VPN ProxyVM rc.local

67 views
Skip to first unread message

Paf LeGeek

unread,
Aug 14, 2016, 4:52:22 PM8/14/16
to qubes-users
Hello !

I am trying to follow the steps in the link below to make a ProxyVpn with VPN autostart :
https://www.qubes-os.org/doc/vpn/

But my rc.local does not start on my ProxyVM.

I did the commands below on my Debian 8 Template VM :

sudo chmod +x /etc/rc.local
systemctl disable openvpn.service

The rc.local service is enable.

This is the result of ls -l :
user@debian-8-vpn:~$ ls -l /etc/rc.local
-rwxr-xr-x 1 root root 472 Aug 14 22:30 /etc/rc.local


If I start the rc.local with sudo sh /etc/rc.local using the terminal on my ProxyVM, it's working.

So, why my rc.local does not start automatically on my ProxyVM ?

Thanks for your help.


Unman

unread,
Aug 14, 2016, 7:39:07 PM8/14/16
to Paf LeGeek, qubes-users
Hello.

Do you see any errors re the VPN service?
What is the content of your rc.local file?

unman

Chris Laprise

unread,
Aug 14, 2016, 10:37:30 PM8/14/16
to Paf LeGeek, qubes-users
Hi,

The vpn doc indicates /rw/config/rc.local (in the proxy vm) not
/etc/rc.local.

Chris

Paf LeGeek

unread,
Aug 15, 2016, 10:49:36 AM8/15/16
to qubes-users, pafl...@outlook.com, tas...@openmailbox.org
I use the Debian 8 Template so the rc.local file is in the /etc/ folder not in the /rw/ folder. As I said, the script works find if i launch it manually in my ProxyVM terminal.

This is the content of my rc.local

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

groupadd -rf qvpn ; sleep 2s
sg qvpn -c 'openvpn --cd /etc/openvpn/ --config myopenvpnfile.ovpn \
--daemon --writepid /var/run/openvpn/openvpn-client.pid'

exit 0

Chris Laprise

unread,
Aug 15, 2016, 11:06:32 AM8/15/16
to Paf LeGeek, qubes-users
The vpn doc was written for both Fedora and Debian templates. The
/rw/config/rc.local script is a Qubes feature that works on both. The
doc uses that location so users do not have to dedicate a whole template
to their vpn... /rw/config was designed for per-vm customizations such
as this.

Chris

Paf LeGeek

unread,
Aug 15, 2016, 11:42:44 AM8/15/16
to qubes-users, pafl...@outlook.com, tas...@openmailbox.org
>
> The vpn doc was written for both Fedora and Debian templates. The
> /rw/config/rc.local script is a Qubes feature that works on both. The
> doc uses that location so users do not have to dedicate a whole template
> to their vpn... /rw/config was designed for per-vm customizations such
> as this.
>
> Chris

Oh ok. My mistake. I did not understand the purpose of the /rw/ folder until now.
Thanks a lot for this very valuable information.

Andrew David Wong

unread,
Aug 15, 2016, 9:21:45 PM8/15/16
to Paf LeGeek, qubes-users, tas...@openmailbox.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
You can read more about this and other Qubes-specific config files here:

https://www.qubes-os.org/doc/config-files/

- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXsmqeAAoJENtN07w5UDAwcpkQAIQnAxDF9v/yT6nH+PXQSfd2
9vQe2Zg/0xtoLRYrkCyACUVnUujDHo0TOivK/Y9LR8QLYyNxr/jpMjdf1HoVZy7V
23CeEjwmu2FvQ88qvnvQjaxe3747ZgR7ssJ38VyfCZizz8oi1AyRK+0YQ8cWX11p
MgTxB/pSkKer6XQHZqs2Cst75koYQ0jZkzxGQuE64C1+IiZ1UpGvAVG5qURaCvO3
lSzgALqoj3DVxhIzEGyMw7aBjDsXqa9bFy3D3lCARzLKP0FoC8VVv1+OFJILGzxl
jxPXP4gEHotjnnZThS0UWHCPMq3JyvK5xGGBTV7FWVTALOTYCNhuvnY9SvJkgKh9
W+fXv6g8QLFHoTkoxLeQ1mZN6FvKm4DimudHujvx4h1VQ64V/0GMYKNHO1WntJjF
ZgHAhDlq+ov6xM1EOwc7yeCwxi6XvQdeEwX0mqtB34qqpIKOP1WAGbnVW+2CNRhp
rRqCP0hQQMrZQmrAQEP1pQFgbvr1Lsp1E3s+9bfPA7z1f60kGYFPUqJKR2su5gaI
TXr5gSr7TfEWTvjfNfbSv06t2iHCz68H12vUEZrmcp4KmWgrhmZ2GiAsBDUi8lxt
27578qzRZF+fwZmO+qJfjdqKnQbGmb878fGaVWVtPWgcNYEc+iTXQjrL3xcwvSgR
AznB/b2dB7K3Qe9bdVnf
=mKD/
-----END PGP SIGNATURE-----

Reply all
Reply to author
Forward
0 new messages