Commit Graph

8 Commits

Author SHA1 Message Date
Rudd-O
b7d8d66bb1 Eliminate race condition with qubes-setup-dnat-to-ns
qubes-setup-dnat-to-ns is called multiple times during boot.  Of particular interest are the two invocations done by:

1. `/usr/lib/qubes/init/network-proxy.setup.sh` (`qubes-network.service`)
2. `/usr/lib/qubes/init/misc-post.sh` (`qubes-misc-post.service`)

These can, and do often, run in parallel.  Often enough that the `PR-QBS` `nat` chain can end up with eight rules instead of four, or (worse) zero rules.

This commit represents the proper boot ordering of these services, where the post startup *must* happen after Qubes has already started its iptables, firewall, network setup and netwatcher.

This eliminates the race.
2016-10-12 15:19:46 +00:00
Rusty Bird
ca03e093f7
Order network management units after network-pre.target
Network management software should order itself after network-pre.target
(man 7 systemd.special) so that other units can order themselves before
the *beginning* of network initialization. (qubes-misc-post too because
it calls setup-ip.)

Relevant for QubesOS/qubes-issues#2108
2016-06-30 16:20:47 +00:00
Patrick Schleizer
f063b4a90f
Renamed qubes-mount-home to qubes-mount-dirs.
Renamed qubes-mount-home service and mount-home.sh script to qubes-mount-dirs service and mount-dirs.sh.
Because mount-home.sh also processed /rw/usrlocal.
preparation to fix the following issues:
- upstream bind-directories functionality to Qubes - https://phabricator.whonix.org/T414
- Bind mount /rw/usrlocal -> /usr/local instead of symlink - https://github.com/QubesOS/qubes-issues/issues/1150
- /bin/sync hangs forever in whonix-ws-dvm - https://github.com/QubesOS/qubes-issues/issues/1328
2015-10-15 20:57:43 +00:00
Marek Marczykowski-Górecki
88d7ca7940 Move mounting /rw and /home to separate service
Many services depended on misc-post only because this was where /home
gets mounted. Move that to separate service, started earlier.
2015-03-04 01:52:18 +01:00
Marek Marczykowski
afa09b5d80 vm/systemd: break dependency loop
qubes-misc-post provides /rw/home, required by NetworkManager, so do not
try start it after network.target
2013-02-12 01:38:29 +01:00
Marek Marczykowski
970203b956 vm/systemd: start misc-post after network
This will ensure that /rw/config/rc.local is called after applying default
iptables rules, so it can safely modify it without the risk to be overridden
later by default ones.
2013-01-11 23:49:46 +01:00
Marek Marczykowski
c3ee25ef10 vm/mimeopen: save mimetype defaults for DispVM (#423) 2012-02-06 19:08:08 +01:00
Marek Marczykowski
5e0cde15de vm/init: introduce SystemD startup scripts 2012-01-10 12:10:16 +01:00