Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot open TUN/TAP dev /dev/net/tun: No such file or directory #39

Closed
brianmay opened this issue Apr 7, 2015 · 13 comments
Closed

Cannot open TUN/TAP dev /dev/net/tun: No such file or directory #39

brianmay opened this issue Apr 7, 2015 · 13 comments

Comments

@brianmay
Copy link

brianmay commented Apr 7, 2015

Hello,

Did I do something wrong?

As far as I can tell this should work:

core@mirror ~ $ docker run --volume /etc/openvpn:/etc/openvpn -p 1194:1194/udp --cap-add=NET_ADMIN --rm kylemanna/openvpn openvpn --config "network7.conf"
[...]
Tue Apr  7 10:54:47 2015 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Tue Apr  7 10:54:47 2015 Exiting due to fatal error

Maybe the fact this is Core OS is significant, can't see why though - Core OS itself has tun support:

core@mirror ~ $ ls -l /dev/net/tun
crw-rw-rw- 1 root root 10, 200 Apr  7 10:48 /dev/net/tun

Also:

core@mirror ~ $ docker --version
Docker version 1.5.0, build a8a31ef-dirty

Hmmm. ----privileged works fine, but the documentation says that is only required for Docker < 1.2 - wonder if some other --cap-add= option is required for 1.5???

Thanks
@kylemanna
Copy link
Owner

Not sure what the problem is. Seems like an issue with your kernel or hosting provider. Can you share these details?

@brianmay
Copy link
Author

brianmay commented Apr 8, 2015

VM is from Hetzner: https://www.hetzner.de/en/hosting/produkte_vserver/vx6

Kernel is standard CoreOS:

CoreOS stable (607.0.0)
core@mirror ~ $ uname -a
Linux mirror 3.18.6 #2 SMP Sat Feb 28 02:23:04 UTC 2015 x86_64 Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz GenuineIntel GNU/Linux

Actually might have to do a rethink on how I do this. Now I understand things better - I was hopping to be able to update the routes on the host server, something that may not actually be possible from within a docker container...

@SR-G
Copy link

SR-G commented Apr 12, 2015

Same problem for me.
Host OS is an archlinux LTS up to date.

Linux 3.14.28-1-lts #1 SMP Thu Jan 8 21:04:11 CET 2015 x86_64 GNU/Linux

Everything went fine until the start of the container, i the have :

Sun Apr 12 21:38:42 2015 ROUTE_GATEWAY 172.17.42.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:50
Sun Apr 12 21:38:42 2015 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
Sun Apr 12 21:38:42 2015 Exiting due to fatal error

A quick google seem to indicate that the problem is about the --privileged flag, but i've run my container as stated within the docs with --cap-add=NET_ADMIN

docker --version                                                                                                                                                           [21:44:07]
Docker version 1.5.0, build a8a31ef

@kylemanna
Copy link
Owner

Seems strange. Works fine for me on a fresh DO droplet running Ubuntu
14.04 and Docker 1.5-1 via docker.io Debian repo. Command:

docker run --volumes-from ovpn-data --rm -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn

Kernel version via uname -a:

Linux openvpn-test-20150413 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

@kylemanna
Copy link
Owner

The ovpn_run script will create it for you if needed:

https://github.com/kylemanna/docker-openvpn/blob/master/bin/ovpn_run#L16

@brianmay
Copy link
Author

Thanks.

Think I must have missed this. Don't know how @SR-G was starting openvpn, however looks like I was doing it wrong... Unfortunately, I am not in a position to test this any longer.

@kylemanna
Copy link
Owner

Thanks for the update. Closing unless someone can reproduce.

@haugene haugene mentioned this issue Aug 8, 2015
Closed
@blacky14
Copy link

hi,

FYI, I just experienced the same problem:

ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

on a Raspberry Pi 1 Host with Hypriot 0.6:

$ uname -a
Linux openvpn 4.1.12-hypriotos+ #1 PREEMPT Tue Nov 3 19:37:31 UTC 2015 armv6l GNU/Linux

$ docker --version
Docker version 1.9.0, build 76d6bc9

I figured that it works with the --privileged option, but not with --cap-add=NET_ADMIN.
however, as I did not want to give the docker container full privileged access, I tried a little around and finally figured: it works if you also add the /dev/net/tun device:

docker run --cap-add=NET_ADMIN --device=/dev/net/tun ...

so maybe this helps someone out there, for me it works fine now. :-)

UPDATE: as I'm just going through the scripts here in more detail I have to add that I did not use the scripts here, so I did not run the mknod /dev/net/tun ... command which I guess was the reason for my setup not working before, my bad. :-)

UPDATE 2: of course now that I created the /dev/net/tun device as in your script, it works as expected! so please rather ignore this comment :-)

@tony19
Copy link

tony19 commented Jul 10, 2016

@blacky14 Thanks for the hint wrt --device=/dev/net/tun. That's the tweak I needed with my docker run command in a manually configured Alpine container (not with docker-openvpn). As you said, it saves from having to run mknod and works just as well.

@vchav73
Copy link

vchav73 commented May 26, 2017

I am seeing this problem with CentOS Atomic.

Specifically, either of these:
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --device=/dev/net/tun kylemanna/openvpn

Results in this:
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory

The only thing that doesn't is this:
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --privileged kylemanna/openvpn

Installation particulars:
[root@admin ~]# uname -a
Linux admin 3.10.0-514.16.1.el7.x86_64 #1 SMP Wed Apr 12 15:04:24 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@admin ~]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[root@admin ~]# docker --version
Docker version 1.12.6, build 3a094bd/1.12.6
[root@admin ~]#

The ISO I started with came from here: http://cloud.centos.org/centos/7/atomic/images/CentOS-Atomic-Host-7-Installer.iso

@vchav73
Copy link

vchav73 commented May 27, 2017

In my case the issue was that CentOS Atomic uses SELinux by default. I had to do the following prior to following the README instructions:

checkmodule -M -m -o docker-openvpn.mod docker-openvpn.te
semodule_package -o docker-openvpn.pp -m docker-openvpn.mod
semodule -i docker-openvpn.pp
modprobe tun

This is clearly stated in the docs but I had only read the quick start. Might be worth mentioning in the main README at the top of Quick Start that some precursor steps need to be taken if you're using SELinux.

@kylemanna
Copy link
Owner

@vchav73 thanks for the update and glad to hear you got it working!

@fryfrog fryfrog mentioned this issue Jan 18, 2018
Closed
@siomiz siomiz mentioned this issue Oct 7, 2019
Open
@just-simon just-simon mentioned this issue Dec 27, 2020
Open
@pled pled mentioned this issue Jan 1, 2021
Open
@avaryx avaryx mentioned this issue Aug 16, 2022
Closed
@Rots Rots mentioned this issue Oct 19, 2022
Closed
@sunnysab sunnysab mentioned this issue Dec 17, 2022
Open
@tin607
Copy link

tin607 commented Apr 9, 2024

mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@tony19 @brianmay @SR-G @kylemanna @vchav73 @blacky14 @tin607