Page MenuHomeVyOS Platform

VyOS 1.3 Don't set daemon in openvpn-{intf}.conf file
Closed, ResolvedPublicBUG


Small feature request for VyOS 1.3 that now sets all the configuration options in a openvpn-{intf}.conf file.
It also sets daemon openvpn-{intf} in the config file, which makes it harder for debugging if you want to test the configuration manually by running:

sudo openvpn --config /opt/vyatta/etc/openvpn/openvpn-vtun0.conf

If daemon was specified in the config it would run as a daemon immediately and the output is logged to syslog. If it's not defined you will see stdout and stderr which is what you would expect.

I request the following change in /usr/libexec/vyos/conf_mode/

  1. Don't write daemon to openvpn config file by removing it from the Jinja template
  2. Start OpenVPN using openvpn --daemon openvpn-{intf} --config /opt/vyatta/etc/openvpn/openvpn-{intf}.conf eg:
# No matching OpenVPN process running - maybe it got killed or none
# existed - nevertheless, spawn new OpenVPN process
cmd  = 'start-stop-daemon --start --quiet'
cmd += ' --pidfile ' + pidfile
cmd += ' --exec /usr/sbin/openvpn'
# now pass arguments to openvpn binary
cmd += ' --'
cmd += ' --daemon openvpn-' + openvpn['intf']
cmd += ' --config ' + get_config_name(openvpn['intf'])


Difficulty level
Easy (less than an hour)
VyOS 1.3-rolling-202002190654
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

yun changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
yun changed Version from - to VyOS 1.3-rolling-202002190654.
syncer triaged this task as Normal priority.
syncer changed the subtype of this task from "Feature Request" to "Bug".

Thanks for the quick fix c-po, I noticed this also needs to be fixed in /usr/libexec/vyos/op_mode/ in case someone runs for example:

$ reset openvpn interface vtun0
erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 5:33 PM