Multi-user Support #82
Comments
In Root mode, you can manage all applications in all profiles with InviZible installed in the main profile. In the case of VPN mode, it only depends on your rom specifics.
So it looks like GrapheneOS doesn't support managing apps in user profiles from the main profile in VPN mode.
Yep. You should change all ports that InviZible uses in the main profile.
This is only your rom specifics, so I can't give you any advice. I am not using GrapheneOS.
Easy, but only in Root mode in your case. |
|
Thank you for clearing that up. Unfortunately for me GrapheneOS cannot be rooted. I will have to figure out a workflow that works with my unique constraints. I will see if I can find out from GrapeheOS devs why it doesn't support managing apps in user profiles from the main profile in VPN mode. |
|
I did manage to get this working to my satisfaction. I had to have InviZible installed in both profiles (owner & user), & change all the ports in the second profile. After starting InviZible for the first time in the user profile, it became available as a VPN in the Android VPN settings, & I was able to set it to an always-on VPN in both profiles. I guess this is adding overhead by running multiple Tor & dnscrypt-proxy instances, but nevertheless, it works for me! |
Hi,
How does the multi-user support work? Can you tell me if it will allow me to use InviZible with multiple user profiles (in this case, on GrapheneOS).
In GrapheneOS, you can have multiple user profiles. The first profile is called 'Owner', it is the profile that the OS boots with. Then one can create & switch between multiple user profiles. More on GrapheneOS's user profile implementation can be found at https://grapheneos.org/faq#encryption
I have InviZible installed on the Owner profile, set as an always-on VPN (deny connections without VPN). It works as expected in the Owner profile. When I switch to a user profile, & test the connection, it is not being routed through Tor/DNSCrypt. There is no VPN available in the Android settings. So I proceed to install InviZible in the user profile (using F-Droid, same as in the owner profile). If I try to start DNSCrypt with InviZible, it shows a warning modal saying 'InviZible Pro cannot start DNSCrypt', & in the DNSCrypt log tab it says
[FATAL] listen udp 127.0.0.1:5354: bind: address already in use. Tor also shows a warning modal, but nothing is shown in the log tab. I2P does start, but I don't have I2P running in the Owner profile.The 'bind: address already in use' error tells me that InviZible is still running in the Owner profile, so InviZible in the user profile won't be able to bind on the same port. I thought about trying to set different ports in the configuration, but then I still don't know how to make InviZible show up as a candidate in the Android VPN settings, so I can use it as an always-on VPN in the user profile.
Then I noticed the 'Multi-user support' option in 'Common Settings'. Setting this in the Owner profile, in the user profile, or in both together does not change the above behavior.
Is it possible to have multiple user profiles (as well as the owner profile) all protected by InviZible?
The text was updated successfully, but these errors were encountered: