diff options
author | Christian Hesse | 2016-12-01 22:31:04 +0100 |
---|---|---|
committer | David Sommerseth | 2016-12-01 23:46:06 +0100 |
commit | 7660bba111f739f9cc7017c392c1434f201b8c44 (patch) | |
tree | 6cc9a557b65a37bc080c79890271e69bada6dfd5 | |
parent | c5931897ae8d663e7e6244764fc6379d7b4740f3 (diff) | |
download | openvpn-7660bba111f739f9cc7017c392c1434f201b8c44.zip openvpn-7660bba111f739f9cc7017c392c1434f201b8c44.tar.gz |
Refuse to daemonize when running from systemd
We start with systemd Type=notify, so refuse to daemonize. This does not
affect starting openvpn from script or command line.
v2: Update commit message about script and command line.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-By: Richard Bonhomme <fragmentux@gmail.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20161201213104.5667-2-list@eworm.de>
URL: http://www.mail-archive.com/search?l=mid&q=20161201213104.5667-2-list@eworm.de
Signed-off-by: David Sommerseth <davids@openvpn.net>
-rw-r--r-- | distro/systemd/openvpn-client@.service | 1 | ||||
-rw-r--r-- | distro/systemd/openvpn-server@.service | 1 | ||||
-rw-r--r-- | src/openvpn/init.c | 7 |
3 files changed, 7 insertions, 2 deletions
diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service index f64a239..5618af3 100644 --- a/distro/systemd/openvpn-client@.service +++ b/distro/systemd/openvpn-client@.service @@ -12,7 +12,6 @@ PrivateTmp=true RuntimeDirectory=openvpn-client RuntimeDirectoryMode=0710 WorkingDirectory=/etc/openvpn/client -ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE LimitNPROC=10 diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service index 890e6a9..b9b4dba 100644 --- a/distro/systemd/openvpn-server@.service +++ b/distro/systemd/openvpn-server@.service @@ -12,7 +12,6 @@ PrivateTmp=true RuntimeDirectory=openvpn-server RuntimeDirectoryMode=0710 WorkingDirectory=/etc/openvpn/server -ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE LimitNPROC=10 diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f99c934..74f1139 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -930,6 +930,13 @@ bool possibly_become_daemon (const struct options *options) { bool ret = false; + +#ifdef ENABLE_SYSTEMD + /* return without forking if we are running from systemd */ + if (sd_notify(0, "READY=0") > 0) + return ret; +#endif + if (options->daemon) { ASSERT (!options->inetd); |