nixos/systemd: remove nss-{user,}-lookup.target from multi-user.target

There is no real harm having them there; but it means these units really only become active if there is a service providing the underlying functionality. nss-lookup.target should not be pulled in unconditionally. It should be pulled in by providers of DNS lookups. E.g. systemd-resolved.service has a Wants=nss-lookup.target, Before=nss-lookup.target. So once systemd-resolved.service has finished starting up; other units that rely on DNS can be started; but if systemd-resolved is not enabled; those units can start up immediately. Same story goes for nss-user-lookup.target and daemons like sssd. From https://systemd.io/UIDS-GIDS/: Note that nss-user-lookup.target is a passive unit: in order to minimize synchronization points on systems that don’t need it the unit is pulled into the initial transaction only if there’s at least one service that really needs it, and that means only if there’s a service providing the local user database somehow through IPC or suchlike.
2021-04-28 19:50:08 +02:00 · 2021-04-28 19:50:08 +02:00 · 3efbd53c1b
commit 3efbd53c1b
parent b4d7911263
1 changed files with 1 additions and 3 deletions
--- a/nixos/modules/system/boot/systemd-lib.nix
+++ b/nixos/modules/system/boot/systemd-lib.nix
@ -228,9 +228,7 @@ in rec {
        mkdir -p $out/getty.target.wants/
        ln -s ../autovt@tty1.service $out/getty.target.wants/

-        ln -s ../remote-fs.target \
-        ../nss-lookup.target ../nss-user-lookup.target \
-        $out/multi-user.target.wants/
+        ln -s ../remote-fs.target $out/multi-user.target.wants/
      ''}
    ''; # */