Re: [Openvpn-devel] Ubuntu 18.04 packages available for testing

Sun, 30 Dec 2018 15:10:27 -0800 

On 30/12/2018 13:37, Samuli Seppänen wrote:
> Il 28/12/18 16:21, tincanteksup ha scritto:
>> Hi,
>>
>> On 27/12/2018 18:11, Samuli Seppänen wrote:
>>> Hi,
>>>
>>> I've produced OpenVPN 2.4.6 packages for Ubuntu 18.04 and they're now
>>> available here:
>>>
>>> https://build.openvpn.net/downloads/temp/
>>>
>>> The Debian packaging files are taken from Ubuntu's own 18.04 openvpn
>>> package. They already used our openvpn-client@.service and
>>> openvpn-server@.service so I only need to make a few enhancements:
>>>
>>> - Restart active VPN client and server instances on upgrade
>>> - Stop activate VPN client and server instances on uninstall
>>>
>>> I also tested upgrading from Ubuntu's own openvpn package and that
>>> worked fine.
>>>
>>> Let me know if these packages work for you or if they don't. I'd like to
>>> get the to our official apt repositories soon.
>>>
>>
>> Successfully installed openvpn_2.4.6-bionic0_amd64.deb in Ubuntu 18.04,
>> tested newly installed openvpn-client@.service which worked correctly.
> 
> Excellent! The openvpn-client@ and openvpn-server@ unit file templates
> "sneak in" to the Debian package from our upstream tarball. When looking
> at the Debian packaging files there's absolutely no sign of them. But
> they get installed and seem to work, including the tmpfiles configuration.
Those new service files are the ones everyone should use.  In our own
packaging, we should abandon the b0rken unit files from the old-days Debian
packages.  This is especially true for OpenVPN 2.4+ when built with
--enable-systemd (which should be mandatory on systemd systems!).  The reason
is that it uses much better systemd integration which allows systemd to
understand better what openvpn is doing and when it fails.  Plus, the openvpn
process is being run with lesser privileges as well and for openvpn-server@ it
will even attempt to restart automatically the server instance if it dies
unexpectedly.

And IIRC, we managed to get the new unit files into the Debian openvpn 2.4
package.  And I just hope that they are updated with whatever we provide in
our tarballs; if not - it might be considered broken packaging.  The reason
you'll find the b0rken unit files in the upstream Debian packages is to not
break old existing installs.  Which is nice, just that it behaves broken
regardless.

So if anyone is in doubt ... UPGRADE to the openvpn-{server,client}@.service
unit files ASAP.


-- 
kind regards,

David Sommerseth
OpenVPN Inc

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel






















					Reply via email to