New issue
Advanced search Search tips

Issue 863757 link

Starred by 6 users
Status: Duplicate
Merged: issue 834585
Owner:
smbar...@chromium.org
Closed: Oct 24
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

openvpn doesn't work from termina container -- ERROR: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)

Reported by dancinh...@gmail.com, Jul 15 
Chrome Version: 69.0.3486.0 (Official Build) dev (64-bit)
Chrome OS Version: 10866.1.0 (Official Build) dev-channel eve
Chrome OS Platform: Google Pixelbook (Eve)
Network info: wifi, openvpn

Please specify Cr-* of the system to which this bug/feature applies (add
the label below).

Steps To Reproduce:
(1) start termina
(2) run openvpn as a client
(3)

Expected Result:
openvpn connects successfully

Actual Result:
openvpn fails (details below)

How frequently does this problem reproduce? (Always, sometimes, hard to
reproduce?)
100%

What is the impact to the user, and is there a workaround? If so, what is
it?
Unable to utilize container-based apps that require a vpn connection

Please provide any additional information below. Attach a screen shot or
log if possible.

---
dancinhomr@penguin:~/ovpn$ sudo openvpn --client --auth-user-pass --config foo.conf 
Sun Jul 15 20:05:03 2018 OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 18 2017
Sun Jul 15 20:05:03 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.08
Enter Auth Username: homr
Enter Auth Password: **************
Sun Jul 15 20:05:27 2018 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1360)
Sun Jul 15 20:05:27 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]209.132.183.3:443
Sun Jul 15 20:05:27 2018 UDP link local: (not bound)
Sun Jul 15 20:05:27 2018 UDP link remote: [AF_INET]209.132.183.3:443
Sun Jul 15 20:05:27 2018 [ovpn.redhat.com] Peer Connection Initiated with [AF_INET]209.132.183.3:443
Sun Jul 15 20:05:29 2018 Option 'explicit-exit-notify' in [PUSH-OPTIONS]:8 is ignored by previous <connection> blocks 
Sun Jul 15 20:05:29 2018 ERROR: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Sun Jul 15 20:05:29 2018 Exiting due to fatal error
---

The built-in openvpn in chromeos works just fine however the container apparently isn't able to utilize that connection, thus the need to run openvpn from w/in the container. Ideally the container could just utilize the already established chromeos vpn connection.

Comment 1 by dtapu...@chromium.org, Jul 16

Components: OS>Systems>Containers

Comment 2 by tbuckley@google.com, Oct 8

Labels: Proj-Containers

Comment 3 by tbuckley@google.com, Oct 24

Owner: smbar...@chromium.org
Status: Assigned (was: Unconfirmed)
@smbarber can this be merged with Issue 834585 ? We could make that about supporting VPN in general.

Comment 4 by smbar...@chromium.org, Oct 24

Mergedinto: 834585
Status: Duplicate (was: Assigned)
Merging into issue 834585.

Sign in to add a comment