Hi, I don't know why this didn't fail before, but since you are chroot'ing openvpn in /etc/openvpn, a tmp/ dir there could be necessary. Not a bug, but a requirement due to your settings.
Regards, Alberto On Mon, Nov 24, 2014 at 01:52:30PM +0100, Adrián Arévalo Tirado wrote: > That's the strange thing. I have nothing related to "dir" in my > server.conf, so it must be something related to an upgrade: > > chroot /etc/openvpn > > # Which local IP address should OpenVPN > # listen on? (optional) > ;local a.b.c.d > > port 1194 > > # TCP or UDP server? > ;proto tcp > proto udp > > ;dev tap > dev tun > > ;dev-node MyTap > > ca /etc/openvpn/scripts/keys/ca.crt > cert /etc/openvpn/scripts/keys/servidor.crt > key /etc/openvpn/scripts/keys/servidor.key # This file should be kept > secret > > # Diffie hellman parameters. > # Generate your own with: > # openssl dhparam -out dh1024.pem 1024 > # Substitute 2048 for 1024 if you are using > # 2048 bit keys. > dh /etc/openvpn/scripts/keys/dh1024.pem > > server 10.8.0.0 255.255.255.0 > > ifconfig-pool-persist /var/log/openvpn/ipp.txt > > push "route 192.168.0.0 255.255.255.0" > ;push "route 192.168.20.0 255.255.255.0" > > push "redirect-gateway def1" > > # Certain Windows-specific network settings > # can be pushed to clients, such as DNS > # or WINS server addresses. CAVEAT: > # http://openvpn.net/faq.html#dhcpcaveats > push "dhcp-option DNS 8.8.8.8" > push "dhcp-option DNS 8.8.4.4" > ;push "dhcp-option WINS 8.8.4.4" > > keepalive 10 120 > > tls-auth /etc/openvpn/scripts/keys/ta.key 0 # This file is secret > > cipher AES-256-CBC > > comp-lzo > > max-clients 2 > > user nobody > group nobody > cipher AES-256-CBC > # The persist options will try to avoid > # accessing certain resources on restart > # that may no longer be accessible because > # of the privilege downgrade. > persist-key > persist-tun > > # Output a short status file showing > # current connections, truncated > # and rewritten every minute. > status /var/log/openvpn/openvpn-status.log > > log-append /var/log/openvpn/openvpn.log > > # Set the appropriate level of log > # file verbosity. > # > # 0 is silent, except for fatal errors > # 4 is reasonable for general usage > # 5 and 6 can help to debug connection problems > # 9 is extremely verbose > verb 3 > > # Silence repeating messages. At most 20 > # sequential messages of the same message > # category will be output to the log. > mute 10 > > > > > Enviado con MailTrack > <https://mailtrack.io/trace/link/4f698ed4d8079620ac074b95295a6a4900c5a334> > > 2014-11-24 13:22 GMT+01:00 Alberto Gonzalez Iniesta <[email protected]>: > > > Hi, > > > > Did you specify a "tmp-dir" option on your configuration file? > > By default it should use /tmp, /etc shouldn't be used for tmp... > > > > Regards, > > > > Alberto > > > > > > On Mon, Nov 24, 2014 at 11:35:03AM +0100, Adrian wrote: > > > Package: openvpn > > > Version: 2.3.4-4 > > > Severity: minor > > > > > > I have discovered by chance today that I get this message in the openvpn > > log > > > and it won't start: > > > > > > "Options error: Temporary directory (--tmp-dir) fails with > > '/etc/openvpn//tmp': > > > No such file or directory" > > > > > > The workaround to fix this is as easy as: mkdir /etc/openvpn/tmp > > > > > > But, if it is needed, why it is not created automatically in the upgrade? > > > > > > > > > > > > -- System Information: > > > Debian Release: jessie/sid > > > APT prefers testing > > > APT policy: (500, 'testing') > > > Architecture: amd64 (x86_64) > > > > > > Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) > > > Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) > > > Shell: /bin/sh linked to /bin/dash > > > > > > Versions of packages openvpn depends on: > > > ii debconf [debconf-2.0] 1.5.53 > > > ii init-system-helpers 1.21 > > > ii initscripts 2.88dsf-58 > > > ii iproute2 3.16.0-2 > > > ii libc6 2.19-13 > > > ii liblzo2-2 2.08-1 > > > ii libpam0g 1.1.8-3.1 > > > ii libpkcs11-helper1 1.11-2 > > > ii libssl1.0.0 1.0.1j-1 > > > > > > Versions of packages openvpn recommends: > > > ii easy-rsa 2.2.2-1 > > > > > > Versions of packages openvpn suggests: > > > ii openssl 1.0.1j-1 > > > pn resolvconf <none> > > > > > > -- debconf information: > > > openvpn/create_tun: false > > > > -- > > Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico > > mailto/sip: [email protected] | en GNU/Linux y software libre > > Encrypted mail preferred | http://inittab.com > > > > Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55 > > -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico mailto/sip: [email protected] | en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
