Re: [Openvpn-users] logs entries not as openvpn user

Wed, 17 Sep 2025 16:20:30 -0700 

Hi Dan,

On 08/09/2025 23:28, Dan Langille wrote:

On Mon, Sep 8, 2025, at 4:38 PM, Gert Doering wrote:

Hi,

On Mon, Sep 08, 2025 at 04:24:48PM -0400, Dan Langille wrote:

I'm using openvpn-2.6.14 on FreeBSD 14.2

I've noticed these log entries:

Sep  8 18:32:02 gw01 openvpn[63572]: pro06.int.example.org/10.0.0.10:64601 
OPTIONS IMPORT: reading client specific options from: 
/usr/local/etc/openvpn/ccd/pro06.int.example.org
Sep  8 18:32:02 gw01 foo[38754]: pro06.int.example.org connected with IP 
10.0.0.10
Sep  8 18:32:02 gw01 openvpn[63572]: pro06.int.example.org/10.0.0.10:64601 
OPTIONS IMPORT: reading client specific options from: 
/tmp/openvpn_cc_7e069917a782727053dbfb713ff7e3d6.tmp

Why would the second entry be running as user foo?

Ignore my previous mail, I was assuming "this is an openvpn log prefix",
but that's on the other side of "name[pid]:".

So this is from a different process than openvpn (pid=63572).  No idea
what is running there - do a "ps axwu |grep 38754" to find out...

The processes appear to be short-lived. I think I know why:

client-connect    /usr/local/sbin/serverlocal-events.sh
client-disconnect /usr/local/sbin/serverlocal-events.sh


# ls -l /usr/local/sbin/serverlocal-events.sh
-rwxr-xr-x  1 root wheel 395 Sep  5 19:22 /usr/local/sbin/serverlocal-events.sh

# cat /usr/local/sbin/serverlocal-events.sh
#!/bin/sh

# Taken fromhttps://forums.openvpn.net/viewtopic.php?t=43899

# Executed on the server side for client connect and disconnect events.

# Log client connect or disconnect event with IP address

case "$script_type" in
   client-connect)
     logger "$common_name connected with IP $trusted_ip"
     ;;

   client-disconnect)
     logger "$common_name disconnected with IP $trusted_ip"
esac

That's the script which produces the foo entry. I see no reason for it to run 
as foo.



does your openvpn configuration file itself contains an entry similar to

  user foo
  group foo
?  when the client-connect script is run, OpenVPN has switched to whatever user you specify there. 

HTH,

JJK

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

























					Reply via email to