systemd service oddness with openvpn

To: debian-user@lists.debian.org
Subject: systemd service oddness with openvpn
From: Richard Hector <richard@walnut.gen.nz>
Date: Tue, 7 Nov 2023 12:41:24 +1300
Message-id: <[🔎] f2b81859-74bd-4a9b-ae32-fc26434f227b@walnut.gen.nz>

Hi all,

I have a machine that runs as an openvpn server. It works fine; the VPNstays up.


However, after running for a while, I get these repeatedly in syslog:

Nov 07 12:17:24 ovpn2 openvpn[213741]: Options error: In [CMD-LINE]:1:Error opening configuration file: opvn2.conf

Nov 07 12:17:24 ovpn2 openvpn[213741]: Use --help for more information.

Nov 07 12:17:24 ovpn2 systemd[1]: openvpn-server@opvn2.service: Mainprocess exited, code=exited, status=1/FAILURENov 07 12:17:24 ovpn2 systemd[1]: openvpn-server@opvn2.service: Failedwith result 'exit-code'.Nov 07 12:17:24 ovpn2 systemd[1]: Failed to startopenvpn-server@opvn2.service - OpenVPN service for opvn2.Nov 07 12:17:29 ovpn2 openvpn[213770]: Options error: In [CMD-LINE]:1:Error opening configuration file: opvn2.conf

Nov 07 12:17:29 ovpn2 openvpn[213770]: Use --help for more information.

Nov 07 12:17:29 ovpn2 systemd[1]: openvpn-server@opvn2.service: Mainprocess exited, code=exited, status=1/FAILURENov 07 12:17:29 ovpn2 systemd[1]: openvpn-server@opvn2.service: Failedwith result 'exit-code'.Nov 07 12:17:29 ovpn2 systemd[1]: Failed to startopenvpn-server@opvn2.service - OpenVPN service for opvn2.


This is the openvpn-server@.service:

[Unit]
Description=OpenVPN service for %I
After=network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO

[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/server

ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log--status-version 2 --suppress-timestamps --config %i.confCapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICECAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOTCAP_DAC_OVERRIDE CAP_AUDIT_WRITE

LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure

[Install]
WantedBy=multi-user.target

And this is my override.conf:

[Service]
ExecStart=

ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log--status-version 2 --config %i.conf


(because I want timestamps)

As I say, the VPN is functioning, and systemctl status shows it's running.

Why would it firstly think it needs starting, and secondly fail to doso? The config file /etc/openvpn/server/ovpn2.conf file which it "failsto open" hasn't gone away ...


Any tips?

Note the machine is quite low powered; it's an old HP thin client. Butthis is all it does, and it seems to perform adequately.


Thanks,
Richard

Reply to:

Follow-Ups:
- Re: systemd service oddness with openvpn
  - From: Richard Hector <richard@walnut.gen.nz>
- Re: systemd service oddness with openvpn
  - From: Richard Hector <richard@walnut.gen.nz>

Prev by Date: Re: On folders vs. directories and history [was: how to compare...]
Next by Date: local (lan) mirror - release not supported error
Previous by thread: Re: sound cards locked, No Host
Next by thread: Re: systemd service oddness with openvpn
Index(es):
- Date
- Thread