lp:~tgamblin/ufw/distutils-to-setuptools
- Get this branch:
- bzr branch lp:~tgamblin/ufw/distutils-to-setuptools
Branch merges
- Jamie Strandboge: Pending requested
-
Diff: 14 lines (+2/-2)1 file modifiedsetup.py (+2/-2)
Related source package recipes
Branch information
Recent revisions
- 1137. By Jamie Strandboge
-
doc/ufw.8: delete/
insert/ prepend are exclusive. Thanks Greg Atkinson References:
- https://bugs.launchpad .net/ufw/ +bug/1946084 - 1136. By Jamie Strandboge
-
systemd.example: add DefaultDependen
cies=no; use Wants/After local-fs.target Add back DefaultDependen
cies=no and instead add Wants/After
local-fs.target. This will avoid a dependency on sysinit while ensuring
that filesystems (including cryptsetup) are ready (the reason for
removing DefaultDependencies=no in the first place). LP: #1950039 - 1134. By Jamie Strandboge
-
systemd.example: remove DefaultDependen
cies=no The systemd unit has historically always used DefaultDependen
cies=no.
When only Before=network. target was used, the dependencies (as seen with
'systemctl list-dependencies ufw.service') were:ufw.service
|_system.sliceWhen Before=
network. target was changed to Before= network- pre.target and
Wants=network-pre.target, this became: ufw.service
|_system.slice
|_network-pre.target Removing DefaultDependen
cies=no (DefaultDepende ncies defaults to 'yes')
pulls in the sysinit.target which changes this to (on a Debian 11
system):ufw.service
|_system.slice
|_network-pre.target
|_sysinit.target
|_apparmor.service
|_blk-availability. service
|_dev-hugepages. mount
|_dev-mqueue. mount
|_keyboard-setup.service
|_kmod-static- nodes.service
|_lvm2-lvmpolld. socket
|_lvm2-monitor. service
|_proc-sys-fs- binfmt_ misc.automount
|_sys-fs-fuse- connections. mount
|_sys-kernel- config. mount
|_sys-kernel- debug.mount
|_sys-kernel- tracing. mount
|_systemd-ask-password- console. path
|_systemd-binfmt. service
|_systemd-boot-system- token.service
|_systemd-hwdb-update. service
|_systemd-journal- flush.service
|_systemd-journald. service
|_systemd-machine- id-commit. service
|_systemd-modules- load.service
|_systemd-pstore. service
|_systemd-random- seed.service
|_systemd-sysctl. service
|_systemd-sysusers. service
|_systemd-timesyncd. service
|_systemd-tmpfiles- setup-dev. service
|_systemd-tmpfiles- setup.service
|_systemd-udev-trigger. service
|_systemd-udevd.service
|_systemd-update- utmp.service
|_cryptsetup.target
|_systemd- cryptsetup@ vda5_crypt. service
|_local-fs.target
|_-.mount
|_boot.mount
|_systemd- fsck-root. service
|_systemd- remount- fs.service
|_swap.target
|_dev-mapper- debian\ x2d\x2dbuster\ x2d\x2damd64\ x2d\x2dvg\ x2dswap_ 1.swap While ufw is meant to come up before networking, there is no reason why
it shouldn't come up after 'basic system initialization is
completed'[1]. This should help make ufw startup more robust on systems
that need something from sysinit.[1]https:/
/www.freedeskto p.org/software/ systemd/ man/systemd. unit.html - 1133. By Jamie Strandboge
-
systemd.example: add Conflicts on various firewall software
Problems with ufw start most often have to do with other firewall
software getting in the way. Take a page from firewalld's systemd unit
and add a Conflicts on iptables, ip6tables, nftables and firewalld
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ufw
