subject:"Bug#770811\: openvpn\: openVPN tmp\-dir missing"

Bug#770811: openvpn: openVPN tmp-dir missing

2015-02-03 Thread Kyle Manna

Another thing to consider while talking about chrooting is running OpenVPN
in a Docker image.  I put one together:

https://registry.hub.docker.com/u/kylemanna/openvpn/
https://github.com/kylemanna/docker-openvpn

On Tue Feb 03 2015 at 12:27:10 AM Polotnyanko Nikita Sergeevich <
pboxw...@gmail.com> wrote:

> I'll add this just in case it'll be helpful for someone: when using
> chroot, ovenpvn can't access /etc/localtime file and can't get correct
> timezone, so you need to mount this file in chroot as well:
> mkdir /etc/openvpn/etc
> touch /etc/openvpn/etc/localtime
> mount --bind /etc/localtime /etc/openvpn/etc/localtime
>
> And write this changes in your /etc/fstab:
> echo "/etc/localtime /etc/openvpn/etc/localtime none bind" >> /etc/fstab
>
> --
> Regards,
>  Polotnyanko Nikita Sergeevich  mailto:pboxw...@gmail.com
>
>
>

Bug#770811: openvpn: openVPN tmp-dir missing

2015-02-03 Thread Polotnyanko Nikita Sergeevich

I'll add this just in case it'll be helpful for someone: when using
chroot, ovenpvn can't access /etc/localtime file and can't get correct
timezone, so you need to mount this file in chroot as well:
mkdir /etc/openvpn/etc
touch /etc/openvpn/etc/localtime
mount --bind /etc/localtime /etc/openvpn/etc/localtime

And write this changes in your /etc/fstab:
echo "/etc/localtime /etc/openvpn/etc/localtime none bind" >> /etc/fstab

-- 
Regards,
 Polotnyanko Nikita Sergeevich  mailto:pboxw...@gmail.com


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#770811: openvpn: openVPN tmp-dir missing

2015-01-31 Thread Polotnyanko Nikita Sergeevich

Hi,

This is not a bug, when using chroot you can't access anything outside
of chroot  directory,  so if you want to use chroot in openvpn, for
example, "chroot  /etc/openvpn" in your config file, then you need to
create tmp directory in openvpn chroot directory (/etc/openvpn/tmp) and
mount /tmp directory in /etc/openvpn/tmp:

mkdir /etc/openvpn/tmp
mount --bind /tmp /etc/openvpn/tmp

And write this changes in your /etc/fstab:
echo "/tmp /etc/openvpn/tmp none bind" >> /etc/fstab

-- 
Regards,
 Polotnyanko Nikita Sergeevich  mailto:pboxw...@gmail.com


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#770811: openvpn: openVPN tmp-dir missing

2014-11-24 Thread Alberto Gonzalez Iniesta

Hi,

I don't know why this didn't fail before, but since you are chroot'ing
openvpn in /etc/openvpn, a tmp/ dir there could be necessary. Not a bug,
but a requirement due to your settings.

Regards,

Alberto

On Mon, Nov 24, 2014 at 01:52:30PM +0100, Adrián Arévalo Tirado wrote:
> That's the strange thing. I have nothing related to "dir" in my
> server.conf, so it must be something related to an upgrade:
> 
> chroot /etc/openvpn
> 
> # Which local IP address should OpenVPN
> # listen on? (optional)
> ;local a.b.c.d
> 
> port 1194
> 
> # TCP or UDP server?
> ;proto tcp
> proto udp
> 
> ;dev tap
> dev tun
> 
> ;dev-node MyTap
> 
> ca /etc/openvpn/scripts/keys/ca.crt
> cert /etc/openvpn/scripts/keys/servidor.crt
> key /etc/openvpn/scripts/keys/servidor.key  # This file should be kept
> secret
> 
> # Diffie hellman parameters.
> # Generate your own with:
> #   openssl dhparam -out dh1024.pem 1024
> # Substitute 2048 for 1024 if you are using
> # 2048 bit keys.
> dh /etc/openvpn/scripts/keys/dh1024.pem
> 
> server 10.8.0.0 255.255.255.0
> 
> ifconfig-pool-persist /var/log/openvpn/ipp.txt
> 
> push "route 192.168.0.0 255.255.255.0"
> ;push "route 192.168.20.0 255.255.255.0"
> 
> push "redirect-gateway def1"
> 
> # Certain Windows-specific network settings
> # can be pushed to clients, such as DNS
> # or WINS server addresses.  CAVEAT:
> # http://openvpn.net/faq.html#dhcpcaveats
> push "dhcp-option DNS 8.8.8.8"
> push "dhcp-option DNS 8.8.4.4"
> ;push "dhcp-option WINS 8.8.4.4"
> 
> keepalive 10 120
> 
> tls-auth /etc/openvpn/scripts/keys/ta.key 0 # This file is secret
> 
> cipher AES-256-CBC
> 
> comp-lzo
> 
> max-clients 2
> 
> user nobody
> group nobody
> cipher AES-256-CBC
> # The persist options will try to avoid
> # accessing certain resources on restart
> # that may no longer be accessible because
> # of the privilege downgrade.
> persist-key
> persist-tun
> 
> # Output a short status file showing
> # current connections, truncated
> # and rewritten every minute.
> status /var/log/openvpn/openvpn-status.log
> 
> log-append  /var/log/openvpn/openvpn.log
> 
> # Set the appropriate level of log
> # file verbosity.
> #
> # 0 is silent, except for fatal errors
> # 4 is reasonable for general usage
> # 5 and 6 can help to debug connection problems
> # 9 is extremely verbose
> verb 3
> 
> # Silence repeating messages.  At most 20
> # sequential messages of the same message
> # category will be output to the log.
> mute 10
> 
> 
> 
> 
> Enviado con MailTrack
> 
> 
> 2014-11-24 13:22 GMT+01:00 Alberto Gonzalez Iniesta :
> 
> > Hi,
> >
> > Did you specify a "tmp-dir" option on your configuration file?
> > By default it should use /tmp, /etc shouldn't be used for tmp...
> >
> > Regards,
> >
> > Alberto
> >
> >
> > On Mon, Nov 24, 2014 at 11:35:03AM +0100, Adrian wrote:
> > > Package: openvpn
> > > Version: 2.3.4-4
> > > Severity: minor
> > >
> > > I have discovered by chance today that I get this message in the openvpn
> > log
> > > and it won't start:
> > >
> > > "Options error: Temporary directory (--tmp-dir) fails with
> > '/etc/openvpn//tmp':
> > > No such file or directory"
> > >
> > > The workaround to fix this is as easy as: mkdir /etc/openvpn/tmp
> > >
> > > But, if it is needed, why it is not created automatically in the upgrade?
> > >
> > >
> > >
> > > -- System Information:
> > > Debian Release: jessie/sid
> > >   APT prefers testing
> > >   APT policy: (500, 'testing')
> > > Architecture: amd64 (x86_64)
> > >
> > > Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> > > Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
> > > Shell: /bin/sh linked to /bin/dash
> > >
> > > Versions of packages openvpn depends on:
> > > ii  debconf [debconf-2.0]  1.5.53
> > > ii  init-system-helpers1.21
> > > ii  initscripts2.88dsf-58
> > > ii  iproute2   3.16.0-2
> > > ii  libc6  2.19-13
> > > ii  liblzo2-2  2.08-1
> > > ii  libpam0g   1.1.8-3.1
> > > ii  libpkcs11-helper1  1.11-2
> > > ii  libssl1.0.01.0.1j-1
> > >
> > > Versions of packages openvpn recommends:
> > > ii  easy-rsa  2.2.2-1
> > >
> > > Versions of packages openvpn suggests:
> > > ii  openssl 1.0.1j-1
> > > pn  resolvconf  
> > >
> > > -- debconf information:
> > >   openvpn/create_tun: false
> >
> > --
> > Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
> > mailto/sip: a...@inittab.org | en GNU/Linux y software libre
> > Encrypted mail preferred| http://inittab.com
> >
> > Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55
> >

-- 
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com

Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debi

Bug#770811: openvpn: openVPN tmp-dir missing

2014-11-24 Thread Adrián Arévalo Tirado

That's the strange thing. I have nothing related to "dir" in my
server.conf, so it must be something related to an upgrade:

chroot /etc/openvpn

# Which local IP address should OpenVPN
# listen on? (optional)
;local a.b.c.d

port 1194

# TCP or UDP server?
;proto tcp
proto udp

;dev tap
dev tun

;dev-node MyTap

ca /etc/openvpn/scripts/keys/ca.crt
cert /etc/openvpn/scripts/keys/servidor.crt
key /etc/openvpn/scripts/keys/servidor.key  # This file should be kept
secret

# Diffie hellman parameters.
# Generate your own with:
#   openssl dhparam -out dh1024.pem 1024
# Substitute 2048 for 1024 if you are using
# 2048 bit keys.
dh /etc/openvpn/scripts/keys/dh1024.pem

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist /var/log/openvpn/ipp.txt

push "route 192.168.0.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"

push "redirect-gateway def1"

# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses.  CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
;push "dhcp-option WINS 8.8.4.4"

keepalive 10 120

tls-auth /etc/openvpn/scripts/keys/ta.key 0 # This file is secret

cipher AES-256-CBC

comp-lzo

max-clients 2

user nobody
group nobody
cipher AES-256-CBC
# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status /var/log/openvpn/openvpn-status.log

log-append  /var/log/openvpn/openvpn.log

# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3

# Silence repeating messages.  At most 20
# sequential messages of the same message
# category will be output to the log.
mute 10




Enviado con MailTrack


2014-11-24 13:22 GMT+01:00 Alberto Gonzalez Iniesta :

> Hi,
>
> Did you specify a "tmp-dir" option on your configuration file?
> By default it should use /tmp, /etc shouldn't be used for tmp...
>
> Regards,
>
> Alberto
>
>
> On Mon, Nov 24, 2014 at 11:35:03AM +0100, Adrian wrote:
> > Package: openvpn
> > Version: 2.3.4-4
> > Severity: minor
> >
> > I have discovered by chance today that I get this message in the openvpn
> log
> > and it won't start:
> >
> > "Options error: Temporary directory (--tmp-dir) fails with
> '/etc/openvpn//tmp':
> > No such file or directory"
> >
> > The workaround to fix this is as easy as: mkdir /etc/openvpn/tmp
> >
> > But, if it is needed, why it is not created automatically in the upgrade?
> >
> >
> >
> > -- System Information:
> > Debian Release: jessie/sid
> >   APT prefers testing
> >   APT policy: (500, 'testing')
> > Architecture: amd64 (x86_64)
> >
> > Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> > Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
> > Shell: /bin/sh linked to /bin/dash
> >
> > Versions of packages openvpn depends on:
> > ii  debconf [debconf-2.0]  1.5.53
> > ii  init-system-helpers1.21
> > ii  initscripts2.88dsf-58
> > ii  iproute2   3.16.0-2
> > ii  libc6  2.19-13
> > ii  liblzo2-2  2.08-1
> > ii  libpam0g   1.1.8-3.1
> > ii  libpkcs11-helper1  1.11-2
> > ii  libssl1.0.01.0.1j-1
> >
> > Versions of packages openvpn recommends:
> > ii  easy-rsa  2.2.2-1
> >
> > Versions of packages openvpn suggests:
> > ii  openssl 1.0.1j-1
> > pn  resolvconf  
> >
> > -- debconf information:
> >   openvpn/create_tun: false
>
> --
> Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
> mailto/sip: a...@inittab.org | en GNU/Linux y software libre
> Encrypted mail preferred| http://inittab.com
>
> Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55
>

Bug#770811: openvpn: openVPN tmp-dir missing

2014-11-24 Thread Alberto Gonzalez Iniesta

Hi,

Did you specify a "tmp-dir" option on your configuration file?
By default it should use /tmp, /etc shouldn't be used for tmp...

Regards,

Alberto


On Mon, Nov 24, 2014 at 11:35:03AM +0100, Adrian wrote:
> Package: openvpn
> Version: 2.3.4-4
> Severity: minor
> 
> I have discovered by chance today that I get this message in the openvpn log
> and it won't start:
> 
> "Options error: Temporary directory (--tmp-dir) fails with 
> '/etc/openvpn//tmp':
> No such file or directory"
> 
> The workaround to fix this is as easy as: mkdir /etc/openvpn/tmp
> 
> But, if it is needed, why it is not created automatically in the upgrade?
> 
> 
> 
> -- System Information:
> Debian Release: jessie/sid
>   APT prefers testing
>   APT policy: (500, 'testing')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> 
> Versions of packages openvpn depends on:
> ii  debconf [debconf-2.0]  1.5.53
> ii  init-system-helpers1.21
> ii  initscripts2.88dsf-58
> ii  iproute2   3.16.0-2
> ii  libc6  2.19-13
> ii  liblzo2-2  2.08-1
> ii  libpam0g   1.1.8-3.1
> ii  libpkcs11-helper1  1.11-2
> ii  libssl1.0.01.0.1j-1
> 
> Versions of packages openvpn recommends:
> ii  easy-rsa  2.2.2-1
> 
> Versions of packages openvpn suggests:
> ii  openssl 1.0.1j-1
> pn  resolvconf  
> 
> -- debconf information:
>   openvpn/create_tun: false

-- 
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com

Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#770811: openvpn: openVPN tmp-dir missing

2014-11-24 Thread Adrian

Package: openvpn
Version: 2.3.4-4
Severity: minor

I have discovered by chance today that I get this message in the openvpn log
and it won't start:

"Options error: Temporary directory (--tmp-dir) fails with '/etc/openvpn//tmp':
No such file or directory"

The workaround to fix this is as easy as: mkdir /etc/openvpn/tmp

But, if it is needed, why it is not created automatically in the upgrade?



-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openvpn depends on:
ii  debconf [debconf-2.0]  1.5.53
ii  init-system-helpers1.21
ii  initscripts2.88dsf-58
ii  iproute2   3.16.0-2
ii  libc6  2.19-13
ii  liblzo2-2  2.08-1
ii  libpam0g   1.1.8-3.1
ii  libpkcs11-helper1  1.11-2
ii  libssl1.0.01.0.1j-1

Versions of packages openvpn recommends:
ii  easy-rsa  2.2.2-1

Versions of packages openvpn suggests:
ii  openssl 1.0.1j-1
pn  resolvconf  

-- debconf information:
  openvpn/create_tun: false


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#770811: openvpn: openVPN tmp-dir missing

Bug#770811: openvpn: openVPN tmp-dir missing

Bug#770811: openvpn: openVPN tmp-dir missing

Bug#770811: openvpn: openVPN tmp-dir missing

Bug#770811: openvpn: openVPN tmp-dir missing

Bug#770811: openvpn: openVPN tmp-dir missing

Bug#770811: openvpn: openVPN tmp-dir missing

7 matches

Site Navigation

Mail list logo

Footer information