From: Klemens Nanni Subject: openvpn: do not force --daemon as first argument To: ports Cc: Jeremie Courreges-Anglas Date: Sat, 06 Dec 2025 10:43:02 +0000 Whilst the intention here is to ensure a background daemon, this flag may also take an argument [progname] to set its syslog name. openvpn(8) also lets you omit --config in front of an absoloute path if that file is the first argument, but flags in `daemon' break that. My use case is multiple openvpn servers on different listen sockets as OpenVPN on OpenBSD is unable to serve IPv4 and IPv6 in one process: $ file /etc/rc.d/openvpn? /etc/rc.d/openvpn4: symbolic link to '/etc/rc.d/openvpn' /etc/rc.d/openvpn6: symbolic link to '/etc/rc.d/openvpn' $ grep ^openvpn /etc/rc.conf.local openvpn4_flags=/etc/openvpn/server4.conf openvpn6_flags=/etc/openvpn/server6.conf $ head -n4 /etc/openvpn/server4.conf config /etc/openvpn/server.common daemon openvpn4 local 0.0.0.0 dev tun4 I could work around this, knowing that --daemon is hardcoded, but it looks ugly and is less flexible: # rcctl set openvpn6 flags openvpn6 --config /... Feedback? Existing setups need adjusting, but I'm not sure whether MESSAGE or current.html is the best way to signal that. Index: Makefile =================================================================== RCS file: /cvs/ports/net/openvpn/Makefile,v diff -u -p -r1.138 Makefile --- Makefile 29 Nov 2025 15:43:27 -0000 1.138 +++ Makefile 5 Dec 2025 22:32:37 -0000 @@ -1,6 +1,7 @@ COMMENT= easy-to-use, robust, and highly configurable VPN DISTNAME= openvpn-2.6.17 +REVISION= 0 CATEGORIES= net security Index: pkg/openvpn.rc =================================================================== RCS file: /cvs/ports/net/openvpn/pkg/openvpn.rc,v diff -u -p -r1.2 openvpn.rc --- pkg/openvpn.rc 10 Mar 2022 00:04:07 -0000 1.2 +++ pkg/openvpn.rc 5 Dec 2025 22:33:17 -0000 @@ -1,6 +1,7 @@ #!/bin/ksh -daemon="${TRUEPREFIX}/sbin/openvpn --daemon" +daemon="${TRUEPREFIX}/sbin/openvpn" +daemon_flags="--daemon" . /etc/rc.d/rc.subr