CHBMB Posted January 11, 2017 Share Posted January 11, 2017 I went from having this setup and working to not, and this is the only thing that I can find in the docker log. I ran new permissions this didnt work. Any ideas? ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied Well I think it's safe to say there's a permissions issue. Can you do a ls -la on the directory and post the results here? In general new permissions isn't a good idea on appdata. Quote Link to comment
jcreynoldsii Posted January 12, 2017 Share Posted January 12, 2017 I went from having this setup and working to not, and this is the only thing that I can find in the docker log. I ran new permissions this didnt work. Any ideas? ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied Well I think it's safe to say there's a permissions issue. Can you do a ls -la on the directory and post the results here? In general new permissions isn't a good idea on appdata. root@BennySRV:/mnt/user/Config/openvpn-as/scripts# ls -la total 140 drwxrwxrwx 1 nobody users 4096 Oct 7 17:24 ./ drwxrwxrwx 1 nobody users 201 Oct 10 15:15 ../ -rw-rw-rw- 1 nobody users 406 Oct 7 17:24 authcli -rw-rw-rw- 1 nobody users 403 Oct 7 17:24 bridge -rw-rw-rw- 1 nobody users 406 Oct 7 17:24 certool -rw-rw-rw- 1 nobody users 406 Oct 7 17:24 confdba -rw-rw-rw- 1 nobody users 2737 Oct 7 17:24 db-update-1.8 -rw-rw-rw- 1 nobody users 400 Oct 7 17:24 dbcvt -rw-rw-rw- 1 nobody users 403 Oct 7 17:24 dnscli -rw-rw-rw- 1 nobody users 421 Oct 7 17:24 dnsfo_active -rw-rw-rw- 1 nobody users 424 Oct 7 17:24 dnsfo_standby -rw-rw-rw- 1 nobody users 403 Oct 7 17:24 iosvod -rw-rw-rw- 1 nobody users 400 Oct 7 17:24 liman -rw-rw-rw- 1 nobody users 403 Oct 7 17:24 logdba -rw-rw-rw- 1 nobody users 403 Oct 7 17:24 mandep -rw-rw-rw- 1 nobody users 406 Oct 7 17:24 netinfo -rw-rw-rw- 1 nobody users 412 Oct 7 17:24 openvpnas -rw-rw-rw- 1 nobody users 454 Oct 7 17:24 openvpnas_deferred_init -rw-rw-rw- 1 nobody users 439 Oct 7 17:24 openvpnas_gen_init -rw-rw-rw- 1 nobody users 466 Oct 7 17:24 openvpnas_gen_init_deferred -rw-rw-rw- 1 nobody users 436 Oct 7 17:24 openvpnas_gen_pam -rw-rw-rw- 1 nobody users 415 Oct 7 17:24 openvpncc -rw-rw-rw- 1 nobody users 421 Oct 7 17:24 openvpncdisp -rw-rw-rw- 1 nobody users 427 Oct 7 17:24 openvpncnode -rw-rw-rw- 1 nobody users 415 Oct 7 17:24 ovpnpasswd -rw-rw-rw- 1 nobody users 391 Oct 7 17:24 sa -rw-rw-rw- 1 nobody users 400 Oct 7 17:24 sacli -rw-rw-rw- 1 nobody users 409 Oct 7 17:24 signtool -rw-rw-rw- 1 nobody users 281 Oct 7 17:24 sqlite3 -rw-rw-rw- 1 nobody users 421 Oct 7 17:24 sshrpc_agent -rw-rw-rw- 1 nobody users 421 Oct 7 17:24 ucarp_active -rw-rw-rw- 1 nobody users 424 Oct 7 17:24 ucarp_standby -rw-rw-rw- 1 nobody users 427 Oct 7 17:24 update_as_conf -rw-rw-rw- 1 nobody users 424 Oct 7 17:24 update_va_ver -rw-rw-rw- 1 nobody users 406 Oct 7 17:24 userdba -rw-rw-rw- 1 nobody users 394 Oct 7 17:24 web Quote Link to comment
CHBMB Posted January 12, 2017 Share Posted January 12, 2017 Everything in my directory has permissions 775, yours are 666 Try cd /config chmod -R 775 * root@server:/mnt/cache/.appdata/openvpn-as/scripts# ls -la total 144 drwxrwxr-x 2 nobody users 4096 Aug 5 20:44 ./ drwxrwxrwx 10 nobody users 4096 Aug 16 13:17 ../ -rwxrwxr-x 1 nobody users 406 Aug 5 20:44 authcli* -rwxrwxr-x 1 nobody users 403 Aug 5 20:44 bridge* -rwxrwxr-x 1 nobody users 406 Aug 5 20:44 certool* -rwxrwxr-x 1 nobody users 406 Aug 5 20:44 confdba* -rwxrwxr-x 1 nobody users 2737 Aug 5 20:44 db-update-1.8* -rwxrwxr-x 1 nobody users 400 Aug 5 20:44 dbcvt* -rwxrwxr-x 1 nobody users 403 Aug 5 20:44 dnscli* -rwxrwxr-x 1 nobody users 421 Aug 5 20:44 dnsfo_active* -rwxrwxr-x 1 nobody users 424 Aug 5 20:44 dnsfo_standby* -rwxrwxr-x 1 nobody users 403 Aug 5 20:44 iosvod* -rwxrwxr-x 1 nobody users 400 Aug 5 20:44 liman* -rwxrwxr-x 1 nobody users 403 Aug 5 20:44 logdba* -rwxrwxr-x 1 nobody users 403 Aug 5 20:44 mandep* -rwxrwxr-x 1 nobody users 406 Aug 5 20:44 netinfo* -rwxrwxr-x 1 nobody users 412 Aug 5 20:44 openvpnas* -rwxrwxr-x 1 nobody users 454 Aug 5 20:44 openvpnas_deferred_init* -rwxrwxr-x 1 nobody users 439 Aug 5 20:44 openvpnas_gen_init* -rwxrwxr-x 1 nobody users 466 Aug 5 20:44 openvpnas_gen_init_deferred* -rwxrwxr-x 1 nobody users 436 Aug 5 20:44 openvpnas_gen_pam* -rwxrwxr-x 1 nobody users 415 Aug 5 20:44 openvpncc* -rwxrwxr-x 1 nobody users 421 Aug 5 20:44 openvpncdisp* -rwxrwxr-x 1 nobody users 427 Aug 5 20:44 openvpncnode* -rwxrwxr-x 1 nobody users 415 Aug 5 20:44 ovpnpasswd* -rwxrwxr-x 1 nobody users 391 Aug 5 20:44 sa* -rwxrwxr-x 1 nobody users 400 Aug 5 20:44 sacli* -rwxrwxr-x 1 nobody users 409 Aug 5 20:44 signtool* -rwxrwxr-x 1 nobody users 281 Aug 5 20:44 sqlite3* -rwxrwxr-x 1 nobody users 421 Aug 5 20:44 sshrpc_agent* -rwxrwxr-x 1 nobody users 421 Aug 5 20:44 ucarp_active* -rwxrwxr-x 1 nobody users 424 Aug 5 20:44 ucarp_standby* -rwxrwxr-x 1 nobody users 427 Aug 5 20:44 update_as_conf* -rwxrwxr-x 1 nobody users 424 Aug 5 20:44 update_va_ver* -rwxrwxr-x 1 nobody users 406 Aug 5 20:44 userdba* -rwxrwxr-x 1 nobody users 394 Aug 5 20:44 web* Quote Link to comment
jcreynoldsii Posted January 12, 2017 Share Posted January 12, 2017 Ran the command here are the results: root@BennySRV:/mnt/user/Config/openvpn-as/scripts# ls -la total 140 drwxrwxrwx 1 nobody users 4096 Oct 7 17:24 ./ drwxrwxrwx 1 nobody users 201 Oct 10 15:15 ../ -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 authcli* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 bridge* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 certool* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 confdba* -rwxrwxr-x 1 nobody users 2737 Oct 7 17:24 db-update-1.8* -rwxrwxr-x 1 nobody users 400 Oct 7 17:24 dbcvt* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 dnscli* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 dnsfo_active* -rwxrwxr-x 1 nobody users 424 Oct 7 17:24 dnsfo_standby* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 iosvod* -rwxrwxr-x 1 nobody users 400 Oct 7 17:24 liman* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 logdba* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 mandep* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 netinfo* -rwxrwxr-x 1 nobody users 412 Oct 7 17:24 openvpnas* -rwxrwxr-x 1 nobody users 454 Oct 7 17:24 openvpnas_deferred_init* -rwxrwxr-x 1 nobody users 439 Oct 7 17:24 openvpnas_gen_init* -rwxrwxr-x 1 nobody users 466 Oct 7 17:24 openvpnas_gen_init_deferred* -rwxrwxr-x 1 nobody users 436 Oct 7 17:24 openvpnas_gen_pam* -rwxrwxr-x 1 nobody users 415 Oct 7 17:24 openvpncc* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 openvpncdisp* -rwxrwxr-x 1 nobody users 427 Oct 7 17:24 openvpncnode* -rwxrwxr-x 1 nobody users 415 Oct 7 17:24 ovpnpasswd* -rwxrwxr-x 1 nobody users 391 Oct 7 17:24 sa* -rwxrwxr-x 1 nobody users 400 Oct 7 17:24 sacli* -rwxrwxr-x 1 nobody users 409 Oct 7 17:24 signtool* -rwxrwxr-x 1 nobody users 281 Oct 7 17:24 sqlite3* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 sshrpc_agent* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 ucarp_active* -rwxrwxr-x 1 nobody users 424 Oct 7 17:24 ucarp_standby* -rwxrwxr-x 1 nobody users 427 Oct 7 17:24 update_as_conf* -rwxrwxr-x 1 nobody users 424 Oct 7 17:24 update_va_ver* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 userdba* -rwxrwxr-x 1 nobody users 394 Oct 7 17:24 web* Somewhat different error in log: /config/scripts/openvpnas: line 11: /config/bin/python: Permission denied Quote Link to comment
CHBMB Posted January 12, 2017 Share Posted January 12, 2017 Ran the command here are the results: root@BennySRV:/mnt/user/Config/openvpn-as/scripts# ls -la total 140 drwxrwxrwx 1 nobody users 4096 Oct 7 17:24 ./ drwxrwxrwx 1 nobody users 201 Oct 10 15:15 ../ -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 authcli* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 bridge* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 certool* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 confdba* -rwxrwxr-x 1 nobody users 2737 Oct 7 17:24 db-update-1.8* -rwxrwxr-x 1 nobody users 400 Oct 7 17:24 dbcvt* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 dnscli* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 dnsfo_active* -rwxrwxr-x 1 nobody users 424 Oct 7 17:24 dnsfo_standby* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 iosvod* -rwxrwxr-x 1 nobody users 400 Oct 7 17:24 liman* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 logdba* -rwxrwxr-x 1 nobody users 403 Oct 7 17:24 mandep* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 netinfo* -rwxrwxr-x 1 nobody users 412 Oct 7 17:24 openvpnas* -rwxrwxr-x 1 nobody users 454 Oct 7 17:24 openvpnas_deferred_init* -rwxrwxr-x 1 nobody users 439 Oct 7 17:24 openvpnas_gen_init* -rwxrwxr-x 1 nobody users 466 Oct 7 17:24 openvpnas_gen_init_deferred* -rwxrwxr-x 1 nobody users 436 Oct 7 17:24 openvpnas_gen_pam* -rwxrwxr-x 1 nobody users 415 Oct 7 17:24 openvpncc* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 openvpncdisp* -rwxrwxr-x 1 nobody users 427 Oct 7 17:24 openvpncnode* -rwxrwxr-x 1 nobody users 415 Oct 7 17:24 ovpnpasswd* -rwxrwxr-x 1 nobody users 391 Oct 7 17:24 sa* -rwxrwxr-x 1 nobody users 400 Oct 7 17:24 sacli* -rwxrwxr-x 1 nobody users 409 Oct 7 17:24 signtool* -rwxrwxr-x 1 nobody users 281 Oct 7 17:24 sqlite3* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 sshrpc_agent* -rwxrwxr-x 1 nobody users 421 Oct 7 17:24 ucarp_active* -rwxrwxr-x 1 nobody users 424 Oct 7 17:24 ucarp_standby* -rwxrwxr-x 1 nobody users 427 Oct 7 17:24 update_as_conf* -rwxrwxr-x 1 nobody users 424 Oct 7 17:24 update_va_ver* -rwxrwxr-x 1 nobody users 406 Oct 7 17:24 userdba* -rwxrwxr-x 1 nobody users 394 Oct 7 17:24 web* Somewhat different error in log: /config/scripts/openvpnas: line 11: /config/bin/python: Permission denied Not really, same error message, different file and directory. Same problem. Might be easier for you to set it up from scratch. Your perms are buggered. Quote Link to comment
jcreynoldsii Posted January 12, 2017 Share Posted January 12, 2017 I was afraid you would say that, the setup for this guy isn't the most intuitive. I'll have to remember all the different steps and screens I went to in order to make this work. Where is the config file located so I can replicate settings? Quote Link to comment
CHBMB Posted January 12, 2017 Share Posted January 12, 2017 I was afraid you would say that, the setup for this guy isn't the most intuitive. I'll have to remember all the different steps and screens I went to in order to make this work. Where is the config file located so I can replicate settings? I don't think there is a discrete config file. You could recursively change all the permissions in the config folder. Just let me check mine and see if there's a pattern. EDIT: Permissions are wildly different across the files and thinking about it, it's not the kind of application where you want elevated perms where they shouldn't be. Looks like there are some config files in /config/etc/ Quote Link to comment
EmilionDK Posted January 23, 2017 Share Posted January 23, 2017 Hey I have an idea, and hope it can be done, but it is possible that you can make it so that every time the server starts / updates then it make a random admin password. And write the password in the log file? So you do not have to write, docker exec -it openvpn-as passwd admin "your password" each time it updates, so it just make a random admin password itself? Quote Link to comment
Squid Posted January 24, 2017 Share Posted January 24, 2017 Hey I have an idea, and hope it can be done, but it is possible that you can make it so that every time the server starts / updates then it make a random admin password. And write the password in the log file? So you do not have to write, docker exec -it openvpn-as passwd admin "your password" each time it updates, so it just make a random admin password itself? Personally, I wouldn't want anything anywhere logging my password Why not just make a user script for the user.scripts plugin composed of that command. One click and you're done. Quote Link to comment
EmilionDK Posted January 24, 2017 Share Posted January 24, 2017 Hey I have an idea, and hope it can be done, but it is possible that you can make it so that every time the server starts / updates then it make a random admin password. And write the password in the log file? So you do not have to write, docker exec -it openvpn-as passwd admin "your password" each time it updates, so it just make a random admin password itself? Personally, I wouldn't want anything anywhere logging my password Why not just make a user script for the user.scripts plugin composed of that command. One click and you're done. It was just to get away from the default password, which is all too easy to get into someone else's vpn if they have had an update and forgot to change the default password. "Why not just make a user script for the user.scripts plugin composed of that command. One click and you're done." I wish I knew how, but I'm wayyyyy too new to unraid and coding ;P Quote Link to comment
Squid Posted January 24, 2017 Share Posted January 24, 2017 I wish I knew how, but I'm wayyyyy too new to unraid and coding ;P http://lime-technology.com/forum/index.php?topic=49992.0 Your script is simply that command you've already posted Quote Link to comment
EmilionDK Posted January 24, 2017 Share Posted January 24, 2017 Wait what! Uhh! That I will so much look into later today! But now I need to go to bed as the current time is 01:36 am in Copenhagen But Thanks! Quote Link to comment
thomast_88 Posted January 27, 2017 Share Posted January 27, 2017 Hey I have an idea, and hope it can be done, but it is possible that you can make it so that every time the server starts / updates then it make a random admin password. And write the password in the log file? So you do not have to write, docker exec -it openvpn-as passwd admin "your password" each time it updates, so it just make a random admin password itself? Why not just create a new user which is admin, and delete the default admin user? Is it recreated upon updates of this container, or did i miss something? Quote Link to comment
thomast_88 Posted January 27, 2017 Share Posted January 27, 2017 I've added Duo Security for Two-Factor Authentication when using this container. They have a free user tier which allows < 10 users. It will basically send a push request / sms to your mobile phone as an extra confirmation when logging in from the Web Interface (for those who have this exposed to the internet). I've followed the steps described here https://duo.com/docs/openvpn and modified them a bit. [*]download and edit duo_openvpn_as.py with secret key etc as described in the link [*]move duo_openvpn_as.py to /mnt/cache/appdata/openvpn-as/scripts [*]docker exec -it openvpn-as /bin/bash [*]chmod a+x /config/scripts/duo_openvpn_as.py [*]/config/scripts/sacli -a <admin_user> -k auth.module.post_auth_script --value_file=/config/scripts/duo_openvpn_as.py ConfigPut [*]/config/scripts/sacli -a <admin_user> Reset [*]Restart the container Now you have 2FA for logins. Write "push", "sms", "phone" and click connect, and you will receive a 2FA. Quote Link to comment
EmilionDK Posted January 27, 2017 Share Posted January 27, 2017 Hey I have an idea, and hope it can be done, but it is possible that you can make it so that every time the server starts / updates then it make a random admin password. And write the password in the log file? So you do not have to write, docker exec -it openvpn-as passwd admin "your password" each time it updates, so it just make a random admin password itself? Why not just create a new user which is admin, and delete the default admin user? Is it recreated upon updates of this container, or did i miss something? Hey thomast_88 Yes, I have a different user which is admin, but even if you delete the admin user, it will come back after you've made an update to the docker. With the default user (admin) and passwords (passwords) but remember the other uses that are made. ( To change the password (recommended) do docker exec -it openvpn-as passwd admin (You will have to repeat this step if you update or reinstall this container) ) Quote Link to comment
EmilionDK Posted January 27, 2017 Share Posted January 27, 2017 I've added Duo Security for Two-Factor Authentication when using this container. They have a free user tier which allows < 10 users. I did not know that you could do it that way But i use Google Authenticator Quote Link to comment
jumperalex Posted January 29, 2017 Share Posted January 29, 2017 sooo openvpn-as is now up to version 2.4 but I only seem to grab 2.1.2 .... am i missing something? Quote Link to comment
sparklyballs Posted January 29, 2017 Share Posted January 29, 2017 sooo openvpn-as is now up to version 2.4 but I only seem to grab 2.1.2 .... am i missing something? the image pulls version 2.14b which is the latest package available you however may not the latest copy of the image. this was updated back in october 2016, so you're way behind in image updates. Quote Link to comment
jumperalex Posted January 29, 2017 Share Posted January 29, 2017 hmmm I just tonight told it to update from the Docker tab. I take I just need to delete the whole thing? So I removed the container and the image. Repulled from CA and I'm still looking at 2.1.2 Would it be because I reused my appdata folder without emptying it? EDIT: [sigh] yup that was it. cleared out appdata. I'm sure somewhere in this thread it is mentioned. Quote Link to comment
JM2005 Posted January 29, 2017 Share Posted January 29, 2017 hmmm I just tonight told it to update from the Docker tab. I take I just need to delete the whole thing? So I removed the container and the image. Repulled from CA and I'm still looking at 2.1.2 Would it be because I reused my appdata folder without emptying it? EDIT: [sigh] yup that was it. cleared out appdata. I'm sure somewhere in this thread it is mentioned. I seem to have the same issue. Did you erase the appdata openvpn folder and start over fresh? I have all my devices setup and would hate to have to recreate it all. Thanks Quote Link to comment
yukonhijack Posted January 29, 2017 Share Posted January 29, 2017 So I have been trying to set up OpenVPN-as on my unraid server, and I keep getting this error when I try to start the OpenVPN server: process started and then immediately exited: ['Sun Jan 29 10:21:33 2017 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)'] service failed to start or returned error status I attached some screen grabs if that helps. BTW, I took out the forward facing subdomain just for security sakes. The one in the screen grab is not the real address. Quote Link to comment
yukonhijack Posted January 29, 2017 Share Posted January 29, 2017 Here is another screen grab Quote Link to comment
yukonhijack Posted January 29, 2017 Share Posted January 29, 2017 And one more of the error I get when I try to start the server Quote Link to comment
jumperalex Posted January 29, 2017 Share Posted January 29, 2017 hmmm I just tonight told it to update from the Docker tab. I take I just need to delete the whole thing? So I removed the container and the image. Repulled from CA and I'm still looking at 2.1.2 Would it be because I reused my appdata folder without emptying it? EDIT: [sigh] yup that was it. cleared out appdata. I'm sure somewhere in this thread it is mentioned. I seem to have the same issue. Did you erase the appdata openvpn folder and start over fresh? I have all my devices setup and would hate to have to recreate it all. Thanks Yes that is what I had to do. I only have one user and two devices so I wasn't too concerned about retaining settings. You might get away with just moving the bin folder out of there and see if it recreates correctly. Or go the other way and start with a fresh appdata folder and then can you import your device connection settings? Quote Link to comment
JM2005 Posted January 29, 2017 Share Posted January 29, 2017 hmmm I just tonight told it to update from the Docker tab. I take I just need to delete the whole thing? So I removed the container and the image. Repulled from CA and I'm still looking at 2.1.2 Would it be because I reused my appdata folder without emptying it? EDIT: [sigh] yup that was it. cleared out appdata. I'm sure somewhere in this thread it is mentioned. I seem to have the same issue. Did you erase the appdata openvpn folder and start over fresh? I have all my devices setup and would hate to have to recreate it all. Thanks Yes that is what I had to do. I only have one user and two devices so I wasn't too concerned about retaining settings. You might get away with just moving the bin folder out of there and see if it recreates correctly. Or go the other way and start with a fresh appdata folder and then can you import your device connection settings? I decided to go ahead start fresh and wipe it all out. Thank you for replying. Its working fine. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.