:: Re: [DNG] Sysvinit script doesn't t…
Página Principal
Delete this message
Reply to this message
Autor: Joel Roth
Data:  
Para: dng
Assunto: Re: [DNG] Sysvinit script doesn't trigger on boot
On Fri, Dec 01, 2023 at 03:58:30AM -0700, Bob Proulx via Dng wrote:
> Joel Roth via Dng wrote:
> > But it doesn't start during system boot.
>
> > $ ls /etc/rc2.d | grep firewall
> > S02firewall
>
> I think S02 is too early. That would put it in parallel with eudev
> coming online on my system.


> If we look at the shorewall init script we will see it says this.
>
>     # Required-Start:    $network $remote_fs
>     # Required-Stop:     $network $remote_fs
>     # Default-Start:     S
>     # Default-Stop:      0 1 6
> > Which leads me to believe something similar would be good for your
> firewall script too.  I would modify to the same thing.  That will
> move it a little bit later in the boot process and after the network
> devices exist, but in single user mode before any daemons have been
> started so nothing is listening on the network yet.


Good idea. Any idea what $remote_fs would serve in the above
example? Any network file system would depend on having
a network, right?

The 'S' in Default-Start refers to single-user mode, does it
not? I vaguely remember single-user mode being synonymous
with run-level 2, but read here that single-user mode is
run-level 1.

https://www.geeksforgeeks.org/run-levels-linux/

> Just as commentary rather than bring this online during boot time
> statically which is really meant for static things this might be
> better served by running from the /etc/network/if-*.d/ dynamic
> triggers, or their equivalent with whichever manager you are running,
> which runs event driven after the interface is brought online.
> Assuming that your Wi-Fi is dynamic using a wifi manager. If it is
> static then of course the boot time is fine.


So, reading the docs for /etc/network/interfaces, I see that
I can put `post-up firewall` in the stanza for, say wlan0,
that will trigger the script when the wifi manager brings up
wlan0.

Interestingly, from a security standpoint, if the script
fails, the interface will still remains up, although it will
be marked as not configured.

Thanks for the reply!

>
> Bob
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
>


--
Joel Roth