On Thu, Oct 9, 2014, at 06:27 AM, Bruno Friedmann wrote:
> > Another, is providing a fallback
> >
> > Before=network.target network-ore.target
> > Wants=network.target network-pre.target
> >
> > I _think_ that should fail gracefully in the case of no available
> > network-pre ... but I am not at all sure of the effects under systemd.
>
> Well Before and After are not mandatory, so if doesn't exist simply continue
> the job
> Requires (Want too?) are mandatory so if not there systemd will just fail ->
> mean going to rescue console
> which is the worse case for a remote connected system :-)
Asking @ #systemd
Q:
Deploying a unit file for firewall, I'd like to use
"Before=network-pre.target; Wants=network-pre.target" as discussed on the ML.
the -pre target is not available until systemd v=214. Some current distro(s)
are, and will be for awhile, at v < 214 (e.g., openSUSE v13.2 @ systemd v =
210).
Can a unit file be safely deployed *now* to fallback to
network.target in the absence of network-pre.target? I.e., is this
safe/workable "Before=network.target network-pre.target; Wants=network.target
network-pre.target" ?
A:
if you are deploying it anyway, just deploy the network-pre
target
...
just deploy the changes that added network-pre target
since its basically just modifying unit files
The systemd commit that adds network-pre.target is found @
http://lists.freedesktop.org/archives/systemd-commits/2014-June/006332.html
Having a SW install apply that systemd patch is a bad idea, as is expecting the
user to do so.
Asking further,
Q:
In the case that one does NOT patch the existing systemd, does
systemd safely, and preferably quietly, fail in the presence of a missing
Before=/Wants= dependency?
A:
no idea, i would guess that if dont have the unit specified in
Wants=, the service in question will simply not run
Q:
that'd be true for mandatory Requires= ... but not for optional
Wants= (?)
A:
true
I can't yet find an *authoritative* answer for how systemd fails by design if a
specific Before=/Wnats= dependency is non-existent. It *sounds* like it should
fail more-or-less gracefully. If so,
Before=network.target network-pre.target
Wants=network.target network-pre.target
should be a safe approach -- for both current and future systemd versions.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
