Age | Commit message (Collapse) | Author |
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
pam-syslog is a linux-pam extension and does not exist in openpam, so
revert to elog
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
since we now assure that XDG_RUNTIME_DIR is set in the pam environment,
we can handle the lock file in there instead, which makes way more sense
for me at least.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
since openrc-pam now sets XDG_RUNTIME_DIR in case it's unset, we can
expect it to exist.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
openrc-pam now sets XDG_RUNTIME_DIR in case it's unset.
after running openrc --user, it'll look at ${XDG_RUNTIME_DIR}/openrc/env
for exported variables by services, and only set those allowed by
RC_USER_ENV_WHITELIST and RC_USER_ENV_WHITELIST_D.
this is to protect pam from variables being set under user control that
could mess with other modules.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Using whatever is left by the root user causes some login shells
(such as Zsh on Artix Linux) to only load `/etc/profile{.d/*}`
and not the user-defined `~/.profile`. This is not ideal as we
rely on the user to tell us where some paths, such as
`$XDG_CONFIG_PATH` and `$XDG_CACHE_PATH`, are.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
this allows system administrators to define which runlevels to use,
could permit them for example, to include the module in another pam file
to customize when user scripts are auto-started, for example, allowing
users to define a 'remote' runlevel that would be executed in a ssh
login
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
temporary system for testing, it's gonna store any environment variables
defined in export_vars="", and subsequent services will load them.
ideally we only want to load the variables saved by services we depend
on, so that would change later.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
creates all the directories in a give path. only the last directory in
the path return -1 to EEXIST. any other error is always returned.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
this simplifies the allocation of path string. also fixes some memory
leaks from the ealier commit
also changes the log path for users to XDG_CACHE_HOME, default
~/.cache/openrc
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
the pam module sets a variable that when in user mode, openrc should
pick up and either create/increment, or decrement. this is done so that
multiple session_open and session_close from pam doesn't randomly change
the user runlevel for the current user. only the first session open
starts the default runlevel, and only the last session close switches to
the none runlevel.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
the module gets the pam user and executes a new login shell, in order to
load the user's environment. this requires that the user's login shell
supports `-c` as an option to run a command. all shells that i know of
do.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Also add ~/.local/share/openrc for data files (like logs)
This is done to help avoid name conflictions for anything else that
might create/user files in .config/
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
This change read a user version of rc.conf, to be located in
`~/.config/rc.conf`. The user version is loaded first, so it has
priority, thus overriding the system settings.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Using ${HOME} works when the user runs any librc program from the shell,
but trying to invoke them from pam or similar, the variable is not set.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Modifies many functions where filesystem paths were hardcoded. In
non-user-services mode, they still are. In user-services mode, they are
allocated, since XDG_ dirs are to be set via environment variables.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Since user services run as the user that is starting them, they won't be
able to make use of cgroups.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Conditionally add system provided configs for user services. The local
configs for the same services take priority.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
For dependency calculation for user services. When in user service mode,
non-user services are not considered.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
Those functions allocates and set up the environment for user services.
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
|
|
|
|
|
|
This improves resource management by assigning services to individual
cgroups.
X-Gentoo-Bug: https://bugs.gentoo.org/914972
|
|
When building on embedded SDKs such as Buildroot or Yocto, if OpenRC has a
previous installation, the package will fail the installation step as the
openrc-init is already a symlink to "${DESTDIR}/${sbindir}"/init. Force
symlinking to prevent errors when reinstalling the package.
|
|
With the addition of logger process redirect in supervise-daemon,
pipes.c and pipes.h are now included in both s-s-d and supervise-daemon.
Thus it makes sense to move the source files to the src/shared dir.
|
|
Allows redirecting process stdin and stdout to another process,
just like is already possible with start-stop-daemon.
Also added --stdout-logger and --stderr-logger to the man page.
|
|
|
|
|
|
Add fallback for the close_range syscall wrapper. This is needed for
musl libc, which currently does not have a close_range wrapper.
Also set errno on errors.
|
|
Set file descriptors to CLOEXEC instead of closing them before exec,
similar to what we do in supervise-daemon.
Use the share cloexec_fds_from() helper for this.
closefrom() is no longer used so remove the test.
|
|
Move logic to set file descriptors to a cloexec_fds_from() function in
misc.c so it can be shared by both supervisor-daemon and
start-stop-daemon, and hide the details behind.
|
|
Use HAVE_CLOSE_RANGE to tell if system provides a close_range(2)
wrapper, which better explains the purpose.
Add a compat inline which returns -1 if close_range is unavailable.
|
|
It is apparently for a piece of code that no longer exist.
There don't seem to be any part of the code referring to this directory (anymore, if there was).
|
|
|
|
|
|
`>=glibc-2.38` implements strlcpy, strlcat, etc so check for those functions
with Meson and don't provide conflicting prototypes.
Technically, it doesn't need _GNU_SOURCE, but it's easier because it's not
clear right now what glibc wants to guard it with. Note that these are in
POSIX next anyway.
Fixes: https://github.com/OpenRC/openrc/issues/643
Signed-off-by: Sam James <sam@gentoo.org>
|
|
Commit fc4f15d6cd8e7884f7094e5d3749b01f2d5a448f broke the automatic restart of
services having runlevel-specific conf.d files.
The double dirname() was not a mistake, but the way of getting from the
service script in init.d to the upper directory containing the conf.d
directory. dirname() modifies the argument in-place, so the second call
operated on a modified value. To make it more obvious what is going on,
have the second call operate on the returned value from the first call.
Fixes: fc4f15d ("openrc: fix double-assignment to dir")
Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
|
|
It breaks bash-completion.
It's not necessary to set extglob as patterns in '[[' after '=='
are always matched as if extglob were set.
Closes: #636
Signed-off-by: Jernej Jakob <jernej.jakob@gmail.com>
|
|
|
|
|