I've spend a lot of time trying to figure out what went wrong with creating my bridges since I've read almost every online guide there is. All using the tunctl -u user -t dev command to create their tunnels. Now that i made sure it's not a kernel thing i thought the last chance is the initscripts and it seems something is messy there. The tuntap.sh creates a device with openvpn if the binary is found, so if one specifies "-u user" in tunctl_device= (in the conf.d/net file) it will never be used since the openvpn binary doesn't support changing ownership of tun devices. So i never got any IP in my virtual machines if i used it that way. Now that i've changed it to use tunctl it worked like a charm. I thought we could add a check if tunctl_xxx is set and use tunctl instead of openvpn if it is. I created a small patch which implements that test. Maybe I'm still doing something wrong but to me it seems like this is why nothing worked here. Hope to see it in the tree sooner then later or others might get big headaches when they use tun devices with openvpn installed. Cheers and a happy new year ;)
Created attachment 139841 [details, diff] tuntap.sh openvpn tunctl_ patch
baselayout-2 and openrc alread prefer tunctl just for this reason. The better solution would be to patch openvpn so that it can create the interface with user and group permissions as it's available on more platforms than usermode-utilities.
*** This bug has been confirmed by popular vote. ***
vapier: can we just include this one to fix bl1 also handles people that want to do non-openvpn things with their tunnels.
baselayout-1 is no longer in the tree