** Description changed: Actual result: When VPN client tries to reconnect it fails. Expected result: When VPN client tries to reconnect it should reconnect sucessfully. Steps to Reproduce: - 1. Use GNOME’s NetworkManager GUI to import a .ovpn file. + 1. Use GNOME’s NetworkManager GUI to import a .ovpn file. (Zaborona VPN in my case. https://zaborona.help/openvpn-client-config/srv0.zaborona-help-TCP_maxroutes.ovpn). - 2. Connect to the VPN. - 3. Verify that routes are present. ("ip route show dev tun0") - 4. Wait wait wait for a reconnect. (I use this command to notice changes 'journalctl --follow --no-tail --since "1 hour ago"') - 5. Verify that routes are NOT present. ("ip route show dev tun0") + 2. In VPN's connection settings (Settings => Network => VPN) "IPv4" tab enable "Use this connection only for resources on its network". + 3. Connect to the VPN. + 4. Verify that routes are present. ("ip route show dev tun0") + 5. Wait wait wait for a reconnect. (I use this command to notice changes 'journalctl --follow --no-tail --since "1 hour ago"') + 6. Verify that routes are NOT present. ("ip route show dev tun0") I have Ubuntu 25.04. Clean Ubuntu 25.04 install in GNOME Boxes reproduces the issue. apt-cache policy network-manager-openvpn => 1.12.0-2 - ChatGPT suggestion below: 🧩 Root Cause: DBus Policy Rejection on Reconnect At the heart of it is this: - The nm-openvpn-service-openvpn-helper process (running as nm- + The nm-openvpn-service-openvpn-helper process (running as nm- openvpn) tries to call privileged DBus methods like SetConfig and SetIp4Config, but gets rejected. This breaks route injection and IP configuration on reconnect. 🧠 Why It Works on First Connect but Not Reconnect - Initial connect: NetworkManager launches OpenVPN itself and has full + Initial connect: NetworkManager launches OpenVPN itself and has full DBus access. Everything works. - Reconnect (after ping-restart): OpenVPN restarts internally and + Reconnect (after ping-restart): OpenVPN restarts internally and invokes the helper, which runs as a sandboxed user (nm-openvpn). That user lacks DBus permissions to reconfigure the VPN plugin.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2116000 Title: network-manager-openvpn fails to reapply routes after reconnect due to DBus permission denial To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/2116000/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
