The init script isn't used anymore instead it is systemd. Therefore since Bionic the script security setting is at the systemd service:
--- a/debian/openvpn@.service +++ b/debian/openvpn@.service @@ -13,7 +13,7 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO Type=notify PrivateTmp=true WorkingDirectory=/etc/openvpn -ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid +ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid PIDFile=/run/openvpn/%i.pid KillMode=process ExecReload=/bin/kill -HUP $MAINPID
The init script isn't used anymore instead it is systemd.
Therefore since Bionic the script security setting is at the systemd service:
--- a/debian/ openvpn@ .service openvpn@ .service /community. openvpn. net/openvpn/ wiki/HOWTO ry=/etc/ openvpn /usr/sbin/ openvpn --daemon ovpn-%i --status /run/openvpn/ %i.status 10 --cd /etc/openvpn --config /etc/openvpn/ %i.conf --writepid /run/openvpn/%i.pid /usr/sbin/ openvpn --daemon ovpn-%i --status /run/openvpn/ %i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/ %i.conf --writepid /run/openvpn/%i.pid /run/openvpn/ %i.pid /bin/kill -HUP $MAINPID
+++ b/debian/
@@ -13,7 +13,7 @@ Documentation=https:/
Type=notify
PrivateTmp=true
WorkingDirecto
-ExecStart=
+ExecStart=
PIDFile=
KillMode=process
ExecReload=