From owner-freebsd-questions@freebsd.org  Tue May 14 19:39:32 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 712761596859
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Tue, 14 May 2019 19:39:32 +0000 (UTC) (envelope-from peo@nethead.se)
Received: from ns1.nethead.se (ns1.nethead.se [5.150.237.139])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "ns1.nethead.se", Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 518DC81456
 for <freebsd-questions@freebsd.org>; Tue, 14 May 2019 19:39:31 +0000 (UTC)
 (envelope-from peo@nethead.se)
X-Virus-Scanned: amavisd-new at Nethead AB
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nethead.se;
 s=NETHEADSE; t=1557862768;
 bh=eoSnro7WBOq++aWumZuhL0FmmSaF4LLST2+cWRVjqoY=;
 h=Subject:To:References:From:Date:In-Reply-To;
 b=3twt2EtnDXPlkg/nGiYLBV75xOBpfEybJmT4XQnPa/AOeljt3jjFi70ErF86GvS+B
 e+az70kBzi5qVUPO91LmHanTI6bhIiakTWTyBt5eZemaE4hTrJK4V0qgz4ptNSwCwB
 nHOoBQLd50NBgpbDQUR3z7EYynYDczc0l19suIYc=
Subject: Re: rcorder - wait for tap0
To: freebsd-questions@freebsd.org
References: <dc363ae4-d331-efd0-e099-ee01b7eaddb1@nethead.se>
 <20190514182945.0ced24d4@gumby.homeunix.com>
 <20190514185340.0159358c@gumby.homeunix.com>
From: Per olof Ljungmark <peo@nethead.se>
Message-ID: <63fe68c5-b85b-7d6d-a438-596ec8041f6b@nethead.se>
Date: Tue, 14 May 2019 21:39:26 +0200
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101
 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <20190514185340.0159358c@gumby.homeunix.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 518DC81456
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=nethead.se header.s=NETHEADSE header.b=3twt2Etn;
 dmarc=pass (policy=none) header.from=nethead.se;
 spf=pass (mx1.freebsd.org: domain of peo@nethead.se designates 5.150.237.139
 as permitted sender) smtp.mailfrom=peo@nethead.se
X-Spamd-Result: default: False [-2.89 / 15.00];
 R_SPF_ALLOW(-0.20)[+ip4:5.150.237.139]; TO_DN_NONE(0.00)[];
 MX_GOOD(-0.01)[cached: vrt.nethead.se];
 DKIM_TRACE(0.00)[nethead.se:+];
 DMARC_POLICY_ALLOW(-0.50)[nethead.se,none];
 NEURAL_HAM_SHORT(-0.06)[-0.062,0]; RCVD_COUNT_ZERO(0.00)[0];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
 IP_SCORE(0.12)[asn: 8473(0.63), country: SE(-0.01)];
 ASN(0.00)[asn:8473, ipnet:5.150.192.0/18, country:SE];
 MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-0.94)[-0.942,0];
 R_DKIM_ALLOW(-0.20)[nethead.se:s=NETHEADSE];
 FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-0.999,0]; MIME_GOOD(-0.10)[text/plain];
 RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_ALL(0.00)[]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 19:39:32 -0000

On 2019-05-14 19:53, RW via freebsd-questions wrote:
> On Tue, 14 May 2019 18:29:45 +0100
> RW wrote:
> 
>> On Tue, 14 May 2019 08:49:52 +0200
>> Per olof Ljungmark wrote:
>>
>>> Despite large amounts of cofee and time I cannot grasp how to make
>>> this happen.
>>>
>>> What I want is
>>>
>>> Boot -> start openvpn/tap0 configured -> start named -> start jails
>>>
>>> Because the jails uses tap0 of course they cannot start before tap0
>>> is up, but this is what happens in the default configuration.
>>>
>>> Surely this cannot be unique? How did you do it?
>>>
>>> Preferrably without messing with rc.d scripts that gets overwritten
>>> when updated.
>>
>> You need an rc script in /usr/local/etc/rc.d with something like:
>>
>>
>> # PROVIDE: vpnwait
>> # REQUIRE: openvpn
>> # BEFORE:  <whatever string the jail rc.d script provides>
> 
> now I come to think about it openvpn runs after LOGIN, so either you
> have to put up with the order
> 
>     named, openvpn, jails
> 
> or rewrite the openvpn script.
> 
> What I did was to allow DNS to pass directly to one well-known server so
> lookups could happen before openvpn started.

Thank you for your comments.

Thing is named dies if tap0 is not up when it starts and as this is a 
public named server it needs to be running after boot.

Rewriting the provided rc scripts, they are part of the port and 
requires work when updated.

So, the conlusion is, fiddle with the ule/rc.d/ and prepare to fix them 
after every update? No other way?