I have a oneshot service (run from a timer) that updates the TLS certificates in my mod_nss database. Because NSS doesn't support concurrent access to the database, I need to temporarily shut down Apache while the certificate update service is running.
Currently, I'm using the following entries in my .service file to accomplish this: [Unit] Description=Update TLS certificates in mod_nss database # Restart Apache, even if this service fails for some reason OnFailure=httpd.service [Service] Type=oneshot # Shut down Apache to avoid concurrent access to the mod_nss database ExecStartPre=/usr/bin/systemctl stop httpd.service ExecStart=/usr/local/bin/update-nss-certs ExecStartPost=/usr/bin/systemctl start httpd.service Is this the best way to do this? (I can't escape the feeling that there ought to be a more idiomatic way of accomplishing this.) -- ======================================================================== Ian Pilcher arequip...@gmail.com -------- "I grew up before Mark Zuckerberg invented friendship" -------- ======================================================================== _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel