpn
**Exec**=nordvpn click %u
Terminal=trueThe easiest way to see whats going on in the login terminal would be to add some kind of redirection there. Like this:
[Desktop Entry]
Version=1.0
Type=Application
Name=NordVPN
Comment=The best online VPN service for speed and security.
Icon=nordvpn
MimeType=x-scheme-handler/nordvpn
**Exec**=sh -c "nordvpn click %u > <path to output> 2>&1"
Terminal=trueUser might be added to a group in the system database, but the current session retains old group memberships. That's why re-login or reboot is necessary after adding user to the group.
edt-xx
commented
1 year ago No mater what is put in the nordvpn.desktop file, either by manually editing it or by using kde to edit application settings I am not getting any logs (which is a puzzle). However If I copy the 'Continue' link on the page after a good login and try manually running nordvpn click "<Continue link>" I get:
Cipher: message authentication failed.
trying a second time will give: Not Found: OAuth attempt not found.
Does this give a clue as to what is happening?
bartoszWojciechO
commented
1 year ago Can you attach nordvpn unit logs(journalctl -u nordvpnd) after such failed login attempt?
edt-xx
commented
1 year ago Here is the journalctl -b -u nordvpnd for the last couple of tries:
May 15 10:02:50 grover nordvpnd[1969]: 2023/05/15 10:02:50 [Debug] URL: https://api.nordvpn.com
May 15 10:03:22 grover nordvpnd[1969]: 2023/05/15 10:03:22 [Debug] URL: https://api.nordvpn.com
May 15 10:14:26 grover nordvpnd[1969]: 2023/05/15 10:14:26 oauth2 login url https://api.nordvpn.com/v1/users/oauth/login?challenge=2f61017bb9331a58e9de75a548cac3deddd8a731620736aaa5a22aeb1d3>
May 15 10:14:26 grover nordvpnd[1969]: 2023/05/15 10:14:26 [Debug] URL: https://api.nordvpn.com
May 15 10:16:00 grover nordvpnd[1969]: 2023/05/15 10:16:00 oauth2 login url https://api.nordvpn.com/v1/users/oauth/login?challenge=c1ee35dd792ddbfa528b8c0f24fcf9cd9574dc4d0aac0ef537499a657d0>
May 15 10:16:00 grover nordvpnd[1969]: 2023/05/15 10:16:00 [Debug] URL: https://api.nordvpn.com
May 15 10:18:18 grover nordvpnd[1969]: 2023/05/15 10:18:18 oauth2 login url https://api.nordvpn.com/v1/users/oauth/login?challenge=08f8cebd5d4a4727f7dbd0e20b2a1502ea739df61d10afe7c4d3bd6e7a0>
May 15 10:18:18 grover nordvpnd[1969]: 2023/05/15 10:18:18 [Debug] URL: https://api.nordvpn.com
May 15 10:18:59 grover nordvpnd[1969]: 2023/05/15 10:18:59 [Debug] URL: https://api.nordvpn.com
May 15 10:18:59 grover nordvpnd[1969]: 2023/05/15 10:18:59 [Debug] URL: https://api.nordvpn.comThat's not much. Generally, this still seems like some issue with .dat files. What exact steps did you take to get this error? Perhaps some config files from nordvpn-bin were not cleaned up when you installed nordvpn-git. Both files are encrypted with different SALT so now we get a cipher error. Logs from the daemon startup might contain some clues.
You could also try to delete /var/lib/nordvpn/data/install.dat alongside settings.dat.
edt-xx
commented
1 year ago That was it. It still is not starting the command line session correctly (probably something from play with the nordvpn desktop file), but copying the link from 'Continue' on the "Great - you're in" page and doing: nordvpn click "<coppied link>" completes the login. Thanks.
sdip15fa
commented
1 year ago Hi, have added to the install script to remove the two files. See https://aur.archlinux.org/cgit/aur.git/commit/?h=nordvpn-git&id=8400a800e136967760c96eb948f2af073728032b.
The readme, in the section below the installation link, says, in the supported distros, that
Archis supported. However, inspecting the install script and/or actually running it, there is no support forArch(via thePacmanpackage manager).Either add support (preferable) or change the readme.