debbie10t <debbie...@gmail.com> on Tue, 2016/12/20 00:32: > On 16/12/16 15:57, Christian Hesse wrote: > > From: Christian Hesse <m...@eworm.de> > > > > Different unit instances create and destroy the same RuntimeDirectory. > > This leads to running instances where the status file (and possibly > > more runtime data) is no longer accessible. > > > > So create a RuntimeDirectory per instance. > > > > Signed-off-by: Christian Hesse <m...@eworm.de> > > --- > > distro/systemd/openvpn-client@.service | 2 +- > > distro/systemd/openvpn-server@.service | 4 ++-- > > 2 files changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/distro/systemd/openvpn-client@.service > > b/distro/systemd/openvpn-client@.service index 5618af3..fcb5302 100644 > > --- a/distro/systemd/openvpn-client@.service > > +++ b/distro/systemd/openvpn-client@.service > > @@ -9,7 +9,7 @@ > > Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO [Service] > > Type=notify > > PrivateTmp=true > > -RuntimeDirectory=openvpn-client > > +RuntimeDirectory=openvpn-client@%i > > RuntimeDirectoryMode=0710 > > WorkingDirectory=/etc/openvpn/client > > ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config > > %i.conf diff --git a/distro/systemd/openvpn-server@.service > > b/distro/systemd/openvpn-server@.service index b9b4dba..8b240cf 100644 > > --- a/distro/systemd/openvpn-server@.service > > +++ b/distro/systemd/openvpn-server@.service > > @@ -9,10 +9,10 @@ > > Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO [Service] > > Type=notify > > PrivateTmp=true > > -RuntimeDirectory=openvpn-server > > +RuntimeDirectory=openvpn-server@%i > > RuntimeDirectoryMode=0710 > > WorkingDirectory=/etc/openvpn/server > > -ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log > > --status-version 2 --suppress-timestamps --config %i.conf > > +ExecStart=/usr/sbin/openvpn --status %t/openvpn-server@%i/status.log > > --status-version 2 --suppress-timestamps --config %i.conf > > CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE > > CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE > > LimitNPROC=10 DeviceAllow=/dev/null rw > > > CentOS 7 (after full update) still only uses systemd version 219 > > This functionality is not introduced until systemd 227 > > https://github.com/systemd/systemd/blob/master/NEWS
Ah, good to know when this was implemented. :-D
But we already know that this does not work for version we want to support.
Thus I had sent a patch with new approach on Dec 16th where RuntimeDirectory
is removed from unit files and directories are handled via tmpfiles.d. Can
you take a look at that one?
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];)
putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
pgpY35vqpn_LT.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/intel
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
