Commit Graph

3374 Commits

Author SHA1 Message Date
William Hubbs
08d518b7fe rc_cgroup.sh: do not add newline when writing group2 values
Fixes: #407
2021-03-15 16:59:43 -05:00
William Hubbs
de77674663 rc-cgroup.sh: avoid process substitution for cgroup_get_pids
This should make cgroup_cleanup work successfully since cgroup_get_pids
no longer uses a subshell.

This fixes #396.
This fixes #397.
2021-03-01 14:21:24 -06:00
William Hubbs
4fb4674374 fix unified cgroups v2 setup
The cgroups v2 setup required the rc_cgroups_controllers variable
to be set to the list of controllers to enable regardless of whether the
mode was hybrid or unified.

This makes sense for hybrid mode since the controllers can't be in both
the cgroups v1 and v2 hierarchies, but for unified mode we should enable
all controllers that are configured in the kernel.
2021-02-23 23:08:56 -06:00
Disconnect3d
0ddab761be start-stop-daemon: Fix off by ones when checking for RC_* envvars
The same as https://github.com/OpenRC/openrc/pull/361

This fixes #362.
2021-02-22 16:09:32 -06:00
Disconnect3d
f5dd2f5baf supervise-daemon: Fix off by ones when checking for RC_* envvars
Fixes strncmp size argument off by one as the current implementation didn't
match the `=` character.

This fixes #361.
2021-02-22 15:34:45 -06:00
Rin Cat
b12c52d40f Support docker and lxc stop
This fixes #398.
2021-02-22 11:56:21 -06:00
sqozz
bac71fce5b start-stop-daemon: fix typo in manpage 2021-02-02 10:04:57 -05:00
William Hubbs
12ee72a9b3 allow devfs to run on lxc
X-Gentoo-Bug: 761918
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=761918
Closes #272.
2021-01-28 12:32:09 -06:00
William Hubbs
170ce2624a typo fix 2021-01-05 17:11:01 -06:00
William Hubbs
9a6698876a improve the diagnostic when the ulimit builtin fails
X-Gentoo-Bug:739274
X-Gentoo-Bug-URL:https://bugs.gentoo.org/739274
2021-01-05 17:02:30 -06:00
Gaël PORTAY
bf9af1fb23 net-online: fix process of symlinks in sysfs
The test `[ -h "${ifname}" ] && continue` skips the symlinks while it is
the opposite that is the expected: ignoring files that are not symlinks.

Fixes commit f42ec82f21.
This fixes #391.
2020-12-22 12:49:48 -06:00
Patrick Noll
5c9c2a1939 remove statement about not providing an init
This fixes #359.
2020-12-22 12:10:15 -06:00
Manuel Rüger
4b2a61f1b8 rc-status: Remove noise from ini-formatted output
Otherwise this would create the following output:

rc-status -f ini
 * Caching service dependencies ...        [ ok ]
[default]
dbus =  started
NetworkManager =  started
syslog-ng =  started
...

This fixes #364.
2020-12-20 16:01:02 -06:00
William Hubbs
62bc463c63 update freebsd 11.x image on cirrus ci 2020-12-20 15:37:52 -06:00
Clayton Craft
7019bfad3b user-guide: clarify note for Runlevels/rc-update usage
I found the original note a little confusing, since using rc-update will
add it to a runlevel so it *is* auto-started when the system reaches
that runlevel again, but I don't think that was the intended meaning of
'auto-start', so hopefully this makes it a little more clear.
2020-12-20 13:54:33 +01:00
lishuxiang
8346c985d5 Update user-guide.md
fix a typo

This fixes #389.
2020-12-05 12:42:00 -06:00
William Hubbs
da30767353 supervise-daemon: do not spawn a process if we are exiting
This fixes #375 and allows us to not add another level of indentation in
the supervisor loop.
2020-11-29 21:22:43 -06:00
Dermot Bradley
57d9528a0b Remove warning when osclock init.d script runs
Currently when osclock is enabled as a init.d service the following
messages appear during boot when osclock starts:

  * The command variable is undefined.
  * There is nothing for osclock to start.
  * If this is what you intend, please write a start function.
  * This will become a failure in a future release.

osclock is activated whenever a machine's system clock is automatically
configured from a RTC by the kernel and the osclock's only purpose is to
satisfy the "clock" dependency defined by other init.d services.

Adding a stub start() function prevents OpenRC from showing warnings but
continues to ensure that the osclock service still does not actually do
anything.

This fixes #377.
2020-11-27 18:06:38 -06:00
Calvin Montgomery
6ce48f124a man/openrc.8: populate OPTIONS from --help output
This fixes #378.
2020-11-27 17:46:27 -06:00
Michael Orlitzky
00ea216608 src/rc/checkpath.c: replace mkdir() with mkdirat().
The do_check() function recently gained some defenses against symlink
replacement attacks that involve the use of *at functions in place of
their vanilla counterparts; openat() instead of open(), for example.
One opportunity to replace mkdir() with mkdirat() was missed, however,
and this commit replaces it.

This fixes #386.
2020-11-27 17:29:26 -06:00
Michael Orlitzky
ac7ca6d901 src/rc/checkpath.c: fix typo "synbolic" -> "symbolic". 2020-11-27 17:25:30 -06:00
Johannes Heimansberg
47819f004c start-stop-daemon, supervise-daemon: fix parsing of usernames passed via --user that start with a number
start-stop-daemon and supervise-daemon parse usernames and group names
passed via the --user argument as numeric UID/GID if they start with a
number (e.g. user "4foo" will be treated as UID 4). This results in the
process that is being started to run under a totally unexpected user if
that UID exists.

Even though the result of the sscanf calls are tested for a result of
exactly 1, which means exactly one value was extracted, because sscanf's
format string only contains only one placeholder, it will never return
a value greater than 1, even if there are still characters left to be
parsed. This causes start-stop-daemon and supervise-daemon to assume
that usernames starting with a number are just that number. Adding a
second placeholder "%1s" to the format string, which matches a string of
length 1, makes sure that sscanf can distinguish between pure numbers
(in which case it will return 1) and strings either starting with a
number (in which case it will return 2) and any other string (in which
case it will return 0).

This fixes #379.
This fixes #380.
2020-11-27 16:40:12 -06:00
William Hubbs
0fab3e837b bootmisc: allow sysvinit compatibility during shutdown
Use "halt -w" to write the halt record if it exists.
Otherwise use openrc-shutdown.

This fixes #336.
2020-11-27 15:18:57 -06:00
William Hubbs
38aaba28ee scripts/shutdown.in: fix sysvinit compatible shutdown
X-Gentoo-Bug: https://bugs.gentoo.org/755422
2020-11-20 14:57:04 -06:00
William Hubbs
3ed4126a31 update news for 0.43 with info on checkpath fix 2020-11-20 10:00:34 -06:00
Lars Wendler
aa0fdf6d08 start-stop-daemon: Don't segfault if --exec was given a non-existing file name
Starting program: /sbin/start-stop-daemon --start --exec i-dont-exist

  Program received signal SIGSEGV, Segmentation fault.
  0x0000555555559053 in main (argc=1, argv=0x7fffffffdc20)
      at start-stop-daemon.c:631
  631                         *exec_file ? exec_file : exec);

This fixes #385.
2020-11-20 09:22:18 -06:00
William Hubbs
b6fef599bf checkpath: fix CVE-2018-21269
This walks the directory path to the file we are going to manipulate to make
sure that when we create the file and change the ownership and permissions
we are working on the same file.
Also, all non-terminal symbolic links must be owned by root. This will
keep a non-root user from making a symbolic link as described in the
bug. If root creates the symbolic link, it is assumed to be trusted.

On non-linux platforms, we no longer follow non-terminal symbolic links
by default. If you need to do that, add the -s option on the checkpath
command line, but keep in mind that this is not secure.

This fixes #201.
2020-11-20 09:15:59 -06:00
Julien Surloppe
aac1734a70 Update user-guide.md
Add missing underscore.
2020-11-01 15:45:12 -05:00
William Hubbs
2355f1a3f2 supervise-daemon: only log debug logs when verbose mode is active 2020-09-25 16:33:32 -05:00
Manuel Rüger
fbec1eed51 .cirrus.yml: Update FreeBSD releases
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
2020-04-19 13:15:35 +02:00
Austin English
229692cc34 man/openrc-run.8: fix a typo 2020-02-05 12:37:46 -05:00
Sergei Trofimovich
375ef42393 src/rc/rc-logger.h: fix build failure against gcc-10
On gcc-10 (and gcc-9 -fno-common) build fails as:

```
cc  -L../librc -L../libeinfo -O2 -g -std=c99 -Wall -Wextra -Wimplicit -Wshadow \
  -Wformat=2 -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn \
  -Wmissing-format-attribute -Wnested-externs -Winline -Wwrite-strings \
  -Wcast-align -Wcast-qual -Wpointer-arith -Wdeclaration-after-statement \
  -Wsequence-point -Werror=implicit-function-declaration    \
  -Wl,-rpath=/lib   -o openrc rc.o rc-logger.o rc-misc.o rc-plugin.o _usage.o -lutil -lrc -leinfo -Wl,-Bdynamic -ldl
ld: rc-logger.o:/home/slyfox/dev/git/openrc/src/rc/rc-logger.h:16:
  multiple definition of `rc_logger_pid'; rc.o:openrc/src/rc/rc-logger.h:16: first defined here
ld: rc-logger.o:/home/slyfox/dev/git/openrc/src/rc/rc-logger.h:17:
  multiple definition of `rc_logger_tty'; rc.o:openrc/src/rc/rc-logger.h:17: first defined here
```

gcc-10 will change the default from -fcommon to fno-common:
https://gcc.gnu.org/PR85678.

The error also happens if CFLAGS=-fno-common passed explicitly.

This fixes #348.
2020-01-19 16:52:21 -06:00
Wolf
6deda13754 supervise-daemon: Fix segfault when executable does not exist
When executable is provided just by name (and therefore searched in a
path), exec_file is reset to NULL every time. exists() handles it being
NULL just fine, but dereferencing it in eerror does not work.

Fixes #326
Fixes #327
2020-01-11 13:36:33 -06:00
artoo
eb61085951 binfmt: ensure a file is ungegistered before registering
This fixes #328
2020-01-11 13:32:38 -06:00
Andrew Scheller
039845b742 Fix typo in README
This fixes #338
2020-01-11 12:16:19 -06:00
Ethan Sommer
a7e7fd2b37 make grep usage POSIX compliant
use grep -E instead of egrep
check for space or end of line instead of GNU-specific word boundary

This fixes #345
2020-01-11 12:09:10 -06:00
Jason Bowen
12e147a107 Delete stray text.
It looks like some stray text was left at the bottom of the file:
```
package.
migrating your system to openrc-init.
```
There's a subsection on migrating a system to `openrc-ini`; perhaps this was
an embryonic section title?

This fixes #347.
2020-01-11 11:15:56 -06:00
William Hubbs
fd852865e0 openrc-shutdown.c: typo fix 2019-12-05 12:11:08 -06:00
William Hubbs
35ec935741 ci/travis.sh: run shellcheck on shell scripts 2019-10-28 18:42:10 -05:00
Austin English
19cfd82dad .travis.yml: install shellcheck 2019-10-28 16:48:40 -05:00
E5ten
87cfad3d6c cgroup2_set_limits: verify that the cgroup2 path is a mount point
prior to cgroups getting mounted, /sys/fs/cgroup will still exist,
but attempts to make directories in it will fail, change cgroup2_set_limits() to
verify that cgroups are mounted instead of just checking that /sys/fs/cgroup
exists.

This fixes #307.
This fixes #321.
2019-09-03 16:38:03 -05:00
William Hubbs
8e31614c4b fix clang build 2019-08-20 16:06:46 -05:00
William Hubbs
a177d15641 version 0.42 2019-08-20 13:13:30 -05:00
William Hubbs
2b4c486043 Update ChangeLog 2019-08-20 13:09:50 -05:00
William Hubbs
ed24d28163 update sysvinit support files 2019-08-20 13:08:44 -05:00
William Hubbs
1bc96141e6 fix single user mode 2019-08-19 14:55:54 -05:00
William Hubbs
c7000aeaab optimize loops for installing gettys 2019-08-15 18:40:51 -05:00
William Hubbs
5c5129b534 Remove "single" runlevel directory
Single user mode should be handled in the init process directly.
2019-08-15 18:40:51 -05:00
William Hubbs
0dabda6f6f fix sysvinit compatibility
This allows openrc to direct sysvinit to shut down the system by setting
the INIT_HALT environment variable appropriately. Also, we do not try to
communicate with sysvinit if its fifo does not exist.
2019-08-15 12:02:30 -05:00
William Hubbs
92de9a693b Add documentation for openrc-init and update the NEWS file 2019-08-02 16:29:03 -05:00