For those who only have an installer script (*-webdeploy-k9.sh
) provided by your organization instead of tarball:
I've created a fork of PKGBUILD to support installation from installer script. Version 5.*.*
is supported.
Git Clone URL: | https://aur.archlinux.org/cisco-anyconnect.git (read-only, click to copy) |
---|---|
Package Base: | cisco-anyconnect |
Description: | Cisco AnyConnect Secure Mobility Client |
Upstream URL: | https://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/index.html |
Keywords: | anyconnect cisco vpn |
Licenses: | custom |
Submitter: | K900 |
Maintainer: | Posi |
Last Packager: | Posi |
Votes: | 18 |
Popularity: | 0.057705 |
First Submitted: | 2019-03-28 09:19 (UTC) |
Last Updated: | 2023-10-29 07:58 (UTC) |
« First ‹ Previous 1 2 3 4 5 6 7 .. 13 Next › Last »
For those who only have an installer script (*-webdeploy-k9.sh
) provided by your organization instead of tarball:
I've created a fork of PKGBUILD to support installation from installer script. Version 5.*.*
is supported.
Just had the issue regarding black screen for authentication using webkit2gtk
and the following errors
src/nv_gbm.c:288: GBM-DRV error (nv_gbm_create_device_native): nv_common_gbm_create_device failed (ret=-1)
src/nv_gbm.c:288: GBM-DRV error (nv_gbm_create_device_native): nv_common_gbm_create_device failed (ret=-1)
KMS: DRM_IOCTL_MODE_CREATE_DUMB failed: Permission denied
Failed to create GBM buffer of size 1000x600: Permission denied
KMS: DRM_IOCTL_MODE_CREATE_DUMB failed: Permission denied
Failed to create GBM buffer of size 1000x600: Permission denied
KMS: DRM_IOCTL_MODE_CREATE_DUMB failed: Permission denied
Failed to create GBM buffer of size 1000x600: Permission denied
Failed to create EGL images for DMABufs with file descriptors -1, -1 and -1
The solution/workaround is here: https://community.cisco.com/t5/vpn/anyconnect-4-10-05111-displays-blank-page-instead-of-sso-login/td-p/4648440
Specifically, before starting vpnui
run
export WEBKIT_DISABLE_DMABUF_RENDERER=1
Hi thanks for packaging anyconnect. I wanted to give you some feedback concerning the following statement in the PKGBUILD file:
# install custom policy to disable auto updates
# AnyConnect will attempt to update itself as root, and then run all over both itself and our packaging
# so prevent it from doing anything like that
#
# this may break some really quirky setups that require downloading files from the server,
# but there's no other way around it that I could find
Unfortunatly, these are NOT quirky setups. The problem is that the local anyconnect checks the checksum of the local and remote policy file, and if that disagrees it requires a re-download. With the current setup, this breaks for at least one big US university, but surely from searching the web, many other places, too.
I've done the migration to 5.1.1.42. Just need to put the binary in the same folder since I don't have a mirror.
For post-installation, I needed to manually start the daemon:
systemctl start vpnagentd.service
This installs nicely, but my company uses a modified version that invokes SSO/Microsoft Authenticator.
I have to download it from the company website. Then:
sudo bash anyconnect-linux64-4.10.07073-core-vpn-webdeploy-k9.sh.
As Cisco don't support this on Arch, I was hoping to install the package from the AUR to get the basics working, then install the company modified version. This script detects that anyconnect is already installed and exists.
I'm hoping to modify the script to remove these checks.
If I can't get this working, I'll have to use Ubuntu or Fedora and I don't want to do that.
I've got an updated client: cisco-secure-client-linux64-5.0.02075-core-vpn-webdeploy-k9.sh
I'd really like a package to install this, because this script looks like it's ... not so good.
Let me know how to hand it over to you.
Hello, how are you?
Note: Sorry for my English, I'm not very good and I had to use a translator
After a system update I had problems when trying to use the application.
Downgrading libxml is no longer viable, as some programs may stop working.
Another detail, this time you not only need the libxml 2.11.5-1
package, you must also use the glib2 2.78.0-3
and icu 73.2-2
packages. However, it is dangerous to Downgrade these packages on the system.
I read the link indicated by @FromSi and seeing the solution I decided to make some adaptations and tests and the way I did everything went well, now it's working.
One note, the topic states that you must modify the vpnagentd.service
file but it is not necessary, just modify the script located in /usr/bin
.
Here is the procedure done for cisco-annyconect 4:
1) Configuring the libraries, without "dirtying" the application:
mkdir -p ~/build/cisco-lib_other
cd ~/build/cisco-lib_other
wget -c https://archive.archlinux.org/packages/l/libxml2/libxml2-2.11.5-1-x86_64.pkg.tar.zst
wget -c https://archive.archlinux.org/packages/g/glib2/glib2-2.78.0-3-x86_64.pkg.tar.zst
wget -c https://archive.archlinux.org/packages/i/icu/icu-73.2-2-x86_64.pkg.tar.zst
tar --use-compress-program=unzstd -xvf libxml2-2.11.5-1-x86_64.pkg.tar.zst usr/lib
tar --use-compress-program=unzstd -xvf glib2-2.78.0-3-x86_64.pkg.tar.zst usr/lib
tar --use-compress-program=unzstd -xvf icu-73.2-2-x86_64.pkg.tar.zst usr/lib
sudo mkdir -p /opt/cisco/lib_other
sudo cp -av usr/lib/lib* /opt/cisco/lib_other
2) Configuring the cisco-anyconnect
script:
sudo cp -a /usr/bin/cisco-anyconnect /usr/bin/cisco-anyconnect_or
sudo sed -i "/export/s/lib/lib:\/opt\/cisco\/lib_other/" /usr/bin/cisco-anyconnect
The script will look like this:
#!/usr/bin/bash
export LD_LIBRARY_PATH=/opt/cisco/anyconnect/lib:/opt/cisco/lib_other:$LD_LIBRARY_PATH
cd /opt/cisco/anyconnect/bin
./vpnui
In order to test, I also forked the @ariel.miculas repository and updated it to version 5.1.1.42-1.
This version, you must configure the cisco-secureclient
script. The procedure goes like this:
sudo cp -a /usr/bin/cisco-secureclient /usr/bin/cisco-secureclient_or
sudo sed -i "/export/s/lib/lib:\/opt\/cisco\/lib_other/" /usr/bin/cisco-secureclient
One observation that occurred in my tests with cisco anyconnect, when trying to connect, I got the following error:
cisco anyconnect you are missing the required libraries
The solution is to install the webkit2gtk package. It should be configured in depends instead of optdepends:
sudo pacman -S webkit2gtk
Now one last detail, my Profiles work normally in Cisco Anyconnect 4, but I was unable to make them appear in the list of connections in Cisco Secureclient 5.
If anyone has any solution, I would be grateful
EDIT:
Looking on a search site, I found a link with the solution to the list of connections for Cisco Secureclient 5 that I had mentioned.
In this version, you MUST create a directory named "profile" in ../vpn and add your "profile.xml" inside this directory.
You can also use the existing profile directory as a link. I tested both ways and both worked.
sudo mkdir -p /opt/cisco/secureclient/vpn/profile
sudo cp -av ~/myprofile.xml /opt/cisco/secureclient/vpn/profile
Diff for migrate to 5 versions:
7c7
< pkgver=4.10.07061
---
> pkgver=5.1.1.42
37c38
< cd "${srcdir}/anyconnect-linux64-${pkgver}/vpn"
---
> cd "${srcdir}/cisco-secure-client-linux64-${pkgver}/vpn"
41c42
< install -Dm755 ${binary} "${pkgdir}/opt/cisco/anyconnect/bin/${binary}"
---
> install -Dm755 ${binary} "${pkgdir}/opt/cisco/secureclient/bin/${binary}"
45,48c46,50
< for lib in "libvpnagentutilities.so" "libvpncommon.so" "libvpncommoncrypt.so" \
< "libvpnapi.so" "libacruntime.so" "libacciscossl.so" "libacciscocrypto.so" \
< "cfom.so" "libboost_date_time.so" "libboost_filesystem.so" "libboost_regex.so" "libboost_system.so" \
< "libboost_thread.so" "libboost_signals.so" "libboost_chrono.so" \
---
> for lib in "cfom.so"\
> "libacciscocrypto.so" "libacciscossl.so" "libacruntime.so"\
> "libboost_atomic.so" "libboost_chrono.so" "libboost_date_time.so" "libboost_filesystem.so"\
> "libboost_regex.so" "libboost_system.so" "libboost_thread.so" "libvpnagentutilities.so"\
> "libvpnapi.so" "libvpncommoncrypt.so" "libvpncommon.so"\
50c52
< install -Dm755 ${lib} "${pkgdir}/opt/cisco/anyconnect/lib/${lib}"
---
> install -Dm755 ${lib} "${pkgdir}/opt/cisco/secureclient/lib/${lib}"
52c54
< # rm -rf ${pkgdir}/opt/cisco/anyconnect/lib/libboost*
---
> # rm -rf ${pkgdir}/opt/cisco/secureclient/lib/libboost*
56c58
< ln -s /opt/cisco/anyconnect/lib/libaccurl.so.4.8.0 "${pkgdir}/opt/cisco/anyconnect/lib/libaccurl.so.4"
---
> ln -s /opt/cisco/secureclient/lib/libaccurl.so.4.8.0 "${pkgdir}/opt/cisco/secureclient/lib/libaccurl.so.4"
61,62c63,64
< for plugin in "libacwebhelper.so" "libvpnipsec.so"; do
< install -Dm755 ${plugin} "${pkgdir}/opt/cisco/anyconnect/bin/plugins/${plugin}"
---
> for plugin in "libvpnipsec.so" "libacdownloader.so" "libacwebhelper.so"; do
> install -Dm755 ${plugin} "${pkgdir}/opt/cisco/secureclient/bin/plugins/${plugin}"
65c67
< cp -R resources "${pkgdir}/opt/cisco/anyconnect/resources"
---
> cp -R resources "${pkgdir}/opt/cisco/secureclient/resources"
68c70
< install -Dm444 AnyConnectProfile.xsd "${pkgdir}/opt/cisco/anyconnect/profile/AnyConnectProfile.xsd"
---
> install -Dm444 AnyConnectProfile.xsd "${pkgdir}/opt/cisco/secureclient/vpn/profile/AnyConnectProfile.xsd"
71c73
< install -Dm444 ${file} "${pkgdir}/opt/cisco/anyconnect/${file}"
---
> install -Dm444 ${file} "${pkgdir}/opt/cisco/secureclient/${file}"
75,76c77,78
< install -Dm644 resources/vpnui48.png "${pkgdir}/usr/share/icons/hicolor/48x48/apps/cisco-anyconnect.png"
< install -Dm644 resources/vpnui128.png "${pkgdir}/usr/share/icons/hicolor/128x128/apps/cisco-anyconnect.png"
---
> install -Dm644 resources/vpnui48.png "${pkgdir}/usr/share/icons/hicolor/48x48/apps/cisco-secure-client.png"
> install -Dm644 resources/vpnui128.png "${pkgdir}/usr/share/icons/hicolor/128x128/apps/cisco-secure-client.png"
78,79c80,81
< sed -i "s|^Exec=.*|Exec=${pkgname}|g" com.cisco.anyconnect.gui.desktop
< install -Dm644 com.cisco.anyconnect.gui.desktop "${pkgdir}/usr/share/applications/cisco-anyconnect.desktop"
---
> sed -i "s|^Exec=.*|Exec=${pkgname}|g" com.cisco.secureclient.gui.desktop
> install -Dm644 com.cisco.secureclient.gui.desktop "${pkgdir}/usr/share/applications/cisco-anyconnect.desktop"
87c89
< install -Dm644 "vpnagentd.service" "${pkgdir}/usr/lib/systemd/system/vpnagentd.service"
---
> install -Dm644 "${srcdir}/vpnagentd.service" "${pkgdir}/usr/lib/systemd/system/vpnagentd.service"
106c108
< install -Dm644 "${srcdir}/AnyConnectLocalPolicy.xml" "${pkgdir}/opt/cisco/anyconnect/AnyConnectLocalPolicy.xml"
---
> install -Dm644 "${srcdir}/AnyConnectLocalPolicy.xml" "${pkgdir}/opt/cisco/secureclient/AnyConnectLocalPolicy.xml"
and in cisco-anyconnect.sh need cahge LD_LIBRARY_PATh to new directory: /opt/cisco/secureclient/lib
If you don't know how to install libxml2-2.11.5-1: https://bbs.archlinux.org/viewtopic.php?pid=2141236#p2141236
Pinned Comments
labaman commented on 2023-02-28 17:14 (UTC)
Unfortunately, I don't have access to a version newer than 4.10.06079 yet. If there is someone who can help with the update package - please let me know - I'll add to the co-maintainers.
K900 commented on 2019-04-03 13:02 (UTC)
As the comment in the PKGBUILD says (you've read it, right? ;) ), Cisco does not provide public downloads for this, so you have to obtain the installer yourself either through your own Cisco account or through your company's.