NM asking for secrets even with openconnect --authenticate data
If I do an openconnect --authenticate
and then give the $HOST
, $COOKIE
, and $FINGERPRINT
to nmcli c u <connection>
with:
tmpfile=$(mktemp -p /tmp/)
chmod 600 "$tmpfile"
echo "vpn.secrets.cookie:$COOKIE
vpn.secrets.gwcert:$FINGERPRINT
vpn.secrets.gateway:$HOST" > "$tmpfile"
$ nmcli con up "$CONNECTION_ID" passwd-file $tmpfile
This works fine at a terminal, logged into my desktop. However, if I do the exact same thing in a dispatcher script wrapped in an su - $USER
(same user as my desktop of course), I get an error:
Error: Connection activation failed: No valid secrets
But why are secrets even involved here? All of the secrets needed have been provided in the passwd-file
, have they not?