Bug 1231338 - /usr/libexec/nm-openvpn-service-openvpn-helper handles restart in script wrongfully, resulting in lost routes
Summary: /usr/libexec/nm-openvpn-service-openvpn-helper handles restart in script wron...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: NetworkManager-openvpn
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Lubomir Rintel
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-06-12 17:58 UTC by Rolf Fokkens
Modified: 2016-07-10 05:55 UTC (History)
7 users (show)

Fixed In Version: NetworkManager-openvpn-1.2.4-1.fc24
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-10 05:55:01 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
environment passed during initial connection (1.69 KB, text/plain)
2015-06-12 18:12 UTC, Rolf Fokkens 		no flags Details
environment passed during connection restart (1.48 KB, text/plain)
2015-06-12 18:14 UTC, Rolf Fokkens 		no flags Details
View All

Description Rolf Fokkens 2015-06-12 17:58:44 UTC 
Description of problem: Apparently since upgrading to Fedora 22 an openvpn connection restart (resulting from an openvpn server restart) results in lost (pushed) routes, but an otherwise succesful connection

Version-Release number of selected component (if applicable):
NetworkManager-openvpn-1.0.2-2.fc22.x86_64
openvpn-2.3.6-1.fc22.x86_64

How reproducible: 100%


Steps to Reproduce:
1. create a succesful VPN connection
2. restart the VPN server daemon
3. notice a restart of the connection
4. notice missing routes

Actual results:
connection without pushed routes

Expected results:
Functional connection based on all pushed routes

Additional info:
A workaround is this:
[root@home07 ~]# cd /usr/libexec/
[root@home07 libexec]# ls -l nm-openvpn-service-openvpn-helper*
lrwxrwxrwx. 1 root root    38 Jun 12 19:24 nm-openvpn-service-openvpn-helper -> nm-openvpn-service-openvpn-helper.wrap
-rwxr-xr-x. 1 root root 24264 May 28 11:34 nm-openvpn-service-openvpn-helper.orig
-rwxr-xr-x. 1 root root   171 Jun 12 19:42 nm-openvpn-service-openvpn-helper.wrap
[root@home07 libexec]# cat nm-openvpn-service-openvpn-helper.wrap
#!/bin/bash

( echo $0
  echo "$@"
  env ) > /tmp/`date +%s`.dump

eval [ "\${$#}" == "restart" ] && exit 0

exec `dirname $0`/nm-openvpn-service-openvpn-helper.orig "$@"
[root@home07 libexec]#
Comment 1 Rolf Fokkens 2015-06-12 18:12:25 UTC 
Created attachment 1038127 [details]
environment passed during initial connection
Comment 2 Rolf Fokkens 2015-06-12 18:14:23 UTC 
Created attachment 1038129 [details]
environment passed during connection restart

Not the lack of routing information in the environment passed during restart. looks like the lack of information results in no routes at all.
Comment 3 Rolf Fokkens 2015-06-12 18:32:45 UTC 
Upstream issue:
https://bugzilla.gnome.org/show_bug.cgi?id=750873
Comment 4 Fedora Admin XMLRPC Client 2015-10-14 14:48:23 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 5 Fedora Update System 2016-07-04 10:09:41 UTC 
NetworkManager-openvpn-1.2.4-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-c719a6115b
Comment 6 Thomas Haller 2016-07-04 13:40:34 UTC 
for this bug to be fixed, we also need an update of NetworkManager package... (todo)
Comment 7 Fedora Update System 2016-07-05 08:53:05 UTC 
NetworkManager-openvpn-1.2.4-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-c719a6115b
Comment 8 Fedora Update System 2016-07-10 05:54:42 UTC 
NetworkManager-openvpn-1.2.4-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.