From 5824365ebc9bd59072991a809066d9949fc09e0d Mon Sep 17 00:00:00 2001
From: jtbr <jtbriggs@gmail.com>
Date: Sat, 7 May 2016 22:58:18 +0200
Subject: [PATCH] support either nogroup or nobody for permissionless group

---
 openvpn-install.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 1222024..7761112 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -253,6 +253,12 @@ else
 		yum install epel-release -y
 		yum install openvpn iptables openssl wget ca-certificates curl -y
 	fi
+	# find out if the machine uses nogroup or nobody for the permissionless group
+	if grep -qs "^nogroup:" /etc/group; then
+	        NOGROUP=nogroup
+	else
+        	NOGROUP=nobody
+	fi
 	
 	# An old version of easy-rsa was available by default in some openvpn packages
 	if [[ -d /etc/openvpn/easy-rsa/ ]]; then
@@ -300,7 +306,7 @@ cert server.crt
 key server.key
 dh dh.pem
 user nobody
-group nogroup
+group $NOGROUP
 topology subnet
 server 10.8.0.0 255.255.255.0
 ifconfig-pool-persist ipp.txt