We start with systemd Type=notify, so refuse to daemonize. This does not
affect starting openvpn from script or command line.
v2: Update commit message about script and command line.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-By: Richard Bonhomme <fragmentux@gmail.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <
20161201213104.5667-2-list@eworm.de>
URL: http://www.mail-archive.com/search?l=mid&q=
20161201213104.5667-2-list@eworm.de
Signed-off-by: David Sommerseth <davids@openvpn.net>
RuntimeDirectory=openvpn-client
RuntimeDirectoryMode=0710
WorkingDirectory=/etc/openvpn/client
-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
LimitNPROC=10
RuntimeDirectory=openvpn-server
RuntimeDirectoryMode=0710
WorkingDirectory=/etc/openvpn/server
-ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1'
ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
LimitNPROC=10
possibly_become_daemon (const struct options *options)
{
bool ret = false;
+
+#ifdef ENABLE_SYSTEMD
+ /* return without forking if we are running from systemd */
+ if (sd_notify(0, "READY=0") > 0)
+ return ret;
+#endif
+
if (options->daemon)
{
ASSERT (!options->inetd);
projects / thirdparty / openvpn.git / commitdiff
