Debian – Why sudo openvpn cannot work here

I can use openvpn as root as openvpn ... but not with sudo openvpn ... although masi is in sudo group.
I think I should be able to do it.
I think it can be safer to do so with sudo.
The following is the work process starting with sudo approach, then root approach and lastly about details of the openvpn files in Nordvpn

masi@masi:~$ sudo openvpn /etc/openvpn/ro2.nordvpn.com.udp1194.ovpn 
[sudo] password for masi: 
Options error: --auth-user-pass fails with 'nordvpn.txt': No such file or directory
Options error: Please correct these errors.
Use --help for more information.

masi@masi:~$ su
Password: 

root@masi:/home/masi# cd /etc/openvpn/

root@masi:/etc/openvpn# openvpn ro2.nordvpn.com.udp1194.ovpn 
Sun Mar  5 21:45:20 2017 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Nov 12 2015
Sun Mar  5 21:45:20 2017 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08
Sun Mar  5 21:45:20 2017 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sun Mar  5 21:45:20 2017 Control Channel Authentication: tls-auth using INLINE static key file
Sun Mar  5 21:45:20 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Mar  5 21:45:20 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Mar  5 21:45:20 2017 Socket Buffers: R=[212992->131072] S=[212992->131072]
Sun Mar  5 21:45:20 2017 UDPv4 link local: [undef]
Sun Mar  5 21:45:20 2017 UDPv4 link remote: [AF_INET]93.115.241.34:1194
^CSun Mar  5 21:45:37 2017 event_wait : Interrupted system call (code=4)
Sun Mar  5 21:45:37 2017 SIGINT[hard,] received, process exiting

Permissions of openvpn files in Nordvpn

root@masi:/etc/openvpn# ls -la * | grep ro3
-rw-r--r-- 1 root root 3003 Sep  2  2016 ro3.nordvpn.com.tcp443.ovpn

I do

$ sudo grep nordvpn.txt /etc/openvpn/ro2.nordvpn.com.udp1194.ovpn 
[sudo] password for masi: 
auth-user-pass nordvpn.txt

OS: Debian 8.7

Best Answer

When you are running as root, you are running in in /etc/openvpn directory, and as such it finds the nordvpn.txt file there.

When you are running it with sudo you are running it from other directory, and as such it does not find the file, as you the configuration file is not referencing it with full path.

I would advise changing the configuration file /etc/openvpn/ro2.nordvpn.com.udp1194.ovpn;

where you find the line:

auth-user-pass nordvpn.txt

change it for:

auth-user-pass /etc/openvpn/nordvpn.txt

You should then be able to use it from sudo

Best Answer

Related Solutions

Why does sudo work on Linux but not Android

Related Question