The NS OpenVPN module should be updated to use the latest systemd unit files

openvpn
v7

(Eddie Atherton) #1

NethServer Version: NS7
Module: OpenVPN

Since OpenVPN 2.4 (Well, 2.3.18 really) the single systemd unit file was split into 2 files. One for a server configuration, the other for a client.

It appears that the CentOS rpm maintainer is still including the “old” single systemd unit file, which is no longer shipped as part of the OpenVPN tarball. Once that ceases to be included, the NS OpenVPN support will break.

Cheers.


(Stéphane de Labrusse) #2

do you have some link please ?


(Eddie Atherton) #3

Here’s the commit.

As I said, luckily the CentOS maintainer is currently still including the deprecated unit file, which is why it’s still working today.

I did raise this at the time it was originally pushed.

Cheers.


(Stéphane de Labrusse) #4

Committed by: Gert Doering 2014-11-24


(Eddie Atherton) #5

And CentOS pushed through version 2.4.1, the first CentOS rpm with that update, in April '17.

How long do you trust that the deprecated file will continue to be part of the rpm.

Cheers.


(Stéphane de Labrusse) #6

Yep we can see the full sources at https://sourceforge.net/p/openvpn/openvpn/ci/release/2.4/~/tree/distro/systemd/

It seems that other commits came, probably the maintainer know it is a breaking change, so it could explain why it is not released.

did you use this systemd service file ?


(Stéphane de Labrusse) #7

I confirm that the openvpn service crashes


(Eddie Atherton) #8

NS still uses the “old” file for RoadWarrior support, which I currently use, but am looking at dropping in favour of WireGuard.

I use the new -client format for an outbound VPN, created and maintained outside of the NS framework.

Cheers.


(Stéphane de Labrusse) #9

this is an advocacy for a script to download and follow updates @davidep


(Davide Principi) #10

We have to stay tuned with upstream developments :blush: