From d83589bf852cc971295c55466d6638a7b40269a2 Mon Sep 17 00:00:00 2001 From: Andrey Borzenkov Date: Thu, 10 Mar 2011 18:37:45 +0300 Subject: initscripts: execute fedora-sysinit-unhack after sysinit.target Currently both are started early during boot and in the best case are no-op, in the worst - hack is executed after unhack and leaves /dev/.in_sysinit hanging around forever. Make sure unhack is executed after hack and after sysinit.target as name suggests. Signed-off-by: Andrey Borzenkov --- systemd/system/fedora-sysinit-unhack.service | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'systemd/system') diff --git a/systemd/system/fedora-sysinit-unhack.service b/systemd/system/fedora-sysinit-unhack.service index 86e20cd6..221d8bb1 100644 --- a/systemd/system/fedora-sysinit-unhack.service +++ b/systemd/system/fedora-sysinit-unhack.service @@ -1,8 +1,9 @@ [Unit] -Description=Bootup hack +Description=Bootup unhack DefaultDependencies=no Conflicts=shutdown.target Before=shutdown.target +After=fedora-sysinit-hack.service sysinit.target [Service] Type=oneshot -- cgit v1.2.1 From 89032e9049921024fa65c292adb48bc8eba1e5a0 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Fri, 11 Mar 2011 11:38:00 -0500 Subject: Fix conditions so that they operate as OR, not AND. (#684125) --- systemd/system/fedora-autorelabel.service | 4 ++-- systemd/system/fedora-loadmodules.service | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'systemd/system') diff --git a/systemd/system/fedora-autorelabel.service b/systemd/system/fedora-autorelabel.service index 10b37f69..cd6a84b3 100644 --- a/systemd/system/fedora-autorelabel.service +++ b/systemd/system/fedora-autorelabel.service @@ -5,8 +5,8 @@ Requires=local-fs.target Conflicts=shutdown.target After=local-fs.target Before=sysinit.target shutdown.target -ConditionKernelCommandLine=autorelabel -ConditionPathExists=/.autorelabel +ConditionKernelCommandLine=|autorelabel +ConditionPathExists=|/.autorelabel [Service] ExecStart=/lib/systemd/fedora-autorelabel diff --git a/systemd/system/fedora-loadmodules.service b/systemd/system/fedora-loadmodules.service index 9b801258..cd2b4910 100644 --- a/systemd/system/fedora-loadmodules.service +++ b/systemd/system/fedora-loadmodules.service @@ -4,8 +4,8 @@ DefaultDependencies=no Conflicts=shutdown.target After=systemd-readahead-collect.service systemd-readahead-replay.service Before=sysinit.target shutdown.target -ConditionPathExists=/etc/rc.modules -ConditionDirectoryNotEmpty=/etc/sysconfig/modules/ +ConditionPathExists=|/etc/rc.modules +ConditionDirectoryNotEmpty=|/etc/sysconfig/modules/ [Service] ExecStart=/lib/systemd/fedora-loadmodules -- cgit v1.2.1 From 93d8f7b7d63689e9244d1ce942997c0e32bdd7cb Mon Sep 17 00:00:00 2001 From: Michal Schmidt Date: Mon, 4 Apr 2011 09:56:57 +0200 Subject: let systemd check the conditions for fedora-autorelabel The service unit file already checks whether /.autorelabel or the "autorelabel" parameter are present. No need to recheck in the script. Using the new "ConditionSecurity=" feature systemd can also check whether SELinux is enabled. --- systemd/system/fedora-autorelabel.service | 1 + 1 file changed, 1 insertion(+) (limited to 'systemd/system') diff --git a/systemd/system/fedora-autorelabel.service b/systemd/system/fedora-autorelabel.service index cd6a84b3..c98a40ff 100644 --- a/systemd/system/fedora-autorelabel.service +++ b/systemd/system/fedora-autorelabel.service @@ -5,6 +5,7 @@ Requires=local-fs.target Conflicts=shutdown.target After=local-fs.target Before=sysinit.target shutdown.target +ConditionSecurity=selinux ConditionKernelCommandLine=|autorelabel ConditionPathExists=|/.autorelabel -- cgit v1.2.1 From d88e9d09a6570fe729735740a966ed758ff81141 Mon Sep 17 00:00:00 2001 From: Michal Schmidt Date: Mon, 4 Apr 2011 09:57:08 +0200 Subject: separate "touch /.autorelabel" to a new unit Writing /.autorelabel from fedora-autorelabel does not work because the script is executed only if relabel was already requested. Create a new unit fedora-autorelabel-mark.service which will be responsible for creating /.autorelabel if SELinux is disabled. The unit takes advantage of the new "ConditionSecurity=" support in systemd. The old script checked for a read-only filesystem first. The new unit does not do that. If / is read-only, touch will simply fail. This should not be considered as a failure of the unit, so "-" is used in ExecStart. There have been arguments on systemd-devel that the root directory should not be abused for flag files like /.autorelabel. It has a long tradition in Fedora though (since 2005). Maybe we can change it eventually, but let's keep it where it is for now. --- systemd/system/fedora-autorelabel-mark.service | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 systemd/system/fedora-autorelabel-mark.service (limited to 'systemd/system') diff --git a/systemd/system/fedora-autorelabel-mark.service b/systemd/system/fedora-autorelabel-mark.service new file mode 100644 index 00000000..33b5147b --- /dev/null +++ b/systemd/system/fedora-autorelabel-mark.service @@ -0,0 +1,15 @@ +[Unit] +Description=Mark the need to relabel after reboot +DefaultDependencies=no +Requires=local-fs.target +Conflicts=shutdown.target +After=local-fs.target +Before=sysinit.target shutdown.target +ConditionSecurity=!selinux +ConditionPathIsDirectory=/etc/selinux +ConditionPathExists=!/.autorelabel + +[Service] +ExecStart=-/bin/touch /.autorelabel +Type=oneshot +RemainAfterExit=yes -- cgit v1.2.1 From 8df4ee072641b1153852c8b8b778ef4a02edb8bd Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 6 Apr 2011 15:47:46 -0400 Subject: Add a storage setup after cryptsetup.target. (#692198) Due to cryptsetup being parallel with this initially, we need this to support LVM/MD on LUKS. --- systemd/system/fedora-storage-init-late.service | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 systemd/system/fedora-storage-init-late.service (limited to 'systemd/system') diff --git a/systemd/system/fedora-storage-init-late.service b/systemd/system/fedora-storage-init-late.service new file mode 100644 index 00000000..80bba21f --- /dev/null +++ b/systemd/system/fedora-storage-init-late.service @@ -0,0 +1,13 @@ +[Unit] +Description=Initialize storage subsystems (RAID, LVM, etc.) +DefaultDependencies=no +Conflicts=shutdown.target +After=cryptsetup.target +Before=local-fs.target shutdown.target +Wants=fedora-wait-storage.service + +[Service] +ExecStart=/lib/systemd/fedora-storage-init +Type=oneshot +TimeoutSec=0 +RemainAfterExit=yes -- cgit v1.2.1 From b15a418b0ab137507d8e96d4b35d6ff7db76ee8f Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 27 Apr 2011 13:05:37 -0400 Subject: Make sure to enable fedora-storage-init-late.service, and have it after the non-late version. (#699918) --- systemd/system/fedora-storage-init-late.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'systemd/system') diff --git a/systemd/system/fedora-storage-init-late.service b/systemd/system/fedora-storage-init-late.service index 80bba21f..bfd4b73b 100644 --- a/systemd/system/fedora-storage-init-late.service +++ b/systemd/system/fedora-storage-init-late.service @@ -2,7 +2,7 @@ Description=Initialize storage subsystems (RAID, LVM, etc.) DefaultDependencies=no Conflicts=shutdown.target -After=cryptsetup.target +After=cryptsetup.target fedora-storage-init.service Before=local-fs.target shutdown.target Wants=fedora-wait-storage.service -- cgit v1.2.1 From b710648dee63466be01b34b21d929ada422f2845 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Mon, 25 Jul 2011 13:34:12 -0400 Subject: Remove fedora-sysinit-hack/fedora-sysinit-unhack; they're not needed with /var/lock on tmpfs. --- systemd/system/fedora-sysinit-hack.service | 10 ---------- systemd/system/fedora-sysinit-unhack.service | 11 ----------- 2 files changed, 21 deletions(-) delete mode 100644 systemd/system/fedora-sysinit-hack.service delete mode 100644 systemd/system/fedora-sysinit-unhack.service (limited to 'systemd/system') diff --git a/systemd/system/fedora-sysinit-hack.service b/systemd/system/fedora-sysinit-hack.service deleted file mode 100644 index dd78da80..00000000 --- a/systemd/system/fedora-sysinit-hack.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Bootup hack -DefaultDependencies=no -Conflicts=shutdown.target -Before=basic.target shutdown.target - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/bin/touch /dev/.in_sysinit diff --git a/systemd/system/fedora-sysinit-unhack.service b/systemd/system/fedora-sysinit-unhack.service deleted file mode 100644 index 221d8bb1..00000000 --- a/systemd/system/fedora-sysinit-unhack.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Bootup unhack -DefaultDependencies=no -Conflicts=shutdown.target -Before=shutdown.target -After=fedora-sysinit-hack.service sysinit.target - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=-/bin/rm -f /dev/.in_sysinit -- cgit v1.2.1 From 4ee50f81e1f2f78af3298439ab8a9d9d96aa4d18 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Tue, 9 Aug 2011 14:18:17 -0400 Subject: Drop fedora-autoswap; it's somewhat dangerous, and better done via a udev/systemd combination anyway. --- systemd/system/fedora-autoswap.service | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 systemd/system/fedora-autoswap.service (limited to 'systemd/system') diff --git a/systemd/system/fedora-autoswap.service b/systemd/system/fedora-autoswap.service deleted file mode 100644 index 21754c9c..00000000 --- a/systemd/system/fedora-autoswap.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Enable all detected swap partitions -DefaultDependencies=no -Conflicts=shutdown.target -After=systemd-readahead-collect.service systemd-readahead-replay.service local-fs.target -Before=swap.target shutdown.target - -[Service] -ExecStart=/lib/systemd/fedora-autoswap -Type=oneshot -TimeoutSec=0 -RemainAfterExit=yes -- cgit v1.2.1