aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-10-19openrc-pam: allow to define runlevels by the argumentsAnna (navi) Figueiredo Gomes
this allows system administrators to define which runlevels to use, could permit them for example, to include the module in another pam file to customize when user scripts are auto-started, for example, allowing users to define a 'remote' runlevel that would be executed in a ssh login Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc-run.sh: save and load variables on default startAnna (navi) Figueiredo Gomes
temporary system for testing, it's gonna store any environment variables defined in export_vars="", and subsequent services will load them. ideally we only want to load the variables saved by services we depend on, so that would change later. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: introduce recursive_mkdir()Anna (navi) Figueiredo Gomes
creates all the directories in a give path. only the last directory in the path return -1 to EEXIST. any other error is always returned. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc-pam: Grab XDG_RUNTIME_DIR from pam and re-export it for openrcAnna (navi) Figueiredo Gomes
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc-pam: Add syslog logs for opening, closing and runing a runlevelAnna (navi) Figueiredo Gomes
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: disallow user scripts as rootAnna (navi) Figueiredo Gomes
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: add paths to errorx mkdir callsAnna (navi) Figueiredo Gomes
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc: rework pathing functionsAnna (navi) Figueiredo Gomes
this simplifies the allocation of path string. also fixes some memory leaks from the ealier commit also changes the log path for users to XDG_CACHE_HOME, default ~/.cache/openrc Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc: create lockfile for --user.Anna (navi) Figueiredo Gomes
the pam module sets a variable that when in user mode, openrc should pick up and either create/increment, or decrement. this is done so that multiple session_open and session_close from pam doesn't randomly change the user runlevel for the current user. only the first session open starts the default runlevel, and only the last session close switches to the none runlevel. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc-pam: introduction of a PAM module for --userAnna (navi) Figueiredo Gomes
the module gets the pam user and executes a new login shell, in order to load the user's environment. this requires that the user's login shell supports `-c` as an option to run a command. all shells that i know of do. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc: Add the correct path for logs as userAnna (navi) Figueiredo Gomes
Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: Move sysconf dir to ~/.config/openrc/...Anna (navi) Figueiredo Gomes
Also add ~/.local/share/openrc for data files (like logs) This is done to help avoid name conflictions for anything else that might create/user files in .config/ Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: Allow user to override system-wide rc.confAnna (navi) Figueiredo Gomes
This change read a user version of rc.conf, to be located in `~/.config/rc.conf`. The user version is loaded first, so it has priority, thus overriding the system settings. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: Use getpwuid instead of ${HOME} to get user's home directory.Anna (navi) Figueiredo Gomes
Using ${HOME} works when the user runs any librc program from the shell, but trying to invoke them from pam or similar, the variable is not set. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc: Add support for user services.Anna (navi) Figueiredo Gomes
Modifies many functions where filesystem paths were hardcoded. In non-user-services mode, they still are. In user-services mode, they are allocated, since XDG_ dirs are to be set via environment variables. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc-run.sh.in: Disable cgroups for user services.Anna (navi) Figueiredo Gomes
Since user services run as the user that is starting them, they won't be able to make use of cgroups. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19openrc-run.sh-in: Conditionally add configs.Anna (navi) Figueiredo Gomes
Conditionally add system provided configs for user services. The local configs for the same services take priority. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19gendepends.sh.in: Conditionally add user servicesAnna (navi) Figueiredo Gomes
For dependency calculation for user services. When in user service mode, non-user services are not considered. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-19librc: skeleton of user services supportAnna (navi) Figueiredo Gomes
Those functions allocates and set up the environment for user services. Signed-off-by: Anna (navi) Figueiredo Gomes <navi@vlhl.dev>
2023-10-10version 0.51William Hubbs
2023-10-10update newsWilliam Hubbs
2023-10-10change default RC_CGROUP_MODE to unifiedWilliam Hubbs
This improves resource management by assigning services to individual cgroups. X-Gentoo-Bug: https://bugs.gentoo.org/914972
2023-10-10Force symlinking of openrc-init to initAdam Duskett
When building on embedded SDKs such as Buildroot or Yocto, if OpenRC has a previous installation, the package will fail the installation step as the openrc-init is already a symlink to "${DESTDIR}/${sbindir}"/init. Force symlinking to prevent errors when reinstalling the package.
2023-10-03Relocate pipes.c and pipes.h file to shared directory.Lexxy Fox
With the addition of logger process redirect in supervise-daemon, pipes.c and pipes.h are now included in both s-s-d and supervise-daemon. Thus it makes sense to move the source files to the src/shared dir.
2023-10-03supervise-daemon: implement output_logger and error_logger.Lexxy Fox
Allows redirecting process stdin and stdout to another process, just like is already possible with start-stop-daemon. Also added --stdout-logger and --stderr-logger to the man page.
2023-09-19version 0.50William Hubbs
2023-09-19update newsWilliam Hubbs
2023-09-12misc: add syscall fallback for close_range for musl libcNatanael Copa
Add fallback for the close_range syscall wrapper. This is needed for musl libc, which currently does not have a close_range wrapper. Also set errno on errors.
2023-09-12start-stop-daemon: set fds to CLOEXEC instead of closingNatanael Copa
Set file descriptors to CLOEXEC instead of closing them before exec, similar to what we do in supervise-daemon. Use the share cloexec_fds_from() helper for this. closefrom() is no longer used so remove the test.
2023-09-12misc: add cloexec_fds_from() helper functionNatanael Copa
Move logic to set file descriptors to a cloexec_fds_from() function in misc.c so it can be shared by both supervisor-daemon and start-stop-daemon, and hide the details behind.
2023-09-12supervise-daemon: rename HAVE_CLOSE_RANGE_EXEC to HAVE_CLOSE_RANGENatanael Copa
Use HAVE_CLOSE_RANGE to tell if system provides a close_range(2) wrapper, which better explains the purpose. Add a compat inline which returns -1 if close_range is unavailable.
2023-09-01remove /lib/rc/tmp creation from meson scriptTimothy Kenno Handojo
It is apparently for a piece of code that no longer exist. There don't seem to be any part of the code referring to this directory (anymore, if there was).
2023-08-31version 0.49William Hubbs
2023-08-31update newsWilliam Hubbs
2023-08-29Don't re-define strlcpy/strlcat with >=glibc-2.38Sam James
`>=glibc-2.38` implements strlcpy, strlcat, etc so check for those functions with Meson and don't provide conflicting prototypes. Technically, it doesn't need _GNU_SOURCE, but it's easier because it's not clear right now what glibc wants to guard it with. Note that these are in POSIX next anyway. Fixes: https://github.com/OpenRC/openrc/issues/643 Signed-off-by: Sam James <sam@gentoo.org>
2023-07-26rc: fix automatic restart with runlevel-specific conf.d filesSven Wegener
Commit fc4f15d6cd8e7884f7094e5d3749b01f2d5a448f broke the automatic restart of services having runlevel-specific conf.d files. The double dirname() was not a mistake, but the way of getting from the service script in init.d to the upper directory containing the conf.d directory. dirname() modifies the argument in-place, so the second call operated on a modified value. To make it more obvious what is going on, have the second call operate on the returned value from the first call. Fixes: fc4f15d ("openrc: fix double-assignment to dir") Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
2023-07-26bash-completion/rc-service: don't set or unset extglobJernej Jakob
It breaks bash-completion. It's not necessary to set extglob as patterns in '[[' after '==' are always matched as if extglob were set. Closes: #636 Signed-off-by: Jernej Jakob <jernej.jakob@gmail.com>
2023-07-05version 0.48William Hubbs
2023-07-05update news for 0.48 releaseWilliam Hubbs
2023-05-21man: Remove Duplicate Description of -2/--stderr FlagPetr Vaněk
This commit removes the secondary mention of the -2/--stderr flag in the start-stop-daemon man page. The flag's functionality was already sufficiently described in an earlier section of the text. Signed-off-by: Petr Vaněk <arkamar@atlas.cz>
2023-05-14einfo: fix vewend applet argsOskari Pirhonen
Fix typo preventing the args for the vewend applet from being handled.
2023-05-10librc: allow overriding rc_interactive on kernel command lineSam James
This was originally introduced in 14625346c07a2a66fe77ce578c9423918bec1d97 with an example list (just one for rc_parallel) of options. Let's add in rc_interactive as it's a pretty obvious thing one might want to override. See https://forums.gentoo.org/viewtopic-p-8694588.html.
2023-04-24openrc-run: fix rc_parallel race in svc_execDominique Martinet
svc_exec waits until SIGCHLD comes in to close its input, but in rc_parallel case the SIGCHLD might be unrelated. Checking the proper pid is found in signal handler and only signaling signal_pipe the status code directly avoids this problem.
2023-04-24openrc-run: silence lock failures with --no-depsDominique Martinet
work around scary warnings described in previous commit
2023-04-24openrc-run: remove kludge in restart --no-depsDominique Martinet
restarting a service with --no-deps ran into a "hairy workaround", which had a few problems discussed in [1]: - it ignores --dry-run, really restarting the requested service - if the service was stopped, the program is started but the service status stays stopped. This makes long-lived services impossible to (re)start again (pid already exists and running), and the service also won't stop on shutdown. The kludge had a long comment describing the following situation: - openvpn needs net and dns - net restarts dns - dns needs net If the restart in net handled deps, openrc would deadlock waiting for net in dns' restart, as net won't be started until that is done. Restarting with --nodeps works around the deadlock, but can display errors without the kludge (note that the services did start properly anyway, the problem is that the default service path tries to lock dns twice from openvn's dep's start and net's start's restart): --- alpine:~# rc-service openvn start openvn | * Caching service dependencies ... [ ok ] net |net starting net |dns | * Call to flock failed: Resource temporarily unavailable net |dns | * ERROR: dns stopped by something else net |net started dns |dns started openvn |openvn started alpine:~# rc-status | grep s[1-3] net [ started ] dns [ started ] openvn [ started ] --- Locking again in restart --nodep can fail in two patterns: - openvpn's need dependency start was first, and the restart in net failed (case above): we can just silence locking failures and exit quietly with restart --no-deps, which is not worse than trying to restart while another process hold the lock. - the restart in net's start was first, and openvpn's need dependency start failed: not much can be done here short of adding a new status that a no-deps restart is in progress as in the comment, but this case can actually just be solved by adjusting dependencies -- and it actually has already been fixed: the current openvpn init script in alpine only 'use dns', so it will not try to start it, and that will start just fine with openvpn -> net -> dns only each starting each other once sequentially. Another failure pattern is just starting dns directly: that will start net, which will try to restart dns while we are starting it. Silencing messages on restart also solves this. Link: https://github.com/OpenRC/openrc/issues/224 [1]
2023-04-24rc: use LIST_FOREACH_SAFE in cleanup()NRK
according to the linux manpage, the "safe" variant may not be available on all platform. however we bundle our own `queue.h` so this should not be an issue.
2023-04-24rc: block SIGCHLD during pid list operationsNRK
the pid list will be accessed inside the SIGCHLD signal handler. so we must ensure SIGCHLD handler doesn't get invoked while the list is at an inconsistent state making it unsafe to interact with. Co-authored-by: Dominique MARTINET <dominique.martinet@atmark-techno.com> Bug: https://github.com/OpenRC/openrc/issues/589#issuecomment-1406588576
2023-04-24rc: avoid calling free inside SIGCHLD handlerNRK
`free` is not async-signal-safe and calling it inside a signal handler can have bad effects, as reported in the musl ML: https://www.openwall.com/lists/musl/2023/01/23/1 the solution: - keep track of weather remove_pid() is being called from inside a signal handler or not. - if it's inside a signal handler then DO NOT call free - instead put that pointer into a "to be freed later" list. - if it's not inside a signal handler then take the "to be freed later" list and free anything in it. Bug: https://github.com/OpenRC/openrc/issues/589 Reported-by: Dominique MARTINET <dominique.martinet@atmark-techno.com>
2023-04-24fstabinfo: deal with EINTR in waitpid callNRK
2023-04-24fstabinfo: replace vfork with posix_spawnpNRK
problem: * vfork has been removed from POSIX [0]. * clang-tidy flags the `strerror` and `eerror` call inside the vfork-ed child as undefined behavior. solution: use posix_spawnp, which is serves similar purpose and is specified in posix. and as an added bonus, it's also easier to use and less lines of code. [0]: https://www.man7.org/linux/man-pages/man2/vfork.2.html#CONFORMING_TO