On 18/06/2022 10:26, Bo Berglund wrote:
On Wed, 15 Jun 2022 22:58:46 +0200, David Sommerseth
<open...@sf.lists.topphemmelig.net> wrote:
[...snip...]
But will journalctl work independently of the openvpn log option settings, like
verbosity etc?
I have this now in the two instance conf files:
log /etc/openvpn/log/openvpn.log
verb 4
mute 10
and:
log /etc/openvpn/log/ovpn_local.log
verb 4
mute 10
No, it will not work independently. When the --log option is missing,
all logging goes to stdout ("terminal") and that's the output the
journald picks up. The --verb and --mute options will work as expected.
I see you get a recommendation to remove '--suppress-timestamp'. That
is only useful if you decide to use --log. If you let the journal do
that job, it will already provide the timestamps for you. And if you
also have rsyslog installed too, it will pick up journal events and put
these log entries to the configured log files - which will include
timestamps.
Generally speaking, consider the --log option only to be useful on
systems without a system logger available.
[...snip...]
This system was created back in 2016 or thereabouts on an Ubuntu Server system
and has been migrated through the Ubuntu versions since then. Now at Ubuntu
20.04.4 LTS.
So the way of launching the service has also changed ove the years, I only a few
months back moved to using the /etc/openvpn/server and /etc/openvpn/client
directories to store the conf files and modified the startup etc to suit the new
way of operation.
The way I did that:
1) sudo systemctl stop openvpn
sudo systemctl stop openvpn@server.service
sudo systemctl stop openvpn@serverlocal.service
2) sudo systemctl disable openvpn@server.service
sudo systemctl disable openvpn@serverlocal.service
sudo systemctl disable openvpn.service
3) Edit /etc/default/openvpn and comment out the AUTOSTART line
4) sudo mkdir /etc/openvpn/client
sudo mkdir /etc/openvpn/server
5) sudo mv /etc/openvpn/server*.conf /etc/openvpn/server/
6) sudo systemctl enable --now openvpn-server@server
sudo systemctl enable --now openvpn-server@serverlocal
It seemed to work, but you might have spotted a flaw in this migration, so
please advice how to actually disable/mask the offending services.
I would consider running:
systemctl mask openvpn.service openvpn@.service
And here's a another systemd trick ... with upstart/sysv init scripts,
you had the 'service' helper.
# service openvpn start
Which is essentially has this semantic: 'service SUBJECT VERB'. This
was changed with systemctl, so you now have: 'systemctl VERB SUBJECTS'
where you can list more SUBJECTS and perform the same VERB operation on
them all. So your step 1) can be done like this:
# systemctl stop \
openvpn openvpn@server.service openvpn@serverlocal.service
--
kind regards,
David Sommerseth
OpenVPN Inc
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
