--- rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s.spec	2021/02/04 16:21:25	1.1
+++ rpms/smeserver-openvpn-s2s/contribs10/smeserver-openvpn-s2s.spec	2021/04/02 02:12:09	1.6
@@ -1,4 +1,4 @@
-# $Id: smeserver-openvpn-s2s.spec,v 1.9 2017/12/02 06:28:56 cvsuser Exp $
+# $Id: smeserver-openvpn-s2s.spec,v 1.5 2021/03/31 20:54:55 jpp Exp $
 # Authority: vip-ire
 # Name: Daniel Berteaud
 
@@ -6,7 +6,7 @@ Summary: OpenVPN, a strong VPN solution
 %define name smeserver-openvpn-s2s
 Name: %{name}
 %define version 0.2
-%define release 8
+%define release 13
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -18,6 +18,8 @@ Patch1: smeserver-openvpn-s2s-0.2-locale
 Patch2: smeserver-openvpn-s2s-0.2-locale-2015-07-01.patch
 Patch3: smeserver-openvpn-s2s-0.2-fix_daemon_id_validation.patch
 Patch4: smeserver-openvpn-s2s-0.2-locale-2017-12-02.patch
+Patch5: smeserver-openvpn-s2s-0.2-Alter-for-systemd-startup.patch
+Patch6: smeserver-openvpn-s2s-0.2-sme10.patch
 
 BuildArchitectures: noarch
 
@@ -32,6 +34,25 @@ This package contains all the needed scr
 to run openvpn in client or server mode for site to site tunnels
 
 %changelog
+* Thu Apr 01 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-13.sme
+- fix permission on log dir [SME: 11516]
+
+* Wed Mar 31 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-12.sme
+- fix typos [SME: 11498]
+
+* Tue Mar 30 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-11.sme
+- enforce better cipher with settings [SME: 11498]
+- enforce better HMAC with setting [SME: 11498]
+- enforce TLS 1.2 or better with setting [SME: 11498]
+- enforce strong TLS ciphers with setting [SME: 11498]
+- better list of vpn connections [SME: 11337]
+- allow soft reload of individual connection [SME: 11337]
+- fix incorect permission on private keys [SME: 11337]
+
+* Thu Feb 04 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-9.sme
+- Initial import to SME10 [SME: 11337]
+- Alter-for-systemd-startup
+
 * Sat Dec 02 2017 SME Translation Server <translations@contribs.org> 0.2-8.sme
 - apply locale 2017-12-02 patch
 
@@ -138,6 +159,8 @@ to run openvpn in client or server mode
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
+%patch6 -p1
 
 %build
 perl createlinks
@@ -152,18 +175,20 @@ perl createlinks
 %install
 /bin/rm -rf $RPM_BUILD_ROOT
 (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
+/bin/chmod +x $RPM_BUILD_ROOT/usr/sbin/systemd/openvpn-s2s
 /bin/rm -f %{name}-%{version}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
   --dir /etc/openvpn/s2s/pub 'attr(0755,root,root)' \
   --dir /etc/openvpn/s2s/priv 'attr(0750,root,root)' \
   --dir /etc/openvpn/s2s/tmp 'attr(0750,root,root)' \
-  --dir /var/log/openvpn-s2s 'attr(0770,root,nobody)' \
+  --dir /var/log/openvpn-s2s 'attr(0770,root,root)' \
   --file /etc/openvpn/s2s/bin/up 'attr(4750,root,openvpn)' \
   > %{name}-%{version}-filelist
 
 %files -f %{name}-%{version}-filelist
 %defattr(-,root,root)
 
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -171,6 +196,6 @@ rm -rf $RPM_BUILD_ROOT
 if [ \! -c /etc/openvpn/s2s/dev/urandom ]; then
     mknod -m 0444 /etc/openvpn/s2s/dev/urandom c 1 9
 fi
-
+#chown root:root /var/log/openvpn-s2s
 %preun