531474 – net-misc/openvpn should use upstream provided systemd service definitions

Bug 531474 - net-misc/openvpn should use upstream provided systemd service definitions

Summary: net-misc/openvpn should use upstream provided systemd service definitions

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Dirkjan Ochtman (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-12-02 19:48 UTC by Craig Andrews
Modified:	2015-07-12 15:14 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Craig Andrews gentoo-dev

2014-12-02 19:48:11 UTC

OpenVPN provides systemd service files: https://github.com/OpenVPN/openvpn/tree/master/distro/systemd

Gentoo should be using upstream's definitions rather than providing its own.

In addition to the lower maintenance requirements due to using upstream resources, the upstream definitions are more secure as they use "CapabilityBoundingSet" "DeviceAllow" and "LimitNPROC" which the current Gentoo definition does not.

The existence of the upstream definition was noticed and reported at https://bugs.gentoo.org/show_bug.cgi?id=527614#c8

Reproducible: Always

Comment 1 Mike Gilbert gentoo-dev

2014-12-02 20:27:47 UTC

Note that the tarball is missing these files. I have sent a patch upstream.

http://sourceforge.net/p/openvpn/mailman/message/33102588/

Comment 2 Dirkjan Ochtman (RETIRED) gentoo-dev

2015-07-12 15:14:01 UTC

Fixed in openvpn-2.3.7.