-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package: openvpn Version: 2.3.4-5
Hi Alberto, May I ask you to consider including the attached patch that add support to call pre/post start/stop scripts as root before the OpenVPN daemon is invoked for a given VPN configuration. I believe this new feature can be useful for many scenarios like: * dynamically create any missing user/group (or chroot) (pre-start) * test connectivity to an IP behind the remote VPN endpoint (start) * add/remove iptables rules (all) * add/remove routes (all) * etc Best regards, Simon Deziel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJU/PmRXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ1NjVDMzc0QUZCQUQyRkM2MjBDNkMxQkI3 MkZFMERBRTkwMEIyQzM0AAoJEHL+Da6QCyw03PkQAKfqTxVcfRmFtxi1eLbcPgnT YBJxAfZ+9Um6gobl65l3wxcLQ6eOcEz5aIUcTCnxWuxM0wVPdObTcO444sj9CoCe G/z2M0i9hkcXNENXO1Ufx/b0jC4Te8NM3fXAvwdzV2cNVmafdGC6zJKX9eDJQV22 9+R1Dav7WXtDc466TzSV6j9jeseCC4Ywm1b9rajwrs6ro4rR529UPdu7N7etxcik QtlubZC4jjUT1CDg3JViWTiCmINmZ1TbmNYbwcUyx+9tYvVwcNOsDto5Ot2SfGxl tdQm4LHvSSdd20kL26m4heLOKrV4OEd0Ifm5l3f0yMbpLtMouNdTDq8RVdOY7V4a e2AyCv6lGVNqKYiDaTtR1dQvmnHOXQA2lrN51DAfo/PdBp8A173VkeZ2wVqHRyx/ kqlKIIZWwHdmLCrtrldLRKl6mrpOrNGlVsX77+MAgOhfOZcTZ/ZjVZNnKyqBByWY PC/9sZbRFslT0SsLCPlHhQHQe42oTw2Y89ddhcNsQy+G0UuzA+EJ2MFdcm44ytDK ZoJwT+cw38ETZfeYsKdlrjrEb0EWrjy1iy5EQEJYWhKxGgRvFUkCGyQKiVUdQ6Kg Th0Ovz63Ad5EUGBfxSydYDmxLDy3KeYWLeVXrMqOOEi2AKcf4WM7JbWSHc84ibK3 htCkPW0TdlYwZqBEz7Kc =YA0G -----END PGP SIGNATURE-----
commit 4fef17872efab42fee46d0d97a8d496564d3f8c3
Author: Simon Deziel <simon.dez...@gmail.com>
Date: Sun Mar 8 21:27:42 2015 -0400
Add support for pre/post start/stop scripts
diff --git a/debian/openvpn.init.d b/debian/openvpn.init.d
index 8507ace..0637adc 100644
--- a/debian/openvpn.init.d
+++ b/debian/openvpn.init.d
@@ -38,7 +38,19 @@ if test -e /etc/default/openvpn ; then
. /etc/default/openvpn
fi
+exec_script () {
+ local script_path="$CONFIG_DIR/$NAME.$1"
+ [ -x "$script_path" ] || return
+
+ export script_type="$1" config="$CONFIG_DIR/$NAME.conf"
+ "$script_path"
+ unset script_type config
+}
+
start_vpn () {
+ # pre-start script
+ exec_script "pre-start"
+
if grep -q '^[ ]*daemon' $CONFIG_DIR/$NAME.conf ; then
# daemon already given in config file
DAEMONARG=
@@ -93,8 +105,14 @@ start_vpn () {
if [ "$SAVED_DEFAULT_SEND_REDIRECTS" -ne 0 ]; then
sysctl -w net.ipv4.conf.default.send_redirects=$SAVED_DEFAULT_SEND_REDIRECTS > /dev/null
fi
+
+ # post-start script
+ exec_script "post-start"
}
stop_vpn () {
+ # pre-stop script
+ exec_script "pre-stop"
+
start-stop-daemon --stop --quiet --oknodo \
--pidfile $PIDFILE --exec $DAEMON --retry 5
if [ "$?" -eq 0 ]; then
@@ -102,6 +120,9 @@ stop_vpn () {
[ "$OMIT_SENDSIGS" -ne 1 ] || rm -f /run/sendsigs.omit.d/openvpn.$NAME.pid
rm -f /run/openvpn/$NAME.status 2> /dev/null
fi
+
+ # post-stop script
+ exec_script "post-stop"
}
case "$1" in
openvpn-pre-post-start-stop.patch.sig
Description: PGP signature
