Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#68589 - OpenVPN scripts fail after upgrade to 2.5

Attached to Project: Arch Linux
Opened by JC Francois (jeancf) - Wednesday, 11 November 2020, 09:48 GMT
Last edited by Christian Hesse (eworm) - Wednesday, 11 November 2020, 10:04 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Christian Hesse (eworm)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


My script that allows an unprivileged user to establish a VPN connection stopped working after update to 2.5. It fails with:

openvpn[6790]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/openvpn.conf:17: iproute (2.5.0)

These scripts generate the URI of the remote end of the VPN tunnel on the fly, based on the input of the unprivileged user. Looking at the latest commits, I think that the error is introduced by the removal of the --iproute2 compilation option in commit e3e9b45fb62e267bea0fa7bc6077e2c162749e2f which provides support for the iproute option at runtime.

Please re-add the --iproute2 compilation option.


dev tun0
reneg-sec 0
ping 5
ping-exit 30
comp-lzo no
remote-cert-tls server
route-metric 1
cipher AES-256-CBC
auth sha512

iproute /usr/local/sbin/unpriv-ip
log /var/log/openvpn/openvpn
This task depends upon

Closed by  Christian Hesse (eworm)
Wednesday, 11 November 2020, 10:04 GMT
Reason for closing:  Not a bug
Comment by Christian Hesse (eworm) - Wednesday, 11 November 2020, 10:03 GMT
It's not a bug, it's a feature.
Also please read installation note at upgrade time.

OpenVPN now uses a netlink interface for network configuration and running as unprivileges user became the default.
Just remove the "iproute" directive from configuration.