[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Reloading openvpn doesn't work

When I reload openvpn, openvpn exits. I am running openvpn as user
'openvpn' (with the 'user' 'group' directive) but starting as root

Sun Aug  7 02:25:21 2005 TUN/TAP device tun0 opened
Sun Aug  7 02:25:21 2005 Note: Cannot set tx queue length on tun0: Operation not permitted (errno=1)
Sun Aug  7 02:25:21 2005 /sbin/ip link set dev tun0 up mtu 1500
sh: line 1: /sbin/ip: Permission denied
Sun Aug  7 02:25:21 2005 Linux ip link set failed: shell command exited with error status: 126
Sun Aug  7 02:25:21 2005 Exiting


I have the option 'persist-tun' set, so why does openvpn try to execute
'/sbin/ip link set dev tun0 up mtu 1500' when reloading?

When I run openvpn as root or I set /sbin/ip SUID, everythin works fine.
How can I prevent openvpn to execute the /sbin/ip command when I
reload openvpn? I don't want to run openvpn as root. Or is it necessary?

My full server.conf:

port 1194
proto udp
dev tun0
ca ca.crt
cert test/server.crt
key test/server.key
dh dh1024.pem
ifconfig-pool-persist ipp.txt
client-config-dir ccd
push "redirect-gateway def1"
keepalive 10 60
comp-lzo
user openvpn
group openvpn
persist-key
persist-tun
status openvpn-status.log
log-append  /var/log/openvpn.log
verb 3
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so openvpn
username-as-common-name
ifconfig-pool 134.108.47.131 134.108.47.190
mode server
tls-server
ifconfig 10.8.0.1 10.8.0.2
push "route 10.8.0.0 255.255.255.0"
passtos
up ./up.sh
management localhost 7505
push "dhcp-option DNS 134.108.34.5"
persist-local-ip
persist-remote-ip
client-connect ./client-connect.sh
client-disconnect ./client-disconnect.sh


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users