The file /etc/init.d/openvpn has support for working out the VPN configuration to use automatically from its own filename. This allows multiple symlinks, e.g. /etc/init.d/openvpn.uk and /etc/init.d/openvpn.fr, both pointing at /etc/init.d/openvpn (exactly as /etc/init.d/net.lo works), which is really useful if your vpn provider allows access to multiple servers, as does mine. However, it doesn't quite work out of the box. Firstly, a provide line is needed in the file: > depend() { > need localmount net > use dns > after bootmisc > + provide openvpn > } Secondly, if used like this, OpenRC throws the error: > Error: openvpn is the name of a real and virtual service. Note, this is why the base file for net is called "net.lo", and provides "net". To fix this, either the service name used on the provide line should be changed from "provide openvpn" to something that doesn't match any filename (e.g. "provide vpn"), or the base filename should be changed (e.g. to openvpn.lo). Since several other packages reference the service name openvpn (e.g. xorg-server's /etc/init.d/xdm contains "after openvpn" and openrc's own /etc/init.d/netmount contains "use openvpn"), I suggest the second option given above is preferable. Therefore, I propose the following changes to the openvpn ebuild: 1) Change the service file name in the ebuild: > # Install the init script and config file > - newinitd "${FILESDIR}/${PN}-2.1.init" openvpn > + newinitd "${FILESDIR}/${PN}-2.1.init" openvpn.lo > newconfd "${FILESDIR}/${PN}-2.1.conf" openvpn 2) Add the provide line in files/openvpn-2.1.init: > depend() { > need localmount net > use dns > after bootmisc > + provide openvpn > } And perhaps whatever wiki documentation updates would be required. This would make using multiple VPN servers far simpler for most users.
Nobody's bothered to look at this, despite the fact I've pretty much outlined a ready made solution in this bug.
Ah, this is why sometimes all /usr/sbin/openvpn instances are killed[1] when (re-)starting one of multiple client tunnels. Would have saved me a lot of time if I had seen this report before fixing it myself (in another way). This seems like the correct solution though. [1] 'start-stop-daemon --stop' is called with '--pidfile /run/openvpn.pid' but /run/openvpn.pid does not exist, only /run/openvpn.$SVCNAME*.pid. This makes it instead use the '--exec /usr/sbin/openvpn' argument do decide what is to be killed.