Public bug reported:
OpenVPN will not reload due to misconfigured .service file
You remove CAP_KILL (by not listing it in CapabilityBoundingSet).
OpenVPN should be configured to drop privileges, which means that it
will no longer be running as root, while kill is running with root,
which means CAP_KILL is required to send a signal. It either needs to be
listed in CapabilityBoundingSet, or (preferably) "ExecReload=/bin/kill
-HUP $MAINPID" needs to become "ExecReload=+/bin/kill -HUP $MAINPID"
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: openvpn 2.4.4-2ubuntu1.3
ProcVersionSignature: Ubuntu 4.15.0-91.92-generic 4.15.18
Uname: Linux 4.15.0-91-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.12
Architecture: amd64
Date: Thu Mar 19 10:48:18 2020
InstallationDate: Installed on 2018-05-02 (686 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openvpn
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.openvpn.update-resolv-conf: [deleted]
** Affects: openvpn (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1868127
Title:
OpenVPN will not reload due to misconfigured .service file
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1868127/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
