On 10.3-RELEASE, performing a "service -R" stops with the following error: /usr/sbin/service: ERROR: USAGE: load_rc_config_var name var when openvpn is installed. I've narrowed it down to the way the name variable is defined in the rc script: name="${name##*/}" I realize openvpn does it this way to support multiple instances. /usr/sbin/service under 10.3-RELEASE has an additional check now that trips over this: if [ -n "$rcvar" ]; then load_rc_config_var ${name} ${rcvar} fi For now, I am working around this issue by editing the rc script and setting name directly to "openvpn".
A commit references this bug: Author: mandree Date: Tue Apr 5 02:08:04 UTC 2016 New revision: 412540 URL: https://svnweb.freebsd.org/changeset/ports/412540 Log: Work around 10.3-RELEASE's service(8) shortcomings PR: 208534 Reported by: allan@saddi.com Changes: head/security/openvpn/Makefile head/security/openvpn/files/openvpn.in
I am adding a stop-gap fix, pending a later rewrite along the lines of */memcached, as proposed by Allan Jude, or another approach. There is also a Phabricator review for a revised service(8) that needs thorough scrutiny up at https://reviews.freebsd.org/D5833 I will leave this PR open for now, barring a proper fix.
I have a simpler solution up for review -- https://reviews.freebsd.org/D5846
A commit references this bug: Author: mandree Date: Sat May 14 13:33:14 UTC 2016 New revision: 415187 URL: https://svnweb.freebsd.org/changeset/ports/415187 Log: MFH: r412540 r412541 r415093 r415116 Work around 10.3-RELEASE's service(8) shortcomings (r412540) and to fix /usr/sbin/service -R (r412541). PR: 208534 Reported by: allan@saddi.com r415093 (2.3.11 upgrade) and r415116 (the polarssl fix-up) together: Security upgrade to OpenVPN 2.3.11. Quoting upstream maintainers' release notes: "This release fixes two vulnerabilities: a port-share bug with DoS potential and a buffer overflow by user supplied data when using pam authentication. In addition a number of small fixes and improvements are included." Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23 he upstream backported a change from the master branch that fixes the PolarSSL-based builds to go with the PolarSSL 1.3.X built-in defaults. Approved by: ports-secteam (junovich) PR: 209498 Security: 0dc8be9e-19af-11e6-8de0-080027ef73ec Changes: _U branches/2016Q2/ branches/2016Q2/security/openvpn/Makefile branches/2016Q2/security/openvpn/distinfo branches/2016Q2/security/openvpn/files/openvpn.in branches/2016Q2/security/openvpn/files/patch-629baad8