On 01/02/16 18:37, Simon Déziel wrote: > I just check on 14.04 and 16.04 and the init script automatically adds > "--script-security 2" unless the VPN config contains a script-security > directive. > > Problem is that since the switch to systemd, the init script is no > longer used and the daemon is used like this: > > $ systemctl cat [email protected] | grep ^ExecStart > ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status > 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf --writepid > /run/openvpn/%i.pid > > This probably breaks setups relying on "--script-security 2" like yours. > Could you try adding "script-security 2" to /etc/openvpn/infra.conf and > see if it helps?
Yes, it solves the problem. I thought I reported that before. The problem is the migration mechanism that has to be corrected. The way I used "--script-security 2" was the one put forward in the official doc. The problem shall be the same for the migration 14.04 -> 16.04 (I presume). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1454725 Title: openvpn does not use OPTARGS from /etc/default/openvpn To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1454725/+subscriptions -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
