Tested this on the Linux / DCO server test rig that found the issue
yesterday - the "no root" server now does no longer reject clients
on connect, so that problem is fixed. Thanks :-)
To verify that the startup function is actually used, I triggered
it with
- openvpn --mktun --dev tun99
- openvpn --dev tun99 ...
(pre-existing tun device -> disable DCO)
2022-08-18 07:57:30 net_iface_type: type of tun99: tun
2022-08-18 07:57:30 Interface tun99 exists and is non-DCO. Disabling data
channel offload
- openvpn --user nobody ...
(started as non-root user - failed, of course, but told me "you no DCO!"
first :-) )
2022-08-18 07:56:27 --user specified but lacking CAP_SETPCAP. Cannot retain
CAP_NET_ADMIN. Disabling data channel offload
Your patch has been applied to the master branch.
commit 897728ff7141c367c5ea1e02918c8487ccafef16
Author: Timo Rothenpieler
Date: Wed Aug 17 23:08:57 2022 +0200
dco: turn platform config checks into separate function
Acked-by: Antonio Quartulli <a...@unstable.cc>
Message-Id: <20220817210857.1558-1-t...@rothenpieler.org>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24969.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
