You are not logged in.
- Topics: Active | Unanswered
Pages: 1
Topic closed
#1 2021-11-15 20:50:41
- AnotherUser
- Member
- Registered: 2021-02-09
- Posts: 9
[openvpn][dns] Failed to set DNS configuration
Hi guys
Today I'm stuck at one of those typical resolv.conf problems..
I finally would like to switch to use openvpn over cli.
To get the routes work, i would like to use the 'up' and 'down' scripts, like mentioned in the wiki
But, it seems not to work.. Right after a successfully established openvpn client connection i get following:
Failed to set DNS configuration: Interactive authentication required.My target is to update the resolv.conf after openvpn is connected successfully (like it was working with the network-manager gui..)
It would be nice to get some help here 
Kindly regards
Offline
#2 2023-07-17 10:49:11
- Nukesor
- Member
- Registered: 2015-12-16
- Posts: 3
Re: [openvpn][dns] Failed to set DNS configuration
Hey @AnotherUser
I'm currently stuck at with the exact same problem and I've no idea why this doesn't work.
Did you figure a way around this?
Offline
#3 2023-07-17 11:19:13
- Nukesor
- Member
- Registered: 2015-12-16
- Posts: 3
Re: [openvpn][dns] Failed to set DNS configuration
Ok. For anyone that runs into the same problem.
The problem is, that the openvpn-client systemd service is executed as the `openvpn` user, which has very restricted permissions.
However, any custom `pull-resolv-conf` script has to call `resolvconf`, which needs root permissions.
There are two workarounds to this:
1. Start the openvpn client via sudo directly from the commandline. This doesn't drop any privileges and openvpn will continously be executed as root.
2. The other solution is a bit cleaner but needs more work:
- Allow the `openvpn` user to use sudo for resolvconf:
`openvpn ALL=(ALL) NOPASSWD: /usr/bin/resolvconf`
- Make a copy of the pull-resolv-conf script you're using and adjust all `resolvconf` calls to use sudo
- Point to the modified script in your config.
This will make openvpn run with restricted permissions, but makes it call resolvconf with sudo, which it is now allowed to do.
Offline
#4 2023-07-17 11:19:27
- 2ManyDogs
- Forum Fellow
- Registered: 2012-01-15
- Posts: 4,645
Re: [openvpn][dns] Failed to set DNS configuration
The OP has not been back since last year, so I am going to consider this thread abandoned and close it now.
Offline
Pages: 1
Topic closed