tried, not working, would it be root permission? I have 0700 for permission settingsmghe wrote:For make ta.key use command: openvpn --genkey --secret ta.key
OpenVPN running under selinux?
Re: OpenVPN running under selinux?
Re: OpenVPN running under selinux?
If You want save file under where user can not access will be failCollyZ wrote:tried, not working, would it be root permission? I have 0700 for permission settingsmghe wrote:For make ta.key use command: openvpn --genkey --secret ta.key
Do not touch any permissions, it will be work in default.
Re: OpenVPN running under selinux?
what if I already did...mghe wrote:If You want save file under where user can not access will be failCollyZ wrote:tried, not working, would it be root permission? I have 0700 for permission settingsmghe wrote:For make ta.key use command: openvpn --genkey --secret ta.key
Do not touch any permissions, it will be work in default.
anyway i can return it to default?
or i have to reinstall openvpn and easy rsa, and regenerate all cerificates?
Re: OpenVPN running under selinux?
There is not problem if You changed it,
For back, You can use:
rpm --setperms PACKAGE_NAME - sets permissions of files in the given package.
rpm --setugids PACKAGE_NAME - sets user/group ownership of files in the given package.
ps. Your created cert You can keep and import it to easy-rsa.
ps2. Remove, delete, install also are resolve permissions issue.
Any way, just back to create ta.key file and check openvpn service.
For back, You can use:
rpm --setperms PACKAGE_NAME - sets permissions of files in the given package.
rpm --setugids PACKAGE_NAME - sets user/group ownership of files in the given package.
ps. Your created cert You can keep and import it to easy-rsa.
ps2. Remove, delete, install also are resolve permissions issue.
Any way, just back to create ta.key file and check openvpn service.
Re: OpenVPN running under selinux?
Succeed after I removed comment mark before udp, tho i still want it run in tcpmghe wrote:There is not problem if You changed it,
For back, You can use:
rpm --setperms PACKAGE_NAME - sets permissions of files in the given package.
rpm --setugids PACKAGE_NAME - sets user/group ownership of files in the given package.
ps. Your created cert You can keep and import it to easy-rsa.
ps2. Remove, delete, install also are resolve permissions issue.
Any way, just back to create ta.key file and check openvpn service.
Code: Select all
[root@localhost 3.0]# systemctl status openvpn@server
● openvpn@server.service - OpenVPN Robust And Highly Flexible Tunneling Application On server
Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2018-05-23 22:34:17 CST; 41s ago
Main PID: 3323 (openvpn)
Status: "Pre-connection initialization successful"
CGroup: /system.slice/system-openvpn.slice/openvpn@server.service
├─3323 /usr/sbin/openvpn --cd /etc/openvpn/ --config server.conf
└─3324 /usr/bin/systemd-ask-password --icon network-vpn Enter Private Key Password:
and also, i want it to run under TCP, i will be editing the server.conf according to this, right?
Code: Select all
Options error: --explicit-exit-notify can only be used with --proto udp
Use --help for more information.
systemd-tty-ask-password-agent tool
Re: OpenVPN running under selinux?
Code: Select all
systemd-tty-ask-password-agent --query