06.12.2025 14:37, Stuart Henderson пишет:
> then if someone doesn't set --daemon themselves (either on the command line or in config) the script won't work properly. not sure I see the problem with specifying --config?

Hence the sentence about MESSAGE or current.html.

Altough this is more about --daemon not being usable inside a config file
due to our rc.d script's assumption about it not taking arguments.

> 
> upstream supports multiple sockets in server mode now, btw.

Oh?  I'll take another look, thanks.

I don't think it's super critical, but I'd still like to rectify this;
we have relatively few scripts forcing flags in `daemon' and for openvpn
this is not strictly neccessary.

> 
> -- 
>   Sent from a phone, apologies for poor formatting.
> 
> 
> On 6 December 2025 10:43:34 Klemens Nanni <kn@openbsd.org> wrote:
> 
>> Whilst the intention here is to ensure a background daemon,
>> this flag may also take an argument [progname] to set its syslog name.
>>
>> openvpn(8) also lets you omit --config in front of an absoloute path
>> if that file is the first argument, but flags in `daemon' break that.
>>
>> My use case is multiple openvpn servers on different listen sockets
>> as OpenVPN on OpenBSD is unable to serve IPv4 and IPv6 in one process:
>>  
>>  $ file /etc/rc.d/openvpn?
>>  /etc/rc.d/openvpn4: symbolic link to '/etc/rc.d/openvpn'
>>  /etc/rc.d/openvpn6: symbolic link to '/etc/rc.d/openvpn'
>>
>>  $ grep ^openvpn /etc/rc.conf.local
>>  openvpn4_flags=/etc/openvpn/server4.conf
>>  openvpn6_flags=/etc/openvpn/server6.conf
>>
>>  $ head -n4 /etc/openvpn/server4.conf
>>  config /etc/openvpn/server.common
>>  daemon openvpn4
>>  local 0.0.0.0
>>  dev tun4
>>
>> I could work around this, knowing that --daemon is hardcoded,
>> but it looks ugly and is less flexible:
>>
>>  # rcctl set openvpn6 flags openvpn6 --config /...
>>
>> Feedback?
>>
>> Existing setups need adjusting, but I'm not sure whether MESSAGE or
>> current.html is the best way to signal that.
>>
>>
>> Index: Makefile
>> ===================================================================
>> RCS file: /cvs/ports/net/openvpn/Makefile,v
>> diff -u -p -r1.138 Makefile
>> --- Makefile 29 Nov 2025 15:43:27 -0000 1.138
>> +++ Makefile 5 Dec 2025 22:32:37 -0000
>> @@ -1,6 +1,7 @@
>>  COMMENT= easy-to-use, robust, and highly configurable VPN
>>  
>>  DISTNAME= openvpn-2.6.17
>> +REVISION= 0
>>  
>>  CATEGORIES= net security
>>  
>> Index: pkg/openvpn.rc
>> ===================================================================
>> RCS file: /cvs/ports/net/openvpn/pkg/openvpn.rc,v
>> diff -u -p -r1.2 openvpn.rc
>> --- pkg/openvpn.rc 10 Mar 2022 00:04:07 -0000 1.2
>> +++ pkg/openvpn.rc 5 Dec 2025 22:33:17 -0000
>> @@ -1,6 +1,7 @@
>>  #!/bin/ksh
>>  
>> -daemon="${TRUEPREFIX}/sbin/openvpn --daemon"
>> +daemon="${TRUEPREFIX}/sbin/openvpn"
>> +daemon_flags="--daemon"
>>  
>>  . /etc/rc.d/rc.subr
>