[oi-dev] OpenVPN in a local zone

Jonathan Adams t12nslookup at gmail.com
Mon Jan 21 08:30:24 UTC 2019 

I know in the past that I had to pass through specific dev interfaces.
I'll take a look when I get to work, as I think we still have one box set
up that way.
Jon

On Mon, 21 Jan 2019 07:46 Alexander Pyhalov via oi-dev <
oi-dev at openindiana.org wrote:

> Hi.
> I suppose some of the privileges mentioned in
> /lib/svc/manifest/network/openvpn.xml are not available in zone (look at
> method_credential section).
>
> С уважением,
> Александр Пыхалов,
> программист отдела телекоммуникационной инфраструктуры
> управления информационно-коммуникационной инфраструктуры ЮФУ
>
>
> ________________________________________
> От: Sven Schmeling <sven.schmeling at schmeling-ol.de>
> Отправлено: 18 января 2019 г. 23:36:17
> Кому: OpenIndiana Developer mailing
> Тема: [oi-dev] OpenVPN in a local zone
>
> Hello,
>
> i have installed OpenVPN in a local zone.
>
> Starting the service with "svcadm enable svc:/network/openvpn:default"
> (or rebooting the zone) ends in the maintenance mode:
>
> # svcs openvpn
> STATE          STIME    FMRI
> maintenance    19:46:37 svc:/network/openvpn:default
>
> cat /var/svc/log/network-openvpn:default.log
>
> [ Jan 18 19:46:37 Enabled. ]
> [ Jan 18 19:46:37 Executing start method ("/usr/sbin/openvpn --daemon
> openvpn --config '/etc/openvpn/openvpn.conf'"). ]
> [ Jan 18 19:46:37 svc.startd could not set context for method:  ]
> setppriv: Not owner
> [ Jan 18 19:46:37 Method "start" exited with status 96. ]
>
> Hints to add "limitpriv="default,priv_net_rawaccess" to the zone config
> are maded but doesn't change the behavior.
>
> Starting openvpn with "/usr/sbin/openvpn --verb 9 --config
> '/etc/openvpn/openvpn.conf'" on the command line works fine and
> connections are possible.
>
>
> Any hints about the "setppriv" error?
>
> --------------
>
> pkg info openvpn
> Name: network/openvpn
> Summary: OpenVPN is a full-featured open source SSL VPN solution
> Category: Applications/Internet
> State: Installed
> Publisher: openindiana.org
> Version: 2.4.3
> Branch: 2018.0.0.1
> Packaging Date: Sun Feb 11 13:19:38 2018
> Size: 1.19 MB
> FMRI:
> pkg://openindiana.org/network/openvpn@2.4.3-2018.0.0.1:20180211T131938Z
> Project URL: http://openvpn.net
> Source URL:
> http://swupdate.openvpn.org/community/releases/openvpn-2.4.3.tar.xz
>
> --------------
>
> Thanks
>
> Sven Schmeling
>
>
> - --
> Sven Schmeling, Oldenburg, Germany
> mailto:sven.schmeling at schmeling-ol.de
>
>
>
>
>
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> https://openindiana.org/mailman/listinfo/oi-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openindiana.org/pipermail/oi-dev/attachments/20190121/915a7433/attachment-0005.html>

More information about the oi-dev mailing list