The auto-installation script stops

[jurekK]

Twice, on two different pis (2B and 3), under Jessie, the attempt to 'easy install' of pivpn regularly and quickly fails, the last message is on the console, no more blue boxes... The console contains:

root@hopf:/home/pi# curl -L https://install.pivpn.io | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   178  100   178    0     0    216      0 --:--:-- --:--:-- --:--:--   216
100 53505  100 53505    0     0  35941      0  0:00:01  0:00:01 --:--:--  242k
:::
::: You are root.
::: Verifying free disk space...
:::
::: Checking apt-get for upgraded packages.... done!
:::
::: Your system is up to date! Continuing with PiVPN installation...
::: Static IP already configured.
root@hopf:/home/pi#

And this is all. I have the terminal without any activity. Had anybody observed this? I am not a Raspbian guru, I don't think I damaged my both systems preventing the scripts from continuing, without signalling any error. But, perhaps. Would you suggest, please, how to execute all the steps manually? I imported also the installation package from https://github.com/pivpn/pivpn, but I got more or less the same reaction of install.sh. I installed formerly openvpn through apt-get, but I never went so far, to use it. I don't understand what happens. The execution without being root, with sudo, produces the same effect. Thank you.

Jerzy Karczmarczuk /Caen, France/

[redfast00]

@cfcolaco: I've been seeing a lot of these reports lately. Has something broken in the merge?

[coolapso]

Related to #388

@redfast00 That's what I would like to find out ... however, already tested and tried .. and I could not reproduce the issue in any circumstances.

I recommend all users not to use Jessie Unless hey really need to ... there's a more recent version out there to be used and even raspbian doesn't publicly advert where to get the older versions ( had to dig to find it )

I would really Like to know where the issue is .. to understand if was the merge that broke or what is causing this! But .. without the correct steps to reproduce this ... I cannot do anything about that!!

and I still don't understand why use Jessie as a fresh install!

I will mark this as a bug ... and leave this open until someone can tell me exactly the steps to reproduce this!

FYI ... yesterday ... uninstalled and installed PiVPN twice ... and both without errors and issues.

[jurekK]

Thank you... In particular, muito obrigado to Carlos Colaço for the "final motivation kick": I fired Jessie, and installed a fresh Raspbian, Stretch (of course). Now pivpn script works, it passed the former break point and it is wooorking (guess what it is doing now...)

Some minutes ago it reported:

Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Can't open /etc/openvpn/easy-rsa/pki/index.txt.attr for reading, No such file or directory
1995883936:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:74:fopen('/etc/openvpn/easy-rsa/pki/index.txt.attr','r')
1995883936:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:81:

Would you please (tacitly) confirm that this is not critically bad? Anyway, it seems that my Jessie environment was at least partly responsible for the mess. But it would be nice to know whether the bug was there when I took it, or it was I who plowed evil and sowed trouble...

All the best. Jerzy

[coolapso]

ahahah @jurekK no worries ... the issue is definitely in within jessie ... now I would like to find out ... if it was something in the merge that made this happen in some scenarios or if it is something else ... but without the ability to replicate is hard to track!

About the errors you are presenting ... Good question ... is the server working???

[shanghaix]

Same issue here, using Ubunbtu 16.04

root@scw-d2af8e:# curl -L https://install.pivpn.io	bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 178 100 178 0 0 129 0 0:00:01 0:00:01 --:--:-- 129 100 53505 100 53505 0 0 30548 0 0:00:01 0:00:01 --:--:-- 30548

::: You are root. ::: Verifying free disk space... ::: ::: Checking apt-get for upgraded packages.... done! ::: ::: Your system is up to date! Continuing with PiVPN installation... root@scw-d2af8e:#

[jurekK]

Thus, Stretch seems to heal the disease. Carlos Colaço asks:

is the server working???

Probably yes, no errors signalled after having started it by hand from /usr/sbin, or through service start, but it doesn't connect!!! I answer here, but this is the end of this thread, since the issue is different, and I suspect strongly that it has nothing to do with pivpn as such. Unless you have something to say...

I installed openvpn on Windows 10, and opened the Avast firewall for vpn. Every attempt to connect using the config produced by the pivpn server on Raspberry results in such stuff displayed in the gui window:

Fri Nov 03 21:34:07 2017 read UDP: Unknown error (code=10054) Fri Nov 03 21:34:23 2017 read UDP: Unknown error (code=10054) Fri Nov 03 21:34:53 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Fri Nov 03 21:34:53 2017 TLS Error: TLS handshake failed Fri Nov 03 21:34:53 2017 SIGUSR1[soft,tls-error] received, process restarting Fri Nov 03 21:34:58 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]88.xxx.x.xxx:4911 Fri Nov 03 21:34:58 2017 UDP link local: (not bound) Fri Nov 03 21:34:58 2017 UDP link remote: [AF_INET]88.xxx.x.xxx:4911 Fri Nov 03 21:34:58 2017 read UDP: Unknown error (code=10054) Fri Nov 03 21:35:00 2017 read UDP: Unknown error (code=10054) Fri Nov 03 21:35:04 2017 read UDP: Unknown error (code=10054)

The (hidden here) address 88.xxx... is the public ip of my french Freebox router. I changed the server port, but this is irrelevant. Thus, two questions, and let's terminate this thread:

1. How to test whether the server works correctly, if I cannot connect the client?
2. Is it possible that the fact that both machines are in the same zone: 192.168.1.X may generate some obscure errors? (But why TLS handshake failure?...)

Thank you. JK

[mrbrainz]

I'm getting the same problem

root@Lengberry:~# curl -L https://install.pivpn.io | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   178  100   178    0     0    237      0 --:--:-- --:--:-- --:--:--   237
100 53505  100 53505    0     0  52488      0  0:00:01  0:00:01 --:--:-- 52488
:::
::: You are root.
::: Verifying free disk space...
:::
::: Checking apt-get for upgraded packages.... done!
:::
::: Your system is up to date! Continuing with PiVPN installation...
root@Lengberry:~#

The first time it didn't give me any UI. The second time it started to download some packages in the installer, then booted back to Bash.

FYI I just uninstalled a version I had on there because the internet stopped working when connected to through the tunnel. Reinstalling was my hope of fixing it.

[mrbrainz]

[jurekK]

Gents, I discovered something... When I upgraded pi from Jessie to Switch, the installation went smoothly, but I did some dirty experimentation, and I had to remove and reinstall pivpn. And I got the same error, persistent.

So, since I broke - probably - the installation management mechanism, I launched

> sudo dpkg --configure -a

and the error disappeared. You might, perhaps be more aggressive: sudo dpkg --force-all --configure -a, or some other similar magic. Good luck. Share your successes!

JK

[mrbrainz]

I tried running dpkg --configure -a. It went through and updated iptables and openvpn. When I ran the installer again it now craps out after the screen that warns you that your router may still try to assign your IP to another device. Then I get kicked back to Bash again.

root@Lengberry:~# curl -L https://install.pivpn.io | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   178  100   178    0     0    248      0 --:--:-- --:--:-- --:--:--   248
100 53505  100 53505    0     0  61135      0 --:--:-- --:--:-- --:--:-- 61135
:::
::: You are root.
::: Verifying free disk space...
:::
::: Checking apt-get for upgraded packages.... done!
:::
::: Your system is up to date! Continuing with PiVPN installation...
::: Static IP already configured.

This looks to be the same issue as reported in #388

[georgarmbruster]

Hi there! It seems I'm facing the same issue here... I'm trying to install pivpn in a VMware virtual machine running Ubuntu 16.04. The installer runs as usual, but exits with no error message after the "We think you do not run Raspian, so we don't configure a static IP for you."

Some steps I took:

• installed from scratch in 64 bit
• installed from scratch in 32 bit
• disabled IPv6
• set / unset a static IPv4 address.

In total, I reinstalled the system with varying conditions four times, so it should be reproducable. If I can provide any logs or further information please feel free to drop me a line what might be helpful.

Do you have any ideas on how to fix this or what is causing the issue?

Kind regards, Georg

[YeahImRose]

Seems to me like some of this could be caused by pivpnInterface being wrongly overwritten somewhere. Manually setting the value of pivpnInterface just before line 376 fixes the "interface not found" issue. Problem might be somewhere in the chooseInterface function but I don't currently have time to check. I'll check in a few hours and report back my findings.

Edit: Although I haven't used whiptail much on my own, it seems like something funky is going on with its return value on line 272. echoing its value returns nothing. I have no clue why this would be happening, as whiptail works perfectly in chooseUser.

Edit 2: Actually, seems like wiptail doesn't work even for chooseUser.

[georgarmbruster]

Thanks for looking into this. A side note: I tried installing pivpn today in a virtual machine running Ubuntu 17.04 (instead of the LTS 16.04) and this worked immediatly. Not sure if this sheds any light though :)

[TheWizKid95]

I've been having a similar problem in the past week. If I run the install again, it goes through fine but doesn't create some files and folders like /etc/pivpn/INSTALL_USER or /etc/openvpn/easy-rsa/pki/Default.txt. If I try to connect to the VPN I just get the following:

OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

[coolapso]

Marked as bug for further investigation...

Something is causing this to happen to multiple users in different Distros ... and it probably has nothing to do with the lasted commit!

I strongly believe that this is due to a missing or misconfigured package, broken dependencies or some configuration that you all have in common that we are not catching and that the script is failing to detect.

I personally tried to replicate the issue in AWS Ubuntu, Virtual Machines, Natively in raspbian jessie and Stretch and wasn't able to find what causes this to happen.

I am again currently out of time to do Big testings and to delve into code to see where this is failing ... So if anyone wants to make tests and try this out we would pretty much appreciate that help!

[YepYip]

Hi all,

I have also the problem on my side : rp3, jessie, fresh installed yesterday (because I was thinking that stretch was the root cause ...). By debugging the installation script, I saw that the script stopped at the setNetwork function. In this function, an attempt to catch the word “Mask” on the command ifconfig “wlan0” does not succeed on my side because I’m French and I have the word “Masque”. Can it be the problem ? Here is the result of ‘ifconfig “wlan0”’ (some data have been obfuscated):

wlan0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX
inet adr:192.168.1.86 Bcast:192.168.1.255 Masque:255.255.255.0 adr inet6: XXXX:XXXX:XXX:XXXX:XXXX:XXXX:XXXX:XXXX/XX Scope:Global adr inet6: XXXX::XXXX:XXXX:XXXX:XXX/XX Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:125897 errors:0 dropped:7075 overruns:0 frame:0 TX packets:49883 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:1000 RX bytes:24855336 (23.7 MiB) TX bytes:9784222 (9.3 MiB)

ifconfig_wlan0.txt

[weslleycsil]

Hello guys, modify install.sh script in lines 376 and 377 376 LOCALMASK=$(ifconfig "${pivpnInterface}" | awk '/Mask:/{ print $4;} ' | cut -c6-) 377 LOCALIP=$(ifconfig "${pivpnInterface}" | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*')

change for this: 376 LOCALMASK=$( ifconfig "${pivpnInterface}" | grep -w 'inet' | awk ' { print $5 }' | sed -e "s/Masc://g" ) 377 LOCALIP=$( ifconfig "${pivpnInterface}" | grep -w 'Bcast' | awk '{ print $3 }' )

work for me, in Raspbian Jessie!

[mrbrainz]

Thanks @weslleycsil. That worked for me! Currently Generating DH parameters

[mrbrainz]

So the script crapped out at the end...

Note: using Easy-RSA configuration from: ./vars
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf

An updated CRL has been created.
CRL file: /etc/openvpn/easy-rsa/pki/crl.pem

run-parts: executing /usr/share/netfilter-persistent/plugins.d/15-ip4tables save
run-parts: executing /usr/share/netfilter-persistent/plugins.d/25-ip6tables save
::: Using Google DNS servers.
::: Install Complete...
::: Restarting services...
Synchronizing state for openvpn.service with sysvinit using update-rc.d...
Executing /usr/sbin/update-rc.d openvpn defaults
Executing /usr/sbin/update-rc.d openvpn enable
Failed to execute operation: File exists
root@Lengberry:~# ```

[weslleycsil]

This error appears to be something that had previously been installed. Try uninstalling everything on vpn from PI or installing the OS again. @mrbrainz In my PI it worked after changing the script.

[mrbrainz]

Installing the OS again was the main thing I was trying to avoid.... 😂

[jurekK]

Le 01/12/2017 à 15:00, mrbrainz a écrit :

Installing the OS again was the main thing I was trying to avoid.... 😂

And you are absolutely right! Buggy scripts should be corrected or ostracized if THIS is the way to live with them.

I repeat what I have said, after I got hit by this problem after having replaced Jessie by Stretch: clean thoroughly with APT your installations, this solved my troubles. But they were partly the result of some dirty experimentation (after all, Raspberry is for what? ...), and brave hacking, if brave enough, may do anything, so there is no universal Panacea in this world...

Bon courage. Jerzy Karczmarczuk /Caen, France/

[weslleycsil]

Installing the OS again was the main thing I was trying to avoid.... 😂

I also xD, I know how you feel .. Try to clean everything you've installed with regard to vpn before. And try to run again.

[coolapso]

Can anyone explain me how is the status of this??

Is @weslleycsil comment the solution for this? @redfast00 @0-kaladin What you think about this??

I was wondering if running the script as

curl -L https://install.pivpn.io | sudo bash

or

sudo bash <$(curl -L https://install.pivpn.io)

could solve this and some other similar issues around!

@jurekK any news??

thank you all ...

[coolapso]

according to issue #430 running dpkg --configure -a solves the thing .. has this solution been common to everyone in this issue?

@0-kaladin @redfast00 shall we add this to the script? and a sudo apt-get update && sudo apt-get upgrade Even before the script starts to do any changes?? this will probably solve many of the issues going on similar to this.

[0-kaladin]

I don't think it will hurt. run it before any apt runs since we can't be sure what state the user has left dpkg.

[Bouhmarc]

Good evening,

I have this problem too, i wanted to know if there is a log file generated by the script ? My raspberry runs on Jessie.

Regards ! Marc

[Bouhmarc]

Found my problem. The install script is language-dependant.. (mine is in french)

Two lines depends on the pi language : On line 376 : LOCALMASK=$(ifconfig "${pivpnInterface}" | awk '/Mask:/{ print $4;} ' | cut -c6-)

in french it will be : LOCALMASK=$(ifconfig "${pivpnInterface}" | awk '/Masque:/{ print $4;} ' | cut -c8-)

On line 377 : LOCALIP=$(ifconfig "${pivpnInterface}" | grep -Eo 'inet (addr:)?([0-9].){3}[0-9]' | grep -Eo '([0-9].){3}[0-9]')

in french it will be LOCALIP=$(ifconfig "${pivpnInterface}" | grep -Eo 'inet (adr:)?([0-9].){3}[0-9]' | grep -Eo '([0-9].){3}[0-9]')

By replacing those two lines, the install script worked fine !!

I have no ideas how not to be language dependant... But at least, you have a clue..

Regards

Marc

[coolapso]

@Bouhmarc GREAT JOB!!! Thank you a lot for your help ... that definitely helps out a lot!

[coolapso]

@redfast00 @redfast00 @EveryoneInThisIssue

Been looking through issues... and there are a few possible reasons for this to happen, and I hope we found all of them!

1 - Language Settings as @Bouhmarc mentioned and it is mentioned as well in issue #421 2 - Not Selecting the correct interface, check issue #429 3 - Updates and dependencies not installing properly which might be fixed as well with dpkg --configure -a

Since this is related to a bunch of issues, I will try to do my best to fix most of them during my pivpn scripting marathon and keep as most issues as possilble ... will be editing this issue as well with other older issues that might solve this one.

[coolapso]

ok .. @redfast00 @0-kaladin ( dont know why mentioned redfast twice in the previous comment)

Was able to replicate the issue initially reported here in a brand new AWS EC2 running Ubuntu ... which I solved by immediately running apt-get update && apt-get upgrade

My suggestion is before running dpkg --configure -a we should remove the functions update_package_cache() and notify_package_updates_available() ( Lines 451 and 471 ) and instead prompt the user if wants to update the system or not and if the user chose not to update the scripts proceeds with the install, however, warning them that we do not guarantee that the script will work.

what do you think?

[redfast00]

That seems reasonable, good job.

[riccardorestagno]

Any update on this? I'm still getting the same issues as above.

[coolapso]

@riccardorestagno still working on this as I am having available time ... go a few comments above and you have the reasons why this is happening.

[riccardorestagno]

OK, thanks for the update. I saw the git was updated 18 days ago so I assumed it was fixed. I'll keep track of this thread

[crasher91]

I do have the same issue on Stretch. Tried everything listed above but didn't solve the issue. Is there any plan when the fix will be available?

[coolapso]

@crasher91 unless someone comes up with the fixes, nope, I will be working on it as i am having free time which is quite few at the moment

[iaintshootinmis]

@cfcolaco

Are we just wanting to write the copy and insert user input for whether or not to.run the apt update/upgrade? If so, I can knock those out. If not, give me some bullet points and I'll see what I can knock out.

[coolapso]

@justinamcafee it is a bit more than just that but is not hard at all. I have most of the code fixes in place already ... need just some more free time to review the code, clean it and test it.

[GuillaumeBailey]

Those wishing to investigate these issues further should add set -x to the 2nd line of the install script. This will at least tell where the script fails. This one liner will do that: curl -L https://install.pivpn.io | sed '2s/.*/set -x/' > install.sh; chmod a+x install.sh; ./install.sh

For me, it was on the line sudo debconf-apt-progress -- apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools

This revealed some errors:

pi@raspberrypi:~ $ sudo apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Package dnsutils is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  bind9-host

Package iptables-persistent is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  netfilter-persistent

E: Unable to locate package openvpn
E: Unable to locate package git
E: Package 'iptables-persistent' has no installation candidate
E: Package 'dnsutils' has no installation candidate
E: Unable to locate package expect

and I was able to get past this with sudo apt-get update && sudo apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools

I'm generating my DH params now...

[crasher91]

any update on this? waiting hard for it :)

[miguelbenitez]

@crasher91 - I just ran through this post and did three things:

1. Followed instructions from @GuillaumeBailey to download the script file and change second line
2. Installed dnsutils
3. Set a static IP address I ran the modified script and it appeared to complete successfully.

@cfcolaco - thanks for all your work on this. I'm sure it's quite time consuming.

[crasher91]

when i run curl -L https://install.pivpn.io | sed '2s/.*/set -x/' > install.sh; chmod a+x install.sh; ./install.sh I got the same error:

sudo debconf-apt-progress -- apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools

inserting this I got the following:

pi@raspberrypi:~ $ sudo apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen.... Fertig grep ist schon die neueste Version (2.27-2). net-tools ist schon die neueste Version (1.60+git20161116.90da8a0-1). wget ist schon die neueste Version (1.18-5+deb9u1). whiptail ist schon die neueste Version (0.52.19-1). dhcpcd5 ist schon die neueste Version (1:6.11.5-1+rpt4). Vorgeschlagene Pakete: rblcheck git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch git-cvs git-mediawiki git-svn ncompress tar-scripts Empfohlene Pakete: tcl8.6 tk8.6 easy-rsa Die folgenden NEUEN Pakete werden installiert: dnsutils expect git git-man iptables-persistent liberror-perl libpkcs11-helper1 netfilter-persistent openvpn tcl-expect Die folgenden zurückgehaltenen Pakete werden verändert: tar Die folgenden Pakete werden durch eine ÄLTERE VERSION ERSETZT (Downgrade): tar 0 aktualisiert, 10 neu installiert, 1 durch eine ältere Version ersetzt, 0 zu entfernen und 26 nicht aktualisiert. E: Packages were downgraded and -y was used without --allow-downgrades.

then i also did sudo apt-get update && sudo apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools and got the following:

pi@raspberrypi:~ $ sudo apt-get update && sudo apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools OK:1 http://archive.raspberrypi.org/debian stretch InRelease OK:2 http://raspbian.raspberrypi.org/raspbian stretch InRelease OK:4 http://www.deb-multimedia.org stretch InRelease Fehl:3 http://cdn-fastly.deb.debian.org/debian jessie-backports InRelease Temporärer Fehlschlag beim Auflösen von »cdn-fastly.deb.debian.org« Paketlisten werden gelesen... Fertig W: Fehlschlag beim Holen von http://http.debian.net/debian/dists/jessie-backports/InRelease Temporärer Fehlschlag beim Auflösen von »cdn-fastly.deb.debian.org« W: Einige Indexdateien konnten nicht heruntergeladen werden. Sie wurden ignoriert oder alte an ihrer Stelle benutzt. Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen.... Fertig grep ist schon die neueste Version (2.27-2). net-tools ist schon die neueste Version (1.60+git20161116.90da8a0-1). wget ist schon die neueste Version (1.18-5+deb9u1). whiptail ist schon die neueste Version (0.52.19-1). dhcpcd5 ist schon die neueste Version (1:6.11.5-1+rpt4). Vorgeschlagene Pakete: rblcheck git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch git-cvs git-mediawiki git-svn ncompress tar-scripts Empfohlene Pakete: tcl8.6 tk8.6 easy-rsa Die folgenden NEUEN Pakete werden installiert: dnsutils expect git git-man iptables-persistent liberror-perl libpkcs11-helper1 netfilter-persistent openvpn tcl-expect Die folgenden zurückgehaltenen Pakete werden verändert: tar Die folgenden Pakete werden durch eine ÄLTERE VERSION ERSETZT (Downgrade): tar 0 aktualisiert, 10 neu installiert, 1 durch eine ältere Version ersetzt, 0 zu entfernen und 26 nicht aktualisiert. E: Packages were downgraded and -y was used without --allow-downgrades.

afterwards I tried again curl -L https://install.pivpn.io | bash and got the following:

pi@raspberrypi:~ $ curl -L https://install.pivpn.io | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 178 100 178 0 0 142 0 0:00:01 0:00:01 --:--:-- 142 curl: (6) Could not resolve host: raw.githubusercontent.com

not sure what is wrong...

[GuillaumeBailey]

@crasher91 Your output shows this error: E: Packages were downgraded and -y was used without --allow-downgrades.

try: sudo apt-get --yes --no-install-recommends --allow-downgrades install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools, and then ./install.sh

[crasher91]

i tried but still the script stops.

pi@raspberrypi:~ $ sudo apt-get --yes --no-install-recommends --allow-downgrades install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen.... Fertig grep ist schon die neueste Version (2.27-2). net-tools ist schon die neueste Version (1.60+git20161116.90da8a0-1). wget ist schon die neueste Version (1.18-5+deb9u1). whiptail ist schon die neueste Version (0.52.19-1). dhcpcd5 ist schon die neueste Version (1:6.11.5-1+rpt4). Vorgeschlagene Pakete: rblcheck git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch git-cvs git-mediawiki git-svn ncompress tar-scripts Empfohlene Pakete: tcl8.6 tk8.6 easy-rsa Die folgenden NEUEN Pakete werden installiert: dnsutils expect git git-man iptables-persistent liberror-perl libpkcs11-helper1 netfilter-persistent openvpn tcl-expect Die folgenden zurückgehaltenen Pakete werden verändert: tar Die folgenden Pakete werden durch eine ÄLTERE VERSION ERSETZT (Downgrade): tar 0 aktualisiert, 10 neu installiert, 1 durch eine ältere Version ersetzt, 0 zu entfernen und 26 nicht aktualisiert. E: Held packages were changed and -y was used without --allow-change-held-packages. pi@raspberrypi:~ $ ./install.sh

• set -e
• tmpLog=/tmp/pivpn-install.log
• instalLogLoc=/etc/pivpn/install.log
• setupVars=/etc/pivpn/setupVars.conf
• useUpdateVars=false
• PKG_MANAGER=apt-get
• PKG_CACHE=/var/lib/apt/lists/
• UPDATE_PKG_CACHE='apt-get update'
• PKG_INSTALL='apt-get --yes --no-install-recommends install'
• PKG_COUNT='apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true'
• PIVPN_DEPS=(openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools)
• pivpnGitUrl=https://github.com/pivpn/pivpn.git
• pivpnFilesDir=/etc/.pivpn
• easyrsaVer=3.0.1-pivpn1
• easyrsaRel=https://github.com/pivpn/easy-rsa/releases/download/3.0.1-pivpn1/EasyRSA-3.0.1-pivpn1.tgz ++ stty size
• screen_size='24 80' ++ echo 24 80 ++ awk '{print $1}'
• rows=24 ++ echo 24 80 ++ awk '{print $2}'
• columns=80
• r=12
• c=40
• r=20
• c=70
• skipSpaceCheck=false
• reconfigure=false
• runUnattended=false ++ ip route get 8.8.8.8 ++ awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}'
• IPv4dev=enxb827eb654415 ++ ip route get 8.8.8.8 ++ awk '{print $7}'
• IPv4addr=10.0.0.2 ++ ip route get 8.8.8.8 ++ awk '{print $3}'
• IPv4gw=10.0.0.138 ++ ip -o link ++ grep 'state UP' ++ awk '{print $2}' ++ cut -d@ -f1 ++ cut -d: -f1
• availableInterfaces=enxb827eb654415
• dhcpcdFile=/etc/dhcpcd.conf
• [[ '' != true ]]
• main
• echo ::: :::
• [[ 1000 -eq 0 ]]
• echo '::: sudo will be used for the install.' ::: sudo will be used for the install. ++ dpkg-query -s sudo
• [[ -n Package: sudo Status: install ok installed Priority: optional Section: admin Installed-Size: 3002 Maintainer: Bdale Garbee bdale@gag.com Architecture: armhf Version: 1.8.19p1-2.1 Replaces: sudo-ldap Depends: libaudit1 (>= 1:2.2.1), libc6 (>= 2.17), libpam0g (>= 0.99.7.1), libselinux1 (>= 1.32), libpam-modules, lsb-base Conflicts: sudo-ldap Conffiles: /etc/init.d/sudo 69497d0565055f626ee2bc84f818ce0f /etc/pam.d/sudo 85da64f888739f193fc0fa896680030e /etc/sudoers 45437b4e86fba2ab890ac81db2ec3606 /etc/sudoers.d/README 8d3cf36d1713f40a0ddc38e1b21a51b6 Description: Provide limited super user privileges to specific users Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. . This version is built with minimal shared library dependencies, use the sudo-ldap package instead if you need LDAP support for sudoers. Homepage: http://www.sudo.ws/ ]]
• export SUDO=sudo
• SUDO=sudo
• export 'SUDOE=sudo -E'
• SUDOE='sudo -E'
• distro_check
• hash lsb_release ++ lsb_release -si
• PLAT=Raspbian ++ lsb_release -sc
• OSCN=stretch
• case ${PLAT} in
• case ${OSCN} in
• echo Raspbian
• [[ -f /etc/pivpn/setupVars.conf ]]
• [[ false == true ]]
• verifyFreeDiskSpace
• echo '::: Verifying free disk space...' ::: Verifying free disk space...
• local required_free_kilobytes=76800 ++ df -Pk ++ grep -m1 '\/$' ++ awk '{print $4}'
• local existing_free_kilobytes=6543940
• [[ 6543940 =~ ^([0-9])+$ ]]
• [[ 6543940 -lt 76800 ]]
• update_package_cache ++ stat -c %Y /var/lib/apt/lists/
• timestamp=1523697696 ++ date -d @1523697696 '+%b %e'
• timestampAsDate='Apr 14' ++ date '+%b %e'
• today='Apr 14'
• '[' '!' 'Apr 14' == 'Apr 14' ']'
• notify_package_updates_available
• echo ::: :::
• echo -n '::: Checking apt-get for upgraded packages....' ::: Checking apt-get for upgraded packages....++ eval 'apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true' +++ apt-get -s -o Debug::NoLocking=true upgrade +++ grep -c '^Inst' +++ true
• updatesToInstall=0
• echo ' done!' done!
• echo ::: :::
• [[ 0 -eq 0 ]]
• echo '::: Your system is up to date! Continuing with PiVPN installation...' ::: Your system is up to date! Continuing with PiVPN installation...
• install_dependent_packages 'PIVPN_DEPS[@]'
• argArray1=("${!1}")
• declare -a argArray1
• echo iptables-persistent iptables-persistent/autosave_v4 boolean true
• sudo debconf-set-selections
• echo iptables-persistent iptables-persistent/autosave_v6 boolean false
• sudo debconf-set-selections
• command -v debconf-apt-progress
• sudo debconf-apt-progress -- apt-get --yes --no-install-recommends install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools

[GuillaumeBailey]

@crasher91

I listed roughly three (unnumbered) steps above, but I forgot to list a couple of very important steps:

4. You need to read the output of whatever modified command you run, and see what errors and warnings it gave, and think and research about what could be done to resolve those errors, and then try that, even in the face of uncertainty.
5. If that worked, see if you have a new error. If so, go to step 4. If no errors, try to use the product, and upon error go to step 4. If everything works, continue work on the larger problem that was impeded by this diversion.

Your command was: sudo apt-get --yes --no-install-recommends --allow-downgrades install openvpn git dhcpcd5 tar wget grep iptables-persistent dnsutils expect whiptail net-tools

If you look at your output you can see that errors start with E:.

You have one error: E: Held packages were changed and -y was used without --allow-change-held-packages.

I'm not an expert on apt-get, but it sounds like when you are allowing downgrades (--allow-downgrades) and automatically accepting all changes (--yes, also known as -y), they want you to allow changing held packages (--allow-change-held-packages), too. If I had to guess, the makers of apt-get are worried that this may break something else on your system, or you may lose security updates or functionality by allowing packages you already have ("held packages") to be downgraded. I think you really want your PiVPN to work, damn the consequences, so I would try adding --allow-change-held-packages to your previous command, then apply the steps, starting with step 4 above.

A parting thought: my original post is just a more advanced application of step 4: In the case that there is no output, research and apply your experience to find a way to get some output, then apply the steps starting with 4.

It has been my experience that being very good and persistent at steps 4&5 above is a skill that few people have, yet is in high demand, so it is both very richly rewarded, and presents an opportunity to work on interesting, important and challenging problems.

[slycar]

Hey everybody!

Just wanted to quickly say this is my first post for PiVPN. I'm not very familiar with rules, so please excuse any rule violations.

I've tried installing PiVPN and the install kept stopping as soon as the graphical part loaded as reported by many on this thread. After performing the apt update, apt dist-upgrade, dpkg --configure -a, the install still closed unexpectedly. Running curl -L https://install.pivpn.io | sed '2s/.*/set -x/' > install.sh; chmod a+x install.sh; ./install.sh showed where it hanged. I decided to try and install OpenVPN with sudo apt-get install openvpn. After that, the basic install worked.

I'm sorry I cant provide any rhyme or reason for my fix.

Installed on a Raspberry Pi 3 B with official 7" Touch Screen.

pi@raspberrypi:~ $ cat /etc/rel /usr/lib/arm-linux-gnueabihf/libarmmem.so PRETTY_NAME="Raspbian GNU/Linux 9 (stretch)" NAME="Raspbian GNU/Linux" VERSION_ID="9" VERSION="9 (stretch)" ID=raspbian ID_LIKE=debian HOME_URL="http://www.raspbian.org/" SUPPORT_URL="http://www.raspbian.org/RaspbianForums" BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"

[redfast00]

@slycar did you do anything special when installing the openvpn package? Where did it get stuck?

[slycar]

@redfast00 The install was hanging as soon as the GUI would load with 'curl -L Https://install.pivpn.io | bash'. Like i mentioned, running 'apt-get install openvpn' then retrying the 'curl -L...' worked without a hitch.

A different issue I now have is the http service doesnt work when my smartphone is in LTE, but works great using any other wifi network. Not sure if Telus mobility is to blame for preventing port forwarding on http, but I still get access to ssh and other services over LTE.

[were491]

Try checking for free disk space, or if it is already installed, or traces of it are, liek openvpn. Sometimes, for me, anyways, when there were some specific files relating to openvpn or something it stopped the script, but the most common reason for me was not having free sd card space.