From 817fa15d7aa384fb5a3e40815ad922fffffa892113d65cb669eaca61ac821899 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Tue, 23 Apr 2013 10:27:28 +0000 Subject: [PATCH 1/3] - Fixed GID to root in openvpn-tmpfile.conf, there is no openvpn group. OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=56 --- openvpn-tmpfile.conf | 2 +- openvpn.changes | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/openvpn-tmpfile.conf b/openvpn-tmpfile.conf index 9b9cb2d..431c9f5 100644 --- a/openvpn-tmpfile.conf +++ b/openvpn-tmpfile.conf @@ -1 +1 @@ -D /var/run/openvpn 0710 root openvpn - +D /var/run/openvpn 0710 root root - diff --git a/openvpn.changes b/openvpn.changes index 3cbe290..a71d90d 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Apr 23 10:22:32 UTC 2013 - mt@suse.de + +- Fixed GID to root in openvpn-tmpfile.conf, there is no openvpn group. + ------------------------------------------------------------------- Tue Mar 26 14:38:48 UTC 2013 - aj@suse.com From 38fd21b2e60ce14eb68220d622bbaaf3062fa489e395c5c03831abffda1394c5 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Tue, 23 Apr 2013 12:40:53 +0000 Subject: [PATCH 2/3] - Fixed to enable systemd support in configure - Fixed to install the service template correctly as openvpn@.service. Use "systemctl enable openvpn@foo.service" to enable instance using /etc/openvpn/foo.conf. - Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group. - Disabled all systemd post install macros trying to use not existing openvpn.service file. OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=57 --- openvpn.changes | 8 +++++++- openvpn.service | 8 ++++---- openvpn.spec | 35 +++++++++++++++++------------------ 3 files changed, 28 insertions(+), 23 deletions(-) diff --git a/openvpn.changes b/openvpn.changes index a71d90d..7076a4f 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,7 +1,13 @@ ------------------------------------------------------------------- Tue Apr 23 10:22:32 UTC 2013 - mt@suse.de -- Fixed GID to root in openvpn-tmpfile.conf, there is no openvpn group. +- Fixed to enable systemd support in configure +- Fixed to install the service template correctly as openvpn@.service. + Use "systemctl enable openvpn@foo.service" to enable instance using + /etc/openvpn/foo.conf. +- Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group. +- Disabled all systemd post install macros trying to use not existing + openvpn.service file. ------------------------------------------------------------------- Tue Mar 26 14:38:48 UTC 2013 - aj@suse.com diff --git a/openvpn.service b/openvpn.service index 4bda941..6e05253 100644 --- a/openvpn.service +++ b/openvpn.service @@ -1,14 +1,14 @@ [Unit] -Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I +Description=OpenVPN Robust And Highly Flexible Tunneling Application Instance using %I.conf After=syslog.target network.target [Service] -PrivateTmp=true Type=forking +PrivateTmp=true PIDFile=/var/run/openvpn/%i.pid -ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf +ExecStart=/usr/sbin/openvpn --daemon --suppress-timestamps --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf +ExecReload=/sbin/killproc -p /var/run/openvpn/%i.pid -HUP /usr/sbin/openvpn [Install] WantedBy=multi-user.target - diff --git a/openvpn.spec b/openvpn.spec index 026f7c1..75ae8b6 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -132,14 +132,15 @@ find contrib sample -type f -perm +100 \ export CFLAGS="$RPM_OPT_FLAGS -W -Wall -fno-strict-aliasing" export LDFLAGS %configure \ - --enable-iproute2 \ - --enable-x509-alt-username \ - --enable-password-save \ - --enable-plugins \ - --enable-plugin-down-root \ - --enable-plugin-auth-pam \ - --with-lzo-headers=%_includedir/lzo \ - CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS" \ + --enable-iproute2 \ + --enable-x509-alt-username \ + --enable-password-save \ + --enable-systemd \ + --enable-plugins \ + --enable-plugin-down-root \ + --enable-plugin-auth-pam \ + --with-lzo-headers=%_includedir/lzo \ + CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS" \ LDFLAGS="$LDFLAGS -pie -lpam -rdynamic -Wl,-rpath,%{_libdir}/%{name}/plugin/lib" make @@ -150,7 +151,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openvpn mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/run/openvpn mkdir -p $RPM_BUILD_ROOT/%{_datadir}/openvpn %if %{with_systemd} -install -D -m 644 $RPM_SOURCE_DIR/%{name}.service %{buildroot}/%{_unitdir}/%{name}.service +install -D -m 644 $RPM_SOURCE_DIR/%{name}.service %{buildroot}/%{_unitdir}/%{name}@.service # tmpfiles.d mkdir -p %{buildroot}%{_libexecdir}/tmpfiles.d install -m 0644 $RPM_SOURCE_DIR/%{name}-tmpfile.conf %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf @@ -170,23 +171,21 @@ install -m 755 $RPM_SOURCE_DIR/client-netconfig.down sample/sample-scripts/clien rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name} %post -%if %{with_systemd} -%service_add_post %{name}.service -%else +%if ! %{with_systemd} +#service_add_post #{name}@.service +#else %{?fillup_and_insserv:%fillup_and_insserv} %endif %preun -%if %{with_systemd} -%service_del_preun %{name}.service +%if ! %{with_systemd} +#service_del_preun #{name}@.service %else %{?stop_on_removal:%stop_on_removal openvpn} %endif %postun -%if %{with_systemd} -%service_del_postun %{name}.service -%else +%if ! %{with_systemd} %{?insserv_cleanup:%insserv_cleanup} %endif @@ -203,7 +202,7 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name} %doc %{_mandir}/man8/openvpn.8.gz %config(noreplace) %{_sysconfdir}/openvpn/ %if %{with_systemd} -%{_unitdir}/%{name}.service +%{_unitdir}/%{name}@.service %{_libexecdir}/tmpfiles.d/%{name}.conf %else %config %{_sysconfdir}/init.d/openvpn From d3f926c85fdf821141b16690dcba37f8aadcbc163cde58fbe23e167c38ac6f7d Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Tue, 23 Apr 2013 13:22:31 +0000 Subject: [PATCH 3/3] - Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group. - Added openvpn.target file allowing to handle all instances at once. - Disabled systemd variant of restart on update rpm macro, adopted other macros to use openvpn.target to e.g. stop all instances on uninstall. OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=58 --- openvpn-tmpfile.conf | 2 +- openvpn.changes | 9 +++++---- openvpn.service | 7 ++++--- openvpn.spec | 24 ++++++++++++++++-------- openvpn.target | 3 +++ 5 files changed, 29 insertions(+), 16 deletions(-) create mode 100644 openvpn.target diff --git a/openvpn-tmpfile.conf b/openvpn-tmpfile.conf index 431c9f5..9416334 100644 --- a/openvpn-tmpfile.conf +++ b/openvpn-tmpfile.conf @@ -1 +1 @@ -D /var/run/openvpn 0710 root root - +D /var/run/openvpn 0750 root root - diff --git a/openvpn.changes b/openvpn.changes index 7076a4f..bb80770 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,13 +1,14 @@ ------------------------------------------------------------------- -Tue Apr 23 10:22:32 UTC 2013 - mt@suse.de +Tue Apr 23 13:20:48 UTC 2013 - mt@suse.de - Fixed to enable systemd support in configure +- Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group. +- Added openvpn.target file allowing to handle all instances at once. - Fixed to install the service template correctly as openvpn@.service. Use "systemctl enable openvpn@foo.service" to enable instance using /etc/openvpn/foo.conf. -- Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group. -- Disabled all systemd post install macros trying to use not existing - openvpn.service file. +- Disabled systemd variant of restart on update rpm macro, adopted other + macros to use openvpn.target to e.g. stop all instances on uninstall. ------------------------------------------------------------------- Tue Mar 26 14:38:48 UTC 2013 - aj@suse.com diff --git a/openvpn.service b/openvpn.service index 6e05253..71ec1d8 100644 --- a/openvpn.service +++ b/openvpn.service @@ -1,6 +1,7 @@ [Unit] -Description=OpenVPN Robust And Highly Flexible Tunneling Application Instance using %I.conf -After=syslog.target network.target +Description=OpenVPN tunneling daemon instance using /etc/openvpn/%I.conf +After=network.target +PartOf=openvpn.target [Service] Type=forking @@ -10,5 +11,5 @@ ExecStart=/usr/sbin/openvpn --daemon --suppress-timestamps --writepid /var/run/o ExecReload=/sbin/killproc -p /var/run/openvpn/%i.pid -HUP /usr/sbin/openvpn [Install] -WantedBy=multi-user.target +WantedBy=multi-user.target openvpn.target diff --git a/openvpn.spec b/openvpn.spec index 75ae8b6..4045ed4 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -43,7 +43,8 @@ Source4: client-netconfig.up Source5: client-netconfig.down Source7: %{name}.keyring Source8: %{name}.service -Source9: %{name}-tmpfile.conf +Source9: %{name}.target +Source10: %{name}-tmpfile.conf Patch1: %{name}-2.3-plugin-man.dif Patch5: %{name}-2.3.0-man-dot.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -135,7 +136,9 @@ export LDFLAGS --enable-iproute2 \ --enable-x509-alt-username \ --enable-password-save \ +%if %{with_systemd} --enable-systemd \ +%endif --enable-plugins \ --enable-plugin-down-root \ --enable-plugin-auth-pam \ @@ -152,6 +155,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/run/openvpn mkdir -p $RPM_BUILD_ROOT/%{_datadir}/openvpn %if %{with_systemd} install -D -m 644 $RPM_SOURCE_DIR/%{name}.service %{buildroot}/%{_unitdir}/%{name}@.service +install -D -m 644 $RPM_SOURCE_DIR/%{name}.target %{buildroot}/%{_unitdir}/%{name}.target # tmpfiles.d mkdir -p %{buildroot}%{_libexecdir}/tmpfiles.d install -m 0644 $RPM_SOURCE_DIR/%{name}-tmpfile.conf %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf @@ -171,21 +175,24 @@ install -m 755 $RPM_SOURCE_DIR/client-netconfig.down sample/sample-scripts/clien rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name} %post -%if ! %{with_systemd} -#service_add_post #{name}@.service -#else +%__mkdir_p -m750 %{_localstatedir}/run/openvpn +%if %{with_systemd} +%service_add_post %{name}.target +%else %{?fillup_and_insserv:%fillup_and_insserv} %endif %preun -%if ! %{with_systemd} -#service_del_preun #{name}@.service +%if %{with_systemd} +%service_del_preun %{name}.target %else %{?stop_on_removal:%stop_on_removal openvpn} %endif %postun -%if ! %{with_systemd} +%if %{with_systemd} +/bin/systemctl --system daemon-reload &>/dev/null || : +%else %{?insserv_cleanup:%insserv_cleanup} %endif @@ -203,6 +210,7 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name} %config(noreplace) %{_sysconfdir}/openvpn/ %if %{with_systemd} %{_unitdir}/%{name}@.service +%{_unitdir}/%{name}.target %{_libexecdir}/tmpfiles.d/%{name}.conf %else %config %{_sysconfdir}/init.d/openvpn @@ -210,7 +218,7 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name} %{_sbindir}/rcopenvpn %endif %{_sbindir}/openvpn -%attr(0755,root,root) %dir %ghost %{_localstatedir}/run/openvpn +%attr(0750,root,root) %dir %ghost %{_localstatedir}/run/openvpn %{_includedir}/%{name}-plugin.h %files down-root-plugin diff --git a/openvpn.target b/openvpn.target new file mode 100644 index 0000000..632256d --- /dev/null +++ b/openvpn.target @@ -0,0 +1,3 @@ +[Unit] +Description=OpenVPN target allowing to start/stop all openvpn@.service instances at once +