Quoting 'man systemd.special':
nss-user-lookup.target
A target that should be used as synchronization point for all
regular UNIX user/group name service lookups. [...] All services
for which the availability of the full user/group database is
essential should be ordered after this target, but not pull it
in. All services which provide parts of the user/group database
should be ordered before this target, and pull it in.
When no service providing parts of the user/group database exists and
thus pulls in the nss-user-lookup.target, this added dependency is a
no-op.
However, when such a service does exist, and e.g. modifies /etc/shadow
to change password or enable/disable certain accounts, it is essential
that no ssh connections are accepted until those changes are made.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Description=OpenSSH server daemon
Wants=sshdgenkeys.service
After=sshdgenkeys.service
+After=nss-user-lookup.target
[Service]
Environment="SSHD_OPTS="
[Unit]
Conflicts=sshd.service
Wants=sshdgenkeys.service
+After=nss-user-lookup.target
[Socket]
ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
