Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 233657 - net-misc/openvpn-2.1_rc9 broken
Summary: net-misc/openvpn-2.1_rc9 broken
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Unspecified (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Cédric Krier
URL:
Whiteboard:
Keywords: InVCS
: 234254 (view as bug list)
Depends on:
Blocks:
 
Reported: 2008-08-01 23:47 UTC by Patrick Fourniols
Modified: 2008-08-09 13:35 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
emerge --info ( 1 of 3 ) (mai.info,3.25 KB, text/plain)
2008-08-02 05:19 UTC, Patrick Fourniols 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Patrick Fourniols 2008-08-01 23:47:00 UTC 
when i start my vpn :

Aug  2 01:31:38 mai openvpn[25261]: UDPv4 link remote: 1.2.3.4:5000
Aug  2 01:31:38 mai openvpn[25261]: Peer Connection Initiated with 1.2.3.4:5000
Aug  2 01:31:38 mai /etc/init.d/fournidist[25243]: WARNING: fournidist has started, but is inactive
Aug  2 01:31:39 mai openvpn[25261]: TUN/TAP device tun0 opened
Aug  2 01:31:39 mai openvpn[25261]: TUN/TAP TX queue length set to 100
Aug  2 01:31:39 mai openvpn[25261]: /sbin/ifconfig tun0 192.168.52.2 pointopoint 192.168.52.1 mtu 1500
Aug  2 01:31:39 mai openvpn[25261]: /etc/openvpn/up.sh tun0 1500 1544 192.168.52.2 192.168.52.1 init
Aug  2 01:31:39 mai openvpn[25261]: openvpn_execve: external program may not be called due to setting of --script-security level
Aug  2 01:31:39 mai openvpn[25261]: script failed: external program fork failed
Aug  2 01:31:39 mai openvpn[25261]: Exiting

rc7 worked fine but is gone...
removed all personnal config scripts and backed to sample configs files in openvpn sample config for static key: allways same answer...


Reproducible: Always

Steps to Reproduce:
1. ;)
2.
3.

Actual Results:  
openvpn_execve: external program may not be called due to setting of --script-security level

????

Expected Results:  
working ;)

same on 3 computer... go to bed for now, see tomorow ;)
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2008-08-02 04:58:44 UTC 
Please post your `emerge --info' too.
Comment 2 Patrick Fourniols 2008-08-02 05:19:55 UTC 
Created attachment 161954 [details]
emerge --info ( 1 of 3 )
Comment 3 Patrick Fourniols 2008-08-02 07:31:40 UTC 
same result trying to start openvpn by hand, seems that openvpn don't permit calling external script ( here $(SVCNAME)-up.sh...

result: server tunx up but no route, client tunx down ...
 
have downgraded to 2.0.9 for now, will look further later
Comment 4 Cédric Krier gentoo-dev 2008-08-02 18:17:20 UTC 
I put "--script-security 2" in init script when it uses --up and --down option.
Comment 5 Blu3 2008-08-06 22:36:01 UTC 
default breakage is not very apparent for startup error messages.

--script-security <n> was added to the openvpn package, see the openvpn man page for specific details.  add script-security <n> to your /etc/openvpn/openvpn.conf file as appropriate. :)
Comment 6 Antek Grzymała (antoszka) 2008-08-07 09:14:07 UTC 
Can we have some information on what that means and how to deal with that. The ebuild just silently breaks a user's OpenVPN setup without hinting a word.
Comment 7 Cédric Krier gentoo-dev 2008-08-09 13:35:52 UTC 
*** Bug 234254 has been marked as a duplicate of this bug. ***