Joh*_*oey 5 openvpn radius 16.04
自从我将 ubuntu 从 14.04 升级到 16.04LTS 后,我的 openvpn 意外退出
下面是openvpn的日志文件的内容。
Wed Mar 1 13:46:33 2017 username/123.123.123.123:56729 WARNING: Failed running command (--client-connect): external program exited with error status: 254
Mar 1 13:46:33 2017 username/123.123.123.123:56729 PUSH: Received control message: 'PUSH_REQUEST'
Wed Mar 1 13:46:33 2017 username/123.123.123.123:56729 PUSH: Received control message: 'PUSH_REQUEST'
Wed Mar 1 13:46:33 2017 username/123.123.123.123:56729 PUSH: Received control message: 'PUSH_REQUEST'
Wed Mar 1 13:46:36 2017 username/123.123.123.123:56729 PUSH: Received control message: 'PUSH_REQUEST'
Wed Mar 1 13:46:42 2017 :55522 TLS: 123.123.123.123Initial packet from [AF_INET]123.123.123.123:55522, sid=1272ece9 72edde04
Wed Mar 1 13:46:43 2017 RADIUS-PLUGIN: FOREGROUND THREAD: New user.
Wed Mar 1 13:46:43 2017 RADIUS-PLUGIN: No attributes Acct Interim Interval or bad length.
Wed Mar 1 13:46:43 2017 RADIUS-PLUGIN: Client config file was not written, overwriteccfiles is false
.Wed Mar 1 13:46:43 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Add user to map.
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 PLUGIN_CALL: POST /etc/openvpn/radiusplugin.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 TLS: Username/Password authentication succeeded for username 'username' [CN SET]
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384
Wed Mar 1 13:46:43 2017 123.123.123.123:55522 [username] Peer Connection Initiated with [AF_INET]123.123.123.123:55522
Wed Mar 1 13:46:43 2017 username/123.123.123.123:55522 PLUGIN_CALL: POST /etc/openvpn/radiusplugin.so/PLUGIN_CLIENT_DISCONNECT status=0
Wed Mar 1 13:46:43 2017 username/123.123.123.123:55522 openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
Wed Mar 1 13:46:43 2017 username/123.123.123.123:55522 Exiting due to fatal error
Wed Mar 1 13:46:43 2017 username/123.123.123.123:55522 /sbin/ip route del 10.25.38.0/24
Wed Mar 1 13:46:43 2017 username/123.123.123.123:55522 openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
Wed Mar 1 13:46:43 2017 username/123.123.123.123:55522 Exiting due to fatal error
我不知道为什么会出现这个。
openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
并导致我退出LIMITNPROC=10 in /lib/systemd/system/openvpn@.service 的openvpn
已经被注释掉了。
.service这是OpenVPN 的systemd 文件中的一个已知问题。
LimitNProc=10更准确地说,systemd 通过文件中的设置将 openvpn 的进程限制在 10 个以内/lib/systemd/system/openvpn@.service。去掉这行,就可以了。
互联网上的一些消息来源指出,将此值增加到 100 就足够了。在我的实验中,它不起作用 - 另请注意,已经 10 个应该足够了,因为 OpenVPN 几乎不会分叉这么多进程。这可能是一些 systemd 错误。
另请注意,最好创建该配置文件的副本/lib/systemd/system/openvpn@.service并/etc/systemd/system/openvpn@.service修改该配置文件。这样,就会覆盖原来的设置。
修改 systemd 服务文件后,systemctl daemon-reload应重新加载它们(无需重新启动)。
| 归档时间: |
|
| 查看次数: |
1313 次 |
| 最近记录: |