summarylogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.SRCINFO8
-rw-r--r--0001-unprivileged.patch12
-rw-r--r--PKGBUILD6
3 files changed, 13 insertions, 13 deletions
diff --git a/.SRCINFO b/.SRCINFO
index a6292e4c3fa7..96f3340ecfda 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
pkgbase = openvpn-mbedtls
pkgdesc = An easy-to-use, robust and highly configurable VPN (Virtual Private Network), linked against the mbedtls library for crypto support.
- pkgver = 2.5.8
+ pkgver = 2.6.0
pkgrel = 1
url = https://openvpn.net/index.php/open-source.html
install = openvpn.install
@@ -19,16 +19,16 @@ pkgbase = openvpn-mbedtls
depends = mbedtls
optdepends = easy-rsa: easy CA and certificate handling
optdepends = pam: authenticate via PAM
- provides = openvpn=2.5.8
+ provides = openvpn=2.6.0
conflicts = openvpn
- source = git+https://github.com/OpenVPN/openvpn.git#tag=9c08cfacc470152e8ac2a774713c6fc1d8683e27?signed
+ source = git+https://github.com/OpenVPN/openvpn.git#tag=942bc8b43367e97fbc5efb53a8780eac4e09863c?signed
source = 0001-unprivileged.patch
source = sysusers.conf
source = tmpfiles.conf
validpgpkeys = F554A3687412CFFEBDEFE0A312F5F7B42F2B01E7
validpgpkeys = B62E6A2B4E56570B7BDC6BE01D829EFECA562812
sha256sums = SKIP
- sha256sums = 8e7d292514f30729bc37d6681789b1bfdf87a992a3aa77e2a28b8da9cd8d4bfe
+ sha256sums = 77874824d96c1fd6c14259a6ea16232ae574dda3d5adba1798ccd6c93694846c
sha256sums = 3646b865ac67783fafc6652589cfe2a3105ecef06f3907f33de5135815f6a621
sha256sums = b1436f953a4f1be7083711d11928a9924993f940ff56ff92d288d6100df673fc
diff --git a/0001-unprivileged.patch b/0001-unprivileged.patch
index b33de3461cb1..aa0e37b656d3 100644
--- a/0001-unprivileged.patch
+++ b/0001-unprivileged.patch
@@ -1,5 +1,5 @@
diff --git a/distro/systemd/openvpn-client@.service.in b/distro/systemd/openvpn-client@.service.in
-index cbcef653..71aa1335 100644
+index 159fb4dc..2277a7d9 100644
--- a/distro/systemd/openvpn-client@.service.in
+++ b/distro/systemd/openvpn-client@.service.in
@@ -11,6 +11,9 @@ Type=notify
@@ -8,12 +8,12 @@ index cbcef653..71aa1335 100644
ExecStart=@sbindir@/openvpn --suppress-timestamps --nobind --config %i.conf
+User=openvpn
+Group=network
-+AmbientCapabilities=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
- CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
++AmbientCapabilities=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOT CAP_DAC_OVERRIDE
+ CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOT CAP_DAC_OVERRIDE
LimitNPROC=10
DeviceAllow=/dev/null rw
diff --git a/distro/systemd/openvpn-server@.service.in b/distro/systemd/openvpn-server@.service.in
-index d1cc72cb..691f369e 100644
+index 6e8e7d94..b2814e4b 100644
--- a/distro/systemd/openvpn-server@.service.in
+++ b/distro/systemd/openvpn-server@.service.in
@@ -11,6 +11,9 @@ Type=notify
@@ -22,7 +22,7 @@ index d1cc72cb..691f369e 100644
ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
+User=openvpn
+Group=network
-+AmbientCapabilities=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
- CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
++AmbientCapabilities=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
+ CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
LimitNPROC=10
DeviceAllow=/dev/null rw
diff --git a/PKGBUILD b/PKGBUILD
index 6500dcc997a2..fdbd8673b915 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -2,10 +2,10 @@
# Contributer: Christian Hesse <mail@eworm.de>
pkgname=openvpn-mbedtls
-_tag='9c08cfacc470152e8ac2a774713c6fc1d8683e27' # git rev-parse v${pkgver}
+_tag='942bc8b43367e97fbc5efb53a8780eac4e09863c' # git rev-parse v${pkgver}
_pkgname=openvpn
crypto_library=mbedtls
-pkgver=2.5.8
+pkgver=2.6.0
pkgrel=1
pkgdesc="An easy-to-use, robust and highly configurable VPN (Virtual Private Network), linked against the ${crypto_library} library for crypto support."
arch=('x86_64' 'armv7h' 'aarch64')
@@ -25,7 +25,7 @@ source=("git+https://github.com/OpenVPN/openvpn.git#tag=${_tag}?signed"
'sysusers.conf'
'tmpfiles.conf')
sha256sums=('SKIP'
- '8e7d292514f30729bc37d6681789b1bfdf87a992a3aa77e2a28b8da9cd8d4bfe'
+ '77874824d96c1fd6c14259a6ea16232ae574dda3d5adba1798ccd6c93694846c'
'3646b865ac67783fafc6652589cfe2a3105ecef06f3907f33de5135815f6a621'
'b1436f953a4f1be7083711d11928a9924993f940ff56ff92d288d6100df673fc')