We start with systemd Type=notify, so refuse to daemonize. This does not
affect starting openvpn from script or command line.
v2: Update commit message about script and command line.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-By: Richard Bonhomme <fragmentux@gmail.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20161201213104.5667-2-list@eworm.de>
URL: http://www.mail-archive.com/search?l=mid&q=20161201213104.5667-2-list@eworm.de
Signed-off-by: David Sommerseth <davids@openvpn.net>
... | ... |
@@ -12,7 +12,6 @@ PrivateTmp=true |
12 | 12 |
RuntimeDirectory=openvpn-client |
13 | 13 |
RuntimeDirectoryMode=0710 |
14 | 14 |
WorkingDirectory=/etc/openvpn/client |
15 |
-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' |
|
16 | 15 |
ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf |
17 | 16 |
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE |
18 | 17 |
LimitNPROC=10 |
... | ... |
@@ -12,7 +12,6 @@ PrivateTmp=true |
12 | 12 |
RuntimeDirectory=openvpn-server |
13 | 13 |
RuntimeDirectoryMode=0710 |
14 | 14 |
WorkingDirectory=/etc/openvpn/server |
15 |
-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' |
|
16 | 15 |
ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf |
17 | 16 |
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE |
18 | 17 |
LimitNPROC=10 |
... | ... |
@@ -930,6 +930,13 @@ bool |
930 | 930 |
possibly_become_daemon (const struct options *options) |
931 | 931 |
{ |
932 | 932 |
bool ret = false; |
933 |
+ |
|
934 |
+#ifdef ENABLE_SYSTEMD |
|
935 |
+ /* return without forking if we are running from systemd */ |
|
936 |
+ if (sd_notify(0, "READY=0") > 0) |
|
937 |
+ return ret; |
|
938 |
+#endif |
|
939 |
+ |
|
933 | 940 |
if (options->daemon) |
934 | 941 |
{ |
935 | 942 |
ASSERT (!options->inetd); |