/etc/openvpn does not support symlinks anymore

[waf]

/etc/openvpn does not support symlinks anymore. not sure if this in intentional as it used to.

i could not find anything in the change logs referring to symlinks.

[waf]

starting with /etc/init.d/openvpn used to work with symlinks in the /etc/openvpn directory. now, it gives a "error opening config file error".

[waf]

Nov 29 14:18:37 desktop ovpn-client[11986]: SIGTERM[hard,] received, process exiting
Nov 29 14:18:37 desktop ovpn-client[15740]: Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/client.conf
Nov 29 14:18:37 desktop ovpn-client[15740]: Use --help for more information.
Nov 29 14:18:37 desktop systemd[1]: openvpn@client.service: Main process exited, code=exited, status=1/FAILURE
Nov 29 14:18:37 desktop systemd[1]: openvpn@client.service: Unit entered failed state.
Nov 29 14:18:37 desktop systemd[1]: openvpn@client.service: Failed with result 'exit-code'.
Nov 29 14:19:07 desktop ovpn-client[16509]: OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul  3 2017
Nov 29 14:19:07 desktop ovpn-client[16509]: library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08

[waf]

this is on version 2.4.3

[tct]

cc

[box913]

I landed here from a Google search. I was experiencing a similar issue, but as it turns out, it was not caused by openvpn. The problem was actually caused by systemd sandboxing. Specifically, the systemd ProtectHome?=true setting in the /lib/systemd/system/openvpn@.service file. See the details on the ProtectHome? setting in systemd.exec(5). I had a symlink in /etc/openvpn linking to a file in my /home directory. The solution is change the value of ProtectHome? to "read-only", move the symlink, or don't use a symlink.