systemd
我正在尝试通过使用一个单元调用expect
向 VPN 客户端提供登录凭据的脚本来自动执行从 Linux 计算机连接到 VPN (SonicWall NetExtender) 的过程。以下是文件:
netextender.service
[Unit]
Description=SonicWall NetExtender VPN
PartOf=systemd-networkd.service systemd-resolved.service
[Service]
Type=simple
EnvironmentFile=/etc/.netExtender
## environment file spec:
# DOMAIN=
# HOSTNAME=
# PASSWORD=
# TOTP_SEED=
# USERNAME=
ExecStartPre=/bin/sh -c '/usr/bin/pkill -9 netExtender || true'
ExecStart=/usr/local/bin/netextender.expect
[Install]
WantedBy=network-online.target
netextender.expect
#!/usr/bin/expect -f
exp_internal 0
set timeout -1
set TOTP_CODE [exec totpgen $env(TOTP_SEED)]
spawn netExtender --dns-only-local --ppp-async --vpntype=wireguard "$env(HOSTNAME)"
expect {
"*\nUser: " {
send -- "$env(USERNAME)\n"
exp_continue
} "*\nPassword: " {
send -- "$env(PASSWORD)\n"
exp_continue
} "*\nDomain: " {
send -- "$env(DOMAIN)\n"
exp_continue
} "*\nDo you want to proceed? (Y:Yes, N:No, V:View Certificate)" {
send -- "y\n"
exp_continue
} "*\nOne Time Password: " {
send -- "$TOTP_CODE\n"
}
}
interact
expect
从交互式 shell 调用时,该脚本成功启动 VPN 客户端,但从 调用时失败,并出现以下错误systemd
:
sh: -c: line 1: syntax error near unexpected token `('
sh: -c: line 1: `mkdir -p (null)/.netExtenderCerts/PUB_CERT'
spawn_id: spawn id exp3 not open
while executing
interact"
file "/usr/local/bin/netextender.expect" line 24)
netextender.service: Main process exited, code=exited, status=1/FAILURE
这让我很困惑,因为我根本不明白为什么sh
会涉及其中,更不用说为什么它直接对我有用而不是通过systemd
.根据file
,netExtender
是一个常规的二进制可执行文件:
/usr/bin/netExtender: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=5c2daed3c6e1e9f7b7e8ec62f466e6967618c68f, stripped
expect
对于新手如何让它发挥作用,您有什么建议吗?