I am running a basic Tumbleweed system with one ethernet connection through an openvpn link both managed by networkmanager. The openvpn command issued by networkmanager (from ps) is:
/usr/sbin/openvpn --remote us-ca.mullvad.net 1197 udp --comp-lzo yes --nobind --dev tun --cipher AES-256-CBC --auth-nocache --remote-cert-tls server --reneg-sec 0 --verb 1 --syslog nm-openvpn --script-security 2 --up /usr/lib/nm-openvpn-service-openvpn-helper --debug 0 3261 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_4 --tun – --up-restart --persist-key --persist-tun --management /var/run/NetworkManager/nm-openvpn-ff470881-4027-4585-97df-197b5e83b16d unix --management-client-user root --management-client-group root --management-query-passwords --auth-retry interact --route-noexec --ifconfig-noexec --client --ca /etc/openvpn/ca.crt --cert /etc/openvpn/client.crt --key /etc/openvpn/client.key --user nm-openvpn --group nm-openvpn
Everything works correctly for an hour or so until the VPN link is renegotiated and then openvpn crashes with the error:
*
ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)*
I’ve hacked the source of nm-openvpn-service so that it doesn’t put out the --user and --group options and everything runs fine but openvpn is then running as root which is probably not a good idea, plus I’m then running with non baseline code which I prefer not to do.
Is this a bug in networkmanager?, openvpn? or is there some setup that I have done incorrectly that causes this?