chrootvpn

. getDistro(): cleaner and faster, status improved
. missing TAB in help
. add modprobe tun outside the chroot
. adding sudo permissions logic fixed
. Changes for compatibility with Bookworm chroot, for using it in 2023
. deal with old CShell launcher bug, lost socket file
. PATH fixed
. Devuan support, no metapackage firefox
. PCLinuxOS LD_PRELOAD bug
. debootstrap pool name changed
. code for empty SUDO_USER
. message Firefox policy not installed
. Alpine, NuTyx, EulixOS support added
. more distributions tested (see README)

• cleaned redundant code handling debootstrap
• prints full path of newly installed and present Firefox policies
• English messages corrected, README and comments
• do not download cshell/snx install.sh CheckPoint scripts into the current work directory
• new -l option, installs snx_install.sh or cshell_install.sh files present in the directory where vph.sh is invoked
• adds binutils and wget to list of installed packages, debootstrap needs ar and wget
• adds firefox to list of needed packages
• bug corrected, find use when installing FireFox policies, added maxdepth 0, was installing policy into child directories
• new sudoers option, "vpn.sh sudoers" adds line to /etc/sudoers allowing user to run the script using sudo without a password
• adds support for PisiLinux and Intel Clear Linux

. Ubuntu 22.10 breaks resolvconf, now also tests for systemd-resolved /run file for Debian family
. debootstrap files used from Debian pool were deleted, changed for new Debian names
. debootstrap tar.gz URL corrected
. debootstrap script+files now installed from tar.gz source when dpkg in the host distribution is not available
. adds make to needed packages, except SUSE
. does away with jq to improve compatibility
. which replaced by command -v for better compatibility
. xorg-xauth package added to Arch setup
. Arch distribution also uses systemd-networkd, in addition to Network Manager
. adds KaOS and Loc-OS Linux support and Kwort Linux preliminary support
. forces Arch/KaOS Firefox policy location
. adds new policy command line option for using when chroot is installed before Firefox, vpn.sh policy
. SPLIT routing directives better handled, + and - commands. See README
. alternative configuration file, option -f/--file for having several configured VPNs
. added chroot location to configuration file, $CHROOT
. code linted
. more distributions and versions tested. See README

Fix selfupdate not upgrading if chroot never successfuly installed
Fix selfupdate when installed via deb/rpm package
Fix bugs running in Slackware after replacing wget with curl
Fix bug running in Fedora Rawhide 37, gnutls bug reported by myself to RedHat team
debootstrap ignores Debian keyring for fixing issues where host keyring is very old
User messages improved
Support added for Deepin 23 and Miracle Linux
Implements rmchroot command to delete chroot only (and unlike uninstall, keep script)

. adds support for Navy Linux and pakOS firefox profiles location
. test the group of SUDO_USER/user non-privileged user using the script, for giving sudo or wheel sudoers messages
. addresses upgrade of script /usr/bin/vpn.sh installed by deb/rpm package
. showing Checkpoint side certificate, openssl s_client does not stall anymore
. replaces wget(s) by curl, several distros/versions with recurrent wget/gnuTLS bugs, including Fedora FC 37 beta
. RedHat/rpm packages: dpkg dont assume implicit dependencies, name it

fixes Slackware setup bug
adds VPN remote X.509 certificate display to status
Debian pool debootstrap now 1.0.127
adds support for AmOs Linux, PCLinuxOS, Mandriva LX 5.0, AaricKDE, Mandrake family/older RH style, OpenEuler/Euler Linux
more fixes to sudo logic, correct logic between non-root vs root
code cleaning, independent functions for each distribution install procedures
loosely made deb and rpm package

. Fix Debian apt/_apt bug, chroot / must be at least mode 755 (rwxr-xr-x).
. ArchLabs deboostrap does not have dpkg as a dependency; never assume things.
. typo in SNAP firefox policies directory name fixed
. non-documented selfdownload option
. error in grep detecting RedHat
. chroot detection warns but does not abort
. changes for Rocky 9
. supports PeuxOS
. upgrades debootstrap if too old
. BOSS and OB2D distributions support
. sudo privileges check

Code cleaning.
Delete redundant code dealing with resolv.conf and Firefox profiles.
Script more stable.
DNS double checks for not to mess up DNS.
Better Debian and Ubuntu derivates support.
More distributions tested.
Gives up if no sudo installed and asks for it to be installed.
Replaces Trisquel debootstrap.
MX and Pardus support for different Firefox profile directories.
Warns if a Firefox profile is already installed.
Replaces debootstrap with a more recent one in Slackware.
Saner EPEL setup, needs testing.
Gentoo maintenance commands.
SUSE improvements.
More distros tested.
Compatibility with Kamarada Linux/OpenSUSE Desktop.
Archcraft distribution support.
Much simplified Arch DNS handling.
Whoever used this script in Arch using the last versions, after installing this version but before running it should :
delete the /etc/NetworkManager/conf.d/rc-manager.conf file
remove the openresolv package
restart NetworkManager.

Linting, bug building chroot
Fix nscd "feature" that was causing problems in SUSE, but can potentially manifest in another distributions: avoid sharing /run/nscd between host and chroot.
DNS fix, when failing DNS queries, at least Debian derivates were not creating a proper resolv.conf in the 1st time chroot creation phase
Mageia 8 support and minor RedHat fixes
Slackware support added
Adds support for Void Linux
Linux Deepin basic support
Gentoo support added
Added RHEL support.
Improved support for Oracle Linux.
SLES working now too.
RedHat added.
Slackware 15.1 beta working now.
Salix 15.0 working (Slackware based)
EndeavourOS tested.
Need of compiling packages in Slackware better dealt.
EPEL need better detected.
Firefox "distribution" directories better detected, the name varies more than thought.
Warns if another Firefox policy already present.

dnf instead of yum, dnf check-update
More compatibility creating cshell host group and user
Latest versions of Debian, Ubuntu, RedHat, CentOS, Fedora, Arch and SUSE distribution family working now.
Installs Mobile Access Portal certificate policy acceptance for Firefox in more locations.
Handles more Checkpoint/cshell_install.sh versions.
Experimental support for older post Mobile Access Portal older versions (--oldjava).
Handles better errors and DNS configurations.
Adds sudoers line automatically.
fixed cut and paste bug handling DNS in Debian

. Help function
. Script now working properly with RH variants (and Debian variants)
. Fix RedHat variants DNS configurations for using systemd-resolved for sharing DNS between chroot and host.
. Fix CentOS 8 repositories in a stock installation.
. user messages
. support for firefox-esr path (Debian and others)
. does away with cshell_install.sh patches - fakes requirements inside chroot
. firefox-esr path for Debian
. Account for multiple versions of Firefox installed when installing CShell localhost certificate policy
. code cleaning
. self promotion to sudo mode, no need to use sudo in the command line
. suport VNP portal custom URL
. do a (re)start after install to test and get X11 rights
. add fake profiles.ini to fake firefox profile inside chroot

. code cleaning
. CShell now runs as an independent user (more secure)
. X11 auth done by user and not localhost
. fake i386 kernel inside chroot
. cshell user does not need host login
. user cshell login disabled on host
. uninstall deletes user cshell
. sudo chroot wrapper
. lint'ed
. run ALWAYS as root/sudo
. if version > last release does not selfupdate
. unified cshell patch
. custom VPN portal login path
. Firefox policy for CShell localhost certificate
. account for alternative /sslvpn portal address
. custom VPN portal login path
. stop does disconnect now
. deal with /etc/resolv.conf corruption when stopping via command line
. Global Firefox policy for adding CShell localhost certificate to Firefox accepted certificates
. wrong URL for split test
. restart option
. correct status and selfupdate VER when in full VPN

upgrade for new version from git link
connection instability ; changed USA Debian repo to fastly one
more lax uninstall, more consistency checks, die with calling functions names
github repo in variable, more error checking, delete chroot temporary scripts
security: use a mktemp() file for selfupdate
/opt/etc/vpn.conf conf file added
add hostname to hosts file of host
temporary chroot instalation scripts deletion