Skip to content
This repository has been archived by the owner on Nov 25, 2022. It is now read-only.

RTNETLINK answers: Permission denied ERROR: Linux route -6 add command failed: external program exited with error status: 2 #116

Open
qu4542 opened this issue Feb 3, 2022 · 3 comments
Assignees
Labels
bug Something isn't working

Comments

@qu4542
Copy link

qu4542 commented Feb 3, 2022

Information

##Problem: See Log at the Bottom

Current setup

OMV + ARM64 + Docker

| docker image tag guillaumedsde/alpine-qbittorrent-openvpn:latest
| -------------------------------------------------------- | --- |
| docker image hash (ex: 603b78e07727) | |

docker-compose.yml file or docker run command

just started the stack

version: "3,3"
services:
  alpine-qbittorrent-openvpn:
    volumes:
      - "/srv/dev-disk-by-uuid-xyz:/downloads"
      - "/srv/dev-disk-by-uuid-xyz/appdata/QBittorrentVPN:/config"
      - "/etc/localtime:/etc/localtime:ro"
    environment:
      - OPENVPN_PROVIDER=PRIVADO
      - OPENVPN_CONFIG=arn-001
      - OPENVPN_USERNAME=USERXYZ
      - OPENVPN_PASSWORD=PASSWORDXYZ
      - PUID=1000
      - PGID=100
      - LAN=192.168.178.0/16
    ports:
      - "8080:8080"
    cap_add:
      - NET_ADMIN
    image: guillaumedsde/alpine-qbittorrent-openvpn:latest

Attempted Fix(es)

reseting permissions for the concerning folders

#####Log:

A privado/waw-015.ovpn
A privado/waw-016.ovpn
A privado/waw-017.ovpn
A privado/waw-018.ovpn
A privado/waw-019.ovpn
A privado/waw-020.ovpn
A privado/waw-021.ovpn
A privado/waw-022.ovpn
A privado/waw-023.ovpn
A privado/waw-024.ovpn
A privado/waw-025.ovpn
A privado/waw-026.ovpn
A privado/waw-027.ovpn
A privado/waw-028.ovpn
A privado/waw-029.ovpn
A privado/waw-030.ovpn
A privado/waw-031.ovpn
A privado/waw-032.ovpn
A privado/yul-001.ovpn
A privado/yul-002.ovpn
A privado/yul-003.ovpn
A privado/yul-004.ovpn
A privado/yvr-001.ovpn
A privado/yvr-002.ovpn
A privado/yyz-003.ovpn
A privado/zrh-001.ovpn
A privado/zrh-002.ovpn
A privado/zrh-003.ovpn
A privado/zrh-004.ovpn
Exported revision 1276.
INFO: Found OpenVPN configuration: "arn-001" for provider "PRIVADO" using it
[cont-init.d] 02-setup-openvpn: exited 0.
[cont-init.d] 03-setup-iptables: executing...
[cont-init.d] 03-setup-iptables: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
2022-02-04 00:48:01 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2022-02-04 00:48:01 OpenVPN 2.5.2 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 4 2021
2022-02-04 00:48:01 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2022-02-04 00:48:01 TCP/UDP: Preserving recently used remote address: [AF_INET]86.106.103.67:1194
2022-02-04 00:48:01 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-02-04 00:48:01 UDP link local: (not bound)
2022-02-04 00:48:01 UDP link remote: [AF_INET]86.106.103.67:1194
2022-02-04 00:48:03 TLS: Initial packet from [AF_INET]86.106.103.67:1194, sid=8d858e32 2d0835c8
2022-02-04 00:48:03 VERIFY OK: depth=1, CN=Privado
2022-02-04 00:48:03 VERIFY KU OK
2022-02-04 00:48:03 Validating certificate extended key usage
2022-02-04 00:48:03 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-02-04 00:48:03 VERIFY EKU OK
2022-02-04 00:48:03 VERIFY X509NAME OK: CN=arn-001.vpn.privado.io
2022-02-04 00:48:03 VERIFY OK: depth=0, CN=arn-001.vpn.privado.io
2022-02-04 00:48:03 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2022-02-04 00:48:03 [arn-001.vpn.privado.io] Peer Connection Initiated with [AF_INET]86.106.103.67:1194
2022-02-04 00:48:05 SENT CONTROL [arn-001.vpn.privado.io]: 'PUSH_REQUEST' (status=1)
2022-02-04 00:48:05 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 493216,sndbuf 493216,explicit-exit-notify 5,route-gateway 172.21.22.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.21.22.26 255.255.254.0,peer-id 0,cipher AES-256-GCM'
2022-02-04 00:48:05 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2022-02-04 00:48:05 Pushed option removed by filter: 'dhcp-option DNS 198.18.0.1'
2022-02-04 00:48:05 Pushed option removed by filter: 'dhcp-option DNS 198.18.0.2'
2022-02-04 00:48:05 OPTIONS IMPORT: timers and/or timeouts modified
2022-02-04 00:48:05 OPTIONS IMPORT: explicit notify parm(s) modified
2022-02-04 00:48:05 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2022-02-04 00:48:05 Socket Buffers: R=[212992->425984] S=[212992->425984]
2022-02-04 00:48:05 OPTIONS IMPORT: --ifconfig/up options modified
2022-02-04 00:48:05 OPTIONS IMPORT: route options modified
2022-02-04 00:48:05 OPTIONS IMPORT: route-related options modified
2022-02-04 00:48:05 OPTIONS IMPORT: peer-id set
2022-02-04 00:48:05 OPTIONS IMPORT: adjusting link_mtu to 1624
2022-02-04 00:48:05 OPTIONS IMPORT: data channel crypto options modified
2022-02-04 00:48:05 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-02-04 00:48:05 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-04 00:48:05 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-04 00:48:05 ROUTE_GATEWAY 172.28.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:1c:00:02
2022-02-04 00:48:05 GDG6: remote_host_ipv6=n/a
2022-02-04 00:48:05 net_route_v6_best_gw query: dst ::
2022-02-04 00:48:05 sitnl_send: rtnl: generic error (-101): Network unreachable
2022-02-04 00:48:05 ROUTE6: default_gateway=UNDEF
2022-02-04 00:48:05 TUN/TAP device tun1 opened
2022-02-04 00:48:05 /usr/sbin/ip-su link set dev tun1 up mtu 1500
2022-02-04 00:48:05 /usr/sbin/ip-su link set dev tun1 up
2022-02-04 00:48:05 /usr/sbin/ip-su addr add dev tun1 172.21.22.26/23
INFO: no port updater for provider PRIVADO
******** Information ********
To control qBittorrent, access the Web UI at http://localhost:8080
2022-02-04 00:48:08 /usr/sbin/ip-su route add 86.106.103.67/32 via 172.28.0.1
2022-02-04 00:48:08 /usr/sbin/ip-su route add 0.0.0.0/1 via 172.21.22.1
2022-02-04 00:48:08 /usr/sbin/ip-su route add 128.0.0.0/1 via 172.21.22.1
2022-02-04 00:48:08 /usr/sbin/ip-su route add 0.0.0.0/0 via 172.21.22.1
RTNETLINK answers: File exists
2022-02-04 00:48:08 ERROR: Linux route add command failed: external program exited with error status: 2
2022-02-04 00:48:08 /usr/sbin/ip-su route add 192.168.178.0/16 via 172.28.0.1
RTNETLINK answers: Invalid argument
2022-02-04 00:48:08 ERROR: Linux route add command failed: external program exited with error status: 2
2022-02-04 00:48:08 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for tun1, therefore the route installation may fail or may not work as expected.
2022-02-04 00:48:08 add_route_ipv6(::/0 -> :: metric -1) dev tun1
2022-02-04 00:48:08 /usr/sbin/ip-su -6 route add ::/0 dev tun1
RTNETLINK answers: Permission denied
2022-02-04 00:48:08 ERROR: Linux route -6 add command failed: external program exited with error status: 2
2022-02-04 00:48:08 Initialization Sequence Completed

@qu4542 qu4542 added the bug Something isn't working label Feb 3, 2022
@qu4542
Copy link
Author

qu4542 commented Feb 14, 2022

i still didnt get rid of this error, am i doing something wrong?

@qu4542
Copy link
Author

qu4542 commented Feb 15, 2022

route

@mikemhenry
Copy link

I ran into this issue as well. Adding this to my docker compose fixed it:

sysctls:
  - net.ipv6.conf.all.disable_ipv6=0

See haugene/docker-transmission-openvpn#960 (comment)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants