diff options
| -rw-r--r-- | .SRCINFO | 6 | ||||
| -rw-r--r-- | 0002-do-not-race-on-RuntimeDirectory.patch | 50 | ||||
| -rw-r--r-- | PKGBUILD | 15 |
3 files changed, 64 insertions, 7 deletions
@@ -1,9 +1,9 @@ # Generated by mksrcinfo v8 -# Fri Dec 16 13:12:52 UTC 2016 +# Fri Dec 16 21:42:58 UTC 2016 pkgbase = openvpn-git pkgdesc = An easy-to-use, robust and highly configurable VPN (Virtual Private Network) - git checkout pkgver = 2.4.rc2.r0.ga5ae0138 - pkgrel = 1 + pkgrel = 2 url = http://openvpn.net/index.php/open-source.html arch = i686 arch = x86_64 @@ -22,8 +22,10 @@ pkgbase = openvpn-git conflicts = openvpn-dev source = git://github.com/OpenVPN/openvpn.git source = 0001-plugin.patch + source = 0002-do-not-race-on-RuntimeDirectory.patch sha256sums = SKIP sha256sums = b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c + sha256sums = 6cc4863a9e7d43f2ff79141dce53aa92fd5e9c395434b6838c81b57ea45d4fc4 pkgname = openvpn-git diff --git a/0002-do-not-race-on-RuntimeDirectory.patch b/0002-do-not-race-on-RuntimeDirectory.patch new file mode 100644 index 000000000000..7e4783e62dca --- /dev/null +++ b/0002-do-not-race-on-RuntimeDirectory.patch @@ -0,0 +1,50 @@ +From 0f91d8cb9aa7102fedfb1ff524b945fde83817f8 Mon Sep 17 00:00:00 2001 +From: Christian Hesse <mail@eworm.de> +Date: Fri, 16 Dec 2016 16:53:47 +0100 +Subject: [PATCH 1/1] do not race on RuntimeDirectory + +Different unit instances create and destroy the same RuntimeDirectory. +This leads to running instances where the status file (and possibly +more runtime data) is no longer accessible. + +So create a RuntimeDirectory per instance. + +Signed-off-by: Christian Hesse <mail@eworm.de> +--- + distro/systemd/openvpn-client@.service | 2 +- + distro/systemd/openvpn-server@.service | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service +index 5618af3..fcb5302 100644 +--- a/distro/systemd/openvpn-client@.service ++++ b/distro/systemd/openvpn-client@.service +@@ -9,7 +9,7 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + [Service] + Type=notify + PrivateTmp=true +-RuntimeDirectory=openvpn-client ++RuntimeDirectory=openvpn-client@%i + RuntimeDirectoryMode=0710 + WorkingDirectory=/etc/openvpn/client + ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf +diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service +index b9b4dba..8b240cf 100644 +--- a/distro/systemd/openvpn-server@.service ++++ b/distro/systemd/openvpn-server@.service +@@ -9,10 +9,10 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + [Service] + Type=notify + PrivateTmp=true +-RuntimeDirectory=openvpn-server ++RuntimeDirectory=openvpn-server@%i + RuntimeDirectoryMode=0710 + WorkingDirectory=/etc/openvpn/server +-ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf ++ExecStart=/usr/sbin/openvpn --status %t/openvpn-server@%i/status.log --status-version 2 --suppress-timestamps --config %i.conf + CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE + LimitNPROC=10 + DeviceAllow=/dev/null rw +-- +2.11.0 + @@ -2,9 +2,9 @@ pkgname=openvpn-git pkgver=2.4.rc2.r0.ga5ae0138 -pkgrel=1 +pkgrel=2 pkgdesc='An easy-to-use, robust and highly configurable VPN (Virtual Private Network) - git checkout' -arch=(i686 x86_64) +arch=('i686' 'x86_64') url='http://openvpn.net/index.php/open-source.html' depends=('openssl' 'lzo' 'iproute2' 'libsystemd' 'pkcs11-helper') optdepends=('easy-rsa: easy CA and certificate handling') @@ -12,11 +12,13 @@ makedepends=('git' 'systemd') conflicts=('openvpn' 'openvpn-dev') provides=('openvpn=2.4.0' 'openvpn-dev') license=('custom') -# for 2.3.x release branch append: #branch=release/2.3 +# for 2.4.x release branch append: #branch=release/2.4 source=('git://github.com/OpenVPN/openvpn.git' - '0001-plugin.patch') + '0001-plugin.patch' + '0002-do-not-race-on-RuntimeDirectory.patch') sha256sums=('SKIP' - 'b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c') + 'b8254067b4ef5d157d87267a76938d86f101972303c7ff20131cc9f28659a30c' + '6cc4863a9e7d43f2ff79141dce53aa92fd5e9c395434b6838c81b57ea45d4fc4') pkgver() { cd openvpn/ @@ -39,6 +41,9 @@ prepare() { # plugin path patch -Np1 < "${srcdir}"/0001-plugin.patch + # do not race on RuntimeDirectory + patch -Np1 < "${srcdir}"/0002-do-not-race-on-RuntimeDirectory.patch + # regenerate configure script autoreconf -vi } |