[arch-general] Isolate systemd target if service fails
Hi, I just set up a custom systemd target on my laptop for the first time using [1] to split out services that I don't want running if I'm on a public wifi. I configured things so that by default, I boot into a custom 'home.target' which starts everything up, and then if I'm on an untrusted network I can `systemctl isolate multi-user` to bring down httpd, mysqld, sshd, and anything else I'd rather not have listening to outside traffic. Usually under those circumstances, my SSID wouldn't be available and netctl@homewifi.service would have failed, so in an effort to automate the process I added the following to the netctl service file and did `systemctl --system daemon-reload` to read in the changes. OnFailure=multi-user.target OnFailureIsolate=true The end result is that if systemd is unable to start netctl@homewifi.service, it will isolate the multi-user target, thus shutting down httpd, mysqld, sshd, and other services belonging to home.target. I'm just posting this because the solution wasn't obvious and a google search for the terms in the subject of this email didn't turn up anything about OnFailure and OnFailureIsolate. Hopefully the info will be useful to someone else. I also wouldn't mind feedback on this setup. Is what I'm doing sane? Could it be done better? My full home.target and netctl@homewifi.service are linked below [2]. [1] https://wiki.archlinux.org/index.php/systemd#Targets [2] https://gist.github.com/DMBuce/6390806 -Buce
participants (1)
-
Buce