Using proprietary software distributed as .rpm

I need to use a proprietary software (NetExtender) and couldn’t find a package on nix repos.
SonicWall provides an .rpm of this software, what are my options in this situation?

I found some tutorials on how to build a package from a .deb, is there a way to convert a .rpm to .deb whitin nixOS?

The other way you can possibly solve your problem is using an open source VPN client - we have most of them in nixpkgs. For $dayjob I need to connect to a multitude of VPN products and while not sonicwall, so I don’t know the status of that, I use openvpn to connnect to sophos, openfortigate for fortigate and anyconnect for cisco vpn. All of which work swimmingly.

I’ve got some Nix expressions for the NetExtender client. I had to use some ugly hacks to get it working, including patching nixpkgs chrootenv.c. I never managed to get it to set routes properly, so I do that manually.

Here it is: dotfiles/nixos/netextender at master · spencerjanssen/dotfiles · GitHub

You’ll want to build default.nix then run the executable in result as root, that will put you in a shell with netExtender in the path. Happy to discuss any issues you might experience or improvements you find.

Hey @spencerjanssen!

I got your netextender nix expression, and tried to build using:

cd .../netextender

Got the following error: attribute 'suffixSalt' missing, at /nix/store/5ljj43d6v4j9snz5r6ahmm0hncnvni99-patched-nixpkgs/env.nix:61:41

do you know how to fix this?

I think you’re seeing a mismatch between the nixpkgs in your path versus the nixpkgs version pinned in patched-nixpkgs.nix. I use nixos-unstable and the version I pinned is also nixos-unstable. You’ll want to update the rev and sha256 in patched-nixpkgs.nix to match whatever channel you’re using. The latest stable, for example:

nix-shell -p nix-prefetch-git --command "nix-prefetch-git --rev refs/heads/nixos-20.03"

Thank you for the quick response!

I was able to build, I run the executable in the result as root, and tried to login on the vpn, but I get this message: open lock file failed.

On my other computer, this happens when I try to use netExtender with sudo, I did setup the pppd so that my user can call it without sudo. It must be something unrelated to your nix-expression/setup, but maybe you can shed some light in to this for me!

Unfortunately I have not seen that particular message. This was all very much trial-and-error setting up. I had to use strace a lot to figure out which files netExtender was trying to read from – if you’re game to try that you might make some progress.

Do you have any PPP configuration on your NixOS computer? Unsure whether it matters, but on my NixOS system I do not have an /etc/ppp directory and I do not have services.pppd.enable turned on. I rely on the FHS env to populate /etc/ppp and let netExtender do the rest.