Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 65600

Summary: openvpn 2 reconnecting after network connectivity or power interruption
Product: Gentoo Linux Reporter: Edmund Green <edmund>
Component: New packagesAssignee: Jan Brinkmann (RETIRED) <luckyduck>
Status: VERIFIED NEEDINFO    
Severity: normal CC: radek
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 50767    
Bug Blocks:    

Description Edmund Green 2004-09-27 15:53:06 UTC
The /etc/init.d/openvpn script in the current (1.5.0-r1) openvpn ebuild fails to restart correctly when used at least with openvpn 2.0_beta11 (haven't tested with  lower versions as they do not support my configuration)
The following simple change to the script to use an absolute path instead of a relative path resolves the issue :

diff /usr/portage/net-misc/openvpn/files/openvpn /usr/local/portage/net-misc/openvpn/files/openvpn
26c26
<                               start-stop-daemon --start --pidfile /var/run/openvpn-$VPN.pid --startas /usr/sbin/openvpn -- --config $VPN/local.conf --writepid /var/run/openvpn-$VPN.pid --daemon --cd $VPN
---
>                               start-stop-daemon --start --pidfile /var/run/openvpn-$VPN.pid --startas /usr/sbin/openvpn -- --config $VPNDIR/$VPN/local.conf --writepid /var/run/openvpn-$VPN.pid --daemon --cd $VPN


Reproducible: Always
Steps to Reproduce:
1. Install openvpn 2.0_beta11 i386 on two computers (see additional information section) - label them A and B for discussion (doesn't matter which is which)
2. Set up one as a "server" and another as a "client" based on the examples from the openvpn web site.
3. start openvpn (using "/etc/init.d/openvpn start") on both machines - confirm that it works
4. stop the daemon at one end (A) with "/etc/init.d/openvpn stop", and try a ping over the tunnel from the other still running end (B) - so that daemon B knows about the broken tunnel
5. Start the daemon A again
6. try pinging over the tunnel from B again
Actual Results:  
deamon B tries to re-initialize itself and fails.

The log file will contain a message along the lines of :

Thu Sep 23 23:57:21 2004 [vpnserver.mycompany.com] Inactivity timeout
(--ping-restart), restarting
Thu Sep 23 23:57:21 2004 TCP/UDP: Closing socket
Thu Sep 23 23:57:21 2004 Closing TUN/TAP interface
Thu Sep 23 23:57:21 2004 SIGUSR1[soft,ping-restart] received, process restarting
Thu Sep 23 23:57:21 2004 In [CMD-LINE]:1: Error opening configuration file:
MyCompany/local.conf: No such file or directory (errno=2)
Thu Sep 23 23:57:21 2004 Exiting


Expected Results:  
daemon B should have succesfully automatically restarted itself and reconnected
the tunnel. The log file then looks like this:

Fri Sep 24 00:12:10 2004 [vpnserver.mycompany.com] Inactivity timeout
(--ping-restart), restarting
Fri Sep 24 00:12:10 2004 TCP/UDP: Closing socket
Fri Sep 24 00:12:10 2004 Closing TUN/TAP interface
Fri Sep 24 00:12:10 2004 SIGUSR1[soft,ping-restart] received, process restarting
Fri Sep 24 00:12:10 2004 OpenVPN 2.0_beta11 i686-pc-linux-gnu [SSL] [LZO] built
on Sep 24 2004
Fri Sep 24 00:12:10 2004 LZO compression initialized
.... and so on to successfully initiate the connection


At the time of submitting this bug, portage only contains ebuilds for openvpn
versions up to 1.5.0-r1 (see bug #50767).
To install openvpn 2.0_beta11 I did this:

$ cp /usr/portage/net-misc/openvpn/openvpn-1.5.0-r1.ebuild
/usr/local/portage/net-misc/openvpn/openvpn-2.0_beta11.ebuild
$ cp -r /usr/portage/net-misc/openvpn/files  /usr/local/portage/net-misc/openvpn/
$ echo "MD5 13871c674fca5665dfffb31393825af2 openvpn-2.0_beta11.tar.gz 541206" >
/usr/local/portage/net-misc/openvpn/files/digest-openvpn-2.0_beta11
$ ebuild /usr/local/portage/net-misc/openvpn/openvpn-2.0_beta11.ebuild digest
$ emerge --pretend openvpn

To get the "expected results" above, I modified files/openvpn and redid the
ebuild digest and emerge above.

I apologise if the above is not the correct way of doing this, but I am very new
to gentoo and this is my first attempt to do anything beyond installing any of
the standard package.
Comment 1 Warp Zero (RETIRED) gentoo-dev 2004-10-02 11:15:29 UTC
this will be delt with when openvpn-2.0 is released
Comment 2 Jan Brinkmann (RETIRED) gentoo-dev 2005-04-29 09:49:27 UTC
since warpzero seems to be inactive i'm going to take this over, as discussed with carlo :)
Comment 3 Jan Brinkmann (RETIRED) gentoo-dev 2005-05-03 06:17:58 UTC
please check 2.0
Comment 4 Jan Brinkmann (RETIRED) gentoo-dev 2005-05-12 10:21:28 UTC
reopen if the problem still persists
Comment 5 Edmund Green 2005-05-18 13:36:51 UTC
I've tested this temporary loss of connectivity situation against the new
openvpn-2.0 ebuild and the issue is resolved.