Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#58178 - [nftables] nftables.service causes race condition with

Attached to Project: Arch Linux
Opened by Alif (alive4ever) - Monday, 09 April 2018, 07:19 GMT
Last edited by Sébastien Luttringer (seblu) - Sunday, 21 October 2018, 00:12 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Sébastien Luttringer (seblu)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No


nftables.service lists as both 'Wants' and 'Before'
directive, as shown in the snippet below.

Description=Netfilter Tables

The listing of as both "Wants" and "Before" doesn't make
sense and sometimes causes a race condition with systemd-hostname.service.

If is required as nftables.service dependency (Wants),
nftables.service should only be started after has been
reached. To be clear, see the flowchart below

Boot => => nftables.service

If nftables.service is required to run before,
nftables.service has to run before With this scheme,
nftables.service doesn't rely on to be reached. See this flowchart.

Boot => nftables.service =>

I suggest removing '' from nftables.service to prevent
this race condition or replacing '' with ''.

Additional info:
nftables 1:0.8.3-1

Steps to reproduce:
* disable iptables.service
* enable nftables.service
* remove 'quiet' from default kernel cmdline so the systemd boot log is displayed
* poweroff the computer, wait for some hours before starting again.
* notice that sometimes (not always) there will be a systemd delay when starting nftables.service due to race condition with systemd-hostname.service
This task depends upon

Closed by  Sébastien Luttringer (seblu)
Sunday, 21 October 2018, 00:12 GMT
Reason for closing:  No response
Comment by Sébastien Luttringer (seblu) - Wednesday, 13 June 2018, 23:54 GMT
Which is the race condition between nftable and systemd-hostnamed? One is setuping a firewall before the network is setup, the other used to manipulate machine hostname information.

The is defined by systemd.special, as the following:
This passive target unit may be pulled in by services that want to run before any network is set up, for
example for the purpose of setting up a firewall. All network management software orders itself after
this target, but does not pull it in.