http://bugzilla.suse.com/show_bug.cgi?id=1142830 http://bugzilla.suse.com/show_bug.cgi?id=1142830#c6 Reinhard Max <max@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #6 from Reinhard Max <max@suse.com> --- (In reply to Jon Brightwell from comment #5)

openvpn changes itself to nobody after initialisation. I'm wondering if a reload tries to open those files after it has switched to nobody.

Switching to nobody happens at startup after reading these files. This step cannot be reversed, so reload has no other chance than trying to read those files as nobody (or whatever user openvpn was told to switch to). This is also documented with the --persist-key option in the openvpn manual. I see two possible ways for you to get around this: 1. Configure openvpn to switch to a user different from nobody and make the config and key files readable for that user. This of course comes with a certain security risk, because an attacker that hijacks the openvpn process might be able to read these files. 2. Use restart instead of reload when you have changed the config file. -- You are receiving this mail because: You are on the CC list for the bug.