--Am Donnerstag, 20. Januar 2005 10:51 -0700 James Yonan <jim@xxxxxxxxx>
Once OpenVPN tries to do a full SIGHUP restart, it will probably fail if
user, group, or chroot have been used. SIGUSR1 + the --persist-x options
is really the only way to restart when privileges have been dropped
and/or chroot has been used.
I'm using this options:
I think that's all I can do about that. Maybe and I can add
persist-remote-ip. The only other options is to run OpenVPN without chroot
and dropped user privileges.
The problem is that if a SIGUSR1 occurs while a previous SIGUSR1 is still
being processed, OpenVPN gets confused and does a full SIGHUP restart
instead. Is there any way you can avoid hitting the daemon with more
than one SIGUSR1 in close succession?
I don't think so. As I said before OpenVPN uses an isdn line in raw mode
and it seems that sometimes a second SIGUSR1 is generated while a dialin is
already running. Do you think that ignoring a SIGUSR1 while processing a
previous SIGUSR1 is not a good idea? Can this situation handled with a
plugin that catches this case and do the restart?
BTW: I think OpenVPN 1.6 behaves differently since I never had a problem
with v1.6. But since it takes some time to show the problem maybe this was
simply some kind of luck ;)
Openvpn-users mailing list