Comment 8 for bug 1868127

After a discussion with a colleague I think we should leave it as is in the supported/stable releases (I already fixed it in Groovy, it should land in the archive soon). The rationale is: even if the reload command fails the service keeps active and running, the proposed solutions would not fix the problem but would hide it from users. Adding the CAP_KILL capability or the '+' prefix would allow the service to send the SIGHUP signal and make 'systemctl reload openvpn@<server>' return 0, however, it would still face some permission denied errors, making the reload fails silently. In short, with or without the proposed fixes the reload process will not succeed.