From b7968faa2a6dac1bd9641309ccf4c9a387bca26c Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Tue, 21 Jan 2014 20:37:31 +0100
Subject: Add to code that allows excluding routes from the VPN

--HG--
extra : rebase_source : 7e20e643cb0949520b92f7ab7b623d6856ea4ef7
---
 openvpn/doc/openvpn.8 | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'openvpn/doc')

diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8
index 0235c2c8..9eebf93e 100644
--- a/openvpn/doc/openvpn.8
+++ b/openvpn/doc/openvpn.8
@@ -2097,6 +2097,16 @@ In many cases, the
 parameter can point to an empty directory, however
 complications can result when scripts or restarts
 are executed after the chroot operation.
+
+Note: if OpenVPN is built using the PolarSSL SSL
+library,
+.B \-\-chroot
+will only work if a /dev/urandom device node is available
+inside the chroot directory
+.B dir.
+This is due to the way PolarSSL works (it wants to open
+/dev/urandom every time randomness is needed, not just once
+at startup) and nothing OpenVPN can influence.
 .\"*********************************************************
 .TP
 .B \-\-setcon context
-- 
cgit v1.2.3