OpenVPN/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2025-05-08 21:25:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix tmp-dir documentation

Browse Source 
Mention its default (on non-Windows systems), rephrase for brevity, fix
grammar, correct the module environment variable name and remove a wrong
default mentioned in a related option.
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20250426121903.67930-1-kn@openbsd.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31514.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 9ecaf2400a7b399166c0698c30d413b91cd4f534)
This commit is contained in:
Klemens Nanni 2025-04-26 15:19:03 +03:00 committed by Gert Doering
parent 3d25fbe189
commit 6ca0fb4a09
2 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/man-sections/generic-options.rst
View File

@ -465,12 +465,11 @@ which mode OpenVPN is configured as.
independently of network and tunnel issues. independently of network and tunnel issues.
--tmp-dir dir --tmp-dir dir
Specify a directory ``dir`` for temporary files. This directory will be Specify a directory ``dir`` for temporary files instead of the default
used by openvpn processes and script to communicate temporary data with :code:`TMPDIR` (or "/tmp" if unset). Note that it must be writable by the main
openvpn main process. Note that the directory must be writable by the process after it has dropped root privileges.
OpenVPN process after it has dropped it's root privileges.
This directory will be used by in the following cases: This directory will be used to communicate with scripts and plugins:
* ``--client-connect`` scripts and :code:`OPENVPN_PLUGIN_CLIENT_CONNECT` * ``--client-connect`` scripts and :code:`OPENVPN_PLUGIN_CLIENT_CONNECT`
plug-in hook to dynamically generate client-specific configuration plug-in hook to dynamically generate client-specific configuration
@ -480,7 +479,7 @@ which mode OpenVPN is configured as.
* :code:`OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY` plug-in hooks returns * :code:`OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY` plug-in hooks returns
success/failure via :code:`auth_control_file` when using deferred auth success/failure via :code:`auth_control_file` when using deferred auth
method and pending authentication via :code:`pending_auth_file`. method and pending authentication via :code:`auth_pending_file`.
--use-prediction-resistance --use-prediction-resistance
Enable prediction resistance on mbed TLS's RNG. Enable prediction resistance on mbed TLS's RNG.

8
doc/man-sections/script-options.rst
View File

@ -87,11 +87,9 @@ SCRIPT HOOKS
and password to the first two lines of a temporary file. The filename and password to the first two lines of a temporary file. The filename
will be passed as an argument to ``cmd``, and the file will be will be passed as an argument to ``cmd``, and the file will be
automatically deleted by OpenVPN after the script returns. The location automatically deleted by OpenVPN after the script returns. The location
of the temporary file is controlled by the ``--tmp-dir`` option, and of the temporary file is controlled by the ``--tmp-dir`` option. For security,
will default to the current directory if unspecified. For security, consider setting it to a volatile storage medium such as :code:`/dev/shm` (if
consider setting ``--tmp-dir`` to a volatile storage medium such as available) to prevent the username/password file from touching the hard drive.
:code:`/dev/shm` (if available) to prevent the username/password file
from touching the hard drive.
The script should examine the username and password, returning a success The script should examine the username and password, returning a success
exit code (:code:`0`) if the client's authentication request is to be exit code (:code:`0`) if the client's authentication request is to be