Mailinglist Archive: opensuse-bugs (4652 mails)

< Previous Next >
[Bug 1044785] New: openvpn with NetworkManager crashes on renegotiation
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Sat, 17 Jun 2017 00:54:20 +0000
  • Message-id: <>

Bug ID: 1044785
Summary: openvpn with NetworkManager crashes on renegotiation
Classification: openSUSE
Product: openSUSE Tumbleweed
Version: Current
Hardware: x86-64
OS: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Network
Assignee: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
Reporter: banderson19com@xxxxxxxxxx
QA Contact: qa-bugs@xxxxxxx
Found By: ---
Blocker: ---

Running Tumbleweed updated current as of 6-14-2017. Created an openvpn
connection using the NetworkManager KDE applet. The connection starts properly
and runs for an hour or so until a renegotiation occurs at which time openvpn
crashes with the error:
ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)

The command NetworkManager issues to start openvpn is:

/usr/sbin/openvpn --remote 1197 udp --comp-lzo yes --nobind
--dev tun --cipher AES-256-CBC --auth-nocache --remote-cert-tls server
--reneg-sec 0 --verb 1 --syslog nm-openvpn --script-security 2 --up
/usr/lib/nm-openvpn-service-openvpn-helper --debug 0 3261 --bus-name
org.freedesktop.NetworkManager.openvpn.Connection_4 --tun -- --up-restart
--persist-key --persist-tun --management
/var/run/NetworkManager/nm-openvpn-ff470881-4027-4585-97df-197b5e83b16d unix
--management-client-user root --management-client-group root
--management-query-passwords --auth-retry interact --route-noexec
--ifconfig-noexec --client --ca /etc/openvpn/ca.crt --cert
/etc/openvpn/client.crt --key /etc/openvpn/client.key --user nm-openvpn --group

Hacking nm-openvpn-service to remove the --user and --group command line
arguments sent to openvpn causes the link to be maintained across the
renegotiation process but then it runs as root.

/dev/net/tun is owned by root with read/write permission for everyone. I have
tried changing ownership of it before starting the vpn link but it is reset to
root ownership when NetworkManager starts the service.

You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
This Thread
  • No further messages