Hi This is the thread which shows the current question: https://forums.openvpn.net/topic20458.html
This is the example we have followed: https://openvpn.net/index.php/open-source/documentation/howto.html#security Scroll down to: Unprivileged mode (Linux only) There is also a debian bug report (From the forum thread): https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792653 But as I am fairly green to Linux I cannot verify it's validity. I have set this up on Debian and it works properly with systemd on: Linux *mypc* 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u1 (2015-12-14) x86_64 GNU/Linux But according to the OP of the thread, it does not work with Fedora 23.VPS The basic gist is: using a non root user to "sudo systemctl start openvpn@server.service" fails There are lots of details in the thread. However, the reason I am posting here on the list is due to this trac: https://community.openvpn.net/openvpn/ticket/405 On trac dazo says: Does your configuration/init script make use of --daemon? If so, then the behaviour is kind of expected. During the forking and daemonizing, openvpn will do a 'cd /'. Another trap can be if --chroot is used as well. As systemd unit files do make use of --cd and --daemon I was wondering if the two problems are somehow related. This is my working systemd unit file ##### [Unit] Description=OpenVPN connection to penguin server :D Requires=network-online.target After=network-online.target [Service] ## I added this for testing .. the docs say it should be =yes .. but it works with =true PrivateTmp=true Type=forking # using GIT master ExecStart=/usr/local/sbin/openvpn --cd /etc/openvpn --config /etc/openvpn/penguins_cpf_s3.conf --daemon git_openvpn@penguins_cpf_s3 # official repo # ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/penguins_cpf_s3.conf --daemon repo_openvpn@penguins_cpf_s3 --writepid /run/openvpn@penguins_$ PIDFile=/run/openvpn@penguins_cpf_s3.pid [Install] WantedBy=multi-user.target ##### Everything is detailed in the thread and I have double checked and more. If you need further details please let me know. Thanks ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
