Re: [Shorewall-users] SW 4.6.4+' systemd service files' Before=/After= dependency on 'network.target' -- should that be 'network-pre.target' and 'network-online.target'?

[PGNd]

On Thu, Oct 9, 2014, at 12:43 AM, Bruno Friedmann wrote:
> but really take care of one thing, the online documentation is linked to the 
> last available systemd version 
> which is often far in advance to version available in distribution.
> 
> for example last stable 13.1 openSUSE contain systemd version 208
> when future 13.2 / Factory will have version 210 ( which is already 7 months 
> old)
> and last release is version 216 from August.

Good point/catch.

Here, with

        rpm -qa | grep -i systemd-2
                systemd-210-860.1.x86_64

        systemctl list-unit-files | grep network
                network.service                        enabled 
                network@.service                       static  
                network-online.target                  static  
                network.target                         static  

and

        systemctl status network-pre.target
                network-pre.target
                Loaded: not-found (Reason: No such file or directory)
                Active: inactive (dead)

checking @ http://cgit.freedesktop.org/systemd/systemd/tree/NEWS

        network-pre changelog
                CHANGES WITH 214:
                        * A new passive target unit "network-pre.target" has 
been added which is useful for services that shall run before any network is 
configured, for example firewall scripts.

so, unfortunately, use of network-pre.target appears premature in some cases.

network-online.target looks fine.

Since network-pre *is* appropriate for use in this case -- if/when available -- 
possibly adding conditional detection on its existence in the SW installer, is 
one option.

Another, is providing a fallback

  Before=network.target network-ore.target
  Wants=network.target network-pre.target

I _think_ that should fail gracefully in the case of no available network-pre 
... but I am not at all sure of the effects under systemd.

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users