Hey. I have two scenarios where I'm not quite sure whether I understand things correctly. 1) I'd like to start a firewall service *before* networking is brought up. My understanding was hat this would best be done in the firewall.service unit by e.g. [Unit] Before=network-pre.target [Install] RequiredBy=network-pre.target network-online.target is After= network.target is After=, which is After= network-pre.target, thus when the firewall is Before= that, it should be secured that it runs first, right? And to ensure that the firewall service is started at all, the RequiredBy. But then, what does even start network-pre.target? It doesn't seem to be Wanted= or Required= by e.g. network.target, firewalld.service seems to use: [Unit] Before=network-pre.target Wants=network-pre.target which causes network-pre.target to be started (if it's starte itself), but feels a bit strange. I'd rather have expected that something (e.g. NetworkManager) pulls in, network-online.target, that network.target and that network-pre.target. But in any case, the idea is that firewall services should run Before= network-pre.target, right? 1a) Is it easy possible to prevent the network from being brought up altogether, when the firewall service fails (e.g. because of a typo in the rules)? I'd have hope to get that done with the: [Install] RequiredBy=network-pre.target in the firewall service unit, but since e.g.: NetworkManager.service only: [Unit] Wants=network.target After=network-pre.target dbus.service Before=network.target which doesn't even Want= (or Require= network-pre.target), neither would network.target ... that probably doesn't work. Same goes for systemd-networkd.service or Debian ifupdown's networking.service. All "only" Want= network.target and have only After= network-pre.target. I guess the simplest way to get that behaviour would be to add either: - a foo.requires/firewall.service for foo being everything that brings up the network - or a RequiredBy=NetworkManager.service ... in firewall.service ? But the downside with that is, that one really needs to maintain the list. 2) Hibernation. AFAIU, when I do systemctl hibernate, it will start hibernate.target which is Requires=/After= systemd-hibernate.service, which causes the actual hibernation. That could mean - if the hibernation would work immediately - that hibernate.target is only reached "after" the hibernation has happened, right? But my main question here is: What would I need to do, if I want to make sure that something happen only when I hibernate, but then *before* that. (The idea is, that I want to /proc/sys/vm/drop_caches to hibernate faster.) My first naive assumption would have been that I need to do: [Unit] Before=hibernate.target [Service] Type=oneshot ExecStart=sync ExecStart=@sh %n:sh -c 'printf 1 >/proc/sys/vm/drop_caches' [Install] WantedBy=hibernate.target in my drop caches service. But if hibernate.target is only reached **After=** systemd-hibernate.service finishes this means that the latter could still happen before my clean up, right? So I really need to do Before= systemd-hibernate.service? Or can I do this somehow with a dependency on hibernate.target? I guess I kinda don't understand why hibernate.target after systemd-hibernate.service ... doesn't that mean that one has already resumed again? Thanks, Philippe.
.target dependency ordering
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: .target dependency ordering
- From: Philippe Cerfon <philcerf@xxxxxxxxx>
- Date: Sun, 16 Mar 2025 20:32:45 +0100
- Follow-Ups:
- Re: .target dependency ordering
- From: Demi Marie Obenour
- Re: .target dependency ordering
- Prev by Date: Re: Please help me fix the fluidsynth.service file
- Next by Date: StopWhenUnneeded=yes/PropagatesStopTo= unless unit was started manually
- Previous by thread: Escaping path in run0 option argument
- Next by thread: Re: .target dependency ordering
- Index(es):
 |