adding an openvpn service
Posted: 25. Dec 2016, 18:43
				
				Pretty straightforward really - I followed Slackware's documentation (referenced in the script) and ironed out a kink or two. I'm using openresolv to avoid DNS leaks, which necessitates adding a few lines to the VPN-provided .ovpn file. So the rc.openvpn file calls a generic config that includes those and can be edited to point at the desired VPN configuration:
The effect is to connect automatically to the VPN on boot. If you wish to disconnect or restart, just do
or
And here is rc.openvpn:
EDIT Don't forget to make it executable:
I found that when (re)starting the service manually, the message about what is being called sat there inelegantly, and I had to press enter to get a prompt; so I have commented it. However, this probably wouldn't be needed if I could spot my obvious mistake.
More seriously, as I went through various edits, the /etc/rc.d directory got some of those annoying .un~ files vim leaves behind it cluttering things up - and it didn't work. I suspect they were somehow picked up as "services" and executed alongside the real script. In any case, deleting them - including a hidden file on the same pattern - got things running smoothly.
After you first create the files, just as with any service, you need to start it, but it will then run automatically on boot:
You can of course also turn it off again:
			Code: Select all
mimosa[~]$ cat /etc/openvpn/openvpn.conf
# point to the actual config file we want
config /path/to/config.ovpn
#config /path/to/another.ovpn
#
#
# custom
script-security 2 #allows update-resolv-conf script to be called 
setenv PATH /usr/bin
up /etc/openvpn/update-resolv-conf #route DNS queries through the VPN by editing /etc/resolv.conf
down /etc/openvpn/update-resolv-conf #restore /etc/resolv.conf to whatever NetworkManager put there
log-append  /var/log/openvpn.log #create a cumulative log file
#Code: Select all
sudo service stop openvpnCode: Select all
sudo service restart openvpnCode: Select all
mimosa[~]$ cat /etc/rc.d/rc.openvpn 
#!/bin/sh 
# 
# /etc/rc.d/rc.openvpn 
# 
# Start/stop/restart openvpn 
#
# adapted from http://docs.slackware.com/howtos:network_services:openvpn
# openvpn.conf is a copy of the .ovpn file we wish to use, or points to it
 
ovpn_start() { 
  #echo "Starting OpenVPN:  /usr/sbin/openvpn openvpn.conf &" 
  if [ -x /usr/sbin/openvpn -a -r /etc/openvpn/openvpn.conf ]; then 
    /usr/sbin/openvpn /etc/openvpn/openvpn.conf 2>/dev/null &
  fi 
} 
ovpn_stop() { 
  killall openvpn 
} 
ovpn_restart() { 
  ovpn_stop 
  sleep 2 
  ovpn_start 
} 
case "$1" in 
'start') 
  ovpn_start 
  ;; 
'stop') 
  ovpn_stop 
  ;; 
'restart') 
  ovpn_restart 
  ;; 
*) 
  echo "Usage: $0 {start|stop|restart}" 
esac
#
# Exit with no errors.
#
exit 0Code: Select all
sudo chmod +x /etc/rc.d/rc.openvpnMore seriously, as I went through various edits, the /etc/rc.d directory got some of those annoying .un~ files vim leaves behind it cluttering things up - and it didn't work. I suspect they were somehow picked up as "services" and executed alongside the real script. In any case, deleting them - including a hidden file on the same pattern - got things running smoothly.
After you first create the files, just as with any service, you need to start it, but it will then run automatically on boot:
Code: Select all
sudo service start openvpnCode: Select all
sudo service stop openvpn