The stunnel package doesn't come with an init script and systemctl doesn't list it as a service I recognize, I guess I could put it in /etc/rd.d/rc.local or create a script in /etc/rc.d/init.d but thought I'd ask before creating my own solution.
Confidentiality Notice | This email and any included attachments may be privileged, confidential and/or otherwise protected from disclosure. Access to this email by anyone other than the intended recipient is unauthorized. If you believe you have received this email in error, please contact the sender immediately and delete all copies. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
On Tue, Dec 22, 2015 at 12:09:14PM -0600, Leroy Tennison wrote:
The stunnel package doesn't come with an init script and systemctl doesn't list it as a service I recognize, I guess I could put it in /etc/rd.d/rc.local or create a script in /etc/rc.d/init.d but thought I'd ask before creating my own solution.
stunnel wraps a plaintext service in an SSL session. Why would you expect it to have a service installed by default? What would it wrap?
Confidentiality Notice | This email and any included attachments may be privileged, confidential and/or otherwise protected from disclosure. Access to this email by anyone other than the intended recipient is unauthorized. If you believe you have received this email in error, please contact the sender immediately and delete all copies. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Awww.... there goes my plans to print out your email and hand it out to people in the subway...
On my CenOS7 system with stunnel from base
stunnel-4.56-4.el7.x86_64
there's a systemd service file
/etc/systemd/system/stunnel.service
try
sudo systemctl enable stunnel.service
Hope this helps,
K al
On 23 December 2015 at 05:38, Kahlil Hodgson kahlil.hodgson@dealmax.com.au wrote:
On my CenOS7 system with stunnel from base
stunnel-4.56-4.el7.x86_64there's a systemd service file
/etc/systemd/system/stunnel.servicetry
sudo systemctl enable stunnel.service
Packaged unit files are in /usr/lib/systemd/system ... someone put that there as a local configuration (rpm -qf /path/to/file to it to verify)
Of course this is what the OP should do too ... a very simple unit file that matches his needs...
cat > /etc/systemd/system/stunnel.service <<EOF [Unit] Description=My stunnel
[Service] ExecStart=/usr/bin/stunnel /etc/stunnel/myconf.conf
[Install] WantedBy=multi-user.target EOF
In the config file set foreground to yes ....
For a more advanced setup use a template like:
cat > /etc/systemd/stunnel@.service <<<EOF [Unit] Description=Stunnel config for %i
[Service] ExecStart=/usr/bin/stunnel /etc/stunnel/%i.conf
[Install] WantedBy=multi-user.target EOF
Don't forget to systemctl daemon-reload after adding one of these...
Using the template method you'd enable it with the name of the config file of interest ... remember to have foreground=yes ...
Given the config /etc/stunnel/snowflake.conf ...
systemctl enable stunnel@snowflake.service
systemctl start stunnel@snowflake.service
Hmmm, you obviously know a lot more about systemd than I do, I'm going to have to look at what you posted more carefully. Thanks.
----- Original Message ----- From: "James Hogarth" james.hogarth@gmail.com To: "CentOS mailing list" centos@centos.org Sent: Wednesday, December 23, 2015 4:08:31 AM Subject: Re: [CentOS] Starting stunnel on boot with CentOS7
On 23 December 2015 at 05:38, Kahlil Hodgson kahlil.hodgson@dealmax.com.au wrote:
On my CenOS7 system with stunnel from base
stunnel-4.56-4.el7.x86_64there's a systemd service file
/etc/systemd/system/stunnel.servicetry
sudo systemctl enable stunnel.service
Packaged unit files are in /usr/lib/systemd/system ... someone put that there as a local configuration (rpm -qf /path/to/file to it to verify)
Of course this is what the OP should do too ... a very simple unit file that matches his needs...
cat > /etc/systemd/system/stunnel.service <<EOF [Unit] Description=My stunnel
[Service] ExecStart=/usr/bin/stunnel /etc/stunnel/myconf.conf
[Install] WantedBy=multi-user.target EOF
In the config file set foreground to yes ....
For a more advanced setup use a template like:
cat > /etc/systemd/stunnel@.service <<<EOF [Unit] Description=Stunnel config for %i
[Service] ExecStart=/usr/bin/stunnel /etc/stunnel/%i.conf
[Install] WantedBy=multi-user.target EOF
Don't forget to systemctl daemon-reload after adding one of these...
Using the template method you'd enable it with the name of the config file of interest ... remember to have foreground=yes ...
Given the config /etc/stunnel/snowflake.conf ...
systemctl enable stunnel@snowflake.service
systemctl start stunnel@snowflake.service _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Confidentiality Notice | This email and any included attachments may be privileged, confidential and/or otherwise protected from disclosure. Access to this email by anyone other than the intended recipient is unauthorized. If you believe you have received this email in error, please contact the sender immediately and delete all copies. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Apologies. My bad. The service file was copied across from F22.
# Service file from Fedora 22
[Unit] Description=SSL tunnel for network daemons After=syslog.target network.target
[Service] ExecStart=/usr/bin/stunnel Type=forking PrivateTmp=true
[Install] WantedBy=multi-user.target
Thank you for your reply. I must be "the king of weird":
rpm -qa | grep stunnel returns stunnel-4.56-4.el7.x86_64
rpm -ql stunnel returns (nothing in /etc/ststemd, of course, it could be a script)
/etc/stunnel /usr/bin/stunnel /usr/lib64/stunnel /usr/lib64/stunnel/libstunnel.so /usr/share/doc/stunnel-4.56 /usr/share/doc/stunnel-4.56/AUTHORS /usr/share/doc/stunnel-4.56/BUGS /usr/share/doc/stunnel-4.56/COPYING /usr/share/doc/stunnel-4.56/COPYRIGHT.GPL /usr/share/doc/stunnel-4.56/CREDITS /usr/share/doc/stunnel-4.56/Certificate-Creation /usr/share/doc/stunnel-4.56/ChangeLog /usr/share/doc/stunnel-4.56/PORTS /usr/share/doc/stunnel-4.56/README /usr/share/doc/stunnel-4.56/TODO /usr/share/doc/stunnel-4.56/VNC_StunnelHOWTO.html /usr/share/doc/stunnel-4.56/faq.stunnel-2.html /usr/share/doc/stunnel-4.56/pop3-redirect.xinetd /usr/share/doc/stunnel-4.56/sfinger.xinetd /usr/share/doc/stunnel-4.56/stunnel-pop3s-client.conf /usr/share/doc/stunnel-4.56/stunnel-sfinger.conf /usr/share/doc/stunnel-4.56/stunnel.conf-sample /usr/share/doc/stunnel-4.56/tworzenie_certyfikatow.html /usr/share/man/fr/man8/stunnel.8.gz /usr/share/man/man8/stunnel.8.gz /usr/share/man/pl/man8/stunnel.8.gz
rpm -q --scripts stunnel returns nothing, I haven't ever used this before so I may have done it wrong.
Anyway, there is no /etc/systemd/system/stunnel.service on the system.
This isn't the first time I've encountered anomalous behavior so I guess I'm just "lucky". I have no idea which repo I pulled it from but I'm not using exotic ones.
----- Original Message ----- From: "Kahlil Hodgson" kahlil.hodgson@dealmax.com.au To: "CentOS mailing list" centos@centos.org Sent: Tuesday, December 22, 2015 11:38:46 PM Subject: Re: [CentOS] Starting stunnel on boot with CentOS7
On my CenOS7 system with stunnel from base
stunnel-4.56-4.el7.x86_64
there's a systemd service file
/etc/systemd/system/stunnel.service
try
sudo systemctl enable stunnel.service
Hope this helps,
K al _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Confidentiality Notice | This email and any included attachments may be privileged, confidential and/or otherwise protected from disclosure. Access to this email by anyone other than the intended recipient is unauthorized. If you believe you have received this email in error, please contact the sender immediately and delete all copies. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
-
James Hogarth -
Jonathan Billings -
Kahlil Hodgson -
Leroy Tennison