My OpenVPN server is unable to execute a python script configured as
--learn-address when the daemon is launched as a systemd service. It works fine when launched manually as root. I found that it also work as a systemd service if I comment the following line in
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_AUDIT_WRITE
So, I guess my problem is related to a missing
Capability. How can I debug that to find out what's missing? OpenVPN log just say
WARNING: Failed running command (--learn-address): external program exited with error status: 1. I find nothing related to this in the syslog either.