I have compiled OpenVPN 2.4.9 successfully with systemd enabled.
/usr/local/sbin/openvpn --version
But even after compilation and installation there are no service files to be found under /lib/systemd/system/.OpenVPN 2.4.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Aug 1 2020
library versions: OpenSSL 1.1.1g 21 Apr 2020
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=no enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=no with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
Hence I copied them over from source code like this:
Code: Select all
cp /usr/local/lib/systemd/system/openvpn-server\@.service /lib/systemd/system/
Code: Select all
[Unit]
Description=OpenVPN service for %I
After=syslog.target network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/server
ExecStart=/usr/local/sbin/openvpn --status /var/log/openvpn/status.log --status-version 2 --suppress-timestamps --config /etc/openvpn/server/server.conf --cd /etc/openvpn/server/
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure
[Install]
WantedBy=multi-user.target
But if I run it like this in command line it works:
Code: Select all
/usr/local/sbin/openvpn --status /var/log/openvpn/status.log --status-version 2 --suppress-timestamps --config /etc/openvpn/server/server.conf --cd /etc/openvpn/server/
1) I have changed the type from notify to simple and to forking, without any luck.
2) Even though I have set the status log to be recorded here: --status /var/log/openvpn/status.log nothing gets generated when starting through systemctl.
But when I start it through commandline, despite --status /var/log/openvpn/status.log, it still gets directed to /var/log/openvpn/openvpn-status.log? Why?
Many Thanks,
Houman