David Sommerseth <open...@sf.lists.topphemmelig.net> on Fri, 2017/01/20 21:55: > On 27/12/16 23:15, Christian Hesse wrote: > > From: Christian Hesse <m...@eworm.de> > > > > Different unit instances create and destroy the same RuntimeDirectory. > > This leads to running instances where the status file (and possibly > > more runtime data) is no longer accessible. > > > > So do not handle this in unit files but provide a tmpfiles.d > > configuration and let systemd-tmpfiles do the work. > > Nobody will (unintentionally) delete the directories and its content. > > As /run is volatile we do not have to care about cleanup. > > > > Signed-off-by: Christian Hesse <m...@eworm.de> > > --- > > configure.ac | 8 ++++++++ > > distro/systemd/Makefile.am | 8 ++++++++ > > distro/systemd/openvpn-cli...@.service.in | 2 -- > > distro/systemd/openvpn-ser...@.service.in | 2 -- > > distro/systemd/openvpn.conf | 2 ++ > > 5 files changed, 18 insertions(+), 4 deletions(-) > > create mode 100644 distro/systemd/openvpn.conf > > > > [...snip...] > > > diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am > > index 53a88c9..1a6c974 100644 > > --- a/distro/systemd/Makefile.am > > +++ b/distro/systemd/Makefile.am > > @@ -12,7 +12,12 @@ > > $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \ > > $< > $@.tmp && mv $@.tmp $@ > > > > +install-data-local: > > + $(INSTALL) -d -m0710 $(DESTDIR)/run/openvpn-client > > + $(INSTALL) -d -m0710 $(DESTDIR)/run/openvpn-server > > Hmm ... that doesn't make much sense, does it? > > $ mount | grep '/run ' > tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755) > > IIRC, upstream systemd recommends /run to be a ramdisk, as it should > always be clean on freshly rebooted systems. And it probably saves a > lot of SSD/flash storage write cycles, for those using that.
Well, the idea is: Files in /usr/lib/tmpfiles.d/ are handled by systemd-tmpfiles at boot time. We want these directories after installation (without a reboot) to be present - so just create them. Yes, these reside on tmpfs, but are created automatically after reboot. As package managers should run a hook if files in /usr/lib/tmpfiles.d/ change (pacman does now) I am fine with removing this rule. People installing manually may still stumble on this... > [...snip...] > > > @@ -21,6 +26,9 @@ systemdunitdir = $(systemdunitdir) > > systemdunit_DATA = \ > > openvpn-client@.service \ > > openvpn-server@.service > > +tmpfilesdir = $(tmpfilesdir) > > This conflicts with AC_SUBST([tmpfilesdir]) > > $ autoreconf -vi > autoreconf: Entering directory `.' > autoreconf: configure.ac: not using Gettext > autoreconf: running: aclocal -I m4 > autoreconf: configure.ac: tracing > autoreconf: running: libtoolize --copy > autoreconf: running: /usr/bin/autoconf > autoreconf: running: /usr/bin/autoheader > autoreconf: running: automake --add-missing --copy --no-force > distro/systemd/Makefile.am:28: warning: tmpfilesdir was already defined > in condition TRUE, which includes condition ENABLE_SYSTEMD ... > configure.ac:1293: ... 'tmpfilesdir' previously defined here > autoreconf: Leaving directory `.' > $ rpm -q autoconf > autoconf-2.69-11.el7.noarch > > Removing that tmpfilesdir declaration line in Makefile.am resolves this > issue, and it still works as expected. Removed. > [...snip...] > > > diff --git a/distro/systemd/openvpn.conf b/distro/systemd/openvpn.conf > > new file mode 100644 > > index 0000000..57f20cd > > --- /dev/null > > +++ b/distro/systemd/openvpn.conf > > @@ -0,0 +1,2 @@ > > +d /run/openvpn-client 0710 root root - > > +d /run/openvpn-server 0710 root root - > > \ No newline at end of file > > This makes more sense though, as this will tell systemd to create these > directories with the proper attributes. > > But I'm not too happy about the filename in our git repository. The > destination file may very well be called openvpn.conf, as then it should > reside in $libdir/tmpfiles.d/ ... but openvpn.conf causes quite a bit of > ambiguity inside the openvpn source tree, and unaware users might more > see this as a sample configuration for OpenVPN and be even more confused. > > I propose ... either rename this file to tmpfiles.d--openvpn.conf or > move this openvpn.conf inside a tmpfiles.d/ subdirectory inside the > ./distro/systemd/ directory. > > Otherwise, this looks very reasonable. Reworked this... Are we ok renaming the file in automake target install-data-hook? Could not come up with a better solution. I will send an updated patch soon. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
pgpilcxLfwWWR.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel