Linux
This is the way I would handle this.
Yeah OP, look into this. It's easy once you get the hang of it, and you don't have to make your system vulnerable by making sudo password less.
You can make sudo password-less for a single command (including using specific arguments) though, so even if using sudo were the only solution, it wouldn't be that bad. For example, I have a sudoers entry that allows my user to decrypt my ZFS pool by executing a root-owned script (with permissions 700), but everything else requires a password.
Definitely the correct way to do this. And openvpn even ships some tools to make it simple to do.
I already linked to them in my other comment.
That looks pretty straightforward. I'll look into doing that. And if I can;t make it work I'll go with the cron job option suggested by @Andromeda above
Actually OP, for the easiest, safest option to your system I would say @Supermariofan67 hit the nail on the head. Use your network manager settings: https://forum.manjaro.org/t/automatically-connect-to-vpn-on-startup/46298
If it’s not already installed there’s an openvpn plugin: https://software.manjaro.org/package/networkmanager-openvpn
For this in particular, look into setting up NetworkManager to do the openvpn configuration, it has that functionality built in. Otherwise, systemd unit file
I don’t use open VPN so I don’t know for sure, but I think you’re right as the best way to go. Pretty sure I recall Network Manager having an option to set a vpn to be always on when a network connection is made and an option to save credentials.
Look into editing the sudoers file. Add a line that allows you to run openvpn with the NOPASSWD option.
I strongly recommend not using that for everything, just the specific commands you need to run non-interactively.
I didn't know that was an option! Sounds generally insecure but if the other options here don't work out this should solve it. Thanks!
It's only as insecure as you make it. It's an option, it needs to be used responsibly.
AFAIK you can allow it in the sudoers file to not need a password, if you keep the sudo.
idk how KDE autostarts, tho.
Read the documentation on the sudoers file. You can specify particular commands to not require a password.
If you're using NetworkManager, I'd recommend you to use it to create a VPN profile instead and connect to that on startup through the unprivileged nmcli.
@ReCursing you can set your user to be able to run openvpn as root (sudo) without password
https://www.youtube.com/watch?v=rNxitwVtRvo