Opened 5 years ago

Last modified 4 years ago

#52525 new defect

openvpn2 startup script not working

Reported by: thomas.hartwig@… Owned by: macports-tickets@…
Priority: Normal Milestone:
Component: ports Version: 2.3.4
Keywords: Cc: c5kolb, mf2k (Frank Schima)
Port: openvpn2

Description (last modified by mf2k (Frank Schima))

Hi, I tested the openvpn2 port and I have major issues with the startup script org.macports.openvpn2.plist. I can run the daemon manually and the tunnel is established but I can not get it running automatically via launchctl for following reasons:

  1. bin -> sbin: the script uses the wrong location for openvpn2, instead of /opt/local/bin/openvpn2 it should be /opt/local/sbin/openvpn2
  2. daemondo: I can run the whole daemondo call from the command line, but if I run the script via launchctl it only logs that the service did run for 0 seconds only. I can not find any further ouptut showing me what might be wrong with the script.
  3. debug: launchtl is giving a warning: The Debug key is no longer respected. Please remove it.
  4. inefficient: launchtl is giving a warning: This service is defined to be constantly running and is inherently inefficient.

In the end it is not starting and I don't know where to look else, my only source of logging is /var/log/system.log.

My system is Sierra 10.12.

This is how I can establish the tunnel:

daemondo --label=openvpn2 --start-cmd /opt/local/sbin/openvpn2 --cd /opt/local/etc/openvpn2 --config /opt/local/etc/openvpn2/my.conf \;

The script currently looks like this:

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd" >
<plist version='1.0'>
<dict>
<key>Label</key><string>org.macports.openvpn2</string>
<key>ProgramArguments</key>
<array>
	<string>/opt/local/bin/daemondo</string>
	<string>--label=openvpn2</string>
	<string>--start-cmd</string>
	<string>/opt/local/sbin/openvpn2 --config /opt/local/etc/openvpn2/my.conf</string>
	<string>;</string>
	<string>--pid=exec</string>
</array>
<key>Debug</key><false/>
<key>Disabled</key><false/>
<key>KeepAlive</key><true/>
</dict>
</plist>

Change History (11)

comment:1 Changed 5 years ago by thomas.hartwig@…

Cc: thomas.hartwig@… added

Cc Me!

comment:2 Changed 5 years ago by mf2k (Frank Schima)

Priority: HighNormal

The Priority field is for use by Macports team members only.

comment:3 Changed 5 years ago by mf2k (Frank Schima)

Cc: thomas.hartwig@… removed
Keywords: openvpn2 launchctl removed

In the future, please use WikiFormatting. As reporter, you do not need to Cc yourself.

comment:4 Changed 5 years ago by mf2k (Frank Schima)

Description: modified (diff)

comment:5 Changed 5 years ago by mf2k (Frank Schima)

I fixed the sbin issue with the startup item in r153641. Also made a correction in the notes.

It still is not working for me. I'm not sure how to correct the other issues you mention. Can you look in the guide and possibly submit a Portfile patch to fix the remaining issues?

comment:6 Changed 5 years ago by thomas.hartwig@…

I have checked the plist file further and it turns out that you have to specify the startup command in a single attribute. Further it looks like all other parameters are not forwarded to the command itself. So I ended up writing a wrapper script which contained all the parameters for starting up openvpn correctly. So the final test script looks like below. I created a openvpn2.sh which makes the call finally. I have also activated some kind of debug to see what happens. However I do not know how you usually realize startup things. IMHO there is a problem with deamondo not forwarding the parameters correctly. But I am not an expert in this.

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd" >
<plist version='1.0'>
<dict>
<key>Label</key><string>org.macports.openvpn2</string>
<key>ProgramArguments</key>
<array>
	<string>/opt/local/bin/daemondo</string>
	<string>--label=openvpn2</string>
	<string>--start-cmd</string>
	<string>/opt/local/sbin/openvpn2.sh</string>
	<string>;</string>
	<string>--pid=exec</string>
</array>
<key>Debug</key><false/>
<key>Disabled</key><false/>
<key>KeepAlive</key><true/>
<key>StandardOutPath</key>
<string>/tmp/logfile.log</string>
<key>StandardErrorPath</key>
<string>/tmp/error.log</string>
</dict>
</plist>

comment:7 Changed 5 years ago by ctreleaven (Craig Treleaven)

Untested, but I think the problem is the double quotes around the startupitem.executable:

startupitem.executable  "${prefix}/bin/openvpn2 --config ${prefix}/etc/${name}/server.conf"

Should be

startupitem.executable  ${prefix}/bin/openvpn2 --config ${prefix}/etc/${name}/server.conf

But I could be completely wrong.

comment:8 Changed 5 years ago by mf2k (Frank Schima)

I tested it locally without quotes and the startupitem looks like this:

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd" >
<plist version='1.0'>
<dict>
<key>Label</key><string>org.macports.openvpn2</string>
<key>ProgramArguments</key>
<array>
        <string>/opt/local/bin/daemondo</string>
        <string>--label=openvpn2</string>
        <string>--start-cmd</string>
        <string>/opt/local/sbin/openvpn2</string>
        <string>--config</string>
        <string>/opt/local/etc/openvpn2/server.conf</string>
        <string>;</string>
        <string>--pid=exec</string>
</array>
<key>Debug</key><false/>
<key>Disabled</key><true/>
<key>KeepAlive</key><true/>
</dict>
</plist>

comment:9 Changed 5 years ago by mf2k (Frank Schima)

Cc: kolbcp@… added

Has duplicate #50655.

comment:10 Changed 5 years ago by mf2k (Frank Schima)

Committed in r153653. Based on the guide, this is more correct. But it still is not launching for me.

comment:11 Changed 4 years ago by mf2k (Frank Schima)

Cc: mf2k added
Note: See TracTickets for help on using tickets.