Sylvain CANOINE
2015-Dec-21 15:08 UTC
[CentOS] Network services start before network is up since migrating to 7.2
> If you're using NetworkManager, you can "systemctl enable > NetworkManager-wait-online.service" and you won't have to override any > of the individual services.Our security experts don't want me to use NetworkManager... It's even uninstalled on the models, so I understand better why all the required files are not here : # systemctl status NetworkManager-wait-online.service ? NetworkManager-wait-online.service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead) So I made a crappy but easy-to-deploy script to make the services start after network is online : for fic in $(grep -rl "After=.*network.target" /lib/systemd/system | cut -d/ -f5 | grep -v "network-online.target") do [ ! -d "/etc/systemd/system/${fic}.d" ] && mkdir -v "/etc/systemd/system/${fic}.d" echo -e "[Unit]\nAfter=network-online.target" > "/etc/systemd/system/${fic}.d/local-network-online.conf" && echo "/etc/systemd/system/${fic}.d/local-network-online.conf" done systemctl daemon-reload That's working as is, so I'll keep this workaround for now. Sylvain. Pensez ENVIRONNEMENT : n'imprimer que si ncessaire
James Hogarth
2015-Dec-21 16:24 UTC
[CentOS] Network services start before network is up since migrating to 7.2
On 21 December 2015 at 15:08, Sylvain CANOINE <sylvain.canoine at tv5monde.org> wrote:> > If you're using NetworkManager, you can "systemctl enable > > NetworkManager-wait-online.service" and you won't have to override any > > of the individual services. > Our security experts don't want me to use NetworkManager... It's even > uninstalled on the models, so I understand better why all the required > files are not here : > >"experts" ... I'm sorry ...> # systemctl status NetworkManager-wait-online.service > ? NetworkManager-wait-online.service > Loaded: not-found (Reason: No such file or directory) > Active: inactive (dead) > > So I made a crappy but easy-to-deploy script to make the services start > after network is online : > > for fic in $(grep -rl "After=.*network.target" /lib/systemd/system | cut > -d/ -f5 | grep -v "network-online.target") > do > [ ! -d "/etc/systemd/system/${fic}.d" ] && mkdir -v > "/etc/systemd/system/${fic}.d" > echo -e "[Unit]\nAfter=network-online.target" > > "/etc/systemd/system/${fic}.d/local-network-online.conf" && echo > "/etc/systemd/system/${fic}.d/local-network-online.conf" > done > systemctl daemon-reload > > That's working as is, so I'll keep this workaround for now. > >What a horrible work around but I'm glad you got something in place that works for you.
Marcelo Ricardo Leitner
2015-Dec-21 20:46 UTC
[CentOS] Network services start before network is up since migrating to 7.2
Em 21-12-2015 14:24, James Hogarth escreveu:> On 21 December 2015 at 15:08, Sylvain CANOINE <sylvain.canoine at tv5monde.org> > wrote: > >>> If you're using NetworkManager, you can "systemctl enable >>> NetworkManager-wait-online.service" and you won't have to override any >>> of the individual services. >> Our security experts don't want me to use NetworkManager... It's even >> uninstalled on the models, so I understand better why all the required >> files are not here : >> >> > "experts" ... I'm sorry ...Agreed. Sylvain, if possible, please elaborate on their reasoning for this, because it just seems like a case of "we fear what we don't know", so they are recommending to stick to old habits instead. Or have they identified real attack vectors in NM? If yes, we would love to hear that so it can be fixed. Marcelo
Reasonably Related Threads
- Network services start before network is up since migrating to 7.2
- Network services start before network is up since migrating to 7.2
- Network services start before network is up since migrating to 7.2
- Network services start before network is up since migrating to 7.2
- Network services start before network is up since migrating to 7.2