From owner-freebsd-questions@freebsd.org Wed May 15 14:37:56 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6414D1593A96 for ; Wed, 15 May 2019 14:37:56 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E28588E1DC; Wed, 15 May 2019 14:37:55 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from mandree.no-ip.org (p54A03AEA.dip0.t-ipconnect.de [84.160.58.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: mandree/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 9AF4AF112; Wed, 15 May 2019 14:37:55 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from ryzen.an3e.de (localhost [IPv6:::1]) by ryzen.an3e.de (Postfix) with ESMTP id 56181120363; Wed, 15 May 2019 16:37:53 +0200 (CEST) Subject: Re: rcorder - wait for tap0 To: freebsd-questions@freebsd.org References: <20190514182945.0ced24d4@gumby.homeunix.com> <20190514185340.0159358c@gumby.homeunix.com> <63fe68c5-b85b-7d6d-a438-596ec8041f6b@nethead.se> <20190514220824.a4779bb2.freebsd@edvax.de> <20190514234301.0f28c432@gumby.homeunix.com> Cc: RW From: Matthias Andree Openpgp: id=DC4A655BD993CD4871FA8210E412B156EFF3855A Message-ID: <00f47435-6911-c7c8-1dfb-cefae513390f@FreeBSD.org> Date: Wed, 15 May 2019 16:37:53 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: <20190514234301.0f28c432@gumby.homeunix.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: E28588E1DC X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.96)[-0.964,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 May 2019 14:37:56 -0000 Am 15.05.19 um 00:43 schrieb RW: > On Tue, 14 May 2019 22:08:24 +0200 > Polytropon wrote: > >> On Tue, 14 May 2019 21:39:26 +0200, Per olof Ljungmark wrote: >>> On 2019-05-14 19:53, RW via freebsd-questions wrote: >>>> On Tue, 14 May 2019 18:29:45 +0100 >>>> RW wrote: >>>> >>>>> On Tue, 14 May 2019 08:49:52 +0200 >>>>> Per olof Ljungmark wrote: >>>>> >>>>>> Despite large amounts of cofee and time I cannot grasp how to >>>>>> make this happen. >>>>>> >>>>>> What I want is >>>>>> >>>>>> Boot -> start openvpn/tap0 configured -> start named -> start >>>>>> jails >>>>>> >>>>>> Because the jails uses tap0 of course they cannot start before >>>>>> tap0 is up, but this is what happens in the default >>>>>> configuration. >>>>>> >>>>>> Surely this cannot be unique? How did you do it? >>>>>> >>>>>> Preferrably without messing with rc.d scripts that gets >>>>>> overwritten when updated. >>>>> >>>>> You need an rc script in /usr/local/etc/rc.d with something like: >>>>> >>>>> >>>>> # PROVIDE: vpnwait >>>>> # REQUIRE: openvpn >>>>> # BEFORE: >>>> >>>> now I come to think about it openvpn runs after LOGIN, so either >>>> you have to put up with the order >>>> >>>> named, openvpn, jails >>>> >>>> or rewrite the openvpn script. >>>> >>>> What I did was to allow DNS to pass directly to one well-known >>>> server so lookups could happen before openvpn started. >>> >>> Thank you for your comments. >>> >>> Thing is named dies if tap0 is not up when it starts and as this is >>> a public named server it needs to be running after boot. >>> >>> Rewriting the provided rc scripts, they are part of the port and >>> requires work when updated. >>> >>> So, the conlusion is, fiddle with the ule/rc.d/ and prepare to fix >>> them after every update? No other way? >> >> There is another way, but it doesn't sound much better: >> >> You could use /etc/rc.local to implement the exact order in >> which you need to start the different services, without using >> their automatic startup (*_enable="YES" in combination with >> the /etc/rc.d/ and /usr/local/etc/rc.d/ scripts). >> > > A variant of that idea would be to set > > openvpn_enable=NO > > and run the installed openvpn script from a wrapper rc script > using 'onestart' > > I've CCed the port maintainer just in case he's not aware of the issue. The issue is that there's not one solution for two different problems, but typically we install one rcfile. What are you proposing, what should I do? I'd typically expect system administrators to be able to tweak rcorder(8) scripts to their needs.