Arch Linux User Repository

"Please, do not flag this package as out-of-date until there's the official release on Github page."

"Maybe the announcement is delayed, but wait for some other possible forward release, which is patching the previous one before the actual publishing."

Note from 3.17.4v:

The previous bug exposing DNS servers is fixed.

Note from 3.17.3v:

Caution! This version needs heed while using it and should be avoided. I strongly advice downgrading to 3.17.2 and wait for a new version or patching. Some big problems are:

• There's DNS leak present. Your original ISP servers can be exposed, as reported already on #343 issue.

• Unable to connect on nordvpn servers. Your journal might show the follow output: networker setting dns: setting dns with resolvectl: setting dns with resolvectl: Failed to set DNS configuration: Could not activate remote peer: activation request failed: unknown unit.: exit status 1

  After restarting resolve with systemctl restart systemd-resolved.service you may get it working again, enough for connecting normally, as reported, but not exclusively an ARM platform issue, on #342.

Also huge thanks for the community warnings in prior comments before I could've noticed all.

Note from 3.16.2v:

As the published note from the version above has mentioned on Github's page:

• Logging in with a username and password is no longer available in the terminal.

Please, consider using a token to logging in from now on.

Note from 3.16.0v:

The 'countries.dat' may differ between versions. Be aware to remove the file before upgrading the package.

If you're seeing the message "Daemon is unreachable, is systemd running?", then one of two things is probably happening.

The nordvpn daemon might not be started
Start it using:
sudo systemctl enable --now nordvpnd

You might not have been added to the nordvpn group
Add yourself:
sudo gpasswd -a USERNAME nordvpn
And then restart in order for the group to be created:
reboot

@a3dman - thankyou! Had to disable 2fa, but I can live with that for now

@PC2022 I use 'nordvpn login --legacy' to avoid the hassle.

Nordvpn Arch wiki says that since April 2022, nordvpn login now steers you to a web login.

It seems I have to log in via browser, then copy and paste the resulting nordvpn:// url into "nordvpn login --callback <url>"

I'm wondering how people are using this CLI? Is there something I'm missing, or is this as good as it gets?

Hi @esauvisky

I already check the wiki (even before my first submission), and there's nothing explaining about not being allowed to warning users to remove some file that conflicts with other versions before installing. Can you please explain why it's against AUR guidelines?

The reason I didn't place a removal for the package pre_install is because super user permissions are needed to make this since is on root territory. Despite pacman itself, I don't think would be wise to place a removal without a fully user consentment, even with me and all users being aware the file will be generated again and is a binary, it's still on file system directory and require sudo to workout.

If you guys think there's something wrong with this approach and there's a simple workaround, I'll be glad to checkout the feedbacks in my free time and update the package again.

Edit: Thanks for your support. I'm just trying to figure out these things with you. If it's fine the removal with sudo permissions on pacman and not a issue at all, should the file be renamed as old or be removed? What's the best way to deal with without been invasive as a AUR package?

The current approach in which the user needs to delete the countries.dat file goes against the AUR submission guidelines. Also, it makes no sense from NordVPN installer to do that, but we can't have everything, I guess.

I had not read the warning the first time I installed this AUR package (reading is hard), and was afraid of deleting it willy nilly, so I dug down the rabbit hole to figure out what the file was for (including disassembly, yeah) and it's responsible for keeping the updated list of countries endpoints, but in a binary form (because why using JSON when you can do a binary custom format, right). The nordvpn binary updates it automatically during runtime, therefore they can ensure the list of servers is always up to date regardless of if users' packages also are.

Given this, I highly suggest the current maintainer to simply delete this file in the pre_upgrade() section of the PKGBUILD. If you want to be safe, move it to a .pacnew, although this requires research if it's OK to do it so, because as this is a binary file it will break any sort of .pac* mergers, for example.

@raver: thanks for the info!

@Ravenbells Thanks for taking ownership of the package.

The 'countries.dat' may differ between versions. Be aware to remove the file before upgrading the package.

I don't understand this; this is a binary file, not user-editable. Overwriting files (not owned by other packages, which this isn't, nor user-editable, which this isn't) with new versions is the essence of upgrading a package. Surely there is a way to do that without requiring --overwrite from the user.

1° What is causing countries.dat to be a problem when the other files installed in /var/lib/nordvpn are not? What's so special about that file in particular? Have you any idea?

2° If necessary, I feel the pre_upgrade script could/should remove/rename the file automatically rather than just display a helpful message. Given that the file is not user-editable, there is no reason the user might be attached to the old version of the file, is there?

@Gamall Second script works perfectly, thank you.

"Please, do not flag this package as out-of-date until there's the official release on Github page."

"Maybe the announcement is delayed, but wait for some other possible forward release, which is patching the previous one before the actual publishing."

Note from 3.17.4v:

The previous bug exposing DNS servers is fixed.

Note from 3.17.3v:

Caution! This version needs heed while using it and should be avoided. I strongly advice downgrading to 3.17.2 and wait for a new version or patching. Some big problems are:

• There's DNS leak present. Your original ISP servers can be exposed, as reported already on #343 issue.

• Unable to connect on nordvpn servers. Your journal might show the follow output: networker setting dns: setting dns with resolvectl: setting dns with resolvectl: Failed to set DNS configuration: Could not activate remote peer: activation request failed: unknown unit.: exit status 1

  After restarting resolve with systemctl restart systemd-resolved.service you may get it working again, enough for connecting normally, as reported, but not exclusively an ARM platform issue, on #342.

Also huge thanks for the community warnings in prior comments before I could've noticed all.

Note from 3.16.2v:

As the published note from the version above has mentioned on Github's page:

• Logging in with a username and password is no longer available in the terminal.

Please, consider using a token to logging in from now on.

Note from 3.16.0v:

The 'countries.dat' may differ between versions. Be aware to remove the file before upgrading the package.

@radio_rogal @raver

yay -S --overwrite /var/lib/nordvpn/* nordvpn-bin

(the comment's display unfortunately eats the antislash escaping the *)

will let the install take care of that. Tested a few minutes ago.

If ForeverZer0 is correct that only one file is a problem, the more conservative

yay -S --overwrite /var/lib/nordvpn/data/countries.dat nordvpn-bin

should also do the trick.

@radio_rogal @raver Just delete the countries.dat file and retry the install, it gets re-created, I had the same issue. I didn't bother investigating the cause, but it was a simple thing to test by renaming the file and ended up being an easy fix.