服务器 Gind.cn
  1. 服务器 Gind.cn
  3. OpenVPN的分割错误
Intereting Posts
WMI查询检查OSD的IP默认网关 访问服务器的应用程序事件日志,而不是一个PowerUser 厨师/木偶和RightScale / Scalr有什么引人注目的用例? 相同的类/模块/ orwhateveritis多次 如何将cp只写入最新的目录名称? phpMyAdmin设置问题 使用mod_wsgi部署Django Apache – 仅加载基于远程hsot的某些模块 在旧的操作系统上运行Jenkins Slaves OS X服务器:login到服务器上的(networking主页)帐户时出现问题(guest:closures) 如何避免使用Netgear VVG2000 VDSL路由器/调制解调器的双重NAT? NetAPP Snap Manager for Exchange 系统pipe理员面试问题和答案 木偶无法find依赖关系 有没有一种方法在AWS控制台中命名安全组源?

OpenVPN的分割错误

我有一个运行CentOS 5.7的服务器,我试图让OpenVPN 2.2.0工作。 首先,我已经工作了很长一段时间了,但是决定尝试通过使用心跳进行故障切换到另一台服务器来使其高度可用。 由于某种原因,我甚至无法完成它的工作。

每当我尝试启动openvpn通过运行/etc/init.d/openvpn start它不断给我的错误

/etc/init.d/openvpn:第148行:5820分段错误$ openvpn –daemon –writepid $ piddir / $ bn.pid –config $ c –cd $ work

脚本的这一部分是: 

  ... # Start every .conf in $work and run .sh if exists errors=0 successes=0 for c in `/bin/ls *.conf 2>/dev/null`; do bn=${c%%.conf} if [ -f "$bn.sh" ]; then . $bn.sh fi rm -f $piddir/$bn.pid $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work if [ $? = 0 ]; then successes=1 else errors=1 fi done ...

这是我的初始化脚本:

在/ etc / OpenVPN的/网桥启动 

 #!/bin/bash . /etc/sysconfig/network-scripts/ifcfg-eth1 ################################# # Set up Ethernet bridge on Linux # Requires: bridge-utils ################################# # Define Bridge Interface br="br0" # Define list of TAP interfaces to be bridged, # for example tap="tap0 tap1 tap2". tap="tap0" # Define physical ethernet interface to be bridged # with TAP interface(s) above. eth=$DEVICE eth_ip=$IPADDR eth_netmask=$NETMASK eth_broadcast="10.224.45.159" for t in $tap; do openvpn --mktun --dev $t done brctl addbr $br brctl addif $br $eth for t in $tap; do brctl addif $br $t done for t in $tap; do ifconfig $t 0.0.0.0 promisc up done ifconfig $eth 0.0.0.0 promisc up ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast

/etc/openvpn/openvpn.conf 

 port 1194 proto tcp # Bridge dev tap0 server-bridge 10.224.45.130 255.255.255.0 10.224.45.140 10.224.45.160 ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem keepalive 10 120 status /var/log/openvpn/status.log log /var/log/openvpn/openvpn.log verb 0 client-to-client comp-lzo user nobody group users persist-key persist-tun client-cert-not-required ifconfig-pool-persist ipp.txt plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so "/etc/openvpn/auth/ldap.conf"

/etc/openvpn/auth/ldap.conf 

 <LDAP> # LDAP server URL URL ldap://ldap.****.com # Bind DN (If your LDAP server doesn't support anonymous binds) BindDN uid=readonly,ou=Users,dc=****,dc=com # Bind Password Password <hidden> # Network timeout (in seconds) Timeout 15 # Follow LDAP Referrals (anonymously) FollowReferrals yes </LDAP> <Authorization> # Base DN BaseDN "ou=Users,dc=****,dc=com" # User Search Filter SearchFilter "(&(uid=%u))" # Require Group Membership RequireGroup false </Authorization>

我不知道segfault的原因可能是什么。 我search了几个小时的Google,没有find与我的问题相关的任何问题。

更新:

uname -a输出uname -a

 Linux master-srv1 2.6.18-274.7.1.el5xen #1 SMP Thu Oct 20 17:06:34 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux

yum info openvpn输出yum info openvpn

 Installed Packages Name : openvpn Arch : x86_64 Version : 2.2.0 Release : 3.el5.rf Size : 1.0 M Repo : installed Summary : Robust and highly flexible VPN daemon URL : http://openvpn.net/ License : GPL Description: OpenVPN is a robust and highly flexible tunneling application. : : OpenVPN supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel : transport through proxies or NAT, support for dynamic IP addresses and : DHCP, scalability to hundreds or thousands of users, and portability to : most major OS platforms.

strace /etc/init.d/openvpn start输出:(不能适合整个输出,所以我粘贴了它的结尾) 

 ... stat("/etc/sysconfig/network", {st_mode=S_IFREG|0644, st_size=79, ...}) = 0 access("/etc/sysconfig/network", X_OK) = -1 EACCES (Permission denied) access("/etc/sysconfig/network", R_OK) = 0 open("/etc/sysconfig/network", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=79, ...}) = 0 read(3, "NETWORKING=yes\nNETWORKING_IPV6=y"..., 79) = 79 close(3) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 stat("/usr/sbin/openvpn", {st_mode=S_IFREG|0755, st_size=614892, ...}) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b10685b9000 write(1, "Starting openvpn: ", 18Starting openvpn: ) = 18 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [INT CHLD], 8) = 0 rt_sigprocmask(SIG_SETMASK, [INT CHLD], NULL, 8) = 0 lseek(255, -7, SEEK_CUR) = 5545 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b1064fe4fe0) = 24440 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24440 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, 0x7fff46543fe4, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0xffffffffffffffff) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 stat("/etc/openvpn/openvpn-startup", {st_mode=S_IFREG|0740, st_size=143, ...}) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b1064fe4fe0) = 24441 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 wait4(-1, Running bridge-start...Done [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24441 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, 0x7fff46544144, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0xffffffffffffffff) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 stat("/var/run/openvpn", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 stat("/var/lock/subsys/openvpn", 0x7fff46544910) = -1 ENOENT (No such file or directory) rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 open("/var/run/openvpn/", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = 3 fcntl(3, F_SETFD, FD_CLOEXEC) = 0 brk(0x1170c000) = 0x1170c000 getdents(3, /* 2 entries */, 32768) = 48 getdents(3, /* 0 entries */, 32768) = 0 brk(0x11704000) = 0x11704000 close(3) = 0 stat(".", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 stat("/sbin/rm", 0x7fff46544b50) = -1 ENOENT (No such file or directory) stat("/usr/sbin/rm", 0x7fff46544b50) = -1 ENOENT (No such file or directory) stat("/bin/rm", {st_mode=S_IFREG|0755, st_size=47088, ...}) = 0 access("/bin/rm", X_OK) = 0 access("/bin/rm", R_OK) = 0 stat("/bin/rm", {st_mode=S_IFREG|0755, st_size=47088, ...}) = 0 access("/bin/rm", X_OK) = 0 access("/bin/rm", R_OK) = 0 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b1064fe4fe0) = 24460 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24460 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, 0x7fff46544824, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0xffffffffffffffff) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 stat("/etc", {st_mode=S_IFDIR|0755, st_size=12288, ...}) = 0 stat("/etc/openvpn", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 chdir("/etc/openvpn") = 0 pipe([3, 4]) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b1064fe4fe0) = 24461 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigaction(SIGCHLD, {0x436360, [], SA_RESTORER, 0x34e10302d0}, {0x436360, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 close(4) = 0 read(3, "openvpn.conf\n", 128) = 13 read(3, "", 128) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 24461 wait4(-1, 0x7fff46544e94, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0) = 0 close(3) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 stat("openvpn.sh", 0x7fff46544840) = -1 ENOENT (No such file or directory) rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 stat("/bin/rm", {st_mode=S_IFREG|0755, st_size=47088, ...}) = 0 access("/bin/rm", X_OK) = 0 access("/bin/rm", R_OK) = 0 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [INT CHLD], 8) = 0 rt_sigprocmask(SIG_SETMASK, [INT CHLD], NULL, 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b1064fe4fe0) = 24463 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 24463 wait4(-1, 0x7fff46544684, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 write(1, "/usr/sbin/openvpn --daemon --wri"..., 107/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/openvpn.pid --config openvpn.conf --cd /etc/openvpn ) = 107 rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0 clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x2b1064fe4fe0) = 24464 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGINT, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 wait4(-1, [{WIFSIGNALED(s) && WTERMSIG(s) == SIGSEGV}], 0, NULL) = 24464 fstat(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2b10685ba000 open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory) write(2, "/etc/init.d/openvpn: line 148: 2"..., 129/etc/init.d/openvpn: line 148: 24464 Segmentation fault $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work ) = 129 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD (Child exited) @ 0 (0) --- wait4(-1, 0x7fff46544b74, WNOHANG, NULL) = -1 ECHILD (No child processes) rt_sigreturn(0xffffffffffffffff) = 0 rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x34e10302d0}, {0x436f40, [], SA_RESTORER, 0x34e10302d0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 write(1, "\33[60G", 5 ) = 5 write(1, "[", 1[) = 1 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 write(1, "\33[0;31m", 7) = 7 write(1, "FAILED", 6FAILED) = 6 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 write(1, "\33[0;39m", 7) = 7 write(1, "]", 1]) = 1 ) = 1 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 stat("/usr/bin/rhgb-client", 0x7fff465449a0) = -1 ENOENT (No such file or directory) rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 write(1, "\n", 1 ) = 1 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0 read(255, "exit 0\n", 5552) = 7 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 exit_group(0) = ?

Boban P.在关于openvpn-auth-ldap插件是段错误原因的评论中绝对正确。 我排除了最初因为我评论插件线,并尝试重新启动openvpn,并给出了同样的错误。 然而,openvpn显然还在尝试使用插件,所以它仍然抛出segfault。 我不知道到底是什么问题,但我最好的猜测是我安装了我的系统的不正确的版本。 我确定从http://pkgs.org/centos-5-rhel-5/flexbox-x86_64/openvpn-auth-ldap-2.0.3-3.centos5.x86_64.rpm.html安装CentOS的它再次完美无瑕&#x3002;

信贷应该去Boban P.关于openvpn-auth-ldap成为问题的build议。

我会卸载心跳,或者至less看看与心跳相关的软件包。 如果我记得,他们会使用networking接口做一些事情,并且可能会干扰tun0。

我不确定这是否是在OpenVPN上实施HA的最佳方式。 我的印象是推荐的方法是在客户端configuration中使用多个“服务器”行。 这不会是没有用的,但是即使有Heartbeat,OpenVPN也不会失败,因为会话需要重新初始化。