[arch-dev-public] Preparing OpenVPN 2.4.x - possible incompatible changes

Giancarlo Razzolini grazzolini at archlinux.org
Fri Dec 2 13:52:53 UTC 2016


Em dezembro 2, 2016 10:50 Christian Hesse escreveu:
> 
> The task [0] is still open und unfixed. I doubt a patch for this will make it
> into final 2.4...

Yeah. I reduced the password to 128 chars and moved on. Their internal discussion
on how to approach this is pointless imho.

> 
> Wondering if this is possible without hard coded interface names... You would
> have to use %i in openvpn-unprivileged at .service:
> 
> ExecStartPre=-/usr/bin/openvpn --rmtun --dev %i
> ExecStartPre=/usr/bin/openvpn --mktun %i ...
> ExecStart=/usr/bin/openvpn --config %i.conf --dev %i ...
> 
> However... You should base your work on the new upstream systemd units.
> 

Well, that would require calling the file with the same name as the interface
being used, but it would definetely work. Since we now have a run dir, all that
would be needed is this "unprivileged" systemd unit. I think the need for an
unprivileged iproute could be easily addressed by the user itself, manually.

Cheers,
Giancarlo Razzolini
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 870 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20161202/8a37f4f1/attachment.asc>


More information about the arch-dev-public mailing list