ProtonVPN 自动启动配置错误

ProtonVPN 自动启动配置错误

我正在尝试让 ProtonVPN 在我的 Kubuntu 机器上自动启动。

我尝试过以下指南。

我尝试的最新一个是来自 blog.x86txt.com 的。但是当使用以下命令时:

systemctl enable protonvpn-cli.service && systemctl start protonvpn-cli.service

我从终端收到以下消息:

Job for protonvpn-cli.service failed because the control process exited with error code.
See "systemctl status protonvpn-cli.service" and "journalctl -xe" for details.

当我运行命令时

systemctl status protonvpn-cli.service

我得到以下输出:

 ● protonvpn-cli.service - ProtonVPN CLI Auto-Start
   Loaded: loaded (/etc/systemd/system/protonvpn-cli.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Mon 2020-01-13 11:19:20 CET; 13s ago
  Process: 2177 ExecStart=/usr/bin/protonvpn-cli last-connect (code=exited, status=203/EXEC)

jan 13 11:19:20 teuton-VirtualBox systemd[2177]: protonvpn-cli.service: Failed at step EXEC spawning /usr/bin/protonvpn-cli
jan 13 11:19:20 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Control process exited, code=exited status=203
jan 13 11:19:20 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Failed with result 'exit-code'.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: Failed to start ProtonVPN CLI Auto-Start.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Service hold-off time over, scheduling restart.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Scheduled restart job, restart counter is at 5.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: Stopped ProtonVPN CLI Auto-Start.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Start request repeated too quickly.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Failed with result 'exit-code'.
jan 13 11:19:20 teuton-VirtualBox systemd[1]: Failed to start ProtonVPN CLI Auto-Start.
log file: -binfmt_misc.automount  protonvpn-cli.service           

Teuton 是用户名。

我将把我的 systemd 文件粘贴到下面。

[Unit]
Description=ProtonVPN CLI Auto-Start
After=network.target

[Service]
Type=forking
User=teuton
ExecStart=/usr/bin/protonvpn-cli last-connect
ExecReload=/usr/bin/protonvpn-cli disconnect && /usr/bin/protonvpn-cli last-connect
ExecStop=/usr/bin/protonvpn-cli disconnect
Restart=always

[Install]
WantedBy=multi-user.target

Here i removed the -- in the commands --last-connect and --disconnect from blog.x86txt.com to see if it would help me in any way.

编辑:

这是journalctl -xe输出:

-- Subject: Unit anacron.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit anacron.service has finished starting up.
--
-- The start-up result is RESULT.
jan 13 14:04:47 teuton-VirtualBox anacron[1883]: Anacron 2.3 started on 2020-01-13
jan 13 14:04:47 teuton-VirtualBox anacron[1883]: Normal exit (0 jobs run)
jan 13 14:17:01 teuton-VirtualBox CRON[1896]: pam_unix(cron:session): session opened for user root by (uid=0)
jan 13 14:17:01 teuton-VirtualBox CRON[1897]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
jan 13 14:17:01 teuton-VirtualBox CRON[1896]: pam_unix(cron:session): session closed for user root
jan 13 14:20:16 teuton-VirtualBox systemd[1]: Starting Message of the Day...
-- Subject: Unit motd-news.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has begun starting up.
jan 13 14:20:16 teuton-VirtualBox systemd[1]: Started Message of the Day.
-- Subject: Unit motd-news.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has finished starting up.
--
-- The start-up result is RESULT.
jan 13 15:05:08 teuton-VirtualBox systemd[1]: Started Run anacron jobs.
-- Subject: Unit anacron.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit anacron.service has finished starting up.
--
-- The start-up result is RESULT.                                                                                                                   
jan 13 15:05:08 teuton-VirtualBox anacron[1959]: Anacron 2.3 started on 2020-01-13                                                                  
jan 13 15:05:08 teuton-VirtualBox anacron[1959]: Normal exit (0 jobs run)                                                                           
jan 13 15:17:01 teuton-VirtualBox CRON[1969]: pam_unix(cron:session): session opened for user root by (uid=0)
jan 13 15:17:01 teuton-VirtualBox CRON[1970]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
jan 13 15:17:01 teuton-VirtualBox CRON[1969]: pam_unix(cron:session): session closed for user root
jan 13 15:24:32 teuton-VirtualBox sudo[1983]:   teuton : TTY=pts/2 ; PWD=/etc/systemd/system ; USER=root ; COMMAND=/usr/sbin/visudo
jan 13 15:24:32 teuton-VirtualBox sudo[1983]: pam_unix(sudo:session): session opened for user root by teuton(uid=0)
jan 13 15:42:02 teuton-VirtualBox sudo[1983]: pam_unix(sudo:session): session closed for user root

teuton@teuton-VirtualBox:/etc/systemd/system$ sudo systemctl enable protonvpn-cli.service && systemctl start protonvpn-cli.service
[sudo] lösenord för teuton:
Job for protonvpn-cli.service failed because the control process exited with error code.
See "systemctl status protonvpn-cli.service" and "journalctl -xe" for details.
teuton@teuton-VirtualBox:/etc/systemd/system$ journalctl -xe
jan 13 15:42:25 teuton-VirtualBox systemd[2085]: protonvpn-cli.service: Failed at step USER spawning /usr/bin/protonvpn: No such process
-- Subject: Process /usr/bin/protonvpn could not be executed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The process /usr/bin/protonvpn could not be executed and failed.
--
-- The error number returned by this process is 3.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Control process exited, code=exited status=217
jan 13 15:42:25 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Failed with result 'exit-code'.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: Failed to start ProtonVPN CLI Auto-Start.
-- Subject: Unit protonvpn-cli.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit protonvpn-cli.service has failed.
--
-- The result is RESULT.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Service hold-off time over, scheduling restart.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Scheduled restart job, restart counter is at 5.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Automatic restarting of the unit protonvpn-cli.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: Stopped ProtonVPN CLI Auto-Start.
-- Subject: Unit protonvpn-cli.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit protonvpn-cli.service has finished shutting down.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Start request repeated too quickly.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: protonvpn-cli.service: Failed with result 'exit-code'.
jan 13 15:42:25 teuton-VirtualBox systemd[1]: Failed to start ProtonVPN CLI Auto-Start.
-- Subject: Unit protonvpn-cli.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit protonvpn-cli.service has failed.
--
-- The result is RESULT.
lines 2394-2435/2435 (END) 

编辑2:这是我的sudo visudo输出:

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d
teuton ALL = (root) NOPASSWD: /usr/local/bin/protonvpn

答案1

systemd 单元配置中的路径和可执行文件与 sudoers.d 文件中的路径和可执行文件不匹配。

sudoers.d文件提到/usr/local/bin/protonvpn(注意 ,并且后面local没有扩展名),这对我来说似乎是正确的,因为它既是 ProtonVPN.com 在您问题中列出的说明中指出的内容,也是我自己机器上的内容。 (我无法检查您的第一个链接,它似乎已失效)。-cliprotonvpn

另一方面,systemd 单元描述列出/usr/bin/protonvpn-cli(没有local,但是-cli扩展):

ExecStart=/usr/bin/protonvpn-cli last-connect  
ExecReload=/usr/bin/protonvpn-cli disconnect && /usr/bin/protonvpn-cli last-connect  
ExecStop=/usr/bin/protonvpn-cli disconnect*

促使我研究这个方向的是你的日志:systemd似乎无法在ExecStart上启动请求的程序:

Failed at step EXEC spawning /usr/bin/protonvpn-cli

然后就直接报错了。

which protonvpn您应该通过运行命令和来检查计算机上的正确路径和可执行文件which protonvpn-cli。对我来说,只有第一个返回路径,它是/usr/local/bin/.

使用上一步中确定的正确文件和路径更新 sudoers.d 和 systemd 单元配置。

边注
我建议您在 sudoers.d 文件中更加具体。现在拥有用户权限足以完全控制您的 VPN(包括将其关闭或禁用终止开关)。最好只授予对特定命令protonvpn connectprotonvpn reconnect.该行如下所示(假设 /usr/local/bin/protonvpn 是正确的路径):

teuton ALL = (root) NOPASSWD: /usr/local/bin/protonvpn connect,/usr/local/bin/protonvpn reconnect

然后在systemd单元配置中:

  1. ExecReload=将您当前拥有的命令替换为/usr/local/bin/protonvpn reconnect,这实际上会执行完全相同的操作,但优点是不必允许该disconnect命令。
  2. 完全删除你的ExecStop=/usr/bin/protonvpn-cli disconnect线。这是不需要的(在关闭时,你的 VPN 无论如何都会断开连接,就像我的机器上没有这条线一样)。

现在,您的 sudoers.d 文件中不再需要断开连接命令,并且您刚刚提高了计算机的安全性!

相关内容