我有一个运行良好的 VPN - 除了 DHCP 是从本地主机获取的。
因此我进行了一些研究,发现我可以将以下内容添加到我的配置文件中以使其正常工作:
# This updates the resolvconf with dns settings
script-security 2
up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh
愚蠢的是,它不起作用:-/当我使用运行 OpenVPN 时sudo
,出现以下错误:
[...]
Mon Nov 28 22:33:39 2016 SENT CONTROL [REMOTESERVER-XZY]: 'PUSH_REQUEST' (status=1)
Mon Nov 28 22:33:44 2016 SENT CONTROL [REMOTESERVER-XZY]: 'PUSH_REQUEST' (status=1)
Mon Nov 28 22:33:50 2016 SENT CONTROL [REMOTESERVER-XZY]: 'PUSH_REQUEST' (status=1)
Mon Nov 28 22:33:50 2016 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.100.1.12,dhcp-option DNS 10.100.1.1,ping 20,ping-restart 60,topology subnet,route-gateway 10.100.12.21,ifconfig 10.100.12.20 255.255.255.0'
Mon Nov 28 22:33:50 2016 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 28 22:33:50 2016 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 28 22:33:50 2016 OPTIONS IMPORT: route-related options modified
Mon Nov 28 22:33:50 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 28 22:33:50 2016 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=e8:b1:fc:d1:d1:66
Mon Nov 28 22:33:50 2016 TUN/TAP device tun1 opened
Mon Nov 28 22:33:50 2016 TUN/TAP TX queue length set to 100
Mon Nov 28 22:33:50 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Nov 28 22:33:50 2016 /sbin/ip link set dev tun1 up mtu 1500
Mon Nov 28 22:33:50 2016 /sbin/ip addr add dev tun1 10.100.12.20/24 broadcast 10.100.12.255
Mon Nov 28 22:33:50 2016 /etc/openvpn/update-resolv-conf.sh tun1 1500 1559 10.100.12.20 255.255.255.0 init
dhcp-option DNS 10.100.1.12
dhcp-option DNS 10.100.1.1
/etc/openvpn/update-resolv-conf.sh: line 57: /run/resolvconf/resolv.conf: Permission denied
Mon Nov 28 22:33:50 2016 /sbin/ip route add 10.100.0.0/16 via 10.100.12.1
RTNETLINK answers: File exists
Mon Nov 28 22:33:50 2016 ERROR: Linux route add command failed: external program exited with error status: 2
Mon Nov 28 22:33:50 2016 Initialization Sequence Completed
[...]
因此,看起来 OpenVPN 在调用启动脚本之前放弃了 root 权限,所以我得到了Permission denied
。请帮忙!
系统:
$ uname -vr
4.4.0-49-generic #70-Ubuntu SMP Fri Nov 11 16:40:34 UTC 2016
答案1
该脚本名为 update-resolv-conf,您可以通过执行以下操作来检查它ls /etc/openvpn
。
如果是,请使用
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf