From 8b3e151715db7b76d29411b028f0018cb4a73ea2 Mon Sep 17 00:00:00 2001 From: "Tom \"spot\" Callaway" Date: Fri, 9 Sep 2011 14:23:52 -0400 Subject: [PATCH] convert to systemd --- openvpn-tmpfile.conf | 1 + openvpn.spec | 70 +++++++++++++++++++++++++++++--------------- openvpn@.service | 11 +++++++ 3 files changed, 59 insertions(+), 23 deletions(-) create mode 100644 openvpn-tmpfile.conf create mode 100644 openvpn@.service diff --git a/openvpn-tmpfile.conf b/openvpn-tmpfile.conf new file mode 100644 index 0000000..d5fca71 --- /dev/null +++ b/openvpn-tmpfile.conf @@ -0,0 +1 @@ +D /var/run/openvpn 0710 root openvpn - diff --git a/openvpn.spec b/openvpn.spec index a77fe1b..2d079d0 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -4,7 +4,7 @@ Name: openvpn Version: 2.2.1 -Release: 1%{?prerelease:.%{prerelease}}%{?dist} +Release: 2%{?prerelease:.%{prerelease}}%{?dist} Summary: A full-featured SSL VPN solution URL: http://openvpn.net/ #Source0: http://openvpn.net/beta/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.gz @@ -15,6 +15,11 @@ Source1: http://openvpn.net/signatures/%{name}-%{version}%{?prerelease # Sample 2.0 config files Source2: roadwarrior-server.conf Source3: roadwarrior-client.conf +# Systemd service +Source4: openvpn@.service +# Tmpfile.d config +Source5: %{name}-tmpfile.conf + # Don't start openvpn by default. Patch0: openvpn-init.patch Patch1: openvpn-script-security.patch @@ -22,11 +27,11 @@ Patch2: openvpn-2.1.1-init.patch Patch3: openvpn-2.1.1-initinfo.patch License: GPLv2 Group: Applications/Internet -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-%(id -un) BuildRequires: lzo-devel BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: pkcs11-helper-devel +BuildRequires: systemd-units # For /sbin/ip. BuildRequires: iproute # We need /dev/net/tun. @@ -37,9 +42,10 @@ Requires: iproute # For ifconfig and route. Requires: net-tools Requires(pre): /usr/sbin/useradd -Requires(post): /sbin/chkconfig -Requires(preun): /sbin/chkconfig, /sbin/service -Requires(postun): /sbin/service +Requires(post): systemd-sysv +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units # Filter out the perl(Authen::PAM) dependency. # No perl dependency is really needed at all. @@ -115,12 +121,12 @@ rm -f %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u})-loopback-client \ %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u})-loopback-server %install -rm -rf $RPM_BUILD_ROOT - install -D -m 0644 %{name}.8 $RPM_BUILD_ROOT%{_mandir}/man8/%{name}.8 install -D -m 0755 %{name} $RPM_BUILD_ROOT%{_sbindir}/%{name} -install -D -m 0755 sample-scripts/%{name}.init \ - $RPM_BUILD_ROOT%{_initrddir}/%{name} + +mkdir -p %{buildroot}%{_unitdir} +install -D -m 0755 %{SOURCE4} $RPM_BUILD_ROOT%{_unitdir}/ +rm -rf %{buildroot}%{_initrddir} install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name} mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{name} @@ -135,10 +141,11 @@ for plugin in %{plugins} ; do cp plugin/$plugin/README plugin/$plugin.txt done -mkdir -m 755 -p $RPM_BUILD_ROOT%{_var}/run/%{name} - -%clean -rm -rf $RPM_BUILD_ROOT +# tmpfiles.d +mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d +install -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/tmpfiles.d/%{name}.conf +mkdir -p %{buildroot}%{_localstatedir}/run/ +install -d -m 0710 %{buildroot}%{_localstatedir}/run/%{name}/ %pre getent group openvpn &>/dev/null || groupadd -r openvpn @@ -147,21 +154,34 @@ getent passwd openvpn &>/dev/null || \ -d /etc/openvpn openvpn %post -/sbin/chkconfig --add %{name} +if [ $1 -eq 1 ] ; then + # Initial installation + /bin/systemctl daemon-reload >/dev/null 2>&1 || : +fi %preun -if [ "$1" = 0 ]; then - /sbin/service %{name} stop - /sbin/chkconfig --del %{name} +if [ $1 -eq 0 ] ; then + # Package removal, not upgrade + /bin/systemctl --no-reload disable openvpn.service > /dev/null 2>&1 || : + /bin/systemctl stop openvpn.service > /dev/null 2>&1 || : fi %postun -if [ "$1" -ge 1 ]; then - /sbin/service %{name} condrestart >/dev/null 2>&1 -fi +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +# Normally, we'd try a restart here, but in this case, it could be troublesome. + +%triggerun -- openvpn < 2.2.1-2 +# Save the current service runlevel info +# User must manually run systemd-sysv-convert --apply openvpn +# to migrate them to systemd targets +/usr/bin/systemd-sysv-convert --save openvpn >/dev/null 2>&1 ||: + +# Run these because the SysV package being removed won't do them +/sbin/chkconfig --del openvpn >/dev/null 2>&1 || : +/bin/systemctl try-restart openvpn.service >/dev/null 2>&1 || : + %files -%defattr(-,root,root,0755) %doc AUTHORS COPYING COPYRIGHT.GPL INSTALL PORTS README # Add NEWS when it isn't zero-length. %doc plugin/*.txt @@ -170,11 +190,15 @@ fi %{_sbindir}/%{name} %{_datadir}/%{name}/ %{_libdir}/%{name}/ -%{_initrddir}/%{name} -%{_var}/run/%{name}/ +%{_unitdir}/%{name}@.service +%dir %{_localstatedir}/run/%{name}/ +%config(noreplace) %{_sysconfdir}/tmpfiles.d/%{name}.conf %config %dir %{_sysconfdir}/%{name}/ %changelog +* Fri Sep 9 2011 Tom Callaway 2.2.1-2 +- convert to systemd + * Fri Jul 08 2011 Jon Ciesla 2.2.1-1 - Update to 2.2.1. diff --git a/openvpn@.service b/openvpn@.service new file mode 100644 index 0000000..210e749 --- /dev/null +++ b/openvpn@.service @@ -0,0 +1,11 @@ +[Unit] +Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I +After=syslog.target network.target + +[Service] +Type=forking +PIDFile=/var/run/openvpn/%i.pid +ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf + +[Install] +WantedBy=multi-user.target