diff options
| author | Gert Doering <gert@greenie.muc.de> | 2014-01-11 12:50:36 +0100 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2014-01-12 15:33:50 +0100 |
| commit | b238a1f2d4b2cdcfc844689b33fd3ac43ed31c1c (patch) | |
| tree | 226f42d4b3725b7ead186bdac683ef7a99722fcb /doc | |
| parent | 432ca2b8f15e4bb4d6fcf72b4b48b1a371247e7b (diff) | |
| download | openvpn-b238a1f2d4b2cdcfc844689b33fd3ac43ed31c1c.tar.gz openvpn-b238a1f2d4b2cdcfc844689b33fd3ac43ed31c1c.tar.xz openvpn-b238a1f2d4b2cdcfc844689b33fd3ac43ed31c1c.zip | |
Document issue with --chroot, /dev/urandom and PolarSSL.
See trac#218
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1389441036-12538-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8213
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/openvpn.8 | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/openvpn.8 b/doc/openvpn.8 index 7736c63..f694080 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -2097,6 +2097,16 @@ In many cases, the parameter can point to an empty directory, however complications can result when scripts or restarts are executed after the chroot operation. + +Note: if OpenVPN is built using the PolarSSL SSL +library, +.B \-\-chroot +will only work if a /dev/urandom device node is available +inside the chroot directory +.B dir. +This is due to the way PolarSSL works (it wants to open +/dev/urandom every time randomness is needed, not just once +at startup) and nothing OpenVPN can influence. .\"********************************************************* .TP .B \-\-setcon context |