From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] OpenVPN: Add to update and exclude Date: Fri, 17 Apr 2020 18:41:07 +0100 Message-ID: In-Reply-To: <20200417163459.10032-1-ummeegge@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1663635390863674055==" List-Id: --===============1663635390863674055== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, This patch is for Core Update 144, but I am not sure if we can ship it with t= his. The update will contain the OpenSSL update that is announced for Tuesday and = I would like to be able to release it as soon as possible. I am not sure what the risk is with this patch delaying that release, so I wi= ll let Arne decide. See below for more... > On 17 Apr 2020, at 17:34, Erik Kapfer wrote: >=20 > Since some OpenVPN updates did not apply, the service will be stopped befor= e the update to prevent 'Text file busy' and start up again. Normally this should to be a problem. Tar is normally able to replace any bin= ary, even if it is just running. We definitely need to restart OpenVPN to take advantage of the new version. >=20 > Signed-off-by: Erik Kapfer > --- > config/rootfiles/core/144/exclude | 1 + > config/rootfiles/core/144/update.sh | 12 ++++++++++++ > 2 files changed, 13 insertions(+) >=20 > diff --git a/config/rootfiles/core/144/exclude b/config/rootfiles/core/144/= exclude > index b22159878..ba1b646e6 100644 > --- a/config/rootfiles/core/144/exclude > +++ b/config/rootfiles/core/144/exclude > @@ -24,5 +24,6 @@ var/lib/alternatives > var/log/cache > var/log/dhcpcd.log > var/log/messages > +var/ipfire/ovpn > var/state/dhcp/dhcpd.leases > var/updatecache > diff --git a/config/rootfiles/core/144/update.sh b/config/rootfiles/core/14= 4/update.sh > index 6a9c51931..81a6c626e 100644 > --- a/config/rootfiles/core/144/update.sh > +++ b/config/rootfiles/core/144/update.sh > @@ -47,6 +47,15 @@ done > # Remove files >=20 > # Stop services > +# Stop OpenVPN server if it runs > +if pgrep openvpn -fl | grep 'server.conf' >/dev/null 2>&1; then > + /usr/local/bin/openvpnctrl -k > +fi > + > +# Stop OpenVPN N2N if it runs > +if pgrep openvpn -fl | grep 'n2nconf' >/dev/null 2>&1; then > + /usr/local/bin/openvpnctrl -kn2n > +fi Interesting way to stop it. Can we not call openvpnctrl regardless, because i= t won=E2=80=99t matter if the daemon wasn=E2=80=99t running at all. > # Extract files > extract_files > @@ -55,6 +64,9 @@ extract_files > ldconfig >=20 > # Start services > +# Start OpenVPN again > +/usr/local/bin/openvpnctrl -s > +/usr/local/bin/openvpnctrl -sn2n >=20 > # Update Language cache > /usr/local/bin/update-lang-cache > =E2=80=94=20 > 2.20.1 >=20 Best, -Michael --===============1663635390863674055==--