sshd vs openvpn
Elan Ruusamäe
glen at pld-linux.org
Tue Oct 7 11:59:16 CEST 2008
On Tuesday 07 October 2008 11:14:22 Przemyslaw Iskra wrote:
> On Tue, Oct 07, 2008 at 04:57:48AM +0300, Elan Ruusamäe wrote:
> > hi
> >
> > we had suffered one incident when one server did not came "up" because
> > openvpn had server certificate which was protected by password and
> > therefore it was waiting for password input and no other service (sshd
> > was crucial) was not brought up until someone pressed enter.
>
> how about supplying --askpass /dev/null in default args ? or add some
> --no-interactive option to openvpn code.
i wonder, is it possible to check that the status is "initial bootup seqence".
check for /dev/fd/0, or check for runlevel, or sth?
> I think startup scripts should never wait for user input, and that
> would co it.
i would agree, but how then you start openvpn if you intentionally want to
have passphrase on the keyfile? (same goes for apache,...)
--
glen
More information about the pld-devel-en
mailing list