[systemd-devel] Starting up service after my openvpn connection turns up

Andrei Borzenkov arvidjaar at gmail.com
Tue Jun 2 10:47:14 PDT 2015


В Tue, 2 Jun 2015 10:45:24 -0400
Matthew Karas <mkarascybi at gmail.com> пишет:

> Andrei - I'm making good progress on your suggestion but I've hit a
> snag getting the socket for port 22.  Since I'm not starting dropbear
> through systemd but in the up script, how do I get the system to
> define port 22?
> 
> If I tell systemctl to start dropbear.socket - it starts up the
> dropbear service without my special configs (as it starts
> dropbear.service).  If I don't start dropbear.socket - my script
> errors out because port22 isn't a socket.
> 

Sorry, I do not understand what "getting a socket" means. If you show
actual script and unit definition, it may help to understand.

> On Mon, Jun 1, 2015 at 11:37 PM, Andrei Borzenkov <arvidjaar at gmail.com> wrote:
> > В Mon, 1 Jun 2015 16:36:38 -0400
> > Matthew Karas <mkarascybi at gmail.com> пишет:
> >
> >> I am trying to start a dropbear service after my openvpn service starts up.
> >>
> >> -----------------------------------
> >> [Unit]
> >> Description=SSH Per-Connection Server
> >> Wants=dropbearkey.service
> >> After=syslog.target dropbearkey.service
> >> Wants=openvpn at equipment.service
> >> After=openvpn at equipment.service
> >> -----------------------------------
> >>
> >>
> >> But I would like to start up the service after "tun0" interface is
> >> available (made by openvpn).
> >>
> >> How do I find out what to put in "Wants" and "After" for tun0?  I
> >> can't seem to find anything related
> >>
> >> Also if there is a better way to get dropbear to start after tun0 has
> >> appeared I'm open to doing that as well.  My goal is to have my ssh
> >> server only look at my openvpn address and ignore ssh requests that
> >> are not from the vpn iface.  I'm thinking I can do this with a script
> >> setting up drop bear with the -p option (and looking for my tun0 ip4
> >> address and using it).
> >>
> >
> > What about using OpenVPN hooks to start service after connection is
> > established? You can pass it (service) interface name and bind it to
> > interface so it is automatically stopped when interface is teared down.
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel



More information about the systemd-devel mailing list