Fabio Manganiello on Nostr: npub15axzl…n2s2e OpenConnect was amazing. I’ve used it as my preferred client for ...
npub15axzl4acgjl8rz30g3hg2v5jlzdua2qaknlm4fyu5uu3rsw8aajsan2s2e (npub15ax…2s2e) OpenConnect was amazing. I’ve used it as my preferred client for many months on Arch without experiencing a single issue. With the Palo Alto client, connection keeps dropping multiple times per day.
Many of us have tried to convince our IT teams that we have enough expertise to extract the .deb and even repackage it for Arch - the good thing of working in a large tech company is that it’s statistically likely to find at least one person who has contributed to the AUR.
But we were met with a string of no, nein, niet.
First, that’s because the Palo Alto endpoint is really Ubuntu LTS specific. Meaning that it installs some specific versions of a bunch of *-dev packages that are very distro-specific, and it expects everything under /etc to follow Ubuntu conventions (usually it even takes them ~1 year to update their client when a new LTS comes out).
Second, that’s because of the weird EULA contracts you have to accept once you get in bed with parasites like these - along the lines of “don’t allow your employees to touch anything in our software or their machines will stop being compliant”.
The world of compilance is really an ugly and dirty world where the most sub-optimal solutions seem to win, as long as their account managers keep knocking on the door hard enough…
Many of us have tried to convince our IT teams that we have enough expertise to extract the .deb and even repackage it for Arch - the good thing of working in a large tech company is that it’s statistically likely to find at least one person who has contributed to the AUR.
But we were met with a string of no, nein, niet.
First, that’s because the Palo Alto endpoint is really Ubuntu LTS specific. Meaning that it installs some specific versions of a bunch of *-dev packages that are very distro-specific, and it expects everything under /etc to follow Ubuntu conventions (usually it even takes them ~1 year to update their client when a new LTS comes out).
Second, that’s because of the weird EULA contracts you have to accept once you get in bed with parasites like these - along the lines of “don’t allow your employees to touch anything in our software or their machines will stop being compliant”.
The world of compilance is really an ugly and dirty world where the most sub-optimal solutions seem to win, as long as their account managers keep knocking on the door hard enough…