initial commit of file from CVS for smeserver-openvpn-routed on Thu 6 Mar 14:40:52 GMT 2025

2025-03-06 14:40:52 +00:00
parent 08020c8369
commit 73d65d729e
38 changed files with 866 additions and 2 deletions
--- a/additional/CHANGELOG.git
+++ b/additional/CHANGELOG.git
@@ -0,0 +1,155 @@
+commit 66557c7d543573cdd5e3eb332bb54ba2517a3d60
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Mon Apr 10 11:18:17 2017 +0200
+
+    Update pam plugin path
+
+commit 848752010a3a37d1bd75d38b4f0c0e3011109884
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Mon Feb 8 10:59:41 2016 +0100
+
+    Create urandom in chroot
+
+commit 5e590ef5b9bda1aa62264b104fed5a8aa8d8f099
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Tue Sep 29 12:02:31 2015 +0200
+
+    Spec file update
+
+commit c595fbe31a78521383074be878e6afe810b11d0a
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Tue Sep 29 11:42:30 2015 +0200
+
+    Make crl verification optional
+
+commit 36f5d2b782c5cfdf1717dc73dfeff5d7867cdf85
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Tue Sep 29 11:23:44 2015 +0200
+
+    Restrict access to the management-pass.txt file
+
+commit d66b9396e182fda414eaf994884b6244caa00204
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Tue Sep 29 11:21:01 2015 +0200
+
+    Set default network in the up script
+
+commit 019d0e2d50184ca5822b7ce6736c4ba3ad0f0fd5
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Wed Dec 3 22:25:19 2014 +0100
+
+    Spec file update
+
+commit 6a3d60d9a8ab6a33b04aad4bf059eab45eac438b
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Wed Dec 3 21:54:49 2014 +0100
+
+    Correctly push route for local network
+
+commit 496a2b678f383f2980f6a7c9677b2166dd5b7835
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Mon Jun 23 18:26:42 2014 +0200
+
+    Spec file update
+
+commit 5534d9a3cb739d20b202f92b755e66a0c5a3a56b
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Mon Jun 23 18:25:55 2014 +0200
+
+    Fix plugin path on x86_64
+
+commit 890a6c2e09bcaccfe7c9a2b2f9a88e6dadc3ae0d
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Wed Aug 21 16:06:26 2013 +0200
+
+    update spec file
+
+commit b89fdff8d3018f849456d4b408dba274e5e7f955
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Wed Aug 21 16:05:48 2013 +0200
+
+    Use full path the the up script
+
+commit d31a088f194a3d8d1ca9ecf51b2f37aaf64d42e4
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Tue Jun 11 10:58:01 2013 +0200
+
+    update spec file
+
+commit 2d0c9d80dde1ccc7f99deb0720db5ad0d252c568
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Wed May 29 14:45:14 2013 +0200
+
+    Use different name for the crl to prevent race conditions with openvpn-bridge
+
+commit 9d0d164b4d8d589d62343dd9e9a1f8f1b8f912fe
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Mon May 27 09:44:28 2013 +0200
+
+    Fix update CRL script, refers to Routed mode, not bridged one
+
+commit 7b7d1f9e50435deb3608c370dedf75b056fed561
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:59:45 2013 +0200
+
+    Do not try to update the CRL if its URL is not set
+
+commit 322061737010908e87e582e54af86219dc84d60d
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:36:12 2013 +0200
+
+    Comment unused reload-ccd event
+
+commit 655898a494ffb6323d3876058dc2eb3077540252
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:35:23 2013 +0200
+
+    Remove copyright notice in up script
+
+commit 2995895c2005c0a764b67230c67045e6fe7ca6f5
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:35:03 2013 +0200
+
+    Fix up script
+
+commit 69aa3d3988a0b08196a19374746c6c7f28ccaa84
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:34:29 2013 +0200
+
+    Add script-security 2, as required to execute external scripts
+
+commit 5230402365b0758c764da2acfb1d5677be7cb00d
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:29:49 2013 +0200
+
+    Call the up script during service startup
+
+commit 6378427fdf9590f69117997c83ce6023e377c48e
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:29:15 2013 +0200
+
+    Fix permission of the up script
+
+commit 42036e42ee291404c96db59f07e667e0d6688a75
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:26:57 2013 +0200
+
+    Fix openvpn-routed-delete-net script and remove copyright notice
+
+commit 74bfd5d71beb9a094a1011a621135308f3cea761
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:06:42 2013 +0200
+
+    Don't add template header in management-pass file
+
+commit bc7246dd740f47b6c9f5aa619fc59ddf5228753c
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 16:05:29 2013 +0200
+
+    Fixes in templates for openvpn.conf
+
+commit e201d0a9b0c059f23eb9750f383fc2a5f331663e
+Author: Daniel Berteaud <daniel@firewall-services.com>
+Date:   Fri May 24 15:38:55 2013 +0200
+
+    FIrst commit
--- a/additional/smeserver-openvpn-routed.spec
+++ b/additional/smeserver-openvpn-routed.spec
@@ -0,0 +1,90 @@
+# Authority: vip-ire
+# Name: Daniel Berteaud
+
+Summary: OpenVPN, a strong VPN solution build over SSL, pre-configured for routed mode
+Name: smeserver-openvpn-routed
+%define version 0.1.5
+%define release 1
+Version: %{version}
+Release: %{release}%{?dist}
+License: GPL
+Group: Networking/Remote access
+Source: %{name}-%{version}.tar.gz
+
+BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
+BuildArchitectures: noarch
+
+BuildRequires: e-smith-devtools
+
+Requires: e-smith-base
+Requires: openvpn
+#Requires: perl(Net::OpenVPN::Manage)
+
+%description
+This package contains all the needed scripts and templates
+to have a full working openvpn server running in routed mode.
+
+
+%changelog
+* Mon Feb 8 2016 Daniel Berteaud <daniel@firewall-services.com> 0.1.5-1
+- Create /etc/openvpn/routed/dev/urandom [SME: 9238]
+
+* Tue Sep 29 2015 Daniel Berteaud <daniel@firewall-services.com> 0.1.4-1
+- Make crl verification optional
+- Set a default Network if none is set
+- restrict permission on the management-pass.txt file
+
+* Wed Dec 3 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1.3-1
+- Correctly push route to local network when not redirecting gw
+
+* Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1.2-1
+- Fix plugin path on x86_64
+
+* Wed Aug 21 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1.1-1
+- Use full path to the up script
+
+* Tue Jun 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1.0-1
+- initial release
+
+%prep
+%setup -q -n %{name}-%{version}
+
+%build
+perl createlinks
+
+%{__mkdir_p} root/etc/openvpn/routed/ccd
+%{__mkdir_p} root/etc/openvpn/routed/priv
+%{__mkdir_p} root/etc/openvpn/routed/pub
+%{__mkdir_p} root/etc/openvpn/routed/tmp
+%{__mkdir_p} root/etc/openvpn/routed/dev
+%{__mkdir_p} root/var/log/openvpn-routed
+
+%install
+/bin/rm -rf $RPM_BUILD_ROOT
+(cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
+/bin/rm -f %{name}-%{version}-filelist
+/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
+  --file /var/service/openvpn-routed/run 'attr(0755,root,root)' \
+  --file /var/service/openvpn-routed/log/run 'attr(0755,root,root)' \
+  --dir /var/log/openvpn-routed 'attr(0750,smelog,smelog)' \
+  --dir /etc/openvpn/routed/pub 'attr(0755,root,root)' \
+  --dir /etc/openvpn/routed/priv 'attr(0750,root,root)' \
+  --dir /etc/openvpn/routed/ccd 'attr(0755,root,root)' \
+  --dir /etc/openvpn/routed/tmp 'attr(0770,root,openvpn)' \
+  --file /usr/bin/ovpn-routed-update-crl  'attr(0750,root,root)' \
+  --file /etc/openvpn/routed/bin/up 'attr(755,root,root)' \
+  > %{name}-%{version}-filelist
+
+%files -f %{name}-%{version}-filelist
+%defattr(-,root,root)
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+if [ \! -c /etc/openvpn/routed/dev/urandom ]; then
+    mknod -m 0444 /etc/openvpn/routed/dev/urandom c 1 9
+fi
+
+%preun
+