Package: openvpn Version: 2.1~rc11-1 Severity: minor Tags: patch The README.Debian file does a poor job of explaining how Debian manages openvpn startup. This is particularly important when automatically starting mulitple client openvpn connections.
-- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openvpn depends on: ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii libc6 2.7-18 GNU C Library: Shared libraries ii liblzo2-2 2.03-1 data compression library ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l ii libpkcs11-helper1 1.05-1 library that simplifies the intera ii libssl0.9.8 0.9.8g-15+lenny5 SSL shared libraries ii openssl-blacklist 0.4.2 list of blacklisted OpenSSL RSA ke ii openvpn-blacklist 0.3 list of blacklisted OpenVPN RSA sh Versions of packages openvpn recommends: ii net-tools 1.60-22 The NET-3 networking toolkit Versions of packages openvpn suggests: ii openssl 0.9.8g-15+lenny5 Secure Socket Layer (SSL) binary a ii resolvconf 1.42 name server information handler -- debconf information: * openvpn/vulnerable_prng: openvpn/change_init: false * openvpn/stop2upgrade: false openvpn/default_port: * openvpn/change_init2: true openvpn/create_tun: false
--- /tmp/README.Debian.openvpn 2009-10-07 21:48:38.000000000 -0500 +++ /tmp/README.Debian.openvpn.patched 2009-10-07 22:05:31.000000000 -0500 @@ -31,14 +31,17 @@ Multiple tunnels ---------------- -When OpenVPN is started by /etc/init.d/openvpn a separate OpenVPN daemon will -be started for each .conf configuration file in the /etc/openvpn directory. -This allows you to define multiple VPN connections. +When OpenVPN is started by /etc/init.d/openvpn the default is to start +a separate openvpn daemon for each .conf configuration file in the +/etc/openvpn directory. The /etc/default/openvpn file may be used to +alter this behavior. [UPDATE: with OpenVPN 2.0 one openvpn daemon can serve multiple clients. That way multiple instances of openvpn are no longer required to achieve this, and one configuration file should be enough for these cases. Take a look at the -'Multi-Client Server options' on the man page] +'Multi-Client Server options' on the man page. Multiple daemons, and their +configuration files, remain necessary to establish multiple client VPN +connections.] Be sure that each .conf file defines a different local port number with the "port" or "lport" options; see the openvpn