Commit Graph

3424 Commits

Author SHA1 Message Date
LinkTed
6e214b2616 capabilities: Add support for Linux capabilities(7)
This adds capabilities for start-stop-daemon by adding --capabilities
option. As a result, the user can specify the inheritable, ambient and
bounding set by define capabilities in the service script.

This fixes #314.
2021-12-23 17:29:10 -05:00
Matt Whitlock
fd1e4a384a add option for OOM score adjustment
This commit adds a new --oom-score-adj option to start-stop-daemon and
supervise-daemon, as well as an equivalent SSD_OOM_SCORE_ADJ environment
variable. If either of these are specified (with the command-line
option taking precedence), then the specified adjustment value is
written to /proc/self/oom_score_adj after forking but prior to exec'ing
the daemon (at the time when nice and ionice are applied).

Additionally, per a suggestion by Mike Frysinger, the suggested values
for the SSD_NICELEVEL, SSD_IONICELEVEL, and SSD_OOM_SCORE_ADJ variables
in the example config file are now given as zeros, which are the
kernel's default values of these process knobs for the init process at
boot. Note that uncommenting any of these zero-valued suggestions will
cause SSD/SD to set the corresponding process knob affirmatively to
zero, whereas leaving the variable unset (and the equivalent command-
line option unspecified) means SSD/SD will not change the corresponding
process knob from its inherited value.

See: https://github.com/OpenRC/openrc/pull/435#discussion_r688310672
This fixes #435.
2021-12-22 10:01:14 -06:00
Matt Whitlock
dd5a6fa60f start-stop-daemon: fix typo in error message 2021-12-21 10:26:29 -06:00
Mike Frysinger
8b247dd5d8 broadcast: fix compiler warnings
Newer gcc reports:
broadcast.c: In function 'broadcast':
broadcast.c:132:15: warning: variable 'tp' might be clobbered by 'longjmp' or 'vfork' [-Wclobbered]
  132 |         FILE *tp;

Move the storage off the stack to avoid.  This makes the function
not safe for multithread use, but we don't do that anywhere, so
who cares!
2021-12-21 01:48:31 -05:00
Matt Whitlock
8ffc4162e2 code style: remove space after unary "not" operator
There are no semantic changes in this commit.

Suggested-by: Mike Frysinger <vapier@gentoo.org>
See: https://github.com/OpenRC/openrc/pull/435#pullrequestreview-727035394
2021-12-21 01:48:04 -05:00
Aaditya Bagga
703bdbf88e supervise runsvdir daemon
This fixes #254.
2021-12-20 22:32:36 -06:00
Mike Frysinger
301161a7a4 use HEAD in git URIs to point to the default branch
This makes the URIs shorter and dynamic: whatever the default branch
the repo uses will be used.
2021-12-20 20:07:00 -05:00
Mike Frysinger
04d8234844 drop unused copyright variables
The existing copyright notices in the file headers cover these vars.
2021-12-20 20:04:59 -05:00
Mike Frysinger
d017d5af9c change getopt definition to elide pointer storage
Make this a const pointer to the storage directly instead of a pointer
variable that points to the storage.  Makes the code slightly smaller.
2021-12-20 20:03:35 -05:00
William Hubbs
32aeb7407b remove extra file 2021-12-12 19:19:20 -06:00
iucoen
e21b01b97e net-online: add missing sleep 1 in ping loop
Currently the ping loop instantly times out because timeout is decremented by 1 without actually going to sleep.

This fixes #480.
2021-12-12 19:17:16 -06:00
Doug Freed
a182f6e5f1 rc-status: fix uptime types and simplify
This fixes #484.
This fixes #483.
2021-12-12 18:29:28 -06:00
William Hubbs
0eb11e7db6 killprocs: add kill_delay setting
This allows containers using OpenRC based services to be configured to
allow open tcp connections to be closed before they are shut down.

This fixes #476.
2021-12-07 13:40:15 -06:00
William Hubbs
331d6f14fd support/init.d.examples: Do not use @PKG_PREFIX@ in service examples
I can't think of a reason to do this since these scripts are just
examples.

This is for #474.
2021-11-28 23:55:42 -06:00
William Hubbs
cc0037e9ca build: set rootprefix_default to /usr if on a /usr merged system
This requires at leaste meson 0.53.0 since it uses the fs module.

This is for #474.
2021-11-28 12:35:29 -06:00
Sam James
2ba16135cb meson: fallback to libcrypt detection outside of pkg-config
Much like PAM, not all implementations of libcrypt provide a pkg-config
file, and hence we can't find it using the old logic.

Let's fall back to the standard AC_SEARCH_LIBS-style check if the pkg-config-style
detection fails.

This fixes finding e.g. musl's libcrypt.

X-Gentoo-Bug: 827074
X-Gentoo-Bug-URL: https://bugs.gentoo.org/827074
2021-11-27 13:14:10 -06:00
Sam James
b94517376e src/rc/rc-selinux.c: fix use of deprecated security_context_t
It's only a char* and has been deprecated upstream [0].

[0] https://github.com/SELinuxProject/selinux/commit/7a124ca27581

Fixes: #478
2021-11-27 13:13:52 -06:00
Sam James
b868fc2c8d meson: only find libcrypt if SELinux and no PAM
We only need libcrypt if we're building _with_ SELinux and
_without_ PAM. We don't use libcrypt for general SELinux
with PAM.

This is mostly a correctness change as libcrypt should
generally be available (as opposed to the previous
change which fixed some real-world cases).

Fixes: f3f0fde861
Fixes: #478
2021-11-27 13:13:35 -06:00
Sam James
f3f0fde861 meson: link against libcrypt for SELinux if no PAM
We use libcrypt's crypt() if we're _not_ using PAM
in the SELinux code (rc-selinux, specifically).

X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/openrc/openrc/pull/477
2021-11-20 17:33:14 -06:00
Sam James
bd5cdaafad meson: fix pam_misc_dep definition
X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/OpenRC/openrc/issues/470
Fixes: https://github.com/OpenRC/openrc/pull/477
2021-11-20 17:31:17 -06:00
Sam James
015c83761d src/librc/librc-daemon.c: add missing include for kill (fix uclibc)
Fixes: #471
Fixes: #473
2021-11-12 22:59:03 -06:00
Sam James
0091a628c5 src/librc/librc-misc.c: add missing include for fileno (fix uclibc)
Fixes: #471
Fixes: #473
2021-11-12 22:58:22 -06:00
Eric Turgeon
bfb00e6a14 Added missing comma in openrc/src/rc
Clang was failing with:
```
/zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:70:2: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
        "when leaving single user or boot runlevels",
        ^
/zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:69:2: note: place parentheses around the string literal to silence warning
        "override the next runlevel to change into\n"
        ^
```

This fixes #469.
2021-11-12 22:55:40 -06:00
William Hubbs
d21fabca02 openrc-init: fix build for selinux
X-Gentoo-Bug: 821520
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821520
2021-11-12 22:03:43 -06:00
William Hubbs
9d4f11f726 build: pam fix
Set the HAVE_PAM option if the dependency is found *and* pam is
requested.

X-Gentoo-Bug: 821211
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821211
2021-11-06 19:37:37 -05:00
William Hubbs
3908687559 fix permission of installed version file 2021-10-15 23:17:26 -05:00
Aidan Harris
eaa42da9a6 Use cgroup.kill in cgroup_cleanup when possible
The old code is moved to a cgroup_fallback_cleanup function and only
 called if cgroup2_kill fails.

 This fixes #454.
2021-10-15 22:10:37 -05:00
Kerin Millar
cd4bbdcd62 init.d/s6-svscan.in: make sure $command exists
While the s6-svscan runscript belongs to OpenRC, the user is required to
install s6 before it can actually be used, potentially leading to
confusion. Check for the existence of $command in start_pre and, if it does not
exist, bail out with an error that makes this observation.

X-Gentoo-Bug: 816978
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=816978
2021-10-14 23:03:32 -05:00
William Hubbs
2b55ac719a separate github actions based on OS
This fixes #466.
2021-10-09 14:14:41 -05:00
Sam James
c45e3361ee add github action to build on several linux platforms
This github action runs a build on each of the following platforms on a
push or pull request.

- Ubuntu LTS with gcc and glibc
- Ubuntu LTS with clang and glibc
- Alpine with gcc and musl

This fixes #463.
2021-10-08 23:15:14 -05:00
William Hubbs
785726d67d selinux build fix 2021-10-08 19:51:05 -05:00
William Hubbs
1033909f0e fix bug in pam build tests 2021-10-08 16:39:21 -05:00
Sam James
2085f31d9c .cirrus.yml: update FreeBSD images 2021-10-08 11:13:34 -05:00
William Hubbs
5a5ede3156 support older pam versions
Some distros are still using versions of pam which do not create
*.pc files, so we need fallback logic for that situation.
2021-10-08 10:46:42 -05:00
Sam James
bb8334104b checkpath: fix allocation size of path buffer
strlen's return value isn't enough to be used
directly for (x)malloc; it doesn't include
the null byte at the end of the string.

X-Gentoo-Bug: 816900
X-Gentoo-Bug-URL: https://bugs.gentoo.org/816900
Fixes: #459
Fixes: #462
2021-10-07 23:00:49 -05:00
William Hubbs
6b9a5b8271 fix build for selinux 2021-10-04 13:13:35 -05:00
William Hubbs
bfa634493d build: fix pam and pam_misc dependencies
Pam generates pkgconfig files now, so meson can use them to find the pam
dependencies.
2021-10-02 16:10:45 -05:00
William Hubbs
a4d4d390be move rc_bindir and rc_sbindir definitions to the top level 2021-09-21 12:34:22 -05:00
William Hubbs
d07572e1b7 build: fix rootprefix
This fixes #438.
2021-09-21 10:26:57 -05:00
William Hubbs
2ee9d92599 link runscript with audit 2021-09-18 17:02:32 -05:00
William Hubbs
b877ef24c4 link openrc-run with audit and libpam_misc 2021-09-18 16:25:15 -05:00
hosxy
c6a037e9dd fix agetty can be start directly
This fixes #320.
2021-09-15 17:01:19 -05:00
Natanael Copa
7faa48ae04 hide error when migrating /var/run to /run
The script tries to copy non-existing files. We simply hide the error

http://bugs.alpinelinux.org/issues/3160
This fixes #451.
2021-09-15 10:21:12 -05:00
Natanael Copa
93d600c0a4 force root to be rw before localmount
The original service that pulled in root remount was mtab which
is not part of OpenRC.

This fixes #449.
2021-09-14 11:28:41 -05:00
Aaditya Bagga
6e24d33517 [runit integration] give a bit of time to start the service
Currently, we run sv start immediately after linking the service.
The runsv process may not be up at the moment, as a result of which
openrc will mark the service as stopped, even though it may be brought up
by runit at the next scan.

This is documented in the gentoo wiki:
https://wiki.gentoo.org/wiki/Runit#OpenRC.27s_runit_integration_feature

This PR adds a timeout so that correct process state can be reported.

Before:
 * Starting netdata-runit ...
fail: /run/openrc/sv/netdata: runsv not running
 * Failed to start netdata-runit

After:
 * Starting netdata-runit ...
fail: /run/openrc/sv/netdata: runsv not running
ok: run: /run/openrc/sv/netdata: (pid 9042) 0s

This fixes #253.
2021-09-11 17:20:50 -05:00
Jakub Jirutka
d65e603acd Fix undeclared UT_LINESIZE
Fix the following error:

	broadcast.c:41:21: error: '__UT_LINESIZE' undeclared (first use in this function); did you mean 'UT_LINESIZE'?
	 #define UT_LINESIZE __UT_LINESIZE
                          ^~~~~~~~~~

Constant UT_LINESIZE is defined in <utmp.h> provided by musl.
2021-09-09 22:30:59 -05:00
Sören Tempel
d87f5b2f24 rc-mount: make timeout invocation compatible with busybox timeout
Busybox timeout does not support the `-k` flag. As such, invoking fuser
from do_unmount never worked without this patch. This went unnoticed as
standard error is redirected to /dev/null. This patch fixes this by
simply removing the incompatible `-k` flag.

[Ariadne: the `-k` is redundant anyway, since we are sending the KILL
 signal to begin with.]
2021-09-09 22:57:44 -04:00
Ariadne Conill
25d5de8fd9 fix build under musl 1.2 on 32 bit systems
Since musl 1.2 time_t is a 64 bit value, even on 32 bit systems. A
hotfix for printing the value is simply using PRIu64 from inttypes.h
in the format string.

This fixes #446.
2021-09-09 12:36:25 -05:00
Ariadne Conill
b5cf79f747 fix trailing whitespace in tools/meson_runlevels.sh 2021-09-09 02:14:59 -06:00
artoo
3f098817ef meson: fix symlinks with sysvinit 2021-09-09 00:03:04 +02:00