Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

open ./easyrsa/pki/index.txt: no such file or directory #196

Closed
PizzaProgram opened this issue Mar 25, 2023 · 2 comments
Closed

open ./easyrsa/pki/index.txt: no such file or directory #196

PizzaProgram opened this issue Mar 25, 2023 · 2 comments

Comments

@PizzaProgram
Copy link

Hi,

I get this error, when I try to start ovpn-admin binary from a normal user's account on latest Debian 11. (see title)
But by default the easyrsa is here: /usr/share/easy-rsa

So I've created a symlink to that directory: /home/myusername/easyrsa
idea found here ...

Than I've got this error:

open ./easyrsa/pki/index.txt: no such file or directory

So I've added a path name when starting:
./ovpn-admin --mgmt=main=127.0.0.88:8888 --role="master" --easyrsa.index-path="/etc/openvpn/keys/myservername.hu/index.txt"

Finally the ovpn-admin can start and serving on 8080 port.

But when I try to create a new user on the Web GUI, I get this error:

INFO[0316] 127.0.0.1:56670 /api/user/create
DEBU[0316] cd ./easyrsa && easyrsa build-client-full test88 nopass 1>/dev/null
DEBU[0316] exit status 127 : bash: line 1: easyrsa: command not found

If I try to execute the @easyrsa file from the symink dir, I get this:

ovpn-user@myvpn:~/easyrsa$ ./easyrsa
cp: cannot create regular file '/home/ovpndir/easyrsa/pki/openssl-easyrsa.cnf': Permission denied
mkdir: cannot create directory ‘/home/ovpndir/easyrsa/pki/easy-rsa-469343.BjI8y6’: Permission denied
Easy-RSA error:
  Could not create temporary directory '/home/ovpndir/easyrsa/pki/easy-rsa-469343.BjI8y6'. Permission or concurrency problem?

So what is the recommended installation procedure for ovpn-admin ?

  • I would like to keep running it secure way / with a different user, so if someone is accessing this webGUI, won't be able to access the whole server.
  • Does that "ovpn-user" needs access to the openvpn directory too ? Or the easyrsa path is enough?
  • What path will be the clients placed ?

Thanks for any help / clarification !
@PizzaProgram
Copy link
Author

This is my current Path config, made automatically by Webmin's openvpn module:

kép

@abuyusif01
Copy link

actually this is not an error, not at all

Look at the help page of ovpn-admin. the param --easyrsa.path is equal to "./easy-rsa" by default
You need to change it to whatever is the real path of ur easy-rsa dir.

In my case its
sudo ./ovpn-admin --easyrsa.index-path="/etc/openvpn/server/easy-rsa/pki/index.txt" --easyrsa.path="/etc/openvpn/server/easy-rsa"

Oh yeah u need to run it as root, or u can symlink the folder to somewhere u have rw+ perm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PizzaProgram @abuyusif01