Re: [Openvpn-devel] [PATCH 1/1] add more security features for systemd units

On 10/12/16 12:57, Christian Hesse wrote: > SviMik on Sat, 2016/12/10 06:06: >>> You can break this with something like: >>> >>> status /etc/openvpn/client/status.log >>> >>> in your configuration. Writing a status file >>> to /run/openvpn-{client,server}/status.log works, though.

Re: [Openvpn-devel] [PATCH 1/1] bind mount systemd notification socket into chroot

On 10/12/16 13:08, Christian Hesse wrote: > David Sommerseth on Sat, 2016/12/10 01:03: >> On 10/12/16 00:19, Christian Hesse wrote: >>> From: Christian Hesse >>> >>> sd_notify() uses a socket to communicate with systemd. Communication >>> fails

Re: [Openvpn-devel] [PATCH 1/1] bind mount systemd notification socket into chroot

On 10/12/16 13:29, Gert Doering wrote: > Hi, > > On Sat, Dec 10, 2016 at 12:19:07AM +0100, Christian Hesse wrote: >> + int fd; >> + char * chroot_notify = NULL; >> + >> + if (sd_notify(0, "READY=0") > 0) >> +{ >> +

Re: [Openvpn-devel] [PATCH 1/1] bind mount systemd notification socket into chroot

Hi, On Sat, Dec 10, 2016 at 12:19:07AM +0100, Christian Hesse wrote: > + int fd; > + char * chroot_notify = NULL; > + > + if (sd_notify(0, "READY=0") > 0) > +{ > + asprintf(_notify, "%s/notify", > c->options.chroot_dir); > +

Re: [Openvpn-devel] [PATCH 1/1] bind mount systemd notification socket into chroot

David Sommerseth on Sat, 2016/12/10 01:03: > On 10/12/16 00:19, Christian Hesse wrote: > > From: Christian Hesse > > > > sd_notify() uses a socket to communicate with systemd. Communication > > fails if the socket is not available within the

Re: [Openvpn-devel] [PATCH 1/1] add more security features for systemd units

SviMik on Sat, 2016/12/10 06:06: > > You can break this with something like: > > > > status /etc/openvpn/client/status.log > > > > in your configuration. Writing a status file > > to /run/openvpn-{client,server}/status.log works, though. So the default > > setups should be fine.