Odd auth script failure or openvpn vs selinux

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).
Post Reply
mlasevich
OpenVpn Newbie
Posts: 4
Joined: Fri Jul 05, 2013 6:23 pm

Odd auth script failure or openvpn vs selinux

Post by mlasevich » Fri Nov 21, 2014 6:44 am

I am adding a custom auth script to my openvpn setup and running into a really odd thing. The script is failing with:

Code: Select all

WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 1
The odd part is that if I start openvpn using exact same command line args from command line manually, it works.

I suspect this may be something to do with selinux, but there is absolutely nothing out of the ordinary inside audit log.
Scratch that, I KNOW it has something to do with selinux as when I turn it off, it works. But without anything in the logs I am at a loss what to try. Any ideas? Any way to get more information about what is failing?

Here is the relevant config section:

Code: Select all

auth-user-pass-verify /etc/openvpn/authenticate via-env
script-security 3 execve
chroot /var/run/openvpn/chroot

Post Reply