Currently, I get the error:
Code: Select all
AUTH-PAM: BACKGROUND: user 'john' failed to authenticate: System error
10.21.43.233:50183 PLUGIN_CALL: POST /usr/lib/openvpn/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1
10.21.43.233:50183 PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib/openvpn/openvpn-plugin-auth-pam.so
10.21.43.233:50183 TLS Auth Error: Auth Username/Password verification failed for peer
Code: Select all
openvpn: PAM audit_log_acct_message() failed: Operation not permitted
proto udp
dev tun0
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.21.44.0 255.255.255.0
ifconfig-pool-persist /var/local/openvpn/ipp.txt
push "route 10.21.42.0 255.255.255.0"
push "route 93.93.129.77 255.255.255.255"
push "route 46.235.225.158 255.255.255.255"
route 10.21.45.0 255.255.255.0
push "dhcp-option DNS 10.21.44.1"
push "dhcp-option DOMAIN ctg.local"
duplicate-cn
push "ping-restart 0"
comp-lzo
user openvpn
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
verb 3
crl-verify crl.pem
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so openvpn
account required pam_unix.so debug
Code: Select all
# saslauthd -d -a pam -m /var/run/saslauthd &
# testsaslauthd -u john -p ******** -s openvpn
saslauthd[3357] :released accept lock
saslauthd[3367] :acquired accept lock
saslauthd[3357] :auth success: [user=john] [service=openvpn] [realm=] [mech=pam]
saslauthd[3357] :response: OK
0: OK "Success."
It seems that the 'Operation not permitted' error is then being reported by openvpn as a 'System error', but I don't know what I can do next to debug this any further.