summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorGert Doering <gert@greenie.muc.de>2014-01-11 12:50:36 +0100
committerGert Doering <gert@greenie.muc.de>2014-01-12 15:34:29 +0100
commit2600680ec2fd3cc27d7222154a637995fd90330f (patch)
treedaee2a991ffb81ff6c8dfee59881fd24bdd270c0 /doc
parentc1b35689964f6910c1ea239618d42ee5e552c405 (diff)
downloadopenvpn-2600680ec2fd3cc27d7222154a637995fd90330f.tar.gz
openvpn-2600680ec2fd3cc27d7222154a637995fd90330f.tar.xz
openvpn-2600680ec2fd3cc27d7222154a637995fd90330f.zip
Document issue with --chroot, /dev/urandom and PolarSSL.
See trac#218 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1389441036-12538-1-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/8213 (cherry picked from commit b238a1f2d4b2cdcfc844689b33fd3ac43ed31c1c)
Diffstat (limited to 'doc')
-rw-r--r--doc/openvpn.810
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index 17ea220..e7cff77 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -2082,6 +2082,16 @@ In many cases, the
parameter can point to an empty directory, however
complications can result when scripts or restarts
are executed after the chroot operation.
+
+Note: if OpenVPN is built using the PolarSSL SSL
+library,
+.B \-\-chroot
+will only work if a /dev/urandom device node is available
+inside the chroot directory
+.B dir.
+This is due to the way PolarSSL works (it wants to open
+/dev/urandom every time randomness is needed, not just once
+at startup) and nothing OpenVPN can influence.
.\"*********************************************************
.TP
.B \-\-setcon context
generated by cgit (git 2.34.1) at 2024-06-13 07:54:40 +0000