Age | Commit message (Collapse) | Author |
|
If supervise_daemon_args is not set *or empty*, it defaults to
`start_stop_daemon_args`. This is bad because supervise-daemon doesn't
accept the same options as `start-stop-daemon`. So if we set e.g.
`start_stop_daemon_args="--wait 50"`, but not `supervise_daemon_args`,
and the user adds `supervisor=supervise-daemon` to the corresponding
/etc/conf.d/<service> file, the service will fail to start due to
unrecognized option "wait".
It would be best to remove this fallback, but that might break some
existing scripts that depend on it. So this commit just changes it to
use `start_stop_daemon_args` as the default for `supervise_daemon_args`
only if `supervise_daemon_args` is not set at all, but not if it's
empty.
This at least simplifies workarounds; we can just add
`supervise_daemon_args="$supervise_daemon_args"` to init scripts.
This fixes #558.
|
|
previously broken in 6034866d1c74d5a23eb9f3e0ebf40c9d278aac93
caused *_logger options to be passed unquoted, so
`error_logger="logger -t .."` would pass -t to s-s-d and fail to start
the service.
Fixes: #531
|
|
|
|
- drop old build system
- move shared include and source files to common directory
- drop "rc-" prefix from shared include and source files
- move executable-specific code to individual directories under src
- adjust top-level .gitignore file for new build system
This closes #489.
|
|
|
|
This add No New Privs flag for start-stop-daemon and supervise-daemon
by adding --no-new-privs flag. As a result, the user set the No New
Privs flag for the program should run with.
see PR_SET_NO_NEW_PRIVS prctl(2)
|
|
This adds securebits flags for start-stop-daemon and supervise-daemon
by adding --secbits option. As a result, the user can specify
securebits the program should run with. see capabilities(7)
|
|
|
|
This adds capabilities for start-stop-daemon by adding --capabilities
option. As a result, the user can specify the inheritable, ambient and
bounding set by define capabilities in the service script.
This fixes #314.
|
|
This makes the URIs shorter and dynamic: whatever the default branch
the repo uses will be used.
|
|
The old code is moved to a cgroup_fallback_cleanup function and only
called if cgroup2_kill fails.
This fixes #454.
|
|
Currently, we run sv start immediately after linking the service.
The runsv process may not be up at the moment, as a result of which
openrc will mark the service as stopped, even though it may be brought up
by runit at the next scan.
This is documented in the gentoo wiki:
https://wiki.gentoo.org/wiki/Runit#OpenRC.27s_runit_integration_feature
This PR adds a timeout so that correct process state can be reported.
Before:
* Starting netdata-runit ...
fail: /run/openrc/sv/netdata: runsv not running
* Failed to start netdata-runit
After:
* Starting netdata-runit ...
fail: /run/openrc/sv/netdata: runsv not running
ok: run: /run/openrc/sv/netdata: (pid 9042) 0s
This fixes #253.
|
|
Busybox timeout does not support the `-k` flag. As such, invoking fuser
from do_unmount never worked without this patch. This went unnoticed as
standard error is redirected to /dev/null. This patch fixes this by
simply removing the incompatible `-k` flag.
[Ariadne: the `-k` is redundant anyway, since we are sending the KILL
signal to begin with.]
|
|
|
|
Closes #116.
Closes #171.
Closes #172.
Closes #175.
|
|
X-Gentoo-Bug: 804193
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=804193
|
|
X-Gentoo-Bug: 804193
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=804193
|
|
In legacy cgroups mode, we were running `mountinfo -q ""` which was
generating an error message. If we return immediately when
cgroup2_find_path returns an empty value, we avoid this message.
|
|
- fix mount options for /run.
- run restorecon after everything is set up.
X-Gentoo-Bug: 740576
X-Gentoo-Bug-URL: https://bugs.gentoo.org/740576
|
|
Fixes: #407
|
|
This should make cgroup_cleanup work successfully since cgroup_get_pids
no longer uses a subshell.
This fixes #396.
This fixes #397.
|
|
|
|
X-Gentoo-Bug:739274
X-Gentoo-Bug-URL:https://bugs.gentoo.org/739274
|
|
This fixes #328
|
|
use grep -E instead of egrep
check for space or end of line instead of GNU-specific word boundary
This fixes #345
|
|
prior to cgroups getting mounted, /sys/fs/cgroup will still exist,
but attempts to make directories in it will fail, change cgroup2_set_limits() to
verify that cgroups are mounted instead of just checking that /sys/fs/cgroup
exists.
This fixes #307.
This fixes #321.
|
|
This fixes #295.
|
|
This is for #288.
|
|
This time it was done correctly.
I missed a '\' the last time.
|
|
For some reason removing this broke the build.
This reverts commit 5246ea7b6f8c6a247403f725f8301457f6ddfffd.
|
|
We have used /run for some time now and we have had this migration
script for 6 years. Linux users should have upgraded by now to a version
of OpenRC which stores its information in /run.
|
|
I do not know of a need to have the default shell be a build-time
configurable setting. All *nix systems I am aware of have /bin/sh as a
default posix compatible shell.
If some systems running OpenRC do not make that assumption about
/bin/sh, I will consider bringing this back, so feel free to open an
issue.
|
|
This is not a stand-alone script, so it does not need the shebang line.
This also means it is not necessary to run this through sed.
|
|
|
|
Since the pid file is internal to us, start moving toward deprecating it
by not requiring the user to specify it.
In the next release, I plan on working on code to start phasing out the
use of a pid file if this is possible.
|
|
|
|
The pidfile of the supervisor doesn't need to be adjustable by the
service script. It is only used so the supervisor can stop itself when
the --stop option is used.
|
|
This fixes #230.
|
|
Health checks are a way to monitor a service and make sure it stays
healthy.
If a service is not healthy, it will be automatically restarted after
running the unhealthy() function to clean up.
|
|
|
|
This is an old relic from Gentoo baselayout-1.x which should not be used
any longer.
|
|
|
|
|
|
is undefined
|
|
This is handled inside librc, so we don't need the nesting in this
script.
|
|
Remove the IFS manipulation and simplify the loop that processes the
settings.
|
|
Some initramfs mount /run which then ends up with the wrong labels.
Force relabel all of /run right after its mounted to fix.
|
|
/dev/console is relabelled later in the devfs init script, but by then we
have already missed some of the messages, so fix that label early.
|
|
The current check only tries to detect whether /sys/fs/cgroup exists and
whether it is writable or not. But when the init system doesn't mount
cgroups then /sys/fs/cgroup will just be an empty directory. When paired
with unprivileged containers that mount sysfs this will cause misleading
errors to be printed since /sys/fs/cgroup will be owned by user
nobody:nogroup in this case. Independent of this specific problem this
check will also be misleading when the /sys/fs/cgroup exists and is in
fact writable by the init system but isn't actually a mountpoint.
Note from William. "grep -qs" doesn't need to redirect output to
/dev/null since it is completely silent.
This fixes #209.
|
|
This function should only be called once and it does not take any
arguments.
X-Gentoo-Bug: 639166
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=639166
|