Opened 3 years ago
Closed 3 years ago
#1360 closed Bug / Defect (fixed-external)
--askpass no longer works since 2.5.0-3
Reported by: | TimCostrop | Owned by: | |
---|---|---|---|
Priority: | blocker | Milestone: | |
Component: | Configuration | Version: | OpenVPN 2.5.0 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | askpass |
Cc: | tct |
Description
Hi
I have configured the openvpn client as a systemd service, which reads a file with password with the askpass option.
Since I upgraded to 2.5.0-3 this no longer works, and always gives a permissions error.
I've tried different chmod configuration to see if any would give me a working result, but no avail.
openvpn.log, slightly redacted
Dec 07 10:38:38 Gjoll systemd[1]: Starting OpenVPN tunnel for xxx... Dec 07 10:38:39 Gjoll openvpn[13826]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-cip> Dec 07 10:38:39 Gjoll openvpn[13826]: Options error: --askpass fails with 'xxx-login.conf': Permission denied > Dec 07 10:38:39 Gjoll openvpn[13826]: Options error: Please correct these errors. Dec 07 10:38:39 Gjoll openvpn[13826]: Use --help for more information. Dec 07 10:38:39 Gjoll systemd[1]: openvpn-client@xxx.service: Main process exited, code=exited, status=1/FAILU> Dec 07 10:38:39 Gjoll systemd[1]: openvpn-client@xxx.service: Failed with result 'exit-code'. Dec 07 10:38:39 Gjoll systemd[1]: Failed to start OpenVPN tunnel for xxx.
Device info
$> uname -r 5.9.11-arch2-1 $> lsb_release -a LSB Version: 1.4 Distributor ID: Arch Description: Arch Linux Release: rolling Codename: n/a $> openvpn --version OpenVPN 2.5.0 [git:makepkg/a73072d8f780e888+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Nov 6 2020 library versions: OpenSSL 1.1.1h 22 Sep 2020, LZO 2.10 Originally developed by James Yonan Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> Compile time defines:
Change History (7)
comment:1 Changed 3 years ago by
Cc: | tct added |
---|
comment:2 Changed 3 years ago by
comment:3 Changed 3 years ago by
This looks more like an arch packaging issue. We didn't change anything related to --askpass
in openvpn upstream (at least nothing I am aware of), and "permission denied" definitely reads like "the systemd unit file is running openvpn with not the right permissions to access that file (or the directory where it is in)".
comment:5 Changed 3 years ago by
so, what to do with this ticket? close as "notabug" or "fixed-external"?
comment:6 Changed 3 years ago by
Milestone: | release 2.5 → release 2.5.3 |
---|
comment:7 Changed 3 years ago by
Milestone: | release 2.5.3 |
---|---|
Resolution: | → fixed-external |
Status: | new → closed |
Since nobody is telling me otherwise, I assume this can be closed.
Also removing the milestone since there is no fixed-in version if we do not fix anything.
Check the owner and group of the password file.
I'm on Manjaro and
and
should be
Including the files in those folders.
This changed with OpenVPN 2.5.