Ok, I followed the guide located at to the T, however open fails to run at boot. I have FreeBSD 9.1. Persistent data modified by programs as they run, e.g., databases, packaging system metadata, etc. Imho crl is not an openvpn generated file:-) Comment 14 David Sommerseth 2017-05-15 21:23:41 UTC. Re: openvpn: Linux route add command failed I meant content of socvpn.ovpn, but now I see you have provided it in your first post. Anyway, p0x8 is right, you can't set gateway to 172.18.180.1 in 172.18.180.136/25 subnet, because range of this subnet is 172.18.180.129-254. Since the value of the dynamic port could not be known. May be used in order to execute OpenVPN in unprivileged. Could not execute external program Dec 10 06:04:07 myvps openvpn. I see that OpenVPN can't execute ip. TCP with TLS/SSL encryption and LZO compression enabled.
After a few days on Google, I'm not able to find the right answer to my question. After reading a lot of scripting possibilities, then OpenVPN is up.
I have a client running Debian 7.8, with OpenVPN 2.2.1 x86_64-linux-gnu.
The connection is working great, and everything is fine. But - I need to mount some NFS-drives then the connection is initiated ('up' - I guess).
But - then I'm trying to start a script, I'm running into this error:
I have added the settings in the config-file:
See the full settings file here.
The script I'm trying to run (just for testing right now) is:
(Update 2017: - The '!' mark is missing in the #/bin/bash-line. Don't copy/paste above line, cause it was the problem)
I have tested with '#!/bin/sh' as well, just to be sure. After all, i tested the permissions and ownership:
As you can see, I have added 'script-security 2' before the 'up' and 'down' commands. OpenVPN is running as root, and started by a init.d script, but even if I'm trying to run it with the full command, I get the same error.
Se the example below (with and without sudo):
If I'm running the damn small script by myself, with both SU and Sudo, everything is going smooth without any issues.
The point is that I need to run this command, to mount a few NFS-drives, but right now I'm locked down. So I need some help here - I did try on a Danish forum with no luck.
The online manuels is not that helpful - and now I need your help.
3 Answers
I ran into the same issue, luckily I found a solution.
Here are things I checked:
- permission of folder
- permission of openvpn to access script
- the script must list the full path of any commands used (ex.
grepshould be/bin/grep; you can find the full path by typingwhichin front of your command) - use
script-security 2 systeminstead
Just to make it clear:I forgot the '!' (exclamation mark). That's explain everything.
Check username under which openvp daemon is running and chown your script folder or file to it.
Not the answer you're looking for? Browse other questions tagged linuxdebianvpnscriptopenvpn or ask your own question.
Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign up:max_bytes(150000):strip_icc()/Execute-56af2a165f9b58b7d01578ad.jpg "Not")
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments
commented Oct 26, 2016 • edited
edited
To make issues more manageable, I would appreciate if you fill out the details if applicable
I want to run up/down script to modify net.dns1/net.dns2 parameters. My vpn config looks like this: Unfortunately, i get an error on I have verified that the up script has execute permissions and has the following contents. Any idea what could be wrong? |
commented Oct 26, 2016
there might be some other things that prevent executing scripts in random directory. Since you have already root try putting it next to openvpn for android own executable ovpn_pie in the cache dir of the app. |
commented Oct 26, 2016
Ok, putting the script in the cache directory and changing permissions helped. I simplified the updns.sh script to the following and removed the 'down' script from the config: But I get another error: |
commented Oct 26, 2016
You need to set script-security to at least 2 |
commented Oct 26, 2016 • edited
edited
Yes, i do have script-security 2 set in the config as shown in the first post and also the warning shows it: |
commented Oct 26, 2016 • edited
edited
Sorry I have no idea. Maybe Android does not like exeucting scripts that use sh. Try to copy ifconfig or something else there and see if that works. Also increase the verbosity of the log by using that slider in the log window. It might give you more messages. |
commented Oct 26, 2016 • edited
edited
Modified updns.sh gives the same error |
Openvpn Could Not Execute External Program From Stored Procedure
commented Oct 26, 2016
I meant: cp ifconfig cache up /path/to/ifconfig |
commented Oct 26, 2016
Python Execute External Program
Ok, did that and change permissions of ifconfig to match openvpn binary, but got the same error :( |
commented Nov 13, 2016
Openvpn Could Not Execute External Program From Stored Mac
I used tasker to set the net.dns1 and net.dns2 variables following this blog post |
commented Nov 28, 2016
Could you take a look at the underlying issue here, @schwabe? DNS servers pushed by the OpenVPN server should be applied on connect, then reverted on disconnect. The current behavior is a major privacy issue. |
commented Nov 28, 2016
The underlying issue is that net.dns1 and net.dns2 are obsolete and any app that uses them is wrong. The VPNService API since 5.0 or 6.0 does not set these anymore. (There is another close issue about this). |
commented Nov 28, 2016
Gotcha, good to know. Cheers! |
commented Dec 11, 2016
Excel Vba Execute External Program
My up script magically started to work. I did a system update to get the latest security patch(October) on 6.0.1, and did a factory reset. This is what the directory looks like with the script called updns.sh Custom configuration parameters are |
How To Execute External Program In C
commented Feb 4, 2019 • edited
edited
It is Feb 2019, with Android 8, OpenVPN 2.3.10, with set in the server.conf file. On the OpenVPN for Android settings 'Bypass VPN for local networks' is off, although it doesn't seem to make a difference. Logging DNS packets on the server I can see them passing through the FORWARD table.. e.g. - When the Android is on the home wifi I try monitoring DNS packets leaking out there but nothing was detected. I also used dnsleaktest.com on the Android to check for leaks. Set up the home network to use different nameservers than the VPN. The dnsleaktest showed only the VPN servers. (On the home network all outgoing DNS traffic is DNAT'd to the specified servers.) Although this is not absolute proof that Android could never bypasses VPN with DNS - e.g. that there is no switch to change Androids behavior, it's as good as it gets. My conclusion is that DNS is going through the VPN correctly. |