The /etc/init.d/openvpn script in the current (1.5.0-r1) openvpn ebuild fails to restart correctly when used at least with openvpn 2.0_beta11 (haven't tested with lower versions as they do not support my configuration) The following simple change to the script to use an absolute path instead of a relative path resolves the issue : diff /usr/portage/net-misc/openvpn/files/openvpn /usr/local/portage/net-misc/openvpn/files/openvpn 26c26 < start-stop-daemon --start --pidfile /var/run/openvpn-$VPN.pid --startas /usr/sbin/openvpn -- --config $VPN/local.conf --writepid /var/run/openvpn-$VPN.pid --daemon --cd $VPN --- > start-stop-daemon --start --pidfile /var/run/openvpn-$VPN.pid --startas /usr/sbin/openvpn -- --config $VPNDIR/$VPN/local.conf --writepid /var/run/openvpn-$VPN.pid --daemon --cd $VPN Reproducible: Always Steps to Reproduce: 1. Install openvpn 2.0_beta11 i386 on two computers (see additional information section) - label them A and B for discussion (doesn't matter which is which) 2. Set up one as a "server" and another as a "client" based on the examples from the openvpn web site. 3. start openvpn (using "/etc/init.d/openvpn start") on both machines - confirm that it works 4. stop the daemon at one end (A) with "/etc/init.d/openvpn stop", and try a ping over the tunnel from the other still running end (B) - so that daemon B knows about the broken tunnel 5. Start the daemon A again 6. try pinging over the tunnel from B again Actual Results: deamon B tries to re-initialize itself and fails. The log file will contain a message along the lines of : Thu Sep 23 23:57:21 2004 [vpnserver.mycompany.com] Inactivity timeout (--ping-restart), restarting Thu Sep 23 23:57:21 2004 TCP/UDP: Closing socket Thu Sep 23 23:57:21 2004 Closing TUN/TAP interface Thu Sep 23 23:57:21 2004 SIGUSR1[soft,ping-restart] received, process restarting Thu Sep 23 23:57:21 2004 In [CMD-LINE]:1: Error opening configuration file: MyCompany/local.conf: No such file or directory (errno=2) Thu Sep 23 23:57:21 2004 Exiting Expected Results: daemon B should have succesfully automatically restarted itself and reconnected the tunnel. The log file then looks like this: Fri Sep 24 00:12:10 2004 [vpnserver.mycompany.com] Inactivity timeout (--ping-restart), restarting Fri Sep 24 00:12:10 2004 TCP/UDP: Closing socket Fri Sep 24 00:12:10 2004 Closing TUN/TAP interface Fri Sep 24 00:12:10 2004 SIGUSR1[soft,ping-restart] received, process restarting Fri Sep 24 00:12:10 2004 OpenVPN 2.0_beta11 i686-pc-linux-gnu [SSL] [LZO] built on Sep 24 2004 Fri Sep 24 00:12:10 2004 LZO compression initialized .... and so on to successfully initiate the connection At the time of submitting this bug, portage only contains ebuilds for openvpn versions up to 1.5.0-r1 (see bug #50767). To install openvpn 2.0_beta11 I did this: $ cp /usr/portage/net-misc/openvpn/openvpn-1.5.0-r1.ebuild /usr/local/portage/net-misc/openvpn/openvpn-2.0_beta11.ebuild $ cp -r /usr/portage/net-misc/openvpn/files /usr/local/portage/net-misc/openvpn/ $ echo "MD5 13871c674fca5665dfffb31393825af2 openvpn-2.0_beta11.tar.gz 541206" > /usr/local/portage/net-misc/openvpn/files/digest-openvpn-2.0_beta11 $ ebuild /usr/local/portage/net-misc/openvpn/openvpn-2.0_beta11.ebuild digest $ emerge --pretend openvpn To get the "expected results" above, I modified files/openvpn and redid the ebuild digest and emerge above. I apologise if the above is not the correct way of doing this, but I am very new to gentoo and this is my first attempt to do anything beyond installing any of the standard package.
this will be delt with when openvpn-2.0 is released
since warpzero seems to be inactive i'm going to take this over, as discussed with carlo :)
please check 2.0
reopen if the problem still persists
I've tested this temporary loss of connectivity situation against the new openvpn-2.0 ebuild and the issue is resolved.
