openvpn-status.log is empty

[abotterell]

I've been using Openvpn 2.4.4 on an Ubuntu instance on AWS for about a year... currently 18.04.. Recently (a month or two back, I think) I started noticing that the openvpn-status.log file was empty, size 0. Aside from the incongruity this is obviously inconvenient from a network management point of view.

The VPN seems to work normally except for the empty -status.log. Anyone have any thoughts about what might be causing this?

config:

local xxx.xx.x.xxx
port 1194
tls-server
proto udp
dev tun
ca ca.crt
cert warn.crt
key warn.key
dh dh2048.pem
tls-auth ta.key 0
key-direction 0
cipher AES-256-CBC
server 192.168.2.0 255.255.255.0
route 192.168.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
persist-key
persist-tun
auth SHA256
user nobody
group nogroup
status /etc/openvpn/openvpn-status.log
log-append /var/log/openvpn.log

[tct]

--status file [n]

Write operational status to file every n seconds.

n=0 probably means never write to status file ..

[tct]

Infact, [n] defaults to 60 seconds, so my comment above was incorrect.

However, using

user nobody
group nogroup 

and

status /etc/openvpn/openvpn-status.log 

is probably not going to work because the openvpn process will probably lose it's privilege to write the file.

Maybe a warning in the log file about failing to write status file is appropriate ?

[Gert Döring]

The file is not re-opened between writes, just rewound, rewritten and truncated.

So if it can be openened at startup that should be fine.

If it can not be opened, a message is logged (status.c, status_open()).

So, without looking at the openvpn log, it's hard to say why it is not logging anything here. So -> verb 3 and logfile.

[Gert Döring]

If we can't have a logfile showing what OpenVPN is doing and if there are any errors, we can't look into this issue.

Closing as "wontfix".