[arch-dev-public] Preparing OpenVPN 2.4.x - possible incompatible changes

Christian Hesse list at eworm.de
Fri Dec 2 14:08:57 UTC 2016

Giancarlo Razzolini <grazzolini at archlinux.org> on Fri, 2016/12/02 13:52:
> Em dezembro 2, 2016 10:50 Christian Hesse escreveu:
> > Wondering if this is possible without hard coded interface names... You
> > would have to use %i in openvpn-unprivileged at .service:
> > 
> > ExecStartPre=-/usr/bin/openvpn --rmtun --dev %i
> > ExecStartPre=/usr/bin/openvpn --mktun %i ...
> > ExecStart=/usr/bin/openvpn --config %i.conf --dev %i ...
> > 
> > However... You should base your work on the new upstream systemd units.
> Well, that would require calling the file with the same name as the
> interface being used, but it would definetely work. Since we now have a run
> dir, all that would be needed is this "unprivileged" systemd unit. I think
> the need for an unprivileged iproute could be easily addressed by the user
> itself, manually.

Well, you could provide a sudoers file, a wrapper with 'sudo /usr/bin/ip $@'
and add '--iproute /path/to/wrapper' in your unit file.
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=0;b=c[a++];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20161202/7d5d2f3c/attachment.asc>

More information about the arch-dev-public mailing list