X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@lists.alpinelinux.org Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181]) by lists.alpinelinux.org (Postfix) with ESMTP id 676661EBFFE for ; Sat, 8 Jan 2011 14:37:07 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbra.netvantix.net (Postfix) with ESMTP id 2886E258CE8 for ; Sat, 8 Jan 2011 07:37:07 -0700 (MST) X-Virus-Scanned: amavisd-new at zimbra.netvantix.net Received: from zimbra.netvantix.net ([127.0.0.1]) by localhost (zimbra.netvantix.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7SjvgopYm0bu for ; Sat, 8 Jan 2011 07:37:02 -0700 (MST) Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181]) by zimbra.netvantix.net (Postfix) with ESMTP id 4DBA6258CE6 for ; Sat, 8 Jan 2011 07:37:02 -0700 (MST) Date: Sat, 8 Jan 2011 07:37:02 -0700 (MST) From: Steve Fink To: Alpine-Devel Message-ID: <7107888.5391.1294497422063.JavaMail.root@zimbra.netvantix.net> In-Reply-To: <3830777.5387.1294497108804.JavaMail.root@zimbra.netvantix.net> Subject: [alpine-devel] Modified: Multiple VPN Tunnels X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_5389_2516254.1294497422059" X-Originating-IP: [174.52.152.201] X-Mailer: Zimbra 6.0.3_GA_1915.RHEL4 (ZimbraWebClient - FF3.0 (Linux)/6.0.3_GA_1915.RHEL4) ------=_Part_5389_2516254.1294497422059 Content-Type: multipart/alternative; boundary="----=_Part_5390_12105606.1294497422059" ------=_Part_5390_12105606.1294497422059 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Natanael, I have made changes to the /etc/init.d/openvpn script. I believe we have now covered everything. In the part where the script locates the symlinks I wanted to do a "ls -l|awk 'print{$5}'|grep -c 10" but the BusyBox version of ls does not support showing the file type. So I had to come up with an alternate method which isn't necessarily the best way I would have liked to do it but it works. If someone has just the file openvpn.conf or client.conf or whatever.conf it starts that file through the new method. If there are symlinks or multiple openvpn.whatever in /etc/init.d then they are located and launched with the Gentoo method. If the only symlink being started in the default runlevel is openvpn.client or openvpn.whatever it works too. If someone does not have a .conf file to match their symlinks and tries to start all openvpn init scripts there is an error message saying the .conf file does not exist for whatever their symlink is. Because we're now using the directory /var/run/openvpn for both we only require one stop method. I also put the before netmount back in there. Let me know what you think. Best, Steve #!/sbin/runscript # OpenVPN start/stop script # # Adapted to Gentoo by James Yonan # Modified by Steve Fink to support /etc/conf.d/openvpn # and to support multiple .conf files or Gentoo style symlinks # # - Starts an OpenVPN process for each .conf file in $CONFDIR # # - If /etc/openvpn/xxx.start exists for a xxx.conf file then it executes # it before starting OpenVPN (useful for doing openvpn --mktun...). # # - If /etc/openvpn/xxx.stop exists for a xxx.conf file then it executes # it after stopping OpenVPN (useful for doing openvpn --rmtun...). # # OpenRC options opts="start stop restart" depend() { need net use dns after sshd before netmount } PIDDIR=/var/run/openvpn # Default location of openvpn DEF_OPENVPN=/usr/sbin/openvpn # Default conf directory DEF_CONFDIR=/etc/openvpn #Determine whether it's symlinked or not. SMLNK="1" if [ `ls -l /etc/init.d/openvpn*|grep -c openvpn` -eq 1 ]; then SMLNK="0" else # Set variables for symlinked VPN="${SVCNAME#*.}" if [ -n "${VPN}" ] && [ "${SVCNAME}" != "openvpn" ]; then VPNPID="${PIDDIR}/${VPN}.pid" else VPNPID="${PIDDIR}/${SVCNAME}.pid" fi VPNCONF="${CONFDIR}/${VPN}.conf" fi chkconfd() { if [ -z $OPENVPN ]; then OPENVPN=$DEF_OPENVPN einfo "No path to OpenVPN defined in /etc/conf.d/openvpn using default $OPENVPN." fi if [ -z $CONFDIR ]; then CONFDIR=$DEF_CONFDIR einfo "No config file directory defined in /etc/conf.d/openvpn using default $CONFDIR." fi } chktundev() { if [ ! -e /dev/net/tun ]; then if ! modprobe tun ; then eerror "TUN/TAP module unable to load into kernel" return 1 fi fi if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then ebegin "Detected broken /dev/net/tun symlink, fixing..." rm -f /dev/net/tun ln -s /dev/misc/net/tun /dev/net/tun eend $? fi } start() { chkconfd chktundev || return 1 ebegin "Starting OpenVPN" # Load the TUN/TAP module /sbin/modprobe tun >/dev/null 2>&1 if [ ! -d $PIDDIR ]; then mkdir $PIDDIR fi if [ "$SMLNK" = "1" ]; then # Start Gentoo symlinked ebegin "Starting VPN ${SVCNAME}" chktundev || return 1 if [ ! -e "${VPNCONF}" ]; then eend 1 "${VPNCONF} does not exist" return 1 fi local args="" # If the config file does not specify the cd option, we do # But if we specify it, we override the config option which we do not want if ! grep -q "^[ \t]*cd[ \t].*" "${VPNCONF}" ; then args="${args} --cd ${CONFDIR}" fi start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \ -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args} eend $? "Check your logs to see why startup failed" else cd $CONFDIR # Start every .conf file in $CONFDIR and run .start if available local errors=0 local successes=0 local retstatus=0 for c in `/bin/ls *.conf 2>/dev/null`; do VPN=${c%%.conf} ebegin "Starting VPN: $VPN" if [ -f "$VPN.start" ]; then . $VPN.start fi rm -f $PIDDIR/$VPN.pid $OPENVPN --daemon OpenVPN-$VPN --writepid $PIDDIR/$VPN.pid --config $CONFDIR/$c --cd $CONFDIR result=$? if [ $result = 0 ]; then successes=1 else errors=1 FAILED="$FAILED $VPN" fi eend $result done # Decide status based on errors/successes. # If at least one tunnel succeeded, we return success. # If some tunnels succeeded and some failed, we return success but give a warning. if [ $successes = 1 ]; then if [ $errors = 1 ]; then ewarn "The VPN$FAILED failed to start" fi else retstatus=1 if [ $errors = 0 ]; then ewarn "Note: No OpenVPN configuration files were found in $CONFDIR" fi fi eend $retstatus "Error starting OpenVPN" fi } stop() { ebegin "Stopping OpenVPN" if [ ! -d $PIDDIR ]; then ewarn "The pid directory $PIDDIR does not exist" eend 1 "Error stopping OpenVPN" else for PIDF in `find $PIDDIR -name '*.pid' 2>/dev/null`; do if [ -s $PIDF ]; then VPN=${PIDF%%.pid} VPN=${VPN##$PIDDIR/} einfo "Stopping VPN: $VPN ..." kill `cat $PIDF` >/dev/null 2>&1 if [ -f "${CONFDIR}/${VPN}.stop" ]; then . ${CONFDIR}/${VPN}.stop fi eend $? rm -rf $PIDF >/dev/null 2>&1 if [ `ls -A "$PIDDIR"|wc -w` = 0 ]; then rm -rf "${PIDDIR}" fi fi done eend 0 fi } ------=_Part_5390_12105606.1294497422059 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <= div style=3D'font-family: Times New Roman; font-size: 12pt; color: #000000'= >Natanael,

I have made changes to the /etc/init.d/openvpn script. I = believe we have now covered everything.

In the part where the script= locates the symlinks I wanted to do a "ls -l|awk 'print{$5}'|grep -c 10" b= ut the BusyBox version of ls does not support showing the file type. So I h= ad to come up with an alternate method which isn't necessarily the best way= I would have liked to do it but it works.

If someone has just the f= ile openvpn.conf or client.conf or whatever.conf it starts that file throug= h the new method.

If there are symlinks or multiple openvpn.whatever= in /etc/init.d then they are located and launched with the Gentoo method. =

If the only symlink being started in the default runlevel is openvp= n.client or openvpn.whatever it works too.

If someone does not have = a .conf file to match their symlinks and tries to start all openvpn init sc= ripts there is an error message saying the .conf file does not exist for wh= atever their symlink is.

Because we're now using the directory /var/= run/openvpn for both we only require one stop method.

I also put the= before netmount back in there.

Let me know what you think.

B= est,

Steve

#!/sbin/runscript

# OpenVPN start/stop scri= pt
#
# Adapted to Gentoo by James Yonan
# Modified by Steve Fink t= o support /etc/conf.d/openvpn
# and to support multiple .conf files or G= entoo style symlinks
#
# - Starts an OpenVPN process for each .conf f= ile in $CONFDIR
#
# - If /etc/openvpn/xxx.start exists for a xxx.conf= file then it executes
#   it before starting OpenVPN (useful = for doing openvpn --mktun...).
#
# - If /etc/openvpn/xxx.stop exists = for a xxx.conf file then it executes
#   it after stopping Ope= nVPN (useful for doing openvpn --rmtun...).
#

# OpenRC optionsopts=3D"start stop restart"

depend() {
    need n= et
    use dns
    after sshd
 =    before netmount
}


PIDDIR=3D/var/run/openvpn
#= Default location of openvpn
DEF_OPENVPN=3D/usr/sbin/openvpn
# Defaul= t conf directory
DEF_CONFDIR=3D/etc/openvpn


#Determine whethe= r it's symlinked or not.
SMLNK=3D"1"
if [ `ls -l /etc/init.d/openvpn*= |grep -c openvpn` -eq 1 ]; then
    SMLNK=3D"0"
else    # Set variables for symlinked
    VP= N=3D"${SVCNAME#*.}"
    if [ -n "${VPN}" ] && [ "= ${SVCNAME}" !=3D "openvpn" ]; then
       = VPNPID=3D"${PIDDIR}/${VPN}.pid"
    else
  =       VPNPID=3D"${PIDDIR}/${SVCNAME}.pid"
 &nbs= p;  fi
    VPNCONF=3D"${CONFDIR}/${VPN}.conf"
fi<= br>
chkconfd() {
    if [ -z $OPENVPN ]; then
 = ;       OPENVPN=3D$DEF_OPENVPN
  = ;      einfo "No path to OpenVPN defined in /etc/c= onf.d/openvpn using default $OPENVPN."
    fi
 &n= bsp;  if [ -z $CONFDIR ]; then
      =   CONFDIR=3D$DEF_CONFDIR
       = einfo "No config file directory defined in /etc/conf.d/openvpn using defau= lt $CONFDIR."
    fi
   
}

c= hktundev() {
    if [ ! -e /dev/net/tun ]; then
 =        if ! modprobe tun ; then
  &nb= sp;         eerror "TUN/TAP module unable to = load into kernel"
          &nbs= p; return 1
        fi
  &nbs= p; fi
    if [ -h /dev/net/tun ] && [ -c /dev/mis= c/net/tun ]; then
        ebegin "Detected= broken /dev/net/tun symlink, fixing..."
      =   rm -f /dev/net/tun
        ln -s /d= ev/misc/net/tun /dev/net/tun
        eend = $?
    fi
}

start() {
    chk= confd
    chktundev || return 1
    ebe= gin "Starting OpenVPN"

        # Load = the TUN/TAP module
        /sbin/modprobe = tun >/dev/null 2>&1

        = if [ ! -d  $PIDDIR ]; then
       &nb= sp; mkdir $PIDDIR
        fi

 =    if [ "$SMLNK" =3D "1" ]; then
     &nbs= p;  # Start Gentoo symlinked
        = ebegin "Starting VPN ${SVCNAME}"

      &nbs= p; chktundev || return 1
        if [ ! -e= "${VPNCONF}" ]; then
          =   eend 1 "${VPNCONF} does not exist"
      = ;      return 1
       = ; fi
        local args=3D""
 &nbs= p;      # If the config file does not specify the cd op= tion, we do
        # But if we specify it= , we override the config option which we do not want
    =     if ! grep -q "^[ \t]*cd[ \t].*" "${VPNCONF}" ; then
&= nbsp;           args=3D"${args} --c= d ${CONFDIR}"
        fi
  &n= bsp;     start-stop-daemon --start --exec /usr/sbin/openvpn = --pidfile "${VPNPID}" \
         &nbs= p;  -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}        eend $? "Check your logs to see why= startup failed"
    else
     &nb= sp;  cd $CONFDIR

         &n= bsp;  # Start every .conf file in $CONFDIR and run .start if available=
            local errors= =3D0
            local succ= esses=3D0
            local= retstatus=3D0
            = for c in `/bin/ls *.conf 2>/dev/null`; do
    &nb= sp;           VPN=3D${c%%.conf}
=               &= nbsp; ebegin "Starting VPN: $VPN"
      &n= bsp;         if [ -f "$VPN.start" ]; then
=               &= nbsp;     . $VPN.start
     = ;           fi
   = ;             rm -f $PIDD= IR/$VPN.pid
           = ;     $OPENVPN --daemon OpenVPN-$VPN --writepid $PIDDIR/$VPN= .pid --config $CONFDIR/$c --cd $CONFDIR
     &n= bsp;          result=3D$?
  = ;              if [ = $result =3D 0 ]; then
        &n= bsp;           successes=3D1
&nb= sp;             &nbs= p; else
           &nb= sp;        errors=3D1
    &= nbsp;       FAILED=3D"$FAILED $VPN"
  = ;              fi              =   eend $result
        done

&n= bsp;       # Decide status based on errors/success= es.
            # If at lea= st one tunnel succeeded, we return success.
     &nb= sp;      # If some tunnels succeeded and some failed, w= e return success but give a warning.
      &nbs= p;     if [ $successes =3D 1 ]; then
   &n= bsp;            if [ $errors = =3D 1 ]; then
            &= nbsp;       ewarn "The VPN$FAILED failed to start"=
             &nb= sp;  fi
            el= se
             &= nbsp;  retstatus=3D1
        &nb= sp;       if [ $errors =3D 0 ]; then
 &nbs= p;             =     ewarn "Note: No OpenVPN configuration files were found = in $CONFDIR"
          &nbs= p;     fi
         &nb= sp;  fi
            ee= nd $retstatus "Error starting OpenVPN"
    fi
}
stop() {
    ebegin "Stopping OpenVPN"
  &n= bsp; if [ ! -d  $PIDDIR ]; then
      &nbs= p;    ewarn "The pid directory $PIDDIR does not exist"
 &= nbsp;         eend 1 "Error stopping OpenVPN"=
        else
     =    for PIDF in `find $PIDDIR -name '*.pid' 2>/dev/null`; do            if [ -s $PID= F ]; then
           &= nbsp;    VPN=3D${PIDF%%.pid}
     &nb= sp;          VPN=3D${VPN##$PID= DIR/}
            = ;    einfo "Stopping VPN: $VPN ..."
    &n= bsp;           kill `cat = $PIDF` >/dev/null 2>&1
       &n= bsp;        if [ -f "${CONFDIR}/${VPN}.s= top" ]; then
          &nbs= p;         . ${CONFDIR}/${VPN}.stop=
            &nbs= p;   fi
          = ;      eend $?
      &= nbsp;         rm -rf $PIDF >/dev= /null 2>&1
          = ;      if [ `ls -A "$PIDDIR"|wc -w` =3D 0 ]; then<= br>             = ;       rm -rf "${PIDDIR}"
  &nb= sp;             fi            fi
 = ;       done
      &nb= sp; eend 0
    fi
}
------=_Part_5390_12105606.1294497422059-- ------=_Part_5389_2516254.1294497422059 Content-Type: application/octet-stream; name=openvpn Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=openvpn #!/sbin/runscript # OpenVPN start/stop script # Adapted to Gentoo by James Yonan # Modified by Steve Fink for multiple .conf files # This script does the following: # # - Starts an OpenVPN process for each .conf file in /etc/openvpn # # - If /etc/openvpn/xxx.start exists for a xxx.conf file then it executes # it before starting OpenVPN (useful for doing openvpn --mktun...). # # - If /etc/openvpn/xxx.stop exists for a xxx.conf file then it executes # it after stopping OpenVPN (useful for doing openvpn --rmtun...). # # OpenRC options opts="start stop restart" # Default location of openvpn OPENVPN=/usr/sbin/openvpn # Default pid directory PIDDIR=/var/run/openvpn # Default conf directory CONFDIR=/etc/openvpn depend() { need net use dns } start() { ebegin "Starting OpenVPN" # Load the TUN/TAP module /sbin/modprobe tun >/dev/null 2>&1 if [ ! -d $PIDDIR ]; then mkdir $PIDDIR fi cd $CONFDIR # Start every .conf in $CONFDIR and run .start if available local errors=0 local successes=0 local retstatus=0 for c in `/bin/ls *.conf 2>/dev/null`; do bn=${c%%.conf} ebegin "Starting VPN: $bn" if [ -f "$bn.start" ]; then . $bn.start fi rm -f $PIDDIR/$bn.pid $OPENVPN --daemon openvpn-$bn --writepid $PIDDIR/$bn.pid --config $CONFDIR/$c --cd $CONFDIR result=$? if [ $result = 0 ]; then successes=1 else errors=1 fi eend $result done # Decide status based on errors/successes. # If at least one tunnel succeeded, we return success. # If some tunnels succeeded and some failed, we return success but give a warning. if [ $successes = 1 ]; then if [ $errors = 1 ]; then ewarn "Note: At least one OpenVPN tunnel failed to start" fi else retstatus=1 if [ $errors = 0 ]; then ewarn "Note: No OpenVPN configuration files were found in $CONFDIR" fi fi eend $retstatus "Error starting OpenVPN" } stop() { ebegin "Stopping OpenVPN" if [ -z $bn ]; then for pidf in `find $PIDDIR -name '*.pid' 2>/dev/null`; do if [ -s $pidf ]; then bn=${pidf%%.pid} bn=${bn##$PIDDIR/} einfo "Stopping VPN: $bn ..." kill `cat $pidf` >/dev/null 2>&1 if [ -f "${CONFDIR}/${bn}.stop" ]; then . ${CONFDIR}/${bn}.stop fi eend $? rm -rf $pidf >/dev/null 2>&1 dn=`dirname $pidf` if [ `ls -A "$dn"|wc -w` = 0 ]; then rm -rf "$dn" fi fi else einfo "Stopping VPN: $bn ..." kill `cat ${PIDDIR}/${bn}.pid` >/dev/null 2>&1 done eend 0 } ------=_Part_5389_2516254.1294497422059-- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---