Need a script that sets up TUN/TAP dev if it isn't present. (ie; Synology)

[stevepet]

Kristian,
Thanks for building this container and for looking into a resolution to this Synology problem.

I have included your comments from Docker Hub to refresh your memory on this topic.

"On a host system the TUN/TAP device will probably be created/verified on installing the OpenVPN client. As we're here starting a container where it is already installed it will expect the TUN/TAP device to be present. I could try to create a script that sets up the device if it isn't present. But on my machine I already have it so I would have to do some virtualization and stuff. "

[hamlynt]

@stevepet it works for me on Synology, do you have the VPN Server package installed?

[stevepet]

No, I do not use the VPN Server. I understand it will mask the issue. I was hoping for a solution and not a work around.

[hamlynt]

I just meant have the package installed, even if not in use. I didn't have an issue running on a Synology and thought that might be one possible difference. 

On Mon, Jan 4, 2016 at 10:09 PM -0800, "stevepet" [email protected] wrote:

No, I do not use the VPN Server. I understand it will mask the issue. I was hoping for a solution and not a work around.

—
Reply to this email directly or view it on GitHub.

[haugene]

Might have stumbled across a solution for this one. Been inactive for a while, but will hopefully have some time to do some hacking in the week to come :)

[gaeldevo]

I have the same problem and i'm working on it

by default the error message was :

ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

I updated the /openvpn/start.sh script with :

#/dev/net/tun
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun

and now i have this error :

ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)

it's maybe the right way to solve this ...

remarks : my synology has 2 ethernet ports; need i to configure a "dev tun1" instead of "dev tun0" in ovpn files ?

[rolandb5]

Also installed VPN server on DSM5, but still get the TUN/TAP error. Any other ideas how I can circumvent this issue?

[stevepet]

See issue #41. The script listed there seems to work around the issue.

[haugene]

And with that I'm closing this one. Synology-related discussions goes in the other issue.

[bjeanes]

I am playing with another Docker image similar to this one and it worked on my Synology, I believe due to creating the container with the following:

docker create \
  ... \
  --cap-add=NET_ADMIN \
  --device=/dev/net/tun

(and the fact that it does the mknod stuff as per above)

[haugene]

Hmm, I don't use a Synology myself so I can't test it. But you're saying that if the container is run with --device=/dev/net/tun there won't be a need to use the TUN.sh script described in the readme?

Right now we're running in privileged mode, so I would think that we had access to the device from before?

[bjeanes]

Honestly, I don't know. I thought that was the magic step, but now several days later my synology is giving me:

Error response from daemon: Cannot start container 703399471a203d28a9b374809f6f625c31b8b636c494311593bab68fef76c21e: error gathering device information while adding custom device "/dev/net/tun": lstat /dev/net/tun: no such file or directory

I must have somehow had a /dev/net/tun without realising which has since been removed (maybe after a restart). It's a mystery to me at the moment.