[Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files

2017-01-24 Thread Christian Hesse 
From: Christian Hesse 

If systemd is enabled we install unit files to $libdir/systemd/system
(or the path specified by SYSTEMD_UNIT_DIR).
The unit files are generated on the fly with matching $sbindir.

Signed-off-by: Christian Hesse 
---
 .gitignore |  1 +
 configure.ac   | 10 +
 distro/Makefile.am |  4 +---
 distro/systemd/Makefile.am | 26 ++
 ...-client@.service => openvpn-cli...@.service.in} |  2 +-
 ...-server@.service => openvpn-ser...@.service.in} |  2 +-
 6 files changed, 40 insertions(+), 5 deletions(-)
 create mode 100644 distro/systemd/Makefile.am
 rename distro/systemd/{openvpn-client@.service => openvpn-cli...@.service.in} 
(90%)
 rename distro/systemd/{openvpn-server@.service => openvpn-ser...@.service.in} 
(91%)

diff --git a/.gitignore b/.gitignore
index e6da21c..30e289b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -51,6 +51,7 @@ config-msvc-local.h
 config-msvc-version.h
 doc/openvpn.8.html
 distro/rpm/openvpn.spec
+distro/systemd/*.service
 sample/sample-keys/sample-ca/
 vendor/.build
 vendor/dist
diff --git a/configure.ac b/configure.ac
index 8783109..48d8f0c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -378,6 +378,7 @@ AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
 AC_ARG_VAR([MAN2HTML], [path to man2html utility])
 AC_ARG_VAR([GIT], [path to git utility])
 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
+AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory 
@<:@default=LIBDIR/systemd/system@:>@])
 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
@@ -1099,6 +1100,12 @@ if test "$enable_systemd" = "yes" ; then
 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
 LIBS="${saved_LIBS}"
+
+if test -n "${SYSTEMD_UNIT_DIR}"; then
+systemdunitdir="${SYSTEMD_UNIT_DIR}"
+else
+systemdunitdir="\${libdir}/systemd/system"
+fi
 fi
 
 
@@ -1275,6 +1282,8 @@ sampledir="\$(docdir)/sample"
 AC_SUBST([plugindir])
 AC_SUBST([sampledir])
 
+AC_SUBST([systemdunitdir])
+
 VENDOR_SRC_ROOT="\$(abs_top_srcdir)/vendor/"
 VENDOR_DIST_ROOT="\$(abs_top_builddir)/vendor/dist"
 VENDOR_BUILD_ROOT="\$(abs_top_builddir)/vendor/.build"
@@ -1313,6 +1322,7 @@ AC_CONFIG_FILES([
distro/Makefile
distro/rpm/Makefile
distro/rpm/openvpn.spec
+   distro/systemd/Makefile
include/Makefile
src/Makefile
src/compat/Makefile
diff --git a/distro/Makefile.am b/distro/Makefile.am
index 7a9ffd0..eb0e554 100644
--- a/distro/Makefile.am
+++ b/distro/Makefile.am
@@ -12,6 +12,4 @@
 MAINTAINERCLEANFILES = \
$(srcdir)/Makefile.in
 
-SUBDIRS = rpm
-
-EXTRA_DIST = systemd/openvpn-client@.service systemd/openvpn-server@.service
+SUBDIRS = rpm systemd
diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am
new file mode 100644
index 000..b10c6ed
--- /dev/null
+++ b/distro/systemd/Makefile.am
@@ -0,0 +1,26 @@
+#
+#  OpenVPN -- An application to securely tunnel IP networks
+# over a single UDP port, with support for SSL/TLS-based
+# session authentication and key exchange,
+# packet encryption, packet authentication, and
+# packet compression.
+#
+#  Copyright (C) 2017 OpenVPN Technologies, Inc. 
+#
+
+%.service: %.service.in Makefile
+   $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \
+   $< > $@.tmp && mv $@.tmp $@
+
+EXTRA_DIST = \
+   openvpn-cli...@.service.in \
+   openvpn-ser...@.service.in
+
+if ENABLE_SYSTEMD
+systemdunit_DATA = \
+   openvpn-client@.service \
+   openvpn-server@.service
+endif
+
+MAINTAINERCLEANFILES = \
+   $(srcdir)/Makefile.in
diff --git a/distro/systemd/openvpn-client@.service 
b/distro/systemd/openvpn-cli...@.service.in
similarity index 90%
rename from distro/systemd/openvpn-client@.service
rename to distro/systemd/openvpn-cli...@.service.in
index 5618af3..d933772 100644
--- a/distro/systemd/openvpn-client@.service
+++ b/distro/systemd/openvpn-cli...@.service.in
@@ -12,7 +12,7 @@ PrivateTmp=true
 RuntimeDirectory=openvpn-client
 RuntimeDirectoryMode=0710
 WorkingDirectory=/etc/openvpn/client
-ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
+ExecStart=@sbindir@/openvpn --suppress-timestamps --nobind --config %i.conf
 CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID 
CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
 LimitNPROC=10
 DeviceAllow=/dev/null rw
diff --git a/distro/systemd/openvpn-server@.service 
b/distro/systemd/openvpn-ser...@.service.in
similarity index 91%
rename from

Re: [Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files

2017-01-24 Thread Christian Hesse 
David Sommerseth  on Fri, 2017/01/20 21:39:
> On 27/12/16 23:15, Christian Hesse wrote:
> > From: Christian Hesse 
> > 
> > If systemd is enabled we install unit files to $libdir/systemd/system
> > (or the path specified by SYSTEMD_UNIT_DIR).
> > The unit files are generated on the fly with matching $sbindir.
> > 
> > Signed-off-by: Christian Hesse 
> > ---
> >  configure.ac   | 10 
> >  distro/Makefile.am |  4 +---
> >  distro/systemd/.gitignore  |  1 +
> >  distro/systemd/Makefile.am | 27
> > ++ ...-client@.service => openvpn-cli...@.service.in}
> > |  2 +- ...-server@.service => openvpn-ser...@.service.in} |  2 +-
> >  6 files changed, 41 insertions(+), 5 deletions(-)
> >  create mode 100644 distro/systemd/.gitignore
> >  create mode 100644 distro/systemd/Makefile.am
> >  rename distro/systemd/{openvpn-client@.service =>
> > openvpn-cli...@.service.in} (89%) rename
> > distro/systemd/{openvpn-server@.service => openvpn-ser...@.service.in}
> > (83%)  
> 
> 
> Finally had some time to look at this!  Some comments below.
> 
> [...snip...]
> 
> > --- /dev/null
> > +++ b/distro/systemd/.gitignore
> > @@ -0,0 +1 @@
> > +*.service
> > \ No newline at end of file  
> 
> I think it is better to put all of these things into the .gitignore file
> in the project root directory.  I see that this have slipped through a
> few times (./vendor, ./test/unit_tests and sample/sample-keys/) ... but
> as do ignore directories in the "master" .gitignore, I think we should
> have everything there.  It will be easier to know where to look.  And
> rather split things up when that master file gets too long and complicated.

I was not sure where you want this...
Moved it up to the root.

> > diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am
> > new file mode 100644
> > index 000..53a88c9
> > --- /dev/null
> > +++ b/distro/systemd/Makefile.am
> > @@ -0,0 +1,27 @@
> > +#
> > +#  OpenVPN -- An application to securely tunnel IP networks
> > +# over a single UDP port, with support for SSL/TLS-based
> > +# session authentication and key exchange,
> > +# packet encryption, packet authentication, and
> > +# packet compression.
> > +#
> > +#  Copyright (C) 2017 OpenVPN Technologies, Inc. 
> > +#
> > +
> > +%.service: %.service.in Makefile
> > +   $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \
> > +   $< > $@.tmp && mv $@.tmp $@
> > +
> > +EXTRA_DIST = \
> > +   openvpn-cli...@.service.in \
> > +   openvpn-ser...@.service.in
> > +
> > +if ENABLE_SYSTEMD
> > +systemdunitdir = $(systemdunitdir)  
> 
> This conflicts with AC_SUBST([systemdunitdir]) in configure.ac.  So this
> line should not be here.

Removed.

> [...snip]
> 
> > diff --git a/distro/systemd/openvpn-client@.service
> > b/distro/systemd/openvpn-cli...@.service.in similarity index 89%
> > rename from distro/systemd/openvpn-client@.service
> > rename to distro/systemd/openvpn-cli...@.service.in
> > index 5618af3..d9fd6b0 100644
> > --- a/distro/systemd/openvpn-client@.service
> > +++ b/distro/systemd/openvpn-cli...@.service.in
> > @@ -12,7 +12,7 @@ PrivateTmp=true
> >  RuntimeDirectory=openvpn-client
> >  RuntimeDirectoryMode=0710
> >  WorkingDirectory=/etc/openvpn/client
> > -ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config
> > %i.conf +ExecStart=@sbindir@ --suppress-timestamps --nobind --config
> > %i.conf  
> 
> It should be: ExecStart=@sbindir@/openvpn  otherwise the generated
> files are pointing at a only a directory.

Ups, stupid me... Looks like I broke this with my final patch preparation. :-p

I will send updated patches soon.
-- 
main(a){char*c=/*Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/*Best regards my address:*/=0;b=c[a++];)
putchar(b-1/(/*Chriscc -ox -xc - && ./x*/b/42*2-3)*42);}


pgpHuUdA1pj7C.pgp
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files

2017-01-20 Thread David Sommerseth 
On 27/12/16 23:15, Christian Hesse wrote:
> From: Christian Hesse 
> 
> If systemd is enabled we install unit files to $libdir/systemd/system
> (or the path specified by SYSTEMD_UNIT_DIR).
> The unit files are generated on the fly with matching $sbindir.
> 
> Signed-off-by: Christian Hesse 
> ---
>  configure.ac   | 10 
>  distro/Makefile.am |  4 +---
>  distro/systemd/.gitignore  |  1 +
>  distro/systemd/Makefile.am | 27 
> ++
>  ...-client@.service => openvpn-cli...@.service.in} |  2 +-
>  ...-server@.service => openvpn-ser...@.service.in} |  2 +-
>  6 files changed, 41 insertions(+), 5 deletions(-)
>  create mode 100644 distro/systemd/.gitignore
>  create mode 100644 distro/systemd/Makefile.am
>  rename distro/systemd/{openvpn-client@.service => 
> openvpn-cli...@.service.in} (89%)
>  rename distro/systemd/{openvpn-server@.service => 
> openvpn-ser...@.service.in} (83%)


Finally had some time to look at this!  Some comments below.

[...snip...]

> --- /dev/null
> +++ b/distro/systemd/.gitignore
> @@ -0,0 +1 @@
> +*.service
> \ No newline at end of file

I think it is better to put all of these things into the .gitignore file
in the project root directory.  I see that this have slipped through a
few times (./vendor, ./test/unit_tests and sample/sample-keys/) ... but
as do ignore directories in the "master" .gitignore, I think we should
have everything there.  It will be easier to know where to look.  And
rather split things up when that master file gets too long and complicated.


> diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am
> new file mode 100644
> index 000..53a88c9
> --- /dev/null
> +++ b/distro/systemd/Makefile.am
> @@ -0,0 +1,27 @@
> +#
> +#  OpenVPN -- An application to securely tunnel IP networks
> +# over a single UDP port, with support for SSL/TLS-based
> +# session authentication and key exchange,
> +# packet encryption, packet authentication, and
> +# packet compression.
> +#
> +#  Copyright (C) 2017 OpenVPN Technologies, Inc. 
> +#
> +
> +%.service: %.service.in Makefile
> + $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \
> + $< > $@.tmp && mv $@.tmp $@
> +
> +EXTRA_DIST = \
> + openvpn-cli...@.service.in \
> + openvpn-ser...@.service.in
> +
> +if ENABLE_SYSTEMD
> +systemdunitdir = $(systemdunitdir)

This conflicts with AC_SUBST([systemdunitdir]) in configure.ac.  So this
line should not be here.

[...snip]

> diff --git a/distro/systemd/openvpn-client@.service 
> b/distro/systemd/openvpn-cli...@.service.in
> similarity index 89%
> rename from distro/systemd/openvpn-client@.service
> rename to distro/systemd/openvpn-cli...@.service.in
> index 5618af3..d9fd6b0 100644
> --- a/distro/systemd/openvpn-client@.service
> +++ b/distro/systemd/openvpn-cli...@.service.in
> @@ -12,7 +12,7 @@ PrivateTmp=true
>  RuntimeDirectory=openvpn-client
>  RuntimeDirectoryMode=0710
>  WorkingDirectory=/etc/openvpn/client
> -ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
> +ExecStart=@sbindir@ --suppress-timestamps --nobind --config %i.conf

It should be: ExecStart=@sbindir@/openvpn  otherwise the generated
files are pointing at a only a directory.

[...snip]

> diff --git a/distro/systemd/openvpn-server@.service 
> b/distro/systemd/openvpn-ser...@.service.in
> similarity index 83%
> rename from distro/systemd/openvpn-server@.service
> rename to distro/systemd/openvpn-ser...@.service.in
> index b9b4dba..a270982 100644
> --- a/distro/systemd/openvpn-server@.service
> +++ b/distro/systemd/openvpn-ser...@.service.in
> @@ -12,7 +12,7 @@ PrivateTmp=true
>  RuntimeDirectory=openvpn-server
>  RuntimeDirectoryMode=0710
>  WorkingDirectory=/etc/openvpn/server
> -ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --config %i.conf
> +ExecStart=@sbindir@ --status %t/openvpn-server/status-%i.log 
> --status-version 2 --suppress-timestamps --config %i.conf

Same as above.


-- 
kind regards,

David Sommerseth
OpenVPN Technologies, Inc




signature.asc
Description: OpenPGP digital signature
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

[Openvpn-devel] [PATCH 1/2] use automake tools to install systemd files

2016-12-27 Thread Christian Hesse 
From: Christian Hesse 

If systemd is enabled we install unit files to $libdir/systemd/system
(or the path specified by SYSTEMD_UNIT_DIR).
The unit files are generated on the fly with matching $sbindir.

Signed-off-by: Christian Hesse 
---
 configure.ac   | 10 
 distro/Makefile.am |  4 +---
 distro/systemd/.gitignore  |  1 +
 distro/systemd/Makefile.am | 27 ++
 ...-client@.service => openvpn-cli...@.service.in} |  2 +-
 ...-server@.service => openvpn-ser...@.service.in} |  2 +-
 6 files changed, 41 insertions(+), 5 deletions(-)
 create mode 100644 distro/systemd/.gitignore
 create mode 100644 distro/systemd/Makefile.am
 rename distro/systemd/{openvpn-client@.service => openvpn-cli...@.service.in} 
(89%)
 rename distro/systemd/{openvpn-server@.service => openvpn-ser...@.service.in} 
(83%)

diff --git a/configure.ac b/configure.ac
index 43487b0..114fcb9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -378,6 +378,7 @@ AC_ARG_VAR([NETSTAT], [path to netstat utility]) # tests
 AC_ARG_VAR([MAN2HTML], [path to man2html utility])
 AC_ARG_VAR([GIT], [path to git utility])
 AC_ARG_VAR([SYSTEMD_ASK_PASSWORD], [path to systemd-ask-password utility])
+AC_ARG_VAR([SYSTEMD_UNIT_DIR], [Path of systemd unit directory 
@<:@default=LIBDIR/systemd/system@:>@])
 AC_PATH_PROGS([IFCONFIG], [ifconfig],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
 AC_PATH_PROGS([ROUTE], [route],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
 AC_PATH_PROGS([IPROUTE], [ip],, [$PATH:/usr/local/sbin:/usr/sbin:/sbin])
@@ -1075,6 +1076,12 @@ if test "$enable_systemd" = "yes" ; then
 OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
 AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
 LIBS="${saved_LIBS}"
+
+if test -n "${SYSTEMD_UNIT_DIR}"; then
+systemdunitdir="${SYSTEMD_UNIT_DIR}"
+else
+systemdunitdir="\${libdir}/systemd/system"
+fi
 fi
 
 
@@ -1250,6 +1257,8 @@ sampledir="\$(docdir)/sample"
 AC_SUBST([plugindir])
 AC_SUBST([sampledir])
 
+AC_SUBST([systemdunitdir])
+
 VENDOR_SRC_ROOT="\$(abs_top_srcdir)/vendor/"
 VENDOR_DIST_ROOT="\$(abs_top_builddir)/vendor/dist"
 VENDOR_BUILD_ROOT="\$(abs_top_builddir)/vendor/.build"
@@ -1288,6 +1297,7 @@ AC_CONFIG_FILES([
distro/Makefile
distro/rpm/Makefile
distro/rpm/openvpn.spec
+   distro/systemd/Makefile
include/Makefile
src/Makefile
src/compat/Makefile
diff --git a/distro/Makefile.am b/distro/Makefile.am
index 7a9ffd0..eb0e554 100644
--- a/distro/Makefile.am
+++ b/distro/Makefile.am
@@ -12,6 +12,4 @@
 MAINTAINERCLEANFILES = \
$(srcdir)/Makefile.in
 
-SUBDIRS = rpm
-
-EXTRA_DIST = systemd/openvpn-client@.service systemd/openvpn-server@.service
+SUBDIRS = rpm systemd
diff --git a/distro/systemd/.gitignore b/distro/systemd/.gitignore
new file mode 100644
index 000..ef4c0b8
--- /dev/null
+++ b/distro/systemd/.gitignore
@@ -0,0 +1 @@
+*.service
\ No newline at end of file
diff --git a/distro/systemd/Makefile.am b/distro/systemd/Makefile.am
new file mode 100644
index 000..53a88c9
--- /dev/null
+++ b/distro/systemd/Makefile.am
@@ -0,0 +1,27 @@
+#
+#  OpenVPN -- An application to securely tunnel IP networks
+# over a single UDP port, with support for SSL/TLS-based
+# session authentication and key exchange,
+# packet encryption, packet authentication, and
+# packet compression.
+#
+#  Copyright (C) 2017 OpenVPN Technologies, Inc. 
+#
+
+%.service: %.service.in Makefile
+   $(AM_V_GEN)sed -e 's|\@sbindir\@|$(sbindir)|' \
+   $< > $@.tmp && mv $@.tmp $@
+
+EXTRA_DIST = \
+   openvpn-cli...@.service.in \
+   openvpn-ser...@.service.in
+
+if ENABLE_SYSTEMD
+systemdunitdir = $(systemdunitdir)
+systemdunit_DATA = \
+   openvpn-client@.service \
+   openvpn-server@.service
+endif
+
+MAINTAINERCLEANFILES = \
+   $(srcdir)/Makefile.in
diff --git a/distro/systemd/openvpn-client@.service 
b/distro/systemd/openvpn-cli...@.service.in
similarity index 89%
rename from distro/systemd/openvpn-client@.service
rename to distro/systemd/openvpn-cli...@.service.in
index 5618af3..d9fd6b0 100644
--- a/distro/systemd/openvpn-client@.service
+++ b/distro/systemd/openvpn-cli...@.service.in
@@ -12,7 +12,7 @@ PrivateTmp=true
 RuntimeDirectory=openvpn-client
 RuntimeDirectoryMode=0710
 WorkingDirectory=/etc/openvpn/client
-ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
+ExecStart=@sbindir@ --suppress-timestamps --nobind --config %i.conf
 CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID 
CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
 LimitNPROC=10
 DeviceAllow=/dev/null rw
diff --git a/distro/systemd/openvpn-server@.service 
b/distro/systemd/openvpn-ser...@.service.in
similarity index 83%
rename from