root@moysalsrv:~# zonecfg -z vpnzone info zonename: vpnzone zonepath: /zones/vpnzone brand: ipkg autoboot: true bootargs: pool: limitpriv: default scheduling-class: ip-type: exclusive hostid: fs-allowed: net: address not specified allowed-address not specified physical: vpninternal0 defrouter not specified net: address not specified allowed-address not specified physical: vpnvnic0 defrouter not specified device: match: /dev/lockstat device: match: /dev/tun*
... this is for a "client" rather than for a "server", but hopefully this will give you some mileage. Jon On Mon, 21 Jan 2019 at 08:30, Jonathan Adams <t12nsloo...@gmail.com> wrote: > I know in the past that I had to pass through specific dev interfaces. > I'll take a look when I get to work, as I think we still have one box set > up that way. > Jon > > On Mon, 21 Jan 2019 07:46 Alexander Pyhalov via oi-dev < > oi-dev@openindiana.org wrote: > >> Hi. >> I suppose some of the privileges mentioned in >> /lib/svc/manifest/network/openvpn.xml are not available in zone (look at >> method_credential section). >> >> С уважением, >> Александр Пыхалов, >> программист отдела телекоммуникационной инфраструктуры >> управления информационно-коммуникационной инфраструктуры ЮФУ >> >> >> ________________________________________ >> От: Sven Schmeling <sven.schmel...@schmeling-ol.de> >> Отправлено: 18 января 2019 г. 23:36:17 >> Кому: OpenIndiana Developer mailing >> Тема: [oi-dev] OpenVPN in a local zone >> >> Hello, >> >> i have installed OpenVPN in a local zone. >> >> Starting the service with "svcadm enable svc:/network/openvpn:default" >> (or rebooting the zone) ends in the maintenance mode: >> >> # svcs openvpn >> STATE STIME FMRI >> maintenance 19:46:37 svc:/network/openvpn:default >> >> cat /var/svc/log/network-openvpn:default.log >> >> [ Jan 18 19:46:37 Enabled. ] >> [ Jan 18 19:46:37 Executing start method ("/usr/sbin/openvpn --daemon >> openvpn --config '/etc/openvpn/openvpn.conf'"). ] >> [ Jan 18 19:46:37 svc.startd could not set context for method: ] >> setppriv: Not owner >> [ Jan 18 19:46:37 Method "start" exited with status 96. ] >> >> Hints to add "limitpriv="default,priv_net_rawaccess" to the zone config >> are maded but doesn't change the behavior. >> >> Starting openvpn with "/usr/sbin/openvpn --verb 9 --config >> '/etc/openvpn/openvpn.conf'" on the command line works fine and >> connections are possible. >> >> >> Any hints about the "setppriv" error? >> >> -------------- >> >> pkg info openvpn >> Name: network/openvpn >> Summary: OpenVPN is a full-featured open source SSL VPN solution >> Category: Applications/Internet >> State: Installed >> Publisher: openindiana.org >> Version: 2.4.3 >> Branch: 2018.0.0.1 >> Packaging Date: Sun Feb 11 13:19:38 2018 >> Size: 1.19 MB >> FMRI: >> pkg://openindiana.org/network/openvpn@2.4.3-2018.0.0.1:20180211T131938Z >> Project URL: http://openvpn.net >> Source URL: >> http://swupdate.openvpn.org/community/releases/openvpn-2.4.3.tar.xz >> >> -------------- >> >> Thanks >> >> Sven Schmeling >> >> >> - -- >> Sven Schmeling, Oldenburg, Germany >> mailto:sven.schmel...@schmeling-ol.de >> >> >> >> >> >> _______________________________________________ >> oi-dev mailing list >> oi-dev@openindiana.org >> https://openindiana.org/mailman/listinfo/oi-dev > >
_______________________________________________ oi-dev mailing list oi-dev@openindiana.org https://openindiana.org/mailman/listinfo/oi-dev