[Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files
From: Christian Hesse If systemd is enabled we install unit files to $libdir/systemd/system (or the path specified by SYSTEMD_UNIT_DIR). The unit files are generated on the fly with matching $sbindir. Signed-off-by: Christian Hesse --- .gitignore | 1 + configure.ac | 10 + distro/Makefile.am | 4 +--- distro/systemd/Makefile.am | 26 ++ ...-client@.service => openvpn-cli...@.service.in} | 2 +- ...-server@.service => openvpn-ser...@.service.in} | 2 +- 6 files changed, 40 insertions(+), 5 deletions(-) create mode 100644 distro/systemd/Makefile.am rename distro/systemd/{openvpn-client@.service => openvpn-cli...@.service.in} (90%) rename distro/systemd/{openvpn-server@.service => openvpn-ser...@.service.in} (91%) diff --git a/.gitignore b/.gitignore index e6da21c..30e289b 100644 --- a/.gitignore +++ b/.gitignore @@ -51,6 +51,7 @@ config-msvc-local.h config-msvc-version.h doc/openvpn.8.html distro/rpm/openvpn.spec +distro/systemd/*.service sample/sample-keys/sample-ca/ vendor/.build vendor/dist diff --git a/configure.ac b/configure.ac index 8783109..48d8f0c 100644 --- a/configure.ac +++ b/configure.ac @@ -378,6 +378,7 @@ AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests AC_ARG_VAR([MAN2HTML], [path to man2html utility]) AC_ARG_VAR([GIT], [path to git utility]) AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) +AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@]) AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) @@ -1099,6 +1100,12 @@ if test "$enable_systemd" = "yes" ; then OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) LIBS="${saved_LIBS}" + +if test -n "${SYSTEMD_UNIT_DIR}"; then +systemdunitdir="${SYSTEMD_UNIT_DIR}" +else +systemdunitdir="\${libdir}/systemd/system" +fi fi @@ -1275,6 +1282,8 @@ sampledir="\$(docdir)/sample" AC_SUBST([plugindir]) AC_SUBST([sampledir]) +AC_SUBST([systemdunitdir]) + VENDOR_SRC_ROOT="\$(abs_top_srcdir)/vendor/" VENDOR_DIST_ROOT="\$(abs_top_builddir)/vendor/dist" VENDOR_BUILD_ROOT="\$(abs_top_builddir)/vendor/.build" @@ -1313,6 +1322,7 @@ AC_CONFIG_FILES([ distro/Makefile distro/rpm/Makefile distro/rpm/openvpn.spec + distro/systemd/Makefile include/Makefile src/Makefile src/compat/Makefile diff --git a/distro/Makefile.am b/distro/Makefile.am index 7a9ffd0..eb0e554 100644 --- a/distro/Makefile.am +++ b/distro/Makefile.am @@ -12,6 +12,4 @@ MAINTAINERCLEANFILES = \ $(srcdir)/Makefile.in -SUBDIRS = rpm - -EXTRA_DIST = systemd/openvpn-client@.service systemd/openvpn-server@.service +SUBDIRS = rpm systemd diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am new file mode 100644 index 000..b10c6ed --- /dev/null +++ b/distro/systemd/Makefile.am @@ -0,0 +1,26 @@ +# +# OpenVPN -- An application to securely tunnel IP networks +# over a single UDP port, with support for SSL/TLS-based +# session authentication and key exchange, +# packet encryption, packet authentication, and +# packet compression. +# +# Copyright (C) 2017 OpenVPN Technologies, Inc. +# + +%.service: %.service.in Makefile + $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \ + $< > $@.tmp && mv $@.tmp $@ + +EXTRA_DIST = \ + openvpn-cli...@.service.in \ + openvpn-ser...@.service.in + +if ENABLE_SYSTEMD +systemdunit_DATA = \ + openvpn-client@.service \ + openvpn-server@.service +endif + +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-cli...@.service.in similarity index 90% rename from distro/systemd/openvpn-client@.service rename to distro/systemd/openvpn-cli...@.service.in index 5618af3..d933772 100644 --- a/distro/systemd/openvpn-client@.service +++ b/distro/systemd/openvpn-cli...@.service.in @@ -12,7 +12,7 @@ PrivateTmp=true RuntimeDirectory=openvpn-client RuntimeDirectoryMode=0710 WorkingDirectory=/etc/openvpn/client -ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf +ExecStart=@sbindir@/openvpn --suppress-timestamps --nobind --config %i.conf CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE LimitNPROC=10 DeviceAllow=/dev/null rw diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-ser...@.service.in similarity index 91% rename from distro/systemd/openvpn-server@.service rename to distro/systemd/o
Re: [Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files
David Sommerseth on Fri, 2017/01/20 21:39: > On 27/12/16 23:15, Christian Hesse wrote: > > From: Christian Hesse > > > > If systemd is enabled we install unit files to $libdir/systemd/system > > (or the path specified by SYSTEMD_UNIT_DIR). > > The unit files are generated on the fly with matching $sbindir. > > > > Signed-off-by: Christian Hesse > > --- > > configure.ac | 10 > > distro/Makefile.am | 4 +--- > > distro/systemd/.gitignore | 1 + > > distro/systemd/Makefile.am | 27 > > ++ ...-client@.service => openvpn-cli...@.service.in} > > | 2 +- ...-server@.service => openvpn-ser...@.service.in} | 2 +- > > 6 files changed, 41 insertions(+), 5 deletions(-) > > create mode 100644 distro/systemd/.gitignore > > create mode 100644 distro/systemd/Makefile.am > > rename distro/systemd/{openvpn-client@.service => > > openvpn-cli...@.service.in} (89%) rename > > distro/systemd/{openvpn-server@.service => openvpn-ser...@.service.in} > > (83%) > > > Finally had some time to look at this! Some comments below. > > [...snip...] > > > --- /dev/null > > +++ b/distro/systemd/.gitignore > > @@ -0,0 +1 @@ > > +*.service > > \ No newline at end of file > > I think it is better to put all of these things into the .gitignore file > in the project root directory. I see that this have slipped through a > few times (./vendor, ./test/unit_tests and sample/sample-keys/) ... but > as do ignore directories in the "master" .gitignore, I think we should > have everything there. It will be easier to know where to look. And > rather split things up when that master file gets too long and complicated. I was not sure where you want this... Moved it up to the root. > > diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am > > new file mode 100644 > > index 000..53a88c9 > > --- /dev/null > > +++ b/distro/systemd/Makefile.am > > @@ -0,0 +1,27 @@ > > +# > > +# OpenVPN -- An application to securely tunnel IP networks > > +# over a single UDP port, with support for SSL/TLS-based > > +# session authentication and key exchange, > > +# packet encryption, packet authentication, and > > +# packet compression. > > +# > > +# Copyright (C) 2017 OpenVPN Technologies, Inc. > > +# > > + > > +%.service: %.service.in Makefile > > + $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \ > > + $< > $@.tmp && mv $@.tmp $@ > > + > > +EXTRA_DIST = \ > > + openvpn-cli...@.service.in \ > > + openvpn-ser...@.service.in > > + > > +if ENABLE_SYSTEMD > > +systemdunitdir = $(systemdunitdir) > > This conflicts with AC_SUBST([systemdunitdir]) in configure.ac. So this > line should not be here. Removed. > [...snip] > > > diff --git a/distro/systemd/openvpn-client@.service > > b/distro/systemd/openvpn-cli...@.service.in similarity index 89% > > rename from distro/systemd/openvpn-client@.service > > rename to distro/systemd/openvpn-cli...@.service.in > > index 5618af3..d9fd6b0 100644 > > --- a/distro/systemd/openvpn-client@.service > > +++ b/distro/systemd/openvpn-cli...@.service.in > > @@ -12,7 +12,7 @@ PrivateTmp=true > > RuntimeDirectory=openvpn-client > > RuntimeDirectoryMode=0710 > > WorkingDirectory=/etc/openvpn/client > > -ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config > > %i.conf +ExecStart=@sbindir@ --suppress-timestamps --nobind --config > > %i.conf > > It should be: ExecStart=@sbindir@/openvpn otherwise the generated > files are pointing at a only a directory. Ups, stupid me... Looks like I broke this with my final patch preparation. :-p I will send updated patches soon. -- main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];) putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);} pgpHuUdA1pj7C.pgp Description: OpenPGP digital signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files
On 27/12/16 23:15, Christian Hesse wrote: > From: Christian Hesse > > If systemd is enabled we install unit files to $libdir/systemd/system > (or the path specified by SYSTEMD_UNIT_DIR). > The unit files are generated on the fly with matching $sbindir. > > Signed-off-by: Christian Hesse > --- > configure.ac | 10 > distro/Makefile.am | 4 +--- > distro/systemd/.gitignore | 1 + > distro/systemd/Makefile.am | 27 > ++ > ...-client@.service => openvpn-cli...@.service.in} | 2 +- > ...-server@.service => openvpn-ser...@.service.in} | 2 +- > 6 files changed, 41 insertions(+), 5 deletions(-) > create mode 100644 distro/systemd/.gitignore > create mode 100644 distro/systemd/Makefile.am > rename distro/systemd/{openvpn-client@.service => > openvpn-cli...@.service.in} (89%) > rename distro/systemd/{openvpn-server@.service => > openvpn-ser...@.service.in} (83%) Finally had some time to look at this! Some comments below. [...snip...] > --- /dev/null > +++ b/distro/systemd/.gitignore > @@ -0,0 +1 @@ > +*.service > \ No newline at end of file I think it is better to put all of these things into the .gitignore file in the project root directory. I see that this have slipped through a few times (./vendor, ./test/unit_tests and sample/sample-keys/) ... but as do ignore directories in the "master" .gitignore, I think we should have everything there. It will be easier to know where to look. And rather split things up when that master file gets too long and complicated. > diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am > new file mode 100644 > index 000..53a88c9 > --- /dev/null > +++ b/distro/systemd/Makefile.am > @@ -0,0 +1,27 @@ > +# > +# OpenVPN -- An application to securely tunnel IP networks > +# over a single UDP port, with support for SSL/TLS-based > +# session authentication and key exchange, > +# packet encryption, packet authentication, and > +# packet compression. > +# > +# Copyright (C) 2017 OpenVPN Technologies, Inc. > +# > + > +%.service: %.service.in Makefile > + $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \ > + $< > $@.tmp && mv $@.tmp $@ > + > +EXTRA_DIST = \ > + openvpn-cli...@.service.in \ > + openvpn-ser...@.service.in > + > +if ENABLE_SYSTEMD > +systemdunitdir = $(systemdunitdir) This conflicts with AC_SUBST([systemdunitdir]) in configure.ac. So this line should not be here. [...snip] > diff --git a/distro/systemd/openvpn-client@.service > b/distro/systemd/openvpn-cli...@.service.in > similarity index 89% > rename from distro/systemd/openvpn-client@.service > rename to distro/systemd/openvpn-cli...@.service.in > index 5618af3..d9fd6b0 100644 > --- a/distro/systemd/openvpn-client@.service > +++ b/distro/systemd/openvpn-cli...@.service.in > @@ -12,7 +12,7 @@ PrivateTmp=true > RuntimeDirectory=openvpn-client > RuntimeDirectoryMode=0710 > WorkingDirectory=/etc/openvpn/client > -ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf > +ExecStart=@sbindir@ --suppress-timestamps --nobind --config %i.conf It should be: ExecStart=@sbindir@/openvpn otherwise the generated files are pointing at a only a directory. [...snip] > diff --git a/distro/systemd/openvpn-server@.service > b/distro/systemd/openvpn-ser...@.service.in > similarity index 83% > rename from distro/systemd/openvpn-server@.service > rename to distro/systemd/openvpn-ser...@.service.in > index b9b4dba..a270982 100644 > --- a/distro/systemd/openvpn-server@.service > +++ b/distro/systemd/openvpn-ser...@.service.in > @@ -12,7 +12,7 @@ PrivateTmp=true > RuntimeDirectory=openvpn-server > RuntimeDirectoryMode=0710 > WorkingDirectory=/etc/openvpn/server > -ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log > --status-version 2 --suppress-timestamps --config %i.conf > +ExecStart=@sbindir@ --status %t/openvpn-server/status-%i.log > --status-version 2 --suppress-timestamps --config %i.conf Same as above. -- kind regards, David Sommerseth OpenVPN Technologies, Inc signature.asc Description: OpenPGP digital signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files
From: Christian Hesse If systemd is enabled we install unit files to $libdir/systemd/system (or the path specified by SYSTEMD_UNIT_DIR). The unit files are generated on the fly with matching $sbindir. Signed-off-by: Christian Hesse --- configure.ac | 10 distro/Makefile.am | 4 +--- distro/systemd/.gitignore | 1 + distro/systemd/Makefile.am | 27 ++ ...-client@.service => openvpn-cli...@.service.in} | 2 +- ...-server@.service => openvpn-ser...@.service.in} | 2 +- 6 files changed, 41 insertions(+), 5 deletions(-) create mode 100644 distro/systemd/.gitignore create mode 100644 distro/systemd/Makefile.am rename distro/systemd/{openvpn-client@.service => openvpn-cli...@.service.in} (89%) rename distro/systemd/{openvpn-server@.service => openvpn-ser...@.service.in} (83%) diff --git a/configure.ac b/configure.ac index 43487b0..114fcb9 100644 --- a/configure.ac +++ b/configure.ac @@ -378,6 +378,7 @@ AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests AC_ARG_VAR([MAN2HTML], [path to man2html utility]) AC_ARG_VAR([GIT], [path to git utility]) AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility]) +AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory @<:@default=LIBDIR/systemd/system@:>@]) AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin]) @@ -1075,6 +1076,12 @@ if test "$enable_systemd" = "yes" ; then OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}" AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration]) LIBS="${saved_LIBS}" + +if test -n "${SYSTEMD_UNIT_DIR}"; then +systemdunitdir="${SYSTEMD_UNIT_DIR}" +else +systemdunitdir="\${libdir}/systemd/system" +fi fi @@ -1250,6 +1257,8 @@ sampledir="\$(docdir)/sample" AC_SUBST([plugindir]) AC_SUBST([sampledir]) +AC_SUBST([systemdunitdir]) + VENDOR_SRC_ROOT="\$(abs_top_srcdir)/vendor/" VENDOR_DIST_ROOT="\$(abs_top_builddir)/vendor/dist" VENDOR_BUILD_ROOT="\$(abs_top_builddir)/vendor/.build" @@ -1288,6 +1297,7 @@ AC_CONFIG_FILES([ distro/Makefile distro/rpm/Makefile distro/rpm/openvpn.spec + distro/systemd/Makefile include/Makefile src/Makefile src/compat/Makefile diff --git a/distro/Makefile.am b/distro/Makefile.am index 7a9ffd0..eb0e554 100644 --- a/distro/Makefile.am +++ b/distro/Makefile.am @@ -12,6 +12,4 @@ MAINTAINERCLEANFILES = \ $(srcdir)/Makefile.in -SUBDIRS = rpm - -EXTRA_DIST = systemd/openvpn-client@.service systemd/openvpn-server@.service +SUBDIRS = rpm systemd diff --git a/distro/systemd/.gitignore b/distro/systemd/.gitignore new file mode 100644 index 000..ef4c0b8 --- /dev/null +++ b/distro/systemd/.gitignore @@ -0,0 +1 @@ +*.service \ No newline at end of file diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am new file mode 100644 index 000..53a88c9 --- /dev/null +++ b/distro/systemd/Makefile.am @@ -0,0 +1,27 @@ +# +# OpenVPN -- An application to securely tunnel IP networks +# over a single UDP port, with support for SSL/TLS-based +# session authentication and key exchange, +# packet encryption, packet authentication, and +# packet compression. +# +# Copyright (C) 2017 OpenVPN Technologies, Inc. +# + +%.service: %.service.in Makefile + $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \ + $< > $@.tmp && mv $@.tmp $@ + +EXTRA_DIST = \ + openvpn-cli...@.service.in \ + openvpn-ser...@.service.in + +if ENABLE_SYSTEMD +systemdunitdir = $(systemdunitdir) +systemdunit_DATA = \ + openvpn-client@.service \ + openvpn-server@.service +endif + +MAINTAINERCLEANFILES = \ + $(srcdir)/Makefile.in diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-cli...@.service.in similarity index 89% rename from distro/systemd/openvpn-client@.service rename to distro/systemd/openvpn-cli...@.service.in index 5618af3..d9fd6b0 100644 --- a/distro/systemd/openvpn-client@.service +++ b/distro/systemd/openvpn-cli...@.service.in @@ -12,7 +12,7 @@ PrivateTmp=true RuntimeDirectory=openvpn-client RuntimeDirectoryMode=0710 WorkingDirectory=/etc/openvpn/client -ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf +ExecStart=@sbindir@ --suppress-timestamps --nobind --config %i.conf CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE LimitNPROC=10 DeviceAllow=/dev/null rw diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-ser...@.service.in similarity index 83% rename from distro/systemd/openvpn-server@.service rename to distro/systemd/openvpn-se