iodine icon indicating copy to clipboard operation
iodine copied to clipboard

Published 20 hours ago verified publisher icon yarrick

Issue and fix for failed systemd startup at boot.

Open daxm opened this issue 2 years ago • 6 comments

I encountered an issue with the systemd service failing to start and then failing to restart too fast. It appears that systemd, by default, attempts 5 times to restart and then quits. After the following changes I was able to get iodined.service to start up. (A little digging showed that my server needed 7 failures... just over the 5 that systemd permits by default.)

Here is the Unit file I got to work:

[Unit]
Description=A daemon for tunneling traffic over DNS queries
After=local-fs.target network.target systemd-tmpfiles-setup.service
Documentation=man:iodined(8)

[Service]
EnvironmentFile=/etc/default/iodine
ExecStart=/usr/sbin/iodined -f -u iodine -t /var/run/iodine $IODINED_ARGS -P ${IODINED_PASSWORD}
StartLimitIntervalSec=120
StartLimitBurst=120
Restart=on-failure
Type=simple

[Install]
WantedBy=multi-user.target

The only real difference is the StartLimit* lines. I think the only one that matters is the StartLimitBurst one but I've left both in there since it works consistently.

If it matters, I'm in a VM of Ubuntu 20.04 Desktop (gnome) with no modifications (basically a bare bones Ubuntu desktop install).

daxm avatar Mar 14 '22 19:03 daxm

It sounds like it is trying to start too early. Can you make the service depend on some standardized network target instead?

yarrick avatar Mar 15 '22 14:03 yarrick

The unit file I show is the one "installed" with installing iodine. I just added the StartLimit* lines. Yes, I could modify it for myself but I'm offering this intel to help fix others issues. :-)

daxm avatar Mar 15 '22 16:03 daxm

Sorry, let me clarify. I am for updating the unit file, but would prefer another strategy. As I understand it systemd has some standard unit for network activation, and by saying iodined should start after that is done it would also work for your case? It seems more stable than prolonging the crash-restart loop (other environments might need longer timeouts than you).

yarrick avatar Mar 15 '22 22:03 yarrick

@yarrick seems that it is done already After=local-fs.target **network.target** systemd-tmpfiles-setup.service

dmitrmax avatar Jul 21 '22 17:07 dmitrmax

@daxm can you provide any logs with failing attempts?

dmitrmax avatar Jul 21 '22 17:07 dmitrmax

/lib/systemd/system/iodine.service

[Unit]
Description=iodine DNS queiries as internet tunnel
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/local/sbin/iodined -f -c 10.0.0.1 <domain>.com
[Install]
WantedBy=multi-user.target

Try this one.

equwal avatar Jun 03 '23 05:06 equwal