{"update": {"autokarma": true, "autotime": false, "stable_karma": 2, "stable_days": 0, "unstable_karma": -1, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Updating to upstream OpenVPN v2.4.1.  This update re-introduces a **DEPRECATED** feature to, **--tls-remote** to enable v2.3 installations to upgrade. Users are **STRONGLY** encouraged to update their configurations to use the newer option, **--verify-x509-name**.  In addition the general packaging have been cleaned up.\n\n\n", "type": "enhancement", "status": "stable", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2017-03-23 16:12:20", "date_modified": "2017-03-29 22:23:17", "date_approved": null, "date_testing": "2017-03-31 03:24:45", "date_stable": "2017-04-15 01:51:57", "alias": "FEDORA-EPEL-2017-3da5d4f25f", "test_gating_status": null, "from_tag": null, "date_pushed": "2017-04-15 01:51:57", "meets_testing_requirements": false, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-EPEL-2017-3da5d4f25f", "title": "openvpn-2.4.1-3.el6", "version_hash": "4ac16c9eb00cd6b95d2069f18d10d3ae268dfadf", "release": {"name": "EL-6", "long_name": "Fedora EPEL 6", "version": "6", "id_prefix": "FEDORA-EPEL", "branch": "el6", "dist_tag": "dist-6E-epel", "stable_tag": "dist-6E-epel", "testing_tag": "dist-6E-epel-testing", "candidate_tag": "dist-6E-epel-testing-candidate", "pending_signing_tag": "", "pending_testing_tag": "", "pending_stable_tag": "", "override_tag": "dist-6E-epel-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by dsommers. ", "timestamp": "2017-03-23 16:12:20", "update_id": 83301, "user_id": 91, "id": 580876, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "dsommers edited this update.\n\nNew build(s):\n\n- openvpn-2.4.1-2.el6\n\nRemoved build(s):\n\n- openvpn-2.4.1-1.el6", "timestamp": "2017-03-23 23:00:28", "update_id": 83301, "user_id": 91, "id": 581111, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2017-03-24 19:16:35", "update_id": 83301, "user_id": 91, "id": 581566, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "dsommers edited this update.\n\nNew build(s):\n\n- openvpn-2.4.1-3.el6\n\nRemoved build(s):\n\n- openvpn-2.4.1-2.el6", "timestamp": "2017-03-29 22:22:21", "update_id": 83301, "user_id": 91, "id": 584348, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by dsommers. ", "timestamp": "2017-03-29 22:22:28", "update_id": 83301, "user_id": 91, "id": 584349, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "dsommers edited this update.", "timestamp": "2017-03-29 22:23:16", "update_id": 83301, "user_id": 91, "id": 584350, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2017-03-31 03:47:50", "update_id": 83301, "user_id": 91, "id": 585116, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes", "timestamp": "2017-04-14 06:00:18", "update_id": 83301, "user_id": 91, "id": 593350, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "I've run openvpn-2.4.1-2.el6  on a SL6.7 since March 23 and 2.4.1-3.el6 since April 10.  Both configured with server and client configurations.  Everything works as expected in those configurations.  The 2.4 release have otherwise been pushed out for el7, where the main difference is that el7 is systemd based and el6 still uses init.d scripts.  So considering this to be reasonably safe.", "timestamp": "2017-04-14 12:54:35", "update_id": 83301, "user_id": 446, "id": 593480, "bug_feedback": [{"karma": 0, "comment_id": 593480, "bug_id": 1435036, "bug": {"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by dsommers. ", "timestamp": "2017-04-14 12:55:28", "update_id": 83301, "user_id": 91, "id": 593481, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2017-04-15 02:46:14", "update_id": 83301, "user_id": 91, "id": 593816, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Hi Guys,\n/var/run/openvpn/ is missing in rpm-File:\nrpm -ql openvpn\n/etc/openvpn\n/etc/openvpn/client\n/etc/openvpn/server\n/usr/lib/systemd/system/openvpn-client@.service\n/usr/lib/systemd/system/openvpn-server@.service\n/usr/lib/systemd/system/openvpn@.service\n/usr/lib/tmpfiles.d/openvpn.conf\n/usr/lib64/openvpn\n/usr/lib64/openvpn/plugins\n/usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so\n/usr/lib64/openvpn/plugins/openvpn-plugin-down-root.so\n/usr/sbin/openvpn\n/usr/share/doc/openvpn-2.4.1\n/usr/share/doc/openvpn-2.4.1/AUTHORS\n/usr/share/doc/openvpn-2.4.1/COPYING\n/usr/share/doc/openvpn-2.4.1/COPYRIGHT.GPL\n/usr/share/doc/openvpn-2.4.1/Changes.rst\n/usr/share/doc/openvpn-2.4.1/README\n/usr/share/doc/openvpn-2.4.1/README.auth-pam\n/usr/share/doc/openvpn-2.4.1/README.down-root\n/usr/share/doc/openvpn-2.4.1/README.systemd\n/usr/share/doc/openvpn-2.4.1/contrib\n/usr/share/doc/openvpn-2.4.1/contrib/OCSP_check\n/usr/share/doc/openvpn-2.4.1/contrib/OCSP_check/OCSP_check.sh\n/usr/share/doc/openvpn-2.4.1/contrib/README\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00/README\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.down\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.up\n/usr/share/doc/openvpn-2.4.1/contrib/pull-resolv-conf\n/usr/share/doc/openvpn-2.4.1/contrib/pull-resolv-conf/client.down\n/usr/share/doc/openvpn-2.4.1/contrib/pull-resolv-conf/client.up\n/usr/share/doc/openvpn-2.4.1/management-notes.txt\n/usr/share/doc/openvpn-2.4.1/sample\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/README\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/client.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/firewall.sh\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/home.up\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/loopback-client\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/loopback-server\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/office.up\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/openvpn-shutdown.sh\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/openvpn-startup.sh\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/roadwarrior-client.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/roadwarrior-server.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/server.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/static-home.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/static-office.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/tls-home.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/tls-office.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/xinetd-client-config\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/xinetd-server-config\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/auth-pam.pl\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/bridge-start\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/bridge-stop\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/ucn.pl\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/verify-cn\n/usr/share/doc/openvpn-2.4.1/sample/sample-windows\n/usr/share/doc/openvpn-2.4.1/sample/sample-windows/sample.ovpn\n/usr/share/man/man8/openvpn.8.gz\n\n\nSo openvpn is unable to create its pidfile. Altough openvpn-client still can start.\nThere is also a report on this here: https://bugzilla.redhat.com/show_bug.cgi?id=1435036#c15", "timestamp": "2017-06-26 15:58:47", "update_id": 83301, "user_id": 207, "id": 627472, "bug_feedback": [{"karma": 0, "comment_id": 627472, "bug_id": 1435036, "bug": {"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Please test a far newer OpenVPN release.  This release is obsolete.  OpenVPN 2.4.3 was put submitted 5 days ago.\n\n    $ rpm -ql openvpn | grep run\n    /var/run/openvpn\n    $ rpm -q openvpn\n    openvpn-2.4.3-1.el6.x86_64\n\nThis should not be an issue at all.  You can find it here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9ec615ff74\n\nBtw. the bz you reference is also an invalid reference.  That is related to Fedora 26, which relies on systemd and its tmpfiles service.  That does not exist on EL6.\n", "timestamp": "2017-06-26 16:30:55", "update_id": 83301, "user_id": 446, "id": 627490, "bug_feedback": [{"karma": 0, "comment_id": 627490, "bug_id": 1435036, "bug": {"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Sorry, a little clarification.  That bz *comment* you reference, is related to a Fedora release with systemd.", "timestamp": "2017-06-26 16:33:35", "update_id": 83301, "user_id": 446, "id": 627491, "bug_feedback": [{"karma": 0, "comment_id": 627491, "bug_id": 1435036, "bug": {"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}, {"karma": 0, "karma_critpath": 0, "text": "@dsommers: as you told here https://bodhi.fedoraproject.org/updates/openvpn-2.4.1-2.el7#comment-588424 this is a feature on EL7. This package here only affects EL6", "timestamp": "2017-06-27 09:09:54", "update_id": 83301, "user_id": 207, "id": 627926, "bug_feedback": [{"karma": 0, "comment_id": 627926, "bug_id": 1435036, "bug": {"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "That is right. The tmpfiles.d stuff is related to systemd, which is EL7 and any Fedora releases after 17 or so.\nAnd /var/run/openvpn is packaged properly in openvpn-2.4.2 and openvpn-2.4.3, so this is no longer an issue.\nThe openvpn-2.4.1 package this update is about, is obsolete and outdated.", "timestamp": "2017-06-27 10:46:59", "update_id": 83301, "user_id": 446, "id": 627950, "bug_feedback": [{"karma": 0, "comment_id": 627950, "bug_id": 1435036, "bug": {"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}], "builds": [{"nvr": "openvpn-2.4.1-3.el6", "signed": false, "release_id": 10, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1435036, "title": "openvpn-2.4.1 is available", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 585201, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Not sure if this is the correct place to add this feedback, but the Update from 2.3 to 2.4 broke OpenVPN completely for me. I rely on a config with a static `tls-auth` file and OpenVPN 2.4 just refuses to read the key from that file with:\n\n```\nMar 31 10:44:11 kandalingo nm-openvpn[15831]: Insufficient key material or header text not found in file '/home/bascht/.cert/customer-abc/tls-auth.txt' (0/128/256 bytes found/min/max)\n```\n\nManually downgrading OpenVPN to 2.3.14-1.fc25 fixes the problem. \n\nI'm posting this here, as it might help someone else later. ;-)", "timestamp": "2017-03-31 09:49:00", "update_id": 83696, "user_id": 207, "id": 585201, "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 585242, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@anonymous, This sounds like an invalid tls-auth key file.  Earlier versions could somehow try to make some sense out of it.  But most commonly that would result in a weaker security compared to using a proper key file.  The reason I believe this is due to the last part of the line \"(0/128/256 bytes found/min/max)\".  It means it didn't find any keying material at all, and it expects at least 128 bits.\n\nUsers experiencing these issues must update their keys ASAP, regardless of OpenVPN version.  The recommended way is to let OpenVPN generate the key:  `$\u00a0openvpn --secret tls-auth.key --genkey`", "timestamp": "2017-03-31 11:17:20", "update_id": 83696, "user_id": 446, "id": 585242, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 585267, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Yes! I have received some positive reports on these exact changes in F25 and F26, so I will update this update with a new build during today.  Bugzilla rhbz#1435831is the one covering this issue.\n", "timestamp": "2017-03-31 13:03:48", "update_id": 83348, "user_id": 446, "id": 585267, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 581252, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me, client and server side, over UDP and TCP.  Not sure about the backwards compatibility issues from the previous 2.4 build re: .ovpn files - I'm only using via the NetworkManager plugin.", "timestamp": "2017-03-24 07:33:53", "update_id": 83251, "user_id": 840, "id": 581252, "testcase_feedback": [], "user": {"name": "dimitrisk", "email": "dimitris.on.linux@gmail.com", "id": 840, "avatar": "https://seccdn.libravatar.org/avatar/7f22b06f9390803dc7aced957318958e36b27879e87a0f174d7274678aa68de3?s=24&d=retro", "openid": "dimitrisk.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 581358, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Fixes the regression with my VPN.", "timestamp": "2017-03-24 14:34:46", "update_id": 83252, "user_id": 983, "id": 581358, "testcase_feedback": [], "user": {"name": "hadess", "email": "bnocera@redhat.com", "id": 983, "avatar": "https://seccdn.libravatar.org/avatar/a2ca62422c0d280286261094e5bb98c14b69ef28df72212f79f351d43f5b860c?s=24&d=retro", "openid": "hadess.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "cla_redhat"}, {"name": "trust admins"}]}}}, {"karma": -1, "comment_id": 581562, "bug_id": 1435036, "comment": {"karma": -1, "karma_critpath": 0, "text": "openvpn@.service can't start, see https://bugzilla.redhat.com/show_bug.cgi?id=1435036#c15", "timestamp": "2017-03-24 19:03:56", "update_id": 83251, "user_id": 688, "id": 581562, "testcase_feedback": [], "user": {"name": "nucleo", "email": "alekcejk@googlemail.com", "id": 688, "avatar": "https://seccdn.libravatar.org/avatar/90ceb8e362e23d9ecaafa87854177f9dedb363f0ad40357579516288beea7c0b?s=24&d=retro", "openid": "nucleo.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 581923, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "I tested this on my managed VPN service running on CentOS 7 (update from 2.3.x to 2.4.1), it works like a charm I must say! Great the old (systemd) service file is still there. Will report back here if there are any issues...", "timestamp": "2017-03-25 15:30:45", "update_id": 83348, "user_id": 423, "id": 581923, "testcase_feedback": [], "user": {"name": "fkooman", "email": "fkooman@tuxed.net", "id": 423, "avatar": "https://seccdn.libravatar.org/avatar/8af1ab16d532458205b5334907cdfc0ce6483ddf6f514514133cb07cee400ed9?s=24&d=retro", "openid": "fkooman.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 582836, "bug_id": 1435036, "comment": {"karma": -1, "karma_critpath": 0, "text": "This does *not* work for me: There's a semantic change in `--proto udp` meaning IPv4 *and* IPv6 now. As our company's server can be reached via IPv6, but doesn't offer OpenVPN via IPv6, no connection can be established - and OpenVPN doesn't fall back to IPv4.\n\nNow, I could use `--proto udp4` instead, alas NetworkManager doesn't offer that as far as I can see.", "timestamp": "2017-03-27 17:40:22", "update_id": 83251, "user_id": 101, "id": 582836, "testcase_feedback": [], "user": {"name": "thm", "email": "thomas.moschny@gmx.de", "id": 101, "avatar": "https://seccdn.libravatar.org/avatar/a7a331584512054821ac98c7cb74f8608b86828f65d6cf5eca69c1e61daedeea?s=24&d=retro", "openid": "thm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 582916, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@thm, that is hardly an OpenVPN package issue.  That is an issue which needs to be solved by NetworkManager-openvpn plug-in, which is outside maintained by the NetworkManager team.\n\nYou can also \"workaround\" this by either adding just the IPv4 addresses to the appropriate hostname in /etc/hosts ... or by using an IPv4 address instead of a hostname in NetworkManager.", "timestamp": "2017-03-27 19:25:34", "update_id": 83251, "user_id": 446, "id": 582916, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 582922, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@dsommers Sorry, but I tend to disagree. This is a change in behavior. The Updates Policy mandates that packages must \"avoid changing the user experience if at all possible\". Changing the meaning of an option (`--proto` in that case) is such a change.", "timestamp": "2017-03-27 19:52:43", "update_id": 83251, "user_id": 101, "id": 582922, "testcase_feedback": [], "user": {"name": "thm", "email": "thomas.moschny@gmx.de", "id": 101, "avatar": "https://seccdn.libravatar.org/avatar/a7a331584512054821ac98c7cb74f8608b86828f65d6cf5eca69c1e61daedeea?s=24&d=retro", "openid": "thm.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 584351, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@fkooman, there is a potential issue with this update where OpenVPN will not start after a reboot if using the old and deprecated openvpn@.service units.  The new ones (openvpn-client@.service and openvpn-server@.service) should work fine.\n\nI will backport several of the packaging enhancements from rawhide and F25 which should resolve this issue - and a few other ones as well.  Hopefully I will manage that this week.", "timestamp": "2017-03-29 22:30:13", "update_id": 83348, "user_id": 446, "id": 584351, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 1, "comment_id": 584369, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Problem solved, but I think both #1435831 and the new config should have been dealt with differently. An announcement on devel was certainly warranted and for the rest of our users it would have been even better if there was an announcement somewhere visible, like fedora magazine. When the old configurations start failing, I don't expect there will be many people searching for README.systemd (which is very useful with the examples and all) in /usr/share/doc.", "timestamp": "2017-03-29 23:02:37", "update_id": 83696, "user_id": 367, "id": 584369, "testcase_feedback": [], "user": {"name": "alexpl", "email": "alex.ploumistos@gmail.com", "id": 367, "avatar": "https://seccdn.libravatar.org/avatar/c8ef98b832fe2240130a04ceeec5757c5d3289ad74d259eda7b5c784822c6327?s=24&d=retro", "openid": "alexpl.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "scitech_sig"}]}}}, {"karma": 0, "comment_id": 584370, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@dsommers, it seems `/var/run/openvpn` does not exist anymore after reboot, only `/var/run/openvpn-{client,server}`.  That's the issue you are talking about? I'm looking to move to the server one soon though!", "timestamp": "2017-03-29 23:07:19", "update_id": 83348, "user_id": 423, "id": 584370, "testcase_feedback": [], "user": {"name": "fkooman", "email": "fkooman@tuxed.net", "id": 423, "avatar": "https://seccdn.libravatar.org/avatar/8af1ab16d532458205b5334907cdfc0ce6483ddf6f514514133cb07cee400ed9?s=24&d=retro", "openid": "fkooman.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 584576, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works here, after creating the `/etc/openvpn/server` directory and moving config files there.\n\nOn the client side, NetworkManager-controlled, no change was needed.", "timestamp": "2017-03-30 07:21:51", "update_id": 83696, "user_id": 840, "id": 584576, "testcase_feedback": [], "user": {"name": "dimitrisk", "email": "dimitris.on.linux@gmail.com", "id": 840, "avatar": "https://seccdn.libravatar.org/avatar/7f22b06f9390803dc7aced957318958e36b27879e87a0f174d7274678aa68de3?s=24&d=retro", "openid": "dimitrisk.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 1, "comment_id": 584613, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine on x86_64.", "timestamp": "2017-03-30 09:11:50", "update_id": 83696, "user_id": 1177, "id": 584613, "testcase_feedback": [], "user": {"name": "jayjayjazz", "email": "jayjayjazz@gmail.com", "id": 1177, "avatar": "https://seccdn.libravatar.org/avatar/b7f3994e0ba48616a78257e2477c106613cb1d0802ef48790f7b51d4d7943211?s=24&d=retro", "openid": "jayjayjazz.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 584640, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Sorry!  The wrong build was added to this one.  It should be openvpn-2.4.1-3.fc26.  Fixing now.", "timestamp": "2017-03-30 09:36:45", "update_id": 83695, "user_id": 446, "id": 584640, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 584647, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@dimitrisk, I will have a new 2.4.1-3 update soon which takes care of the /etc/openvpn/{client,server} directories and fixes a lot of the rpmlint issues as well.\n\n@alexpl, I completely agree that the process around v2.4 have been incredibly ugly.  I appreciate the work of former package maintainers, they've done a great job over a long period of time.  Unfortunately, the state of the package had drifted away from upstream expectations and there was a lot of legacy cruft which in several areas was just wrong.  So despite the v2.4 upgrade not really being this dramatic, it turned out way more ugly than I wanted.  And in all this, I didn't consider the state of openvpn@.service carefully enough.  The initial plan was that users of openvpn@.service wouldn't notice this at all in F25 and F26, but there were some entanglements I didn't consider carefully enough.  Depending on how F25/F26 goes with all this fixed, I will consider if openvpn@.service deprecation will be postponed from F27 to F28.  And I will certainly send mails to Fedora ML once the dust settles.  Silly of me not doing that in the beginning.\n\nAgain, I'm truly sorry about this mess.  But I'm the type of person who seldom looks back and rather tries to fix issues ASAP and move forward. ", "timestamp": "2017-03-30 09:55:29", "update_id": 83696, "user_id": 446, "id": 584647, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 587023, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@fkooman, Those issues we've discussed should be covered by this new openvpn-2.4.1-2.el7 build.  This build should not break openvpn@.service units upon boot any more.", "timestamp": "2017-04-03 13:31:28", "update_id": 83348, "user_id": 446, "id": 587023, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 588340, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@dsommers, I updated to -2 and everything seems fine, not sure how you fixed things, but my fix consisted of adding an extra entry to the tmpfiles file, that worked too :)", "timestamp": "2017-04-05 15:42:34", "update_id": 83348, "user_id": 423, "id": 588340, "testcase_feedback": [], "user": {"name": "fkooman", "email": "fkooman@tuxed.net", "id": 423, "avatar": "https://seccdn.libravatar.org/avatar/8af1ab16d532458205b5334907cdfc0ce6483ddf6f514514133cb07cee400ed9?s=24&d=retro", "openid": "fkooman.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 588424, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "The second part of my answer in comment #9 in rhbz#1435831 actually answers that.  The TL;DR answer is that OpenVPN v2.4 can talk directly to systemd and does not need to use PID files and a directory where to save them.  This is solved by using Type=notify, which OpenVPN detects and uses sd_notify() under the hood.\n\nIn addition, if not using that approach but using Type=simple instead of Type=fork which the previous unit file used,  the need to use both --daemon and PID files also goes away.  So the approach used in the old unit file actually never was a good solution at all, making it unnecessary complicated by needing a tmpfiles.d config  in addition.\n\nHowever, using Type=notify have the advantage of ignoring --daemon in OpenVPN configuration files automatically.  Which is not needed.  The old approach or using the simpler Type=simple approach could havoc if the config file itself contains --daemon.", "timestamp": "2017-04-05 19:22:32", "update_id": 83348, "user_id": 446, "id": 588424, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 588425, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "> The old approach or using the simpler Type=simple approach could havoc if the config file itself contains --daemon.\n\nJust noticed this is slightly too much simplified and wrong.\n\nThe old approach **had** to use --daemon, as Type=fork tells systemd \"*this process forks a child process*\".  Otherwise it would fail.  And then it was required to use a PID file so systemd actually could manage the process somewhat.\n\nUsing just Type=simple (which is the default, if Type= is not provided) will fail if the OpenVPN configuration uses --daemon, as then the OpenVPN processes forks of a child process, daemonizes  it and the parent process quits.  Systemd would then be confused by this, as it doesn't expect the (parent) process to quit just like that.\n\nSo with Type=notify, OpenVPN actually detects that it is systemd who started the process, and then provides a \"status string\", including its PID value via sd_notify() inside the OpenVPN process directly.  And when this is done, OpenVPN just ignores forking daemonizing if  --daemon is provided, as that is not needed with this approach.  So if a configuration file carries --daemon, it doesn't break anything by confusing systemd by the forking and daemonizing steps.", "timestamp": "2017-04-05 19:33:16", "update_id": 83348, "user_id": 446, "id": 588425, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 588951, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Works perfectly fine. No regressions noted.", "timestamp": "2017-04-06 14:08:14", "update_id": 83348, "user_id": 207, "id": 588951, "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 589410, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Working fine for me.", "timestamp": "2017-04-07 07:45:18", "update_id": 83348, "user_id": 417, "id": 589410, "testcase_feedback": [], "user": {"name": "kuosmanen", "email": "marttikuosmanen@yahoo.co.uk", "id": 417, "avatar": "https://seccdn.libravatar.org/avatar/f3714c2a7011e3502adfb9a26f903fa82c2f4430fece97c57f8053b97ea59fd6?s=24&d=retro", "openid": "kuosmanen.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 589443, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@dsommers thanks for the extensive explanation! :)", "timestamp": "2017-04-07 08:19:13", "update_id": 83348, "user_id": 423, "id": 589443, "testcase_feedback": [], "user": {"name": "fkooman", "email": "fkooman@tuxed.net", "id": 423, "avatar": "https://seccdn.libravatar.org/avatar/8af1ab16d532458205b5334907cdfc0ce6483ddf6f514514133cb07cee400ed9?s=24&d=retro", "openid": "fkooman.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 590014, "bug_id": 1435036, "comment": {"karma": 1, "karma_critpath": 0, "text": "Working fine for me as well.", "timestamp": "2017-04-08 03:30:51", "update_id": 83348, "user_id": 3562, "id": 590014, "testcase_feedback": [], "user": {"name": "flipneus", "email": "flipneus@gmail.com", "id": 3562, "avatar": "https://seccdn.libravatar.org/avatar/783f9bcc92141f2bdbdd986f2ea4a25b2b6d31607908a01fbc7331ec5e00b538?s=24&d=retro", "openid": "flipneus.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 593480, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "I've run openvpn-2.4.1-2.el6  on a SL6.7 since March 23 and 2.4.1-3.el6 since April 10.  Both configured with server and client configurations.  Everything works as expected in those configurations.  The 2.4 release have otherwise been pushed out for el7, where the main difference is that el7 is systemd based and el6 still uses init.d scripts.  So considering this to be reasonably safe.", "timestamp": "2017-04-14 12:54:35", "update_id": 83301, "user_id": 446, "id": 593480, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 627472, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Hi Guys,\n/var/run/openvpn/ is missing in rpm-File:\nrpm -ql openvpn\n/etc/openvpn\n/etc/openvpn/client\n/etc/openvpn/server\n/usr/lib/systemd/system/openvpn-client@.service\n/usr/lib/systemd/system/openvpn-server@.service\n/usr/lib/systemd/system/openvpn@.service\n/usr/lib/tmpfiles.d/openvpn.conf\n/usr/lib64/openvpn\n/usr/lib64/openvpn/plugins\n/usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so\n/usr/lib64/openvpn/plugins/openvpn-plugin-down-root.so\n/usr/sbin/openvpn\n/usr/share/doc/openvpn-2.4.1\n/usr/share/doc/openvpn-2.4.1/AUTHORS\n/usr/share/doc/openvpn-2.4.1/COPYING\n/usr/share/doc/openvpn-2.4.1/COPYRIGHT.GPL\n/usr/share/doc/openvpn-2.4.1/Changes.rst\n/usr/share/doc/openvpn-2.4.1/README\n/usr/share/doc/openvpn-2.4.1/README.auth-pam\n/usr/share/doc/openvpn-2.4.1/README.down-root\n/usr/share/doc/openvpn-2.4.1/README.systemd\n/usr/share/doc/openvpn-2.4.1/contrib\n/usr/share/doc/openvpn-2.4.1/contrib/OCSP_check\n/usr/share/doc/openvpn-2.4.1/contrib/OCSP_check/OCSP_check.sh\n/usr/share/doc/openvpn-2.4.1/contrib/README\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00/README\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.down\n/usr/share/doc/openvpn-2.4.1/contrib/openvpn-fwmarkroute-1.00/fwmarkroute.up\n/usr/share/doc/openvpn-2.4.1/contrib/pull-resolv-conf\n/usr/share/doc/openvpn-2.4.1/contrib/pull-resolv-conf/client.down\n/usr/share/doc/openvpn-2.4.1/contrib/pull-resolv-conf/client.up\n/usr/share/doc/openvpn-2.4.1/management-notes.txt\n/usr/share/doc/openvpn-2.4.1/sample\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/README\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/client.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/firewall.sh\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/home.up\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/loopback-client\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/loopback-server\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/office.up\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/openvpn-shutdown.sh\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/openvpn-startup.sh\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/roadwarrior-client.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/roadwarrior-server.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/server.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/static-home.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/static-office.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/tls-home.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/tls-office.conf\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/xinetd-client-config\n/usr/share/doc/openvpn-2.4.1/sample/sample-config-files/xinetd-server-config\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/auth-pam.pl\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/bridge-start\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/bridge-stop\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/ucn.pl\n/usr/share/doc/openvpn-2.4.1/sample/sample-scripts/verify-cn\n/usr/share/doc/openvpn-2.4.1/sample/sample-windows\n/usr/share/doc/openvpn-2.4.1/sample/sample-windows/sample.ovpn\n/usr/share/man/man8/openvpn.8.gz\n\n\nSo openvpn is unable to create its pidfile. Altough openvpn-client still can start.\nThere is also a report on this here: https://bugzilla.redhat.com/show_bug.cgi?id=1435036#c15", "timestamp": "2017-06-26 15:58:47", "update_id": 83301, "user_id": 207, "id": 627472, "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 627490, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Please test a far newer OpenVPN release.  This release is obsolete.  OpenVPN 2.4.3 was put submitted 5 days ago.\n\n    $ rpm -ql openvpn | grep run\n    /var/run/openvpn\n    $ rpm -q openvpn\n    openvpn-2.4.3-1.el6.x86_64\n\nThis should not be an issue at all.  You can find it here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-9ec615ff74\n\nBtw. the bz you reference is also an invalid reference.  That is related to Fedora 26, which relies on systemd and its tmpfiles service.  That does not exist on EL6.\n", "timestamp": "2017-06-26 16:30:55", "update_id": 83301, "user_id": 446, "id": 627490, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 627491, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "Sorry, a little clarification.  That bz *comment* you reference, is related to a Fedora release with systemd.", "timestamp": "2017-06-26 16:33:35", "update_id": 83301, "user_id": 446, "id": 627491, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}, {"karma": 0, "comment_id": 627926, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "@dsommers: as you told here https://bodhi.fedoraproject.org/updates/openvpn-2.4.1-2.el7#comment-588424 this is a feature on EL7. This package here only affects EL6", "timestamp": "2017-06-27 09:09:54", "update_id": 83301, "user_id": 207, "id": 627926, "testcase_feedback": [], "user": {"name": "anonymous", "email": null, "id": 207, "avatar": "https://seccdn.libravatar.org/avatar/37a8eec1ce19687d132fe29051dca629d164e2c4958ba141d5f4133a33f0688f?s=24&d=retro", "openid": "anonymous.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 627950, "bug_id": 1435036, "comment": {"karma": 0, "karma_critpath": 0, "text": "That is right. The tmpfiles.d stuff is related to systemd, which is EL7 and any Fedora releases after 17 or so.\nAnd /var/run/openvpn is packaged properly in openvpn-2.4.2 and openvpn-2.4.3, so this is no longer an issue.\nThe openvpn-2.4.1 package this update is about, is obsolete and outdated.", "timestamp": "2017-06-27 10:46:59", "update_id": 83301, "user_id": 446, "id": 627950, "testcase_feedback": [], "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}}}]}], "updateid": "FEDORA-EPEL-2017-3da5d4f25f", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}