OpenVPN 服务无法启动

tag-icon tag-icon openvpn fedora systemd
OpenVPN 服务无法启动

我在我的 VPS (Fedora 23) 上配置了 OpenVPN,但在将其作为 systemd 服务启动时遇到了问题。从命令行 ( openvpn server.conf) 一切正常,但当我尝试通过 systemd 启动它时失败了。

systemctl status [email protected]给我看看这个:

[email protected] - OpenVPN Robust And Highly Flexible Tunneling Application On myvps/tcp
  Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
  Active: failed (Result: exit-code) since Thu 2015-12-10 06:04:07 UTC; 13min ago
Main PID: 500 (code=exited, status=1/FAILURE)

Dec 10 06:04:07 myvps openvpn[500]: ROUTE: default_gateway=UNDEF
Dec 10 06:04:07 myvps openvpn[500]: TUN/TAP device tun0 opened
Dec 10 06:04:07 myvps openvpn[500]: TUN/TAP TX queue length set to 100
Dec 10 06:04:07 myvps openvpn[500]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Dec 10 06:04:07 myvps openvpn[500]: /usr/local/sbin/unpriv-ip link set dev tun0 up mtu 1500
Dec 10 06:04:07 myvps openvpn[500]: Linux ip link set failed: could not execute external program
Dec 10 06:04:07 myvps openvpn[500]: Exiting due to fatal error
Dec 10 06:04:07 myvps systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
Dec 10 06:04:07 myvps systemd[1]: [email protected]: Unit entered failed state.
Dec 10 06:04:07 myvps systemd[1]: [email protected]: Failed with result 'exit-code'.

我看到 OpenVPN 无法执行ip命令,但我不知道为什么。当我手动启动 OpenVPN 时,我没有收到此错误。

unpriv-ip 脚本的设置如下官方指南

OpenVPN 服务将在之后启动,如果重要的话,network.target需要。multi-user.target

有人能解释一下我这个问题是什么吗?

谢谢。

更新型多巴胺(适用于 Anubioz)

# dnf install iproute
Last metadata expiration check performed 1:27:44 ago on Thu Dec 10 05:52:27 2015.
Package iproute-4.1.1-3.fc23.x86_64 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!

# ls -l /usr/local/sbin/unpriv-ip 
-rwxr-xr-x. 1 root root 27 Dec 10 01:23 /usr/local/sbin/unpriv-ip

UPD2(适用于 Anubioz)

# dnf install iputils
Last metadata expiration check performed 1:42:05 ago on Thu Dec 10 05:52:27 2015.
Package iputils-20140519-7.fc23.x86_64 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!

答案1

  1. 检查/usr/local/sbin/unpriv-ip脚本是否执行权限(+x chmod 标志)

你可以用以下命令进行设置

chmod +x /usr/local/sbin/unpriv-ip

  1. 检查您的 openvpn 配置是否有script-security 2允许执行外部脚本的行。

  2. 确保您已iproute安装软件包并且ip系统上可用该命令。

您可以使用以下方式安装:

yum install iproute iputils

  1. 尝试添加sleep 5到脚本的顶部,/usr/local/sbin/unpriv-ip以确保它不会在 tun0 设备可用之前执行。

相关内容