summarylogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.SRCINFO10
-rw-r--r--0001-plugin.patch46
-rw-r--r--0001-systemd.patch38
-rw-r--r--0002-systemd.patch84
-rw-r--r--PKGBUILD15
5 files changed, 146 insertions, 47 deletions
diff --git a/.SRCINFO b/.SRCINFO
index e48c6799bab8..ee30956cd876 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,8 +1,8 @@
# Generated by mksrcinfo v8
-# Sun Nov 27 12:44:01 UTC 2016
+# Thu Dec 1 11:21:01 UTC 2016
pkgbase = openvpn-git
pkgdesc = An easy-to-use, robust and highly configurable VPN (Virtual Private Network) - git checkout
- pkgver = 2.4.beta2.r0.g9bc2be7
+ pkgver = 2.4.beta2.r11.gce91c18
pkgrel = 1
url = http://openvpn.net/index.php/open-source.html
arch = i686
@@ -21,9 +21,11 @@ pkgbase = openvpn-git
conflicts = openvpn
conflicts = openvpn-dev
source = git://git.code.sf.net/p/openvpn/openvpn
- source = 0001-systemd.patch
+ source = 0001-plugin.patch
+ source = 0002-systemd.patch
sha256sums = SKIP
- sha256sums = 21d09aea89ab3c61239ab4f619ba5885bbd89a45424efb249b108877ed03529e
+ sha256sums = b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c
+ sha256sums = f7784be28282ad36a7f03140d828912506dfcc0babee08551b63b67bfa0074ea
pkgname = openvpn-git
diff --git a/0001-plugin.patch b/0001-plugin.patch
new file mode 100644
index 000000000000..803c7c5510b1
--- /dev/null
+++ b/0001-plugin.patch
@@ -0,0 +1,46 @@
+diff --git a/configure.ac b/configure.ac
+index f4073d0..5fe652e 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -301,13 +301,12 @@ AC_ARG_WITH(
+ [with_crypto_library="openssl"]
+ )
+
+-AC_ARG_WITH(
+- [plugindir],
+- [AS_HELP_STRING([--with-plugindir], [plugin directory @<:@default=LIBDIR/openvpn@:>@])],
+- ,
+- [with_plugindir="\$(libdir)/openvpn/plugins"]
+-)
+-
++AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@])
++if test -n "${PLUGINDIR}"; then
++ plugindir="${PLUGINDIR}"
++else
++ plugindir="\${libdir}/openvpn/plugins"
++fi
+
+ AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host])
+ case "$host" in
+@@ -1245,7 +1244,6 @@ AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "ye
+ AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"])
+ AM_CONDITIONAL([ENABLE_CRYPTO], [test "${enable_crypto}" = "yes"])
+
+-plugindir="${with_plugindir}"
+ sampledir="\$(docdir)/sample"
+ AC_SUBST([plugindir])
+ AC_SUBST([sampledir])
+diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am
+index 4c18449..188834a 100644
+--- a/src/openvpn/Makefile.am
++++ b/src/openvpn/Makefile.am
+@@ -27,7 +27,8 @@ AM_CFLAGS = \
+ $(OPTIONAL_CRYPTO_CFLAGS) \
+ $(OPTIONAL_LZO_CFLAGS) \
+ $(OPTIONAL_LZ4_CFLAGS) \
+- $(OPTIONAL_PKCS11_HELPER_CFLAGS)
++ $(OPTIONAL_PKCS11_HELPER_CFLAGS) \
++ -DPLUGIN_LIBDIR=\"${plugindir}\"
+ if WIN32
+ # we want unicode entry point but not the macro
+ AM_CFLAGS += -municode -UUNICODE
diff --git a/0001-systemd.patch b/0001-systemd.patch
deleted file mode 100644
index a82351e28eac..000000000000
--- a/0001-systemd.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service
-index 18b84dd..92e04f8 100644
---- a/distro/systemd/openvpn-client@.service
-+++ b/distro/systemd/openvpn-client@.service
-@@ -7,12 +7,9 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
- Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
-
- [Service]
-+Type=forking
- PrivateTmp=true
--RuntimeDirectory=openvpn-client
--RuntimeDirectoryMode=0710
--WorkingDirectory=/etc/openvpn/client
--ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
--ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
-+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/client --daemon openvpn-client@%i --suppress-timestamps --nobind --config %i.conf
- CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
- LimitNPROC=10
- DeviceAllow=/dev/null rw
-diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service
-index a2b7b52..9dbfa43 100644
---- a/distro/systemd/openvpn-server@.service
-+++ b/distro/systemd/openvpn-server@.service
-@@ -7,12 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
- Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
-
- [Service]
-+Type=forking
- PrivateTmp=true
- RuntimeDirectory=openvpn-server
- RuntimeDirectoryMode=0710
--WorkingDirectory=/etc/openvpn/server
--ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
--ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
-+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/server --daemon openvpn-server@%i --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
- CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
- LimitNPROC=10
- DeviceAllow=/dev/null rw
diff --git a/0002-systemd.patch b/0002-systemd.patch
new file mode 100644
index 000000000000..210b305ab421
--- /dev/null
+++ b/0002-systemd.patch
@@ -0,0 +1,84 @@
+diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service
+index 18b84dd..5618af3 100644
+--- a/distro/systemd/openvpn-client@.service
++++ b/distro/systemd/openvpn-client@.service
+@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+ [Service]
++Type=notify
+ PrivateTmp=true
+ RuntimeDirectory=openvpn-client
+ RuntimeDirectoryMode=0710
+ WorkingDirectory=/etc/openvpn/client
+-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
+ ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
+ CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
+ LimitNPROC=10
+diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service
+index a2b7b52..b9b4dba 100644
+--- a/distro/systemd/openvpn-server@.service
++++ b/distro/systemd/openvpn-server@.service
+@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+ [Service]
++Type=notify
+ PrivateTmp=true
+ RuntimeDirectory=openvpn-server
+ RuntimeDirectoryMode=0710
+ WorkingDirectory=/etc/openvpn/server
+-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
+ ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
+ CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
+ LimitNPROC=10
+diff --git a/src/openvpn/init.c b/src/openvpn/init.c
+index 2ccbab2..7ab5c52 100644
+--- a/src/openvpn/init.c
++++ b/src/openvpn/init.c
+@@ -926,6 +926,13 @@ bool
+ possibly_become_daemon (const struct options *options)
+ {
+ bool ret = false;
++
++#ifdef ENABLE_SYSTEMD
++ /* return without forking if we are running from systemd */
++ if (sd_notify(0, "READY=0") > 0)
++ return ret;
++#endif
++
+ if (options->daemon)
+ {
+ ASSERT (!options->inetd);
+@@ -1251,10 +1258,16 @@ initialization_sequence_completed (struct context *c, const unsigned int flags)
+ show_adapters (M_INFO|M_NOPREFIX);
+ msg (M_INFO, "%s With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )", message);
+ #else
++#ifdef ENABLE_SYSTEMD
++ sd_notifyf(0, "STATUS=Failed to start up: %s With Errors\nERRNO=1", message);
++#endif /* HAVE_SYSTEMD_SD_DAEMON_H */
+ msg (M_INFO, "%s With Errors", message);
+ #endif
+ }
+ else
++#ifdef ENABLE_SYSTEMD
++ sd_notifyf(0, "READY=1\nSTATUS=%s\nMAINPID=%lu", message, (unsigned long) getpid());
++#endif
+ msg (M_INFO, "%s", message);
+
+ /* Flag that we initialized */
+diff --git a/src/openvpn/init.h b/src/openvpn/init.h
+index 524bc64..0518b06 100644
+--- a/src/openvpn/init.h
++++ b/src/openvpn/init.h
+@@ -27,6 +27,10 @@
+
+ #include "openvpn.h"
+
++#ifdef ENABLE_SYSTEMD
++#include <systemd/sd-daemon.h>
++#endif
++
+ /*
+ * Baseline maximum number of events
+ * to wait for.
diff --git a/PKGBUILD b/PKGBUILD
index 914a2ce8ce5d..7b84afb83f9b 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,7 +1,7 @@
# Maintainer: Christian Hesse <mail@eworm.de>
pkgname=openvpn-git
-pkgver=2.4.beta2.r0.g9bc2be7
+pkgver=2.4.beta2.r11.gce91c18
pkgrel=1
pkgdesc='An easy-to-use, robust and highly configurable VPN (Virtual Private Network) - git checkout'
arch=(i686 x86_64)
@@ -14,9 +14,11 @@ provides=('openvpn=2.4.0' 'openvpn-dev')
license=('custom')
# for 2.3.x release branch use: git://git.code.sf.net/p/openvpn/openvpn#branch=release/2.3
source=('git://git.code.sf.net/p/openvpn/openvpn'
- '0001-systemd.patch')
+ '0001-plugin.patch'
+ '0002-systemd.patch')
sha256sums=('SKIP'
- '21d09aea89ab3c61239ab4f619ba5885bbd89a45424efb249b108877ed03529e')
+ 'b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c'
+ 'f7784be28282ad36a7f03140d828912506dfcc0babee08551b63b67bfa0074ea')
pkgver() {
cd openvpn/
@@ -36,8 +38,11 @@ pkgver() {
prepare() {
cd openvpn/
- # modifications to upstream systemd units
- patch -Np1 < "${srcdir}"/0001-systemd.patch
+ # plugin path
+ patch -Np1 < "${srcdir}"/0001-plugin.patch
+
+ # modifications to upstream systemd integration
+ patch -Np1 < "${srcdir}"/0002-systemd.patch
}
build() {