summarylogtreecommitdiffstats
path: root/0002-systemd.patch
diff options
context:
space:
mode:
Diffstat (limited to '0002-systemd.patch')
-rw-r--r--0002-systemd.patch84
1 files changed, 84 insertions, 0 deletions
diff --git a/0002-systemd.patch b/0002-systemd.patch
new file mode 100644
index 000000000000..210b305ab421
--- /dev/null
+++ b/0002-systemd.patch
@@ -0,0 +1,84 @@
+diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service
+index 18b84dd..5618af3 100644
+--- a/distro/systemd/openvpn-client@.service
++++ b/distro/systemd/openvpn-client@.service
+@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+ [Service]
++Type=notify
+ PrivateTmp=true
+ RuntimeDirectory=openvpn-client
+ RuntimeDirectoryMode=0710
+ WorkingDirectory=/etc/openvpn/client
+-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
+ ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
+ CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
+ LimitNPROC=10
+diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service
+index a2b7b52..b9b4dba 100644
+--- a/distro/systemd/openvpn-server@.service
++++ b/distro/systemd/openvpn-server@.service
+@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+ [Service]
++Type=notify
+ PrivateTmp=true
+ RuntimeDirectory=openvpn-server
+ RuntimeDirectoryMode=0710
+ WorkingDirectory=/etc/openvpn/server
+-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
+ ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
+ CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
+ LimitNPROC=10
+diff --git a/src/openvpn/init.c b/src/openvpn/init.c
+index 2ccbab2..7ab5c52 100644
+--- a/src/openvpn/init.c
++++ b/src/openvpn/init.c
+@@ -926,6 +926,13 @@ bool
+ possibly_become_daemon (const struct options *options)
+ {
+ bool ret = false;
++
++#ifdef ENABLE_SYSTEMD
++ /* return without forking if we are running from systemd */
++ if (sd_notify(0, "READY=0") > 0)
++ return ret;
++#endif
++
+ if (options->daemon)
+ {
+ ASSERT (!options->inetd);
+@@ -1251,10 +1258,16 @@ initialization_sequence_completed (struct context *c, const unsigned int flags)
+ show_adapters (M_INFO|M_NOPREFIX);
+ msg (M_INFO, "%s With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )", message);
+ #else
++#ifdef ENABLE_SYSTEMD
++ sd_notifyf(0, "STATUS=Failed to start up: %s With Errors\nERRNO=1", message);
++#endif /* HAVE_SYSTEMD_SD_DAEMON_H */
+ msg (M_INFO, "%s With Errors", message);
+ #endif
+ }
+ else
++#ifdef ENABLE_SYSTEMD
++ sd_notifyf(0, "READY=1\nSTATUS=%s\nMAINPID=%lu", message, (unsigned long) getpid());
++#endif
+ msg (M_INFO, "%s", message);
+
+ /* Flag that we initialized */
+diff --git a/src/openvpn/init.h b/src/openvpn/init.h
+index 524bc64..0518b06 100644
+--- a/src/openvpn/init.h
++++ b/src/openvpn/init.h
+@@ -27,6 +27,10 @@
+
+ #include "openvpn.h"
+
++#ifdef ENABLE_SYSTEMD
++#include <systemd/sd-daemon.h>
++#endif
++
+ /*
+ * Baseline maximum number of events
+ * to wait for.