3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-25 17:59:25 +01:00
iwd/wired/ead.service.in
Alvin Šipraga e03b1e263d build: add After=network-pre.target to service files
systemd specifies a special passive target unit 'network-pre.target'
which may be pulled in by services that want to run before any network
interface is brought up or configured. Correspondingly, network
management services such as iwd and ead should specify
After=network-pre.target to ensure a proper ordering with respect to
this special target. For more information on network-pre.target, see
systemd.special(7).

Two examples to explain the rationale of this change:

1. On one of our embedded systems running iwd, a oneshot service is
   run on startup to configure - among other things - the MAC address of
   the wireless network interface based on some data in an EEPROM.
   Following the systemd documentation, the oneshot service specifies:

        Before=network-pre.target
        Wants=network-pre.target

   ... to ensure that it is run before any network management software
   starts. In practice, before this change, iwd was starting up and
   connecting to an AP before the service had finished. iwd would then
   get kicked off by the AP when the MAC address got changed. By
   specifying After=network-pre.target, systemd will take care to avoid
   this situation.

2. An administrator may wish to use network-pre.target to ensure
   firewall rules are applied before any network management software is
   started. This use-case is described in the systemd documentation[1].
   Since iwd can be used for IP configuration, it should also respect
   the After=network-pre.target convention.

Note that network-pre.target is a passive unit that is only pulled in if
another unit specifies e.g. Wants=network-pre.target. If no such unit
exists, this change will have no effect on the order in which systemd
starts iwd or ead.

[1] https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
2021-01-22 14:17:16 -06:00

28 lines
526 B
SYSTEMD

[Unit]
Description=Ethernet service
After=network-pre.target
Before=network.target
Wants=network.target
[Service]
Type=dbus
BusName=net.connman.ead
ExecStart=@libexecdir@/ead
NotifyAccess=main
LimitNPROC=1
Restart=on-failure
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
PrivateTmp=true
NoNewPrivileges=true
PrivateDevices=true
ProtectHome=yes
ProtectSystem=strict
ProtectControlGroups=yes
ProtectKernelModules=yes
ConfigurationDirectory=ead
StateDirectory=ead
StateDirectoryMode=0700
[Install]
WantedBy=multi-user.target