WARNING: Failed running command (--up/--down): external prog

[m.tufail]

Hello experts

I am running OpenVPN Server on Ubuntu 14.0.4 server in Azure with a OpenWRT AP as OpenVPN client. The .config file (on the server) includes a script to add route - which unfortunately is failing:

Nov 13 17:23:02 UbuntuSrvr daemon.notice ovpn-ppcode_openvpn[1681]: /etc/openvpn/ppcode.up tun0 1500 1545 172.27.224.1 172.27.224.2 init
Nov 13 17:23:02 UbuntuSrvr daemon.err ovpn-ppcode_openvpn[1681]: WARNING: Failed running command (--up/--down): could not execute external program
Nov 13 17:23:02 UbuntuSrvr daemon.notice ovpn-ppcode_openvpn[1681]: Exiting due to fatal error


The tunnel comes up fine as I comment the script (highlighted below):

script-security 2
# Use a dynamic tun device.
dev tun
# 172.27.224.1 is our local VPN endpoint (OpenVPNSrvr).
# 172.27.224.2 is our remote VPN endpoint (gl-inet WRT AP).
ifconfig 172.27.224.1 172.27.224.2
# up script will establish routes once the VPN is alive.
up /etc/openvpn/ppcode.up

And here is the ppcode.up file:

#!/sbin/bash
# add route to houwels network via VPN end-point of WRT
route add -net 192.168.8.0 netmask 255.255.255.0 gw $5

I have been searching the help on the forum and found discussions like the one below:
topic9431.html

But it has not helped my case. I have added "script-security 2" in the .config file, but in vain.

Could some one help, appreciate it,

Thanks

[Traffic]

Please post your complete config file.

Read this post as well:
topic20251.html

Just to be sure:

And here is the ppcode.up file:

#!/sbin/bash

mayby: #!/bin/bash ?

[m.tufail]

Thanks for your reply - I did try it earlier and tried it again as:

moss@UbuntuSrvr:/etc/openvpn$ cat ppcode.up
#!/bin/bash
# add route to houwels network via VPN end-point of WRT
route add -net 192.168.8.0 netmask 255.255.255.0 gw $5


But in vain - ran into the same error message below:

Nov 20 09:20:51 UbuntuSrvr daemon.err ovpn-ppcode_openvpn[1668]: WARNING: Failed running command (--up/--down): could not execute external program
Nov 20 09:20:51 UbuntuSrvr daemon.notice ovpn-ppcode_openvpn[1668]: Exiting due to fatal error


Could this be due to file ownership mismatch? The "ppcode_openvpn.conf" and ""ppcode.up" have root as owner and group where I am logged in as user "moss". (since this is a Azure VM, I can't be logged in as "root").

moss@UbuntuSrvr:/etc/openvpn$ ls -al
total 24
drwxr-xr-x 2 root root 4096 Nov 13 16:20 .
drwxr-xr-x 108 root root 4096 Nov 20 08:27 ..
-rw-rw-rw- 1 root root 1270 Nov 20 09:21 ppcode_openvpn.conf
-rw------- 1 root root 636 Nov 2 08:35 ppcode_static.key
-rwxr-xr-x 1 root root 128 Nov 16 14:34 ppcode.up
-rwxr-xr-x 1 root root 1301 Dec 1 2014 update-resolv-conf


Thanks in advance for your help,

[TiTex]

if you are running your ovpn server as root , then it's not an issue
check your server config for entries
user
group

that would indicate that your are dropping privileges after server initialization , also try setting 0777 permission for the script , which will make it world rwx and if that way your vpn starts without issues than you know it's a permission issue