Viewing posts for the category Omarine User's Manual
This article is for those who want to learn the systemd units. The units need to work together and be started at the right time to ensure operational efficiency.
Firewalls are used to control incoming and outgoing packets, block unwanted packets from the outside and allow only certain applications to make new connections from the inside.
Thus the firewall must be running before any network is set up. The target identifying this point is network-pre.target, so we will start the firewall before network-pre.target.
network-pre.target is a passive unit, it only runs when another unit pulls it in. Here is the firewall service firewall.service
With Requires=network-pre.target, the target network-pre.target will be run
The firewall service is installed to be pulled in by the target network.target, a special unit that is started during boot which indicates network functionality is available
firewall.service is the common firewall service that is enabled by default. If you want to run a firewall on a specific network interface, for example wlp3s0, run the following commands as the root user
GPT is a type of partition table for large drives that exceed the 2 TiB size limit of MBR.
Disk partitioning and filesystem creation for GPT drives using disk tools are no different from MBR. However, to install GRUB on it we need to create a BIOS Boot Partition partition specifically for GRUB.
Here are the practical steps on the /dev/sdb drive
1) Create GPT partition table
Before creating the partition table, you should use wipefs to wipe the signatures to avoid warning. All commands here are run as the root user
The user's home directory frequently changes with newly created files or directories. These files must have the correct security context in accordance with the security policy. The restorecond user service is responsible for watching file creation and setting the file security context to the default by policy
Many people often think that to have a clean hard drive just repartition the disk and recreate the filesystems. The reality is not so.
For MBR disk partition table, disk partitioning tools like fdisk, cfdisk, parted, and filesystem creation tools like mkfs.ext4 only manipulate the first sector of the disk (sector 0) and sectors beginning from the first partition. We use a USB memory stick to illustrate, the device name is /dev/sdb
Because the xscreensaver service needs to run in a graphical session, it should only be started when the graphical procedures and environment are ready. In the scope of systemd's understanding, the target graphical-session-pre.target makes such sense. We will therefore arrange for the xscreensaver service to start after (After=) this target.
In addition, the xscreensaver service needs to be installed as part (PartOf=) of graphical-session.target. The graphical-session.target target will manage the xscreensaver service and will stop the xscreensaver service when the session is terminated.
Contact: tuyen@omarine.org
