Giter Club home page Giter Club logo

Comments (12)

Pionerd avatar Pionerd commented on September 22, 2024 1

That is not what seems to be the issue:

root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# ls -al /usr/bin/openvpn-auth-oauth2 
-rwxr-xr-x 1 root root 11963024 Mar  3 13:33 /usr/bin/openvpn-auth-oauth2
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# dpkg -i /tmp/openvpn-auth-oauth2_1.19.3_linux_amd64.deb 
(Reading database ... 132755 files and directories currently installed.)
Preparing to unpack .../openvpn-auth-oauth2_1.19.3_linux_amd64.deb ...
Unpacking openvpn-auth-oauth2 (1.19.3) over (1.19.1) ...
Setting up openvpn-auth-oauth2 (1.19.3) ...
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# ls -al /usr/bin/openvpn-auth-oauth2 
-rwxr-xr-x 1 root root 10285316 Mar 23 09:41 /usr/bin/openvpn-auth-oauth2
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# systemctl stop openvpn@server && systemctl restart openvpn-auth-oauth2 && systemctl start openvpn@server
HANGS^C
root@shared-hub-vpn-gateway:/etc/openvpn-auth-oauth2# journalctl -flu openvpn-auth-oauth2 --no-pager
Mar 25 11:16:45 shared-hub-vpn-gateway systemd[1]: openvpn-auth-oauth2.service: Scheduled restart job, restart counter is at 3.
Mar 25 11:16:45 shared-hub-vpn-gateway systemd[1]: Stopped OpenVPN authenticator.
Mar 25 11:16:45 shared-hub-vpn-gateway systemd[1]: Started OpenVPN authenticator.
Mar 25 11:16:46 shared-hub-vpn-gateway systemd[67594]: openvpn-auth-oauth2.service: Failed to execute /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 25 11:16:46 shared-hub-vpn-gateway systemd[67594]: openvpn-auth-oauth2.service: Failed at step EXEC spawning /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 25 11:16:46 shared-hub-vpn-gateway systemd[1]: openvpn-auth-oauth2.service: Main process exited, code=exited, status=203/EXEC

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

Isn't there a executable bit on /usr/bin/openvpn-auth-oauth2?

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

I have to change the build a bit to preserve the compatibility with FreeBSD. It seems like I'm hitting some systemd shenanigans here.

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

I have some issues with reproducing the issue. Do you have AppArmor enabled on Ubuntu? Are you seen some denies? On my system, AppArmor denies are visible inside audit log, reachable via dmesg.

Can you also verify, that systemctl status openvpn-auth-oauth2 shows loaded (/lib/systemd/system/openvpn-auth-oauth2.service and ls -lah /etc/systemd/system/openvpn-auth-oauth2* returns nothing?

from openvpn-auth-oauth2.

Pionerd avatar Pionerd commented on September 22, 2024

This particular example is coming from a fairly straightforward VM in GCP. We did not change (or install) anything related to AppArmor. I do however see some AppArmor messages, but not related to VPN.

from openvpn-auth-oauth2.

xzcccc avatar xzcccc commented on September 22, 2024

hi, I also encountered the same problem. OS: debian12

# openvpn-auth-oauth2 --version
version: 1.19.3
commit: b12ec01f5325f8c21845fe3c524ae48e0e8c597b
date: 2024-03-23T09:46:38Z
go: go1.22.1

# which openvpn-auth-oauth2 
/usr/bin/openvpn-auth-oauth2

# systemctl status openvpn-auth-oauth2
○ openvpn-auth-oauth2.service - OpenVPN authenticator
     Loaded: loaded (/lib/systemd/system/openvpn-auth-oauth2.service; disabled; preset: enabled)
     Active: inactive (dead)
       Docs: https://github.com/jkroepke/openvpn-auth-oauth2

Mar 28 17:54:39 PC systemd[1]: openvpn-auth-oauth2.service: Main process exited, code=exited, status=203/EXEC
Mar 28 17:54:39 PC systemd[1]: openvpn-auth-oauth2.service: Failed with result 'exit-code'.
Mar 28 17:54:44 PC systemd[1]: openvpn-auth-oauth2.service: Scheduled restart job, restart counter is at 21.
Mar 28 17:54:44 PC systemd[1]: Stopped openvpn-auth-oauth2.service - OpenVPN authenticator.
Mar 28 17:54:44 PC systemd[1]: Started openvpn-auth-oauth2.service - OpenVPN authenticator.
Mar 28 17:54:44 PC (h-oauth2)[49352]: openvpn-auth-oauth2.service: Failed to execute /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 28 17:54:44 PC (h-oauth2)[49352]: openvpn-auth-oauth2.service: Failed at step EXEC spawning /usr/bin/openvpn-auth-oauth2: Permission denied
Mar 28 17:54:44 PC systemd[1]: openvpn-auth-oauth2.service: Main process exited, code=exited, status=203/EXEC
Mar 28 17:54:44 PC systemd[1]: openvpn-auth-oauth2.service: Failed with result 'exit-code'.


# ls -lah /etc/systemd/system/openvpn-auth-oauth2*
ls: cannot access '/etc/systemd/system/openvpn-auth-oauth2*': No such file or directory

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

I have only a arm64 machine with Ubuntu 22.04 where the issue may not happen. Seems like there is an newer Feature at Debian 12.

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

I was able to reproduce the issue.

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

Could you please check this release? https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0-rc.1

from openvpn-auth-oauth2.

xzcccc avatar xzcccc commented on September 22, 2024

Could you please check this release? https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0-rc.1

This version can execute openvpn-auth-oauth2, but I encountered new problems when systemctl start openvpn-auth-oauth2, open TLS file permission denied.

Mar 29 11:07:11 PC openvpn-auth-oauth2[57919]: time=2024-03-29T11:07:11.858+08:00  level=ERROR msg="error http listener: tls.LoadX509KeyPair: open /etc/openvpn-auth-oauth2/server.crt: permission denied"

# ls -al /etc/openvpn-auth-oauth2/server.crt
-rw-r--r-- 1 root openvpn-auth-oauth2 3632 Mar 28 17:47 /etc/openvpn-auth-oauth2/server.crt

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

After got access to an real VM, i could identify additional bugs.

https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0-rc.3 should work now.

from openvpn-auth-oauth2.

jkroepke avatar jkroepke commented on September 22, 2024

Fixed in https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.20.0

from openvpn-auth-oauth2.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.