Merge tag 'upstream/2.3_rc1'

Upstream version 2.3_rc1
author: Alberto Gonzalez Iniesta <agi@inittab.org> 2012-11-05 16:28:10 +0100
committer: Alberto Gonzalez Iniesta <agi@inittab.org> 2012-11-05 16:28:10 +0100
commit: d213c4e5576e2fd601679e0d7b2fb1262b807111 (patch)
tree: 5f0cc82bd0f11fb13b385417604d04c751245a92 /src/plugins/down-root/README.down-root
parent: 79c8d3ef7a938f86472e549ef64e1fb820dc80c4 (diff)
parent: 8dd0350e1607aa30f7a043c8d5ec7a7eeb874115 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/src/plugins/down-root/README.down-root b/src/plugins/down-root/README.down-root
new file mode 100644
index 0000000..d337ffe
--- /dev/null
+++ b/src/plugins/down-root/README.down-root
@@ -0,0 +1,29 @@
+down-root -- an OpenVPN Plugin Module
+
+SYNOPSIS
+
+The down-root module allows an OpenVPN configuration to
+call a down script with root privileges, even when privileges
+have been dropped using --user/--group/--chroot.
+
+This module uses a split privilege execution model which will
+fork() before OpenVPN drops root privileges, at the point where
+the --up script is usually called.  The module will then remain
+in a wait state until it receives a message from OpenVPN via
+pipe to execute the down script.  Thus, the down script will be
+run in the same execution environment as the up script.
+
+BUILD
+
+Build this module with the "make" command.  The plugin
+module will be named openvpn-down-root.so
+
+USAGE
+
+To use this module, add to your OpenVPN config file:
+
+  plugin openvpn-down-root.so "command ..."
+
+CAVEATS
+
+This module will only work on *nix systems, not Windows.
author	Alberto Gonzalez Iniesta <agi@inittab.org>	2012-11-05 16:28:10 +0100
committer	Alberto Gonzalez Iniesta <agi@inittab.org>	2012-11-05 16:28:10 +0100
commit	d213c4e5576e2fd601679e0d7b2fb1262b807111 (patch)
tree	5f0cc82bd0f11fb13b385417604d04c751245a92 /src/plugins/down-root/README.down-root
parent	79c8d3ef7a938f86472e549ef64e1fb820dc80c4 (diff)
parent	8dd0350e1607aa30f7a043c8d5ec7a7eeb874115 (diff)