[packages/openvpn] - up to 2.4.4; update systemd options from upstream

arekm arekm at pld-linux.org
Sun Nov 5 11:55:42 CET 2017 

commit 7d0baea581dd6bdd142bc85eee8a6a822ad26477
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Sun Nov 5 11:55:35 2017 +0100

    - up to 2.4.4; update systemd options from upstream

 openvpn.spec     |  4 ++--
 openvpn at .service | 14 ++++++++++++--
 2 files changed, 14 insertions(+), 4 deletions(-)
---
diff --git a/openvpn.spec b/openvpn.spec
index ce2c557..f374b69 100644
--- a/openvpn.spec
+++ b/openvpn.spec
@@ -6,12 +6,12 @@
 Summary:	VPN Daemon
 Summary(pl.UTF-8):	Serwer VPN
 Name:		openvpn
-Version:	2.4.3
+Version:	2.4.4
 Release:	1
 License:	GPL v2
 Group:		Networking/Daemons
 Source0:	http://swupdate.openvpn.net/community/releases/%{name}-%{version}.tar.xz
-# Source0-md5:	fc49c83ebf85236c735b403fc8293697
+# Source0-md5:	7a2002aad1671b24457bc9432a0c5c52
 Source1:	%{name}.init
 Source2:	%{name}.sysconfig
 Source3:	%{name}.tmpfiles
diff --git a/openvpn at .service b/openvpn at .service
index 4a2db14..a76da7f 100644
--- a/openvpn at .service
+++ b/openvpn at .service
@@ -3,14 +3,24 @@ Description=OpenVPN tunnel on %I
 Requires=openvpn.target
 After=openvpn.target
 PropagateReloadFrom=openvpn.target
+Documentation=man:openvpn(8)
+Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
 
 [Service]
-Type=forking
+Type=notify
 PrivateTmp=true
 EnvironmentFile=-/etc/sysconfig/openvpn
 PIDFile=/var/run/openvpn/%i.pid
-ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --config /etc/openvpn/%i.conf --cd /etc/openvpn $OPENVPN_OPT
+ExecStart=/usr/sbin/openvpn --writepid /var/run/openvpn/%i.pid --config /etc/openvpn/%i.conf --cd /etc/openvpn $OPENVPN_OPT
 ExecReload=/bin/kill -HUP $MAINPID
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
+LimitNPROC=10
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
+ProtectSystem=true
+ProtectHome=true
+KillMode=process
 
 [Install]
 WantedBy=openvpn.target
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/openvpn.git/commitdiff/7d0baea581dd6bdd142bc85eee8a6a822ad26477

More information about the pld-cvs-commit mailing list