Menu
▾
▴
[Openvpn-users] Problem to read the file referenced by crl-verify
|
From: Luc S. <luc...@ad...> - 2004-10-04 14:18:43
|
When launching OpenVPN (server mode) with the "--daemon" option, I get the
following error in the logs:
GID set to nogroup
UID set to nobody
CRL: cannot read: my-openvpn-keys/crl.pem: No such file or directory (errno=2)
The file exists and has 777 rights, and the directory where it resides is 777
too.
If I trace with 'strace -eopen', I get the following result:
open("my-openvpn-keys/crl.pem", O_RDONLY) = -1 EACCES (Permission denied)
The strange thing is that it works if I don't use the --daemon option. So I
tried with an absolute path to the crl.pem file, and it worked!
My conclusion is that when launching OpenVPN with "--daemon" mode, the rights
are dropped to nobody:nogroup AND the directory is changed to something else
than the one whereOpenVPN was launched, so relative references don't work
anymore.
It put in the documentation that relative paths must not be used.
Thanks,
Luc
--
Luc Stepniewski <luc...@ad...>
Adelux - Securite, Linux Public key: <http://lstep.free.fr/pubkey.txt>
Key BC0E3C2A fingerprint = A4FA466C68D27E46B427 07D083ED6340BC0E3C2A
|
