diff options
-rw-r--r-- | .SRCINFO | 10 | ||||
-rw-r--r-- | 0001-plugin.patch | 46 | ||||
-rw-r--r-- | 0001-systemd.patch | 38 | ||||
-rw-r--r-- | 0002-systemd.patch | 84 | ||||
-rw-r--r-- | PKGBUILD | 15 |
5 files changed, 146 insertions, 47 deletions
@@ -1,8 +1,8 @@ # Generated by mksrcinfo v8 -# Sun Nov 27 12:44:01 UTC 2016 +# Thu Dec 1 11:21:01 UTC 2016 pkgbase = openvpn-git pkgdesc = An easy-to-use, robust and highly configurable VPN (Virtual Private Network) - git checkout - pkgver = 2.4.beta2.r0.g9bc2be7 + pkgver = 2.4.beta2.r11.gce91c18 pkgrel = 1 url = http://openvpn.net/index.php/open-source.html arch = i686 @@ -21,9 +21,11 @@ pkgbase = openvpn-git conflicts = openvpn conflicts = openvpn-dev source = git://git.code.sf.net/p/openvpn/openvpn - source = 0001-systemd.patch + source = 0001-plugin.patch + source = 0002-systemd.patch sha256sums = SKIP - sha256sums = 21d09aea89ab3c61239ab4f619ba5885bbd89a45424efb249b108877ed03529e + sha256sums = b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c + sha256sums = f7784be28282ad36a7f03140d828912506dfcc0babee08551b63b67bfa0074ea pkgname = openvpn-git diff --git a/0001-plugin.patch b/0001-plugin.patch new file mode 100644 index 000000000000..803c7c5510b1 --- /dev/null +++ b/0001-plugin.patch @@ -0,0 +1,46 @@ +diff --git a/configure.ac b/configure.ac +index f4073d0..5fe652e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -301,13 +301,12 @@ AC_ARG_WITH( + [with_crypto_library="openssl"] + ) + +-AC_ARG_WITH( +- [plugindir], +- [AS_HELP_STRING([--with-plugindir], [plugin directory @<:@default=LIBDIR/openvpn@:>@])], +- , +- [with_plugindir="\$(libdir)/openvpn/plugins"] +-) +- ++AC_ARG_VAR([PLUGINDIR], [Path of plug-in directory @<:@default=LIBDIR/openvpn/plugins@:>@]) ++if test -n "${PLUGINDIR}"; then ++ plugindir="${PLUGINDIR}" ++else ++ plugindir="\${libdir}/openvpn/plugins" ++fi + + AC_DEFINE_UNQUOTED([TARGET_ALIAS], ["${host}"], [A string representing our host]) + case "$host" in +@@ -1245,7 +1244,6 @@ AM_CONDITIONAL([ENABLE_PLUGIN_AUTH_PAM], [test "${enable_plugin_auth_pam}" = "ye + AM_CONDITIONAL([ENABLE_PLUGIN_DOWN_ROOT], [test "${enable_plugin_down_root}" = "yes"]) + AM_CONDITIONAL([ENABLE_CRYPTO], [test "${enable_crypto}" = "yes"]) + +-plugindir="${with_plugindir}" + sampledir="\$(docdir)/sample" + AC_SUBST([plugindir]) + AC_SUBST([sampledir]) +diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am +index 4c18449..188834a 100644 +--- a/src/openvpn/Makefile.am ++++ b/src/openvpn/Makefile.am +@@ -27,7 +27,8 @@ AM_CFLAGS = \ + $(OPTIONAL_CRYPTO_CFLAGS) \ + $(OPTIONAL_LZO_CFLAGS) \ + $(OPTIONAL_LZ4_CFLAGS) \ +- $(OPTIONAL_PKCS11_HELPER_CFLAGS) ++ $(OPTIONAL_PKCS11_HELPER_CFLAGS) \ ++ -DPLUGIN_LIBDIR=\"${plugindir}\" + if WIN32 + # we want unicode entry point but not the macro + AM_CFLAGS += -municode -UUNICODE diff --git a/0001-systemd.patch b/0001-systemd.patch deleted file mode 100644 index a82351e28eac..000000000000 --- a/0001-systemd.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service -index 18b84dd..92e04f8 100644 ---- a/distro/systemd/openvpn-client@.service -+++ b/distro/systemd/openvpn-client@.service -@@ -7,12 +7,9 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage - Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO - - [Service] -+Type=forking - PrivateTmp=true --RuntimeDirectory=openvpn-client --RuntimeDirectoryMode=0710 --WorkingDirectory=/etc/openvpn/client --ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' --ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf -+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/client --daemon openvpn-client@%i --suppress-timestamps --nobind --config %i.conf - CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE - LimitNPROC=10 - DeviceAllow=/dev/null rw -diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service -index a2b7b52..9dbfa43 100644 ---- a/distro/systemd/openvpn-server@.service -+++ b/distro/systemd/openvpn-server@.service -@@ -7,12 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage - Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO - - [Service] -+Type=forking - PrivateTmp=true - RuntimeDirectory=openvpn-server - RuntimeDirectoryMode=0710 --WorkingDirectory=/etc/openvpn/server --ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' --ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf -+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/server --daemon openvpn-server@%i --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf - CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE - LimitNPROC=10 - DeviceAllow=/dev/null rw diff --git a/0002-systemd.patch b/0002-systemd.patch new file mode 100644 index 000000000000..210b305ab421 --- /dev/null +++ b/0002-systemd.patch @@ -0,0 +1,84 @@ +diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service +index 18b84dd..5618af3 100644 +--- a/distro/systemd/openvpn-client@.service ++++ b/distro/systemd/openvpn-client@.service +@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage + Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + + [Service] ++Type=notify + PrivateTmp=true + RuntimeDirectory=openvpn-client + RuntimeDirectoryMode=0710 + WorkingDirectory=/etc/openvpn/client +-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' + ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf + CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE + LimitNPROC=10 +diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service +index a2b7b52..b9b4dba 100644 +--- a/distro/systemd/openvpn-server@.service ++++ b/distro/systemd/openvpn-server@.service +@@ -7,11 +7,11 @@ Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage + Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + + [Service] ++Type=notify + PrivateTmp=true + RuntimeDirectory=openvpn-server + RuntimeDirectoryMode=0710 + WorkingDirectory=/etc/openvpn/server +-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' + ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf + CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE + LimitNPROC=10 +diff --git a/src/openvpn/init.c b/src/openvpn/init.c +index 2ccbab2..7ab5c52 100644 +--- a/src/openvpn/init.c ++++ b/src/openvpn/init.c +@@ -926,6 +926,13 @@ bool + possibly_become_daemon (const struct options *options) + { + bool ret = false; ++ ++#ifdef ENABLE_SYSTEMD ++ /* return without forking if we are running from systemd */ ++ if (sd_notify(0, "READY=0") > 0) ++ return ret; ++#endif ++ + if (options->daemon) + { + ASSERT (!options->inetd); +@@ -1251,10 +1258,16 @@ initialization_sequence_completed (struct context *c, const unsigned int flags) + show_adapters (M_INFO|M_NOPREFIX); + msg (M_INFO, "%s With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )", message); + #else ++#ifdef ENABLE_SYSTEMD ++ sd_notifyf(0, "STATUS=Failed to start up: %s With Errors\nERRNO=1", message); ++#endif /* HAVE_SYSTEMD_SD_DAEMON_H */ + msg (M_INFO, "%s With Errors", message); + #endif + } + else ++#ifdef ENABLE_SYSTEMD ++ sd_notifyf(0, "READY=1\nSTATUS=%s\nMAINPID=%lu", message, (unsigned long) getpid()); ++#endif + msg (M_INFO, "%s", message); + + /* Flag that we initialized */ +diff --git a/src/openvpn/init.h b/src/openvpn/init.h +index 524bc64..0518b06 100644 +--- a/src/openvpn/init.h ++++ b/src/openvpn/init.h +@@ -27,6 +27,10 @@ + + #include "openvpn.h" + ++#ifdef ENABLE_SYSTEMD ++#include <systemd/sd-daemon.h> ++#endif ++ + /* + * Baseline maximum number of events + * to wait for. @@ -1,7 +1,7 @@ # Maintainer: Christian Hesse <mail@eworm.de> pkgname=openvpn-git -pkgver=2.4.beta2.r0.g9bc2be7 +pkgver=2.4.beta2.r11.gce91c18 pkgrel=1 pkgdesc='An easy-to-use, robust and highly configurable VPN (Virtual Private Network) - git checkout' arch=(i686 x86_64) @@ -14,9 +14,11 @@ provides=('openvpn=2.4.0' 'openvpn-dev') license=('custom') # for 2.3.x release branch use: git://git.code.sf.net/p/openvpn/openvpn#branch=release/2.3 source=('git://git.code.sf.net/p/openvpn/openvpn' - '0001-systemd.patch') + '0001-plugin.patch' + '0002-systemd.patch') sha256sums=('SKIP' - '21d09aea89ab3c61239ab4f619ba5885bbd89a45424efb249b108877ed03529e') + 'b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c' + 'f7784be28282ad36a7f03140d828912506dfcc0babee08551b63b67bfa0074ea') pkgver() { cd openvpn/ @@ -36,8 +38,11 @@ pkgver() { prepare() { cd openvpn/ - # modifications to upstream systemd units - patch -Np1 < "${srcdir}"/0001-systemd.patch + # plugin path + patch -Np1 < "${srcdir}"/0001-plugin.patch + + # modifications to upstream systemd integration + patch -Np1 < "${srcdir}"/0002-systemd.patch } build() { |