Page MenuHomeVyOS Platform
Create Task
Maniphest T2065

VyOS 1.3 Don't set daemon in openvpn-{intf}.conf file
Closed, ResolvedPublicBUG
Actions

Description

Small feature request for VyOS 1.3 that now sets all the configuration options in a openvpn-{intf}.conf file.
It also sets daemon openvpn-{intf} in the config file, which makes it harder for debugging if you want to test the configuration manually by running:

sudo openvpn --config /opt/vyatta/etc/openvpn/openvpn-vtun0.conf

If daemon was specified in the config it would run as a daemon immediately and the output is logged to syslog. If it's not defined you will see stdout and stderr which is what you would expect.

I request the following change in /usr/libexec/vyos/conf_mode/interfaces-openvpn.py:

  1. Don't write daemon to openvpn config file by removing it from the Jinja template
  2. Start OpenVPN using openvpn --daemon openvpn-{intf} --config /opt/vyatta/etc/openvpn/openvpn-{intf}.conf eg:
# No matching OpenVPN process running - maybe it got killed or none
# existed - nevertheless, spawn new OpenVPN process
cmd  = 'start-stop-daemon --start --quiet'
cmd += ' --pidfile ' + pidfile
cmd += ' --exec /usr/sbin/openvpn'
# now pass arguments to openvpn binary
cmd += ' --'
cmd += ' --daemon openvpn-' + openvpn['intf']
cmd += ' --config ' + get_config_name(openvpn['intf'])

Details

Difficulty level
Easy (less than an hour)
Version
VyOS 1.3-rolling-202002190654
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

yun created this task.Feb 23 2020, 10:33 AM
yun changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
yun changed Version from - to VyOS 1.3-rolling-202002190654.
syncer assigned this task to c-po.Feb 23 2020, 10:37 AM
syncer triaged this task as Normal priority.
syncer changed the subtype of this task from "Feature Request" to "Bug".
c-po closed this task as Resolved.Feb 23 2020, 6:53 PM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Mar 1 2020, 10:37 AM
yun reopened this task as Open.Mar 9 2020, 10:42 AM

Thanks for the quick fix c-po, I noticed this also needs to be fixed in /usr/libexec/vyos/op_mode/reset_openvpn.py in case someone runs for example:

$ reset openvpn interface vtun0
pasik added a subscriber: pasik.Mar 9 2020, 12:38 PM
c-po closed this task as Resolved.Mar 9 2020, 6:58 PM
erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 5:33 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:04 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.