Age | Commit message (Collapse) | Author |
|
|
|
If selinux is disabled, then stub methods will be provided instead of
calling the real methods. This removes some warnings about unused
parameters which used to be covered up with #ifdef HAVE_SELINUX.
Signed-off-by: Jason Zaman <jason@perfinion.com>
|
|
|
|
librc: Fix C90 warning (mixed declaration and code)
rc: Fix warning about discarding const qualifier
Fixes #45.
|
|
The previous fix to --test (PR #34) prevented reading one too many
arguments when --exec -or --name was not specified, but created a
regression where the last argument would not print if either of those
arguments was specified. This corrects the issue.
Fixes #41.
|
|
This is another security fix. If you use chown() or chmod() on a
symbolic link, it affects the referenced file, not the symbolic link
itself.
X-Gentoo-Bug: 540006
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
|
|
|
|
Do not change permissions on the target if it is a file and has multiple
hard links. This is necessary because a hard link can be an attack
vector to gain privilege escalation.
X-Gentoo-Bug: 540006
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
|
|
This fixes #35.
|
|
Fixes #34.
|
|
This fixes a double free of the pidfile variable. For discussion of this
issue, see the bug.
X-Gentoo-Bug: 531600
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=531600
|
|
This is a more descriptive name since this file only sets the gitver
variable.
|
|
runscript used to dlopen() runscript_selinux.so. This adds equivalent
functionality directly in to runscript instead. It authenticates with
either PAM or shadow and optionally has a dep on audit.
X-Gentoo-Bug: 517450
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=517450
|
|
Fixes #28.
X-Gentoo-Bug: #527370
X-Gentoo-Bug-Url: https://bugs.gentoo.org/show_bug.cgi?id=527370
|
|
|
|
TAILQ_CONCAT, TAILQ_FOREACH_SAFE and LIST_FOREACH_SAFE are defined
in our bundled queue.h and are no longer required.
|
|
We are bundling this to allow building on musl-based systems since musl
does not include <sys/queue.h>.
|
|
It is necessary to check for both the kernel and c library because
__FreeBSD_kernel is also defined on native FreeBSD [1].
[1] http://sourceforge.net/p/predef/wiki/OperatingSystems/
|
|
|
|
|
|
|
|
Check for __FreeBSD_kernel instead of __GLIBC__ in source files.
note from William Hubbs:
I was told this is a better check for GNU/kFreeBSD than checking the
C library the source is being compiled against.
GNU/kFreeBSD than checking which library we are using.
|
|
There is no need to redefine __BEGIN_DECLS and __END_DECLS.
We simplify the logic here and avoid undefining these macros.
|
|
Some Standard C Libraries, like musl, don't define __BEGIN_DECLS
or __END_DECLS. We add some ifdef magic to ensure these are
available.
|
|
X-Gentoo-Bug: 524388
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=524388
|
|
|
|
These messages are being changed for this release to show in verbose
mode because of the number of times they display.
|
|
The stat structure was not being initialized correctly in do_check. This
was causing the owner adjustment to be skipped if the first path had the
correct owner.
Also, the "correcting owner" message should always be printed when the
owner is being changed.
X-Gentoo-Bug: 518042
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=518042
|
|
|
|
|
|
|
|
Remove the recursive call in print_stacked_services which was causing an
infinite loop when using stacked runlevels.
I would like to thank Doug Freed and Jason Zaman for assisting with
tracking this down.
X-Gentoo-Bug: 514972
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=514972
|
|
X-Gentoo-Bug: 516956
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=516956
|
|
|
|
|
|
The name rc-selinux-util.* is a bit long, so I renamed the source files
to rc-selinux.*
X-Gentoo-Bug: 516956
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=516956
|
|
X-Gentoo-Bug: 516956
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=516956
|
|
The -W option does not need an argument of its own; it can take the
first path after all other options are processed on the command line.
Also, move the processing for the -W option out of the switch so it will
be in the same loop as the other processing.
|
|
|
|
Before this commit, not specifying -d, -f, -p or -W in a checkpath
command meant the command exited successfully but actually did nothing.
This is an error condition, so report it as such.
|
|
Thanks to info and testing done by Daniel Robbins <drobbins@funtoo.org>,
there is now a fix for this. Below is his description of the steps
OpenRC needed to use.
1) See if /proc/<pid>/status exists
2) If it does, see if it has a "envID:" field
3) If it does, see if "envID:" is set to "0"
4) If so, then it's one of the host's processes and should be a
candidate for the list. Otherwise, it is one of the container's
processes and should be ignored.
This should fix the bug and allow start-stop-daemon to work properly on
OpenVZ hosts.
X-Gentoo-Bug: 376817
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=376817
|
|
The mount and remount options should always be processed. They were only
being processed if -q was not on the command line.
X-Gentoo-Bug: 498206
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=498206
|
|
The -a option,which only applies to the del command, is used to remove a
service from all runlevels.
X-Gentoo-Bug: 497740
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=497740
|
|
This was requested by Debian, because the minicom software, which is
available on Debian and other distros, has a binary named runscript. We
are keeping a backward compatibility symlink for now, but this allows
Debian or any other distro to safely remove the symlink.
X-Gentoo-Bug: 494220
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=494220
|
|
|
|
The message about a service being scheduled to start was confusing to
some of our users; I was told this wording is more clear.
X-Gentoo-Bug: 493070
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=493070
|
|
Debian requested this rename due to the "rc" binary conflicting with the
"rc" binary from the plan 9 shell.
We also add a deprecation warning to the binary when it is run as rc to
encourage users to switch to openrc instead.
X-Gentoo-Bug: 493958
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=493958
|
|
This message was being sent to stderr, and it should be sent to
stdout since it is informational. This change was requested by
zero_chaos.
|
|
This is just a minimal port to get Debian up and running; the rest will
be done later.
|
|
The rc_runlevel_exists function was attempting to treat "." and ".." as
valid runlevels; however, this should not be allowed.
X-Gentoo-Bug: 488710
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=488710
|