problem loading up script with systemctl centos 7

Scripts to manage certificates or generate config files

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
houssam
OpenVpn Newbie
Posts: 2
Joined: Sun Nov 13, 2016 10:15 pm

problem loading up script with systemctl centos 7

Post by houssam » Sun Nov 13, 2016 10:26 pm

Hi

i am having an issue running openvpn with systemctl in centos 7 as a service

when i try running it directly it loads fine

[root@OpenProxy ~]# openvpn /etc/openvpn/server_sitesite.conf
Sun Nov 13 22:19:02 2016 OpenVPN 2.3.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Aug 23 2016
Sun Nov 13 22:19:02 2016 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Sun Nov 13 22:19:02 2016 WARNING: You have disabled Replay Protection (--no-repl ay) which may make OpenVPN less secure
Sun Nov 13 22:19:02 2016 WARNING: You have disabled Crypto IVs (--no-iv) which m ay make OpenVPN less secure
Sun Nov 13 22:19:02 2016 NOTE: the current --script-security setting may allow t his configuration to call user-defined scripts
Sun Nov 13 22:19:02 2016 ******* WARNING *******: null MAC specified, no authent ication will be used
Sun Nov 13 22:19:02 2016 WARNING: file '/etc/openvpn/keys/site1.key' is group or others accessible
Sun Nov 13 22:19:02 2016 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bi t key
Sun Nov 13 22:19:02 2016 WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size.
Sun Nov 13 22:19:02 2016 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bi t key
Sun Nov 13 22:19:02 2016 WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size.
Sun Nov 13 22:19:02 2016 Socket Buffers: R=[87380->87380] S=[16384->16384]
Sun Nov 13 22:19:02 2016 TUN/TAP device tap0 opened
Sun Nov 13 22:19:02 2016 TUN/TAP TX queue length set to 100
Sun Nov 13 22:19:02 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Nov 13 22:19:02 2016 /usr/sbin/ip link set dev tap0 up mtu 1500
Sun Nov 13 22:19:02 2016 /usr/sbin/ip addr add dev tap0 85.13.250.31/32 broadcas t 85.13.250.31
Sun Nov 13 22:19:02 2016 /etc/openvpn/scripts/client_1_up tap0 1500 1543 85.13.2 50.31 255.255.255.255 init
Sun Nov 13 22:19:02 2016 Listening for incoming TCP connection on [undef]



when i try loading it using systemctl

[root@OpenProxy ~]# systemctl start openvpn@server_sitesite.service
[root@OpenProxy ~]# systemctl status openvpn@server_sitesite.service -l
● openvpn@server_sitesite.service - OpenVPN Robust And Highly Flexible Tunneling Application On server_sitesite
Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled; vendor pre set: disabled)
Active: failed (Result: exit-code) since Sun 2016-11-13 22:21:53 GMT; 17s ago
Process: 6371 ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn /%i.pid --cd /etc/openvpn/ --config %i.conf (code=exited, status=0/SUCCESS)
Main PID: 6373 (code=exited, status=1/FAILURE)

Nov 13 22:21:53 OpenProxy openvpn[6373]: do_ifconfig, tt->ipv6=0, tt->did_ifconf ig_ipv6_setup=0
Nov 13 22:21:53 OpenProxy openvpn[6373]: /usr/sbin/ip link set dev tap0 up mtu 1 500
Nov 13 22:21:53 OpenProxy openvpn[6373]: /usr/sbin/ip addr add dev tap0 85.13.25 0.31/32 broadcast 85.13.250.31
Nov 13 22:21:53 OpenProxy openvpn[6373]: /etc/openvpn/scripts/client_1_up tap0 1 500 1543 85.13.250.31 255.255.255.255 init
Nov 13 22:21:53 OpenProxy systemd[1]: Started OpenVPN Robust And Highly Flexible Tunneling Application On server_sitesite.
Nov 13 22:21:53 OpenProxy openvpn[6373]: WARNING: Failed running command (--up/- -down): external program exited with error status: 1
Nov 13 22:21:53 OpenProxy openvpn[6373]: Exiting due to fatal error
Nov 13 22:21:53 OpenProxy systemd[1]: openvpn@server_sitesite.service: main proc ess exited, code=exited, status=1/FAILURE
Nov 13 22:21:53 OpenProxy systemd[1]: Unit openvpn@server_sitesite.service enter ed failed state.
Nov 13 22:21:53 OpenProxy systemd[1]: openvpn@server_sitesite.service failed.


help is appreciated
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: problem loading up script with systemctl centos 7

Post by TinCanTech » Mon Nov 14, 2016 1:23 pm

Please see:
HOWTO: Request Help !
Top
houssam
OpenVpn Newbie
Posts: 2
Joined: Sun Nov 13, 2016 10:15 pm

Re: problem loading up script with systemctl centos 7

Post by houssam » Mon Nov 14, 2016 8:49 pm

problem solved by removing latest openvpn and installing 2.3.6-1

thanks a lot
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: problem loading up script with systemctl centos 7

Post by TinCanTech » Mon Nov 14, 2016 9:24 pm

houssam wrote:installing 2.3.6-1
  • :geek: :?:

Code: Select all

[root@centOS7 ~]# cat /proc/version
Linux version 3.10.0-327.36.3.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) ) #1 SMP Mon Oct 24 16:09:20 UTC 2016

Code: Select all

[root@centOS7 ~]# openvpn --version
OpenVPN 2.3.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Aug 23 2016
library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Top
Post Reply

Return to “Cert / Config management”