New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: openvpn-install fails to install on Arch Linux Arm #1025
Comments
similar on archlinux, 4553dd9: Aug 25 10:31:12 pc systemd[1]: Starting OpenVPN service for server...
░░ Subject: A start job for unit openvpn-server@server.service has begun execution
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit openvpn-server@server.service has begun execution.
░░
░░ The job identifier is 4587.
Aug 25 10:31:12 pc openvpn[2337]: Consider setting groups/curves preference with tls-groups instead of forcing a specific curve with ecdh-curve.
Aug 25 10:31:12 pc openvpn[2337]: Note: Treating option '--ncp-ciphers' as '--data-ciphers' (renamed in OpenVPN 2.5).
Aug 25 10:31:12 pc openvpn[2337]: Options error: --ca fails with 'ca.crt': Permission denied (errno=13)
Aug 25 10:31:12 pc openvpn[2337]: Options error: --cert fails with 'server_XUP4y8fvCc3kylnb.crt': Permission denied (errno=13)
Aug 25 10:31:12 pc openvpn[2337]: Options error: --key fails with 'server_XUP4y8fvCc3kylnb.key': Permission denied (errno=13)
Aug 25 10:31:12 pc openvpn[2337]: Options error: --status fails with '/var/log/openvpn/status.log': Permission denied (errno=13)
Aug 25 10:31:12 pc openvpn[2337]: Options error: Please correct these errors.
Aug 25 10:31:12 pc openvpn[2337]: Use --help for more information.
Aug 25 10:31:12 pc systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
|
I had the same issue. The client device could not connect to the server with this error chown openvpn:network /etc/openvpn/ca.cert
chown openvpn:network /etc/openvpn/server_*
chown -R openvpn:network /var/log/openvpn |
The |
I have finally figured out how to solve my issues. I had to change #!/bin/sh
iptables -t nat -D POSTROUTING -s 10.8.0.0/24 -o eth -j MASQUERADE
iptables -D INPUT -i tun0 -j ACCEPT
iptables -D FORWARD -i eth0 -o tun0 -j ACCEPT
iptables -D FORWARD -i tun0 -o eth0 -j ACCEPT
iptables -D INPUT -i eth0 -p udp --dport 3333 -j ACCEPT TO #!/bin/sh
iptables -t nat -D POSTROUTING -s 10.8.0.0/24 -o end0 -j MASQUERADE
iptables -D INPUT -i tun0 -j ACCEPT
iptables -D FORWARD -i end0 -o tun0 -j ACCEPT
iptables -D FORWARD -i tun0 -o end0 -j ACCEPT
iptables -D INPUT -i end0 -p udp --dport 3333 -j ACCEPT And had to change the owner and group of /etc/openvpn to openvpn:network so that files would load correctly. Then run |
Make sure your check these beforehand!
Server OS
Arch Linux Arm
OpenVPN version
OpenVPN 2.5.7 [git:makepkg/a0f9a3e9404c8321+] armv7l-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 2 2022
Client
Linux arch linux arm 5.15.56-3-rpi-ARCH #1 SMP Fri Aug 12 04:20:40 MDT 2022 armv7l GNU/Linux
What is the bug?
Similar to
#420 and #363
I've tried on multiple machines and I end up in the same error. On my previous install of Arch Linux Arm it worked without issues. I've tried copying the easyrsa binaries to the openvpn-install script location, however it still fails to generate keys and certs.
Relevant log output
The text was updated successfully, but these errors were encountered: