I believe this is a similar issue to bug #1440412. Fixing this will require an IPC mechanism which the OpenVPN scripts can trigger and another already running script which would pick up what needs to be done and execute it on behalf of OpenVPN - but with proper privileges. The script-hooks in OpenVPN are to limited in today's more secured Linux distributions. *** This bug has been marked as a duplicate of bug 1440412 ***