this post was submitted on 20 Mar 2024
62 points (98.4% liked)

Linux

48352 readers
1939 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

One of the things I struggled with initailly when using immutables was installing programs like VPNS that need to interact with the immutable parts of the distro but don't have a flatpak option. I figured I'd just make a post to help anyone with this specific issue regarding mullvad or if it helps people install other software they need.

Adding the repo

Jump into a location to download the repo file

cd Downloads/

Download the repo

wget https://repository.mullvad.net/rpm/stable/mullvad.repo

copy the repo file to the yum.repos.d folder

sudo cp mullvad.repo /etc/yum.repos.d

Install mullvad vpn

rpm-ostree install mullvad-vpn

Reboot to reimage

systemctl reboot

Join the client to the service

sudo systemctl enable --now mullvad-daemon

Install libappindicator that at the time wasn't included in Kinoite

sudo rpm-ostree install libappindicator-gtk3

Reboot to reimage

systemctl reboot

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 8 months ago (1 children)

Doesnt work. Networkmanager has no native concept of a "airtight VPN mode".

The mullvad daemon does stuff like

  • control DNS
  • block internet when not connected
  • prevent early boot connections

Those require it to be privileged. For sure it would be nice to have all these features integrated into networkmanager, and vpn apps just placing their wireguard configs and DNS settings in there.

But for now the Mullvad App is way better than what we have. You can also keep a very insecure DNS conf (no DNSSEC, no DOT, no custom servers) as a fallback for public wifi bs, and when the Mullvad app is running the system uses a secure DNS.

[–] [email protected] 2 points 8 months ago (2 children)

Very good points. But can't you provide those permissions to the flatpak via flatseal or something?

[–] [email protected] 2 points 8 months ago

Only if there was a portal, I would suppose. But idk to be honest. Flatpaks can write to /etc if they want.