systemd service oddness with openvpn

Mon, 06 Nov 2023 15:57:19 -0800 

Hi all,
I have a machine that runs as an openvpn server. It works fine; the VPN stays up. 

However, after running for a while, I get these repeatedly in syslog:


Nov 07 12:17:24 ovpn2 openvpn[213741]: Options error: In [CMD-LINE]:1: 
Error opening configuration file: opvn2.conf

Nov 07 12:17:24 ovpn2 openvpn[213741]: Use --help for more information.

Nov 07 12:17:24 ovpn2 systemd[1]: openvpn-server@opvn2.service: Main 
process exited, code=exited, status=1/FAILURE
Nov 07 12:17:24 ovpn2 systemd[1]: openvpn-server@opvn2.service: Failed 
with result 'exit-code'.
Nov 07 12:17:24 ovpn2 systemd[1]: Failed to start 
openvpn-server@opvn2.service - OpenVPN service for opvn2.
Nov 07 12:17:29 ovpn2 openvpn[213770]: Options error: In [CMD-LINE]:1: 
Error opening configuration file: opvn2.conf

Nov 07 12:17:29 ovpn2 openvpn[213770]: Use --help for more information.

Nov 07 12:17:29 ovpn2 systemd[1]: openvpn-server@opvn2.service: Main 
process exited, code=exited, status=1/FAILURE
Nov 07 12:17:29 ovpn2 systemd[1]: openvpn-server@opvn2.service: Failed 
with result 'exit-code'.
Nov 07 12:17:29 ovpn2 systemd[1]: Failed to start 
openvpn-server@opvn2.service - OpenVPN service for opvn2.


This is the openvpn-server@.service:

[Unit]
Description=OpenVPN service for %I
After=network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO

[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/server

ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log 
--status-version 2 --suppress-timestamps --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOT 
CAP_DAC_OVERRIDE CAP_AUDIT_WRITE

LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure

[Install]
WantedBy=multi-user.target

And this is my override.conf:

[Service]
ExecStart=

ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log 
--status-version 2 --config %i.conf


(because I want timestamps)

As I say, the VPN is functioning, and systemctl status shows it's running.


Why would it firstly think it needs starting, and secondly fail to do 
so? The config file /etc/openvpn/server/ovpn2.conf file which it "fails 
to open" hasn't gone away ...


Any tips?


Note the machine is quite low powered; it's an old HP thin client. But 
this is all it does, and it seems to perform adequately.


Thanks,
Richard























					Reply via email to