cannot open TUN/TAP dev /dev/net/tun: No such file or directory

Discussion about Docker
Locked
User avatar
gooserhino
Posts: 1
Joined: 02 Jan 2021, 01:07

cannot open TUN/TAP dev /dev/net/tun: No such file or directory

Post by gooserhino »

info:
F2-221
Version 4.2.07-2012241608

Hello all,
I'm attempting to run qbittorrent/openvpn via docker
- https://hub.docker.com/r/markusmcnugen/qbittorrentvpn

I am unable to access /dev/net/tun/
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

I have attempted to run the docker command with --cap-add=NET_ADMIN, --cap-add=SYS_ADMIN, --device=/dev/net/tun/ including multiple combinations of each.

I am only able to get the container functional by using --privileged however after a system reboot or restart of the container I receive the same error.
All docker run commands have been issued via root ssh. Container logs and docker run script below. Any help would be appreciated.

Code: Select all

2021-01-01 18:12:46.655578 [info] VPN_ENABLED defined as 'yes'
2021-01-01 18:12:46.932939 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/us_washington_dc-aes-128-cbc-udp-dns.ovpn
dos2unix: converting file /config/openvpn/us_washington_dc-aes-128-cbc-udp-dns.ovpn to Unix format...
2021-01-01 18:12:47.136605 [info] VPN remote line defined as 'us-washingtondc.privacy.network 1198'
2021-01-01 18:12:47.193426 [info] VPN_REMOTE defined as 'us-washingtondc.privacy.network'
2021-01-01 18:12:47.253230 [info] VPN_PORT defined as '1198'
2021-01-01 18:12:47.309790 [info] VPN_PROTOCOL defined as 'udp'
2021-01-01 18:12:47.368012 [info] VPN_DEVICE_TYPE defined as 'tun0'
2021-01-01 18:12:47.425603 [info] LAN_NETWORK defined as '192.168.86.0/24'
2021-01-01 18:12:47.483039 [info] NAME_SERVERS defined as '8.8.8.8,8.8.4.4'
2021-01-01 18:12:47.538035 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2021-01-01 18:12:47.595363 [info] Adding 8.8.8.8 to resolv.conf
2021-01-01 18:12:47.669936 [info] Adding 8.8.4.4 to resolv.conf
2021-01-01 18:12:47.722224 [info] Starting OpenVPN...
Fri Jan 1 18:12:48 2021 WARNING: file 'credentials.conf' is group or others accessible
Fri Jan 1 18:12:48 2021 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Fri Jan 1 18:12:48 2021 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
Fri Jan 1 18:12:53 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]*ip removed*:1198
Fri Jan 1 18:12:53 2021 UDP link local: (not bound)
Fri Jan 1 18:12:53 2021 UDP link remote: [AF_INET]*ip removed*:1198
Fri Jan 1 18:12:53 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jan 1 18:12:53 2021 [washington405] Peer Connection Initiated with [AF_INET]*ip removed*:1198
Fri Jan 1 18:12:54 2021 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Fri Jan 1 18:12:54 2021 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
Fri Jan 1 18:12:54 2021 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Fri Jan 1 18:12:54 2021 Exiting due to fatal error
Docker run script below

Code: Select all

docker run --privileged -d \
              -v /mnt/md0/public/docker/qbittorrent/config/:/config \
              -v /mnt/md0/public/docker/qbittorrent/downloads/:/downloads \
              -e "VPN_ENABLED=yes" \
              -e "VPN_USERNAME=username" \
              -e "VPN_PASSWORD=password" \
              -e "LAN_NETWORK=192.168.86.0/24" \
              -e "NAME_SERVERS=8.8.8.8,8.8.4.4" \
              -e "PUID=0" \
              -e "PGID=0" \
              -p 8080:8080 \
              -p 8999:8999 \
              -p 8999:8999/udp \
              markusmcnugen/qbittorrentvpn
User avatar
DaGeek247
Posts: 2
Joined: 04 Apr 2021, 03:48

Re: cannot open TUN/TAP dev /dev/net/tun: No such file or directory

Post by DaGeek247 »

I also have this issue. Here are the details;

Code: Select all

Starting container with revision: fa1bc21e929e465a79114c32a2fc44fe7c59a72a
Creating TUN device /dev/net/tun
Using OpenVPN provider: CUSTOM
No VPN configuration provided. Using default.
Setting OpenVPN credentials...
adding route to local network 192.168.0.0/24 via 172.17.0.1 dev eth0
2021-04-03 19:45:14 OpenVPN 2.5.0 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020
2021-04-03 19:45:14 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
2021-04-03 19:45:14 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2021-04-03 19:45:14 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2021-04-03 19:45:14 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2021-04-03 19:45:14 TCP/UDP: Preserving recently used remote address: [AF_INET]23.81.234.41:80
2021-04-03 19:45:14 Socket Buffers: R=[229376->229376] S=[229376->229376]
2021-04-03 19:45:14 UDP link local: (not bound)
2021-04-03 19:45:14 UDP link remote: [AF_INET]23.81.234.41:80
2021-04-03 19:45:14 TLS: Initial packet from [AF_INET]23.81.234.41:80, sid=cc243f1b 7e3dd4e9
2021-04-03 19:45:14 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-04-03 19:45:14 VERIFY OK: depth=2, C=CH, O=ProtonVPN AG, CN=ProtonVPN Root CA
2021-04-03 19:45:14 VERIFY OK: depth=1, C=CH, O=ProtonVPN AG, CN=ProtonVPN Intermediate CA 1
2021-04-03 19:45:14 VERIFY KU OK
2021-04-03 19:45:14 Validating certificate extended key usage
2021-04-03 19:45:14 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-04-03 19:45:14 VERIFY EKU OK
2021-04-03 19:45:14 VERIFY OK: depth=0, CN=us-az-05.protonvpn.com
2021-04-03 19:45:14 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
2021-04-03 19:45:14 [us-az-05.protonvpn.com] Peer Connection Initiated with [AF_INET]23.81.234.41:80
2021-04-03 19:45:15 SENT CONTROL [us-az-05.protonvpn.com]: 'PUSH_REQUEST' (status=1)
2021-04-03 19:45:20 SENT CONTROL [us-az-05.protonvpn.com]: 'PUSH_REQUEST' (status=1)
2021-04-03 19:45:20 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.18.0.1,sndbuf 524288,rcvbuf 524288,redirect-gateway def1,explicit-exit-notify,comp-lzo no,route-gateway 10.18.0.1,topology subnet,ping 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.18.0.24 255.255.0.0,peer-id 131094,cipher AES-256-GCM'
2021-04-03 19:45:20 OPTIONS IMPORT: timers and/or timeouts modified
2021-04-03 19:45:20 OPTIONS IMPORT: explicit notify parm(s) modified
2021-04-03 19:45:20 OPTIONS IMPORT: compression parms modified
2021-04-03 19:45:20 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2021-04-03 19:45:20 Socket Buffers: R=[229376->458752] S=[229376->458752]
2021-04-03 19:45:20 OPTIONS IMPORT: --socket-flags option modified
2021-04-03 19:45:20 NOTE: setsockopt TCP_NODELAY=1 failed
2021-04-03 19:45:20 OPTIONS IMPORT: --ifconfig/up options modified
2021-04-03 19:45:20 OPTIONS IMPORT: route options modified
2021-04-03 19:45:20 OPTIONS IMPORT: route-related options modified
2021-04-03 19:45:20 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2021-04-03 19:45:20 OPTIONS IMPORT: peer-id set
2021-04-03 19:45:20 OPTIONS IMPORT: adjusting link_mtu to 1657
2021-04-03 19:45:20 OPTIONS IMPORT: data channel crypto options modified
2021-04-03 19:45:20 Data Channel: using negotiated cipher 'AES-256-GCM'
2021-04-03 19:45:20 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-04-03 19:45:20 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-04-03 19:45:20 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:02
2021-04-03 19:45:20 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
2021-04-03 19:45:20 Exiting due to fatal error
This is the command I use to run it:

Code: Select all

docker run --cap-add=NET_ADMIN -d \
              -v /mnt/md0/public/:/data \
              -v /mnt/md0/public/custovpn/thevpnopenvpnfile.ovpn:/etc/openvpn/custom/default.ovpn \
              -v /mnt/md0/public/custovpn/:/etc/openvpn/custom/ \
              -v /mnt/md0/public/custovpn/cfg/:/config/ \
              -e OPENVPN_PROVIDER=CUSTOM \
              -e OPENVPN_USERNAME=username \
              -e OPENVPN_PASSWORD=password \
              -e LOCAL_NETWORK=192.168.0.0/24 \
              -e HEALTH_CHECK_HOST=1.1.1.1 \
              --log-driver json-file \
              --log-opt max-size=10m \
              -p 9091:42069 \
              haugene/transmission-openvpn
I have tried adding

Code: Select all

--device=/dev/net/tun
to the command, and it did not work showing:

Code: Select all

 docker: Error response from daemon: linux runtime spec devices: error gathering device information while adding custom device "/dev/net/tun": lstat /dev/net/tun: no such file or directory.
. I followed https://help.skysilk.com/support/soluti ... th-skysilk and created a tun folder by doing

Code: Select all

mkdir /dev/net
mknod /dev/net/tun c 10 200
chmod 0666 /dev/net/tun
and trying the command again. It failed with the same error as above. Further research suggests that tun/tap is something that needs to be setup in the OS first before it can be used.

How do I enable tun/tap devices in my TerraMaster F4-210?
User avatar
DaGeek247
Posts: 2
Joined: 04 Apr 2021, 03:48

Re: cannot open TUN/TAP dev /dev/net/tun: No such file or directory

Post by DaGeek247 »

I have also tried to enable tun/tap support by doing this command

Code: Select all

insmod /lib/modules/tun.ko
but it shows this error;

Code: Select all

Failed to find tun. Maybe it is a built in module ?
User avatar
justsimon
Posts: 69
Joined: 22 Sep 2020, 15:18

Re: cannot open TUN/TAP dev /dev/net/tun: No such file or directory

Post by justsimon »

This was driving me insane, but I got there in the end.
You've done both things I suggested in this post on github. So I'm a bit bewildered as to what's causing it.

I created mine from Portainer, so I can't show you a whole docker run command (idk how to generate one from a container), but here are some differences. And to clarify, I'm not running in privileged mode.

Command & logging:
Command is set to Override, and contains: '/bin/bash' '/etc/openvpn/start.sh'

Environment variables:

Code: Select all

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
DEBIAN_FRONTEND=noninteractive
Also PUID and PGID are different to yours.

Network:
I've assigned my container its own IPv4 address in my MACVLAN subnet, which is in the same subnet range as the NAS.
User avatar
justsimon
Posts: 69
Joined: 22 Sep 2020, 15:18

Re: cannot open TUN/TAP dev /dev/net/tun: No such file or directory

Post by justsimon »

While we're on the topic of issues with this Docker Image.

Have any of you managed to correctly set the timezone?
Mine's at UTC, regardless of my attempts to set to Australia.
Locked