OpenVPN --up script - "could not execute external program"

After a few days on Google, I'm not able to find the right answer to my question. After reading a lot of scripting possibilities, then OpenVPN is up.

I have a client running Debian 7.8, with OpenVPN 2.2.1 x86_64-linux-gnu.

The connection is working great, and everything is fine. But - I need to mount some NFS-drives then the connection is initiated ("up" - I guess).

But - then I'm trying to start a script, I'm running into this error:

 Tue Jun 23 10:44:55 2015 /usr/share/openvpn/script-to-start.sh tun0 1500 1542 192.168.2.6 192.168.2.5 init
 Tue Jun 23 10:44:55 2015 WARNING: Failed running command (--up/--down): could not execute external program
 Tue Jun 23 10:44:55 2015 Exiting

I have added the settings in the config-file:

script-security 2
up /usr/share/openvpn/script-to-start.sh
down /usr/share/openvpn/script-to-stop.sh

See the full settings file here.

The script I'm trying to run (just for testing right now) is:

#/bin/bash

grep vpn /var/log/syslog > /home/USERNAME/test.txt

clear
echo "Good morning, world."

(Update 2017: - The "!" mark is missing in the #/bin/bash-line. Don't copy/paste above line, cause it was the problem)

I have tested with "#!/bin/sh" as well, just to be sure. After all, i tested the permissions and ownership:

As you can see, I have added "script-security 2" before the "up" and "down" commands. OpenVPN is running as root, and started by a init.d script, but even if I'm trying to run it with the full command, I get the same error.

Se the example below (with and without sudo):

sudo openvpn --remote SERVERDOMAIN --dev tun1 --ifconfig 192.168.2.2 192.168.2.1 --tls-client --ca /etc/openvpn/easy-rsa/keys/ca.crt --cert /etc/openvpn/easy-rsa/keys/TITLE.crt --key /etc/openvpn/easy-rsa/keys/TITLE.key --reneg-sec 60 --verb 5 --script-security 2 --up /usr/share/openvpn/script-to-start.sh

If I'm running the damn small script by myself, with both SU and Sudo, everything is going smooth without any issues.

The point is that I need to run this command, to mount a few NFS-drives, but right now I'm locked down. So I need some help here - I did try on a Danish forum with no luck.

sudo mount 192.168.2.1:/media/usb1/sync /home/USERNAME/sync

The online manuels is not that helpful - and now I need your help.

exetico

Posted 2015-06-24T17:16:30.883

Reputation: 163

2Maybe just a typo: note that #/bin/bash is just a comment, as it's missing the exclamation mark that changes it into a shebang: #!/bin/bash – Arjan – 2015-08-08T09:00:33.577

Damn... I just forgot the "!"... That's explain everything. – exetico – 2015-08-09T10:57:42.803

1Hmmm, I think it does not explain everything, unless you forgot it in #!/bin/sh as well? Your simple test script should run with that, I think. – Arjan – 2015-08-09T17:03:03.007

Using the system method shouldn’t be necessary. But checking whether the script is executable for the user is definitely worth a shot. – Daniel B – 2015-08-08T10:24:41.117

From here, all this stuff is correct. In this case, i just forgot the "!", and after copy/pasting the same code and a source with the same error, i did ran into the same issues every time. That's just stupid. Thanks for your help anyway. That's all useful information. – exetico – 2015-08-09T10:59:10.150

+1 for mentioning permissions. Ran into the same issue where group permissions were preventing script execution. – Justin Ethier – 2019-12-03T21:47:04.853

OpenVPN --up script - "could not execute external program"

Answers