smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s-0.2-Alter-for-systemd-startup.patch

diff -urN smeserver-openvpn-s2s-0.2.old/createlinks smeserver-openvpn-s2s-0.2/createlinks
--- smeserver-openvpn-s2s-0.2.old/createlinks   2013-11-11 17:33:06.000000000 +0000
+++ smeserver-openvpn-s2s-0.2/createlinks       2021-02-05 12:15:06.887220117 +0000
@@ -5,9 +5,9 @@
 safe_symlink("restart", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/openvpn-s2s");
 safe_symlink("adjust", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/masq");
 
-service_link_enhanced("openvpn-s2s", "S80", "7");
-service_link_enhanced("openvpn-s2s", "K25", "6");
-service_link_enhanced("openvpn-s2s", "K25", "0");
+#service_link_enhanced("openvpn-s2s", "S80", "7");
+#service_link_enhanced("openvpn-s2s", "K25", "6");
+#service_link_enhanced("openvpn-s2s", "K25", "0");
 
 event_link("openvpn-s2s-delete-networks", "openvpn-s2s-update", "10");
 event_link("openvpn-s2s-genconf", "openvpn-s2s-update", "20");
@@ -20,3 +20,26 @@
 
 panel_link("openvpns2s", 'manager');
 
+# our event specific for updating with yum without reboot
+$event = "smeserver-openvpn-s2s-update";
+#add here the path to your templates needed to expand
+#see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event
+
+foreach my $file (qw(
+                /etc/systemd/system-preset/49-koozali.preset
+               /etc/rc.d/init.d/masq
+               /etc/crontab
+
+))
+{
+    templates2events( $file, $event );
+}
+
+#action needed in case we have a systemd unit
+event_link("systemd-default", $event, "10");
+event_link("systemd-reload", $event, "50");
+
+#action specific to this package
+event_link("openvpn-s2s-update", $event, "60");
+#services we need to restart
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/openvpn-s2s");
diff -urN smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s
--- smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s      2010-10-16 16:56:47.000000000 +0100
+++ smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s  1970-01-01 01:00:00.000000000 +0100
@@ -1,264 +0,0 @@
-#!/bin/sh
-#
-# openvpn       This shell script takes care of starting and stopping
-#               openvpn on RedHat or other chkconfig-based system.
-#
-# chkconfig: - 24 76
-#
-# processname: openvpn
-# description: OpenVPN is a robust and highly flexible tunneling \
-#              application that uses all of the encryption, \
-#              authentication, and certification features of the OpenSSL \
-#              library to securely tunnel IP networks over a single UDP \
-#              port.
-#
-
-### BEGIN INIT INFO
-# Provides: openvpn
-# Required-Start: $network
-# Required-Stop: $network
-# Short-Description: start and stop openvpn
-# Description: OpenVPN is a robust and highly flexible tunneling \
-#              application that uses all of the encryption, \
-#              authentication, and certification features of the OpenSSL \
-#              library to securely tunnel IP networks over a single UDP \
-#              port.
-### END INIT INFO
-
-
-# Contributed to the OpenVPN project by
-# Douglas Keller <doug@voidstar.dyndns.org>
-# 2002.05.15
-
-# To install:
-#   copy this file to /etc/rc.d/init.d/openvpn
-#   shell> chkconfig --add openvpn
-#   shell> mkdir /etc/openvpn
-#   make .conf or .sh files in /etc/openvpn (see below)
-
-# To uninstall:
-#   run: chkconfig --del openvpn
-
-# Author's Notes:
-#
-# I have created an /etc/init.d init script and enhanced openvpn.spec to
-# automatically register the init script.  Once the RPM is installed you
-# can start and stop OpenVPN with "service openvpn start" and "service
-# openvpn stop".
-#
-# The init script does the following:
-#
-# - Starts an openvpn process for each .conf file it finds in
-#   /etc/openvpn.
-#
-# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
-#   it before starting openvpn (useful for doing openvpn --mktun...).
-#
-# - In addition to start/stop you can do:
-#
-#   service openvpn reload - SIGHUP
-#   service openvpn reopen - SIGUSR1
-#   service openvpn status - SIGUSR2
-#
-# Modifications:
-#
-# 2003.05.02
-#   * Changed == to = for sh compliance (Bishop Clark).
-#   * If condrestart|reload|reopen|status, check that we were
-#     actually started (James Yonan).
-#   * Added lock, piddir, and work variables (James Yonan).
-#   * If start is attempted twice, without an intervening stop, or
-#     if start is attempted when previous start was not properly
-#     shut down, then kill any previously started processes, before
-#     commencing new start operation (James Yonan).
-#   * Do a better job of flagging errors on start, and properly
-#     returning success or failure status to caller (James Yonan).
-#
-# 2005.04.04
-#   * Added openvpn-startup and openvpn-shutdown script calls
-#     (James Yonan).
-#
-
-# Location of openvpn binary
-openvpn=""
-openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
-for location in $openvpn_locations
-do
-  if [ -f "$location" ]
-  then
-    openvpn=$location
-  fi
-done
-
-# Lockfile
-lock="/var/lock/subsys/openvpn-s2s"
-
-# PID directory
-piddir="/var/run/openvpn-s2s"
-
-# Our working directory
-work=/etc/openvpn/s2s
-
-# Source function library.
-. /etc/rc.d/init.d/functions
-
-# Source networking configuration.
-. /etc/sysconfig/network
-
-# Check that networking is up.
-if [ ${NETWORKING} = "no" ]
-then
-  echo "Networking is down"
-  exit 0
-fi
-
-# Check that binary exists
-if ! [ -f  $openvpn ] 
-then
-  echo "openvpn binary not found"
-  exit 0
-fi
-
-# See how we were called.
-case "$1" in
-  start)
-       echo -n $"Starting openvpn-s2s: "
-
-       /sbin/modprobe tun >/dev/null 2>&1
-
-       # From a security perspective, I think it makes
-       # sense to remove this, and have users who need
-       # it explictly enable in their --up scripts or
-       # firewall setups.
-
-       echo 1 > /proc/sys/net/ipv4/ip_forward
-
-       # Run startup script, if defined
-       if [ -f $work/openvpn-startup ]; then
-           $work/openvpn-startup
-       fi
-
-       if [ ! -d  $piddir ]; then
-           mkdir $piddir
-       fi
-
-       if [ -f $lock ]; then
-           # we were not shut down correctly
-           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
-             if [ -s $pidf ]; then
-               kill `cat $pidf` >/dev/null 2>&1
-             fi
-             rm -f $pidf
-           done
-           rm -f $lock
-           sleep 2
-       fi
-
-       rm -f $piddir/*.pid
-       cd $work
-
-       # Start every .conf in $work and run .sh if exists
-       errors=0
-       successes=0
-       for c in `/bin/ls *.conf 2>/dev/null`; do
-           bn=${c%%.conf}
-           if [ -f "$bn.sh" ]; then
-               . ./$bn.sh
-           fi
-           rm -f $piddir/$bn.pid
-            # Handle backward compatibility, see Red Hat Bugzilla ID #458594
-            script_security=''
-            if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
-                script_security="--script-security 2"
-            fi
-           $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
-           if [ $? = 0 ]; then
-               successes=1
-           else
-               errors=1
-           fi
-       done
-
-       if [ $errors = 1 ]; then
-           failure; echo
-       else
-           success; echo
-       fi
-
-       if [ $successes = 1 ]; then
-           touch $lock
-       fi
-       ;;
-  stop)
-       echo -n $"Shutting down openvpn: "
-       for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
-         if [ -s $pidf ]; then
-           kill `cat $pidf` >/dev/null 2>&1
-         fi
-         rm -f $pidf
-       done
-
-       # Run shutdown script, if defined
-       if [ -f $work/openvpn-shutdown ]; then
-           $work/openvpn-shutdown
-       fi
-
-       success; echo
-       rm -f $lock
-       ;;
-  restart)
-       $0 stop
-       sleep 2
-       $0 start
-       ;;
-  reload)
-       if [ -f $lock ]; then
-           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
-               if [ -s $pidf ]; then
-                   kill -HUP `cat $pidf` >/dev/null 2>&1
-               fi
-           done
-       else
-           echo "openvpn: service not started"
-           exit 1
-       fi
-       ;;
-  reopen)
-       if [ -f $lock ]; then
-           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
-               if [ -s $pidf ]; then
-                   kill -USR1 `cat $pidf` >/dev/null 2>&1
-               fi
-           done
-       else
-           echo "openvpn: service not started"
-           exit 1
-       fi
-       ;;
-  condrestart)
-       if [ -f $lock ]; then
-           $0 stop
-           # avoid race
-           sleep 2
-           $0 start
-       fi
-       ;;
-  status)
-       if [ -f $lock ]; then
-           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
-               if [ -s $pidf ]; then
-                   kill -USR2 `cat $pidf` >/dev/null 2>&1
-               fi
-           done
-           echo "Status written to /var/log/messages"
-       else
-           echo "openvpn: service not started"
-           exit 1
-       fi
-        ;;
-  *)
-       echo "Usage: $0 {start|stop|restart|condrestart|reload|reopen|status}"
-       exit 1
-       ;;
-esac
-exit 0
diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service
--- smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service       1970-01-01 01:00:00.000000000 +0100
+++ smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service   2021-02-05 11:30:28.759674345 +0000
@@ -0,0 +1,10 @@
+[Unit]
+Description=OpenVPN Server to Server
+After=network.service
+[Service]
+Type=forking
+ExecStart=/usr/sbin/systemd/openvpn-s2s start
+ExecStop=/usr/sbin/systemd/openvpn-s2s stop
+[Install]
+WantedBy=sme-server.target
+
diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s
--- smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s     1970-01-01 01:00:00.000000000 +0100
+++ smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100
@@ -0,0 +1,264 @@
+#!/bin/sh
+#
+# openvpn       This shell script takes care of starting and stopping
+#               openvpn on RedHat or other chkconfig-based system.
+#
+# chkconfig: - 24 76
+#
+# processname: openvpn
+# description: OpenVPN is a robust and highly flexible tunneling \
+#              application that uses all of the encryption, \
+#              authentication, and certification features of the OpenSSL \
+#              library to securely tunnel IP networks over a single UDP \
+#              port.
+#
+
+### BEGIN INIT INFO
+# Provides: openvpn
+# Required-Start: $network
+# Required-Stop: $network
+# Short-Description: start and stop openvpn
+# Description: OpenVPN is a robust and highly flexible tunneling \
+#              application that uses all of the encryption, \
+#              authentication, and certification features of the OpenSSL \
+#              library to securely tunnel IP networks over a single UDP \
+#              port.
+### END INIT INFO
+
+
+# Contributed to the OpenVPN project by
+# Douglas Keller <doug@voidstar.dyndns.org>
+# 2002.05.15
+
+# To install:
+#   copy this file to /etc/rc.d/init.d/openvpn
+#   shell> chkconfig --add openvpn
+#   shell> mkdir /etc/openvpn
+#   make .conf or .sh files in /etc/openvpn (see below)
+
+# To uninstall:
+#   run: chkconfig --del openvpn
+
+# Author's Notes:
+#
+# I have created an /etc/init.d init script and enhanced openvpn.spec to
+# automatically register the init script.  Once the RPM is installed you
+# can start and stop OpenVPN with "service openvpn start" and "service
+# openvpn stop".
+#
+# The init script does the following:
+#
+# - Starts an openvpn process for each .conf file it finds in
+#   /etc/openvpn.
+#
+# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
+#   it before starting openvpn (useful for doing openvpn --mktun...).
+#
+# - In addition to start/stop you can do:
+#
+#   service openvpn reload - SIGHUP
+#   service openvpn reopen - SIGUSR1
+#   service openvpn status - SIGUSR2
+#
+# Modifications:
+#
+# 2003.05.02
+#   * Changed == to = for sh compliance (Bishop Clark).
+#   * If condrestart|reload|reopen|status, check that we were
+#     actually started (James Yonan).
+#   * Added lock, piddir, and work variables (James Yonan).
+#   * If start is attempted twice, without an intervening stop, or
+#     if start is attempted when previous start was not properly
+#     shut down, then kill any previously started processes, before
+#     commencing new start operation (James Yonan).
+#   * Do a better job of flagging errors on start, and properly
+#     returning success or failure status to caller (James Yonan).
+#
+# 2005.04.04
+#   * Added openvpn-startup and openvpn-shutdown script calls
+#     (James Yonan).
+#
+
+# Location of openvpn binary
+openvpn=""
+openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
+for location in $openvpn_locations
+do
+  if [ -f "$location" ]
+  then
+    openvpn=$location
+  fi
+done
+
+# Lockfile
+lock="/var/lock/subsys/openvpn-s2s"
+
+# PID directory
+piddir="/var/run/openvpn-s2s"
+
+# Our working directory
+work=/etc/openvpn/s2s
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+if [ ${NETWORKING} = "no" ]
+then
+  echo "Networking is down"
+  exit 0
+fi
+
+# Check that binary exists
+if ! [ -f  $openvpn ] 
+then
+  echo "openvpn binary not found"
+  exit 0
+fi
+
+# See how we were called.
+case "$1" in
+  start)
+       echo -n $"Starting openvpn-s2s: "
+
+       /sbin/modprobe tun >/dev/null 2>&1
+
+       # From a security perspective, I think it makes
+       # sense to remove this, and have users who need
+       # it explictly enable in their --up scripts or
+       # firewall setups.
+
+       echo 1 > /proc/sys/net/ipv4/ip_forward
+
+       # Run startup script, if defined
+       if [ -f $work/openvpn-startup ]; then
+           $work/openvpn-startup
+       fi
+
+       if [ ! -d  $piddir ]; then
+           mkdir $piddir
+       fi
+
+       if [ -f $lock ]; then
+           # we were not shut down correctly
+           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+             if [ -s $pidf ]; then
+               kill `cat $pidf` >/dev/null 2>&1
+             fi
+             rm -f $pidf
+           done
+           rm -f $lock
+           sleep 2
+       fi
+
+       rm -f $piddir/*.pid
+       cd $work
+
+       # Start every .conf in $work and run .sh if exists
+       errors=0
+       successes=0
+       for c in `/bin/ls *.conf 2>/dev/null`; do
+           bn=${c%%.conf}
+           if [ -f "$bn.sh" ]; then
+               . ./$bn.sh
+           fi
+           rm -f $piddir/$bn.pid
+            # Handle backward compatibility, see Red Hat Bugzilla ID #458594
+            script_security=''
+            if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
+                script_security="--script-security 2"
+            fi
+           $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
+           if [ $? = 0 ]; then
+               successes=1
+           else
+               errors=1
+           fi
+       done
+
+       if [ $errors = 1 ]; then
+           failure; echo
+       else
+           success; echo
+       fi
+
+       if [ $successes = 1 ]; then
+           touch $lock
+       fi
+       ;;
+  stop)
+       echo -n $"Shutting down openvpn: "
+       for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+         if [ -s $pidf ]; then
+           kill `cat $pidf` >/dev/null 2>&1
+         fi
+         rm -f $pidf
+       done
+
+       # Run shutdown script, if defined
+       if [ -f $work/openvpn-shutdown ]; then
+           $work/openvpn-shutdown
+       fi
+
+       success; echo
+       rm -f $lock
+       ;;
+  restart)
+       $0 stop
+       sleep 2
+       $0 start
+       ;;
+  reload)
+       if [ -f $lock ]; then
+           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+               if [ -s $pidf ]; then
+                   kill -HUP `cat $pidf` >/dev/null 2>&1
+               fi
+           done
+       else
+           echo "openvpn: service not started"
+           exit 1
+       fi
+       ;;
+  reopen)
+       if [ -f $lock ]; then
+           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+               if [ -s $pidf ]; then
+                   kill -USR1 `cat $pidf` >/dev/null 2>&1
+               fi
+           done
+       else
+           echo "openvpn: service not started"
+           exit 1
+       fi
+       ;;
+  condrestart)
+       if [ -f $lock ]; then
+           $0 stop
+           # avoid race
+           sleep 2
+           $0 start
+       fi
+       ;;
+  status)
+       if [ -f $lock ]; then
+           for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
+               if [ -s $pidf ]; then
+                   kill -USR2 `cat $pidf` >/dev/null 2>&1
+               fi
+           done
+           echo "Status written to /var/log/messages"
+       else
+           echo "openvpn: service not started"
+           exit 1
+       fi
+        ;;
+  *)
+       echo "Usage: $0 {start|stop|restart|condrestart|reload|reopen|status}"
+       exit 1
+       ;;
+esac
+exit 0
1	brianr	1.1	diff -urN smeserver-openvpn-s2s-0.2.old/createlinks smeserver-openvpn-s2s-0.2/createlinks
2			--- smeserver-openvpn-s2s-0.2.old/createlinks 2013-11-11 17:33:06.000000000 +0000
3			+++ smeserver-openvpn-s2s-0.2/createlinks 2021-02-05 12:15:06.887220117 +0000
4			@@ -5,9 +5,9 @@
5			safe_symlink("restart", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/openvpn-s2s");
6			safe_symlink("adjust", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/masq");
7
8			-service_link_enhanced("openvpn-s2s", "S80", "7");
9			-service_link_enhanced("openvpn-s2s", "K25", "6");
10			-service_link_enhanced("openvpn-s2s", "K25", "0");
11			+#service_link_enhanced("openvpn-s2s", "S80", "7");
12			+#service_link_enhanced("openvpn-s2s", "K25", "6");
13			+#service_link_enhanced("openvpn-s2s", "K25", "0");
14
15			event_link("openvpn-s2s-delete-networks", "openvpn-s2s-update", "10");
16			event_link("openvpn-s2s-genconf", "openvpn-s2s-update", "20");
17			@@ -20,3 +20,26 @@
18
19			panel_link("openvpns2s", 'manager');
20
21			+# our event specific for updating with yum without reboot
22			+$event = "smeserver-openvpn-s2s-update";
23			+#add here the path to your templates needed to expand
24			+#see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event
25			+
26			+foreach my $file (qw(
27			+ /etc/systemd/system-preset/49-koozali.preset
28			+ /etc/rc.d/init.d/masq
29			+ /etc/crontab
30			+
31			+))
32			+{
33			+ templates2events( $file, $event );
34			+}
35			+
36			+#action needed in case we have a systemd unit
37			+event_link("systemd-default", $event, "10");
38			+event_link("systemd-reload", $event, "50");
39			+
40			+#action specific to this package
41			+event_link("openvpn-s2s-update", $event, "60");
42			+#services we need to restart
43			+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/openvpn-s2s");
44			diff -urN smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s
45			--- smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100
46			+++ smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s 1970-01-01 01:00:00.000000000 +0100
47			@@ -1,264 +0,0 @@
48			-#!/bin/sh
49			-#
50			-# openvpn This shell script takes care of starting and stopping
51			-# openvpn on RedHat or other chkconfig-based system.
52			-#
53			-# chkconfig: - 24 76
54			-#
55			-# processname: openvpn
56			-# description: OpenVPN is a robust and highly flexible tunneling \
57			-# application that uses all of the encryption, \
58			-# authentication, and certification features of the OpenSSL \
59			-# library to securely tunnel IP networks over a single UDP \
60			-# port.
61			-#
62			-
63			-### BEGIN INIT INFO
64			-# Provides: openvpn
65			-# Required-Start: $network
66			-# Required-Stop: $network
67			-# Short-Description: start and stop openvpn
68			-# Description: OpenVPN is a robust and highly flexible tunneling \
69			-# application that uses all of the encryption, \
70			-# authentication, and certification features of the OpenSSL \
71			-# library to securely tunnel IP networks over a single UDP \
72			-# port.
73			-### END INIT INFO
74			-
75			-
76			-# Contributed to the OpenVPN project by
77			-# Douglas Keller <doug@voidstar.dyndns.org>
78			-# 2002.05.15
79			-
80			-# To install:
81			-# copy this file to /etc/rc.d/init.d/openvpn
82			-# shell> chkconfig --add openvpn
83			-# shell> mkdir /etc/openvpn
84			-# make .conf or .sh files in /etc/openvpn (see below)
85			-
86			-# To uninstall:
87			-# run: chkconfig --del openvpn
88			-
89			-# Author's Notes:
90			-#
91			-# I have created an /etc/init.d init script and enhanced openvpn.spec to
92			-# automatically register the init script. Once the RPM is installed you
93			-# can start and stop OpenVPN with "service openvpn start" and "service
94			-# openvpn stop".
95			-#
96			-# The init script does the following:
97			-#
98			-# - Starts an openvpn process for each .conf file it finds in
99			-# /etc/openvpn.
100			-#
101			-# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
102			-# it before starting openvpn (useful for doing openvpn --mktun...).
103			-#
104			-# - In addition to start/stop you can do:
105			-#
106			-# service openvpn reload - SIGHUP
107			-# service openvpn reopen - SIGUSR1
108			-# service openvpn status - SIGUSR2
109			-#
110			-# Modifications:
111			-#
112			-# 2003.05.02
113			-# * Changed == to = for sh compliance (Bishop Clark).
114			-# * If condrestart\|reload\|reopen\|status, check that we were
115			-# actually started (James Yonan).
116			-# * Added lock, piddir, and work variables (James Yonan).
117			-# * If start is attempted twice, without an intervening stop, or
118			-# if start is attempted when previous start was not properly
119			-# shut down, then kill any previously started processes, before
120			-# commencing new start operation (James Yonan).
121			-# * Do a better job of flagging errors on start, and properly
122			-# returning success or failure status to caller (James Yonan).
123			-#
124			-# 2005.04.04
125			-# * Added openvpn-startup and openvpn-shutdown script calls
126			-# (James Yonan).
127			-#
128			-
129			-# Location of openvpn binary
130			-openvpn=""
131			-openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
132			-for location in $openvpn_locations
133			-do
134			- if [ -f "$location" ]
135			- then
136			- openvpn=$location
137			- fi
138			-done
139			-
140			-# Lockfile
141			-lock="/var/lock/subsys/openvpn-s2s"
142			-
143			-# PID directory
144			-piddir="/var/run/openvpn-s2s"
145			-
146			-# Our working directory
147			-work=/etc/openvpn/s2s
148			-
149			-# Source function library.
150			-. /etc/rc.d/init.d/functions
151			-
152			-# Source networking configuration.
153			-. /etc/sysconfig/network
154			-
155			-# Check that networking is up.
156			-if [ ${NETWORKING} = "no" ]
157			-then
158			- echo "Networking is down"
159			- exit 0
160			-fi
161			-
162			-# Check that binary exists
163			-if ! [ -f $openvpn ]
164			-then
165			- echo "openvpn binary not found"
166			- exit 0
167			-fi
168			-
169			-# See how we were called.
170			-case "$1" in
171			- start)
172			- echo -n $"Starting openvpn-s2s: "
173			-
174			- /sbin/modprobe tun >/dev/null 2>&1
175			-
176			- # From a security perspective, I think it makes
177			- # sense to remove this, and have users who need
178			- # it explictly enable in their --up scripts or
179			- # firewall setups.
180			-
181			- echo 1 > /proc/sys/net/ipv4/ip_forward
182			-
183			- # Run startup script, if defined
184			- if [ -f $work/openvpn-startup ]; then
185			- $work/openvpn-startup
186			- fi
187			-
188			- if [ ! -d $piddir ]; then
189			- mkdir $piddir
190			- fi
191			-
192			- if [ -f $lock ]; then
193			- # we were not shut down correctly
194			- for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
195			- if [ -s $pidf ]; then
196			- kill `cat $pidf` >/dev/null 2>&1
197			- fi
198			- rm -f $pidf
199			- done
200			- rm -f $lock
201			- sleep 2
202			- fi
203			-
204			- rm -f $piddir/*.pid
205			- cd $work
206			-
207			- # Start every .conf in $work and run .sh if exists
208			- errors=0
209			- successes=0
210			- for c in `/bin/ls *.conf 2>/dev/null`; do
211			- bn=${c%%.conf}
212			- if [ -f "$bn.sh" ]; then
213			- . ./$bn.sh
214			- fi
215			- rm -f $piddir/$bn.pid
216			- # Handle backward compatibility, see Red Hat Bugzilla ID #458594
217			- script_security=''
218			- if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
219			- script_security="--script-security 2"
220			- fi
221			- $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
222			- if [ $? = 0 ]; then
223			- successes=1
224			- else
225			- errors=1
226			- fi
227			- done
228			-
229			- if [ $errors = 1 ]; then
230			- failure; echo
231			- else
232			- success; echo
233			- fi
234			-
235			- if [ $successes = 1 ]; then
236			- touch $lock
237			- fi
238			- ;;
239			- stop)
240			- echo -n $"Shutting down openvpn: "
241			- for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
242			- if [ -s $pidf ]; then
243			- kill `cat $pidf` >/dev/null 2>&1
244			- fi
245			- rm -f $pidf
246			- done
247			-
248			- # Run shutdown script, if defined
249			- if [ -f $work/openvpn-shutdown ]; then
250			- $work/openvpn-shutdown
251			- fi
252			-
253			- success; echo
254			- rm -f $lock
255			- ;;
256			- restart)
257			- $0 stop
258			- sleep 2
259			- $0 start
260			- ;;
261			- reload)
262			- if [ -f $lock ]; then
263			- for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
264			- if [ -s $pidf ]; then
265			- kill -HUP `cat $pidf` >/dev/null 2>&1
266			- fi
267			- done
268			- else
269			- echo "openvpn: service not started"
270			- exit 1
271			- fi
272			- ;;
273			- reopen)
274			- if [ -f $lock ]; then
275			- for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
276			- if [ -s $pidf ]; then
277			- kill -USR1 `cat $pidf` >/dev/null 2>&1
278			- fi
279			- done
280			- else
281			- echo "openvpn: service not started"
282			- exit 1
283			- fi
284			- ;;
285			- condrestart)
286			- if [ -f $lock ]; then
287			- $0 stop
288			- # avoid race
289			- sleep 2
290			- $0 start
291			- fi
292			- ;;
293			- status)
294			- if [ -f $lock ]; then
295			- for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
296			- if [ -s $pidf ]; then
297			- kill -USR2 `cat $pidf` >/dev/null 2>&1
298			- fi
299			- done
300			- echo "Status written to /var/log/messages"
301			- else
302			- echo "openvpn: service not started"
303			- exit 1
304			- fi
305			- ;;
306			- *)
307			- echo "Usage: $0 {start\|stop\|restart\|condrestart\|reload\|reopen\|status}"
308			- exit 1
309			- ;;
310			-esac
311			-exit 0
312			diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service
313			--- smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service 1970-01-01 01:00:00.000000000 +0100
314			+++ smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service 2021-02-05 11:30:28.759674345 +0000
315			@@ -0,0 +1,10 @@
316			+[Unit]
317			+Description=OpenVPN Server to Server
318			+After=network.service
319			+[Service]
320			+Type=forking
321			+ExecStart=/usr/sbin/systemd/openvpn-s2s start
322			+ExecStop=/usr/sbin/systemd/openvpn-s2s stop
323			+[Install]
324			+WantedBy=sme-server.target
325			+
326			diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s
327			--- smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s 1970-01-01 01:00:00.000000000 +0100
328			+++ smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100
329			@@ -0,0 +1,264 @@
330			+#!/bin/sh
331			+#
332			+# openvpn This shell script takes care of starting and stopping
333			+# openvpn on RedHat or other chkconfig-based system.
334			+#
335			+# chkconfig: - 24 76
336			+#
337			+# processname: openvpn
338			+# description: OpenVPN is a robust and highly flexible tunneling \
339			+# application that uses all of the encryption, \
340			+# authentication, and certification features of the OpenSSL \
341			+# library to securely tunnel IP networks over a single UDP \
342			+# port.
343			+#
344			+
345			+### BEGIN INIT INFO
346			+# Provides: openvpn
347			+# Required-Start: $network
348			+# Required-Stop: $network
349			+# Short-Description: start and stop openvpn
350			+# Description: OpenVPN is a robust and highly flexible tunneling \
351			+# application that uses all of the encryption, \
352			+# authentication, and certification features of the OpenSSL \
353			+# library to securely tunnel IP networks over a single UDP \
354			+# port.
355			+### END INIT INFO
356			+
357			+
358			+# Contributed to the OpenVPN project by
359			+# Douglas Keller <doug@voidstar.dyndns.org>
360			+# 2002.05.15
361			+
362			+# To install:
363			+# copy this file to /etc/rc.d/init.d/openvpn
364			+# shell> chkconfig --add openvpn
365			+# shell> mkdir /etc/openvpn
366			+# make .conf or .sh files in /etc/openvpn (see below)
367			+
368			+# To uninstall:
369			+# run: chkconfig --del openvpn
370			+
371			+# Author's Notes:
372			+#
373			+# I have created an /etc/init.d init script and enhanced openvpn.spec to
374			+# automatically register the init script. Once the RPM is installed you
375			+# can start and stop OpenVPN with "service openvpn start" and "service
376			+# openvpn stop".
377			+#
378			+# The init script does the following:
379			+#
380			+# - Starts an openvpn process for each .conf file it finds in
381			+# /etc/openvpn.
382			+#
383			+# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
384			+# it before starting openvpn (useful for doing openvpn --mktun...).
385			+#
386			+# - In addition to start/stop you can do:
387			+#
388			+# service openvpn reload - SIGHUP
389			+# service openvpn reopen - SIGUSR1
390			+# service openvpn status - SIGUSR2
391			+#
392			+# Modifications:
393			+#
394			+# 2003.05.02
395			+# * Changed == to = for sh compliance (Bishop Clark).
396			+# * If condrestart\|reload\|reopen\|status, check that we were
397			+# actually started (James Yonan).
398			+# * Added lock, piddir, and work variables (James Yonan).
399			+# * If start is attempted twice, without an intervening stop, or
400			+# if start is attempted when previous start was not properly
401			+# shut down, then kill any previously started processes, before
402			+# commencing new start operation (James Yonan).
403			+# * Do a better job of flagging errors on start, and properly
404			+# returning success or failure status to caller (James Yonan).
405			+#
406			+# 2005.04.04
407			+# * Added openvpn-startup and openvpn-shutdown script calls
408			+# (James Yonan).
409			+#
410			+
411			+# Location of openvpn binary
412			+openvpn=""
413			+openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
414			+for location in $openvpn_locations
415			+do
416			+ if [ -f "$location" ]
417			+ then
418			+ openvpn=$location
419			+ fi
420			+done
421			+
422			+# Lockfile
423			+lock="/var/lock/subsys/openvpn-s2s"
424			+
425			+# PID directory
426			+piddir="/var/run/openvpn-s2s"
427			+
428			+# Our working directory
429			+work=/etc/openvpn/s2s
430			+
431			+# Source function library.
432			+. /etc/rc.d/init.d/functions
433			+
434			+# Source networking configuration.
435			+. /etc/sysconfig/network
436			+
437			+# Check that networking is up.
438			+if [ ${NETWORKING} = "no" ]
439			+then
440			+ echo "Networking is down"
441			+ exit 0
442			+fi
443			+
444			+# Check that binary exists
445			+if ! [ -f $openvpn ]
446			+then
447			+ echo "openvpn binary not found"
448			+ exit 0
449			+fi
450			+
451			+# See how we were called.
452			+case "$1" in
453			+ start)
454			+ echo -n $"Starting openvpn-s2s: "
455			+
456			+ /sbin/modprobe tun >/dev/null 2>&1
457			+
458			+ # From a security perspective, I think it makes
459			+ # sense to remove this, and have users who need
460			+ # it explictly enable in their --up scripts or
461			+ # firewall setups.
462			+
463			+ echo 1 > /proc/sys/net/ipv4/ip_forward
464			+
465			+ # Run startup script, if defined
466			+ if [ -f $work/openvpn-startup ]; then
467			+ $work/openvpn-startup
468			+ fi
469			+
470			+ if [ ! -d $piddir ]; then
471			+ mkdir $piddir
472			+ fi
473			+
474			+ if [ -f $lock ]; then
475			+ # we were not shut down correctly
476			+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
477			+ if [ -s $pidf ]; then
478			+ kill `cat $pidf` >/dev/null 2>&1
479			+ fi
480			+ rm -f $pidf
481			+ done
482			+ rm -f $lock
483			+ sleep 2
484			+ fi
485			+
486			+ rm -f $piddir/*.pid
487			+ cd $work
488			+
489			+ # Start every .conf in $work and run .sh if exists
490			+ errors=0
491			+ successes=0
492			+ for c in `/bin/ls *.conf 2>/dev/null`; do
493			+ bn=${c%%.conf}
494			+ if [ -f "$bn.sh" ]; then
495			+ . ./$bn.sh
496			+ fi
497			+ rm -f $piddir/$bn.pid
498			+ # Handle backward compatibility, see Red Hat Bugzilla ID #458594
499			+ script_security=''
500			+ if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
501			+ script_security="--script-security 2"
502			+ fi
503			+ $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
504			+ if [ $? = 0 ]; then
505			+ successes=1
506			+ else
507			+ errors=1
508			+ fi
509			+ done
510			+
511			+ if [ $errors = 1 ]; then
512			+ failure; echo
513			+ else
514			+ success; echo
515			+ fi
516			+
517			+ if [ $successes = 1 ]; then
518			+ touch $lock
519			+ fi
520			+ ;;
521			+ stop)
522			+ echo -n $"Shutting down openvpn: "
523			+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
524			+ if [ -s $pidf ]; then
525			+ kill `cat $pidf` >/dev/null 2>&1
526			+ fi
527			+ rm -f $pidf
528			+ done
529			+
530			+ # Run shutdown script, if defined
531			+ if [ -f $work/openvpn-shutdown ]; then
532			+ $work/openvpn-shutdown
533			+ fi
534			+
535			+ success; echo
536			+ rm -f $lock
537			+ ;;
538			+ restart)
539			+ $0 stop
540			+ sleep 2
541			+ $0 start
542			+ ;;
543			+ reload)
544			+ if [ -f $lock ]; then
545			+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
546			+ if [ -s $pidf ]; then
547			+ kill -HUP `cat $pidf` >/dev/null 2>&1
548			+ fi
549			+ done
550			+ else
551			+ echo "openvpn: service not started"
552			+ exit 1
553			+ fi
554			+ ;;
555			+ reopen)
556			+ if [ -f $lock ]; then
557			+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
558			+ if [ -s $pidf ]; then
559			+ kill -USR1 `cat $pidf` >/dev/null 2>&1
560			+ fi
561			+ done
562			+ else
563			+ echo "openvpn: service not started"
564			+ exit 1
565			+ fi
566			+ ;;
567			+ condrestart)
568			+ if [ -f $lock ]; then
569			+ $0 stop
570			+ # avoid race
571			+ sleep 2
572			+ $0 start
573			+ fi
574			+ ;;
575			+ status)
576			+ if [ -f $lock ]; then
577			+ for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
578			+ if [ -s $pidf ]; then
579			+ kill -USR2 `cat $pidf` >/dev/null 2>&1
580			+ fi
581			+ done
582			+ echo "Status written to /var/log/messages"
583			+ else
584			+ echo "openvpn: service not started"
585			+ exit 1
586			+ fi
587			+ ;;
588			+ *)
589			+ echo "Usage: $0 {start\|stop\|restart\|condrestart\|reload\|reopen\|status}"
590			+ exit 1
591			+ ;;
592			+esac
593			+exit 0