Root Permission Restart
Posted: Mon Nov 22, 2010 8:33 am
Hi there,
I've enjoyed OpenVPN for many years now, but there is something that seems to cause persistent problems.
If a user and group are specified then the openvpn daemon will change to this user once it's finished configuring itself. If the daemon then runs into trouble it will attempt to restart itself. Unless it has been very carefully configured it will be unable to access necessary files, add/remove routes or allocate a tun interface.
It seems to me that if the daemon instead configured itself, forked and then had the new process drop root then the parent process could restart with sufficient permissions.
Thanks
I've enjoyed OpenVPN for many years now, but there is something that seems to cause persistent problems.
If a user and group are specified then the openvpn daemon will change to this user once it's finished configuring itself. If the daemon then runs into trouble it will attempt to restart itself. Unless it has been very carefully configured it will be unable to access necessary files, add/remove routes or allocate a tun interface.
It seems to me that if the daemon instead configured itself, forked and then had the new process drop root then the parent process could restart with sufficient permissions.
Thanks