/[smecontribs]/rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s-0.2-Alter-for-systemd-startup.patch
ViewVC logotype

Contents of /rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s-0.2-Alter-for-systemd-startup.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Fri Feb 5 12:17:48 2021 UTC (3 years, 9 months ago) by brianr
Branch: MAIN
CVS Tags: smeserver-openvpn-s2s-0_2-13_el7_sme, smeserver-openvpn-s2s-0_2-16_el7_sme, smeserver-openvpn-s2s-0_2-10_el7_sme, smeserver-openvpn-s2s-0_2-17_el7_sme, smeserver-openvpn-s2s-0_2-11_el7_sme, smeserver-openvpn-s2s-0_2-14_el7_sme, smeserver-openvpn-s2s-0_2-15_el7_sme, smeserver-openvpn-s2s-0_2-18_el7_sme, smeserver-openvpn-s2s-0_2-19_el7_sme, smeserver-openvpn-s2s-0_2-20_el7_sme, smeserver-openvpn-s2s-0_2-9_el7_sme, smeserver-openvpn-s2s-0_2-12_el7_sme, HEAD
* Thu Feb 04 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-9.sme
- Initial import to SME10 [SME: 11337]
- Alter-for-systemd-startup

1 diff -urN smeserver-openvpn-s2s-0.2.old/createlinks smeserver-openvpn-s2s-0.2/createlinks
2 --- smeserver-openvpn-s2s-0.2.old/createlinks 2013-11-11 17:33:06.000000000 +0000
3 +++ smeserver-openvpn-s2s-0.2/createlinks 2021-02-05 12:15:06.887220117 +0000
4 @@ -5,9 +5,9 @@
5 safe_symlink("restart", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/openvpn-s2s");
6 safe_symlink("adjust", "root/etc/e-smith/events/openvpn-s2s-update/services2adjust/masq");
7
8 -service_link_enhanced("openvpn-s2s", "S80", "7");
9 -service_link_enhanced("openvpn-s2s", "K25", "6");
10 -service_link_enhanced("openvpn-s2s", "K25", "0");
11 +#service_link_enhanced("openvpn-s2s", "S80", "7");
12 +#service_link_enhanced("openvpn-s2s", "K25", "6");
13 +#service_link_enhanced("openvpn-s2s", "K25", "0");
14
15 event_link("openvpn-s2s-delete-networks", "openvpn-s2s-update", "10");
16 event_link("openvpn-s2s-genconf", "openvpn-s2s-update", "20");
17 @@ -20,3 +20,26 @@
18
19 panel_link("openvpns2s", 'manager');
20
21 +# our event specific for updating with yum without reboot
22 +$event = "smeserver-openvpn-s2s-update";
23 +#add here the path to your templates needed to expand
24 +#see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event
25 +
26 +foreach my $file (qw(
27 + /etc/systemd/system-preset/49-koozali.preset
28 + /etc/rc.d/init.d/masq
29 + /etc/crontab
30 +
31 +))
32 +{
33 + templates2events( $file, $event );
34 +}
35 +
36 +#action needed in case we have a systemd unit
37 +event_link("systemd-default", $event, "10");
38 +event_link("systemd-reload", $event, "50");
39 +
40 +#action specific to this package
41 +event_link("openvpn-s2s-update", $event, "60");
42 +#services we need to restart
43 +safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/openvpn-s2s");
44 diff -urN smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s
45 --- smeserver-openvpn-s2s-0.2.old/root/etc/rc.d/init.d/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100
46 +++ smeserver-openvpn-s2s-0.2/root/etc/rc.d/init.d/openvpn-s2s 1970-01-01 01:00:00.000000000 +0100
47 @@ -1,264 +0,0 @@
48 -#!/bin/sh
49 -#
50 -# openvpn This shell script takes care of starting and stopping
51 -# openvpn on RedHat or other chkconfig-based system.
52 -#
53 -# chkconfig: - 24 76
54 -#
55 -# processname: openvpn
56 -# description: OpenVPN is a robust and highly flexible tunneling \
57 -# application that uses all of the encryption, \
58 -# authentication, and certification features of the OpenSSL \
59 -# library to securely tunnel IP networks over a single UDP \
60 -# port.
61 -#
62 -
63 -### BEGIN INIT INFO
64 -# Provides: openvpn
65 -# Required-Start: $network
66 -# Required-Stop: $network
67 -# Short-Description: start and stop openvpn
68 -# Description: OpenVPN is a robust and highly flexible tunneling \
69 -# application that uses all of the encryption, \
70 -# authentication, and certification features of the OpenSSL \
71 -# library to securely tunnel IP networks over a single UDP \
72 -# port.
73 -### END INIT INFO
74 -
75 -
76 -# Contributed to the OpenVPN project by
77 -# Douglas Keller <doug@voidstar.dyndns.org>
78 -# 2002.05.15
79 -
80 -# To install:
81 -# copy this file to /etc/rc.d/init.d/openvpn
82 -# shell> chkconfig --add openvpn
83 -# shell> mkdir /etc/openvpn
84 -# make .conf or .sh files in /etc/openvpn (see below)
85 -
86 -# To uninstall:
87 -# run: chkconfig --del openvpn
88 -
89 -# Author's Notes:
90 -#
91 -# I have created an /etc/init.d init script and enhanced openvpn.spec to
92 -# automatically register the init script. Once the RPM is installed you
93 -# can start and stop OpenVPN with "service openvpn start" and "service
94 -# openvpn stop".
95 -#
96 -# The init script does the following:
97 -#
98 -# - Starts an openvpn process for each .conf file it finds in
99 -# /etc/openvpn.
100 -#
101 -# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
102 -# it before starting openvpn (useful for doing openvpn --mktun...).
103 -#
104 -# - In addition to start/stop you can do:
105 -#
106 -# service openvpn reload - SIGHUP
107 -# service openvpn reopen - SIGUSR1
108 -# service openvpn status - SIGUSR2
109 -#
110 -# Modifications:
111 -#
112 -# 2003.05.02
113 -# * Changed == to = for sh compliance (Bishop Clark).
114 -# * If condrestart|reload|reopen|status, check that we were
115 -# actually started (James Yonan).
116 -# * Added lock, piddir, and work variables (James Yonan).
117 -# * If start is attempted twice, without an intervening stop, or
118 -# if start is attempted when previous start was not properly
119 -# shut down, then kill any previously started processes, before
120 -# commencing new start operation (James Yonan).
121 -# * Do a better job of flagging errors on start, and properly
122 -# returning success or failure status to caller (James Yonan).
123 -#
124 -# 2005.04.04
125 -# * Added openvpn-startup and openvpn-shutdown script calls
126 -# (James Yonan).
127 -#
128 -
129 -# Location of openvpn binary
130 -openvpn=""
131 -openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
132 -for location in $openvpn_locations
133 -do
134 - if [ -f "$location" ]
135 - then
136 - openvpn=$location
137 - fi
138 -done
139 -
140 -# Lockfile
141 -lock="/var/lock/subsys/openvpn-s2s"
142 -
143 -# PID directory
144 -piddir="/var/run/openvpn-s2s"
145 -
146 -# Our working directory
147 -work=/etc/openvpn/s2s
148 -
149 -# Source function library.
150 -. /etc/rc.d/init.d/functions
151 -
152 -# Source networking configuration.
153 -. /etc/sysconfig/network
154 -
155 -# Check that networking is up.
156 -if [ ${NETWORKING} = "no" ]
157 -then
158 - echo "Networking is down"
159 - exit 0
160 -fi
161 -
162 -# Check that binary exists
163 -if ! [ -f $openvpn ]
164 -then
165 - echo "openvpn binary not found"
166 - exit 0
167 -fi
168 -
169 -# See how we were called.
170 -case "$1" in
171 - start)
172 - echo -n $"Starting openvpn-s2s: "
173 -
174 - /sbin/modprobe tun >/dev/null 2>&1
175 -
176 - # From a security perspective, I think it makes
177 - # sense to remove this, and have users who need
178 - # it explictly enable in their --up scripts or
179 - # firewall setups.
180 -
181 - echo 1 > /proc/sys/net/ipv4/ip_forward
182 -
183 - # Run startup script, if defined
184 - if [ -f $work/openvpn-startup ]; then
185 - $work/openvpn-startup
186 - fi
187 -
188 - if [ ! -d $piddir ]; then
189 - mkdir $piddir
190 - fi
191 -
192 - if [ -f $lock ]; then
193 - # we were not shut down correctly
194 - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
195 - if [ -s $pidf ]; then
196 - kill `cat $pidf` >/dev/null 2>&1
197 - fi
198 - rm -f $pidf
199 - done
200 - rm -f $lock
201 - sleep 2
202 - fi
203 -
204 - rm -f $piddir/*.pid
205 - cd $work
206 -
207 - # Start every .conf in $work and run .sh if exists
208 - errors=0
209 - successes=0
210 - for c in `/bin/ls *.conf 2>/dev/null`; do
211 - bn=${c%%.conf}
212 - if [ -f "$bn.sh" ]; then
213 - . ./$bn.sh
214 - fi
215 - rm -f $piddir/$bn.pid
216 - # Handle backward compatibility, see Red Hat Bugzilla ID #458594
217 - script_security=''
218 - if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
219 - script_security="--script-security 2"
220 - fi
221 - $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
222 - if [ $? = 0 ]; then
223 - successes=1
224 - else
225 - errors=1
226 - fi
227 - done
228 -
229 - if [ $errors = 1 ]; then
230 - failure; echo
231 - else
232 - success; echo
233 - fi
234 -
235 - if [ $successes = 1 ]; then
236 - touch $lock
237 - fi
238 - ;;
239 - stop)
240 - echo -n $"Shutting down openvpn: "
241 - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
242 - if [ -s $pidf ]; then
243 - kill `cat $pidf` >/dev/null 2>&1
244 - fi
245 - rm -f $pidf
246 - done
247 -
248 - # Run shutdown script, if defined
249 - if [ -f $work/openvpn-shutdown ]; then
250 - $work/openvpn-shutdown
251 - fi
252 -
253 - success; echo
254 - rm -f $lock
255 - ;;
256 - restart)
257 - $0 stop
258 - sleep 2
259 - $0 start
260 - ;;
261 - reload)
262 - if [ -f $lock ]; then
263 - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
264 - if [ -s $pidf ]; then
265 - kill -HUP `cat $pidf` >/dev/null 2>&1
266 - fi
267 - done
268 - else
269 - echo "openvpn: service not started"
270 - exit 1
271 - fi
272 - ;;
273 - reopen)
274 - if [ -f $lock ]; then
275 - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
276 - if [ -s $pidf ]; then
277 - kill -USR1 `cat $pidf` >/dev/null 2>&1
278 - fi
279 - done
280 - else
281 - echo "openvpn: service not started"
282 - exit 1
283 - fi
284 - ;;
285 - condrestart)
286 - if [ -f $lock ]; then
287 - $0 stop
288 - # avoid race
289 - sleep 2
290 - $0 start
291 - fi
292 - ;;
293 - status)
294 - if [ -f $lock ]; then
295 - for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
296 - if [ -s $pidf ]; then
297 - kill -USR2 `cat $pidf` >/dev/null 2>&1
298 - fi
299 - done
300 - echo "Status written to /var/log/messages"
301 - else
302 - echo "openvpn: service not started"
303 - exit 1
304 - fi
305 - ;;
306 - *)
307 - echo "Usage: $0 {start|stop|restart|condrestart|reload|reopen|status}"
308 - exit 1
309 - ;;
310 -esac
311 -exit 0
312 diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service
313 --- smeserver-openvpn-s2s-0.2.old/root/usr/lib/systemd/system/openvpn-s2s.service 1970-01-01 01:00:00.000000000 +0100
314 +++ smeserver-openvpn-s2s-0.2/root/usr/lib/systemd/system/openvpn-s2s.service 2021-02-05 11:30:28.759674345 +0000
315 @@ -0,0 +1,10 @@
316 +[Unit]
317 +Description=OpenVPN Server to Server
318 +After=network.service
319 +[Service]
320 +Type=forking
321 +ExecStart=/usr/sbin/systemd/openvpn-s2s start
322 +ExecStop=/usr/sbin/systemd/openvpn-s2s stop
323 +[Install]
324 +WantedBy=sme-server.target
325 +
326 diff -urN smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s
327 --- smeserver-openvpn-s2s-0.2.old/root/usr/sbin/systemd/openvpn-s2s 1970-01-01 01:00:00.000000000 +0100
328 +++ smeserver-openvpn-s2s-0.2/root/usr/sbin/systemd/openvpn-s2s 2010-10-16 16:56:47.000000000 +0100
329 @@ -0,0 +1,264 @@
330 +#!/bin/sh
331 +#
332 +# openvpn This shell script takes care of starting and stopping
333 +# openvpn on RedHat or other chkconfig-based system.
334 +#
335 +# chkconfig: - 24 76
336 +#
337 +# processname: openvpn
338 +# description: OpenVPN is a robust and highly flexible tunneling \
339 +# application that uses all of the encryption, \
340 +# authentication, and certification features of the OpenSSL \
341 +# library to securely tunnel IP networks over a single UDP \
342 +# port.
343 +#
344 +
345 +### BEGIN INIT INFO
346 +# Provides: openvpn
347 +# Required-Start: $network
348 +# Required-Stop: $network
349 +# Short-Description: start and stop openvpn
350 +# Description: OpenVPN is a robust and highly flexible tunneling \
351 +# application that uses all of the encryption, \
352 +# authentication, and certification features of the OpenSSL \
353 +# library to securely tunnel IP networks over a single UDP \
354 +# port.
355 +### END INIT INFO
356 +
357 +
358 +# Contributed to the OpenVPN project by
359 +# Douglas Keller <doug@voidstar.dyndns.org>
360 +# 2002.05.15
361 +
362 +# To install:
363 +# copy this file to /etc/rc.d/init.d/openvpn
364 +# shell> chkconfig --add openvpn
365 +# shell> mkdir /etc/openvpn
366 +# make .conf or .sh files in /etc/openvpn (see below)
367 +
368 +# To uninstall:
369 +# run: chkconfig --del openvpn
370 +
371 +# Author's Notes:
372 +#
373 +# I have created an /etc/init.d init script and enhanced openvpn.spec to
374 +# automatically register the init script. Once the RPM is installed you
375 +# can start and stop OpenVPN with "service openvpn start" and "service
376 +# openvpn stop".
377 +#
378 +# The init script does the following:
379 +#
380 +# - Starts an openvpn process for each .conf file it finds in
381 +# /etc/openvpn.
382 +#
383 +# - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
384 +# it before starting openvpn (useful for doing openvpn --mktun...).
385 +#
386 +# - In addition to start/stop you can do:
387 +#
388 +# service openvpn reload - SIGHUP
389 +# service openvpn reopen - SIGUSR1
390 +# service openvpn status - SIGUSR2
391 +#
392 +# Modifications:
393 +#
394 +# 2003.05.02
395 +# * Changed == to = for sh compliance (Bishop Clark).
396 +# * If condrestart|reload|reopen|status, check that we were
397 +# actually started (James Yonan).
398 +# * Added lock, piddir, and work variables (James Yonan).
399 +# * If start is attempted twice, without an intervening stop, or
400 +# if start is attempted when previous start was not properly
401 +# shut down, then kill any previously started processes, before
402 +# commencing new start operation (James Yonan).
403 +# * Do a better job of flagging errors on start, and properly
404 +# returning success or failure status to caller (James Yonan).
405 +#
406 +# 2005.04.04
407 +# * Added openvpn-startup and openvpn-shutdown script calls
408 +# (James Yonan).
409 +#
410 +
411 +# Location of openvpn binary
412 +openvpn=""
413 +openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
414 +for location in $openvpn_locations
415 +do
416 + if [ -f "$location" ]
417 + then
418 + openvpn=$location
419 + fi
420 +done
421 +
422 +# Lockfile
423 +lock="/var/lock/subsys/openvpn-s2s"
424 +
425 +# PID directory
426 +piddir="/var/run/openvpn-s2s"
427 +
428 +# Our working directory
429 +work=/etc/openvpn/s2s
430 +
431 +# Source function library.
432 +. /etc/rc.d/init.d/functions
433 +
434 +# Source networking configuration.
435 +. /etc/sysconfig/network
436 +
437 +# Check that networking is up.
438 +if [ ${NETWORKING} = "no" ]
439 +then
440 + echo "Networking is down"
441 + exit 0
442 +fi
443 +
444 +# Check that binary exists
445 +if ! [ -f $openvpn ]
446 +then
447 + echo "openvpn binary not found"
448 + exit 0
449 +fi
450 +
451 +# See how we were called.
452 +case "$1" in
453 + start)
454 + echo -n $"Starting openvpn-s2s: "
455 +
456 + /sbin/modprobe tun >/dev/null 2>&1
457 +
458 + # From a security perspective, I think it makes
459 + # sense to remove this, and have users who need
460 + # it explictly enable in their --up scripts or
461 + # firewall setups.
462 +
463 + echo 1 > /proc/sys/net/ipv4/ip_forward
464 +
465 + # Run startup script, if defined
466 + if [ -f $work/openvpn-startup ]; then
467 + $work/openvpn-startup
468 + fi
469 +
470 + if [ ! -d $piddir ]; then
471 + mkdir $piddir
472 + fi
473 +
474 + if [ -f $lock ]; then
475 + # we were not shut down correctly
476 + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
477 + if [ -s $pidf ]; then
478 + kill `cat $pidf` >/dev/null 2>&1
479 + fi
480 + rm -f $pidf
481 + done
482 + rm -f $lock
483 + sleep 2
484 + fi
485 +
486 + rm -f $piddir/*.pid
487 + cd $work
488 +
489 + # Start every .conf in $work and run .sh if exists
490 + errors=0
491 + successes=0
492 + for c in `/bin/ls *.conf 2>/dev/null`; do
493 + bn=${c%%.conf}
494 + if [ -f "$bn.sh" ]; then
495 + . ./$bn.sh
496 + fi
497 + rm -f $piddir/$bn.pid
498 + # Handle backward compatibility, see Red Hat Bugzilla ID #458594
499 + script_security=''
500 + if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
501 + script_security="--script-security 2"
502 + fi
503 + $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work $script_security
504 + if [ $? = 0 ]; then
505 + successes=1
506 + else
507 + errors=1
508 + fi
509 + done
510 +
511 + if [ $errors = 1 ]; then
512 + failure; echo
513 + else
514 + success; echo
515 + fi
516 +
517 + if [ $successes = 1 ]; then
518 + touch $lock
519 + fi
520 + ;;
521 + stop)
522 + echo -n $"Shutting down openvpn: "
523 + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
524 + if [ -s $pidf ]; then
525 + kill `cat $pidf` >/dev/null 2>&1
526 + fi
527 + rm -f $pidf
528 + done
529 +
530 + # Run shutdown script, if defined
531 + if [ -f $work/openvpn-shutdown ]; then
532 + $work/openvpn-shutdown
533 + fi
534 +
535 + success; echo
536 + rm -f $lock
537 + ;;
538 + restart)
539 + $0 stop
540 + sleep 2
541 + $0 start
542 + ;;
543 + reload)
544 + if [ -f $lock ]; then
545 + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
546 + if [ -s $pidf ]; then
547 + kill -HUP `cat $pidf` >/dev/null 2>&1
548 + fi
549 + done
550 + else
551 + echo "openvpn: service not started"
552 + exit 1
553 + fi
554 + ;;
555 + reopen)
556 + if [ -f $lock ]; then
557 + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
558 + if [ -s $pidf ]; then
559 + kill -USR1 `cat $pidf` >/dev/null 2>&1
560 + fi
561 + done
562 + else
563 + echo "openvpn: service not started"
564 + exit 1
565 + fi
566 + ;;
567 + condrestart)
568 + if [ -f $lock ]; then
569 + $0 stop
570 + # avoid race
571 + sleep 2
572 + $0 start
573 + fi
574 + ;;
575 + status)
576 + if [ -f $lock ]; then
577 + for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
578 + if [ -s $pidf ]; then
579 + kill -USR2 `cat $pidf` >/dev/null 2>&1
580 + fi
581 + done
582 + echo "Status written to /var/log/messages"
583 + else
584 + echo "openvpn: service not started"
585 + exit 1
586 + fi
587 + ;;
588 + *)
589 + echo "Usage: $0 {start|stop|restart|condrestart|reload|reopen|status}"
590 + exit 1
591 + ;;
592 +esac
593 +exit 0

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed