Search code examples
iosjailbreakopenvpnlaunchd

Auto Start OpenVPN in shell on a Jail Broken iOS device

I have an iPad Air 2 that is Jail-broken.

I currently have OpenVPN installed with a shell version of openvpn:

OpenVPN 2.3-alpha1 i686-apple-darwin10 [SSL (OpenSSL)] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on May 28 2012

I am trying to set OpenVPN's command line executable as a Launch Daemon so this it autoconnects to my OpenVPN server after a reboot. This needs to be super automated so that I can have the ipad mounted in a place where I am not near physically.

I have created the following plist file at /Library/LaunchDaemons

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd";>
<plist version="1.0">
<dict>
<key>Label</key>
<string>org.openvpn</string>
<key>OnDemand</key>
<false/>
<key>Program</key>
<string>/usr/local/sbin/openvpn</string>
<key>ProgramArguments</key>
<array>
<string>openvpn</string>
<string>—-cd</string>
<string>/var/mobile/Documents/Configurations/bigfoot.ovpn</string>
<string>--config</string>
<string>bigfoot.ovpn</string>
<string>--auto-proxy</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>TimeOut</key>
<integer>90</integer>
<key>WorkingDirectory</key>
<string>/etc/openvpn</string>
</dict>
</plist>

Upon reboot the process does not seem to start and I dont see anything in the "dmesg" any direction to help me out would be great.

I would use the OpenVPN GUI app but it requires me to toggle the connection manually.

If someone has another idea how I can achieve this I am open to suggestions.

Thanks

Solution

  • You're going in the right direction. launchd daemons is the way to go.

    Several things does not look right in your plist:

    1. OnDemand is deprecated, you need to use KeepAlive instead. In your case just set it to true
    2. Usually you don't mix Program and ProgramArguments. They basically do the same thing, only latter can do more. You better off with ProgramArguments only

    3. The actual ProgramArguments look wrong. Remember, those are program arguments that will be passed to your openvpn process. They should look something like this

      <key>ProgramArguments</key>
<array>
<string>/usr/local/sbin/openvpn</string>
<string>--config</string>
<string>/var/mobile/Documents/Configurations/bigfoot.ovpn</string>
<string>--auto-proxy</string>
</array>

      And no Program needed

    Now, when you want to debug launchd daemon you don't need to reboot every time you need to test it. You can use this:

    launchctl load /Library/LaunchDaemons/org.openvpn.plist

    It will load your daemon into launchd and launch it. If something goes wrong he will tell you. When you need to reload your plist (made some changes) you do:

    launchctl unload /Library/LaunchDaemons/org.openvpn.plist

    to stop the daemon and unload it from launchd and then

    launchctl load /Library/LaunchDaemons/org.openvpn.plist