Ubuntu
openvpn package

creates failing <email address hidden> unit

Bug #1450762 reported by nenhard
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openvpn (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Ubuntu 15.04

I have two clients configured in /etc/openvpn

/etc/openvpn/client1.conf
/etc/openvpn/client2.conf

AUTOSTART="all"
in file:
/etc/default/openvpn

service openvpn start
or
/etc/init.d/openvpn start

fails with:

May 1 11:42:17 systemd[1]: Stopped OpenVPN service.
May 1 11:42:17 systemd[1]: Stopping OpenVPN service...
May 1 11:45:39 systemd[1]: Starting OpenVPN connection to client...
May 1 11:45:39 systemd[1]: Starting OpenVPN service...
May 1 11:45:39 systemd[1]: Started OpenVPN service.
May 1 11:45:39 ovpn-client[26561]: Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/client.conf
May 1 11:45:39 ovpn-client[26561]: Use --help for more information.
May 1 11:45:39 systemd[1]: <email address hidden>: control process exited, code=exited status=1
May 1 11:45:39 systemd[1]: Failed to start OpenVPN connection to client.
May 1 11:45:39 systemd[1]: Unit <email address hidden> entered failed state.
May 1 11:45:39 systemd[1]: <email address hidden> failed.

In previous versions of ubuntu (LTS) this was working.

something got broken with /lib/lsb/init-functions

Robie Basak (racb)
tags: added: systemd-boot
Martin Pitt (pitti)
tags: removed: systemd-boot
tags: removed: systemd
tags: added: systemd-boot
Revision history for this message
Martin Pitt (pitti) wrote :

I tried to reproduce this in a fresh VM with:

sudo cp /usr/share/doc/openvpn/examples/sample-config-files/static-home.conf /etc/openvpn/client1.conf
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/static-office.conf /etc/openvpn/client2.conf
sudo sed -i '/AUTOSTART.*"all"/ s/^#//' /etc/default/openvpn
sudo systemctl daemon-reload
sudo service openvpn restart

and it works as expected: "systemctl status openvpn@*" shows me that I got <email address hidden> and <email address hidden>. Of course they fail to start in my scenario as the example files use IP addresses 1.2.3.4 and similar, but the generator and startup works fine.

In your case <email address hidden> looks strange -- do you actually have a /etc/openvpn/client.conf file? This error message

May 1 11:45:39 ovpn-client[26561]: Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/client.conf

sounds like it either exists and is invalid, or it does not exist. Can you please give me the output of

  ls -lR /etc/openvpn/*.conf

?

Changed in openvpn (Ubuntu):
status: New → Incomplete
summary: - AUTOSTART value is ignored in startup script
+ creates failing openvpn@client.service unit
Revision history for this message
nenhard (few-find-first) wrote :

For some reason commands:

sudo /etc/init.d/openvpn start
sudo /etc/init.d/openvpn restart

are not working,

but

sudo systemctl daemon-reload
sudo service openvpn restart

are

Revision history for this message
nenhard (few-find-first) wrote :

sudo apt-get purge openvpn
sudo apt-get install openvpn

fixed the problem

this report can be closed.

Revision history for this message
Martin Pitt (pitti) wrote :

Well, I would have liked to know why it was failing, but I suppose the purging destroyed all the evidence now. Closing, thanks!

Changed in openvpn (Ubuntu):
status: Incomplete → Invalid
Revision history for this message
nenhard (few-find-first) wrote :

Well,

this part of code was never reached when invoking

sudo /etc/init.d/openvpn start

case "$1" in
start)
  log_action_begin_msg "Starting $DESC"

  # first create /run directory so it's present even
  # when no VPN are autostarted by this script, but later
  # by systemd openvpn@.service
  mkdir -p /run/openvpn

  # autostart VPNs
  if test -z "$2" ; then
    # check if automatic startup is disabled by AUTOSTART=none
    if test "x$AUTOSTART" = "xnone" -o -z "$AUTOSTART" ; then
      log_warning_msg " Autostart disabled, no VPN will be started."
      exit 0
    fi
    if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
      # all VPNs shall be started automatically
      for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
        NAME=${CONFIG%%.conf}
        log_daemon_msg " Autostarting VPN '$NAME'"
        start_vpn
      done
    else

Revision history for this message
Martin Pitt (pitti) wrote :

> this part of code was never reached when invoking
> sudo /etc/init.d/openvpn start

Yes, it's not supposed to. openvpn ships systemd units, so the init.d script isn't getting run (and if you try to call it manually it diverts to essentially calling "systemctl start openvpn").

Revision history for this message
Chris Carey (chris-carey-gmail) wrote :

I found a solution for this and wanted to post in case someone else came across it. OpenVPN stopped using /etc/default/openvpn for defaults after switching to systemd, even though the file /etc/default/openvpn may still be there (As it is on Debian 9 still). To configure defaults for openvpn on systemd now, issue the command:

sudo systemctl edit openvpn

If you add the AUTOSTART="client1 client2" there, and save, then it should work.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.