Commit Graph

1375 Commits

Author SHA1 Message Date
William Hubbs
fd70988587 remove separate pam directory 2021-12-29 19:04:06 -06:00
LinkTed
6e214b2616 capabilities: Add support for Linux capabilities(7)
This adds capabilities for start-stop-daemon by adding --capabilities
option. As a result, the user can specify the inheritable, ambient and
bounding set by define capabilities in the service script.

This fixes #314.
2021-12-23 17:29:10 -05:00
Matt Whitlock
fd1e4a384a add option for OOM score adjustment
This commit adds a new --oom-score-adj option to start-stop-daemon and
supervise-daemon, as well as an equivalent SSD_OOM_SCORE_ADJ environment
variable. If either of these are specified (with the command-line
option taking precedence), then the specified adjustment value is
written to /proc/self/oom_score_adj after forking but prior to exec'ing
the daemon (at the time when nice and ionice are applied).

Additionally, per a suggestion by Mike Frysinger, the suggested values
for the SSD_NICELEVEL, SSD_IONICELEVEL, and SSD_OOM_SCORE_ADJ variables
in the example config file are now given as zeros, which are the
kernel's default values of these process knobs for the init process at
boot. Note that uncommenting any of these zero-valued suggestions will
cause SSD/SD to set the corresponding process knob affirmatively to
zero, whereas leaving the variable unset (and the equivalent command-
line option unspecified) means SSD/SD will not change the corresponding
process knob from its inherited value.

See: https://github.com/OpenRC/openrc/pull/435#discussion_r688310672
This fixes #435.
2021-12-22 10:01:14 -06:00
Matt Whitlock
dd5a6fa60f start-stop-daemon: fix typo in error message 2021-12-21 10:26:29 -06:00
Mike Frysinger
8b247dd5d8 broadcast: fix compiler warnings
Newer gcc reports:
broadcast.c: In function 'broadcast':
broadcast.c:132:15: warning: variable 'tp' might be clobbered by 'longjmp' or 'vfork' [-Wclobbered]
  132 |         FILE *tp;

Move the storage off the stack to avoid.  This makes the function
not safe for multithread use, but we don't do that anywhere, so
who cares!
2021-12-21 01:48:31 -05:00
Matt Whitlock
8ffc4162e2 code style: remove space after unary "not" operator
There are no semantic changes in this commit.

Suggested-by: Mike Frysinger <vapier@gentoo.org>
See: https://github.com/OpenRC/openrc/pull/435#pullrequestreview-727035394
2021-12-21 01:48:04 -05:00
Mike Frysinger
301161a7a4 use HEAD in git URIs to point to the default branch
This makes the URIs shorter and dynamic: whatever the default branch
the repo uses will be used.
2021-12-20 20:07:00 -05:00
Mike Frysinger
04d8234844 drop unused copyright variables
The existing copyright notices in the file headers cover these vars.
2021-12-20 20:04:59 -05:00
Mike Frysinger
d017d5af9c change getopt definition to elide pointer storage
Make this a const pointer to the storage directly instead of a pointer
variable that points to the storage.  Makes the code slightly smaller.
2021-12-20 20:03:35 -05:00
Doug Freed
a182f6e5f1 rc-status: fix uptime types and simplify
This fixes #484.
This fixes #483.
2021-12-12 18:29:28 -06:00
Sam James
b94517376e src/rc/rc-selinux.c: fix use of deprecated security_context_t
It's only a char* and has been deprecated upstream [0].

[0] https://github.com/SELinuxProject/selinux/commit/7a124ca27581

Fixes: #478
2021-11-27 13:13:52 -06:00
Sam James
f3f0fde861 meson: link against libcrypt for SELinux if no PAM
We use libcrypt's crypt() if we're _not_ using PAM
in the SELinux code (rc-selinux, specifically).

X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/openrc/openrc/pull/477
2021-11-20 17:33:14 -06:00
Sam James
015c83761d src/librc/librc-daemon.c: add missing include for kill (fix uclibc)
Fixes: #471
Fixes: #473
2021-11-12 22:59:03 -06:00
Sam James
0091a628c5 src/librc/librc-misc.c: add missing include for fileno (fix uclibc)
Fixes: #471
Fixes: #473
2021-11-12 22:58:22 -06:00
Eric Turgeon
bfb00e6a14 Added missing comma in openrc/src/rc
Clang was failing with:
```
/zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:70:2: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
        "when leaving single user or boot runlevels",
        ^
/zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:69:2: note: place parentheses around the string literal to silence warning
        "override the next runlevel to change into\n"
        ^
```

This fixes #469.
2021-11-12 22:55:40 -06:00
William Hubbs
d21fabca02 openrc-init: fix build for selinux
X-Gentoo-Bug: 821520
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821520
2021-11-12 22:03:43 -06:00
William Hubbs
785726d67d selinux build fix 2021-10-08 19:51:05 -05:00
Sam James
bb8334104b checkpath: fix allocation size of path buffer
strlen's return value isn't enough to be used
directly for (x)malloc; it doesn't include
the null byte at the end of the string.

X-Gentoo-Bug: 816900
X-Gentoo-Bug-URL: https://bugs.gentoo.org/816900
Fixes: #459
Fixes: #462
2021-10-07 23:00:49 -05:00
William Hubbs
6b9a5b8271 fix build for selinux 2021-10-04 13:13:35 -05:00
William Hubbs
bfa634493d build: fix pam and pam_misc dependencies
Pam generates pkgconfig files now, so meson can use them to find the pam
dependencies.
2021-10-02 16:10:45 -05:00
William Hubbs
a4d4d390be move rc_bindir and rc_sbindir definitions to the top level 2021-09-21 12:34:22 -05:00
William Hubbs
2ee9d92599 link runscript with audit 2021-09-18 17:02:32 -05:00
William Hubbs
b877ef24c4 link openrc-run with audit and libpam_misc 2021-09-18 16:25:15 -05:00
Jakub Jirutka
d65e603acd Fix undeclared UT_LINESIZE
Fix the following error:

	broadcast.c:41:21: error: '__UT_LINESIZE' undeclared (first use in this function); did you mean 'UT_LINESIZE'?
	 #define UT_LINESIZE __UT_LINESIZE
                          ^~~~~~~~~~

Constant UT_LINESIZE is defined in <utmp.h> provided by musl.
2021-09-09 22:30:59 -05:00
Ariadne Conill
25d5de8fd9 fix build under musl 1.2 on 32 bit systems
Since musl 1.2 time_t is a 64 bit value, even on 32 bit systems. A
hotfix for printing the value is simply using PRIu64 from inttypes.h
in the format string.

This fixes #446.
2021-09-09 12:36:25 -05:00
William Hubbs
8807e954c4 meson: typo fix 2021-09-08 14:47:20 -05:00
William Hubbs
444e44eb9d build: change root_prefix to rootprefix 2021-09-06 14:30:30 -05:00
William Hubbs
d6622a1156 add meson build files
Closes #116.
Closes #171.
Closes #172.
Closes #175.
2021-09-04 16:01:29 -05:00
Matt Whitlock
5f6d7ac028 supervise-daemon: implement SSD_IONICELEVEL
supervise-daemon was apparently overlooked when support for the
SSD_IONICELEVEL environment variable was added. This commit brings
supervise-daemon up to parity with start-stop-daemon with respect to
this environment variable.
2021-08-17 00:57:47 -04:00
kyoreln
18e53f7fed move supervise-daemon out of experimental status
supervise-daemon is no longer experimental so remove the statements to
that affect.

This fixes #434.
2021-08-13 12:46:52 -05:00
William Hubbs
b5e4c2c2db Revert "openrc-init: ignore an empty string in argv[1]"
This reverts commit dec9ef200b.
This check is no longer needed since rc_runlevel_exists() is fixed.

    X-Gentoo-Bug: 803536
    X-Gentoo-Bug-URL: https://bugs.gentoo.org/803536
    Closes: https://github.com/OpenRC/openrc/pull/431
2021-08-13 10:46:57 -05:00
William Hubbs
0a97bad6c9 librc: fix rc_runlevel_exists return for empty string
This function should return false if the runlevel is an empty string.

    X-Gentoo-Bug: 803536
    X-Gentoo-Bug-URL: https://bugs.gentoo.org/803536
    Closes: https://github.com/OpenRC/openrc/pull/431
2021-08-13 10:28:44 -05:00
Mike Gilbert
dec9ef200b openrc-init: ignore an empty string in argv[1]
X-Gentoo-Bug: 803536
X-Gentoo-Bug-URL: https://bugs.gentoo.org/803536
Closes: https://github.com/OpenRC/openrc/pull/431
2021-08-12 15:04:38 -05:00
William Hubbs
791322d7fa checkpath: fix code to walk the directory path
X-Gentoo-Bug: 782808
X-Gentoo-Bug-URL: https://bugs.gentoo.org/782808
2021-04-15 17:40:00 -05:00
William Hubbs
63db2d99e7 checkpath: remove extra slashes from paths
This fixes #418.
2021-04-13 17:13:25 -05:00
William Hubbs
8400e7d302 style fix 2021-04-13 16:29:21 -05:00
William Hubbs
ef76a663bc stop namespaced services with specified pids
The previous fix excludes PIDs of processes running in a different namespace
regardless of whether the PID has been explicitly stored in a PID file mentioned
in the --pidfile parameter.  The correct behavior is to only exclude the pid if
it is not stored in a pidfile.

X-Gentoo-Bug: 776010
X-Gentoo-Bug-URL: https://bugs.gentoo.org/776010
2021-03-22 11:34:41 -05:00
Disconnect3d
0ddab761be start-stop-daemon: Fix off by ones when checking for RC_* envvars
The same as https://github.com/OpenRC/openrc/pull/361

This fixes #362.
2021-02-22 16:09:32 -06:00
Disconnect3d
f5dd2f5baf supervise-daemon: Fix off by ones when checking for RC_* envvars
Fixes strncmp size argument off by one as the current implementation didn't
match the `=` character.

This fixes #361.
2021-02-22 15:34:45 -06:00
Rin Cat
b12c52d40f Support docker and lxc stop
This fixes #398.
2021-02-22 11:56:21 -06:00
Manuel Rüger
4b2a61f1b8 rc-status: Remove noise from ini-formatted output
Otherwise this would create the following output:

rc-status -f ini
 * Caching service dependencies ...        [ ok ]
[default]
dbus =  started
NetworkManager =  started
syslog-ng =  started
...

This fixes #364.
2020-12-20 16:01:02 -06:00
William Hubbs
da30767353 supervise-daemon: do not spawn a process if we are exiting
This fixes #375 and allows us to not add another level of indentation in
the supervisor loop.
2020-11-29 21:22:43 -06:00
Michael Orlitzky
00ea216608 src/rc/checkpath.c: replace mkdir() with mkdirat().
The do_check() function recently gained some defenses against symlink
replacement attacks that involve the use of *at functions in place of
their vanilla counterparts; openat() instead of open(), for example.
One opportunity to replace mkdir() with mkdirat() was missed, however,
and this commit replaces it.

This fixes #386.
2020-11-27 17:29:26 -06:00
Michael Orlitzky
ac7ca6d901 src/rc/checkpath.c: fix typo "synbolic" -> "symbolic". 2020-11-27 17:25:30 -06:00
Johannes Heimansberg
47819f004c start-stop-daemon, supervise-daemon: fix parsing of usernames passed via --user that start with a number
start-stop-daemon and supervise-daemon parse usernames and group names
passed via the --user argument as numeric UID/GID if they start with a
number (e.g. user "4foo" will be treated as UID 4). This results in the
process that is being started to run under a totally unexpected user if
that UID exists.

Even though the result of the sscanf calls are tested for a result of
exactly 1, which means exactly one value was extracted, because sscanf's
format string only contains only one placeholder, it will never return
a value greater than 1, even if there are still characters left to be
parsed. This causes start-stop-daemon and supervise-daemon to assume
that usernames starting with a number are just that number. Adding a
second placeholder "%1s" to the format string, which matches a string of
length 1, makes sure that sscanf can distinguish between pure numbers
(in which case it will return 1) and strings either starting with a
number (in which case it will return 2) and any other string (in which
case it will return 0).

This fixes #379.
This fixes #380.
2020-11-27 16:40:12 -06:00
Lars Wendler
aa0fdf6d08 start-stop-daemon: Don't segfault if --exec was given a non-existing file name
Starting program: /sbin/start-stop-daemon --start --exec i-dont-exist

  Program received signal SIGSEGV, Segmentation fault.
  0x0000555555559053 in main (argc=1, argv=0x7fffffffdc20)
      at start-stop-daemon.c:631
  631                         *exec_file ? exec_file : exec);

This fixes #385.
2020-11-20 09:22:18 -06:00
William Hubbs
b6fef599bf checkpath: fix CVE-2018-21269
This walks the directory path to the file we are going to manipulate to make
sure that when we create the file and change the ownership and permissions
we are working on the same file.
Also, all non-terminal symbolic links must be owned by root. This will
keep a non-root user from making a symbolic link as described in the
bug. If root creates the symbolic link, it is assumed to be trusted.

On non-linux platforms, we no longer follow non-terminal symbolic links
by default. If you need to do that, add the -s option on the checkpath
command line, but keep in mind that this is not secure.

This fixes #201.
2020-11-20 09:15:59 -06:00
William Hubbs
2355f1a3f2 supervise-daemon: only log debug logs when verbose mode is active 2020-09-25 16:33:32 -05:00
Sergei Trofimovich
375ef42393 src/rc/rc-logger.h: fix build failure against gcc-10
On gcc-10 (and gcc-9 -fno-common) build fails as:

```
cc  -L../librc -L../libeinfo -O2 -g -std=c99 -Wall -Wextra -Wimplicit -Wshadow \
  -Wformat=2 -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn \
  -Wmissing-format-attribute -Wnested-externs -Winline -Wwrite-strings \
  -Wcast-align -Wcast-qual -Wpointer-arith -Wdeclaration-after-statement \
  -Wsequence-point -Werror=implicit-function-declaration    \
  -Wl,-rpath=/lib   -o openrc rc.o rc-logger.o rc-misc.o rc-plugin.o _usage.o -lutil -lrc -leinfo -Wl,-Bdynamic -ldl
ld: rc-logger.o:/home/slyfox/dev/git/openrc/src/rc/rc-logger.h:16:
  multiple definition of `rc_logger_pid'; rc.o:openrc/src/rc/rc-logger.h:16: first defined here
ld: rc-logger.o:/home/slyfox/dev/git/openrc/src/rc/rc-logger.h:17:
  multiple definition of `rc_logger_tty'; rc.o:openrc/src/rc/rc-logger.h:17: first defined here
```

gcc-10 will change the default from -fcommon to fno-common:
https://gcc.gnu.org/PR85678.

The error also happens if CFLAGS=-fno-common passed explicitly.

This fixes #348.
2020-01-19 16:52:21 -06:00
Wolf
6deda13754 supervise-daemon: Fix segfault when executable does not exist
When executable is provided just by name (and therefore searched in a
path), exec_file is reset to NULL every time. exists() handles it being
NULL just fine, but dereferencing it in eerror does not work.

Fixes #326
Fixes #327
2020-01-11 13:36:33 -06:00