--Am Montag, 2. Mai 2005 13:20 -0600 James Yonan <j...@yonan.net> schrieb:
Interesting idea for when the client is local to the OpenVPN daemon. I'm thinking this would be a 2.1 thing.
I've done this because the webgui (with mini_httpd) runs on a very stripped down busybox system. The whole system is based on fli4l and targeted for novice users. Each question you asked to configure an item is a question to ask for trouble :) So, running the console on a port the OS choose is a good idea I thought.
* Does your code survive a SIGUSR1 when root has been dropped or chroot
All my OpenVPN processes run chroot/nobody and a SIGUSR1 seems to not change the management port. Indeed I've looked at the code and it seems to me the management interface is initialized once at startup. The webgui never sees an interrupted sessions if a user sends a "signal SIGUSR1" via the management interface. But I've just tested it, there seems to be no problem.
root-drop/chroot. I think you are probably okay here because the place where you are writing the port number I believe is only called on initialization.
It seems you're right.
* Some stray text in the can't open error message: "Open error on pid file".
Feel free to provide a better message. I'm glad that you're able to understand me at least :)
-- Claas Hilbrecht http://www.jucs-kramkiste.de
