[arch-commits] Commit in openvpn/trunk (PKGBUILD openvpn at .service)

Bartłomiej Piotrowski bpiotrowski at archlinux.org
Thu May 12 20:24:51 UTC 2016 

    Date: Thursday, May 12, 2016 @ 22:24:51
  Author: bpiotrowski
Revision: 267908

upgpkg: openvpn 2.3.11-1

new upstream release

Modified:
  openvpn/trunk/PKGBUILD
  openvpn/trunk/openvpn at .service

------------------+
 PKGBUILD         |   18 ++++++++++++------
 openvpn at .service |    7 ++++++-
 2 files changed, 18 insertions(+), 7 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2016-05-12 20:17:28 UTC (rev 267907)
+++ PKGBUILD	2016-05-12 20:24:51 UTC (rev 267908)
@@ -2,7 +2,7 @@
 # Maintainer: Thomas Bächler <thomas at archlinux.org>
 
 pkgname=openvpn
-pkgver=2.3.10
+pkgver=2.3.11
 pkgrel=1
 pkgdesc="An easy-to-use, robust, and highly configurable VPN (Virtual Private Network)"
 arch=(i686 x86_64)
@@ -11,12 +11,12 @@
 makedepends=('systemd')
 license=('custom')
 install=openvpn.install
-source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz
-        http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz.asc
+source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.xz
+        http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.xz.asc
         openvpn at .service)
-sha256sums=('f8b0b5b92e35bbca1db1a7e6b49e04639e45634e9accd460459b40b2c99ec8f6'
+sha256sums=('0f5f1ca1dc5743fa166d93dd4ec952f014b5f33bafd88f0ea34b455cae1434a7'
             'SKIP'
-            '860976d954bd1db95861b95f0ef42e4e80618aa23a9f2aed26d17ee3d09110df')
+            '47a4ee993f8aaa7370e9a84384fcfc993fd76aa4db11c46629b156d0c5fad49a')
 validpgpkeys=('03300E11FED16F59715F9996C29D97ED198D22A3')  # Samuli Seppänen
 
 build() {
@@ -27,24 +27,30 @@
     --enable-password-save \
     --mandir=/usr/share/man \
     --enable-iproute2 \
-    --enable-systemd
+    --enable-systemd \
+    --enable-x509-alt-username
   make
 }
 
 package() {
   cd "${srcdir}"/$pkgname-$pkgver
+
   # Install openvpn
   make DESTDIR="${pkgdir}" install
   install -d -m755 "${pkgdir}"/etc/openvpn
+
   # Install examples
   install -d -m755 "${pkgdir}"/usr/share/openvpn
   cp -r sample/sample-config-files "${pkgdir}"/usr/share/openvpn/examples
+
   # Install license
   install -d -m755 "${pkgdir}"/usr/share/licenses/${pkgname}/
   ln -sf /usr/share/doc/${pkgname}/{COPYING,COPYRIGHT.GPL} "${pkgdir}"/usr/share/licenses/${pkgname}/
+
   # Install contrib
   install -d -m755 "${pkgdir}"/usr/share/openvpn/contrib
   cp -r contrib "${pkgdir}"/usr/share/openvpn
+
   # Install systemd service
   install -D -m644 "${srcdir}"/openvpn at .service "${pkgdir}"/usr/lib/systemd/system/openvpn at .service
 }

Modified: openvpn at .service
===================================================================
--- openvpn at .service	2016-05-12 20:17:28 UTC (rev 267907)
+++ openvpn at .service	2016-05-12 20:24:51 UTC (rev 267908)
@@ -2,9 +2,14 @@
 Description=OpenVPN connection to %i
 
 [Service]
+PrivateTmp=true
 Type=forking
-ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid
+ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid --status-version 2
 PIDFile=/run/openvpn@%i.pid
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
+LimitNPROC=10
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
 
 [Install]
 WantedBy=multi-user.target

More information about the arch-commits mailing list