[Bug 278784] Re: openvpn configuration with token (pkcs11 provider) blocks the boot

Thierry Carrez thierry.carrez at ubuntu.com
Thu Oct 9 10:12:42 BST 2008


A few clarifications : in hardy openvpn also autostarts all
/etc/openvpn/*.conf VPNs at boot (if /etc/default/openvpn has
AUTOSTART=all, which is the default) so there is no change in that area.

However, one difference between the hardy and the intrepid version is that we merged the fix for the following Debian bug :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454371

This causes OpenVPN to stop the boot process to ask for passwords (see
also bug 280428). It may also cause the PKCS#11-related hang, but I miss
some hardware to reproduce.

Jonathan: since we may consider it a good thing to revert that change,
I'm interested in knowing if that would fix this bug or not. Could you
please test if your PKCS#11 configuration, with AUTOSTART=all, block the
boot with the following change in /etc/init.d/openvpn :

---------------------------------------------------------------
--- /etc/init.d/openvpn.old
+++ /etc/init.d/openvpn
@@ -66,7 +66,7 @@
     else
       $DAEMON $OPTARGS --writepid /var/run/openvpn.$NAME.pid \
 	      $DAEMONARG $STATUSARG --cd $CONFIG_DIR \
-	      --config $CONFIG_DIR/$NAME.conf $script_security || STATUS=1
+	      --config $CONFIG_DIR/$NAME.conf $script_security < /dev/null || STATUS=1
     fi
 }
 stop_vpn () {
---------------------------------------------------------------
(add "< /dev/null" after "$script_security " on line 69)

Thanks in advance for your testing.

-- 
openvpn configuration with token (pkcs11 provider) blocks the boot
https://bugs.launchpad.net/bugs/278784
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in ubuntu.



More information about the Ubuntu-server-bugs mailing list