DietPi Software | OpenVPN doesn't work
@Fourdee
http://dietpi.com/phpbb/viewtopic.php?f=11&t=2768
Quick-Check:
RPi Zero W (armv6l) DietPi v6.0
Welcome to DietPi-Software
DietPi-Software
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: Update & upgrade APT
[ INFO ] APT upgrade, please wait...
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
[ OK ] G_AGUG
DietPi-Software
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: Checking for prerequisite software
[ INFO ] Rsyslog will be installed
DietPi-Software
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: Installing Rsyslog: system logging
[ INFO ] APT installation for: rsyslog --no-install-recommends, please wait...
Selecting previously unselected package liblogging-stdlog0:armhf.
(Reading database ... 22943 files and directories currently installed.)
Preparing to unpack .../liblogging-stdlog0_1.0.5-2_armhf.deb ...
Unpacking liblogging-stdlog0:armhf (1.0.5-2) ...
Selecting previously unselected package libestr0.
Preparing to unpack .../libestr0_0.1.10-2_armhf.deb ...
Unpacking libestr0 (0.1.10-2) ...
Selecting previously unselected package libfastjson4:armhf.
Preparing to unpack .../libfastjson4_0.99.4-1_armhf.deb ...
Unpacking libfastjson4:armhf (0.99.4-1) ...
Selecting previously unselected package liblognorm5:armhf.
Preparing to unpack .../liblognorm5_2.0.1-1.1_armhf.deb ...
Unpacking liblognorm5:armhf (2.0.1-1.1) ...
Selecting previously unselected package rsyslog.
Preparing to unpack .../rsyslog_8.24.0-1_armhf.deb ...
Unpacking rsyslog (8.24.0-1) ...
Setting up libestr0 (0.1.10-2) ...
Setting up libfastjson4:armhf (0.99.4-1) ...
Setting up liblogging-stdlog0:armhf (1.0.5-2) ...
Setting up liblognorm5:armhf (2.0.1-1.1) ...
Processing triggers for libc-bin (2.24-11+deb9u1) ...
Processing triggers for systemd (232-25+deb9u1) ...
Setting up rsyslog (8.24.0-1) ...
Created symlink /etc/systemd/system/syslog.service โ /lib/systemd/system/rsyslog.service.
Created symlink /etc/systemd/system/multi-user.target.wants/rsyslog.service โ /lib/systemd/system/rsyslog.service.
Processing triggers for systemd (232-25+deb9u1) ...
[ OK ] G_AGI: rsyslog --no-install-recommends
DietPi-Services
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: stop
[ OK ] stop : cron
[ OK ] stop : nfs-kernel-server
[ OK ] stop : lighttpd
[ OK ] stop : php7.0-fpm
[ OK ] stop : dnsmasq
[ OK ] stop : pihole-FTL
DietPi-Software
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: Installing OpenVPN: vpn server
[ INFO ] APT installation for: openvpn easy-rsa iptables, please wait...
Preconfiguring packages ...
Selecting previously unselected package liblzo2-2:armhf.
(Reading database ... 23028 files and directories currently installed.)
Preparing to unpack .../00-liblzo2-2_2.08-1.2_armhf.deb ...
Unpacking liblzo2-2:armhf (2.08-1.2) ...
Selecting previously unselected package libip6tc0:armhf.
Preparing to unpack .../01-libip6tc0_1.6.0+snapshot20161117-6_armhf.deb ...
Unpacking libip6tc0:armhf (1.6.0+snapshot20161117-6) ...
Selecting previously unselected package libiptc0:armhf.
Preparing to unpack .../02-libiptc0_1.6.0+snapshot20161117-6_armhf.deb ...
Unpacking libiptc0:armhf (1.6.0+snapshot20161117-6) ...
Selecting previously unselected package libxtables12:armhf.
Preparing to unpack .../03-libxtables12_1.6.0+snapshot20161117-6_armhf.deb ...
Unpacking libxtables12:armhf (1.6.0+snapshot20161117-6) ...
Selecting previously unselected package iptables.
Preparing to unpack .../04-iptables_1.6.0+snapshot20161117-6_armhf.deb ...
Unpacking iptables (1.6.0+snapshot20161117-6) ...
Selecting previously unselected package libpkcs11-helper1:armhf.
Preparing to unpack .../05-libpkcs11-helper1_1.21-1_armhf.deb ...
Unpacking libpkcs11-helper1:armhf (1.21-1) ...
Selecting previously unselected package openvpn.
Preparing to unpack .../06-openvpn_2.4.0-6+deb9u2_armhf.deb ...
Unpacking openvpn (2.4.0-6+deb9u2) ...
Selecting previously unselected package libccid.
Preparing to unpack .../07-libccid_1.4.26-1_armhf.deb ...
Unpacking libccid (1.4.26-1) ...
Selecting previously unselected package pcscd.
Preparing to unpack .../08-pcscd_1.8.20-1_armhf.deb ...
Unpacking pcscd (1.8.20-1) ...
Selecting previously unselected package easy-rsa.
Preparing to unpack .../09-easy-rsa_2.2.2-2_all.deb ...
Unpacking easy-rsa (2.2.2-2) ...
Selecting previously unselected package opensc-pkcs11:armhf.
Preparing to unpack .../10-opensc-pkcs11_0.16.0-3_armhf.deb ...
Unpacking opensc-pkcs11:armhf (0.16.0-3) ...
Selecting previously unselected package opensc.
Preparing to unpack .../11-opensc_0.16.0-3_armhf.deb ...
Unpacking opensc (0.16.0-3) ...
Setting up libpkcs11-helper1:armhf (1.21-1) ...
Setting up opensc-pkcs11:armhf (0.16.0-3) ...
Processing triggers for libc-bin (2.24-11+deb9u1) ...
Setting up libxtables12:armhf (1.6.0+snapshot20161117-6) ...
Processing triggers for systemd (232-25+deb9u1) ...
Setting up easy-rsa (2.2.2-2) ...
Setting up libccid (1.4.26-1) ...
Setting up libip6tc0:armhf (1.6.0+snapshot20161117-6) ...
Setting up liblzo2-2:armhf (2.08-1.2) ...
Setting up opensc (0.16.0-3) ...
Setting up pcscd (1.8.20-1) ...
Created symlink /etc/systemd/system/sockets.target.wants/pcscd.socket โ /lib/systemd/system/pcscd.socket.
Setting up libiptc0:armhf (1.6.0+snapshot20161117-6) ...
Setting up openvpn (2.4.0-6+deb9u2) ...
[ ok ] Restarting virtual private network daemon.:.
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn.service โ /lib/systemd/system/openvpn.service.
Setting up iptables (1.6.0+snapshot20161117-6) ...
Processing triggers for libc-bin (2.24-11+deb9u1) ...
Processing triggers for systemd (232-25+deb9u1) ...
[ OK ] G_AGI: openvpn easy-rsa iptables
DietPi-Services
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: stop
[ OK ] stop : cron
[ OK ] stop : nfs-kernel-server
[ OK ] stop : lighttpd
[ OK ] stop : php7.0-fpm
[ OK ] stop : dnsmasq
[ OK ] stop : pihole-FTL
[ OK ] stop : openvpn
DietPi-Software
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: Optimize and configure software
[ INFO ] Applying DietPi optimizations and configurations for RPi Zero W (armv6l), please wait...
DietPi-Software
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: Configuring OpenVPN: vpn server
[ INFO ] Generating unique OpenVPN certificates and keys. Please wait...
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
...............................+.....................................................+................+.........................................................+........................+...........+..............................................................................+...............................................................................+.......+..+...+....................................................+..........................+................++*++*++*
**************************************************************
No /etc/openvpn/easy-rsa/openssl.cnf file could be found
Further invocations will fail
**************************************************************
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
Using CA Common Name: DietPi_OpenVPN_Server
grep: /etc/openvpn/easy-rsa/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /etc/openvpn/easy-rsa/openssl.cnf
The correct version should have a comment that says: easy-rsa version 2.x
grep: /etc/openvpn/easy-rsa/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /etc/openvpn/easy-rsa/openssl.cnf
The correct version should have a comment that says: easy-rsa version 2.x
cp: cannot stat '/etc/openvpn/easy-rsa/keys/DietPi_OpenVPN_Server.crt': No such file or directory
cp: cannot stat '/etc/openvpn/easy-rsa/keys/DietPi_OpenVPN_Server.key': No such file or directory
cp: cannot stat '/etc/openvpn/easy-rsa/keys/ca.crt': No such file or directory
grep: /etc/openvpn/easy-rsa/openssl.cnf: No such file or directory
pkitool: KEY_CONFIG (set by the ./vars script) is pointing to the wrong
version of openssl.cnf: /etc/openvpn/easy-rsa/openssl.cnf
The correct version should have a comment that says: easy-rsa version 2.x
cat: /etc/openvpn/ca.crt: No such file or directory
cat: /etc/openvpn/easy-rsa/keys/DietPi_OpenVPN_Client.crt: No such file or directory
cat: /etc/openvpn/easy-rsa/keys/DietPi_OpenVPN_Client.key: No such file or directory
DietPi-Services
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: dietpi_controlled
[ OK ] dietpi_controlled : cron
.... reboot
After reboot:
root@RPi-Zero:~# dietpi-services status
[ OK ] Root access verified.
DietPi-Services
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: status
[ OK ] cron active (running) since Fri 2018-02-02 09:49:32 CET; 1min 31s ago
[ OK ] nfs-kernel-server active (exited) since Fri 2018-02-02 09:49:34 CET; 1min 29s ago
[ OK ] lighttpd active (running) since Fri 2018-02-02 09:49:35 CET; 1min 28s ago
[ OK ] php7.0-fpm active (running) since Fri 2018-02-02 09:49:46 CET; 1min 17s ago
[ OK ] dnsmasq active (running) since Fri 2018-02-02 09:49:48 CET; 1min 16s ago
[ OK ] pihole-FTL active (running) since Fri 2018-02-02 09:49:49 CET; 1min 15s ago
[ OK ] openvpn active (exited) since Fri 2018-02-02 09:49:50 CET; 1min 14s ago
root@RPi-Zero:~# service openvpn status
โ openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; disabled; vendor preset: enabled)
Active: active (exited) since Fri 2018-02-02 09:49:50 CET; 1min 54s ago
Process: 1405 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 1405 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/openvpn.service
Feb 02 09:49:50 RPi-Zero systemd[1]: Starting OpenVPN service...
Feb 02 09:49:50 RPi-Zero systemd[1]: Started OpenVPN service.
root@RPi-Zero:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.100.103 0.0.0.0 UG 0 0 0 eth0
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
root@RPi-Zero:~# ifconfig | grep tun
root@RPi-Zero:~#
root@RPi-Zero:~# service openvpn restart
root@RPi-Zero:~# cat /var/log/syslog | grep OpenVPN
Feb 2 15:13:13 RPi-Zero systemd[1]: Started OpenVPN service.
Feb 2 15:13:14 RPi-Zero ovpn-server[5608]: Options error: --ca fails with 'ca.crt': No such file or directory
Feb 2 15:13:14 RPi-Zero ovpn-server[5608]: Options error: --cert fails with 'DietPi_OpenVPN_Server.crt': No such file or directory
Feb 2 15:13:14 RPi-Zero ovpn-server[5608]: WARNING: cannot stat file 'DietPi_OpenVPN_Server.key': No such file or directory (errno=2)
Feb 2 15:13:14 RPi-Zero ovpn-server[5608]: Options error: --key fails with 'DietPi_OpenVPN_Server.key': No such file or directory
Feb 2 15:13:14 RPi-Zero ovpn-server[5608]: Options error: Please correct these errors.
Feb 2 15:13:14 RPi-Zero systemd[1]: [email protected]: Control process exited, code=exited status=1
Feb 2 15:13:14 RPi-Zero ovpn-server[5608]: Use --help for more information.
Feb 2 15:13:14 RPi-Zero systemd[1]: Failed to start OpenVPN connection to server.
Feb 2 15:13:14 RPi-Zero systemd[1]: [email protected]: Unit entered failed state.
Feb 2 15:13:14 RPi-Zero systemd[1]: [email protected]: Failed with result 'exit-code'.
root@RPi-Zero:~# ls -lah /etc/openvpn/
total 32K
drwxr-xr-x 5 root root 4.0K Feb 2 09:48 .
drwxr-xr-x 86 root root 4.0K Feb 2 09:48 ..
drwxr-xr-x 2 root root 4.0K Jul 18 2017 client
-rw-r--r-- 1 root root 245 Feb 2 09:48 dh1024.pem
drwxr-xr-x 3 root root 4.0K Feb 2 09:48 easy-rsa
drwxr-xr-x 2 root root 4.0K Jul 18 2017 server
-rw-r--r-- 1 root root 360 Feb 2 09:48 server.conf
-rwxr-xr-x 1 root root 1.3K Jul 18 2017 update-resolv-conf
root@RPi-Zero:~# ls -lah /etc/openvpn/easy-rsa/
total 124K
drwxr-xr-x 3 root root 4.0K Feb 2 09:48 .
drwxr-xr-x 5 root root 4.0K Feb 2 09:48 ..
-rwxr-xr-x 1 root root 119 Feb 2 09:47 build-ca
-rwxr-xr-x 1 root root 352 Feb 2 09:47 build-dh
-rwxr-xr-x 1 root root 188 Feb 2 09:47 build-inter
-rwxr-xr-x 1 root root 163 Feb 2 09:47 build-key
-rwxr-xr-x 1 root root 157 Feb 2 09:47 build-key-pass
-rwxr-xr-x 1 root root 249 Feb 2 09:47 build-key-pkcs12
-rwxr-xr-x 1 root root 268 Feb 2 09:47 build-key-server
-rwxr-xr-x 1 root root 213 Feb 2 09:47 build-req
-rwxr-xr-x 1 root root 158 Feb 2 09:47 build-req-pass
-rwxr-xr-x 1 root root 449 Feb 2 09:47 clean-all
-rwxr-xr-x 1 root root 1.5K Feb 2 09:47 inherit-inter
drwx------ 2 root root 4.0K Feb 2 09:48 keys
-rwxr-xr-x 1 root root 302 Feb 2 09:47 list-crl
-rwxr-xr-x 1 root root 7.7K Feb 2 09:47 openssl-0.9.6.cnf
-rwxr-xr-x 1 root root 8.3K Feb 2 09:47 openssl-0.9.8.cnf
-rwxr-xr-x 1 root root 8.2K Feb 2 09:47 openssl-1.0.0.cnf
-rwxr-xr-x 1 root root 13K Feb 2 09:47 pkitool
-rwxr-xr-x 1 root root 1.1K Feb 2 09:47 revoke-full
-rwxr-xr-x 1 root root 178 Feb 2 09:47 sign-req
-rwxr-xr-x 1 root root 2.3K Feb 2 09:47 vars
-rwxr-xr-x 1 root root 740 Feb 2 09:47 whichopensslcnf
root@RPi-Zero:~# ls -lah /etc/openvpn/easy-rsa/keys/
total 16K
drwx------ 2 root root 4.0K Feb 2 09:48 .
drwxr-xr-x 3 root root 4.0K Feb 2 09:48 ..
-rw-r--r-- 1 root root 269 Feb 2 09:48 DietPi_OpenVPN_Client.ovpn
-rw-r--r-- 1 root root 0 Feb 2 09:48 index.txt
-rw-r--r-- 1 root root 3 Feb 2 09:48 serial
k-plan
All 18 comments
@k-plan
Thanks confirmed:
- ๐ด Stretch
- ๐ฏ๏ธ Jessie | fine
due to openssl.cnf: No such file or directory
Highest version available in /etc/openvpn/easy-rsa is openssl-1.0.0.cnf, but stretch is 1.1.0f-3+deb9u1
๐บ Attempt with ln -sf openssl-1.0.0.cnf openssl.cnf
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Can't open /etc/openvpn/easy-rsa/keys/index.txt.attr for reading, No such file or directory
1995797920:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:74:fopen('/etc/openvpn/easy-rsa/keys/index.txt.attr','r')
1995797920:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:81:
Check that the request matches the signature
Signature ok
Fourdee
on 2 Feb 2018
@MichaIng
For ref: I'am replacing OMV 126 with LibSSL1.0.0
Software that requires libssl1.0.0 (under stretch):
- VPN 97
- Mosq 123
- hotspot 60
- Shairport 37
- Tonido 134 | ๐ฏ๏ธ I need to retest this, made some changes
Fourdee
on 2 Feb 2018
Hmm: https://github.com/OpenVPN/easy-rsa/issues/138
Can't open /etc/openvpn/easy-rsa/keys/index.txt.attr for reading, No such file or directory
https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362608574
Seems to complete fine, regardless of this error.
root@DietPi:~# ls -lha /etc/openvpn/
...
-rw-r--r-- 1 root root 4.3K Feb 2 15:57 DietPi_OpenVPN_Server.crt
-rw------- 1 root root 912 Feb 2 15:57 DietPi_OpenVPN_Server.key
...
๐ฏ๏ธ Yep, tested fine:
Fri Feb 02 16:10:10 2018 MANAGEMENT: >STATE:1517587810,CONNECTED,SUCCESS,10.8.0.6,8
,xx.xx.xx.xx,1194,,
Completed, resolved for v6.2.
Fourdee
on 2 Feb 2018
@Fourdee
Software that requires libssl1.0.0 (under stretch):
VPN 97
sorry for bother but what is with id 117 | =2 | pivpn ?
Error message while install script is running:
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Can't open /etc/openvpn/easy-rsa/pki/index.txt.attr for reading, No such file or directory
3069190144:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:74:fopen('/etc/openvpn/easy-rsa/pki/index.txt.attr','r')
3069190144:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:81
:
k-plan
on 2 Feb 2018
@k-plan
https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362626872
^^
From what I can work out, its a bug in OpenVPN and/or Debian Stretch repo, expecting a file that does not exist. /etc/openvpn/easy-rsa/pki/* does not exist on default installation of OpenVPN via APT.
PiVPN claim to have resolved the issue: https://github.com/pivpn/pivpn/issues/337, yet if (https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362664471) still occurs, we can assume issue is outside both our projects?
Fourdee
on 2 Feb 2018
@Fourdee
^^ yes, but have you check to installpivpnand see what's happens?
For me here the same as with OpenVPN .... ^^
DietPi-Services
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Mode: status
[ OK ] cron active (running) since Fri 2018-02-02 19:05:12 CET; 13min ago
[ OK ] openvpn active (exited) since Fri 2018-02-02 19:05:13 CET; 13min ago
root@RPI-Zero:~# dietpi-software list | vpn
-bash: vpn: command not found
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (0)
root@RPI-Zero:~# dietpi-software list | grep vpn
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (0)
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (0)
id 97 | =0 | openvpn: vpn server | +rsyslog | http://dietpi.com/phpbb/viewtopic.php?f=8&t=5&p=613#p613
id 117 | =2 | pivpn: openvpn installer & management tool | +rsyslog | http://dietpi.com/phpbb/viewtopic.php?http://dietpi.com/phpbb/viewtopic.php?f=8&t=5&p=3469#p346
@k-plan
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (0)
https://github.com/Fourdee/DietPi/issues/1430
Tested PiVPN, aside from https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362666554 https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362626872 (which I believe is out of our control), installs and configures fine.
Fourdee
on 2 Feb 2018
@Fourdee
Tested PiVPN, aside from # 1450 (comment) # 1450 (comment) (which I believe is out of our control), installs and configures fine.
Hmm ... have you see this?
https://github.com/pivpn/pivpn/issues/475
k-plan
on 3 Mar 2018
@k-plan
Hmm ... have you see this?
Looks suspect (new account to post that one message). I'll run a test anyway to verify.
This is new:
- ๐ฏ๏ธ Both options are = fine:
root@DietPi:~# pivpn -a
Enter a Name for the Client: test
Enter the password for the client:
Enter the password again to verify:
spawn ./easyrsa build-client-full test
Note: using Easy-RSA configuration from: ./vars
rand: Use -help for summary.
Generating a 1024 bit RSA private key
.......................................++++++
.................................++++++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/test.key.bLwSEuFfZ'
Enter PEM pass phrase:test
Verifying - Enter PEM pass phrase:test
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :ASN.1 12:'test'
Certificate is to be certified until Feb 29 20:58:19 2028 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
spawn openssl rsa -in pki/private/test.key -des3 -out pki/private/test.key
Enter pass phrase for pki/private/test.key:
writing RSA key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
Client's cert found: test.crt
Client's Private Key found: test.key
CA public Key found: ca.crt
tls-auth Private Key found: ta.key
========================================================
Done! test.ovpn successfully created!
test.ovpn was copied to:
/home/pivpn/ovpns
for easy transfer. Please use this profile only on one
device and create additional profiles for other devices.
==============================================
Reading the thread I don't understand if it is solved... anyway, same problem here with last diepi version... no error during install and configuration but the openvpn service exit as soon as start
โ openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2018-06-27 23:21:02 CEST; 17s ago
Process: 2028 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 2028 (code=exited, status=0/SUCCESS)
sorriso93
on 27 Jun 2018
@sorriso93
Thanks for the report ๐
- Which device tested?
EDIT: I was testing on buster ARMv8... Stretch is fine.
Fourdee
on 28 Jun 2018
@sorriso93
- DietPi no longer controls the openvpn service, once installed please reboot the system.
- The following is fine, as the service is launching the openvpn server under another process/thread:
root@DietPi:~# systemctl status openvpn -l
โ openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor preset:
enabled)
Active: active (exited) since Thu 2018-06-28 13:47:51 BST; 4s ago
Process: 4020 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 4020 (code=exited, status=0/SUCCESS)
Jun 28 13:47:51 DietPi systemd[1]: Starting OpenVPN service...
Jun 28 13:47:51 DietPi systemd[1]: Started OpenVPN service.
- Please check openvpn is running in htop
htop
Fourdee
on 28 Jun 2018
On raspberry 1 I had pivpn/openvpn running in the last year... starting from last month I have been experiencing the problem, uninstalled and reinstalled, no way same problem... Then I installed it on a raspberry 3 with dietpi last version, same behavior.
The strange thing is that I had mldonkey running on the raspb1 and now it has the same behavior (systemctl status and it is "exited")... Can be a common package update... I don't have enough linux competencies to understand the reason...
htop on rspb 1 (openvpn uninstalled)
htop on raspb3
sorriso93
on 28 Jun 2018
sudo netstat -tpln for both
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 16945/perl
tcp 0 0 192.168.0.3:53 0.0.0.0:* LISTEN 18142/named
tcp 0 0 10.8.0.1:53 0.0.0.0:* LISTEN 18142/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 18142/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 364/dropbear
tcp6 0 0 :::38913 :::* LISTEN 18775/homebridge
tcp6 0 0 :::44355 :::* LISTEN 18775/homebridge
tcp6 0 0 :::39683 :::* LISTEN 18775/homebridge
tcp6 0 0 :::44867 :::* LISTEN 18775/homebridge
tcp6 0 0 :::40675 :::* LISTEN 18775/homebridge
tcp6 0 0 :::36003 :::* LISTEN 18775/homebridge
tcp6 0 0 :::35875 :::* LISTEN 18775/homebridge
tcp6 0 0 :::38277 :::* LISTEN 18775/homebridge
tcp6 0 0 :::40709 :::* LISTEN 18775/homebridge
tcp6 0 0 :::33127 :::* LISTEN 18775/homebridge
tcp6 0 0 :::38599 :::* LISTEN 18775/homebridge
tcp6 0 0 :::37159 :::* LISTEN 18775/homebridge
tcp6 0 0 :::41831 :::* LISTEN 18775/homebridge
tcp6 0 0 :::61991 :::* LISTEN 18775/homebridge
tcp6 0 0 :::35753 :::* LISTEN 18775/homebridge
tcp6 0 0 :::35533 :::* LISTEN 18775/homebridge
tcp6 0 0 :::41965 :::* LISTEN 18775/homebridge
tcp6 0 0 :::40815 :::* LISTEN 18775/homebridge
tcp6 0 0 :::45295 :::* LISTEN 18775/homebridge
tcp6 0 0 :::8080 :::* LISTEN 18800/homebridge-co
tcp6 0 0 :::44113 :::* LISTEN 18775/homebridge
tcp6 0 0 :::39473 :::* LISTEN 18775/homebridge
tcp6 0 0 :::51825 :::* LISTEN 18775/homebridge
tcp6 0 0 :::32819 :::* LISTEN 18775/homebridge
tcp6 0 0 :::38707 :::* LISTEN 18775/homebridge
tcp6 0 0 :::45365 :::* LISTEN 18775/homebridge
tcp6 0 0 :::40565 :::* LISTEN 18775/homebridge
tcp6 0 0 :::36213 :::* LISTEN 18775/homebridge
tcp6 0 0 :::46741 :::* LISTEN 18775/homebridge
tcp6 0 0 :::53 :::* LISTEN 18142/named
tcp6 0 0 :::21 :::* LISTEN 16909/proftpd: (acc
tcp6 0 0 :::22 :::* LISTEN 364/dropbear
tcp6 0 0 :::37943 :::* LISTEN 18775/homebridge
tcp6 0 0 :::38263 :::* LISTEN 18775/homebridge
tcp6 0 0 :::33111 :::* LISTEN 18775/homebridge
tcp6 0 0 :::37591 :::* LISTEN 18775/homebridge
tcp6 0 0 :::40025 :::* LISTEN 18775/homebridge
tcp6 0 0 :::45561 :::* LISTEN 18775/homebridge
tcp6 0 0 :::39707 :::* LISTEN 18775/homebridge
tcp6 0 0 :::39005 :::* LISTEN 18775/homebridge
tcp6 0 0 :::39039 :::* LISTEN 18775/homebridge
tcp6 0 0 :::36479 :::* LISTEN 18775/homebridge
raspb1
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 1227/mosquitto
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1377/perl
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 344/dropbear
tcp6 0 0 :::1883 :::* LISTEN 1227/mosquitto
tcp6 0 0 :::43747 :::* LISTEN 383/homebridge
tcp6 0 0 :::46405 :::* LISTEN 383/homebridge
tcp6 0 0 :::37063 :::* LISTEN 383/homebridge
tcp6 0 0 :::33519 :::* LISTEN 383/homebridge
tcp6 0 0 :::8080 :::* LISTEN 2233/homebridge-con
tcp6 0 0 :::51825 :::* LISTEN 383/homebridge
tcp6 0 0 :::21 :::* LISTEN 1215/proftpd: (acce
tcp6 0 0 :::22 :::* LISTEN 344/dropbear
sorriso93
on 28 Jun 2018
@sorriso93
Appears the process is running fine on RPi 3, I assume this is the device with the issue?
Try connecting an openVPN client to the RPi 3 as per the online doc: http://dietpi.com/phpbb/viewtopic.php?f=8&t=5&p=613#p613
You should see this from the following command cat /run/openvpn/server.status on RPi 3
root@DietPi:~# cat /run/openvpn/server.status
OpenVPN CLIENT LIST
Updated,Thu Jun 28 20:33:38 2018
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
DietPi_OpenVPN_Client,192.168.0.23:59539,7669,3383,Thu Jun 28 20:33:29 2018
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.6,DietPi_OpenVPN_Client,192.168.0.23:59539,Thu Jun 28 20:33:29 2018
GLOBAL STATS
Max bcast/mcast queue length,0
END
Marking as closed, unable to replicate in our testing: https://github.com/Fourdee/DietPi/issues/1450#issuecomment-401148565
Please reopen if required.
Fourdee
on 29 Jun 2018
root@DP-HOMEBRIDGE:~# cat /run/openvpn/server.status
cat: /run/openvpn/server.status: No such file or directory
root@DP-HOMEBRIDGE:~# systemctl status openvpn
โ openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor preset: enabled)
Active: active (exited) since Sat 2018-06-30 01:17:03 CEST; 1 day 22h ago
Process: 495 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 495 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/openvpn.service
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
root@DP-HOMEBRIDGE:~# cat /run/openvpn/server.status
cat: /run/openvpn/server.status: No such file or directory
root@DP-HOMEBRIDGE:~#
sorriso93
on 2 Jul 2018
Related issues
oshank
ยท
3Comments
bhaveshgohel
ยท
3Comments
Fourdee
ยท
3Comments
1021683053
ยท
3Comments
Invictaz
ยท
3Comments
Most helpful comment
@k-plan
https://github.com/Fourdee/DietPi/issues/1430
Tested PiVPN, aside from https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362666554 https://github.com/Fourdee/DietPi/issues/1450#issuecomment-362626872 (which I believe is out of our control), installs and configures fine.