[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Problem with plugin openvpn-down-root.so and SIGUSR1 restarts

--Am Donnerstag, 20. Januar 2005 10:51 -0700 James Yonan <jim@xxxxxxxxx> schrieb:

Once OpenVPN tries to do a full SIGHUP restart, it will probably fail if
user, group, or chroot have been used.  SIGUSR1 + the --persist-x options
is really the only way to restart when privileges have been dropped
and/or  chroot has been used.

I'm using this options:

user nobody
group nogroup

I think that's all I can do about that. Maybe and I can add persist-remote-ip. The only other options is to run OpenVPN without chroot and dropped user privileges.

The problem is that if a SIGUSR1 occurs while a previous SIGUSR1 is still
being processed, OpenVPN gets confused and does a full SIGHUP restart
instead.  Is there any way you can avoid hitting the daemon with more
than one SIGUSR1 in close succession?

I don't think so. As I said before OpenVPN uses an isdn line in raw mode and it seems that sometimes a second SIGUSR1 is generated while a dialin is already running. Do you think that ignoring a SIGUSR1 while processing a previous SIGUSR1 is not a good idea? Can this situation handled with a plugin that catches this case and do the restart?

BTW: I think OpenVPN 1.6 behaves differently since I never had a problem with v1.6. But since it takes some time to show the problem maybe this was simply some kind of luck ;)

Claas Hilbrecht

____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users