3.0.1 - gentoo unpriviliged container - openvpn won't start at boot and won't stop

Would appreciate some pointer to either solve or debug

openvpn 2.4.6 working with 2 exceptions:

  1. not starting at boot time but no problem with /etc/init.d/openvpn start
  2. not stopping with /etc/init.d/openvpn stop

/etc/init.d/openvpn -v start

Summary
  • Executing: /lib64/rc/sh/openrc-run.sh /lib64/rc/sh/openrc-run.sh /etc/init.d/openvpn start
  • No permission to apply cgroup settings
  • Starting openvpn …
  • start-stop-daemon: fopen `/var/run/openvpn.pid’: No such file or directory
  • Detaching to start `/usr/sbin/openvpn’ …

/etc/init.d/openvpn -v stop

Summary
  • Executing: /lib64/rc/sh/openrc-run.sh /lib64/rc/sh/openrc-run.sh /etc/init.d/openvpn stop
  • No permission to apply cgroup settings
  • Stopping openvpn …
  • Will stop /usr/sbin/openvpn
  • Will stop PID 1040
  • Will stop processes of `/usr/sbin/openvpn’
  • Sending signal 15 to PID 1040 … [ ok ]
  • Sending signal 0 to PID 1040 … [ ok ]
  • start-stop-daemon: 1 process refused to stop [ !! ]
  • ERROR: openvpn failed to stop

/etc/init.d/openvpn -d stop

Summary
+ sourcex -e /etc/rc.conf
+ '[' -e = -e ']'
+ shift
+ '[' -e /etc/rc.conf ']'
+ . /etc/rc.conf
++ rc_shell=/sbin/sulogin
++ unicode=YES
++ rc_tty_number=12
+ '[' -d /etc/rc.conf.d ']'
+ _conf_d=/etc/init.d/../conf.d
+ _c=openvpn
+ '[' -n openvpn -a openvpn '!=' openvpn ']'
+ unset _c
+ sourcex -e /etc/init.d/../conf.d/openvpn.default
+ '[' -e = -e ']'
+ shift
+ '[' -e /etc/init.d/../conf.d/openvpn.default ']'
+ return 1
+ sourcex -e /etc/init.d/../conf.d/openvpn
+ '[' -e = -e ']'
+ shift
+ '[' -e /etc/init.d/../conf.d/openvpn ']'
+ . /etc/init.d/../conf.d/openvpn
++ PEER_DNS=yes
++ DETECT_CLIENT=yes
++ RE_ENTER=no
+ unset _conf_d
+ sourcex /lib64/rc/sh/runit.sh
+ '[' /lib64/rc/sh/runit.sh = -e ']'
+ . /lib64/rc/sh/runit.sh
+ sourcex /lib64/rc/sh/s6.sh
+ '[' /lib64/rc/sh/s6.sh = -e ']'
+ . /lib64/rc/sh/s6.sh
++ '[' -z '' ']'
++ s6_service_path=/var/svc.d/openvpn
+ sourcex /lib64/rc/sh/start-stop-daemon.sh
+ '[' /lib64/rc/sh/start-stop-daemon.sh = -e ']'
+ . /lib64/rc/sh/start-stop-daemon.sh
+ sourcex /lib64/rc/sh/supervise-daemon.sh
+ '[' /lib64/rc/sh/supervise-daemon.sh = -e ']'
+ . /lib64/rc/sh/supervise-daemon.sh
+ sourcex /etc/init.d/openvpn
+ '[' /etc/init.d/openvpn = -e ']'
+ . /etc/init.d/openvpn
++ VPNDIR=/etc/openvpn
++ VPN=openvpn
++ '[' -n openvpn ']'
++ '[' openvpn '!=' openvpn ']'
++ VPNPID=/var/run/openvpn.pid
++ VPNCONF=/etc/openvpn/openvpn.conf
+ yesno ''
+ '[' -z '' ']'
+ return 1
+ for _cmd in "$@"
+ '[' stop '!=' status -a stop '!=' describe ']'
+ '[' -n '' ']'
++ command -v cgroup_add_service
+ '[' cgroup_add_service = cgroup_add_service ']'
+ '[' -d /sys/fs/cgroup -a '!' -w /sys/fs/cgroup ']'
+ eerror 'No permission to apply cgroup settings'
* No permission to apply cgroup settings
+ break
+ eval 'printf '\''%s\n'\'' '
++ printf '%s\n'
+ read _d
+ '[' -n '' ']'
+ read _d
+ '[' 0 -ne 0 ']'
+ unset _d
+ eval 'printf '\''%s\n'\'' '
++ printf '%s\n'
+ read _f
+ '[' -n '' ']'
+ read _f
+ '[' 0 -ne 0 ']'
+ unset _f
+ '[' -n '' ']'
+ '[' -n stop ']'
+ '[' stop = depend ']'
+ for _cmd in describe start stop status ${extra_commands:-$opts} $extra_started_commands $extra_stopped_commands
+ '[' describe = stop ']'
+ for _cmd in describe start stop status ${extra_commands:-$opts} $extra_started_commands $extra_stopped_commands
+ '[' start = stop ']'
+ for _cmd in describe start stop status ${extra_commands:-$opts} $extra_started_commands $extra_stopped_commands
+ '[' stop = stop ']'
++ command -v stop
+ '[' stop = stop ']'
+ yesno
+ '[' -z '' ']'
+ return 1
+ for _cmd in $extra_stopped_commands
+ '[' cgroup_cleanup = stop ']'
+ unset _cmd
+ case $1 in
+ verify_boot
+ '[' '!' -e /run/openrc/softlevel ']'
+ return 0
++ command -v stop_pre
+ '[' '' = stop_pre ']'
+ stop
+ '[' '' = true ']'
+ ebegin 'Stopping openvpn'
* Stopping openvpn ...
+ start-stop-daemon --stop --quiet --exec /usr/sbin/openvpn --pidfile /var/run/openvpn.pid
* start-stop-daemon: 1 process refused to stop
+ eend 1 [ !! ]
+ exit 1
* ERROR: openvpn failed to stop

suppose that should have been the clue… thus addting to the openvpn conf file

writepid /var/run/openvpn.pid

is solving the issue. If however not run from cli rc-update add openvpn default