Hi, On 03/07/18 16:23, David Sommerseth wrote: > TL;DR: Reduce the possibility to run scripts to an absolute minimum (if at > all). If having this possibility run them with as few privileges as possible, > and scripts to run is preferred to be configured outside of the OpenVPN > configuration file. > > The latter argument of configuring scripts outside of the configuration file > is simply trying to end up with a single configuration file which would be > functional on all devices. A configuration file with Windows scripts won't > work on a non-Windows box and vice versa - some configuration files might not > even work across Linux distributions even. So let the OpenVPN configuration > files be as generic as possible, focusing on getting a connection to a remote > server. And configure the rest outside of the OpenVPN configuration profile. >
I have previously proposed to use an udev-compatible mechanism to run scripts. In this scenario OpenVPN only needs to trigger "signals" and then whoever is listening (i.e. udev/hotplug) will take care of handling them. This could even be DBus driven. However, this can work on Linux. Anybody knows of a similar mechanism for Windows and macOS? Cheers, -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
