[packages/openvpn.git] / openvpn.spec

# TODO: compare PLD vs upstream provided systemd support, maybe we can switch?
#
# Conditional build:
%bcond_without	pkcs11		# PKCS#11 support

Summary:	VPN Daemon
Summary(pl.UTF-8):	Serwer VPN
Name:		openvpn
Version:	2.4.4
Release:	1
License:	GPL v2
Group:		Networking/Daemons
Source0:	http://swupdate.openvpn.net/community/releases/%{name}-%{version}.tar.xz
# Source0-md5:	7a2002aad1671b24457bc9432a0c5c52
Source1:	%{name}.init
Source2:	%{name}.sysconfig
Source3:	%{name}.tmpfiles
Source4:	%{name}-service-generator
Source5:	%{name}.target
Source6:	%{name}@.service
Source7:	%{name}-update-resolv-conf
Patch0:		%{name}-pam.patch
URL:		http://www.openvpn.net/
BuildRequires:	autoconf >= 2.59
BuildRequires:	automake >= 1:1.9
BuildRequires:	libselinux-devel
BuildRequires:	libtool
BuildRequires:	lz4-devel >= 1:1.7
BuildRequires:	lzo-devel
BuildRequires:	openssl-devel >= 0.9.8
%{?with_pkcs11:BuildRequires:	p11-kit-devel}
BuildRequires:	pam-devel
%{?with_pkcs11:BuildRequires:	pkcs11-helper-devel >= 1.11}
BuildRequires:	pkgconfig
BuildRequires:	rpmbuild(macros) >= 1.671
BuildRequires:	systemd-devel
BuildRequires:	tar >= 1:1.22
BuildRequires:	xz
Requires(post,preun):	/sbin/chkconfig
Requires(post,preun,postun):	systemd-units >= 38
Requires:	/sbin/ip
Requires:	openssl >= 0.9.8
%{?with_pkcs11:Requires:	pkcs11-helper >= 1.11}
Requires:	rc-scripts >= 0.4.3.0
Requires:	systemd-units >= 38
Requires:	uname(release) >= 2.4
Suggests:	%{name}-plugin-auth-pam
Suggests:	%{name}-plugin-down-root
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)

%define		_localstatedir	/var

%description
OpenVPN is a robust and highly configurable VPN (Virtual Private
Network) daemon which can be used to securely link two or more private
networks using an encrypted tunnel over the internet.

%description -l pl.UTF-8
OpenVPN jest mocnym i silnie konfigurowalnym serwerem VPN (Wirtualne
Sieci Prywatne), który może być użyty do bezpiecznego łączenia dwóch
lub więcej prywatnych sieci używając zaszyfrowanego tunelu poprzez
internet.

%package plugin-auth-pam
Summary:	Plugin for username/password authentication via PAM
Summary(pl.UTF-8):	Wtyczka do uwierzytelniania nazwą użytkownika i hasłem poprzez PAM
Group:		Libraries
Requires:	%{name} = %{version}-%{release}

%description plugin-auth-pam
The openvpn-auth-pam module implements username/password
authentication via PAM, and essentially allows any authentication
method supported by PAM (such as LDAP, RADIUS, or Linux Shadow
passwords) to be used with OpenVPN. While PAM supports
username/password authentication, this can be combined with X509
certificates to provide two indepedent levels of authentication.

This module uses a split privilege execution model which will function
even if you drop openvpn daemon privileges using the user, group, or
chroot directives.

%description plugin-auth-pam -l pl.UTF-8
Moduł openvpn-auth-pam implementuje uwierzytelnianie nazwą użytkownika
i hasłem poprzez PAM, zasadniczo pozwalając na korzystanie z dowolnej
metody uwierzytelniania obsługiwanej przez PAM (np. LDAP, RADIUS,
hasła shadow) z OpenVPN. Jako że PAM obsługuje uwierzytelnianie nazwą
użytkownika i hasłem, to można je łączyć z certyfikatami X509 w celu
zapewniania dwóch różnych poziomów uwierzytelnienia.

Ten moduł wykorzystuje model wykonywania z podziałem uprawnień, co
działa nawet przy odrzuceniu uprawnień demona openvpn przy użyciu
dyrektyw user, group lub chroot.

%package plugin-down-root
Summary:	Plugin to allow root after privilege drop
Summary(pl.UTF-8):	Wtyczka pozwalająca na wykorzystanie uprawnień roota po odrzuceniu uprawnień
Group:		Libraries
Requires:	%{name} = %{version}-%{release}

%description plugin-down-root
The down-root module allows an OpenVPN configuration to call a down
script with root privileges, even when privileges have been dropped
using --user/--group/--chroot.

This module uses a split privilege execution model which will fork()
before OpenVPN drops root privileges, at the point where the --up
script is usually called. The module will then remain in a wait state
until it receives a message from OpenVPN via pipe to execute the down
script. Thus, the down script will be run in the same execution
environment as the up script.

%description plugin-down-root -l pl.UTF-8
Moduł down-root pozwala na wywołanie skryptu down z uprawnieniami
roota z poziomu konfiguracji OpenVPN-a nawet w przypadku odrzucenia
uprawnień przy użyciu opcji --user/--group/--chroot.

Ten moduł wykorzystuje model wykonywania z podziałem uprawnień, który
wykonuje fork() przed odrzuceniem uprawnień roota, w miejscu, gdzie
zwykle jest wywoływany skrypt --up. Moduł pozostaje w stanie
oczekiwania do odebrania przez potok od OpenVPN-a komunikatu, aby
wykonać skrypt down. Dzięki temu skrypt down zostanie uruchomiony w
tym samym środowisku, co skrypt up.

%package devel
Summary:	Header files for OpenVPN plugins development
Summary(pl.UTF-8):	Pliki nagłówkowe do tworzenia wtyczek OpenVPN
Group:		Development/Libraries

%description devel
This is the package containing the header files for OpenVPN plugins
development.

%description devel -l pl.UTF-8
Ten pakiet zawiera pliki nagłówkowe do tworzenia wtyczek OpenVPN.

%prep
%setup -q
%patch0 -p1

sed -e 's,/''usr/lib/openvpn,%{_libdir}/%{name},' %{SOURCE7} > contrib/update-resolv-conf

%build
%{__libtoolize}
%{__aclocal} -I m4
%{__autoheader}
%{__autoconf}
%{__automake}
CPPFLAGS="%{rpmcppflags} $(pkg-config --cflags liblz4)"
%configure \
	IFCONFIG=/sbin/ifconfig \
	IPROUTE=/sbin/ip \
	NETSTAT=/bin/netstat \
	ROUTE=/sbin/route \
	SYSTEMD_UNIT_DIR=%{systemdunitdir} \
	ac_cv_nsl_inet_ntoa=no \
	ac_cv_socket_socket=no \
	ac_cv_resolv_gethostbyname=no \
	--enable-iproute2 \
	--enable-password-save \
	%{?with_pkcs11:--enable-pkcs11} \
	--enable-selinux \
	--enable-systemd

%{__make}

%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sysconfdir}/openvpn,%{_sbindir},%{_mandir}/man8} \
	$RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},/var/run/openvpn,%{_includedir}} \
	$RPM_BUILD_ROOT{%{_libdir}/%{name}/plugins,%{systemdtmpfilesdir},%{systemdunitdir}} \
	$RPM_BUILD_ROOT%{systemdunitdir}-generators

%{__make} install \
	DESTDIR=$RPM_BUILD_ROOT

install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
cp -p %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
cp -p %{SOURCE3} $RPM_BUILD_ROOT%{systemdtmpfilesdir}/%{name}.conf

install -p %{SOURCE4} $RPM_BUILD_ROOT%{systemdunitdir}-generators/openvpn-service-generator
install -p %{SOURCE5} $RPM_BUILD_ROOT%{systemdunitdir}/openvpn.target
install -p %{SOURCE6} $RPM_BUILD_ROOT%{systemdunitdir}/openvpn@.service
ln -s /dev/null $RPM_BUILD_ROOT%{systemdunitdir}/openvpn.service

# we use "cp", not "install", not to pull /bin/bash dependency
cp -p contrib/pull-resolv-conf/client.down $RPM_BUILD_ROOT%{_libdir}/%{name}
cp -p contrib/pull-resolv-conf/client.up $RPM_BUILD_ROOT%{_libdir}/%{name}
cp -p contrib/update-resolv-conf $RPM_BUILD_ROOT%{_libdir}/%{name}

%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/plugins/*.la
%{__rm} -r $RPM_BUILD_ROOT%{_docdir}/%{name}

%clean
rm -rf $RPM_BUILD_ROOT

%post
/sbin/chkconfig --add openvpn
%service openvpn restart "OpenVPN"
%systemd_post openvpn.target

%preun
if [ "$1" = "0" ]; then
	%service openvpn stop
	/sbin/chkconfig --del openvpn
fi
%systemd_preun openvpn.target

%postun
%systemd_reload

%triggerpostun -- openvpn < 2.3.2-2
[ -f /etc/sysconfig/rpm ] && . /etc/sysconfig/rpm
[ ${RPM_ENABLE_SYSTEMD_SERVICE:-yes} = no ] && exit 0
[ "$(echo /etc/rc.d/rc[0-6].d/S[0-9][0-9]openvpn)" = "/etc/rc.d/rc[0-6].d/S[0-9][0-9]openvpn" ] && exit 0
export SYSTEMD_LOG_LEVEL=warning SYSTEMD_LOG_TARGET=syslog
/bin/systemctl --quiet enable openvpn.target || :
exit 0

%files
%defattr(644,root,root,755)
%doc AUTHORS README* ChangeLog sample/sample-{config-files,keys,scripts} doc/management-notes.txt
%doc *.IPv6
%dir %{_sysconfdir}/openvpn
%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}
%attr(755,root,root) %{_sbindir}/openvpn
%attr(754,root,root) /etc/rc.d/init.d/%{name}
%attr(755,root,root) %{systemdunitdir}-generators/openvpn-service-generator
# PLD-specific
%{systemdunitdir}/openvpn.service
%{systemdunitdir}/openvpn.target
%{systemdunitdir}/openvpn@.service
# upstream provided
#%{systemdunitdir}/openvpn-client@.service
#%{systemdunitdir}/openvpn-server@.service
%dir %{_libdir}/%{name}
%attr(755,root,root) %{_libdir}/%{name}/client.down
%attr(755,root,root) %{_libdir}/%{name}/client.up
%attr(755,root,root) %{_libdir}/%{name}/update-resolv-conf
%dir %{_libdir}/%{name}/plugins
%{_mandir}/man8/openvpn.8*
%dir /var/run/openvpn
%{systemdtmpfilesdir}/%{name}.conf

%files plugin-auth-pam
%defattr(644,root,root,755)
%doc src/plugins/auth-pam/README.auth-pam
%attr(755,root,root) %{_libdir}/%{name}/plugins/openvpn-plugin-auth-pam.so

%files plugin-down-root
%defattr(644,root,root,755)
%doc src/plugins/down-root/README.down-root
%attr(755,root,root) %{_libdir}/%{name}/plugins/openvpn-plugin-down-root.so

%files devel
%defattr(644,root,root,755)
%doc doc/README.plugins sample/sample-plugins
%{_includedir}/openvpn-msg.h
%{_includedir}/openvpn-plugin.h
Commit	Line	Data
c1560620	1	# TODO: compare PLD vs upstream provided systemd support, maybe we can switch?
357bd270	2	#
3a40fd75	3	# Conditional build:
694cb9a3	4	%bcond_without pkcs11 # PKCS#11 support
3a40fd75	5
1e54a8c4	6	Summary: VPN Daemon
f284e4d9	7	Summary(pl.UTF-8): Serwer VPN
1e54a8c4	8	Name: openvpn
7d0baea5	9	Version: 2.4.4
439c7eee	10	Release: 1
4b4dae2a	11	License: GPL v2
1e54a8c4	12	Group: Networking/Daemons
694cb9a3	13	Source0: http://swupdate.openvpn.net/community/releases/%{name}-%{version}.tar.xz
7d0baea5	14	# Source0-md5: 7a2002aad1671b24457bc9432a0c5c52
1e54a8c4 AM	15	Source1: %{name}.init
1e54a8c4 AM	16	Source2: %{name}.sysconfig
d073bea7	17	Source3: %{name}.tmpfiles
f6fd18dc ER	18	Source4: %{name}-service-generator
	19	Source5: %{name}.target
	20	Source6: %{name}@.service
0a7f47ba	21	Source7: %{name}-update-resolv-conf
d073bea7	22	Patch0: %{name}-pam.patch
72e50cf3	23	URL: http://www.openvpn.net/
4b4dae2a	24	BuildRequires: autoconf >= 2.59
694cb9a3	25	BuildRequires: automake >= 1:1.9
c4f969c4	26	BuildRequires: libselinux-devel
694cb9a3	27	BuildRequires: libtool
c1560620	28	BuildRequires: lz4-devel >= 1:1.7
1e54a8c4	29	BuildRequires: lzo-devel
c1560620	30	BuildRequires: openssl-devel >= 0.9.8
694cb9a3	31	%{?with_pkcs11:BuildRequires: p11-kit-devel}
7367fd64	32	BuildRequires: pam-devel
694cb9a3 JB	33	%{?with_pkcs11:BuildRequires: pkcs11-helper-devel >= 1.11}
694cb9a3 JB	34	BuildRequires: pkgconfig
22af7faa	35	BuildRequires: rpmbuild(macros) >= 1.671
8cbbfc56	36	BuildRequires: systemd-devel
694cb9a3 JB	37	BuildRequires: tar >= 1:1.22
694cb9a3 JB	38	BuildRequires: xz
a32abac3	39	Requires(post,preun): /sbin/chkconfig
22af7faa	40	Requires(post,preun,postun): systemd-units >= 38
dc577c8b	41	Requires: /sbin/ip
c1560620	42	Requires: openssl >= 0.9.8
694cb9a3	43	%{?with_pkcs11:Requires: pkcs11-helper >= 1.11}
be1312a6	44	Requires: rc-scripts >= 0.4.3.0
22af7faa	45	Requires: systemd-units >= 38
ef1142ad	46	Requires: uname(release) >= 2.4
59856f7f ER	47	Suggests: %{name}-plugin-auth-pam
59856f7f ER	48	Suggests: %{name}-plugin-down-root
1e54a8c4 AM	49	BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
	50
	51	%define _localstatedir /var
	52
	53	%description
	54	OpenVPN is a robust and highly configurable VPN (Virtual Private
	55	Network) daemon which can be used to securely link two or more private
	56	networks using an encrypted tunnel over the internet.
	57
22031f4a	58	%description -l pl.UTF-8
1e54a8c4	59	OpenVPN jest mocnym i silnie konfigurowalnym serwerem VPN (Wirtualne
22031f4a JR	60	Sieci Prywatne), który może być użyty do bezpiecznego łączenia dwóch
22031f4a JR	61	lub więcej prywatnych sieci używając zaszyfrowanego tunelu poprzez
1e54a8c4 AM	62	internet.
1e54a8c4 AM	63
bfa8e009 ER	64	%package plugin-auth-pam
bfa8e009 ER	65	Summary: Plugin for username/password authentication via PAM
357bd270 JB	66	Summary(pl.UTF-8): Wtyczka do uwierzytelniania nazwą użytkownika i hasłem poprzez PAM
357bd270 JB	67	Group: Libraries
bfa8e009 ER	68	Requires: %{name} = %{version}-%{release}
	69
	70	%description plugin-auth-pam
	71	The openvpn-auth-pam module implements username/password
	72	authentication via PAM, and essentially allows any authentication
	73	method supported by PAM (such as LDAP, RADIUS, or Linux Shadow
	74	passwords) to be used with OpenVPN. While PAM supports
	75	username/password authentication, this can be combined with X509
	76	certificates to provide two indepedent levels of authentication.
	77
	78	This module uses a split privilege execution model which will function
	79	even if you drop openvpn daemon privileges using the user, group, or
	80	chroot directives.
	81
357bd270 JB	82	%description plugin-auth-pam -l pl.UTF-8
	83	Moduł openvpn-auth-pam implementuje uwierzytelnianie nazwą użytkownika
	84	i hasłem poprzez PAM, zasadniczo pozwalając na korzystanie z dowolnej
	85	metody uwierzytelniania obsługiwanej przez PAM (np. LDAP, RADIUS,
	86	hasła shadow) z OpenVPN. Jako że PAM obsługuje uwierzytelnianie nazwą
	87	użytkownika i hasłem, to można je łączyć z certyfikatami X509 w celu
	88	zapewniania dwóch różnych poziomów uwierzytelnienia.
	89
	90	Ten moduł wykorzystuje model wykonywania z podziałem uprawnień, co
	91	działa nawet przy odrzuceniu uprawnień demona openvpn przy użyciu
	92	dyrektyw user, group lub chroot.
	93
bfa8e009 ER	94	%package plugin-down-root
bfa8e009 ER	95	Summary: Plugin to allow root after privilege drop
357bd270 JB	96	Summary(pl.UTF-8): Wtyczka pozwalająca na wykorzystanie uprawnień roota po odrzuceniu uprawnień
357bd270 JB	97	Group: Libraries
bfa8e009 ER	98	Requires: %{name} = %{version}-%{release}
	99
	100	%description plugin-down-root
	101	The down-root module allows an OpenVPN configuration to call a down
	102	script with root privileges, even when privileges have been dropped
	103	using --user/--group/--chroot.
	104
	105	This module uses a split privilege execution model which will fork()
	106	before OpenVPN drops root privileges, at the point where the --up
	107	script is usually called. The module will then remain in a wait state
	108	until it receives a message from OpenVPN via pipe to execute the down
	109	script. Thus, the down script will be run in the same execution
	110	environment as the up script.
	111
357bd270 JB	112	%description plugin-down-root -l pl.UTF-8
	113	Moduł down-root pozwala na wywołanie skryptu down z uprawnieniami
	114	roota z poziomu konfiguracji OpenVPN-a nawet w przypadku odrzucenia
	115	uprawnień przy użyciu opcji --user/--group/--chroot.
	116
	117	Ten moduł wykorzystuje model wykonywania z podziałem uprawnień, który
	118	wykonuje fork() przed odrzuceniem uprawnień roota, w miejscu, gdzie
	119	zwykle jest wywoływany skrypt --up. Moduł pozostaje w stanie
	120	oczekiwania do odebrania przez potok od OpenVPN-a komunikatu, aby
	121	wykonać skrypt down. Dzięki temu skrypt down zostanie uruchomiony w
	122	tym samym środowisku, co skrypt up.
	123
088b9e85	124	%package devel
a1c1b5a0	125	Summary: Header files for OpenVPN plugins development
f284e4d9	126	Summary(pl.UTF-8): Pliki nagłówkowe do tworzenia wtyczek OpenVPN
088b9e85 ER	127	Group: Development/Libraries
	128
	129	%description devel
a1c1b5a0 JB	130	This is the package containing the header files for OpenVPN plugins
	131	development.
	132
22031f4a JR	133	%description devel -l pl.UTF-8
22031f4a JR	134	Ten pakiet zawiera pliki nagłówkowe do tworzenia wtyczek OpenVPN.
088b9e85	135
1e54a8c4	136	%prep
da7b9d5f	137	%setup -q
7c5604b6	138	%patch0 -p1
727c4226	139
0a7f47ba	140	sed -e 's,/''usr/lib/openvpn,%{_libdir}/%{name},' %{SOURCE7} > contrib/update-resolv-conf
6b9f12e5	141
1e54a8c4	142	%build
694cb9a3	143	%{__libtoolize}
d073bea7	144	%{__aclocal} -I m4
8abf6e16	145	%{__autoheader}
	146	%{__autoconf}
	147	%{__automake}
c1560620	148	CPPFLAGS="%{rpmcppflags} $(pkg-config --cflags liblz4)"
8abf6e16	149	%configure \
d073bea7 AM	150	IFCONFIG=/sbin/ifconfig \
d073bea7 AM	151	IPROUTE=/sbin/ip \
694cb9a3	152	NETSTAT=/bin/netstat \
c1560620 JB	153	ROUTE=/sbin/route \
c1560620 JB	154	SYSTEMD_UNIT_DIR=%{systemdunitdir} \
694cb9a3 JB	155	ac_cv_nsl_inet_ntoa=no \
	156	ac_cv_socket_socket=no \
	157	ac_cv_resolv_gethostbyname=no \
	158	--enable-iproute2 \
	159	--enable-password-save \
	160	%{?with_pkcs11:--enable-pkcs11} \
	161	--enable-selinux \
	162	--enable-systemd
43fa42e4	163
d073bea7	164	%{__make}
088b9e85	165
1e54a8c4 AM	166	%install
1e54a8c4 AM	167	rm -rf $RPM_BUILD_ROOT
c13903eb	168	install -d $RPM_BUILD_ROOT{%{_sysconfdir}/openvpn,%{_sbindir},%{_mandir}/man8} \
f3908354	169	$RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},/var/run/openvpn,%{_includedir}} \
ec6e7d04	170	$RPM_BUILD_ROOT{%{_libdir}/%{name}/plugins,%{systemdtmpfilesdir},%{systemdunitdir}} \
f6fd18dc	171	$RPM_BUILD_ROOT%{systemdunitdir}-generators
1e54a8c4	172
d073bea7 AM	173	%{__make} install \
d073bea7 AM	174	DESTDIR=$RPM_BUILD_ROOT
1e54a8c4	175
f6fd18dc ER	176	install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
	177	cp -p %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
	178	cp -p %{SOURCE3} $RPM_BUILD_ROOT%{systemdtmpfilesdir}/%{name}.conf
ec6e7d04	179
f6fd18dc	180	install -p %{SOURCE4} $RPM_BUILD_ROOT%{systemdunitdir}-generators/openvpn-service-generator
ec6e7d04 JR	181	install -p %{SOURCE5} $RPM_BUILD_ROOT%{systemdunitdir}/openvpn.target
	182	install -p %{SOURCE6} $RPM_BUILD_ROOT%{systemdunitdir}/openvpn@.service
	183	ln -s /dev/null $RPM_BUILD_ROOT%{systemdunitdir}/openvpn.service
6f1eceea	184
0a7f47ba ER	185	# we use "cp", not "install", not to pull /bin/bash dependency
	186	cp -p contrib/pull-resolv-conf/client.down $RPM_BUILD_ROOT%{_libdir}/%{name}
	187	cp -p contrib/pull-resolv-conf/client.up $RPM_BUILD_ROOT%{_libdir}/%{name}
	188	cp -p contrib/update-resolv-conf $RPM_BUILD_ROOT%{_libdir}/%{name}
	189
388387bf	190	%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/plugins/*.la
f6fd18dc	191	%{__rm} -r $RPM_BUILD_ROOT%{_docdir}/%{name}
388387bf	192
1e54a8c4 AM	193	%clean
	194	rm -rf $RPM_BUILD_ROOT
	195
55a7ee18 JK	196	%post
55a7ee18 JK	197	/sbin/chkconfig --add openvpn
1a7a867b	198	%service openvpn restart "OpenVPN"
ec6e7d04	199	%systemd_post openvpn.target
55a7ee18 JK	200
	201	%preun
	202	if [ "$1" = "0" ]; then
1a7a867b	203	%service openvpn stop
55a7ee18	204	/sbin/chkconfig --del openvpn
a34b9b51	205	fi
ec6e7d04 JR	206	%systemd_preun openvpn.target
	207
	208	%postun
	209	%systemd_reload
	210
	211	%triggerpostun -- openvpn < 2.3.2-2
	212	[ -f /etc/sysconfig/rpm ] && . /etc/sysconfig/rpm
	213	[ ${RPM_ENABLE_SYSTEMD_SERVICE:-yes} = no ] && exit 0
	214	[ "$(echo /etc/rc.d/rc[0-6].d/S[0-9][0-9]openvpn)" = "/etc/rc.d/rc[0-6].d/S[0-9][0-9]openvpn" ] && exit 0
	215	export SYSTEMD_LOG_LEVEL=warning SYSTEMD_LOG_TARGET=syslog
	216	/bin/systemctl --quiet enable openvpn.target \|\| :
	217	exit 0
55a7ee18	218
1e54a8c4 AM	219	%files
1e54a8c4 AM	220	%defattr(644,root,root,755)
d073bea7	221	%doc AUTHORS README* ChangeLog sample/sample-{config-files,keys,scripts} doc/management-notes.txt
bfa8e009	222	%doc *.IPv6
f063e411	223	%dir %{_sysconfdir}/openvpn
088b9e85	224	%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}
1a7a867b	225	%attr(755,root,root) %{_sbindir}/openvpn
e06b2f01	226	%attr(754,root,root) /etc/rc.d/init.d/%{name}
c1560620 JB	227	%attr(755,root,root) %{systemdunitdir}-generators/openvpn-service-generator
	228	# PLD-specific
	229	%{systemdunitdir}/openvpn.service
	230	%{systemdunitdir}/openvpn.target
	231	%{systemdunitdir}/openvpn@.service
	232	# upstream provided
	233	#%{systemdunitdir}/openvpn-client@.service
	234	#%{systemdunitdir}/openvpn-server@.service
088b9e85	235	%dir %{_libdir}/%{name}
0a7f47ba ER	236	%attr(755,root,root) %{_libdir}/%{name}/client.down
	237	%attr(755,root,root) %{_libdir}/%{name}/client.up
	238	%attr(755,root,root) %{_libdir}/%{name}/update-resolv-conf
088b9e85	239	%dir %{_libdir}/%{name}/plugins
388387bf	240	%{_mandir}/man8/openvpn.8*
55a7ee18	241	%dir /var/run/openvpn
f6fd18dc	242	%{systemdtmpfilesdir}/%{name}.conf
088b9e85	243
bfa8e009 ER	244	%files plugin-auth-pam
	245	%defattr(644,root,root,755)
	246	%doc src/plugins/auth-pam/README.auth-pam
	247	%attr(755,root,root) %{_libdir}/%{name}/plugins/openvpn-plugin-auth-pam.so
	248
	249	%files plugin-down-root
	250	%defattr(644,root,root,755)
	251	%doc src/plugins/down-root/README.down-root
	252	%attr(755,root,root) %{_libdir}/%{name}/plugins/openvpn-plugin-down-root.so
	253
088b9e85 ER	254	%files devel
088b9e85 ER	255	%defattr(644,root,root,755)
d073bea7	256	%doc doc/README.plugins sample/sample-plugins
24429fb3	257	%{_includedir}/openvpn-msg.h
388387bf	258	%{_includedir}/openvpn-plugin.h