Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
OpenVPN won't start at boot, claims no tty
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
McLink
Apprentice
Apprentice


Joined: 02 Feb 2008
Posts: 171
Location: /dev/chair

PostPosted: Thu Feb 01, 2018 10:34 am    Post subject: OpenVPN won't start at boot, claims no tty Reply with quote

I just finished installing Gentoo on my new work laptop, and for some reason I cannot get OpenVPN to start at boot, despite having three systems with virtually identical configurations where it does work. I have the auth-user-pass option in my client configuration, meaning I should be prompted for a password at boot. Instead OpenVPN just says
Quote:
neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
The service is then flagged as "started", even though the process exits, so I have to zap it. Starting it once I'm logged in does work normally (but I don't want to do that manually every time I reboot, in case I forget). Using OpenRC, by the way.

openvpn.conf:
Code:
client
dev tap
proto tcp
remote none.of.your.biz 1194
resolv-retry infinite
nobind

auth-user-pass

ca /etc/openvpn/ca.crt
cert /etc/openvpn/cli.crt
key /etc/openvpn/cli.key

ns-cert-type server

tls-auth /etc/openvpn/ta.key 1

comp-lzo

verb 4

dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4


This is effectively identical to my personal laptop's configuration (except the latter also has redirect-gateway def1), on which I do get a username and password prompt.

I've also made a dummy init script that asks for user input at boot, and this does work, so for some reason it's just OpenVPN that's failing to detect a TTY.

Any help is greatly appreciated!
_________________
Mc'abit wrote:
Islam isn't the problem, religion is.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13512

PostPosted: Fri Feb 02, 2018 3:12 am    Post subject: Re: OpenVPN won't start at boot, claims no tty Reply with quote

McLink wrote:
Instead OpenVPN just says
Quote:
neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
The OpenRC init script passes --daemon to openvpn. Per the error message you quoted, if --daemon is used, you will have this problem.

Could you post emerge --info from both a working and a non-working system?
McLink wrote:
The service is then flagged as "started", even though the process exits, so I have to zap it.
Yes, that is an annoying problem associated with some init systems, including openrc. If the daemon exits at certain stages of execution, the init system fails to detect the exit.
McLink wrote:
Starting it once I'm logged in does work normally (but I don't want to do that manually every time I reboot, in case I forget). Using OpenRC, by the way.
In what way do you start it here that it works correctly? /etc/init.d/openvpn start?
Back to top
View user's profile Send private message
McLink
Apprentice
Apprentice


Joined: 02 Feb 2008
Posts: 171
Location: /dev/chair

PostPosted: Fri Feb 02, 2018 10:23 am    Post subject: Re: OpenVPN won't start at boot, claims no tty Reply with quote

Hu wrote:
The OpenRC init script passes --daemon to openvpn. Per the error message you quoted, if --daemon is used, you will have this problem.
Except --daemon is also used on the systems where it does work. Hence this thread. ;)

Hu wrote:
Could you post emerge --info from both a working and a non-working system?
Working system:
Code:
Portage 2.3.13 (python 2.7.14-final-0, default/linux/amd64/17.0, gcc-6.4.0, glibc-2.25-r9, 4.14.12-gentoo x86_64)
=================================================================
System uname: Linux-4.14.12-gentoo-x86_64-AMD_FX-tm-8350_Eight-Core_Processor-with-gentoo-2.4.1
KiB Mem:    16442428 total,    125632 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Thu, 01 Feb 2018 16:00:01 +0000
Head commit of repository gentoo: 140c9940dd9e2ae905a89c6b25306c02322f5edb
sh bash 4.4_p12
ld GNU ld (Gentoo 2.29.1 p3) 2.29.1
ccache version 3.2.4 [enabled]
app-shells/bash:          4.4_p12::gentoo
dev-java/java-config:     2.2.0-r3::gentoo
dev-lang/perl:            5.24.3::gentoo
dev-lang/python:          2.7.14-r1::gentoo, 3.4.5-r1::gentoo, 3.5.4-r1::gentoo, 3.6.3-r1::gentoo
dev-util/ccache:          3.2.4::gentoo
dev-util/cmake:           3.9.6::gentoo
dev-util/pkgconfig:       0.29.2::gentoo
sys-apps/baselayout:      2.4.1-r2::gentoo
sys-apps/openrc:          0.34.11::gentoo
sys-apps/sandbox:         2.10-r4::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69-r4::gentoo
sys-devel/automake:       1.9.6-r4::gentoo, 1.11.6-r2::gentoo, 1.15.1-r1::gentoo
sys-devel/binutils:       2.29.1-r1::gentoo
sys-devel/gcc:            6.4.0::gentoo
sys-devel/gcc-config:     1.8-r1::gentoo
sys-devel/libtool:        2.4.6-r3::gentoo
sys-devel/make:           4.2.1::gentoo
sys-kernel/linux-headers: 4.13::gentoo (virtual/os-headers)
sys-libs/glibc:           2.25-r9::gentoo
Repositories:

gentoo
    location: /usr/portage
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    sync-rsync-extra-opts:

crossdev
    location: /usr/local/crossdev
    masters: gentoo
    priority: 0

localtree
    location: /usr/local/portage
    masters: gentoo
    priority: 1

abendbrot
    location: /var/lib/layman/abendbrot
    masters: gentoo
    priority: 50

alexxy
    location: /var/lib/layman/alexxy
    masters: gentoo
    priority: 50

gnome
    location: /var/lib/layman/gnome
    masters: gentoo
    priority: 50

jorgicio
    location: /var/lib/layman/jorgicio
    masters: gentoo
    priority: 50

science
    location: /var/lib/layman/science
    masters: gentoo
    priority: 50

x11
    location: /var/lib/layman/x11
    masters: gentoo
    priority: 50

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=native -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/maven-bin-3.3/conf"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -pipe -march=native -ggdb"
DISTDIR="/var/lib/portage/distfiles"
EMERGE_DEFAULT_OPTS="--keep-going --quiet-build=n"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs ccache config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync metadata-transfer multilib-strict nostrip parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="ftp://mirror.leaseweb.com/gentoo/ ftp://mirrors.soeasyto.com/distfiles.gentoo.org/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.free.fr/mirrors/ftp.gentoo.org/ ftp://ftp-stud.hs-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.mirrorservice.org/sites/distfiles.gentoo.org/ ftp://mirror.mdfnet.se/gentoo ftp://tux.rainside.sk/gentoo/ ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.fi.muni.cz/pub/linux/gentoo/"
LANG="en_GB.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en_GB en nl de fr es sv"
MAKEOPTS="-j9"
PKGDIR="/var/lib/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="256-color X a52 aac aalib acl alsa amd64 amr ancient apcupsd apng applet artist-screen bash-completion bazaar berkdb bidi bpd branding btrfs bzip2 cairo caps cdda cddb cdparanoia cdr chroma chromaprint clang cli collada colorio colors convert crypt cups curl cursors cvs cxx cycles d3d9 darcs dbus declarative discogs djvu dri dri3 dts dv dvb dvd dvi dvipdfm echonest echonest_tempo elf encode epub evdev examples exif extra extras fancy fbcon ffmpeg fftw flac fontconfig fortran fribidi ftp g726 g729 gallium games gbm gd gdbm gdu ggi gif gimp git glamor gltf gmp gold gphoto2 gpm graphics graphite graphviz gsm gstreamer gtk gtk2 gtkstyle gudev hddtemp hdri hpijs http humanities icons iconv icu id3tag ilbc imagemagick imaging imlib inkjar iostats ipv6 ipython javascript jbig joystick jpeg jpeg2k key-screen lapack lastgenre latex lcms libcaca libsamplerate link llvm llvm-shared-libs lm_sensors lqr lua lua-imlib lyrics-screen lzma lzo mad math matplotlib matroska md5sum mdev mercurial minizip mmx mmxext mng modules mouse mp3 mpeg mudflap multilib multimedia multislot musepack music mysql nas ncurses network nls nptl offensive ogg ois omega opencl openexr opengl openimageio openmax openmp optimization pam pango pci pcntl pcre pdf perl pgo phonon player png policykit portaudio portmon postproc postscript printsupport profile pstricks publishers pvr pyside python python3 qt3support qt4 qt5 r600-llvm-compiler radio raw readline redeyes replaygain rss sasl sbsms scanner schroedinger science script sdl search-screen seccomp security snmp song-screen sound source sox spell sql sqlite sse sse2 ssh ssl ssse3 stars startup-notification subversion svg symlink taglib tcpd test tex4ht tga theano theora threads tiff tinfo tools truetype tty-helpers twolame udev unicode usb utils v4l valgrind vcd vdpau vector-icons video vim-pager vim-syntax vlc vorbis wavpack weather weather-metar weather-xoap webkit webstart x264 xattr xetex xft xml xmp xnest xpm xv xvfb xvid xvmc zip zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_core authn_dbm authn_file authz_core authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif socache_shmcb speling status unique_id unixd userdir usertrack vhost_alias access_compat" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="mouse keyboard evdev wacom" KERNEL="linux" L10N="en_GB en nl de fr es sv" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6 php7-0" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_4" PYTHON_TARGETS="python3_5 python3_4 python2_7" RUBY_TARGETS="ruby22 ruby23" SANE_BACKENDS="*" USERLAND="GNU" VIDEO_CARDS="amdgpu radeonsi radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS


Non-working system:
Code:
Portage 2.3.19 (python 3.5.4-final-0, default/linux/amd64/17.0, gcc-6.4.0, glibc-2.25-r9, 4.15.0-gentoo x86_64)
=================================================================
System uname: Linux-4.15.0-gentoo-x86_64-Intel-R-_Core-TM-_i7-7700HQ_CPU_@_2.80GHz-with-gentoo-2.4.1
KiB Mem:    32827144 total,  18781668 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Thu, 01 Feb 2018 16:00:01 +0000
Head commit of repository gentoo: 140c9940dd9e2ae905a89c6b25306c02322f5edb
sh bash 4.4_p12
ld GNU gold (Gentoo 2.29.1 p3 2.29.1) 1.14
ccache version 3.2.4 [enabled]
app-shells/bash:          4.4_p12::gentoo
dev-lang/perl:            5.24.3::gentoo
dev-lang/python:          2.7.14-r1::gentoo, 3.5.4-r1::gentoo
dev-util/ccache:          3.2.4::gentoo
dev-util/cmake:           3.9.6::gentoo
dev-util/pkgconfig:       0.29.2::gentoo
sys-apps/baselayout:      2.4.1-r2::gentoo
sys-apps/openrc:          0.34.11::gentoo
sys-apps/sandbox:         2.12::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69-r4::gentoo
sys-devel/automake:       1.11.6-r2::gentoo, 1.15.1-r1::gentoo
sys-devel/binutils:       2.29.1-r1::gentoo
sys-devel/gcc:            6.4.0-r1::gentoo
sys-devel/gcc-config:     1.8-r1::gentoo
sys-devel/libtool:        2.4.6-r3::gentoo
sys-devel/make:           4.2.1::gentoo
sys-kernel/linux-headers: 4.13::gentoo (virtual/os-headers)
sys-libs/glibc:           2.25-r9::gentoo
Repositories:

gentoo
    location: /usr/portage
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    sync-rsync-extra-opts:

localtree
    location: /usr/local/portage
    masters: gentoo
    priority: 0

abendbrot
    location: /var/lib/layman/abendbrot
    masters: gentoo
    priority: 50

jorgicio
    location: /var/lib/layman/jorgicio
    masters: gentoo
    priority: 50

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=native -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -pipe -march=native -ggdb"
DISTDIR="/var/lib/portage/distfiles"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs ccache config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync metadata-transfer multilib-strict news nostrip parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="ftp://mirror.leaseweb.com/gentoo/ ftp://ftp.snt.utwente.nl/pub/os/linux/gentoo ftp://mirrors.soeasyto.com/distfiles.gentoo.org/ ftp://ftp.free.fr/mirrors/ftp.gentoo.org/ ftp://mirror.netcologne.de/gentoo/ ftp://ftp-stud.hs-esslingen.de/pub/Mirrors/gentoo/ ftp://mirror.bytemark.co.uk/gentoo/ ftp://ftp.heanet.ie/pub/gentoo/ ftp://ftp.mirrorservice.org/sites/distfiles.gentoo.org/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo"
LANG="en_GB.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en_GB en-GB en nl_NL nl-NL nl"
MAKEOPTS="-j9"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="X a52 aac aalib acl alsa amd64 apng applet bazaar berkdb branding btrfs bzip2 cairo cdda cdr clang cli crypt cups curl cvs cxx d3d9 darcs dbus dhcpcd djvu dri dri3 dts dv dvb dvd dvi encode epspdf evdev examples exif ext4 extra ffmpeg fftw flac fontconfig fortran frei0r fuse games gdbm gif gimp git github gmp gnuplot gphoto2 gpm graphics graphite graphviz gsm gtk gtk2 gtkstyle gui highlight humanities iconv icu id3tag imagemagick imaging imlib ipv6 ipython javascript jbig jpeg jpeg2k json ladspa lapack latex llvm lm_sensors lua lzma lzo mad matroska mercurial metapost midi mng modules mp3 mpeg multilib multimedia music ncurses network networking networkmanager nls nptl ntfs ntp offensive ogg opengl openmp optimization pam pango pcre pcre16 pdf perl png postscript pstricks publishers pyside python qt5 raw readline reiserfs resolvconf ruby science script sdl seccomp sensors smp sna sox speex sqlite ssh ssl stars startup-notification subversion svg symlink tcpd terminal theora threads tiff timidity tools toporouter traceroute truetype udev unicode usb uxa v4l valgrind vcd vdpau vim-pager vim-syntax vorbis vulkan wavpack webp widgets x264 xattr xetex xkb xpm xvid zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="mouse keyboard evdev synaptics wacom" KERNEL="linux" L10N="en_GB en-GB en nl_NL nl-NL nl" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6 php7-0" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_5" PYTHON_TARGETS="python2_7 python3_5" RUBY_TARGETS="ruby22 ruby23" USERLAND="GNU" VIDEO_CARDS="intel amdgpu radeon radeonsi" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS



Hu wrote:
In what way do you start it here that it works correctly? /etc/init.d/openvpn start?
Yes.
_________________
Mc'abit wrote:
Islam isn't the problem, religion is.
Back to top
View user's profile Send private message
McLink
Apprentice
Apprentice


Joined: 02 Feb 2008
Posts: 171
Location: /dev/chair

PostPosted: Tue Mar 27, 2018 8:48 am    Post subject: Reply with quote

This is still an issue. Any help would be greatly appreciated!
_________________
Mc'abit wrote:
Islam isn't the problem, religion is.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum