9 Říj
2017
9 Říj
'17
17:08
On Sun 2017-10-08 05:33:47 -0400, Thomas Van Nuit wrote:
I think FreeBind=true is a marginally safer choice than
After=network-online.target, but only because it closes a small race
window -- that is, if you bind to the address before the network comes
up (or indeed, as soon as anything is bound on the system, while PID 1
is still in the process of setting up all of its sockets) then no other
process will be able to grab the ports in question.
if instead you wait until the network-online.target is ready, then any
process that is run *before* that point with the CAP_NET_BIND_SERVICE
can potentially collide with the port you'd rather have kresd use.
--dkg
FreeBind=true
This one helped, thanks!
I've rebooted a few times and so far kresd started in 100% cases.
Should I also try 'After=network-online.target' instead of FreeBind?
And if it helps, which of those two is a more proper way to handling
this issue?