26.01.2017 16:43, debbie10t пишет: > > On 26/01/17 11:55, Dmitry Melekhov wrote: >> 26.01.2017 15:31, debbie10t пишет: >>> On 26/01/17 07:10, Dmitry Melekhov wrote: >>>> 26.01.2017 10:59, Gert Doering пишет: >>>>> Hi, >>>>> >>>>> On Thu, Jan 26, 2017 at 09:54:59AM +0400, Dmitry Melekhov wrote: >>>>>> Could you tell me is this expected behavior and, if yes, is there any >>>>>> workaround , something like dhcp-release for windows? >>>>> This is a bug - on SIGUSR1 reconnect with --persist-tun, if options change >>>>> (like: "new IP address") these is wrongly ignored. >>>>> >>>>> This is trac #812, and it was already fixed - to be released as part of >>>>> 2.4.1 "soon" (in the coming weeks). >>>>> >>>>> gert >>>> Thank you! >>>> >>>> I'll try to patch and rebuild 2.4.0. >>> Curiosity got me .. >>> >>> Do you need --persist-* on your client ? >> Really, no, there is no desperate need in it in this particular case :-) >> >> On the other hand , there is no contra, at least I don't see any... > Other than the problem you are currently experiencing .. > > --persist-* is necessary if you are dropping privileges. > (I am not aware of any other reason)
And? Any reasons I can't drop privileges on server which provides LAN-to-LAN link, although it acts as openvpn client? And yes, I can not use it, because it is not server, so it has less security problems. So situation is absolutely as I wrote before- no desperate need. > >>> Or is it an option added by a config generator tool ? >>> EG: Network-manager >>> >>> I would recommend reading the manual for each of the options your client >>> does use and deciding what is actually necessary. >> Thank you for hint, I run openvpn since 2005 and never thought about >> reading manual ;-) > I presume you are ribbing me ;-) You are right :-P ;-) > > OTOH, you would not be the first to march blindly into the fray ! No, you started fray by assuming I did not read man . > > It might be interesting to know the difference in hits between > the official docs and, for example, a wordpress or Pi tutorial .. Well, I don't remember which tutorial I used more then 10 years ago :-( > Regards Fortunately this was known bug and now it is fixed on my servers :-) And I see no reasons to discuss do I use or not user and group in config, AFAIR, this is information I can't share according to internal policy ;-) Thank you! ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
