1

I've installed stunnel 4.5 on centos 7.6. 

sudo yum -y install stunnel

Now i want to stop-start-restart-status stunnel as a service on centos 7.6.
The command below does not work : 

systemctl start stunnel

How can i do that?

Take a look at this link = starting_stopping_restarting_stunnel :
The command 
stunnel /etc/stunnel/stunnel.conf

Works.
But the command 

kill `cat /var/run/stunnel/stunnel.pid`

Does not work.It tells :

cat: /var/run/stunnel/stunnel.pid: No such file or directory

Edit :
Here is stunnel.conf file that i've created in this path (/etc/stunnel/stunnel.conf). 

client = no
[squid]
accept  = 1800
connect = 127.0.0.1:8080
cert = /etc/stunnel/stunnel.pem

It works fine.

SilverLight
  • 256
  • 2
  • 6
  • 17
  • What are the contents of `/etc/stunnel/stunnel.conf` ? – thrig Feb 17 '19 at 22:54
  • I found solution here : https://serverfault.com/questions/833702/centos-with-selinux-systemd-and-stunnel and here : https://github.com/liuliang/centos-stunnel-systemd/blob/master/README.md – SilverLight Feb 18 '19 at 12:09

3 Answers3

2

I found solution here :
centos-with-selinux-systemd-and-stunnel
and here :
centos-stunnel-systemd

And here is stunnel.service changes for centos 7.6 : 
[Unit]
Description=SSL tunnel for network daemons
After=network.target
After=syslog.target

[Install]
WantedBy=multi-user.target
Alias=stunnel.target

[Service]
Type=forking
ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
ExecStop=/usr/bin/pkill stunnel

# Give up if ping don't get an answer
TimeoutSec=600

Restart=always
PrivateTmp=false

Now you can start-enable-stop stunnel as a service : 

sudo systemctl start stunnel.service
sudo systemctl enable stunnel.service
sudo systemctl stop stunnel.service
SilverLight
  • 256
  • 2
  • 6
  • 17
0

Install stunnel:

sudo yum install stunnel -y

Configure stunnel:

Create custom stunnel cfg in order to establish connection to some AWS Redis (just for example):

sudo touch /etc/stunnel/redis-cli.conf && echo "fips = no
setuid = root
setgid = root
pid = /var/run/stunnel.pid
debug = 7 
delay = yes
options = NO_SSLv2
options = NO_SSLv3
[redis-cli]
   client = yes
   accept = 127.0.0.1:6379
   connect = clustercfg.someredis.example.cache.amazonaws.com:6379" > /etc/stunnel/redis-cli.conf

Start stunnel:

sudo stunnel /etc/stunnel/redis-cli.conf

Check that stunnel work:

sudo netstat -tulnp | grep -i stunnel

Stop stunnel:

There are could be several of stunnel processes:

[root@someserver ~]# ps aux | grep stunnel | grep -v grep | awk '{print $2}'
13527
13528
13529
13530
13531
13532

The following bash-one-line loop could handle to kill them all:

if kill $(ps aux | grep stunnel | grep -v grep | awk '{print $2}'); then echo "Done"; else echo "No ps left"; fi

Remove stunnel:

sudo yum remove stunnel

*Provided instructions work for Amazon Linux 2 as well.

Almaz Gareev
  • 1
  • 1
  • "sudo stunnel /etc/stunnel/redis-cli.conf" for me it doesnt start it, just print content of file – fdrv Mar 07 '21 at 00:15
  • Pls check that u have created a proper configuration file on this path `/etc/stunnel/redis-cli.conf`. There real Redis endpoint and port required. It's explained in the "*Configure stunnel*" section above. – Almaz Gareev Apr 02 '21 at 08:32
-1

Check the /var/run/stunnel directory. There might be a /var/run/stunnel/pid file (as opposed to /var/run/stunnel/stunnel.pid). Or some other similar file. If there is - simply change your command to kill `cat /var/run/stunnel/pid` or something similar depending on the file name.

Daniel Atanasov
  • 114
  • 4