[systemd-devel] Bouncing interface once chrony is synced

Reindl Harald h.reindl at thelounge.net
Wed Jul 5 15:36:29 UTC 2017 


Am 05.07.2017 um 17:29 schrieb Ian Pilcher:
> I am using CentOS 7 (systemd 219) on a Banana Pi as my residential
> firewall/gateway.  The Banana Pi does not have a persistent clock, so
> it has no idea what the time is until it is able to sync via NTP.  Thus,
> the initial DHCP leases that the BPi receives have incorrect expiration/
> renewal times (since the system can't sync via NTP before it has an IP
> address - chicken and egg).
> 
> My first attempt to address this was to add a drop-in to
> chrony-wait.service that bounces the WAN interface.
> 
> Unfortunately, the expected dhclient processes are not running, so the
> addresses are never renewed.  I suspect that systemd may be killing
> them, because chrony-wait is a oneshot service.
> 
> Can anyone suggest a way to achieve this?

by just doing the dhcpd stuff on your own, do what ever you need 
"oneshot" in ExecStartPre/ExecStartPost and put the dchclient into 
ExecStart of a Type=forking unit

s[root at srv-rhsoft:~]$ systemctl status network-wan-bridge.service
? network-wan-bridge.service - Network Internet Bridge
    Loaded: loaded (/etc/systemd/system/network-wan-bridge.service; 
enabled; vendor preset: disabled)
    Active: active (running) since Di 2017-07-04 08:47:33 CEST; 1 day 8h ago
  Main PID: 8182 (dhclient)
     Tasks: 1 (limit: 512)
    CGroup: /system.slice/network-wan-bridge.service
            ??8182 /usr/sbin/dhclient -4 -H srv-rhsoft -q 
--request-options subnet-mask,broadcast-address,routers,interface-mtu br-wan

Warning: Journal has been rotated since unit was started. Log output is 
incomplete or unavailable.
[root at srv-rhsoft:~]$ cat /etc/systemd/system/network-wan-bridge.service
[Unit]
Description=Network Internet Bridge
After=network.service systemd-networkd.service network-online.target

[Service]
Type=forking
ExecStartPre=-/usr/sbin/brctl addbr br-wan
ExecStartPre=-/usr/sbin/brctl stp br-wan off
ExecStartPre=-/usr/sbin/brctl setageing br-wan 600
ExecStartPre=-/usr/sbin/brctl setfd br-wan 5
ExecStartPre=-/usr/sbin/brctl addif br-wan wan
ExecStartPre=-/usr/sbin/brctl addif br-wan vmnet1
ExecStartPre=-/usr/sbin/ifconfig br-wan hw ether 00:50:8D:B5:CC:DE up
ExecStart=/usr/sbin/dhclient -4 -H srv-rhsoft -q --request-options 
subnet-mask,broadcast-address,routers,interface-mtu br-wan
ExecStartPost=-/usr/sbin/ifconfig br-wan -multicast -allmulti
ExecStartPost=-/usr/sbin/ifconfig vmnet1 0.0.0.0 -multicast -allmulti up
ExecStopPost=-/usr/sbin/ifconfig br-wan down
ExecStopPost=-/usr/sbin/brctl delbr br-wan

Restart=always
RestartSec=1

PrivateTmp=yes
NoNewPrivileges=yes
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 
CAP_NET_BROADCAST CAP_NET_RAW
SystemCallFilter=~acct modify_ldt add_key adjtimex clock_adjtime 
delete_module fanotify_init finit_module get_mempolicy init_module 
io_destroy io_getevents iopl ioperm io_setup io_submit io_cancel kcmp 
kexec_load keyctl lookup_dcookie mbind migrate_pages mount move_pages 
open_by_handle_at perf_event_open pivot_root process_vm_readv 
process_vm_writev ptrace remap_file_pages request_key set_mempolicy 
swapoff swapon umount2 uselib vmsplice 
 
 


ReadOnlyDirectories=/etc
ReadOnlyDirectories=/usr

InaccessibleDirectories=-/mnt
InaccessibleDirectories=-/mnt/data

More information about the systemd-devel mailing list