In legacy cgroups mode, we were running `mountinfo -q ""` which was
generating an error message. If we return immediately when
cgroup2_find_path returns an empty value, we avoid this message.
The previous fix excludes PIDs of processes running in a different namespace
regardless of whether the PID has been explicitly stored in a PID file mentioned
in the --pidfile parameter. The correct behavior is to only exclude the pid if
it is not stored in a pidfile.
X-Gentoo-Bug: 776010
X-Gentoo-Bug-URL: https://bugs.gentoo.org/776010
The cgroups v2 setup required the rc_cgroups_controllers variable
to be set to the list of controllers to enable regardless of whether the
mode was hybrid or unified.
This makes sense for hybrid mode since the controllers can't be in both
the cgroups v1 and v2 hierarchies, but for unified mode we should enable
all controllers that are configured in the kernel.
The test `[ -h "${ifname}" ] && continue` skips the symlinks while it is
the opposite that is the expected: ignoring files that are not symlinks.
Fixes commit f42ec82f21.
This fixes#391.
Otherwise this would create the following output:
rc-status -f ini
* Caching service dependencies ... [ ok ]
[default]
dbus = started
NetworkManager = started
syslog-ng = started
...
This fixes#364.
I found the original note a little confusing, since using rc-update will
add it to a runlevel so it *is* auto-started when the system reaches
that runlevel again, but I don't think that was the intended meaning of
'auto-start', so hopefully this makes it a little more clear.
Currently when osclock is enabled as a init.d service the following
messages appear during boot when osclock starts:
* The command variable is undefined.
* There is nothing for osclock to start.
* If this is what you intend, please write a start function.
* This will become a failure in a future release.
osclock is activated whenever a machine's system clock is automatically
configured from a RTC by the kernel and the osclock's only purpose is to
satisfy the "clock" dependency defined by other init.d services.
Adding a stub start() function prevents OpenRC from showing warnings but
continues to ensure that the osclock service still does not actually do
anything.
This fixes#377.
The do_check() function recently gained some defenses against symlink
replacement attacks that involve the use of *at functions in place of
their vanilla counterparts; openat() instead of open(), for example.
One opportunity to replace mkdir() with mkdirat() was missed, however,
and this commit replaces it.
This fixes#386.
start-stop-daemon and supervise-daemon parse usernames and group names
passed via the --user argument as numeric UID/GID if they start with a
number (e.g. user "4foo" will be treated as UID 4). This results in the
process that is being started to run under a totally unexpected user if
that UID exists.
Even though the result of the sscanf calls are tested for a result of
exactly 1, which means exactly one value was extracted, because sscanf's
format string only contains only one placeholder, it will never return
a value greater than 1, even if there are still characters left to be
parsed. This causes start-stop-daemon and supervise-daemon to assume
that usernames starting with a number are just that number. Adding a
second placeholder "%1s" to the format string, which matches a string of
length 1, makes sure that sscanf can distinguish between pure numbers
(in which case it will return 1) and strings either starting with a
number (in which case it will return 2) and any other string (in which
case it will return 0).
This fixes#379.
This fixes#380.
Starting program: /sbin/start-stop-daemon --start --exec i-dont-exist
Program received signal SIGSEGV, Segmentation fault.
0x0000555555559053 in main (argc=1, argv=0x7fffffffdc20)
at start-stop-daemon.c:631
631 *exec_file ? exec_file : exec);
This fixes#385.
This walks the directory path to the file we are going to manipulate to make
sure that when we create the file and change the ownership and permissions
we are working on the same file.
Also, all non-terminal symbolic links must be owned by root. This will
keep a non-root user from making a symbolic link as described in the
bug. If root creates the symbolic link, it is assumed to be trusted.
On non-linux platforms, we no longer follow non-terminal symbolic links
by default. If you need to do that, add the -s option on the checkpath
command line, but keep in mind that this is not secure.
This fixes#201.
When executable is provided just by name (and therefore searched in a
path), exec_file is reset to NULL every time. exists() handles it being
NULL just fine, but dereferencing it in eerror does not work.
Fixes#326Fixes#327
