diff -urN smeserver-openvpn-s2s-0.2.old/createlinks smeserver-openvpn-s2s-0.2/createlinks --- smeserver-openvpn-s2s-0.2.old/createlinks 2013-11-11 17:33:06.000000000 +0000 +++ smeserver-openvpn-s2s-0.2/createlinks 2021-02-05 12:15:06.887220117 +0000 @@ -5,9 +5,9 @@ safe_symlink("restart", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/openvpn-s2s"); safe_symlink("adjust", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/masq"); -service_link_enhanced("openvpn-s2s", "S80", "7"); -service_link_enhanced("openvpn-s2s", "K25", "6"); -service_link_enhanced("openvpn-s2s", "K25", "0"); +#service_link_enhanced("openvpn-s2s", "S80", "7"); +#service_link_enhanced("openvpn-s2s", "K25", "6"); +#service_link_enhanced("openvpn-s2s", "K25", "0"); event_link("openvpn-s2s-delete-networks", "openvpn-s2s-update", "10"); event_link("openvpn-s2s-genconf", "openvpn-s2s-update", "20"); @@ -20,3 +20,26 @@ panel_link("openvpns2s", 'manager'); +# our event specific for updating with yum without reboot +$event = "smeserver-openvpn-s2s-update"; +#add here the path to your templates needed to expand +#see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event + +foreach my $file (qw( + /etc/systemd/system-preset/49-koozali.preset + /etc/rc.d/init.d/masq + /etc/crontab + +)) +{ + templates2events( $file, $event ); +} + +#action needed in case we have a systemd unit +event_link("systemd-default", $event, "10"); +event_link("systemd-reload", $event, "50"); + +#action specific to this package +event_link("openvpn-s2s-update", $event, "60"); +#services we need to restart +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/openvpn-s2s"); diff -urN smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s --- smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100 +++ smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s 1970-01-01 01:00:00.000000000 +0100 @@ -1,264 +0,0 @@ -#!/bin/sh -# -# openvpn This shell script takes care of starting and stopping -# openvpn on RedHat or other chkconfig-based system. -# -# chkconfig: - 24 76 -# -# processname: openvpn -# description: OpenVPN is a robust and highly flexible tunneling \ -# application that uses all of the encryption, \ -# authentication, and certification features of the OpenSSL \ -# library to securely tunnel IP networks over a single UDP \ -# port. -# - -### BEGIN INIT INFO -# Provides: openvpn -# Required-Start: $network -# Required-Stop: $network -# Short-Description: start and stop openvpn -# Description: OpenVPN is a robust and highly flexible tunneling \ -# application that uses all of the encryption, \ -# authentication, and certification features of the OpenSSL \ -# library to securely tunnel IP networks over a single UDP \ -# port. -### END INIT INFO - - -# Contributed to the OpenVPN project by -# Douglas Keller -# 2002.05.15 - -# To install: -# copy this file to /etc/rc.d/init.d/openvpn -# shell> chkconfig --add openvpn -# shell> mkdir /etc/openvpn -# make .conf or .sh files in /etc/openvpn (see below) - -# To uninstall: -# run: chkconfig --del openvpn - -# Author's Notes: -# -# I have created an /etc/init.d init script and enhanced openvpn.spec to -# automatically register the init script. Once the RPM is installed you -# can start and stop OpenVPN with "service openvpn start" and "service -# openvpn stop". -# -# The init script does the following: -# -# - Starts an openvpn process for each .conf file it finds in -# /etc/openvpn. -# -# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes -# it before starting openvpn (useful for doing openvpn --mktun...). -# -# - In addition to start/stop you can do: -# -# service openvpn reload - SIGHUP -# service openvpn reopen - SIGUSR1 -# service openvpn status - SIGUSR2 -# -# Modifications: -# -# 2003.05.02 -# * Changed == to = for sh compliance (Bishop Clark). -# * If condrestart|reload|reopen|status, check that we were -# actually started (James Yonan). -# * Added lock, piddir, and work variables (James Yonan). -# * If start is attempted twice, without an intervening stop, or -# if start is attempted when previous start was not properly -# shut down, then kill any previously started processes, before -# commencing new start operation (James Yonan). -# * Do a better job of flagging errors on start, and properly -# returning success or failure status to caller (James Yonan). -# -# 2005.04.04 -# * Added openvpn-startup and openvpn-shutdown script calls -# (James Yonan). -# - -# Location of openvpn binary -openvpn="" -openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn" -for location in $openvpn_locations -do - if [ -f "$location" ] - then - openvpn=$location - fi -done - -# Lockfile -lock="/var/lock/subsys/openvpn-s2s" - -# PID directory -piddir="/var/run/openvpn-s2s" - -# Our working directory -work=/etc/openvpn/s2s - -# Source function library. -. /etc/rc.d/init.d/functions - -# Source networking configuration. -. /etc/sysconfig/network - -# Check that networking is up. -if [ ${NETWORKING} = "no" ] -then - echo "Networking is down" - exit 0 -fi - -# Check that binary exists -if ! [ -f $openvpn ] -then - echo "openvpn binary not found" - exit 0 -fi - -# See how we were called. -case "$1" in - start) - echo -n $"Starting openvpn-s2s: " - - /sbin/modprobe tun >/dev/null 2>&1 - - # From a security perspective, I think it makes - # sense to remove this, and have users who need - # it explictly enable in their --up scripts or - # firewall setups. - - echo 1 > /proc/sys/net/ipv4/ip_forward - - # Run startup script, if defined - if [ -f $work/openvpn-startup ]; then - $work/openvpn-startup - fi - - if [ ! -d $piddir ]; then - mkdir $piddir - fi - - if [ -f $lock ]; then - # we were not shut down correctly - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do - if [ -s $pidf ]; then - kill `cat $pidf` >/dev/null 2>&1 - fi - rm -f $pidf - done - rm -f $lock - sleep 2 - fi - - rm -f $piddir/*.pid - cd $work - - # Start every .conf in $work and run .sh if exists - errors=0 - successes=0 - for c in `/bin/ls *.conf 2>/dev/null`; do - bn=${c%%.conf} - if [ -f "$bn.sh" ]; then - . ./$bn.sh - fi - rm -f $piddir/$bn.pid - # Handle backward compatibility, see Red Hat Bugzilla ID #458594 - script_security='' - if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then - script_security="--script-security 2" - fi - $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security - if [ $? = 0 ]; then - successes=1 - else - errors=1 - fi - done - - if [ $errors = 1 ]; then - failure; echo - else - success; echo - fi - - if [ $successes = 1 ]; then - touch $lock - fi - ;; - stop) - echo -n $"Shutting down openvpn: " - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do - if [ -s $pidf ]; then - kill `cat $pidf` >/dev/null 2>&1 - fi - rm -f $pidf - done - - # Run shutdown script, if defined - if [ -f $work/openvpn-shutdown ]; then - $work/openvpn-shutdown - fi - - success; echo - rm -f $lock - ;; - restart) - $0 stop - sleep 2 - $0 start - ;; - reload) - if [ -f $lock ]; then - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do - if [ -s $pidf ]; then - kill -HUP `cat $pidf` >/dev/null 2>&1 - fi - done - else - echo "openvpn: service not started" - exit 1 - fi - ;; - reopen) - if [ -f $lock ]; then - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do - if [ -s $pidf ]; then - kill -USR1 `cat $pidf` >/dev/null 2>&1 - fi - done - else - echo "openvpn: service not started" - exit 1 - fi - ;; - condrestart) - if [ -f $lock ]; then - $0 stop - # avoid race - sleep 2 - $0 start - fi - ;; - status) - if [ -f $lock ]; then - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do - if [ -s $pidf ]; then - kill -USR2 `cat $pidf` >/dev/null 2>&1 - fi - done - echo "Status written to /var/log/messages" - else - echo "openvpn: service not started" - exit 1 - fi - ;; - *) - echo "Usage: $0 {start|stop|restart|condrestart|reload|reopen|status}" - exit 1 - ;; -esac -exit 0 diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service --- smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service 1970-01-01 01:00:00.000000000 +0100 +++ smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service 2021-02-05 11:30:28.759674345 +0000 @@ -0,0 +1,10 @@ +[Unit] +Description=OpenVPN Server to Server +After=network.service +[Service] +Type=forking +ExecStart=/usr/sbin/systemd/openvpn-s2s start +ExecStop=/usr/sbin/systemd/openvpn-s2s stop +[Install] +WantedBy=sme-server.target + diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s --- smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s 1970-01-01 01:00:00.000000000 +0100 +++ smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100 @@ -0,0 +1,264 @@ +#!/bin/sh +# +# openvpn This shell script takes care of starting and stopping +# openvpn on RedHat or other chkconfig-based system. +# +# chkconfig: - 24 76 +# +# processname: openvpn +# description: OpenVPN is a robust and highly flexible tunneling \ +# application that uses all of the encryption, \ +# authentication, and certification features of the OpenSSL \ +# library to securely tunnel IP networks over a single UDP \ +# port. +# + +### BEGIN INIT INFO +# Provides: openvpn +# Required-Start: $network +# Required-Stop: $network +# Short-Description: start and stop openvpn +# Description: OpenVPN is a robust and highly flexible tunneling \ +# application that uses all of the encryption, \ +# authentication, and certification features of the OpenSSL \ +# library to securely tunnel IP networks over a single UDP \ +# port. +### END INIT INFO + + +# Contributed to the OpenVPN project by +# Douglas Keller +# 2002.05.15 + +# To install: +# copy this file to /etc/rc.d/init.d/openvpn +# shell> chkconfig --add openvpn +# shell> mkdir /etc/openvpn +# make .conf or .sh files in /etc/openvpn (see below) + +# To uninstall: +# run: chkconfig --del openvpn + +# Author's Notes: +# +# I have created an /etc/init.d init script and enhanced openvpn.spec to +# automatically register the init script. Once the RPM is installed you +# can start and stop OpenVPN with "service openvpn start" and "service +# openvpn stop". +# +# The init script does the following: +# +# - Starts an openvpn process for each .conf file it finds in +# /etc/openvpn. +# +# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes +# it before starting openvpn (useful for doing openvpn --mktun...). +# +# - In addition to start/stop you can do: +# +# service openvpn reload - SIGHUP +# service openvpn reopen - SIGUSR1 +# service openvpn status - SIGUSR2 +# +# Modifications: +# +# 2003.05.02 +# * Changed == to = for sh compliance (Bishop Clark). +# * If condrestart|reload|reopen|status, check that we were +# actually started (James Yonan). +# * Added lock, piddir, and work variables (James Yonan). +# * If start is attempted twice, without an intervening stop, or +# if start is attempted when previous start was not properly +# shut down, then kill any previously started processes, before +# commencing new start operation (James Yonan). +# * Do a better job of flagging errors on start, and properly +# returning success or failure status to caller (James Yonan). +# +# 2005.04.04 +# * Added openvpn-startup and openvpn-shutdown script calls +# (James Yonan). +# + +# Location of openvpn binary +openvpn="" +openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn" +for location in $openvpn_locations +do + if [ -f "$location" ] + then + openvpn=$location + fi +done + +# Lockfile +lock="/var/lock/subsys/openvpn-s2s" + +# PID directory +piddir="/var/run/openvpn-s2s" + +# Our working directory +work=/etc/openvpn/s2s + +# Source function library. +. /etc/rc.d/init.d/functions + +# Source networking configuration. +. /etc/sysconfig/network + +# Check that networking is up. +if [ ${NETWORKING} = "no" ] +then + echo "Networking is down" + exit 0 +fi + +# Check that binary exists +if ! [ -f $openvpn ] +then + echo "openvpn binary not found" + exit 0 +fi + +# See how we were called. +case "$1" in + start) + echo -n $"Starting openvpn-s2s: " + + /sbin/modprobe tun >/dev/null 2>&1 + + # From a security perspective, I think it makes + # sense to remove this, and have users who need + # it explictly enable in their --up scripts or + # firewall setups. + + echo 1 > /proc/sys/net/ipv4/ip_forward + + # Run startup script, if defined + if [ -f $work/openvpn-startup ]; then + $work/openvpn-startup + fi + + if [ ! -d $piddir ]; then + mkdir $piddir + fi + + if [ -f $lock ]; then + # we were not shut down correctly + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do + if [ -s $pidf ]; then + kill `cat $pidf` >/dev/null 2>&1 + fi + rm -f $pidf + done + rm -f $lock + sleep 2 + fi + + rm -f $piddir/*.pid + cd $work + + # Start every .conf in $work and run .sh if exists + errors=0 + successes=0 + for c in `/bin/ls *.conf 2>/dev/null`; do + bn=${c%%.conf} + if [ -f "$bn.sh" ]; then + . ./$bn.sh + fi + rm -f $piddir/$bn.pid + # Handle backward compatibility, see Red Hat Bugzilla ID #458594 + script_security='' + if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then + script_security="--script-security 2" + fi + $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security + if [ $? = 0 ]; then + successes=1 + else + errors=1 + fi + done + + if [ $errors = 1 ]; then + failure; echo + else + success; echo + fi + + if [ $successes = 1 ]; then + touch $lock + fi + ;; + stop) + echo -n $"Shutting down openvpn: " + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do + if [ -s $pidf ]; then + kill `cat $pidf` >/dev/null 2>&1 + fi + rm -f $pidf + done + + # Run shutdown script, if defined + if [ -f $work/openvpn-shutdown ]; then + $work/openvpn-shutdown + fi + + success; echo + rm -f $lock + ;; + restart) + $0 stop + sleep 2 + $0 start + ;; + reload) + if [ -f $lock ]; then + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do + if [ -s $pidf ]; then + kill -HUP `cat $pidf` >/dev/null 2>&1 + fi + done + else + echo "openvpn: service not started" + exit 1 + fi + ;; + reopen) + if [ -f $lock ]; then + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do + if [ -s $pidf ]; then + kill -USR1 `cat $pidf` >/dev/null 2>&1 + fi + done + else + echo "openvpn: service not started" + exit 1 + fi + ;; + condrestart) + if [ -f $lock ]; then + $0 stop + # avoid race + sleep 2 + $0 start + fi + ;; + status) + if [ -f $lock ]; then + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do + if [ -s $pidf ]; then + kill -USR2 `cat $pidf` >/dev/null 2>&1 + fi + done + echo "Status written to /var/log/messages" + else + echo "openvpn: service not started" + exit 1 + fi + ;; + *) + echo "Usage: $0 {start|stop|restart|condrestart|reload|reopen|status}" + exit 1 + ;; +esac +exit 0