On 06/08/18 14:16, Bernhard Schmidt wrote:
I have changed the script to test if a service file exist at
/etc/systemd/system.
Are you both sure this is necessary?
To my knowledge the symlink tells systemd to start openvpn@.service with
the service definition in memory. It does not tell it to start
openvpn@.service with the service definition in the file returned by
readlink(). AFAIK, unless it's /dev/null, the target of the symlink is
irrelevant.
Unfortunately it is necessary. I debugged this issue on 2 separate
devices and unless the symlink created under /run/systemd/generator
links to the custom file in /etc/systemd/system, it would start
openvpn@foo tunnels with the service file from /lib. This was apparent
in systemctl status openvpn@foo. No amount of deleting and recreating
the /etc/systemd/system/openvpn@.service file nor (re)enabling the
openvpn@foo service would fix this.
It may be the case that it does not happen all the time - I've used this
config before and did not run into this then - but I could not figure
out why exactly. Perhaps only in some cases systemd looks at
/run/systemd/generator/*.target.wants/* over
/etc/systemd/system/*.target.wants/*
Note though that this only happens if the generator is being activated,
which depends on /etc/default/openvpn existing && AUTOSTART being unset
or being set to "all" or some subset of VPN configs.
--
Met vriendelijke groet,
Gerben Meijer
Day by Day