Comments (12)
That is not what seems to be the issue:
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# ls -al /usr/bin/openvpn-auth-oauth2
-rwxr-xr-x 1 root root 11963024 Mar 3 13:33 /usr/bin/openvpn-auth-oauth2
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# dpkg -i /tmp/openvpn-auth-oauth2_1.19.3_linux_amd64.deb
(Reading database ... 132755 files and directories currently installed.)
Preparing to unpack .../openvpn-auth-oauth2_1.19.3_linux_amd64.deb ...
Unpacking openvpn-auth-oauth2 (1.19.3) over (1.19.1) ...
Setting up openvpn-auth-oauth2 (1.19.3) ...
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# ls -al /usr/bin/openvpn-auth-oauth2
-rwxr-xr-x 1 root root 10285316 Mar 23 09:41 /usr/bin/openvpn-auth-oauth2
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# systemctl stop openvpn@server && systemctl restart openvpn-auth-oauth2 && systemctl start openvpn@server
HANGS^C
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# journalctl -flu openvpn-auth-oauth2 --no-pager
Mar 25 11:16:45 shared-hub-vpn-gateway systemd[1]: openvpn-auth-oauth2.service: Scheduled restart job, restart counter is at 3.
Mar 25 11:16:45 shared-hub-vpn-gateway systemd[1]: Stopped OpenVPN authenticator.
Mar 25 11:16:45 shared-hub-vpn-gateway systemd[1]: Started OpenVPN authenticator.
Mar 25 11:16:46 shared-hub-vpn-gateway systemd[67594]: openvpn-auth-oauth2.service: Failed to execute /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 25 11:16:46 shared-hub-vpn-gateway systemd[67594]: openvpn-auth-oauth2.service: Failed at step EXEC spawning /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 25 11:16:46 shared-hub-vpn-gateway systemd[1]: openvpn-auth-oauth2.service: Main process exited, code=exited, status=203/EXEC
from openvpn-auth-oauth2.
Isn't there a executable bit on /usr/bin/openvpn-auth-oauth2
?
from openvpn-auth-oauth2.
I have to change the build a bit to preserve the compatibility with FreeBSD. It seems like I'm hitting some systemd shenanigans here.
from openvpn-auth-oauth2.
I have some issues with reproducing the issue. Do you have AppArmor enabled on Ubuntu? Are you seen some denies? On my system, AppArmor denies are visible inside audit log, reachable via dmesg
.
Can you also verify, that systemctl status openvpn-auth-oauth2
shows loaded (/lib/systemd/system/openvpn-auth-oauth2.service
and ls -lah /etc/systemd/system/openvpn-auth-oauth2*
returns nothing?
from openvpn-auth-oauth2.
This particular example is coming from a fairly straightforward VM in GCP. We did not change (or install) anything related to AppArmor. I do however see some AppArmor messages, but not related to VPN.
from openvpn-auth-oauth2.
hi, I also encountered the same problem. OS: debian12
# openvpn-auth-oauth2 --version
version: 1.19.3
commit: b12ec01f5325f8c21845fe3c524ae48e0e8c597b
date: 2024-03-23T09:46:38Z
go: go1.22.1
# which openvpn-auth-oauth2
/usr/bin/openvpn-auth-oauth2
# systemctl status openvpn-auth-oauth2
○ openvpn-auth-oauth2.service - OpenVPN authenticator
Loaded: loaded (/lib/systemd/system/openvpn-auth-oauth2.service; disabled; preset: enabled)
Active: inactive (dead)
Docs: https://github.com/jkroepke/openvpn-auth-oauth2
Mar 28 17:54:39 PC systemd[1]: openvpn-auth-oauth2.service: Main process exited, code=exited, status=203/EXEC
Mar 28 17:54:39 PC systemd[1]: openvpn-auth-oauth2.service: Failed with result 'exit-code'.
Mar 28 17:54:44 PC systemd[1]: openvpn-auth-oauth2.service: Scheduled restart job, restart counter is at 21.
Mar 28 17:54:44 PC systemd[1]: Stopped openvpn-auth-oauth2.service - OpenVPN authenticator.
Mar 28 17:54:44 PC systemd[1]: Started openvpn-auth-oauth2.service - OpenVPN authenticator.
Mar 28 17:54:44 PC (h-oauth2)[49352]: openvpn-auth-oauth2.service: Failed to execute /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 28 17:54:44 PC (h-oauth2)[49352]: openvpn-auth-oauth2.service: Failed at step EXEC spawning /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 28 17:54:44 PC systemd[1]: openvpn-auth-oauth2.service: Main process exited, code=exited, status=203/EXEC
Mar 28 17:54:44 PC systemd[1]: openvpn-auth-oauth2.service: Failed with result 'exit-code'.
# ls -lah /etc/systemd/system/openvpn-auth-oauth2*
ls: cannot access '/etc/systemd/system/openvpn-auth-oauth2*': No such file or directory
from openvpn-auth-oauth2.
I have only a arm64 machine with Ubuntu 22.04 where the issue may not happen. Seems like there is an newer Feature at Debian 12.
from openvpn-auth-oauth2.
I was able to reproduce the issue.
from openvpn-auth-oauth2.
Could you please check this release? https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0-rc.1
from openvpn-auth-oauth2.
Could you please check this release? https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0-rc.1
This version can execute openvpn-auth-oauth2, but I encountered new problems when systemctl start openvpn-auth-oauth2, open TLS file permission denied.
Mar 29 11:07:11 PC openvpn-auth-oauth2[57919]: time=2024-03-29T11:07:11.858+08:00 level=ERROR msg="error http listener: tls.LoadX509KeyPair: open /etc/openvpn-auth-oauth2/server.crt: permission denied"
# ls -al /etc/openvpn-auth-oauth2/server.crt
-rw-r--r-- 1 root openvpn-auth-oauth2 3632 Mar 28 17:47 /etc/openvpn-auth-oauth2/server.crt
from openvpn-auth-oauth2.
After got access to an real VM, i could identify additional bugs.
https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0-rc.3 should work now.
from openvpn-auth-oauth2.
Fixed in https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0
from openvpn-auth-oauth2.
Related Issues (20)
- id_token not recognized HOT 3
- Viscosity WebAuth connection failed HOT 8
- Multiple OpenVPN services running on VM HOT 6
- Google consent screen always asking for permission grant (View Cloud Identity Groups) everytime we connect HOT 6
- Systemd Unit Fails to Read Config HOT 11
- openvpn连接openvpn-auth-oauth2+casdoor报错 HOT 1
- Missing Groups claim if user has a lot of groups (>100) HOT 5
- openvpn-auth-oauth Where's the log HOT 1
- ERROR msg="OpenVPN: unable to connect to openvpn management interface: invalid password" HOT 2
- Please normal tutorial... :/ nothing works HOT 15
- Using native HTTPS support HOT 3
- Run https directly HOT 7
- openvpn the client restarts abnormally. Procedure HOT 5
- Management Interface ???? HOT 1
- The openvpn log is faulty. Procedure HOT 7
- The re-authentication of openvpn HOT 20
- Incorrect documentation HOT 1
- The openvpn recertification problem occurs HOT 3
- Documentation: Azure oauth2 scope must include "openid" HOT 1
- Documentation: Missing OAuth2 scopes required for group validation (Google Workspace) HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openvpn-auth-oauth2.