Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
This is related to #195.
This is an attempt to shorten the window for the first two issues
discussed by using a file descriptor which does not follow symbolic
links and using the fchmod and fchown calls instead of chown and chmod.
with.
|
|
X-Gentoo-Bug: 643084
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=643084
|
|
X-Gentoo-Bug: 643084
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=643084
|
|
Checkpath should never follow symbolic links when changing ownership of a file.
This is for https://github.com/openrc/openrc/issues/195.
|
|
This works like the other --if options. If the service is crashed, run
the command.
This fixes #154.
|
|
X-Gentoo-Bug: 639218
X-Gentoo-Bug-URL: https://bugs.gentoo.org/639218
|
|
This is for #186.
|
|
This avoids trying to kill everything.
X-Gentoo-Bug: 631958
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=631958
|
|
X-Gentoo-Bug: 636574
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=636574
|
|
|
|
This makes ps show which service the supervisor is monitoring.
|
|
|
|
|
|
|
|
|
|
|
|
The unsupervised status is to be used when a supervisor of a supervised
service dies but leaves the service daemon itself running.
|
|
This allows us to detect when the supervisor dies unexpectedly because
in that case child_pid will still exist.
|
|
X-Gentoo-Bug: 635334
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=635334
|
|
- Harden against dying by handling all signals that would terminate the
program and adding --reexec support
- factor the supervisor into its own function
- fix test for whether we are already running
|
|
Prior to this change, we were logging unexpected terminations of daemons
we were supervising at the info level. This change moves the logs to
warnings.
|
|
|
|
The service binary was just a synonym for rc-service, so use rc-service
instead of service. If you want a "service" binary, it should be
something that can determine which service manager you are running and
run the appropriate service manager commands.
|
|
We need to do this to skip the zombie state for the child process since
we are not easily able to wait() for it.
|
|
|
|
|
|
Clean up the process for killing an active supervisor when stopping.
|
|
|
|
This is for #163.
|
|
rc-selinux.c: In function ‘selinux_setup’:
rc-selinux.c:361:9: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
curr_t = context_type_get(curr_con);
^
|
|
The minimum requirement for libselinux is now >=2.6
The refpolicy and the gentoo policy contain the
contexts since version 2.20170204-r4
|
|
This allows supervise-daemon to run this code without attempting to
print some status messages used by start-stop-daemon.
|
|
|
|
The --retry option for supervise-daemon defines how the supervisor will
attempt to stop the child process it is monitoring. It is defined when
the supervisor is started since stopping the supervisor just sends a
signal to the active supervisor.
This fixes #160.
|
|
|
|
This was part of start-stop-daemon; however, it needs to be shared in
order to be used by supervise-daemon.
|
|
|
|
X-Gentoo-Bug: 624796
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=624796
|
|
|
|
|
|
|
|
|
|
How to reproduce 1-byte overflow:
```
$ FEATURES=-test CFLAGS="-fsanitize=address -O0 -ggdb3" emerge -1 openrc
=================================================================
==1==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff0efd8710
at pc 0x000000402076 bp 0x7fff0efd7d50 sp 0x7fff0efd7d40
WRITE of size 1 at 0x7fff0efd8710 thread T0
#0 0x402075 (/sbin/openrc-init+0x402075)
#1 0x3cf6e2070f in __libc_start_main (/lib64/libc.so.6+0x3cf6e2070f)
#2 0x4013b8 (/sbin/openrc-init+0x4013b8)
Address 0x7fff0efd8710 is located in stack of thread T0 at offset 2432 in frame
#0 0x401cfb (/sbin/openrc-init+0x401cfb)
This frame has 3 object(s):
[32, 160) 'signals'
[192, 344) 'sa'
[384, 2432) 'buf' <== Memory access at offset 2432 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow ??:0 ??
```
The problem here is in the code handling reads from 'init.ctl':
```
int main(int argc, char **argv) {
...
char buf[2048];
for (;;) {
/* This will block until a command is sent down the pipe... */
fifo = fopen(RC_INIT_FIFO, "r");
count = fread(buf, 1, 2048, fifo);
buf[count] = 0;
...
}
```
`buf[count] = 0;` writes outside the buffer when `fread()` returns non-truncated read.
This fixes #138.
|
|
Only close the log if we successfully opened it.
Reported-by: Brian Evans <grknight@gentoo.org>
Tested-by: Brian Evans <grknight@gentoo.org>
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
|
|
|
|
To be more compatible with sysvinit, move to single user mode if no
options are specified on the command line.
|
|
|