mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-11-02 10:09:23 +01:00
e03b1e263d
systemd specifies a special passive target unit 'network-pre.target' which may be pulled in by services that want to run before any network interface is brought up or configured. Correspondingly, network management services such as iwd and ead should specify After=network-pre.target to ensure a proper ordering with respect to this special target. For more information on network-pre.target, see systemd.special(7). Two examples to explain the rationale of this change: 1. On one of our embedded systems running iwd, a oneshot service is run on startup to configure - among other things - the MAC address of the wireless network interface based on some data in an EEPROM. Following the systemd documentation, the oneshot service specifies: Before=network-pre.target Wants=network-pre.target ... to ensure that it is run before any network management software starts. In practice, before this change, iwd was starting up and connecting to an AP before the service had finished. iwd would then get kicked off by the AP when the MAC address got changed. By specifying After=network-pre.target, systemd will take care to avoid this situation. 2. An administrator may wish to use network-pre.target to ensure firewall rules are applied before any network management software is started. This use-case is described in the systemd documentation[1]. Since iwd can be used for IP configuration, it should also respect the After=network-pre.target convention. Note that network-pre.target is a passive unit that is only pulled in if another unit specifies e.g. Wants=network-pre.target. If no such unit exists, this change will have no effect on the order in which systemd starts iwd or ead. [1] https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
28 lines
526 B
SYSTEMD
28 lines
526 B
SYSTEMD
[Unit]
|
|
Description=Ethernet service
|
|
After=network-pre.target
|
|
Before=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=dbus
|
|
BusName=net.connman.ead
|
|
ExecStart=@libexecdir@/ead
|
|
NotifyAccess=main
|
|
LimitNPROC=1
|
|
Restart=on-failure
|
|
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
|
|
PrivateTmp=true
|
|
NoNewPrivileges=true
|
|
PrivateDevices=true
|
|
ProtectHome=yes
|
|
ProtectSystem=strict
|
|
ProtectControlGroups=yes
|
|
ProtectKernelModules=yes
|
|
ConfigurationDirectory=ead
|
|
StateDirectory=ead
|
|
StateDirectoryMode=0700
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|