[arch-dev-public] Preparing OpenVPN 2.4.x - possible incompatible changes

Christian Hesse list at eworm.de
Fri Dec 2 12:50:22 UTC 2016

Giancarlo Razzolini <grazzolini at archlinux.org> on Fri, 2016/12/02 12:33:
> Em dezembro 2, 2016 10:25 Christian Hesse escreveu:
> > Giancarlo Razzolini <grazzolini at archlinux.org> on Tue, 2016/11/29 17:00:
> > 
> > Sure I do. :-p
> > 
> > But as the cause is known now... Why not just set a password with a
> > maximum length of 128 chars?  
> Been doing that for a while now. In fact, Maxime, from PIA, told me they'd
> change their maximum password size to 128. I've been following the
> discussion on the OpenVPN list and it seems they didn't yet reached a
> conclusion. So, 2.4.0, will probably not have this fix yet (if they will do
> any fix).

The task [0] is still open und unfixed. I doubt a patch for this will make it
into final 2.4...

> And I'll make time to improve our wiki regarding running OpenVPN entirely
> unprivileged.

Wondering if this is possible without hard coded interface names... You would
have to use %i in openvpn-unprivileged at .service:

ExecStartPre=-/usr/bin/openvpn --rmtun --dev %i
ExecStartPre=/usr/bin/openvpn --mktun %i ...
ExecStart=/usr/bin/openvpn --config %i.conf --dev %i ...

However... You should base your work on the new upstream systemd units.

[0] https://community.openvpn.net/openvpn/ticket/712
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=0;b=c[a++];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20161202/5d14c4ad/attachment-0001.asc>

More information about the arch-dev-public mailing list