Excellent how-to, madscientist. However ... no joy for me after Gutsy upgrade to Hardy 8.04.
I think my VPN host requires a cookie or something else from the browser as I couldn't get the authentication to work using your script. I'm reasonably confident my: HOST/USER/CERT/REALM parameters are correct as the applet loads (it doesn't if REALM is incorrect for example), but authentication fails, eg:
ncapp> Failed to connect/authenticate with IVE. Error 104
ncapp> Incorrect credentials. Please check the username/password/realm.
The following borrows from the past few posts.
Initially I had the same issue as fluffy (above), eg:
Code:
./ncsvc: symbol lookup error: ./ncsvc: undefined symbol: __builtin_new
The suggestion from powermac worked fine, eg:
Code:
sudo dpkg -i libstdc++2.10-glibc2.2_2.95.4-27_i386.deb
At this point I get:
Code:
~/.juniper_networks/network_connect/ncsvc --version
Juniper Network Connect Server for Linux.
Version : 1.2
Release Version : 5.3-0-Build10197
Build Date/time : Feb 15 2006 18:21:55
Copyright 2002-2006 Juniper Networks
The problem now is the incompatible shell scripts provided. I overcame this by modifying the originals and using chattr to prevent nc from overwriting with the originals (I think from an earlier post).
I created modified "source" copies in: ~/.juniper_networks/ and created a new shell script to update them, eg:
1) ~/.juniper_networks/src_installNC.sh
Code:
echo "Ubuntu compatible version of installNC.sh"
# Install the service
echo "executing $0 with params: $*"
#if(("$#"<"1"))
if [ "$#" -lt "1" ]
then
echo "Insufficiant number of parameters"
echo "$0 <install dir>"
exit;
fi
if [ -e "$1/ncsvc" ]
then
echo "Service already installed"
ok="done"
else
echo "Service needs to be installed for the first time."
ok="try"
fi
until [ "$ok" = "done" ]
do
echo "Please enter the root/su password"
su root -c "install -m 6711 -o root $1/../tmp/ncsvc $1/ncsvc"
if [ "$?" -eq "0" ]
then
cp $1/../tmp/version.txt $1/
ok="done"
rm -rf $1/../tmp
else
echo "Invalid su password and/or Unable to install ncsvc"
echo -n "Do you want to try again (enter y to try again):";
read choice;
if [ "$choice" != "y" ]
then
ok="done"
fi
fi
done
chmod 744 $1/ncdiag
2) ~/.juniper_networks/src_xlaunchNC.sh
Code:
#!/bin/sh
# launch to install the service
# 20051220 : Javeed : Added -n to modprobe for dry run. We dont want to insmod, just check if tun
# is available.
echo "Ubuntu compatible version of xlaunchNC.sh"
echo "executing $0 with params: $*"
#if(("$#"<"1"))
if [ "$#" -lt "1" ]
then
echo "Insufficient number of params"
echo "$0 <install dir> "
echo "$*";
exit
fi
#echo "$*";
#moved code from installNC.sh to here so that we call xterm only if needed.
flag=1
if [ -e "$1/ncsvc" ]
then
if [ -e "$1/version.txt" ]
then
old_version=`grep -i "Version" $1/version.txt | cut -f 2 -d " "`;
new_version=`grep -i "Version" $1/../tmp/version.txt | cut -f 2 -d " "`;
# echo "$old_version == $new_version"
if [ "$old_version" \< "$new_version" ]
then
echo "Need to install the new service"
else
flag=0;
echo "No difference found"
fi
fi
else
echo "Service needs to be installed for the first time"
fi
if [ "$flag" -eq "1" ]
then
echo "calling $1/installNC.sh" >> $0.log
chmod 744 $1/installNC.sh
`xterm -e $1/installNC.sh $1`
fi
#export LD_LIBRARY_PATH=/usr/X11R6/lib
# no need to check for ncui. Have to check for openssl package and tun driver.
#ldd $1/ncui | grep "not found" | tr -d "\t" | cut -d " " -f 1 | tee $1/missing_libs
# check if modprobe can locate the tun module.
#Adding dry run option we dont want to insmod, just check if tun is available
rm -rf $1/missing.rpt
/sbin/modprobe -n tun 1> $1/missing.info
if [ "$?" -ne "0" ]
then
echo "Modprobe for Tun driver failed." > $1/missing.rpt
# rpm -q tun 1> $1/missing.rpt
fi
#check if openssl is installed
rpm -q openssl 1>> $1/missing.info
if [ "$?" -ne "0" ]
then
echo "RPM query for openssl failed." >> $1/missing.rpt
fi
3) ~/bin/juniper_update:
Code:
#:!/bin/bash
ncpath="$HOME/.juniper_networks/network_connect"
src_installNCsh="${ncpath}/../src_installNC.sh"
src_xlaunchNCsh="${ncpath}/../src_xlaunchNC.sh"
if [ -d ${ncpath} ];
then
if [ -f ${src_installNCsh} ] && [ -f ${src_launchNCsh} ];
then
if [ -x "${ncpath}/ncsvc" ];
then
# display ncsvc version
${ncpath}/ncsvc --version
# enable access to scripts
sudo chattr -V -i ${ncpath}/installNC.sh
sudo chattr -V -i ${ncpath}/xlaunchNC.sh
if [ -w "${ncpath}/installNC.sh" ] && [ -w "${ncpath}/xlaunchNC.sh" ];
then
# overwrite with dummy version
cp -v ${src_xlaunchNCsh} ${ncpath}/installNC.sh
cp -v ${src_installNCsh} ${ncpath}/xlaunchNC.sh
# prevent dummy scripts being overwritten
sudo chattr -V +i ${ncpath}/installNC.sh ${ncpath}/xlaunchNC.sh
else
echo "unable to overwrite: ${ncpath}/installNC.sh, OR: ${ncpath}/xlaunchNC.sh"
echo "must run using: sudo $0"
fi
else
echo "Could not execute: ${ncpath}/ncsvc. Please ensure juniper network connect is \"installed\" first"
fi
else
echo "Could not find: ${src_installNCsh}, OR: ${src_xlaunchNCsh}"
fi
else
echo "ncpath is invalid: ${ncpath}"
fi
I tried to modify the originals just enough to make it work.
Now the network connect applet loads as it always used to with Gutsy (via Firefox 3 beta5 and using a similar approach).
Thanks again to all the above - it's quite a relief to have VPN access once again!
Bookmarks