diff options
Diffstat (limited to 'source/n/openvpn')
-rw-r--r-- | source/n/openvpn/doinst.sh | 25 | ||||
-rwxr-xr-x | source/n/openvpn/openvpn.SlackBuild | 58 | ||||
-rw-r--r-- | source/n/openvpn/openvpn.url | 3 | ||||
-rw-r--r-- | source/n/openvpn/rc.openvpn | 111 | ||||
-rw-r--r-- | source/n/openvpn/slack-desc | 8 | ||||
-rw-r--r-- | source/n/openvpn/slackware.conf (renamed from source/n/openvpn/openvpn.conf.sample) | 0 |
6 files changed, 182 insertions, 23 deletions
diff --git a/source/n/openvpn/doinst.sh b/source/n/openvpn/doinst.sh new file mode 100644 index 00000000..4b9b133a --- /dev/null +++ b/source/n/openvpn/doinst.sh @@ -0,0 +1,25 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +preserve_perms etc/rc.d/rc.openvpn.new + diff --git a/source/n/openvpn/openvpn.SlackBuild b/source/n/openvpn/openvpn.SlackBuild index cb9efc4f..c8457f9d 100755 --- a/source/n/openvpn/openvpn.SlackBuild +++ b/source/n/openvpn/openvpn.SlackBuild @@ -1,7 +1,7 @@ -#!/bin/sh +#!/bin/bash # Copyright 2006, Alan Hicks, Lizella, GA -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,10 +21,11 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +cd $(dirname $0) ; CWD=$(pwd) PKGNAM=openvpn VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -36,6 +37,14 @@ if [ -z "$ARCH" ]; then esac fi +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + NUMJOBS=${NUMJOBS:-" -j7 "} if [ "$ARCH" = "i586" ]; then @@ -52,7 +61,6 @@ else LIBDIRSUFFIX="" fi -CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM @@ -84,9 +92,8 @@ CXXFLAGS="$SLKCFLAGS" \ --docdir=/usr/doc/openvpn-${VERSION} \ --enable-lzo \ --enable-iproute2 \ - --enable-password-save \ --disable-plugin-auth-pam \ - --build=$ARCH-slackware-linux + --build=$ARCH-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 make install-strip DESTDIR=$PKG || exit 1 @@ -97,26 +104,33 @@ mkdir -p $PKG/etc/openvpn/{certs,keys} chown root:nobody $PKG/etc/openvpn/{certs,keys} chmod 750 $PKG/etc/openvpn/{certs,keys} -# Install a reasonably generic sample config file: -cp -a $CWD/openvpn.conf.sample $PKG/etc/openvpn/openvpn.conf.sample -chmod 644 $PKG/etc/openvpn/openvpn.conf.sample +# Install a startup script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.openvpn $PKG/etc/rc.d/rc.openvpn.new +chmod 644 $PKG/etc/rc.d/rc.openvpn.new +chown root:root $PKG/etc/rc.d/rc.openvpn.new # Let folks know about the other configs, if they haven't found them. # They might even find the documentation there useful. ;-) cat << EOF > $PKG/etc/openvpn/README.TXT -Have a look in /usr/doc/$PKGNAM-$VERSION/sample-config-files -for some more examples of how to configure OpenVPN. You'll -need to add something to your /etc/rc.d/rc.local to start -OpenVPN, as well as to tell it where to find its config file. +One or more OpenVPN config files should be installed in this directory +as files ending in ".conf" (i.e. client.conf, server.conf, etc.). + +Have a look in sample-config-files for some more examples of how to +configure OpenVPN. + +To start OpenVPN, use this command as root: +sh /etc/rc.d/rc.openvpn start +To make OpenVPN start automatically at boot, change the script permissions: +chmod 755 /etc/rc.d/rc.openvpn See "man openvpn" and the other docs for more information. EOF # Add a link, too: -mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files -( cd $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files - ln -sf /etc/openvpn/openvpn.conf.sample . +( cd $PKG/etc/openvpn + ln -sf /usr/doc/$PKGNAM-$VERSION/sample-config-files . ) if [ -d $PKG/usr/man ]; then @@ -127,10 +141,17 @@ if [ -d $PKG/usr/man ]; then fi mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION -cp -a AUTHORS COPYING* COPYRIGHT.GPL INSTALL INSTALL-win32.txt \ - NEWS PORTS README* sample-config-files sample-keys sample-scripts easy-rsa \ +cp -a AUTHORS COPYING* COPYRIGHT* INSTALL* \ + NEWS PORTS README* sample/sample-config-files sample/sample-keys sample/sample-scripts \ $PKG/usr/doc/$PKGNAM-$VERSION +# Install a reasonably generic sample config file: +# (put this in with the other samples) +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +cp -a $CWD/slackware.conf $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +chown root:root $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf +chmod 644 $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf + # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: if [ -r ChangeLog ]; then @@ -140,6 +161,7 @@ if [ -r ChangeLog ]; then fi mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG diff --git a/source/n/openvpn/openvpn.url b/source/n/openvpn/openvpn.url index 0845c411..4c476d87 100644 --- a/source/n/openvpn/openvpn.url +++ b/source/n/openvpn/openvpn.url @@ -1 +1,2 @@ -https://swupdate.openvpn.org/community/releases/ +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz.asc diff --git a/source/n/openvpn/rc.openvpn b/source/n/openvpn/rc.openvpn new file mode 100644 index 00000000..86f31922 --- /dev/null +++ b/source/n/openvpn/rc.openvpn @@ -0,0 +1,111 @@ +#!/bin/sh +# +# /etc/rc.d/rc.openvpn +# +# Start/stop/restart the openvpn daemon. +# +# By default, this script will start/stop/restart a daemon for every *.conf +# file found in /etc/openvpn. +# +# To work with a single connection, add the name of the config file: +# /etc/rc.d/rc.openvpn start configfile.conf +# +# You may also use a config file not found in /etc/openvpn by providing a +# complete path: +# /etc/rc.d/rc.openvpn start /path/to/some/other/configfile.conf +# +# The name of a config file provided with a complete path should not match +# the name of any config file present in the /etc/openvpn directory. + +ovpn_start() { + if [ -x /usr/sbin/openvpn ]; then + if [ -z "$1" ]; then # start OpenVPN for all config files: + if /bin/ls /etc/openvpn/*.conf 1> /dev/null 2> /dev/null ; then + for config in /etc/openvpn/*.conf ; do + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config + done + else + echo "Unable to start OpenVPN - no .conf files found in /etc/openvpn/." + fi + else # start OpenVPN for one config file: + if [ -r "$1" ]; then + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1 + else # config file is missing: + echo "Error starting OpenVPN: config file $1 is missing." + fi + fi + fi +} + +ovpn_stop() { + # Note: OpenVPN has a bad habit of leaving stale pid files around when exiting. + # Maybe it would be better to just use killall unless called for one config? + if [ -z "$1" ]; then # stop OpenVPN for all pid files: + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + for pid in /run/openvpn/*.pid ; do + echo "Stopping OpenVPN for pid file $pid..." + kill $(cat $pid) + rm -f $pid + done + else + echo "Warning: no pid files found in /run/openvpn/. Using killall to stop any OpenVPN processes." + killall openvpn + fi + else # stop OpenVPN for one config file: + if [ -r /run/openvpn/$(basename ${1}).pid ]; then + echo "Stopping OpenVPN for config file ${1}..." + kill $(cat /run/openvpn/$(basename ${1}).pid) + rm -f /run/openvpn/$(basename ${1}).pid + else + echo "Error stopping OpenVPN: no such pid file /run/openvpn/$(basename ${1}).pid" + fi + fi +} + +ovpn_restart() { + if [ ! -z "$1" ]; then # restart for all config files: + ovpn_stop + sleep 2 + ovpn_start + else # restart for one config file only: + ovpn_stop $1 + sleep 2 + ovpn_start $1 + fi +} + +ovpn_status() { + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + echo "Currently running OpenVPN processes according to .pid files in /run/openvpn:" + for pid in /run/openvpn/*.pid ; do + echo " $(basename $pid) ($(cat $pid))" + done + else + echo "No .pid files found in /run/openvpn." + fi +} + +# Create PID directory if it doesn't exist: +if [ ! -d /run/openvpn ]; then + mkdir -p /run/openvpn +fi + +case "$1" in +'start') + ovpn_start $2 + ;; +'stop') + ovpn_stop $2 + ;; +'restart') + ovpn_restart $2 + ;; +'status') + ovpn_status + ;; +*) + echo "Usage: $0 {start|stop|restart}" +esac + diff --git a/source/n/openvpn/slack-desc b/source/n/openvpn/slack-desc index e73ab2fd..7ffd6167 100644 --- a/source/n/openvpn/slack-desc +++ b/source/n/openvpn/slack-desc @@ -1,8 +1,8 @@ # HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line +# The "handy ruler" below makes it easier to edit a package description. Line # up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also # customary to leave one space after the ':'. |-----handy-ruler------------------------------------------------------| @@ -13,7 +13,7 @@ openvpn: of configurations, including remote access, site-to-site VPNs, WiFi openvpn: security, and enterprise-scale remote access with load balancing, openvpn: failover, and fine-grained access-controls. openvpn: -openvpn: OpenVPN's home on the net is: http://openvpn.net +openvpn: OpenVPN's home on the net is: http://openvpn.net openvpn: openvpn: openvpn: diff --git a/source/n/openvpn/openvpn.conf.sample b/source/n/openvpn/slackware.conf index 4314b544..4314b544 100644 --- a/source/n/openvpn/openvpn.conf.sample +++ b/source/n/openvpn/slackware.conf |