[plug] Centos openvpn question if I could

William Kenworthy billk at iinet.net.au
Tue Jan 31 14:49:54 WST 2012


Unfortunately redhat are making a lot of changes under the hood.
Systemd, udev and throwing out the FHS in the interests of simplifying
for their target market are coming ... however they are dragging (very
unwillingly) many distros with them because they have such a large part
of critical components such as udev (udev will require files from /usr
early in the boot process which causes a snowball of changes).  Some
changes are long overdue (RO /usr), others such as moving most system
directories to / with the aim of making /usr always available, and
getting rid of /sbin and others (/bin and /lib have been mentioned)
look like folly ... but are going to happen anyway it seems.  The
biggest objection thats come out so far is the requirement to use an
initramfs if you have /usr (and eventually other) directories not on / -
makes best practise server partitioning impossible (redhats view seems
to be that separation of system directories for reliability is no longer
necessary).  As for the FHS, they will probably make their changes, and
propose a new version of the FHS to make it "legit".

There have been a very large number of emails to the gentoo lists (as a
source distro with close links to how the underlying structure is
organised, it affect gentoo users/admins more than others) on this with
only a few (vocal) supporters - most are against.  Its not the changes
themselves that are the problem for other distros, its being forced to
follow redhat where you might not want to go.  Its just starting,
interesting times ahead!

BillK



On Tue, 2012-01-31 at 13:34 +0800, Chris Griffin wrote:
> Sadly so. The main reason I am going away from Fedora though is what
> they have down with Gnome, especially, and to a degree KDE. systemd
> was because I could not work out how/where to set up and start
> openvpn. So much seems to be missing out of /etc/init.d and I could
> not work out where or how to do it now. And I had little interest in
> working it out given  I hated the new gnome interface so much.
> 
> Chris
> 
> On Tue, Jan 31, 2012 at 12:47 PM, Ian Kent <raven at themaw.net> wrote:
> > On Tue, 2012-01-31 at 11:50 +0800, Chris Griffin wrote:
> >> Systemd is the other reason i am bumping Fedora.
> >
> > Systemd will still catch up with you in CentOS-7 I expect.
> >
> >>
> >> On 31/01/2012 9:20 AM, "Andrew Cooks" <acooks at gmail.com> wrote:
> >>         On Mon, Jan 30, 2012 at 10:55 AM, Ian Kent <raven at themaw.net>
> >>         wrote:
> >>
> >>                 > It looks good but I have installed openvpn
> >>                 (openswan) and rpm tells me
> >>                 > it is there but the /etc/openvpn directory is not
> >>                 there nor is the
> >>                 > /etc/init.d/openvpn startup script.
> >>
> >>                 Obviously you won't find that in an openswan install
> >>                 since it would
> >>                 conflict with the init script in an openvpn install.
> >>
> >>
> >>         OpenVPN and Openswan will not necessarily clash, unless the
> >>         init scripts make incorrect assumptions about TUN/TAP
> >>         interfaces. Each service should have its own init script.
> >>         (systemd is yet another thing to trip you in Fedora 15).
> >>
> >>
> >>         As a side note, Openswan is an ipsec implementation which
> >>         works on the TCP/UDP layer of the network, whereas OpenVPN
> >>         works like any "normal application" on top of TCP/UDP. Ipsec
> >>         can be really hard to use in the NATed networks and dynamic
> >>         IPs that are common today, whereas an ssl-over-udp tunnel like
> >>         OpenVPN is relatively simple, so don't switch if you can help
> >>         it.
> >>
> >>
> >>         A.
> >>
> >>         _______________________________________________
> >>         PLUG discussion list: plug at plug.org.au
> >>         http://lists.plug.org.au/mailman/listinfo/plug
> >>         Committee e-mail: committee at plug.org.au
> >>         PLUG Membership: http://www.plug.org.au/membership
> >> _______________________________________________
> >> PLUG discussion list: plug at plug.org.au
> >> http://lists.plug.org.au/mailman/listinfo/plug
> >> Committee e-mail: committee at plug.org.au
> >> PLUG Membership: http://www.plug.org.au/membership
> >
> >
> > _______________________________________________
> > PLUG discussion list: plug at plug.org.au
> > http://lists.plug.org.au/mailman/listinfo/plug
> > Committee e-mail: committee at plug.org.au
> > PLUG Membership: http://www.plug.org.au/membership
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.org.au
> PLUG Membership: http://www.plug.org.au/membership




More information about the plug mailing list