[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Openvpn port < 1024 restart


  • Subject: [Openvpn-users] Openvpn port < 1024 restart
  • From: Andrew McGill <andrew2005@xxxxxxxxxxx>
  • Date: Wed, 2 Feb 2005 13:37:41 +0200 (SAST)

Hi there

QUESTION: Is there a way to configure openvpn to run in the
foreground and still log to syslog? (--daemon does the logging to
syslog, but also does fork() and exit()).

EXPLANATION:

I have configured openvpn 1.6 on port 21/udp (don't ask why,
there is a good reason).  When the system needs to restart the
connection (SIGUSR1 or ping timeout), it cannot bind to port 21,
since it is running without root privileges:

Jan 27 12:55:39 vbox openvpn[6983]: Connection reset, restarting [-1]
Jan 27 12:55:39 vbox openvpn[6983]: Closing TCP/UDP socket
Jan 27 12:55:39 vbox openvpn[6983]: Restart pause, 1 second(s)
Jan 27 12:55:40 vbox openvpn[6983]: Re-using SSL/TLS context
Jan 27 12:55:40 vbox openvpn[6983]: LZO compression initialized
Jan 27 12:55:40 vbox openvpn[6983]: Control Channel MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]
Jan 27 12:55:40 vbox openvpn[6983]: Socket bind failed on local address [undef]:21: Permission denied
Jan 27 12:55:40 vbox openvpn[6983]: Exiting

To work around this, I've added openvpn to /etc/inittab:

V0:2345:respawn:/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/office.pid --config /etc/openvpn/office.conf --cd /etc/openvpn

The problem is that --daemon instructs openvpn to fork and exit,
which is not quite what I want, since init dutifully tries to
start it (rinse, lather, repeat).  Without --daemon, there
doesn't seem to be a way to set up logging.

ALTERNATIVELY: is there a way (apart from running as root) to
avoid closing the TCP/UDP socket?  (e.g. 'fixed in 2.0')

&:-)



____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users