-----BEGIN PGP SIGNED MESSAGE-----
On 02/08/12 23:17, Shang Wang wrote:
> 'stop') sudo killall -9 openvpn sudo rm /opt/client/openvpn.pid
Just a side-note to this section in your script. killall -9 is *very*
crude and brutal. This makes it impossible for openvpn to clean-up
after itself. -9 is the same as -KILL. -KILL should only be used in
emergency situations, where the process does not respond at all.
- -KILL means that the OS kernel is instructed to get rid of this process.
Normally it's better to not use -9 or -KILL, as the default behaviour
is -TERM. OpenVPN catches the SIGTERM request and will close down the
connection properly, run the configured "clean-up scripts", such as
- --down etc, etc.
Some distros ship such init scripts as you have prepared here, and the
most intelligent ones have a little loop like this: (this is pseudo
i = 0
while pidof openvpn > 0
if i < 12 then
killall -TERM openvpn
i = i +1
killall -KILL openvpn
# Avoid race conditions if the kernel needs time
# to complete this operation.
This way, it will try to let openvpn stop properly for 2 minutes (12 *
10 seconds) and be brutal if it doesn't stop within that timespan.
It's good to give openvpn some time to quit, as sometimes these
external 'clean-up scripts' may take some time to complete - esp. if
you're f.ex. unmounting remote file systems.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----