Package: openvpn
Version: 2.2.1-1
Severity: grave
Justification: renders package unusable
Since upgrade from 2.2.0-2 to 2.2.1-1, openvpn fails to start.
/var/log/daemon.log:
TUN/TAP device tun-openvpn opened
do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
ip link set dev tun-openvpn up mtu 1500
Linux ip link set failed: could not execute external program
Exiting
I did not find why. An strace shows:
execve("ip", ["ip", "link", "set", "dev", "tun-openvpn", "up", "mtu", "1500"],
[/* 17 vars */]) = -1 ENOENT (No such file or directory)
But from the shell, the exact same command works. I thought that maybe
the PATH is modified in a bad way, but in /etc/init.d/openvpn and the
strace I don't find anything touching the PATH.
# ls -l /bin/ip /sbin/ip
-rwxr-xr-x 1 root root 229296 6 jui 2010 /bin/ip
lrwxrwxrwx 1 root root 7 14 déc 17:18 /sbin/ip -> /bin/ip
-- System Information:
Debian Release: 6.0.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable'), (200, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openvpn depends on:
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii libc6 2.13-23 Embedded GNU C Library: Shared lib
ii liblzo2-2 2.03-2 data compression library
ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l
ii libpkcs11-helper1 1.07-1 library that simplifies the intera
ii libssl1.0.0 1.0.0e-3 SSL shared libraries
ii net-tools 1.60-23 The NET-3 networking toolkit
openvpn recommends no packages.
Versions of packages openvpn suggests:
ii openssl 0.9.8o-4squeeze4 Secure Socket Layer (SSL) binary a
pn resolvconf <none> (no description available)
-- Configuration Files:
/etc/init.d/openvpn changed:
. /lib/lsb/init-functions
test $DEBIAN_SCRIPT_DEBUG && set -v -x
DAEMON=/usr/sbin/openvpn
DESC="virtual private network daemon"
CONFIG_DIR=/etc/openvpn
test -x $DAEMON || exit 0
test -d $CONFIG_DIR || exit 0
AUTOSTART="all"
STATUSREFRESH=10
OMIT_SENDSIGS=0
if test -e /etc/default/openvpn ; then
. /etc/default/openvpn
fi
start_vpn () {
if grep -q '^[ ]*daemon' $CONFIG_DIR/$NAME.conf ; then
# daemon already given in config file
DAEMONARG=
else
# need to daemonize
DAEMONARG="--daemon ovpn-$NAME"
fi
if grep -q '^[ ]*status ' $CONFIG_DIR/$NAME.conf ; then
# status file already given in config file
STATUSARG=""
elif test $STATUSREFRESH -eq 0 ; then
# default status file disabled in /etc/default/openvpn
STATUSARG=""
else
# prepare default status file
STATUSARG="--status /var/run/openvpn.$NAME.status $STATUSREFRESH"
fi
log_progress_msg "$NAME"
STATUS=0
start-stop-daemon --start --quiet --oknodo \
--pidfile /var/run/openvpn.$NAME.pid \
--exec $DAEMON -- $OPTARGS --writepid /var/run/openvpn.$NAME.pid \
$DAEMONARG $STATUSARG --cd $CONFIG_DIR \
--config $CONFIG_DIR/$NAME.conf || STATUS=1
[ "$OMIT_SENDSIGS" -ne 0 ] && ln -s /var/run/openvpn.$NAME.pid
/run/sendsigs.omit.d/openvpn.$NAME.pid
}
stop_vpn () {
kill `cat $PIDFILE` || true
rm -f $PIDFILE
[ "$OMIT_SENDSIGS" -ne 0 ] && rm -f /run/sendsigs.omit.d/openvpn.$NAME.pid
rm -f /var/run/openvpn.$NAME.status 2> /dev/null
}
case "$1" in
start)
log_daemon_msg "Starting $DESC"
# autostart VPNs
if test -z "$2" ; then
# check if automatic startup is disabled by AUTOSTART=none
if test "x$AUTOSTART" = "xnone" -o -z "$AUTOSTART" ; then
log_warning_msg " Autostart disabled."
exit 0
fi
if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
# all VPNs shall be started automatically
for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
NAME=${CONFIG%%.conf}
start_vpn
done
else
# start only specified VPNs
for NAME in $AUTOSTART ; do
if test -e $CONFIG_DIR/$NAME.conf ; then
start_vpn
else
log_failure_msg "No such VPN: $NAME"
STATUS=1
fi
done
fi
#start VPNs from command line
else
while shift ; do
[ -z "$1" ] && break
if test -e $CONFIG_DIR/$1.conf ; then
NAME=$1
start_vpn
else
log_failure_msg " No such VPN: $1"
STATUS=1
fi
done
fi
log_end_msg ${STATUS:-0}
;;
stop)
log_daemon_msg "Stopping $DESC"
if test -z "$2" ; then
for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
NAME=`echo $PIDFILE | cut -c18-`
NAME=${NAME%%.pid}
stop_vpn
log_progress_msg "$NAME"
done
else
while shift ; do
[ -z "$1" ] && break
if test -e /var/run/openvpn.$1.pid ; then
PIDFILE=`ls /var/run/openvpn.$1.pid 2> /dev/null`
NAME=`echo $PIDFILE | cut -c18-`
NAME=${NAME%%.pid}
stop_vpn
log_progress_msg "$NAME"
else
log_failure_msg " (failure: No such VPN is running: $1)"
fi
done
fi
log_end_msg 0
;;
reload|force-reload)
log_daemon_msg "Reloading $DESC"
for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
NAME=`echo $PIDFILE | cut -c18-`
NAME=${NAME%%.pid}
if egrep '^[[:blank:]]*user[[:blank:]]' $CONFIG_DIR/$NAME.conf > /dev/null
2>&1 ; then
stop_vpn
sleep 1
start_vpn
log_progress_msg "(restarted)"
else
kill -HUP `cat $PIDFILE` || true
log_progress_msg "$NAME"
fi
done
log_end_msg 0
;;
soft-restart)
log_daemon_msg "$DESC sending SIGUSR1"
for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
NAME=`echo $PIDFILE | cut -c18-`
NAME=${NAME%%.pid}
kill -USR1 `cat $PIDFILE` || true
log_progress_msg "$NAME"
done
log_end_msg 0
;;
restart)
shift
$0 stop ${@}
sleep 1
$0 start ${@}
;;
cond-restart)
log_daemon_msg "Restarting $DESC."
for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
NAME=`echo $PIDFILE | cut -c18-`
NAME=${NAME%%.pid}
stop_vpn
sleep 1
start_vpn
done
log_end_msg 0
;;
status)
GLOBAL_STATUS=0
if test -z "$2" ; then
# We want status for all defined VPNs.
# Returns success if all autostarted VPNs are defined and running
if test "x$AUTOSTART" = "xnone" ; then
# Consider it a failure if AUTOSTART=none
log_warning_msg "No VPN autostarted"
GLOBAL_STATUS=1
else
if ! test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
# Consider it a failure if one of the autostarted VPN is not defined
for VPN in $AUTOSTART ; do
if ! test -f $CONFIG_DIR/$VPN.conf ; then
log_warning_msg "VPN '$VPN' is in AUTOSTART but is not defined"
GLOBAL_STATUS=1
fi
done
fi
fi
for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
NAME=${CONFIG%%.conf}
# Is it an autostarted VPN ?
if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
AUTOVPN=1
else
if test "x$AUTOSTART" = "xnone" ; then
AUTOVPN=0
else
AUTOVPN=0
for VPN in $AUTOSTART; do
if test "x$VPN" = "x$NAME" ; then
AUTOVPN=1
fi
done
fi
fi
if test "x$AUTOVPN" = "x1" ; then
# If it is autostarted, then it contributes to global status
status_of_proc -p /var/run/openvpn.${NAME}.pid openvpn "VPN '${NAME}'"
|| GLOBAL_STATUS=1
else
status_of_proc -p /var/run/openvpn.${NAME}.pid openvpn "VPN '${NAME}'
(non autostarted)" || true
fi
done
else
# We just want status for specified VPNs.
# Returns success if all specified VPNs are defined and running
while shift ; do
[ -z "$1" ] && break
NAME=$1
if test -e $CONFIG_DIR/$NAME.conf ; then
# Config exists
status_of_proc -p /var/run/openvpn.${NAME}.pid openvpn "VPN '${NAME}'"
|| GLOBAL_STATUS=1
else
# Config does not exist
log_warning_msg "VPN '$NAME': missing $CONFIG_DIR/$NAME.conf file !"
GLOBAL_STATUS=1
fi
done
fi
exit $GLOBAL_STATUS
;;
*)
echo "Usage: $0
{start|stop|reload|restart|force-reload|cond-restart|soft-restart|status}" >&2
exit 1
;;
esac
exit 0
-- debconf information:
openvpn/vulnerable_prng:
openvpn/create_tun: false
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
