Heinrich Rebehn wrote:
Martin Gignac wrote:
On 10/23/06, Heinrich Rebehn <[EMAIL PROTECTED]> wrote:

Shouldn't openvpn write to /var/db or /var/log?

I don't know if these locations can be hardcoded at compile time, but
from the stock OpenBSD OpenVPN package that I use (2.0.6) it seems
that files will be read/written relative to the CWD when the process
was started. I usually specify an absolute path for the
'ifconfig-pool-persist' and 'status' parameters so that files are
written to /var/db and /var/log.

-Martin

Thanks for your reply, Martin. Seems it is time to have a closer look at the 100 cmdline switches of openvpn ;-)

Here's how I start it on my machine. From /etc/rc.local

if [ -x /usr/local/sbin/openvpn ]; then
        echo -n ' openvpn'
        mkdir -p /var/run/openvpn && chown nobody /var/run/openvpn
        /usr/local/sbin/openvpn --daemon \
                --cd /etc/openvpn --config server.conf
fi

And excerpts from /etc/openvpn/server.conf

ifconfig-pool-persist   /var/run/openvpn/ip.pool
status                  /var/run/openvpn/status.log
writepid                /var/run/openvpn/openvpn.pid

As you know, /var/run gets cleaned at boot time by /etc/rc
None of these files need to be persistent over reboots so /var/run/openvpn seems like a sensible path for them.

If you want to keep ifconfig-pool-persist file. Then place it into /var/db/openvpn/ (don't forget to create the directory)

Reply via email to