Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I get the following output:
[ ] Clients allowed=500 [.] stunnel 5.56 on x86_64-pc-linux-gnu platform [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 [.] Running with OpenSSL 1.1.1n 15 Mar 2022 [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP [ ] errno: (*__errno_location ()) [.] Reading configuration from file /etc/stunnel/stunnel.conf [.] UTF-8 byte order mark not detected [.] FIPS mode disabled [ ] Compression disabled [ ] No PRNG seeding was required [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified option name is not valid here [ ] Deallocating section defaults
When I run "sudo netstat -tulnp | grep -i stunnel" I also get no output - which means that stunnel is not starting up?
Hello,
On 5/9/23 09:40, trashrap22@gmail.com wrote:
Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I get the following output:
[ ] Clients allowed=500 [.] stunnel 5.56 on x86_64-pc-linux-gnu platform [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 [.] Running with OpenSSL 1.1.1n 15 Mar 2022 [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP [ ] errno: (*__errno_location ()) [.] Reading configuration from file /etc/stunnel/stunnel.conf [.] UTF-8 byte order mark not detected [.] FIPS mode disabled [ ] Compression disabled [ ] No PRNG seeding was required [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified option name is not valid here [ ] Deallocating section defaults
When I run "sudo netstat -tulnp | grep -i stunnel" I also get no output - which means that stunnel is not starting up?
The log message seems pretty specific to me. Maybe you should fix that?
-chris
I have tried changing the location to
var/log/stunnel4/stunnel.log var/log/stunnel4/stunnelLog var/log/secure/ var/log/secure/stunnel.log etc/stunnel/stunnel.log etc/stunnel/stunnelLog
don't know how to fix it yet...
On Tue, May 9, 2023 at 3:54 PM Christopher Schultz < chris@christopherschultz.net> wrote:
Hello,
On 5/9/23 09:40, trashrap22@gmail.com wrote:
Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I get the
following output:
[ ] Clients allowed=500 [.] stunnel 5.56 on x86_64-pc-linux-gnu platform [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 [.] Running with OpenSSL 1.1.1n 15 Mar 2022 [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD
TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP
[ ] errno: (*__errno_location ()) [.] Reading configuration from file /etc/stunnel/stunnel.conf [.] UTF-8 byte order mark not detected [.] FIPS mode disabled [ ] Compression disabled [ ] No PRNG seeding was required [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified
option name is not valid here
[ ] Deallocating section defaults
When I run "sudo netstat -tulnp | grep -i stunnel" I also get no output
- which means that stunnel is not starting up?
The log message seems pretty specific to me. Maybe you should fix that?
-chris _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
Hello,
On 5/9/23 10:17, d3rIIIe15ter Tier wrote:
I have tried changing the location to
var/log/stunnel4/stunnel.log var/log/stunnel4/stunnelLog var/log/secure/ var/log/secure/stunnel.log etc/stunnel/stunnel.log etc/stunnel/stunnelLog
don't know how to fix it yet...
I don't think the *value* is the problem. The problem is that you have defined "output" somewhere that isn't valid, such as within a specific service's section instead of as a global setting.
-chris
On Tue, May 9, 2023 at 3:54 PM Christopher Schultz <chris@christopherschultz.net mailto:chris@christopherschultz.net> wrote:
Hello, On 5/9/23 09:40, trashrap22@gmail.com <mailto:trashrap22@gmail.com> wrote: > Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I get the following output: > > [ ] Clients allowed=500 > [.] stunnel 5.56 on x86_64-pc-linux-gnu platform > [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 > [.] Running with OpenSSL 1.1.1n 15 Mar 2022 > [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP > [ ] errno: (*__errno_location ()) > [.] Reading configuration from file /etc/stunnel/stunnel.conf > [.] UTF-8 byte order mark not detected > [.] FIPS mode disabled > [ ] Compression disabled > [ ] No PRNG seeding was required > [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified option name is not valid here > [ ] Deallocating section defaults > > When I run "sudo netstat -tulnp | grep -i stunnel" I also get no output - which means that stunnel is not starting up? The log message seems pretty specific to me. Maybe you should fix that? -chris _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org> To unsubscribe send an email to stunnel-users-leave@stunnel.org <mailto:stunnel-users-leave@stunnel.org>
You are right... bad mistake.
Now I get: cannot open log file - which I am sure is a permission thing since I need to use sudo to be able to write to that file. Any ideas further?
On Tue, May 9, 2023 at 4:21 PM Christopher Schultz < chris@christopherschultz.net> wrote:
Hello,
On 5/9/23 10:17, d3rIIIe15ter Tier wrote:
I have tried changing the location to
var/log/stunnel4/stunnel.log var/log/stunnel4/stunnelLog var/log/secure/ var/log/secure/stunnel.log etc/stunnel/stunnel.log etc/stunnel/stunnelLog
don't know how to fix it yet...
I don't think the *value* is the problem. The problem is that you have defined "output" somewhere that isn't valid, such as within a specific service's section instead of as a global setting.
-chris
On Tue, May 9, 2023 at 3:54 PM Christopher Schultz <chris@christopherschultz.net mailto:chris@christopherschultz.net>
wrote:
Hello, On 5/9/23 09:40, trashrap22@gmail.com <mailto:trashrap22@gmail.com> wrote: > Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I get the following output: > > [ ] Clients allowed=500 > [.] stunnel 5.56 on x86_64-pc-linux-gnu platform > [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 > [.] Running with OpenSSL 1.1.1n 15 Mar 2022 > [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP > [ ] errno: (*__errno_location ()) > [.] Reading configuration from file /etc/stunnel/stunnel.conf > [.] UTF-8 byte order mark not detected > [.] FIPS mode disabled > [ ] Compression disabled > [ ] No PRNG seeding was required > [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified option name is not valid here > [ ] Deallocating section defaults > > When I run "sudo netstat -tulnp | grep -i stunnel" I also get no output - which means that stunnel is not starting up? The log message seems pretty specific to me. Maybe you should fixthat?
-chris _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org> To unsubscribe send an email to stunnel-users-leave@stunnel.org <mailto:stunnel-users-leave@stunnel.org>
stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
After giving access to var/log/secure/stunnel.log, I now get logs!
There I get the following error:
Cannot create pid file /var/run/stunnel4.pid create: Permission denied (13)
Any ideas?
On Tue, May 9, 2023 at 4:34 PM d3rIIIe15ter Tier trashrap22@gmail.com wrote:
You are right... bad mistake.
Now I get: cannot open log file - which I am sure is a permission thing since I need to use sudo to be able to write to that file. Any ideas further?
On Tue, May 9, 2023 at 4:21 PM Christopher Schultz < chris@christopherschultz.net> wrote:
Hello,
On 5/9/23 10:17, d3rIIIe15ter Tier wrote:
I have tried changing the location to
var/log/stunnel4/stunnel.log var/log/stunnel4/stunnelLog var/log/secure/ var/log/secure/stunnel.log etc/stunnel/stunnel.log etc/stunnel/stunnelLog
don't know how to fix it yet...
I don't think the *value* is the problem. The problem is that you have defined "output" somewhere that isn't valid, such as within a specific service's section instead of as a global setting.
-chris
On Tue, May 9, 2023 at 3:54 PM Christopher Schultz <chris@christopherschultz.net mailto:chris@christopherschultz.net>
wrote:
Hello, On 5/9/23 09:40, trashrap22@gmail.com <mailto:trashrap22@gmail.com> wrote: > Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I get the following output: > > [ ] Clients allowed=500 > [.] stunnel 5.56 on x86_64-pc-linux-gnu platform > [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 > [.] Running with OpenSSL 1.1.1n 15 Mar 2022 > [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP > [ ] errno: (*__errno_location ()) > [.] Reading configuration from file /etc/stunnel/stunnel.conf > [.] UTF-8 byte order mark not detected > [.] FIPS mode disabled > [ ] Compression disabled > [ ] No PRNG seeding was required > [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified option name is not valid here > [ ] Deallocating section defaults > > When I run "sudo netstat -tulnp | grep -i stunnel" I also get no output - which means that stunnel is not starting up? The log message seems pretty specific to me. Maybe you should fixthat?
-chris _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org> To unsubscribe send an email to stunnel-users-leave@stunnel.org <mailto:stunnel-users-leave@stunnel.org>
stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
Hello,
On 5/9/23 11:13, d3rIIIe15ter Tier wrote:
After giving access to var/log/secure/stunnel.log, I now get logs!
There I get the following error:
Cannot create pid file /var/run/stunnel4.pid create: Permission denied (13)
What is the euid of the stunnel process? Does it have access to that path? Are you using a chroot jail? (You should be.) Does that path exist in the chroot jail? Can the stunnel user write to that path?
-chris
On Tue, May 9, 2023 at 4:34 PM d3rIIIe15ter Tier <trashrap22@gmail.com mailto:trashrap22@gmail.com> wrote:
You are right... bad mistake. Now I get: cannot open log file - which I am sure is a permission thing since I need to use sudo to be able to write to that file. Any ideas further? On Tue, May 9, 2023 at 4:21 PM Christopher Schultz <chris@christopherschultz.net <mailto:chris@christopherschultz.net>> wrote: Hello, On 5/9/23 10:17, d3rIIIe15ter Tier wrote: > I have tried changing the location to > > var/log/stunnel4/stunnel.log > var/log/stunnel4/stunnelLog > var/log/secure/ > var/log/secure/stunnel.log > etc/stunnel/stunnel.log > etc/stunnel/stunnelLog > > don't know how to fix it yet... I don't think the *value* is the problem. The problem is that you have defined "output" somewhere that isn't valid, such as within a specific service's section instead of as a global setting. -chris > On Tue, May 9, 2023 at 3:54 PM Christopher Schultz > <chris@christopherschultz.net <mailto:chris@christopherschultz.net> <mailto:chris@christopherschultz.net <mailto:chris@christopherschultz.net>>> wrote: > > Hello, > > On 5/9/23 09:40, trashrap22@gmail.com <mailto:trashrap22@gmail.com> <mailto:trashrap22@gmail.com <mailto:trashrap22@gmail.com>> > wrote: > > Hi, I am on Debian - when I run "sudo stunnel stunnel.conf" I > get the following output: > > > > [ ] Clients allowed=500 > > [.] stunnel 5.56 on x86_64-pc-linux-gnu platform > > [.] Compiled with OpenSSL 1.1.1k 25 Mar 2021 > > [.] Running with OpenSSL 1.1.1n 15 Mar 2022 > > [.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD > TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP > > [ ] errno: (*__errno_location ()) > > [.] Reading configuration from file /etc/stunnel/stunnel.conf > > [.] UTF-8 byte order mark not detected > > [.] FIPS mode disabled > > [ ] Compression disabled > > [ ] No PRNG seeding was required > > [!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": > Specified option name is not valid here > > [ ] Deallocating section defaults > > > > When I run "sudo netstat -tulnp | grep -i stunnel" I also get no > output - which means that stunnel is not starting up? > > The log message seems pretty specific to me. Maybe you should fix that? > > -chris > _______________________________________________ > stunnel-users mailing list -- stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org> > <mailto:stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org>> > To unsubscribe send an email to stunnel-users-leave@stunnel.org <mailto:stunnel-users-leave@stunnel.org> > <mailto:stunnel-users-leave@stunnel.org <mailto:stunnel-users-leave@stunnel.org>> > _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org> To unsubscribe send an email to stunnel-users-leave@stunnel.org <mailto:stunnel-users-leave@stunnel.org>
Hi,
[!] /etc/stunnel/stunnel.conf:24: "output = /tmp/stunnel.log": Specified option name is not valid here
The error says that you tried to put a global configuration file option ("output") in a service section.
See https://www.stunnel.org/static/stunnel.html for details.
Best regards, Mike
-
Christopher Schultz -
d3rIIIe15ter Tier -
Michał Trojnara -
trashrap22@gmail.com