Odd auth script failure or openvpn vs selinux

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).
OpenVpn Newbie
Posts: 4
Joined: Fri Jul 05, 2013 6:23 pm

Odd auth script failure or openvpn vs selinux

Postby mlasevich » Fri Nov 21, 2014 6:44 am

I am adding a custom auth script to my openvpn setup and running into a really odd thing. The script is failing with:

Code: Select all

WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 1

The odd part is that if I start openvpn using exact same command line args from command line manually, it works.

I suspect this may be something to do with selinux, but there is absolutely nothing out of the ordinary inside audit log.
Scratch that, I KNOW it has something to do with selinux as when I turn it off, it works. But without anything in the logs I am at a loss what to try. Any ideas? Any way to get more information about what is failing?

Here is the relevant config section:

Code: Select all

auth-user-pass-verify /etc/openvpn/authenticate via-env
script-security 3 execve
chroot /var/run/openvpn/chroot

Return to “Authentication Scripts”

Who is online

Users browsing this forum: No registered users and 1 guest