Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
dd8de797e3
core-agent-linux/vm-systemd
History
Marek Marczykowski-Górecki dd8de797e3
Move network uplink setup to a separate service 
Previously, network uplink (eth0) was configured in two places:
 - udev (asynchronously)
 - qubes-misc-post.service - at the very end of the boot process

This caused multiple issues:
1. Depending on udev event processing (non-deterministic), network
   uplink could be enabled too early, for example before setting up
   firewall.
2. Again depending on udev processing, it can be enabled quite late in
   the boot process, after network.target is up and services assume
   network already configured. This for example causes qubes-firewall to
   fail DNS queries.
3. If udev happen try to enable enable networking even earlier, it may
   happend before qubesdb-daemon is started, in which case network setup
   fill fail. For this case, there was network re-setup in
   qubes-misc-post service - much later in the boot.

Fix the above by placing network uplink setup in a dedicated
qubes-network-uplink@${INTERFACE}.service unit ordered after
network-pre.target and pulled in by udev based on vif device existence,
to handle also dynamic network attach/detach.
Then, create qubes-network-uplink.service unit waiting for appropriate
interface-specific unit (if one is expected!) and order it before
network.target.

QubesOS/qubes-issues#5576
2020-12-04 03:24:02 +01:00
..
anacron-resume.service.d Stop anacron from starting in Debian using existing constraint on cron 2017-02-05 23:36:27 +00:00
anacron.service.d Stop anacron from starting in Debian using existing constraint on cron 2017-02-05 23:36:27 +00:00
avahi-daemon.service.d Stop unnecessary services in Debian 2017-02-16 22:41:14 +00:00
boot.automount.d Disable boot.automount which is created by systemd automatically 2019-08-20 16:37:23 +02:00
chronyd.service.d Fix starting time synchronization service 2017-11-03 03:12:55 +01:00
cron.service.d Revert version and correct unit files 2016-10-16 13:39:01 +01:00
crond.service.d Revert version and correct unit files 2016-10-16 13:39:01 +01:00
cups-browsed.service.d Disable cups-browsed service together with cups 2017-12-05 17:58:35 +01:00
cups.path.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
cups.service.d Clean up early initialization and setup of /rw 2016-10-23 20:19:51 +00:00
cups.socket.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
exim4.service.d Stop unnecessary services in Debian 2017-02-16 22:41:14 +00:00
getty@tty.service.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
ModemManager.service.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
netfilter-persistent.service.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
network-manager.service.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
NetworkManager-wait-online.service.d systemd: improve ordering of systemd units 2016-07-27 05:19:47 +02:00
NetworkManager.service.d systemd: improve ordering of systemd units 2016-07-27 05:19:47 +02:00
org.cups.cupsd.path.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
org.cups.cupsd.service.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
org.cups.cupsd.socket.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
serial-getty@.service.d Enable root autologin on serial console 2020-05-06 17:56:55 +02:00
systemd-fsck-root.service.d Add a service to enable swap early - before fsck of the root filesystem 2020-11-03 05:18:57 +01:00
systemd-random-seed.service.d systemd: plug random seed loading into systemd-random-seed 2016-07-17 04:26:01 +02:00
systemd-timesyncd.service.d Fix systemd-timesyncd.service startup 2018-02-13 02:14:08 +01:00
tinyproxy.service.d No longer start /etc/init.d/tinyproxy by default anymore. 2015-11-11 14:57:36 +00:00
tmp.mount.d Enlarge /tmp and /dev/shm 2015-10-04 23:07:10 +02:00
tor.service.d systemd: order units checking for qubes-service after qubes-sysinit 2016-05-12 00:17:05 +02:00
tor@default.service.d Do not start tor@default service in TemplateVM. 2016-06-11 13:46:58 +00:00
user dropins: implement dropins for systemd user starting with pulseaudio systemd service and socket masking 2015-11-07 19:12:30 +01:00
75-qubes-vm.preset Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
bind-dirs.sh bind-dirs: run in DisposableVM, too 2020-09-15 10:52:59 +00:00
dev-xvdc1-swap.service Add a service to enable swap early - before fsck of the root filesystem 2020-11-03 05:18:57 +01:00
haveged.service debian: make haveged.service patch less intrusive... 2017-05-22 17:30:06 +02:00
misc-post-stop.sh Remove DisposableVM savefile related files 2017-06-08 22:11:35 +02:00
misc-post.sh Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
mount-dirs.sh bind-dirs: run in DisposableVM, too 2020-09-15 10:52:59 +00:00
network-proxy-setup.sh Fix typo 2020-01-16 14:12:01 -05:00
network-proxy-stop.sh network: stop IP forwarding before disabling firewall 2020-12-03 20:52:51 +01:00
network-uplink-wait.sh Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
qubes-core-agent-linux.tmpfiles updates-proxy: use separate directory for PID file 2015-11-11 05:57:57 +01:00
qubes-core.conf Cleanup kernel modules loading configuration 2017-06-08 22:11:38 +02:00
qubes-early-vm-config.service Order qubes-early-vm-config.service before networking 2020-12-03 20:52:51 +01:00
qubes-early-vm-config.sh init: fix issues found by shellcheck in init scripts 2017-09-30 04:49:21 +02:00
qubes-firewall.service Move qubes-firewall from sbin to bin 2020-02-05 00:12:22 +00:00
qubes-iptables.service Clean up early initialization and setup of /rw 2016-10-23 20:19:51 +00:00
qubes-misc-post.service Drop leftovers of qubes-netwatcher service 2018-05-24 17:38:12 +02:00
qubes-mount-dirs.service Clean up early initialization and setup of /rw 2016-10-23 20:19:51 +00:00
qubes-network-uplink.service Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
qubes-network-uplink@.service Move network uplink setup to a separate service 2020-12-04 03:24:02 +01:00
qubes-network.service network: stop IP forwarding before disabling firewall 2020-12-03 20:52:51 +01:00
qubes-random-seed.sh Hint shellcheck where to look for sourced files, if in repository 2017-09-30 05:05:34 +02:00
qubes-rootfs-resize.service Resize root filesystem at VM startup if needed 2017-10-18 21:02:15 +02:00
qubes-sync-time.service Delay qubes-sync-time service after qrexec is started 2019-06-25 04:19:56 +02:00
qubes-sync-time.timer Really enable qubes-sync-time.timer 2018-02-14 13:52:17 +00:00
qubes-sysinit.service Drop legacy xen entry in fstab 2020-07-26 14:30:33 +02:00
qubes-sysinit.sh Drop systemd re-exec during boot 2020-11-03 05:20:15 +01:00
qubes-update-check.service systemd: don't mark updates check service failed 2016-07-16 15:30:40 +02:00
qubes-update-check.timer vm: notify dom0 when updates available in VM (#475) 2012-05-02 00:09:00 +02:00
qubes-updates-proxy-forwarder.socket Implement qrexec-based connection to updates proxy 2017-05-26 05:25:29 +02:00
qubes-updates-proxy-forwarder@.service Implement qrexec-based connection to updates proxy 2017-05-26 05:25:29 +02:00
qubes-updates-proxy.service Use exec to ease systemd handling the tinyproxy process 2019-04-17 12:47:22 +02:00
xendriverdomain.service xendriverdomain: remove placeholder for sbinpath 2020-08-03 13:18:26 +02:00