Hi,

I just set up a custom systemd target on my laptop for the first time using
[1] to split out services that I don't want running if I'm on a public wifi.
I configured things so that by default, I boot into a custom 'home.target'
which starts everything up, and then if I'm on an untrusted network I can
`systemctl isolate multi-user` to bring down httpd, mysqld, sshd, and
anything
else I'd rather not have listening to outside traffic.
Usually under those circumstances, my SSID wouldn't be available and
netctl@homewifi.service would have failed, so in an effort to automate the
process I added the following to the netctl service file and did `systemctl
--system daemon-reload` to read in the changes.

OnFailure=multi-user.target
OnFailureIsolate=true

The end result is that if systemd is unable to start
netctl@homewifi.service, it will isolate the multi-user target, thus
shutting
down httpd, mysqld, sshd, and other services belonging to home.target.

I'm just posting this because the solution wasn't obvious and a google
search
for the terms in the subject of this email didn't turn up anything about
OnFailure and OnFailureIsolate. Hopefully the info will be useful to someone
else.

I also wouldn't mind feedback on this setup. Is what I'm doing sane? Could
it be done better? My full home.target and netctl@homewifi.service are
linked
below [2].

[1] https://wiki.archlinux.org/index.php/systemd#Targets
[2] https://gist.github.com/DMBuce/6390806

-Buce

Reply via email to