Changing the rcorder of startup services

mumu · May 22, 2025

Hi, How do change the order so BIND9 is started after Wireguard ?

cracauer@ · May 23, 2025

kill it and restart it in /etc/rc.local

Phishfry · May 23, 2025

Use the BEFORE and AFTER directives in their control file.

Phishfry · May 23, 2025

Change bind9 rc.d control file to: REQUIRE wireguard.
Check /usr/local/etc/rc.d/* for the proper capitalization on the script names.

Phishfry · May 23, 2025

Since Wireguard might take a long time to come up you might want to add a NETWAIT in there.

See the prototype file /etc/defaults/rc.conf for the details. Either interface based wait or IP based wait.

mumu · May 27, 2025

Thanks. In the end I ended up using /etc/rc.local.

T-Aoki · May 28, 2025

It would be nice if we have keyword AFTER for rc.d scripts that mostly like REQUIRE but works even if the specified service is/are not enabled or even non-existent. Would be wanted for services installed via ports/pkgs.

This way, we can specify all possible candidates in scripts, with the costs of slowing down (hopefully a bit) the startup.

Or adding all possible service which could want the service into BEFORE in it (here, wireguard). Could be better as it would be "jailed" in ports.

mumu · May 28, 2025

Problem with /usr/local/etc/rc.d is, if you accidently remove a port/pkg, it removes the rc.d script as well and your changes gone.

That's one reason why I opted to use /etc/rc.local and /etc/rc.shutdown to handle such services.

It's also safety measure in that sometimes due to a misconfigured service, when the system boots up, it hangs only to find out later it was because of a misconfiguration. Having it in /etc/rc.local would start the services after the system has booted up, which is a bit safe and you can catch and fix misconfigurations after that.

T-Aoki · May 28, 2025

mumu said:
Problem with /usr/local/etc/rc.d is, if you accidently remove a port/pkg, it removes the rc.d script as well and your changes gone.

Yes. This is because I don't like the behavior of REQUIRE keyword here.
It requires (just as the keyword states) stated scripts to be "surely" up and running, thus, the situation you mentioned matters.

My intention of now-nonexistent AFTER keyword is assumed that

if the stated scripts exist AND are enabled, run after all of them are up and running just like REQUIRE keyword,
if the any of scripts are NONEXISTENT OR NOT ENABLED, simply and completely ignore them.

Regarding to mis-configurations, there's "final weapon", single user mode.
But it surely mandates IPMI, KVM (not Kernel Virtual Machine, but remote Keyboard Video and Mouse adapter) or something alike for remote servers.

What even single user mode cannot help (requires emergency boot medium attached to help) is mis-configurations in /boot/loader.[conf|env]. And this is why I have basically 2 drives that one having latest stable branch and another having main branch to help each other. Of course, ZFS features enabled are always 100% match (upgrade only just the time I upgrade stable branch to next one, and I switch stable branch just the commit new stable branch is created, which means ZFS codes are not yet switched from which main has and enabled features 100% match).

dvl@ · May 28, 2025

mumu said:
Problem with /usr/local/etc/rc.d is, if you accidently remove a port/pkg, it removes the rc.d script as well and your changes gone.

That's one reason why I opted to use /etc/rc.local and /etc/rc.shutdown to handle such services.

It's also safety measure in that sometimes due to a misconfigured service, when the system boots up, it hangs only to find out later it was because of a misconfiguration. Having it in /etc/rc.local would start the services after the system has booted up, which is a bit safe and you can catch and fix misconfigurations after that.

Please share the specifics of your changes. I'm interested. I'm sure it would help others.

In the past, I seem to recall creating a custom rc.d script which would use BEFORE: BIND9 and AFTER: WIREGUARD, for example.

mumu · May 30, 2025

dvl@ said:
Please share the specifics of your changes. I'm interested. I'm sure it would help others.

In the past, I seem to recall creating a custom rc.d script which would use BEFORE: BIND9 and AFTER: WIREGUARD, for example.

It's actually the /etc/rc.local script and just put stuff in there in the order you want.

I have mine like so for example:

Code:

#!/bin/sh

sleep 2
sysrc -f /etc/rc.conf.local wireguard_enable="YES"
sysrc -f /etc/rc.conf.local named_enable="YES"

service wireguard start
sleep 1
service named start

exit 0

Then in /etc/rc.shutdown, at the bottom I just add these lines ..

Code:

sysrc -f /etc/rc.conf.local wireguard_enable="NO"
sysrc -f /etc/rc.conf.local named_enable="NO"

So they don't start up during boot..