From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6CE1F158018 for ; Sat, 2 Oct 2021 17:20:08 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9DE1CE086C; Sat, 2 Oct 2021 17:20:07 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 613E9E086C for ; Sat, 2 Oct 2021 17:20:07 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 146FA342B76 for ; Sat, 2 Oct 2021 17:20:06 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 5939D105 for ; Sat, 2 Oct 2021 17:20:03 +0000 (UTC) From: "Mike Gilbert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Gilbert" Message-ID: <1633195197.d08fe11b2b09f874ea8a2fbd296f69a4ce073702.floppym@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-vpn/openconnect/, net-vpn/openconnect/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-vpn/openconnect/files/README.OpenRC net-vpn/openconnect/files/openconnect.confd net-vpn/openconnect/files/openconnect.initd net-vpn/openconnect/openconnect-8.10-r3.ebuild net-vpn/openconnect/openconnect-8.10-r4.ebuild net-vpn/openconnect/openconnect-9999.ebuild X-VCS-Directories: net-vpn/openconnect/ net-vpn/openconnect/files/ X-VCS-Committer: floppym X-VCS-Committer-Name: Mike Gilbert X-VCS-Revision: d08fe11b2b09f874ea8a2fbd296f69a4ce073702 X-VCS-Branch: master Date: Sat, 2 Oct 2021 17:20:03 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 68539de5-a06c-40e5-abda-fcdb7daa44b0 X-Archives-Hash: c140effb4591c528d124f5961e85fc1a commit: d08fe11b2b09f874ea8a2fbd296f69a4ce073702 Author: Mike Gilbert gentoo org> AuthorDate: Sat Oct 2 17:07:50 2021 +0000 Commit: Mike Gilbert gentoo org> CommitDate: Sat Oct 2 17:19:57 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d08fe11b net-vpn/openconnect: rewrite initscript Support for the server_${VPN}, password_${VPN}, and vpnopts_${VPN} variables is dropped. Per-VPN variables are now defined in /etc/conf.d/openconnect.${vpn}. Instead of defining server and vpnopts, the user should set command_args which will be passed to openconnect via the default_start function. Support for 'password' and 'password_file' variables is added. If neither is specified, the password will be prompted for interactively. Support for up/down hooks is dropped. The functionality can be replaced with vpnc-script hooks. Bug: https://bugs.gentoo.org/733614 Bug: https://bugs.gentoo.org/763579 Signed-off-by: Mike Gilbert gentoo.org> net-vpn/openconnect/files/README.OpenRC | 25 +---- net-vpn/openconnect/files/openconnect.confd | 6 ++ net-vpn/openconnect/files/openconnect.initd | 107 +++------------------ ...t-8.10-r3.ebuild => openconnect-8.10-r4.ebuild} | 2 +- net-vpn/openconnect/openconnect-9999.ebuild | 2 +- 5 files changed, 25 insertions(+), 117 deletions(-) diff --git a/net-vpn/openconnect/files/README.OpenRC b/net-vpn/openconnect/files/README.OpenRC index baa617d94ea..488533e87e3 100644 --- a/net-vpn/openconnect/files/README.OpenRC +++ b/net-vpn/openconnect/files/README.OpenRC @@ -1,30 +1,13 @@ -The service script for openconnect supports multiple vpn tunnels. +The service script for openconnect supports multiple VPN tunnels. -You need to create a symbolic link to /etc/init.d/openconnect in +To enable this, create a symbolic link to /etc/init.d/openconnect in /etc/init.d for each tunnel instead of calling it directly: ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0 -Also, create a configuration file for the tunnel in /etc/openconnect. To -follow this example, the configuration file would be called -/etc/openconnect/vpn0.conf. See man openconnect for the options that can -go in this file. +To define per-VPN settings, copy /etc/conf.d/openconnect to +openconnect.vpn0. You can then start the vpn tunnel like this: rc-service openconnect.vpn0 start - -If you would like to run preup, postup, predown, and/or postdown scripts, -You need to create a directory in /etc/openconnect with the name of the vpn: - -mkdir /etc/openconnect/vpn0 - -Then add executable shell files: - -mkdir /etc/openconnect/vpn0 -cd /etc/openconnect/vpn0 -echo '#!/bin/sh' > preup.sh -cp preup.sh predown.sh -cp preup.sh postup.sh -cp preup.sh postdown.sh -chmod 755 /etc/openconnect/vpn0/* diff --git a/net-vpn/openconnect/files/openconnect.confd b/net-vpn/openconnect/files/openconnect.confd new file mode 100644 index 00000000000..5c00518a693 --- /dev/null +++ b/net-vpn/openconnect/files/openconnect.confd @@ -0,0 +1,6 @@ +# Arguments to pass to openconnect +#command_args="--authgroup AUTHGROUP --user USER SERVERNAME" + +# For non-interactive use, set either password or password_file +#password="PASSWORD" +#password_file="/etc/openconnect/vpn0.password" diff --git a/net-vpn/openconnect/files/openconnect.initd b/net-vpn/openconnect/files/openconnect.initd index 7b33920f498..69f9999f6ad 100644 --- a/net-vpn/openconnect/files/openconnect.initd +++ b/net-vpn/openconnect/files/openconnect.initd @@ -1,109 +1,28 @@ #!/sbin/openrc-run -# Copyright 1999-2021 Gentoo Authors +# Copyright 2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -VPN="${RC_SVCNAME#*.}" -VPNCONF=/etc/openconnect/${VPN}.conf -VPNDIR="/etc/openconnect/${VPN}" -VPNLOG="/var/log/openconnect/${VPN}" -VPNLOGFILE="${VPNLOG}/openconnect.log" -VPNERRFILE="${VPNLOG}/openconnect.err" - +vpn=${RC_SVCNAME#*.} command="/usr/sbin/openconnect" -name="OpenConnect: ${VPN}" -pidfile="/run/openconnect/${VPN}.pid" +pidfile="/run/openconnect/${vpn}.pid" +command_args="--syslog ${command_args}" +command_args_background="--background --pid-file \"${pidfile}\"" stopsig="SIGINT" -depend() { - before netmount -} - -checkconfig() { - if [ $VPN = "openconnect" ]; then - eerror "You cannot call openconnect directly. You must create a symbolic link to it with the vpn name:" - eerror - eerror "ln -s /etc/init.d/openconnect /etc/init.d/openconnect.vpn0" - eerror - eerror "And then call it instead:" - eerror - eerror "/etc/init.d/openconnect.vpn0 start" - return 1 - fi - return 0 -} - -checktuntap() { - if [ "$RC_UNAME" = "Linux" -a ! -e /dev/net/tun ] ; then - if ! modprobe tun ; then - eerror "TUN/TAP support is not available in this kernel" - return 1 - fi - fi -} - -run_hook() { - if [ -x "$1" ]; then - "$@" - fi -} - start_pre() { - checkconfig || return - checktuntap || return - checkpath -d "${VPNLOG}" || return - checkpath -d /run/openconnect || return - run_hook "${VPNDIR}/preup.sh" + checkpath -d /run/openconnect } -ssd_helper() { +start() { if [ -n "${password}" ]; then - start-stop-daemon "$@" <> "${VPNLOGFILE}" \ - 2>> "${VPNERRFILE}" - eend $? -} - -start_post() { - run_hook "${VPNDIR}/postup.sh" -} - -stop_pre() { - checkconfig || return - run_hook "${VPNDIR}/predown.sh" -} - -stop_post() { - run_hook "${VPNDIR}/postdown.sh" -} diff --git a/net-vpn/openconnect/openconnect-8.10-r3.ebuild b/net-vpn/openconnect/openconnect-8.10-r4.ebuild similarity index 97% rename from net-vpn/openconnect/openconnect-8.10-r3.ebuild rename to net-vpn/openconnect/openconnect-8.10-r4.ebuild index 8e690399601..13c3da231ba 100644 --- a/net-vpn/openconnect/openconnect-8.10-r3.ebuild +++ b/net-vpn/openconnect/openconnect-8.10-r4.ebuild @@ -131,7 +131,7 @@ src_install() { dodoc "${FILESDIR}"/README.OpenRC - newconfd "${FILESDIR}"/openconnect.conf.in openconnect + newconfd "${FILESDIR}"/openconnect.confd openconnect newinitd "${FILESDIR}"/openconnect.initd openconnect insinto /etc/logrotate.d diff --git a/net-vpn/openconnect/openconnect-9999.ebuild b/net-vpn/openconnect/openconnect-9999.ebuild index 8e690399601..13c3da231ba 100644 --- a/net-vpn/openconnect/openconnect-9999.ebuild +++ b/net-vpn/openconnect/openconnect-9999.ebuild @@ -131,7 +131,7 @@ src_install() { dodoc "${FILESDIR}"/README.OpenRC - newconfd "${FILESDIR}"/openconnect.conf.in openconnect + newconfd "${FILESDIR}"/openconnect.confd openconnect newinitd "${FILESDIR}"/openconnect.initd openconnect insinto /etc/logrotate.d