Hi, I'm building a possible fix right now, but I don't have a amd64
running sid. Could you build the package just adding this option to the
configure command in debian/rules?:
--with-iproute-path=/bin/ip
Thanks. And sorry for the mess.
On Tue, Dec 20, 2011 at 07:02:05AM +0100, Lionel Elie Mamane wrote:
> Package: openvpn
> Version: 2.2.1-1
> Severity: grave
> Justification: renders package unusable
>
> Since upgrade from 2.2.0-2 to 2.2.1-1, openvpn fails to start.
> /var/log/daemon.log:
>
> TUN/TAP device tun-openvpn opened
> do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
> ip link set dev tun-openvpn up mtu 1500
> Linux ip link set failed: could not execute external program
> Exiting
>
> I did not find why. An strace shows:
>
> execve("ip", ["ip", "link", "set", "dev", "tun-openvpn", "up", "mtu",
> "1500"], [/* 17 vars */]) = -1 ENOENT (No such file or directory)
>
> But from the shell, the exact same command works. I thought that maybe
> the PATH is modified in a bad way, but in /etc/init.d/openvpn and the
> strace I don't find anything touching the PATH.
>
> # ls -l /bin/ip /sbin/ip
> -rwxr-xr-x 1 root root 229296 6 jui 2010 /bin/ip
> lrwxrwxrwx 1 root root 7 14 déc 17:18 /sbin/ip -> /bin/ip
>
>
> -- System Information:
> Debian Release: 6.0.3
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'stable'), (200, 'unstable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores)
> Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages openvpn depends on:
> ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management
> sy
> ii libc6 2.13-23 Embedded GNU C Library: Shared
> lib
> ii liblzo2-2 2.03-2 data compression library
> ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules
> l
> ii libpkcs11-helper1 1.07-1 library that simplifies the
> intera
> ii libssl1.0.0 1.0.0e-3 SSL shared libraries
> ii net-tools 1.60-23 The NET-3 networking toolkit
>
> openvpn recommends no packages.
>
> Versions of packages openvpn suggests:
> ii openssl 0.9.8o-4squeeze4 Secure Socket Layer (SSL) binary
> a
> pn resolvconf <none> (no description available)
>
> -- Configuration Files:
> /etc/init.d/openvpn changed:
> . /lib/lsb/init-functions
> test $DEBIAN_SCRIPT_DEBUG && set -v -x
> DAEMON=/usr/sbin/openvpn
> DESC="virtual private network daemon"
> CONFIG_DIR=/etc/openvpn
> test -x $DAEMON || exit 0
> test -d $CONFIG_DIR || exit 0
> AUTOSTART="all"
> STATUSREFRESH=10
> OMIT_SENDSIGS=0
> if test -e /etc/default/openvpn ; then
> . /etc/default/openvpn
> fi
> start_vpn () {
> if grep -q '^[ ]*daemon' $CONFIG_DIR/$NAME.conf ; then
> # daemon already given in config file
> DAEMONARG=
> else
> # need to daemonize
> DAEMONARG="--daemon ovpn-$NAME"
> fi
> if grep -q '^[ ]*status ' $CONFIG_DIR/$NAME.conf ; then
> # status file already given in config file
> STATUSARG=""
> elif test $STATUSREFRESH -eq 0 ; then
> # default status file disabled in /etc/default/openvpn
> STATUSARG=""
> else
> # prepare default status file
> STATUSARG="--status /var/run/openvpn.$NAME.status $STATUSREFRESH"
> fi
> log_progress_msg "$NAME"
> STATUS=0
> start-stop-daemon --start --quiet --oknodo \
> --pidfile /var/run/openvpn.$NAME.pid \
> --exec $DAEMON -- $OPTARGS --writepid /var/run/openvpn.$NAME.pid \
> $DAEMONARG $STATUSARG --cd $CONFIG_DIR \
> --config $CONFIG_DIR/$NAME.conf || STATUS=1
> [ "$OMIT_SENDSIGS" -ne 0 ] && ln -s /var/run/openvpn.$NAME.pid
> /run/sendsigs.omit.d/openvpn.$NAME.pid
> }
> stop_vpn () {
> kill `cat $PIDFILE` || true
> rm -f $PIDFILE
> [ "$OMIT_SENDSIGS" -ne 0 ] && rm -f /run/sendsigs.omit.d/openvpn.$NAME.pid
> rm -f /var/run/openvpn.$NAME.status 2> /dev/null
> }
> case "$1" in
> start)
> log_daemon_msg "Starting $DESC"
> # autostart VPNs
> if test -z "$2" ; then
> # check if automatic startup is disabled by AUTOSTART=none
> if test "x$AUTOSTART" = "xnone" -o -z "$AUTOSTART" ; then
> log_warning_msg " Autostart disabled."
> exit 0
> fi
> if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
> # all VPNs shall be started automatically
> for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
> NAME=${CONFIG%%.conf}
> start_vpn
> done
> else
> # start only specified VPNs
> for NAME in $AUTOSTART ; do
> if test -e $CONFIG_DIR/$NAME.conf ; then
> start_vpn
> else
> log_failure_msg "No such VPN: $NAME"
> STATUS=1
> fi
> done
> fi
> #start VPNs from command line
> else
> while shift ; do
> [ -z "$1" ] && break
> if test -e $CONFIG_DIR/$1.conf ; then
> NAME=$1
> start_vpn
> else
> log_failure_msg " No such VPN: $1"
> STATUS=1
> fi
> done
> fi
> log_end_msg ${STATUS:-0}
> ;;
> stop)
> log_daemon_msg "Stopping $DESC"
> if test -z "$2" ; then
> for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
> NAME=`echo $PIDFILE | cut -c18-`
> NAME=${NAME%%.pid}
> stop_vpn
> log_progress_msg "$NAME"
> done
> else
> while shift ; do
> [ -z "$1" ] && break
> if test -e /var/run/openvpn.$1.pid ; then
> PIDFILE=`ls /var/run/openvpn.$1.pid 2> /dev/null`
> NAME=`echo $PIDFILE | cut -c18-`
> NAME=${NAME%%.pid}
> stop_vpn
> log_progress_msg "$NAME"
> else
> log_failure_msg " (failure: No such VPN is running: $1)"
> fi
> done
> fi
> log_end_msg 0
> ;;
> reload|force-reload)
> log_daemon_msg "Reloading $DESC"
> for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
> NAME=`echo $PIDFILE | cut -c18-`
> NAME=${NAME%%.pid}
> if egrep '^[[:blank:]]*user[[:blank:]]' $CONFIG_DIR/$NAME.conf >
> /dev/null 2>&1 ; then
> stop_vpn
> sleep 1
> start_vpn
> log_progress_msg "(restarted)"
> else
> kill -HUP `cat $PIDFILE` || true
> log_progress_msg "$NAME"
> fi
> done
> log_end_msg 0
> ;;
> soft-restart)
> log_daemon_msg "$DESC sending SIGUSR1"
> for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
> NAME=`echo $PIDFILE | cut -c18-`
> NAME=${NAME%%.pid}
> kill -USR1 `cat $PIDFILE` || true
> log_progress_msg "$NAME"
> done
> log_end_msg 0
> ;;
> restart)
> shift
> $0 stop ${@}
> sleep 1
> $0 start ${@}
> ;;
> cond-restart)
> log_daemon_msg "Restarting $DESC."
> for PIDFILE in `ls /var/run/openvpn.*.pid 2> /dev/null`; do
> NAME=`echo $PIDFILE | cut -c18-`
> NAME=${NAME%%.pid}
> stop_vpn
> sleep 1
> start_vpn
> done
> log_end_msg 0
> ;;
> status)
> GLOBAL_STATUS=0
> if test -z "$2" ; then
> # We want status for all defined VPNs.
> # Returns success if all autostarted VPNs are defined and running
> if test "x$AUTOSTART" = "xnone" ; then
> # Consider it a failure if AUTOSTART=none
> log_warning_msg "No VPN autostarted"
> GLOBAL_STATUS=1
> else
> if ! test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
> # Consider it a failure if one of the autostarted VPN is not defined
> for VPN in $AUTOSTART ; do
> if ! test -f $CONFIG_DIR/$VPN.conf ; then
> log_warning_msg "VPN '$VPN' is in AUTOSTART but is not defined"
> GLOBAL_STATUS=1
> fi
> done
> fi
> fi
> for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
> NAME=${CONFIG%%.conf}
> # Is it an autostarted VPN ?
> if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
> AUTOVPN=1
> else
> if test "x$AUTOSTART" = "xnone" ; then
> AUTOVPN=0
> else
> AUTOVPN=0
> for VPN in $AUTOSTART; do
> if test "x$VPN" = "x$NAME" ; then
> AUTOVPN=1
> fi
> done
> fi
> fi
> if test "x$AUTOVPN" = "x1" ; then
> # If it is autostarted, then it contributes to global status
> status_of_proc -p /var/run/openvpn.${NAME}.pid openvpn "VPN
> '${NAME}'" || GLOBAL_STATUS=1
> else
> status_of_proc -p /var/run/openvpn.${NAME}.pid openvpn "VPN '${NAME}'
> (non autostarted)" || true
> fi
> done
> else
> # We just want status for specified VPNs.
> # Returns success if all specified VPNs are defined and running
> while shift ; do
> [ -z "$1" ] && break
> NAME=$1
> if test -e $CONFIG_DIR/$NAME.conf ; then
> # Config exists
> status_of_proc -p /var/run/openvpn.${NAME}.pid openvpn "VPN
> '${NAME}'" || GLOBAL_STATUS=1
> else
> # Config does not exist
> log_warning_msg "VPN '$NAME': missing $CONFIG_DIR/$NAME.conf file !"
> GLOBAL_STATUS=1
> fi
> done
> fi
> exit $GLOBAL_STATUS
> ;;
> *)
> echo "Usage: $0
> {start|stop|reload|restart|force-reload|cond-restart|soft-restart|status}" >&2
> exit 1
> ;;
> esac
> exit 0
>
>
> -- debconf information:
> openvpn/vulnerable_prng:
> openvpn/create_tun: false
>
--
Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred | http://inittab.com
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
