Opened 14 years ago
Closed 13 years ago
#73 closed Feature Wish (fixed)
warning on cant read ccd
Reported by: | krzee king | Owned by: | David Sommerseth |
---|---|---|---|
Priority: | minor | Milestone: | beta 2.3 |
Component: | Configuration | Version: | OpenVPN 2.1.0 / 2.1.1 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
Change History (5)
comment:1 Changed 14 years ago by
Status: | new → accepted |
---|
comment:2 Changed 14 years ago by
ooo i sense you might improve the error messages for unreadable cert files... that would be AWESOME!
comment:3 Changed 14 years ago by
Milestone: | → beta 2.3 |
---|
comment:4 Changed 13 years ago by
First attempt of a fix is posted to the -devel mailing list:
(PATCH) Do some file/directory tests before really starting openvpn
comment:5 Changed 13 years ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
commit 0f2bc0dd92f43c91e33bba8a66b06b98f281efc1
Author: David Sommerseth <davids@…>
Date: Thu Jun 16 17:27:06 2011 +0200
Do some file/directory tests before really starting openvpn
OpenVPN can handle over 30 different files and directories, and it is easy
to misconfigure some of them. In many situations OpenVPN will even start
running, even with a wrong file path or without the proper permissions, and
then it will complain much later on. In some cases the error being seen at
this late point might even be difficult to relate to a configuration option.
This patch tries to catch as many of these files as soon as possible, kind of
to "smoke-test" the files and directories to avoid the most likely errors.
Trac-ticket: 73
Signed-off-by: David Sommerseth <davids@…>
Acked-by: Gert Doering <gert@…>
Consider to call access() on the different files and directories which is needed at startup, and to report issues for each of them individually. This can be considered as a sanity check.
On files/directories which are required for normal operations (like write access to a tmp directory in OpenVPN 2.2 and later), OpenVPN could give a fatal error.
If it should be a fatal error on other configured files and directories must be considered, and might be different for each option. If the --client-config-dir is not readable, it might not be a fatal issue. But not being able to read --tmp-dir, --secret, --key, --cert or --ca if configured is more likely a fatal error.