OVPN-Client, conflict in update-resolv-conf when system is starting

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
blacksun
OpenVpn Newbie
Posts: 4
Joined: Sun Sep 20, 2020 6:51 pm

OVPN-Client, conflict in update-resolv-conf when system is starting

Post by blacksun » Sun Jul 04, 2021 8:57 am

Hello,

i am using OVPN 2.5.1 as Client on Raspian.
The OVPN-Client is starting as systemd-service when system is starting. OVPN is running as root
The client has a network connection over WiFi. Wifi is configured via wpa_supplicant.

At the end of the OVPN-config, there is the following entries:

Code: Select all

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
That's ok because the push DNS-Servers should become the first one which system is using after established the VPN

The Script update-resolv-conf itself is starting the script
/sbin/resolvconf

In this script, it will try to kill a process with "kill".
In my case, this cause a conflict with the upcoming Wifi-Connection.
The result is that the systemd-service will fail starting

Log:

Code: Select all

Exiting due to fatal error
WARNING: Failed running command (--up/--down): external program exited with error status: 1
/sbin/resolvconf: 31: kill: Operation not permitted
dhcp-option DNS 192.168.3.102
My investigation until now:
1) when I comment out up and down script for update-resolv-conf, systemd-service starts without any errors when system is starting
2) when I restart systemd-service manually after booting finished, the OVPN-client including update-resolv-conf works.

So I suppose there is a conflict with the upcoming Wifi-Connection and systemd-service of OVPN is starting.

What can I do so solve this problem?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OVPN-Client, conflict in update-resolv-conf when system is starting

Post by TinCanTech » Sun Jul 04, 2021 10:33 pm

For educational reasons, can you please share with us your version of these files:
  • update-resolv-conf
  • The OVPN-Client is starting as systemd-service

Post Reply