From 116af66d410ee3a4ee69a8fa25c6036ed1c2411f Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Thu, 24 Aug 2017 01:31:23 -0400 Subject: [refactor] restart by allowing to send SIGUSR1 to openvpn process by properly allowing openvpn to restart when receiving SIGUSR1, we can reserve the hard process restarts for cases in which the process is aborted. this depends on bitmask-root adding --persist-tun and --persist-key as mandatory/allowed parameters. --- src/leap/bitmask/vpn/helpers/linux/bitmask-root | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src/leap/bitmask/vpn/helpers/linux') diff --git a/src/leap/bitmask/vpn/helpers/linux/bitmask-root b/src/leap/bitmask/vpn/helpers/linux/bitmask-root index 80ac12e8..cad082be 100755 --- a/src/leap/bitmask/vpn/helpers/linux/bitmask-root +++ b/src/leap/bitmask/vpn/helpers/linux/bitmask-root @@ -73,7 +73,7 @@ def get_no_group_name(): return None -VERSION = "6" +VERSION = "7" SCRIPT = "bitmask-root" NAMESERVER = "10.42.0.1" BITMASK_CHAIN = "bitmask" @@ -105,7 +105,8 @@ FIXED_FLAGS = [ "--management-signal", "--script-security", "1", "--user", "nobody", - "--remap-usr1", "SIGTERM", + "--persist-key", + "--persist-tun", ] if OPENVPN_GROUP is not None: @@ -121,7 +122,8 @@ ALLOWED_FLAGS = { "--cert": ["FILE"], "--key": ["FILE"], "--ca": ["FILE"], - "--fragment": ["NUMBER"] + "--fragment": ["NUMBER"], + "--keepalive": ["NUMBER", "NUMBER"], } PARAM_FORMATS = { @@ -964,6 +966,7 @@ def main(): else: bail("ERROR: No such command") + if __name__ == "__main__": debug(" ".join(sys.argv)) main() -- cgit v1.2.3