diff options
Diffstat (limited to '0002-systemd.patch')
-rw-r--r-- | 0002-systemd.patch | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/0002-systemd.patch b/0002-systemd.patch new file mode 100644 index 000000000000..210b305ab421 --- /dev/null +++ b/0002-systemd.patch @@ -0,0 +1,84 @@ +diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service +index 18b84dd..5618af3 100644 +--- a/distro/systemd/openvpn-client@.service ++++ b/distro/systemd/openvpn-client@.service +@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage + Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + + [Service] ++Type=notify + PrivateTmp=true + RuntimeDirectory=openvpn-client + RuntimeDirectoryMode=0710 + WorkingDirectory=/etc/openvpn/client +-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' + ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf + CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE + LimitNPROC=10 +diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service +index a2b7b52..b9b4dba 100644 +--- a/distro/systemd/openvpn-server@.service ++++ b/distro/systemd/openvpn-server@.service +@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage + Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + + [Service] ++Type=notify + PrivateTmp=true + RuntimeDirectory=openvpn-server + RuntimeDirectoryMode=0710 + WorkingDirectory=/etc/openvpn/server +-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' + ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf + CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE + LimitNPROC=10 +diff --git a/src/openvpn/init.c b/src/openvpn/init.c +index 2ccbab2..7ab5c52 100644 +--- a/src/openvpn/init.c ++++ b/src/openvpn/init.c +@@ -926,6 +926,13 @@ bool + possibly_become_daemon (const struct options *options) + { + bool ret = false; ++ ++#ifdef ENABLE_SYSTEMD ++ /* return without forking if we are running from systemd */ ++ if (sd_notify(0, "READY=0") > 0) ++ return ret; ++#endif ++ + if (options->daemon) + { + ASSERT (!options->inetd); +@@ -1251,10 +1258,16 @@ initialization_sequence_completed (struct context *c, const unsigned int flags) + show_adapters (M_INFO|M_NOPREFIX); + msg (M_INFO, "%s With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )", message); + #else ++#ifdef ENABLE_SYSTEMD ++ sd_notifyf(0, "STATUS=Failed to start up: %s With Errors\nERRNO=1", message); ++#endif /* HAVE_SYSTEMD_SD_DAEMON_H */ + msg (M_INFO, "%s With Errors", message); + #endif + } + else ++#ifdef ENABLE_SYSTEMD ++ sd_notifyf(0, "READY=1\nSTATUS=%s\nMAINPID=%lu", message, (unsigned long) getpid()); ++#endif + msg (M_INFO, "%s", message); + + /* Flag that we initialized */ +diff --git a/src/openvpn/init.h b/src/openvpn/init.h +index 524bc64..0518b06 100644 +--- a/src/openvpn/init.h ++++ b/src/openvpn/init.h +@@ -27,6 +27,10 @@ + + #include "openvpn.h" + ++#ifdef ENABLE_SYSTEMD ++#include <systemd/sd-daemon.h> ++#endif ++ + /* + * Baseline maximum number of events + * to wait for. |