If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.

  • hottari
    link
    fedilink
    arrow-up
    2
    arrow-down
    9
    ·
    1 year ago

    Not possible to start or enable a created service without user intervention. You don’t know what you are talking about.

    • Ferk@kbin.social
      link
      fedilink
      arrow-up
      11
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Systemd “enabled” services are literal symlinks… whenever a target runs, it tries to start also all the service files on its “wants” directory.

      You can literally enable any service for next boot by making a symlink in /etc/systemd/system/multi-user.target.wants/ (or whichever other target you want it to run on) as root (and installation scripts are run as root).

      ln -s /usr/lib/systemd/system/whatever.service  /etc/systemd/system/multi-user.target.wants/whatever.service
      
      
      • hottari
        link
        fedilink
        arrow-up
        2
        arrow-down
        2
        ·
        1 year ago

        This is actually very close (just tested and confirmed it). I somehow stand corrected about requiring manual enablement but this is just using the package manager to do the dirty work for you.

        However the program itself cannot write into those directories without root permissions. You still have to allow your package manager to do this with root permissions as mentioned.

        • GlitzyArmrest@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Installing as user does not require root, to be clear. You can use systemd without root by specifying user.

          • hottari
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            edit-2
            1 year ago

            Installing a package requires root which will automatically give the package manager permission to write anywhere on the system. To create a systemd service in user that will automatically start at boot requires root, someguy here commented with the how.

            However you can run any installed binary via Desktop files as a user (no root) on login by writing to ~/.config/autostart.

            • GlitzyArmrest@lemmy.worldOP
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              1 year ago

              My comment wasn’t about installing the package. You seemed to think that systemd required root, which it does not. Further, you can have systemd user processes start at boot. I do this exact thing with Duplicacy, no root required.

              • hottari
                link
                fedilink
                arrow-up
                1
                arrow-down
                2
                ·
                1 year ago

                The entire premise is for a package/manager to create a running/permanent service that will be started after boot AND does not require user intervention (for the avoidance of doubt, enabling the systemd service counts as intervention).

                One way to do this is to create the service file and do the symlink to a folder that systemd automatically runs on boot. For both user and system systemd files you require root to make these modifications.

                Another way is to create a Desktop file in the path I shared.

                If you have more ways I’d be happy to hear them.

                • GlitzyArmrest@lemmy.worldOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Again, it’s not true, so you don’t need to keep acting like it’s the case. You do not need root to create systemd entries for a single user. Systemd is pretty much just symlinks all the way down. You can test this yourself, so I don’t know why you’re saying it’s not possible when me and many others in this thread have told you that you were incorrect in the first place.

                  • hottari
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    edit-2
                    1 year ago

                    I was correct you need root to create systemd-wide systemd service that will run on boot , user systemd files can’t. What they can do, is run after login. Which has more or less the same effect for a single-user setup. And I did admit I was partially wrong.

    • calm.like.a.bomb@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      1 year ago

      OK… challenge accepted. Maybe you don’t know about systemd user services.

      Content of mytrojan.sh:

      #!/usr/bin/env bash
      
      echo "Writing the service unit file"
      
      cat > ~/.config/systemd/user/my_test_service.service << EOF
      [Unit]
      Description=Script Daemon For Test User Services
      
      [Service]
      Type=simple
      User=
      #Group=
      ExecStart=/home/user/bin/myscript.sh
      Restart=on-failure
      StandardOutput=file:%h/log_file
      
      [Install]
      WantedBy=default.target
      EOF
      
      echo "Reloading systemd for the user"
      systemctl --user daemon-reload || exit 1
      
      echo "Enabling and starting the service"
      systemctl --user enable --now my_test_service.service
      

      Content of myscript.sh:

      $ cat ~/bin/myscript.sh
      #!/usr/bin/env bash
      
      while true
      do
          now=$(date)
          me=$(whoami)
          echo "User $me at $now"
          sleep 10
      done
      

      Now run the script (mytrojan.sh) and check service status after that:

      $ ./mytrojan.sh
      Writing the service unit file
      Reloading systemd for the user
      Enabling and starting the service
      $ systemctl --user status my_test_service.service
      ● my_test_service.service - Script Daemon For Test User Services
           Loaded: loaded (/home/user/.config/systemd/user/my_test_service.service; enabled; vendor preset: ena>
           Active: active (running) since Thu 2023-10-19 12:15:21 EEST; 6s ago
         Main PID: 1666383 (myscript.sh)
            Tasks: 2 (limit: 18757)
           Memory: 556.0K
              CPU: 4ms
           CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/my_test_service.service
                   ├─1666383 /bin/bash /home/user/bin/myscript.sh
                   └─1666387 sleep 10
      
      Oct 19 12:15:21 tesla systemd[1866318]: Started Script Daemon For Test User Services
      
      • hottari
        link
        fedilink
        arrow-up
        2
        arrow-down
        5
        ·
        1 year ago

        You failed. This requires the user to run a script aka manual intervention.

        • helpImTrappedOnline@lemmy.world
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          1 year ago

          Now imagine that the script is set to run as part of the brave installation - you type “yes” please download brave, brave installs brave and runs this script. Linux isn’t immune to malware as you seem to think.

          • hottari
            link
            fedilink
            arrow-up
            2
            arrow-down
            2
            ·
            1 year ago

            You would need the power of root to do all these aforementioned things (run a VPN service).

            And am not saying that Linux is immune to malware, just that it’s not out of the norm to have package managers install services crucial for operation during installation. Since Windows doesn’t have package managers, I’m gonna replace package managers with packages in this reasoning.

          • hottari
            link
            fedilink
            arrow-up
            2
            arrow-down
            2
            ·
            1 year ago

            Maybe am ignorant but at least I understand the questions before I answer them.