14

I'm trying to set up a new service (under Debian Jessie) that needs to set up some mounts where the network configuration is stored and thus this service must complete before networking.service starts.

I tried the following:

[Unit]
Description=mount/repair remaining filesystems (all persistent fs beyond "/")
#Before=network-pre.target
Before=networking.service

[Service]
Type=oneshot
ExecStart=/opt/intermodul-mounts/start.sh
TimeoutSec=0
RemainAfterExit=yes

[Install]
RequiredBy=networking.service

Using systemd-analyze plot I can see that my service starts, but networking.service starts about 3 seconds earlier:

enter image description here

Apparently my config is wrong, but I'm having a hard time finding the problem... Any help greatly appreciated..

Update

I currently solved it by changing the service config to start before local-fs.target instead of networking.service:

[Unit]
DefaultDependencies=no
Description=mount/repair remaining filesystems (all persistent fs beyond "/")
Before=local-fs.target

[Service]
Type=oneshot
ExecStart=/opt/intermodul-mounts/start.sh
TimeoutSec=0
RemainAfterExit=yes

[Install]
RequiredBy=local-fs.target

Still, I'd like to understand why my first configuration didn't work as expected...?

Rui F Ribeiro
  • 56,709
  • 26
  • 150
  • 232
Udo G
  • 1,123
  • Due to the way systemd works, the literal temporal order in which things run may not be significant. When networking comes up, is it successfully in accordance with the files in that directory? – Tom Hunt Sep 11 '15 at 15:14
  • I'm not sure I understood your question. Anyway, /etc/network/interfaces has references to ip-up scripts that reside in another partition. That partition is mounted by a complex script /opt/intermodul-mounts/start.sh that must be run before networking is being set up. Currently, the ip-up scripts effectively don't start because they are not accessible at boot time. Running service networking restart afterwards brings up all interfaces correctly. – Udo G Sep 11 '15 at 15:20
  • Possible duplicate: https://superuser.com/questions/1005742/how-to-run-script-before-the-network-configuration – Josip Rodin Jun 11 '17 at 19:02
  • I did that: Before=local-fs.target and RequiredBy=local-fs.target which leads to the system not booting anymore. I don't understand how this stupid system is supposed to work. Why is that a cyclic dependency? – Julian F. Weinert Oct 14 '22 at 03:04

4 Answers4

16

network-pre.target is a target that may be used to order services before any network interface is configured. It's primary purpose is for usage with firewall services that want to establish a firewall before any network interface is up. It's a passive unit: you cannot start it directly and it is not pulled in by the the network management service, but by the service that wants to run before it.

You want to use network-pre.target if you want to setup something before network starts

Services that want to be run before the network is configured should place Before=network-pre.target and also set Wants=network-pre.target to pull it in.

You should put these under [Unit] section:

Before=network-pre.target
Wants=network-pre.target

Reference

Alex Jones
  • 6,353
  • 1
    Hey @edwardtorvalds, I was doing exactly this for some network config setup, yet the unit appears never to run. The answer to systemctl is-enabled <unit> is always static. Of course, I cannot enable it because there is no WantedBy=. After all, what is it wanted by? This is something that does some setup before the network should load. – deitch Apr 18 '16 at 14:24
  • you can try wanted by = remote-fs.target or mount-fs.target. – Alex Jones Apr 20 '16 at 06:28
  • 3
    Thanks. I ended up doing Before=network-pre.target and Wants=network-pre.target and for the [Install] we did WantedBy=network.target. The last section forced it to be required by networking, the former put it in order. Was a pain, though – deitch Apr 20 '16 at 07:55
  • since you definitely have your head around systemd much better than I do, can you look at the other q I have? http://unix.stackexchange.com/questions/277783/how-does-systemd-activate-encrypted-swap-file-on-alternate-partition Still trying to figure out how to do it. – deitch Apr 20 '16 at 19:26
  • I am confused because I dont have experience with encrypted partition, if you can simply me please do so – Alex Jones Apr 21 '16 at 06:33
  • Ah, got it. Well, I am slowly managing to work it in. Think about it in a different way. Let's say I have an fstab entry that refers to a swap file, but I want a custom script to check and create the swapfile first if it doesn't exist. How would I override the generated fstab unit with a script that creates the file if it doesn't exist? – deitch Apr 21 '16 at 07:41
4

As done in Debian Jessie, the netfilter-persistent package (allowing to load iptables rules before the network is up) has a netfilter-persistent.service that looks like:

# https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
# based on the netfilter-persistent package
[Unit]
Description=netfilter persistent configuration
DefaultDependencies=no

Before=network-pre.target
Wants=network-pre.target

Wants=systemd-modules-load.service local-fs.target
After=systemd-modules-load.service local-fs.target

Conflicts=shutdown.target
Before=shutdown.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/netfilter-persistent start
ExecStop=/usr/sbin/netfilter-persistent stop

[Install]
WantedBy=multi-user.target
Stephen Kitt
  • 434,908
user2024640
  • 41
1

The mistake is simple and one of the main things I always mix up: You mix Before and RequiredBy. That doesn't go together. The others are correct about the target.

Kalle Richter
  • 2,192
Bane
  • 11
  • 1
0
[Unit]
Description=mount/repair remaining filesystems (all persistent fs beyond "/")
DefaultDependencies=no
After=sysinit.target local-fs.target
Before=basic.target

[Service]
Type=oneshot
ExecStart=/opt/intermodul-mounts/start.sh
TimeoutSec=0
RemainAfterExit=yes

[Install]
WantedBy=basic.target

Doing something along these lines will get ensure that this unit has run before the network, but after most of the other important setup has occurred.

spkane
  • 340