SELinux: Running OpenVPN on a different port

To allow OpenVPN to run on a different port than 1194, you'll need to tweak your SELinux permissions:
/usr/sbin/semanage port -a -t openvpn_port_t -p udp 61616

© GeekLabInfo SELinux: Running OpenVPN on a different port is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

OpenVPN: script failed: could not execute external program

I've been using the great VPN software OpenVPN for a long time now. I just love it. Today, I copied the configuration of my old router to my brand new Fedora 15 box, and suddenly it can't start anymore.

In the logs I found this message:
script failed: could not execute external program

What does that mean?
Is the 'up' script not found? It it in the wrong directory? I could not just find it. Until I hooked up my favourite debugger tool: strace. And look what I found there:
[pid 8273] execve("./up", ["./up", "vpn", "1500", "1576", "", "", "init"], [/* 14 vars */]) = -1 ENOEXEC (Exec format error)

Solution

What is the case? In older OpenVPN versions, scripts where run by system(3), which uses the shell to run scripts. Newer versions are more secure, and use execl/execve or something like that. That means that shell scripts must explicitly tell the sytem that they're to be run by the shell.

So, add the following line to the top of the script:
#!/bin/bash
And you're done.

© GeekLabInfo OpenVPN: script failed: could not execute external program is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (9 votes, average: 4.11 out of 5)
Loading...

Share one VPN connection

My personal Linux laptop is a real spider in the web. It's got OpenVPN connections to the office, to the datacenter, to serveral family members, etcetera. I love it. But sometimes, there are some tasks that Linux simply can't do, like running a vSphere client.

For those situations, I use the second (Windows) computer on my desk to perform those tasks. However, this computer does not have a VPN connection right to the place I'm connecting to.

Continue Reading…

© GeekLabInfo Share one VPN connection is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...