OpenVpn app and password at boot: no thanks

Gaiden · September 23, 2025, 6:13pm

Hi everyone,

I just installed OpenSUSE Slowroll + KDE Plasma on an all-AMD desktop.
I am a ProtonVPN subscriber and I installed the official app via zypper:

proton-vpn 4.9.6-1.1
application()
application(proton-vpn.desktop)
proton-vpn = 4.9.6-1.1
protonvpn-app = 4.9.6
python3.13dist(proton-vpn-gtk-app) = 4.9.6
python3dist(proton-vpn-gtk-app) = 4.9.6

Currently, everything seems to work, but the app asks for the root password at every startup/reboot. If I don’t enter it immediately, it gets stuck and fails to connect, and I have to close and reopen it. Also, the KDE Wallet window pops up, which is annoying.

I would like to keep using the GUI (so I can modify the server, killswitch, etc.), but I need the app to connect automatically at startup without asking for a password. It seems this is particularly difficult on OpenSUSE.
(For reference: on EndeavourOS it would start without requiring a password or anything else.)

Unfortunately, I don’t know how to proceed and I would really appreciate your help. OpenSUSE is my favorite distro, and I’d like to solve this issue so I can use it at its best.

Thanks!!

hcvv · September 23, 2025, 6:17pm

A startup or login? I ask because you talk about Kwallet and that can only be after a user logged in.

Gaiden · September 23, 2025, 6:20pm

login, sorry.
even after suspension ie

arvidjaar · September 24, 2025, 4:23am

And we have no idea what it is about. Show the window/prompt/whatever where password is requested.

marel · September 24, 2025, 6:15am

Are you using Kwallet at all?

If not better de-install it to make debugging easier.

~/.config/kwalletrc

[Wallet]
Enabled=false

I did also deinstall pam_kwallet6 and add a zypper lock for it.

Gaiden · September 24, 2025, 12:31pm

arvidjaar · September 24, 2025, 12:46pm

ProtonVPN creates NetworkManager connections on the fly. By default openSUSE requires elevated privileges to change system wide connections. If ProtonVPN really needs to create system connections (as opposed to user connections), simply configure PolicyKit to allow it. You may consider asking ProtonVPN support whether it is possible to tell this program to use user connections instead.

Gaiden · September 24, 2025, 1:19pm

how can I set PolicyKit to this?

arvidjaar · September 24, 2025, 2:29pm

It depends on how secure you want it to be. To allow any user in the active local session to modify system connections create file /etc/polkit-default-privs/local with the content

org.freedesktop.NetworkManager.settings.modify.system auth_admin_keep:auth_admin_keep:yes

and run set_polkit_default_privs. See man polkit-default-privs for details.

Setting

POLKIT_DEFAULT_PRIVS="easy"

in the /etc/sysconfig/security and running the same command will achieve the same result and much more.

system · October 24, 2025, 2:30pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.