Search Criteria
Package Details: cloudflare-warp-bin 2024.11.309-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/cloudflare-warp-bin.git (read-only, click to copy) |
|---|---|
| Package Base: | cloudflare-warp-bin |
| Description: | Cloudflare Warp Client |
| Upstream URL: | https://1.1.1.1 |
| Licenses: | unknown |
| Conflicts: | cloudflare-warp |
| Provides: | warp-cli, warp-diag, warp-svc |
| Submitter: | solatis |
| Maintainer: | solatis (mhdi, billyaddlers, vk8a8, Neomax7) |
| Last Packager: | mhdi |
| Votes: | 56 |
| Popularity: | 1.99 |
| First Submitted: | 2021-05-26 08:59 (UTC) |
| Last Updated: | 2024-11-19 08:44 (UTC) |
Dependencies (11)
- cairo (cairo-gitAUR)
- dbus (dbus-gitAUR, dbus-selinuxAUR)
- gcc-libs (gcc-libs-gitAUR, gccrs-libs-gitAUR, gcc11-libsAUR, gcc-libs-snapshotAUR)
- gdk-pixbuf2 (gdk-pixbuf2-gitAUR)
- glib2 (glib2-gitAUR, glib2-selinuxAUR, glib2-patched-thumbnailerAUR)
- glibc (glibc-gitAUR, glibc-linux4AUR, glibc-eacAUR, glibc-eac-binAUR, glibc-eac-rocoAUR)
- gtk3 (gtk3-no_deadkeys_underlineAUR, gtk3-classicAUR, gtk3-classic-xfceAUR, gtk3-patched-filechooser-icon-viewAUR)
- hicolor-icon-theme (hicolor-icon-theme-gitAUR)
- nspr (nspr-hgAUR)
- nss (nss-hgAUR)
- pango (pango-gitAUR)
Latest Comments
« First ‹ Previous 1 .. 8 9 10 11 12 13 14 15 16 17 18 Next › Last »
solatis commented on 2022-01-24 19:39 (UTC) (edited on 2022-01-24 19:40 (UTC) by solatis)
Hi @Nu4425, thanks a lot for your feedback!
Regarding your questions:
The package source -- no particular reason, except that I simply used Ubuntu focal to source the .debs. As you may see in the comment history below, there were some issues with package signatures when it was done a bit more clever, which these specific URLs done have. I think that's related to the issue that you mention. As such, what I'm doing right now is simply copy the MD5 and url from Ubuntu Focal, and keep it simple.
The systemd service -- the actual systemd service file comes from Cloudflare themselves, and I haven't done any modification to it. I believe this is in line with Arch's overall strategy to package maintenance.
As for your specific proposal, I think warp-svc needs to be able to do some pretty "root user" level stuff: among other things, creating new network devices for the wireguard tunnel. There's probably a way to harden this in order ways, though.
I would be interested in hearing the thoughts of other users of this package, as my assumptions may be wrong. Would be happy to make changes if this were the case.
Nu4425 commented on 2022-01-24 19:25 (UTC) (edited on 2022-01-24 19:31 (UTC) by Nu4425)
@solatis @glitsj16 @sl1pkn07, after looking into it I found that it may be possible to harden warp-svc through systemd
See https://wiki.archlinux.org/title/Systemd#Sandboxing_application_environments for more information and
man systemd.execfor the flags that can be appliedBasically, to force the service to run as a non-root user: 1)
sudo systemctl edit warp-svc.service2) addwhere
USERNAMEis your userNu4425 commented on 2022-01-24 00:59 (UTC) (edited on 2022-01-24 01:00 (UTC) by Nu4425)
@solatis is there any specific reason why you chose to reference
https://pkg.cloudflareclient.com/pool/dists/focal/main/cloudflare_warp_2021_12_0_1_amd64_2dae41e61d_amd64.debthanhttps://pkg.cloudflareclient.com/uploads/cloudflare_warp_2021_12_0_1_amd64_2dae41e61d.deb?The source for the latter is more tracable which makes it more transparent. Also, for some reason, the resulting digests are different despite both being for the same distribution release (focal).
sl1pkn07 commented on 2021-12-22 16:23 (UTC) (edited on 2021-12-22 16:50 (UTC) by sl1pkn07)
@solatis same with sudo
i have summited a tiket with
about w/o sudo. delete, register, settings and others options works with my user, so i think is not problem with the client or service iself
glitsj16 commented on 2021-12-19 11:17 (UTC)
@solatis Indeed, this is not a regular user application and will need to be handled as such. Pretty much standard stuff for system daemons. AFAIK only upstream could change this, so I don't think you can do much more than adding another note to stress this in the
cloudflare-warp-bin.installfile.solatis commented on 2021-12-19 10:52 (UTC)
Right, that makes sense; it’s also unlikely to be able add all the network interfaces, etc without root permissions.
Is there anything I can add to the package to improve this?
glitsj16 commented on 2021-12-19 01:46 (UTC)
@solatis The second option you mention isn't going to work. systemd uses a strict seperation between system and user services (reflected in the filesystem). /usr/lib/systemd/system/warp-svc.service isn't accessible via
systemctl --user start warp-svc. IMO all the warp binaries are designed to be run as root with sudo...solatis commented on 2021-12-18 20:41 (UTC)
@sl1pkno07 I think what's going on is that warp-cli tries to access files in /var/lib/cloudflare-warp/ , which are owned by root.
Two options:
Run
warp-clias root.Launch the systemd service using your normal user account, i.e.
systemctl start --user warp-svc. I haven't tested this, but should work.solatis commented on 2021-12-18 20:37 (UTC)
Could you check the permissions of your systemd service?
There's a chance that something changed upstream in the systemd unit that caused a regression.
amin616 commented on 2021-12-17 19:26 (UTC)
Hello guys. I'm totally new to manjaro and linux and need help here. so I build the package and go to terminal and perform warp-cli register but the system keep telling me Unable to connect to CloudflareWARP daemon. Maybe the daemon is not running, or is connected to another process? what should I do? since I live in Iran I really need the warp for accessing free internet. any help would be highly appreciated
« First ‹ Previous 1 .. 8 9 10 11 12 13 14 15 16 17 18 Next › Last »