Isolate systemd target if service fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi,

I just set up a custom systemd target on my laptop for the first time using
[1] to split out services that I don't want running if I'm on a public wifi.
I configured things so that by default, I boot into a custom 'home.target'
which starts everything up, and then if I'm on an untrusted network I can
`systemctl isolate multi-user` to bring down httpd, mysqld, sshd, and
anything
else I'd rather not have listening to outside traffic.

Usually under those circumstances, my SSID wouldn't be available and
netctl@homewifi.service would have failed, so in an effort to automate the
process I added the following to the netctl service file and did `systemctl
--system daemon-reload` to read in the changes.

OnFailure=multi-user.target
OnFailureIsolate=true

The end result is that if systemd is unable to start
netctl@homewifi.service, it will isolate the multi-user target, thus
shutting
down httpd, mysqld, sshd, and other services belonging to home.target.

I'm just posting this because the solution wasn't obvious and a google
search
for the terms in the subject of this email didn't turn up anything about
OnFailure and OnFailureIsolate. Hopefully the info will be useful to someone
else.

I also wouldn't mind feedback on this setup. Is what I'm doing sane? Could
it be done better? My full home.target and netctl@homewifi.service are
linked
below [2].

[1] https://wiki.archlinux.org/index.php/systemd#Targets
[2] https://gist.github.com/DMBuce/6390806

-Buce


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux