Hi!
I need to use a proprietary software (NetExtender) and couldn’t find a package on nix repos.
SonicWall provides an .rpm of this software, what are my options in this situation?
I found some tutorials on how to build a package from a .deb, is there a way to convert a .rpm to .deb whitin nixOS?
The other way you can possibly solve your problem is using an open source VPN client - we have most of them in nixpkgs. For $dayjob I need to connect to a multitude of VPN products and while not sonicwall, so I don’t know the status of that, I use openvpn to connnect to sophos, openfortigate for fortigate and anyconnect for cisco vpn. All of which work swimmingly.
I’ve got some Nix expressions for the NetExtender client. I had to use some ugly hacks to get it working, including patching nixpkgs chrootenv.c. I never managed to get it to set routes properly, so I do that manually.
Here it is: https://github.com/spencerjanssen/dotfiles/tree/master/nixos/netextender
You’ll want to build default.nix then run the executable in result as root, that will put you in a shell with netExtender in the path. Happy to discuss any issues you might experience or improvements you find.
Hey @spencerjanssen!
I got your netextender nix expression, and tried to build using:
cd .../netextender
nix-build
Got the following error: attribute 'suffixSalt' missing, at /nix/store/5ljj43d6v4j9snz5r6ahmm0hncnvni99-patched-nixpkgs/env.nix:61:41
do you know how to fix this?
I think you’re seeing a mismatch between the nixpkgs in your path versus the nixpkgs version pinned in patched-nixpkgs.nix. I use nixos-unstable and the version I pinned is also nixos-unstable. You’ll want to update the rev and sha256 in patched-nixpkgs.nix to match whatever channel you’re using. The latest stable, for example:
nix-shell -p nix-prefetch-git --command "nix-prefetch-git --rev refs/heads/nixos-20.03 https://github.com/NixOS/nixpkgs-channels"
Thank you for the quick response!
I was able to build, I run the executable in the result as root, and tried to login on the vpn, but I get this message: open lock file failed.
On my other computer, this happens when I try to use netExtender with sudo, I did setup the pppd so that my user can call it without sudo. It must be something unrelated to your nix-expression/setup, but maybe you can shed some light in to this for me!
Unfortunately I have not seen that particular message. This was all very much trial-and-error setting up. I had to use strace a lot to figure out which files netExtender was trying to read from – if you’re game to try that you might make some progress.
Do you have any PPP configuration on your NixOS computer? Unsure whether it matters, but on my NixOS system I do not have an /etc/ppp directory and I do not have services.pppd.enable turned on. I rely on the FHS env to populate /etc/ppp and let netExtender do the rest.