What is the purpose of OpenVPN's /etc/openvpn/{client,server} directories?





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







5















Ubuntu/Debian OpenVPN package contains 2 mysterious directories:



dpkg -L openvpn

...

/etc/openvpn/client

/etc/openvpn/server

...


I'm wondering what is the purpose of those directories? All tutorials advice placing files directly in /etc/openvpn/ and init/systemd scripts also pick config files from there.



Chroot? But then, why 2?






vpn openvpn debian







share|improve this question





























    5















    Ubuntu/Debian OpenVPN package contains 2 mysterious directories:



    dpkg -L openvpn
    
...
    
/etc/openvpn/client
    
/etc/openvpn/server
    
...


    I'm wondering what is the purpose of those directories? All tutorials advice placing files directly in /etc/openvpn/ and init/systemd scripts also pick config files from there.



    Chroot? But then, why 2?






    vpn openvpn debian







    share|improve this question

























      5












      5








      5


      2






      Ubuntu/Debian OpenVPN package contains 2 mysterious directories:



      dpkg -L openvpn
      
...
      
/etc/openvpn/client
      
/etc/openvpn/server
      
...


      I'm wondering what is the purpose of those directories? All tutorials advice placing files directly in /etc/openvpn/ and init/systemd scripts also pick config files from there.



      Chroot? But then, why 2?






      vpn openvpn debian







      share|improve this question














      Ubuntu/Debian OpenVPN package contains 2 mysterious directories:



      dpkg -L openvpn
      
...
      
/etc/openvpn/client
      
/etc/openvpn/server
      
...


      I'm wondering what is the purpose of those directories? All tutorials advice placing files directly in /etc/openvpn/ and init/systemd scripts also pick config files from there.



      Chroot? But then, why 2?






      vpn openvpn debian




      vpn openvpn debian






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jun 21 '18 at 5:46









      ezaquariiezaquarii

      1335




      1335






















          2 Answers
          2






          active

          oldest

          votes


















          2














          In v2.4 they introduced new systemd service profiles tailored for client resp. server applications.




          As of OpenVPN v2.4, upstream is shipping systemd unit files to provide
          a fine grained control of each OpenVPN configuration as well as trying
          to restrict the capabilities the OpenVPN process have on a system.



          These new unit files separates between client and server profiles.
          The configuration files are kept in separate directories, to provide
          clarity of the profile they run under.



          Typically the client profile cannot bind to any ports below port 1024
          and the client configuration is always started with --nobind.




          source



          It remains backward compatible, i.e. you can still store your .conf file in /etc/openvpn.




          • If your configuration is in /etc/openvpn/MyVpn.conf,

            use systemctl start openvpn@MyVpn.service to start the service


          • If your configuration is in /etc/openvpn/client/MyVpn.conf,

            use systemctl start openvpn-client@MyVpn.service to start the service


          • If your configuration is in /etc/openvpn/server/MyVpn.conf,

            use systemctl start openvpn-server@MyVpn.service to start the service







          share|improve this answer

































            1














            I'm unable to post a comment above in response to 3dGrabber's answer since my reputation in this neck of the SE woods is too low. I wanted to point out a mistake in said answer for those who come via searching so they aren't left scratching their heads when this fails somewhat cryptically.



            systemctl start openvpn-client@MyVpn.service should be:



            systemctl start openvpn-client@MyVpn



            and



            systemctl start openvpn-server@MyVpn.service should be:



            systemctl start openvpn-server@MyVpn



            The .service suffix was likely mistaken from the file that's created upon systemctl enable ...






            share|improve this answer


























              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "89"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: true,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: 10,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });














              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1048429%2fwhat-is-the-purpose-of-openvpns-etc-openvpn-client-server-directories%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              2 Answers
              2






              active

              oldest

              votes








              2 Answers
              2






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              2














              In v2.4 they introduced new systemd service profiles tailored for client resp. server applications.




              As of OpenVPN v2.4, upstream is shipping systemd unit files to provide
              a fine grained control of each OpenVPN configuration as well as trying
              to restrict the capabilities the OpenVPN process have on a system.



              These new unit files separates between client and server profiles.
              The configuration files are kept in separate directories, to provide
              clarity of the profile they run under.



              Typically the client profile cannot bind to any ports below port 1024
              and the client configuration is always started with --nobind.




              source



              It remains backward compatible, i.e. you can still store your .conf file in /etc/openvpn.




              • If your configuration is in /etc/openvpn/MyVpn.conf,

                use systemctl start openvpn@MyVpn.service to start the service


              • If your configuration is in /etc/openvpn/client/MyVpn.conf,

                use systemctl start openvpn-client@MyVpn.service to start the service


              • If your configuration is in /etc/openvpn/server/MyVpn.conf,

                use systemctl start openvpn-server@MyVpn.service to start the service







              share|improve this answer






























                2














                In v2.4 they introduced new systemd service profiles tailored for client resp. server applications.




                As of OpenVPN v2.4, upstream is shipping systemd unit files to provide
                a fine grained control of each OpenVPN configuration as well as trying
                to restrict the capabilities the OpenVPN process have on a system.



                These new unit files separates between client and server profiles.
                The configuration files are kept in separate directories, to provide
                clarity of the profile they run under.



                Typically the client profile cannot bind to any ports below port 1024
                and the client configuration is always started with --nobind.




                source



                It remains backward compatible, i.e. you can still store your .conf file in /etc/openvpn.




                • If your configuration is in /etc/openvpn/MyVpn.conf,

                  use systemctl start openvpn@MyVpn.service to start the service


                • If your configuration is in /etc/openvpn/client/MyVpn.conf,

                  use systemctl start openvpn-client@MyVpn.service to start the service


                • If your configuration is in /etc/openvpn/server/MyVpn.conf,

                  use systemctl start openvpn-server@MyVpn.service to start the service







                share|improve this answer




























                  2












                  2








                  2







                  In v2.4 they introduced new systemd service profiles tailored for client resp. server applications.




                  As of OpenVPN v2.4, upstream is shipping systemd unit files to provide
                  a fine grained control of each OpenVPN configuration as well as trying
                  to restrict the capabilities the OpenVPN process have on a system.



                  These new unit files separates between client and server profiles.
                  The configuration files are kept in separate directories, to provide
                  clarity of the profile they run under.



                  Typically the client profile cannot bind to any ports below port 1024
                  and the client configuration is always started with --nobind.




                  source



                  It remains backward compatible, i.e. you can still store your .conf file in /etc/openvpn.




                  • If your configuration is in /etc/openvpn/MyVpn.conf,

                    use systemctl start openvpn@MyVpn.service to start the service


                  • If your configuration is in /etc/openvpn/client/MyVpn.conf,

                    use systemctl start openvpn-client@MyVpn.service to start the service


                  • If your configuration is in /etc/openvpn/server/MyVpn.conf,

                    use systemctl start openvpn-server@MyVpn.service to start the service







                  share|improve this answer















                  In v2.4 they introduced new systemd service profiles tailored for client resp. server applications.




                  As of OpenVPN v2.4, upstream is shipping systemd unit files to provide
                  a fine grained control of each OpenVPN configuration as well as trying
                  to restrict the capabilities the OpenVPN process have on a system.



                  These new unit files separates between client and server profiles.
                  The configuration files are kept in separate directories, to provide
                  clarity of the profile they run under.



                  Typically the client profile cannot bind to any ports below port 1024
                  and the client configuration is always started with --nobind.




                  source



                  It remains backward compatible, i.e. you can still store your .conf file in /etc/openvpn.




                  • If your configuration is in /etc/openvpn/MyVpn.conf,

                    use systemctl start openvpn@MyVpn.service to start the service


                  • If your configuration is in /etc/openvpn/client/MyVpn.conf,

                    use systemctl start openvpn-client@MyVpn.service to start the service


                  • If your configuration is in /etc/openvpn/server/MyVpn.conf,

                    use systemctl start openvpn-server@MyVpn.service to start the service








                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited Oct 23 '18 at 13:58

























                  answered Oct 23 '18 at 13:47









                  3dGrabber3dGrabber

                  1365




                  1365

























                      1














                      I'm unable to post a comment above in response to 3dGrabber's answer since my reputation in this neck of the SE woods is too low. I wanted to point out a mistake in said answer for those who come via searching so they aren't left scratching their heads when this fails somewhat cryptically.



                      systemctl start openvpn-client@MyVpn.service should be:



                      systemctl start openvpn-client@MyVpn



                      and



                      systemctl start openvpn-server@MyVpn.service should be:



                      systemctl start openvpn-server@MyVpn



                      The .service suffix was likely mistaken from the file that's created upon systemctl enable ...






                      share|improve this answer






























                        1














                        I'm unable to post a comment above in response to 3dGrabber's answer since my reputation in this neck of the SE woods is too low. I wanted to point out a mistake in said answer for those who come via searching so they aren't left scratching their heads when this fails somewhat cryptically.



                        systemctl start openvpn-client@MyVpn.service should be:



                        systemctl start openvpn-client@MyVpn



                        and



                        systemctl start openvpn-server@MyVpn.service should be:



                        systemctl start openvpn-server@MyVpn



                        The .service suffix was likely mistaken from the file that's created upon systemctl enable ...






                        share|improve this answer




























                          1












                          1








                          1







                          I'm unable to post a comment above in response to 3dGrabber's answer since my reputation in this neck of the SE woods is too low. I wanted to point out a mistake in said answer for those who come via searching so they aren't left scratching their heads when this fails somewhat cryptically.



                          systemctl start openvpn-client@MyVpn.service should be:



                          systemctl start openvpn-client@MyVpn



                          and



                          systemctl start openvpn-server@MyVpn.service should be:



                          systemctl start openvpn-server@MyVpn



                          The .service suffix was likely mistaken from the file that's created upon systemctl enable ...






                          share|improve this answer















                          I'm unable to post a comment above in response to 3dGrabber's answer since my reputation in this neck of the SE woods is too low. I wanted to point out a mistake in said answer for those who come via searching so they aren't left scratching their heads when this fails somewhat cryptically.



                          systemctl start openvpn-client@MyVpn.service should be:



                          systemctl start openvpn-client@MyVpn



                          and



                          systemctl start openvpn-server@MyVpn.service should be:



                          systemctl start openvpn-server@MyVpn



                          The .service suffix was likely mistaken from the file that's created upon systemctl enable ...







                          share|improve this answer














                          share|improve this answer



                          share|improve this answer








                          edited Feb 20 at 4:51

























                          answered Feb 20 at 1:45









                          szrszr

                          112




                          112






























                              draft saved

                              draft discarded




















































                              Thanks for contributing an answer to Ask Ubuntu!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1048429%2fwhat-is-the-purpose-of-openvpns-etc-openvpn-client-server-directories%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              -

                              Popular posts from this blog

                              How to change which sound is reproduced for terminal bell?

                              Image
                              3 Recently upgrade to 18.10 from 18.04, and using the terminal is becoming annoying: the new alert sound is a drip ( /usr/share/sounds/gnome/default/alerts/drip.ogg ), and the previous one is still located at ( /usr/share/sounds/ubuntu/stereo/bell.ogg ). My issue is that at the gnome-terminal, when autocompleting or pressing left BOTH sounds are reproduced, at the same time. I want to just have ubuntu/stereo/bell.ogg active, not both . At the moment I have been only able to reduce the volume of the alerts (but still both are played), or turn the alerts down (but I dislike both "solutions"). gnome-terminal 18.10 teminal-bell share | improve this question
                              Read more

                              Can I use Tabulator js library in my java Spring + Thymeleaf project?

                              Image
                              0 I want to add Tabulator js to my java project. I added tabulator.min.js, tabulator.min.css to resources folder. After that added to my html page these dependencies as recommending in readme.md. <link rel="stylesheet" th:href="@{/css/tabulator.min.css}"> <script type="text/javascript" th:src="@{/js/tabulator.min.js}"></script> Now my tables view all elements, that I have in the html page, but not correct. In the documentation of Tabulator is example how to create header and table, var table = new Tabulator("#example-table", { columns:[ {title:"Name", field:"name", sorter:"string", width:200, editor:true}, {title:"Age", field:"age", sorter:"
                              Read more

                              Title Spacing in Bjornstrup Chapter, Removing Chapter Number From Contents

                              Image
                              up vote 5 down vote favorite 2 I would like to make it so that the vertical space below the title of each chapter is the same when using the Bjornstrup package (i.e. so that the descenders do not affect the spacing - as shown by the red arrow in the picture below). I think I'm fairly happy with the spacing around "A chapter", so I'd really like titles without descenders (e.g. "Contents") to have the same vertical spacing as "A chapter" below the title. I would also like to remove the large "0" in the contents title. Any help appreciated, as always. documentclass[11pt,a4paper]{book} % Packages[![enter image description here][1]][1] usepackage[left=3.5cm, right=3.5cm, top=4.3cm, bottom=4.25cm]{geometry} usepackage[utf8]{inputenc} usepackage{libertine} usepackage[libertine]{newtx
                              Read more