Opened 4 years ago

Closed 4 years ago

Last modified 3 years ago

#462 closed Bug / Defect (fixed)

Systemd unit file shall depend on network-online target

Reported by: vhotspur Owned by: David Sommerseth
Priority: minor Milestone:
Component: Generic / unclassified Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: systemd
Cc:

Description

The current unit file depends on the network.target. When the machine has more than one network interface (and under other circumstances as well, probably), OpenVPN might be started before all the interfaces are up and may thus fail to start.

According to this page, it would be better if it would depend on network-online. That is, the unit file shall contain

After=network-online.target
Wants=network-online.target

Change History (7)

comment:1 Changed 4 years ago by Gert Döring

Owner: set to dazu
Status: newassigned

David, this is yours - if you ACK this change, just go ahead and commit :-)

comment:2 Changed 4 years ago by Gert Döring

Owner: changed from dazu to David Sommerseth

comment:3 Changed 4 years ago by David Sommerseth

I've been pondering on this for a few days. And this isn't wrong. But in some situations it isn't right either.

Using network-online.target is right if an OpenVPN client config is to be started. But OpenVPN server configs are to be started, it should only wait for the network stack to be ready (network.target).

I need to ponder a bit more on this. Maybe we should actually have two different unit files, openvpnserver and openvpnclient, where they look for the config files in separate directories (to avoid any confusions.

Last edited 4 years ago by David Sommerseth (previous) (diff)

comment:4 Changed 4 years ago by David Sommerseth

Status: assignedaccepted

comment:5 Changed 4 years ago by David Sommerseth

Component: PackagingGeneric / unclassified
Priority: majorminor

comment:6 Changed 4 years ago by David Sommerseth

Resolution: fixed
Status: acceptedclosed

The following patch has been applied to both master and release/2.3 branches. This patch should resolve this issue.

commit 3341a98c2852d1d0c1eafdc70a3bdb218ec29049  master
commit 28bd79ac980488dbfce2e8136287e38c6f35a043  release/2.3
Author: David Sommerseth <davids@redhat.com>
Date:   Thu Nov 13 15:43:37 2014 +0100

    systemd: Reworked the systemd unit file to handle server and client configs better
    
    Systemd can delay starting a service if the network isn't fully available
    yet.  This feature is useful in client configurations, where OpenVPN will
    not be started before the client can reach the Internet.  It is the network
    service manager which tells systemd if the system is "online" or not.
    
    For server configurations, the OpenVPN should be able to be started,
    regardless if the system is "online" or not.  This is also the old
    behaviour of most of the old init.d script and the last systemd unit file.
    
    This patch splits the previous systemd unit file into to two files.  One
    which is aimed at clients (openvpn-client@.service) and one for server
    configurations (openvpn-server@.service).  These files will also pick
    the configurations from different sub-directories.  The unit file for
    openvpn-client@ will use /etc/openvpn/client and the server unit file
    will use /etc/openvpn/server.  This also ensures that config files
    are not started in the wrong manner.
    
    The arguments given to the openvpn binary have also shifted order,
    to ensure that some of them cannot be overridden by the config file,
    such as --daemon and --writepid.  For server configurations a
    --status file is also added with the status format set to 2.  This
    can be overridden by the configuration file.
    
    Signed-off-by: David Sommerseth <davids@redhat.com>
    Acked-by: Gert Doering <gert@greenie.muc.de>
    Message-Id: <1415889817-28049-1-git-send-email-openvpn.list@topphemmelig.net>
    URL: http://article.gmane.org/gmane.network.openvpn.devel/9222
    Signed-off-by: Gert Doering <gert@greenie.muc.de>

comment:7 Changed 3 years ago by Samuli Seppänen

Here is an interesting and rather nasty related AWS + Ubuntu issue:

Neither Ubuntu Xenial nor Debian jessie seem to use the systemd files dazo has provided.

Note: See TracTickets for help on using tickets.