Bug 207320 - net-misc/openvpn-2.1_rc6 fails on stop
Bug#: 207320 Product:  Gentoo Linux Version: 2007.0 Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: alonbl@gentoo.org Reported By: graham@gmurray.org.uk
Component: Applications
URL: 
Summary: net-misc/openvpn-2.1_rc6 fails on stop
Keywords:  
Status Whiteboard: 
Opened: 2008-01-24 21:21 0000
Description:   Opened: 2008-01-24 21:21 0000 
SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Jan 24 21:11:33 newton openvpn[30499]: PUSH: Received control message:
'PUSH_REPLY,route 192.168.50.0 255.255.255.0,route 192.168.70.0
255.255.255.0,dhcp-o
ption DNS 192.168.50.2,dhcp-option WINS 192.168.50.10,dhcp-option NTP
192.168.50.45,dhcp-option NTP 192.168.50.2,route 192.168.60.1,topology
net30,ping 10,
ping-restart 120,ifconfig 192.168.60.10 192.168.60.9'
Jan 24 21:11:33 newton openvpn[30499]: OPTIONS IMPORT: timers and/or timeouts
modified
Jan 24 21:11:33 newton openvpn[30499]: OPTIONS IMPORT: --ifconfig/up options
modified
Jan 24 21:11:33 newton openvpn[30499]: OPTIONS IMPORT: route options modified
Jan 24 21:11:33 newton openvpn[30499]: OPTIONS IMPORT: --ip-win32 and/or
--dhcp-option options modified
Jan 24 21:11:33 newton tun0: Disabled Privacy Extensions
Jan 24 21:11:33 newton openvpn[30499]: TUN/TAP device tun0 opened
Jan 24 21:11:33 newton openvpn[30499]: TUN/TAP TX queue length set to 100
Jan 24 21:11:33 newton openvpn[30499]: /sbin/ip link set dev tun0 up mtu 1500
Jan 24 21:11:33 newton openvpn[30499]: /sbin/ip addr add dev tun0 local
192.168.60.10 peer 192.168.60.9
Jan 24 21:11:33 newton openvpn[30499]: /etc/openvpn/up.sh tun0 1500 1542
192.168.60.10 192.168.60.9 init
Jan 24 21:11:34 newton openvpn[30499]: /sbin/ip route add 192.168.50.0/24 via
192.168.60.9
Jan 24 21:11:34 newton openvpn[30499]: /sbin/ip route add 192.168.70.0/24 via
192.168.60.9
Jan 24 21:11:34 newton openvpn[30499]: /sbin/ip route add 192.168.60.1/32 via
192.168.60.9
Jan 24 21:11:34 newton openvpn[30499]: GID set to nobody
Jan 24 21:11:34 newton openvpn[30499]: UID set to nobody
Jan 24 21:11:34 newton openvpn[30499]: Initialization Sequence Completed
Jan 24 21:12:15 newton openvpn[30499]: event_wait : Interrupted system call
(code=4)
Jan 24 21:12:15 newton openvpn[30499]: TCP/UDP: Closing socket
Jan 24 21:12:15 newton openvpn[30499]: /sbin/ip route del 192.168.60.1/32
Jan 24 21:12:15 newton openvpn[30499]: ERROR: Linux route delete command
failed: shell command exited with error status: 2
Jan 24 21:12:15 newton openvpn[30499]: /sbin/ip route del 192.168.70.0/24
Jan 24 21:12:15 newton openvpn[30499]: ERROR: Linux route delete command
failed: shell command exited with error status: 2
Jan 24 21:12:15 newton openvpn[30499]: /sbin/ip route del 192.168.50.0/24
Jan 24 21:12:15 newton openvpn[30499]: ERROR: Linux route delete command
failed: shell command exited with error status: 2
Jan 24 21:12:15 newton openvpn[30499]: /etc/openvpn/down.sh tun0 1500 1542
192.168.60.10 192.168.60.9 init
Jan 24 21:12:15 newton openvpn[30499]: Closing TUN/TAP interface
Jan 24 21:12:15 newton openvpn[30499]: /sbin/ip addr flush dev tun0

up to and including openvpn-2.1_rc4-r2, /etc/init.d/openvpn start/stop worked
with no problem

 emerge --info
Portage 2.1.4 (default-linux/x86/2007.0/desktop, gcc-4.2.2, glibc-2.7-r1,
2.6.23-gentoo-r6 i686)
=================================================================
System uname: 2.6.23-gentoo-r6 i686 Intel(R) Pentium(R) 4 CPU 3.20GHz
Timestamp of tree: Thu, 24 Jan 2008 20:16:01 +0000
app-shells/bash:     3.2_p33
dev-java/java-config: 1.3.7, 2.1.3
dev-lang/python:     2.4.4-r4, 2.5.1-r5
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 1.12.11.1
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=native -mtune=native -pipe -ggdb"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config
/usr/kde/3.5/shutdown /usr/share/config /var/bind"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf
/etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c
/etc/udev/rules.d"
CXXFLAGS="-O2 -march=native -mtune=native -pipe -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks installsources metadata-transfer parallel-fetch sandbox
sfperms splitdebug strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/
http://gentoo.blueyonder.co.uk http://gentoo.tiscali.nl/
http://gentoo.mirror.solnet.ch http://pandemonium.tiscali.de/pub/gentoo/"
LANG="en_GB.UTF-8"
LC_ALL="en_GB.UTF-8"
LINGUAS="en_GB en"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --stats --timeout=180 --exclude=/distfiles
--exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/musicbrainz
/usr/portage/local/layman/sunrise /usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X a52 aac aalib acl acpi aim alsa apache2 arts audiofile avi
bash-completion berkdb bitmap-fonts bluetooth bonobo browserplugin bzip2 bzlib
cairo caps cddb cdparanoia cdr cjk cli cracklib crypt cups curl dbus directfb
doc dri dts dvd dvdr dvdread eds emacs emboss encode esd ethereal evo examples
exif expat fam fbcon ffmpeg firefox flac foomaticdb fortran ftp gcj gd gdbm gif
glut gmp gnome gnutls gphoto2 gpm graphviz gstreamer gtk gtk2 gtkhtml guile hal
iconv icq idn ieee1394 imagemagick imlib ipv6 isdnlog jabber jack java
javascript jbig jce jpeg jpeg2k junit kde kdehiddenvisibility kerberos ladspa
latex lcms ldap leim libgda libnotify libsamplerate libwww lirc lm_sensors
logrotate lua mad matroska mbox midi mikmod milter mime mmap mmx mng modplug
mono mp3 mpeg mpi mplayer msn mudflap musepack ncurses nls nptl nptlonly
nsplugin odbc offensive ogg oggvorbis openal opengl openmp oscar oss pam pcntl
pcre pdf perl png postgres ppds pppd profile pulseaudio python qt3 qt3support
qt4 quicktime readline recode reflection ruby sasl sdl seamonkey session
sharedmem sndfile snmp sockets sox speex spell spl sqlite3 sse sse2 ssl svg
sysvipc tcl tcltk tcpd tetex theora threads tiff tk truetype truetype-fonts
type1-fonts uicktime unicode usb v4l v4l2 vim-syntax vorbis win32codecs wmf
wxwindows x264 x86 xface xine xml xml2 xorg xulrunner xv xvid yahoo zlib"
ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare
dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw
multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias
auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file
authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user
autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires
ext_filter file_cache filter headers ident imagemap include info log_config
logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer
proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir
usertrack vhost_alias" APACHE2_MPMS="worker" CAMERAS="canon" ELIBC="glibc"
INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz
cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en"
LIRC_DEVICES="asusdh" USERLAND="GNU" VIDEO_CARDS="radeon vesa fbdev vga"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS,
PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

------- Comment #1 From Alon Bar-Lev (RETIRED) 2008-01-25 20:37:00 0000 ------- 
Hello,

Can you please start openvpn then stop it, and execute the failed commands so I
can see the output?

Thanks!

------- Comment #2 From Graham Murray 2008-01-25 20:57:15 0000 ------- 
Manually running the commands as root does not show any errors. However, I have
now noticed the following line in 'ps aux' 

nobody    4688  100  0.0   1792   400 ?        R    20:42   7:46 /sbin/ip addr
flush dev tun0

which shows that down.sh is being run as user nobody, whereas the /sbin/ip
command can only (successfully) be run by root.

------- Comment #3 From Alon Bar-Lev (RETIRED) 2008-01-25 23:51:51 0000 ------- 
Thanks!
Actually it is a bug in iproute2... But I added a workaround.