OpenVPN in Cyanogenmod9

I just upgraded my Phone (Samsung Galaxy S GT-i9000) to Cyanogenmod9 which is based on Android 4.0.4! Why? Out of pure curiosity. CM9 has not been officially released, yet, but here you can find nightly builds, one of which I installed: http://download.cyanogenmod.com/?device=galaxysmtd. I was expecting something really alpha, but actually, it is really useable!

What has changed since Cyanogenmod 7.2? The boot splash screen reminds me of Doctor Who. 🙂 At first glance, the user interface is very different, I have to get used to the slightly different menus. It looks more stylish. At second glance, I saw that there are cool changes in the „background“. Busybox is preinstalled, I have tools like ifconfig, traceroute and others without doing anything. Great! It is also much easier to install one’s own server certificates which is obviously a great benefit for cacert.org users. You can simply install new certificates from your sd card via the menu.

There was only one thing that took me quite some time to find out: How do I get my OpenVPN tunnel to work? At first, I was slightly shocked not to find OpenVPN in the configuration menu any more. Nor could I find the tun.ko kernel module in /system/lib/modules. In the end, I found out, it’s all there! The module apparently is compiled into the kernel and no longer a „stand-alone“ module. There is no need to load it anymore.

(I went on a longer ride trying to load it, searching for it, learning to compile it myself. This was interesting, by the way, but in the end, my phone said something like „no, thanks, I’ve already got that one.“ (tun: duplicate symbol tun_get_socket (owned by kernel).) And in fact, openvpn is installed in /system/xbin. Having found out about this, I downloaded the OpenVPN Settings application (https://code.google.com/p/android-openvpn-settings/downloads/list or Google Play). In the advanced settings, I told it not to load the kernel module. My .ovpn configuration file contained a line that prevented the programme from working so I commented it out. nogroup was an unknown entity on this phone.

# Downgrade privileges after initialization
user nobody
# group nogroup

 Summary: \o/ Thanks to the developers of cm9! Awesome!