Red Hat Bugzilla – Bug 700490
RFE/Patch: start openvpn for each *.ovpn in addition to *.conf in /etc/openvpn
Last modified: 2017-03-25 02:20:19 EDT
Created attachment 495551 [details]
Make init script start openvpn for each *.ovpn in addition to *.conf
Many systems (appliances etc) generate and assume OpenVPN config files to be named *.ovpn; the attached patch makes the init script activate openvpn on them in addition to *.conf in /etc/openvpn.
I submitted a patch upstream but after some discussion they decided to reject it. I think their reasoning for the rejection was quite thin and I don't agree with it at all (they seem to be making a tempest in a teacup out of it in my opinion), but anyway they seem to encourage distributors to do something like this.
The patch and discussion is at https://community.openvpn.net/openvpn/ticket/96 , please consider applying the patch to the init script shipped in Fedora and EPEL openvpn packages.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
A lot have happened since this bz was opened, like the introduction of systemd.
The recommended approach by upstream (available in openvpn-2.4.1) is to use the openvpn-client@.service and openvpn-server@.service systemd unit files, which provides far better control of OpenVPN tunnels.
For more info: http://pkgs.fedoraproject.org/cgit/rpms/openvpn.git/tree/README.systemd
We will not add support for .ovpn files at this point, as the more common file extension for configuration files on Linux are .conf while .ovpn is an artefact to avoid "double click clashes" on Windows.
(In reply to David Sommerseth from comment #4)
> We will not add support for .ovpn files at this point, as the more common
> file extension for configuration files on Linux are .conf while .ovpn is an
> artefact to avoid "double click clashes" on Windows.
There are firewall appliances etc out there that give out their configs named as .ovpn, and that obviously can't really be changed. It doesn't matter why it was done, Windows reasons or not, but it does require e.g. Fedora users to jump through extra hoops. Making a tiny change like this in this package would make life easier for its users (no need to fiddle with the filenames), without any drawbacks. Otherwise dealing with it is left to the users themselves.
Yeah, a lot has happened, and maybe the systemd stuff has made the request obsolete. From a very quick look at the linked documentation, I suppose it hasn't though (as it does insist on .conf filenames still).
But meh, I'm no longer personally affected by this, so I'm not going to be burning any more cycles here. I'm just pretty surprised and somewhat disappointed about the reluctance to apply something as trivial as this.