[arch-commits] Commit in openvpn/trunk (PKGBUILD openvpn at .service)
Bartłomiej Piotrowski
bpiotrowski at archlinux.org
Thu May 12 20:24:51 UTC 2016
Date: Thursday, May 12, 2016 @ 22:24:51
Author: bpiotrowski
Revision: 267908
upgpkg: openvpn 2.3.11-1
new upstream release
Modified:
openvpn/trunk/PKGBUILD
openvpn/trunk/openvpn at .service
------------------+
PKGBUILD | 18 ++++++++++++------
openvpn at .service | 7 ++++++-
2 files changed, 18 insertions(+), 7 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-05-12 20:17:28 UTC (rev 267907)
+++ PKGBUILD 2016-05-12 20:24:51 UTC (rev 267908)
@@ -2,7 +2,7 @@
# Maintainer: Thomas Bächler <thomas at archlinux.org>
pkgname=openvpn
-pkgver=2.3.10
+pkgver=2.3.11
pkgrel=1
pkgdesc="An easy-to-use, robust, and highly configurable VPN (Virtual Private Network)"
arch=(i686 x86_64)
@@ -11,12 +11,12 @@
makedepends=('systemd')
license=('custom')
install=openvpn.install
-source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz
- http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz.asc
+source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.xz
+ http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.xz.asc
openvpn at .service)
-sha256sums=('f8b0b5b92e35bbca1db1a7e6b49e04639e45634e9accd460459b40b2c99ec8f6'
+sha256sums=('0f5f1ca1dc5743fa166d93dd4ec952f014b5f33bafd88f0ea34b455cae1434a7'
'SKIP'
- '860976d954bd1db95861b95f0ef42e4e80618aa23a9f2aed26d17ee3d09110df')
+ '47a4ee993f8aaa7370e9a84384fcfc993fd76aa4db11c46629b156d0c5fad49a')
validpgpkeys=('03300E11FED16F59715F9996C29D97ED198D22A3') # Samuli Seppänen
build() {
@@ -27,24 +27,30 @@
--enable-password-save \
--mandir=/usr/share/man \
--enable-iproute2 \
- --enable-systemd
+ --enable-systemd \
+ --enable-x509-alt-username
make
}
package() {
cd "${srcdir}"/$pkgname-$pkgver
+
# Install openvpn
make DESTDIR="${pkgdir}" install
install -d -m755 "${pkgdir}"/etc/openvpn
+
# Install examples
install -d -m755 "${pkgdir}"/usr/share/openvpn
cp -r sample/sample-config-files "${pkgdir}"/usr/share/openvpn/examples
+
# Install license
install -d -m755 "${pkgdir}"/usr/share/licenses/${pkgname}/
ln -sf /usr/share/doc/${pkgname}/{COPYING,COPYRIGHT.GPL} "${pkgdir}"/usr/share/licenses/${pkgname}/
+
# Install contrib
install -d -m755 "${pkgdir}"/usr/share/openvpn/contrib
cp -r contrib "${pkgdir}"/usr/share/openvpn
+
# Install systemd service
install -D -m644 "${srcdir}"/openvpn at .service "${pkgdir}"/usr/lib/systemd/system/openvpn at .service
}
Modified: openvpn at .service
===================================================================
--- openvpn at .service 2016-05-12 20:17:28 UTC (rev 267907)
+++ openvpn at .service 2016-05-12 20:24:51 UTC (rev 267908)
@@ -2,9 +2,14 @@
Description=OpenVPN connection to %i
[Service]
+PrivateTmp=true
Type=forking
-ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid
+ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid --status-version 2
PIDFile=/run/openvpn@%i.pid
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
+LimitNPROC=10
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
[Install]
WantedBy=multi-user.target
More information about the arch-commits
mailing list