Date: Thursday, May 12, 2016 @ 22:24:51 Author: bpiotrowski Revision: 267908
upgpkg: openvpn 2.3.11-1 new upstream release Modified: openvpn/trunk/PKGBUILD openvpn/trunk/openvpn@.service ------------------+ PKGBUILD | 18 ++++++++++++------ openvpn@.service | 7 ++++++- 2 files changed, 18 insertions(+), 7 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2016-05-12 20:17:28 UTC (rev 267907) +++ PKGBUILD 2016-05-12 20:24:51 UTC (rev 267908) @@ -2,7 +2,7 @@ # Maintainer: Thomas Bächler <tho...@archlinux.org> pkgname=openvpn -pkgver=2.3.10 +pkgver=2.3.11 pkgrel=1 pkgdesc="An easy-to-use, robust, and highly configurable VPN (Virtual Private Network)" arch=(i686 x86_64) @@ -11,12 +11,12 @@ makedepends=('systemd') license=('custom') install=openvpn.install -source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz - http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.gz.asc +source=(http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.xz + http://swupdate.openvpn.net/community/releases/openvpn-${pkgver}.tar.xz.asc openvpn@.service) -sha256sums=('f8b0b5b92e35bbca1db1a7e6b49e04639e45634e9accd460459b40b2c99ec8f6' +sha256sums=('0f5f1ca1dc5743fa166d93dd4ec952f014b5f33bafd88f0ea34b455cae1434a7' 'SKIP' - '860976d954bd1db95861b95f0ef42e4e80618aa23a9f2aed26d17ee3d09110df') + '47a4ee993f8aaa7370e9a84384fcfc993fd76aa4db11c46629b156d0c5fad49a') validpgpkeys=('03300E11FED16F59715F9996C29D97ED198D22A3') # Samuli Seppänen build() { @@ -27,24 +27,30 @@ --enable-password-save \ --mandir=/usr/share/man \ --enable-iproute2 \ - --enable-systemd + --enable-systemd \ + --enable-x509-alt-username make } package() { cd "${srcdir}"/$pkgname-$pkgver + # Install openvpn make DESTDIR="${pkgdir}" install install -d -m755 "${pkgdir}"/etc/openvpn + # Install examples install -d -m755 "${pkgdir}"/usr/share/openvpn cp -r sample/sample-config-files "${pkgdir}"/usr/share/openvpn/examples + # Install license install -d -m755 "${pkgdir}"/usr/share/licenses/${pkgname}/ ln -sf /usr/share/doc/${pkgname}/{COPYING,COPYRIGHT.GPL} "${pkgdir}"/usr/share/licenses/${pkgname}/ + # Install contrib install -d -m755 "${pkgdir}"/usr/share/openvpn/contrib cp -r contrib "${pkgdir}"/usr/share/openvpn + # Install systemd service install -D -m644 "${srcdir}"/openvpn@.service "${pkgdir}"/usr/lib/systemd/system/openvpn@.service } Modified: openvpn@.service =================================================================== --- openvpn@.service 2016-05-12 20:17:28 UTC (rev 267907) +++ openvpn@.service 2016-05-12 20:24:51 UTC (rev 267908) @@ -2,9 +2,14 @@ Description=OpenVPN connection to %i [Service] +PrivateTmp=true Type=forking -ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid +ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid --status-version 2 PIDFile=/run/openvpn@%i.pid +CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH +LimitNPROC=10 +DeviceAllow=/dev/null rw +DeviceAllow=/dev/net/tun rw [Install] WantedBy=multi-user.target