Openvpn-as unable to login since latest container update

MED1975 · August 27, 2019, 10:56pm

Hi there.

I’ve just updated my running container to today’s release (27/8)

I had a security warning on connecting to the admin url which I thought was strange as its been added to my keychain. I was then unable to login. I get this error:

SESSION ERROR: argument of type ‘NoneType’ is not iterable: flat/twist:24,flat/ten:83,flat/flatstan:103,flat/ten:70,flat/ten:61,flat/flatstan:264,flat/ten:70,flat/ten:61,flat/flatstan:247,flat/flatstan:236,admin/astatus:165,admin/astatus:147 (exceptions.TypeError)

If I put a random password in I am told the password is wrong, so that is working. I can also still connect to the VPN. Weird…

Thanks for all you do!

aptalca · August 28, 2019, 12:09am

Known issue with the latest version, no fix yet: https://forums.openvpn.net/viewtopic.php?f=24&t=28781

MED1975 · August 28, 2019, 8:55pm

Hi there. An update on this - I blew away my config and started again from scratch. Set everything up as I wanted and then stopped and started the container. I immediately couldn’t log in with the same error so I don’t think the issue is with the 2.75 version.

I then edited as.conf and uncommented the line boot_pam_users.0=admin and restarted the container. I could log back in and all my settings were there. The admin user had been recreated.

Does this help get to the bottom of the problem?

aptalca · August 28, 2019, 9:18pm

That does help, thanks. I’ll do some further tests and will update here.

axipher · September 3, 2019, 11:57am

Has any progress been made, any logs we can provide that might help?

chbmb · September 3, 2019, 12:15pm

Looks like it’s an upstream issue, so outside of our control.

aptalca · September 3, 2019, 5:41pm

Already fixed, readme updated

axipher · September 3, 2019, 6:22pm

The instructions in the updated Readme worked for me: https://hub.docker.com/r/linuxserver/openvpn-as

For those of you who stumble on to this page, the quick fix, as quoted from the Readme is as follows:

Modify the as.conf file under config/etc and replace the line boot_pam_users.0=admin with ~~#boot_pam_users.0=admin~~ boot_pam_users.0=kjhvkhv (this only has to be done once and will survive container recreation)

IMPORTANT NOTE: Commenting out the first pam user in as.conf creates issues in 2.7.5. To make it work while still blocking pam user access, uncomment that line and change admin to a random nonexistent user as described above.