aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-09-06start-stop-daemon, supervise-daemon: set autogroup nicelevelMatt Whitlock
As described in "Why nice levels are a placebo and have been for a very long time, and no one seems to have noticed"[1], the Linux kernel in its default configuration on many Linux distributions autogroups tasks by session ID and "fairly" allocates CPU time among such autogroups. The nice levels of tasks within each autogroup are only relative to other tasks within the same autogroup. Effectively, this means that the traditional nice level is rendered moot for tools like start-stop-daemon and supervise-daemon, which start each daemon in its own session and thus in its own autogroup. Linux does provide a means to change the niceness of autogroups relative to each other, so let's have start-stop- daemon and supervise-daemon make use of this feature where available so that -N,--nicelevel/SSD_NICELEVEL will actually do what the user intends. On systems where autogroups are not supported or are disabled, this commit introduces no change in behavior. Note that the setsid() call in the child process of start-stop-daemon is moved to much earlier. This is necessary so that the new process will be assigned to a new autogroup before the autogroup nicelevel is set. To avoid inadvertently acquiring /dev/tty as the controlling terminal of the new session after setsid() has given up the controlling terminal inherited from the parent process, tty_fd is opened before the call to setsid(). [1] https://www.reddit.com/r/linux/comments/d7hx2c/why_nice_levels_are_a_placebo_and_have_been_for_a/ This fixes #542.
2022-09-04init.d/root: don't remount swapSören Tempel
While refactoring the changes proposed in #533 a minor error was introduced were the root service will now attempt to remount swap. This will fail with the error message `mountinfo: 'swap' is not a mountpoint`. This fixes #546
2022-09-02Revert "start-stop-daemon: use vfork to avoid races"William Hubbs
This is broken, so revert it and reopen #532. This reverts commit 9e5ce59a21ed19a3829bae0b27d957c5fd0de74f.
2022-09-02init.d/root: also remount / with options provided in /etc/fstabSören Tempel
Without this commit, the root OpenRC service remounts all mounted filesystems (except /) with the options defined in /etc/fstab via fstabinfo. It is presently unclear to me why / was excluded from remounting in 497ff7ee41168d863971efb52e2ca6b42f765832 and unfortunately neither the commit nor the associated Bugzilla issue [1] provides further information on this. At Alpine, our initramfs does currently not remount / with all options defined in /etc/fstab [2]. As part of the discussion on the Alpine side of things we wondered why OpenRC does not remount / since this would be the easier solution for us. For this reason, this commit changes the behavior of the OpenRC root services accordingly to also remount / with the options defined in /etc/fstab. [1]: https://bugs.gentoo.org/401573 [2]: https://gitlab.alpinelinux.org/alpine/mkinitfs/-/merge_requests/103 This fixes #533.
2022-09-02start-stop-daemon: use vfork to avoid racesArusekk
While running `rc-service start docker` on Gentoo, I found that the command does not start the service 90% of the time, with an enigmatic 'service crashed' message. The root cause of this is apparently rc-service spawning a pty, running start-stop-daemon inside that pty, and exitting, before start-stop-daemon child process calls setsid(), which results in the child process being killed with SIGHUP (SI_KERNEL). Theoretically this bug was present ever since the file was created in 5af58b45146a ("Rewrite the core parts in C. We now provide...") (or even before that), but it should have been only a minor issue before 45bd125dccdc ("Use a pty for prefixed output instead of pipes for..."). Not sure why nobody has had the issue so far (it has been present for almost 15 years). As here setsid() is the last call before execve(), the most natural locking mechanism is vfork(), as it gives back control to parent process only after execve() or process termination. So this way the bug can be fixed by adding a single letter. :-) Another way to ensure this would be using an O_CLOEXEC file descriptor or some custom lock, which would need to be released not before setsid(). Fixes: 5af58b45146a ("Rewrite the core parts in C. We now provide...") Fixes #532.
2022-07-21openrc: fix help messagesxdavidwu
The two lines seem to both belong to --override, but made into seperate array elements accidentally, making options after --override and their help mismatch. This fixes it.
2022-07-03fix quoting of loggers in start-stop-daemonpsykose
previously broken in 6034866d1c74d5a23eb9f3e0ebf40c9d278aac93 caused *_logger options to be passed unquoted, so `error_logger="logger -t .."` would pass -t to s-s-d and fail to start the service. Fixes: #531
2022-06-28remove trailing spaceWilliam Hubbs
2022-06-27modules.in: always return 0, make loading more verboseWilliam Hubbs
2022-06-10restore the init symlink for sysvinit modeWilliam Hubbs
This symlink got lost in the transition to meson. X-Gentoo-Bug: 850754 X-Gentoo-Bug-URL: https://bugs.gentoo.org/850754
2022-06-08clean up hostname service scriptWilliam Hubbs
- use _ throw-away variable to get rid of a shellcheck warning - remove tests for /etc/hostname and just try to read it - drop reference to bash HOSTNAME variable. - make source of host name more accurate X-Gentoo-Bug: 850577 X-Gentoo-Bug-URL: https://bugs.gentoo.org/850577
2022-06-07version 0.45William Hubbs
2022-06-07add note about seedrng to newsWilliam Hubbs
2022-06-07update newsWilliam Hubbs
2022-06-06drop changelogWilliam Hubbs
Currently, I do not have a way to generate this since we moved to a meson-based build.
2022-05-08cirrus: drop FreeBSD 11 and 12.2, add FreeBSD 12.3William Hubbs
2022-05-08librc: fix resource leaksWilliam Hubbs
2022-05-08supervise-daemon: fix -WshadowSam James
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08checkpath: fix memory leakSam James
``` ================================================================= ==22862==ERROR: LeakSanitizer: detected memory leaks Direct leak of 4096 byte(s) in 1 object(s) allocated from: #0 0x7f1fd5b12cb7 in __interceptor_malloc /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x55556abecea7 in xmalloc ../src/includes/helpers.h:64 #2 0x55556abecea7 in xasprintf ../src/includes/helpers.h:149 #3 0x55556abeb6fb in do_check ../src/rc/checkpath.c:206 #4 0x55556abeb6fb in main ../src/rc/checkpath.c:443 #5 0x7f1fd58576cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: 4096 byte(s) leaked in 1 allocation(s). ``` Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08checkpath: fix memory leakSam James
``` Direct leak of 4 byte(s) in 1 object(s) allocated from: #0 0x7f49539534a7 in __interceptor_strdup /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_interceptors.cpp:454 #1 0x55d76fa66867 in xstrdup ../src/includes/helpers.h:91 #2 0x55d76fa66867 in get_dirfd ../src/rc/checkpath.c:111 #3 0x55d76fa66867 in do_check ../src/rc/checkpath.c:206 #4 0x55d76fa66867 in main ../src/rc/checkpath.c:442 #5 0x7f49536f06cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 ``` Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08rc-update: style fixesSam James
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08rc-update: fix mismatched allocSam James
Found by GCC 11's -fanalyzer. Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08rc-status: fix mismatched allocSam James
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08shared/misc.c: free env_allow if returning early from env_filterSam James
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: mark rc_deptree_* functions as mallocsSam James
(This is analogous to the rc_stringlist change.) This gives a hint to the compiler that allocations (return values) from this function should be paired with a corresponding dealloc/free function. Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: mark stringlist functions as warn_unused_resultSam James
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: mark stringlist functions as mallocsSam James
This gives a hint to the compiler that allocations (return values) from this function should be paired with a corresponding dealloc/free function In this case, it means that every rc_stringlist that rc_stringlist_new() returns should eventually be freed by calling rc_stringlist_free(ptr) where ptr is the relevant rc_stringlist. We have to add a test for this into the build system because only GCC supports this for now. In future, we might be able to use meson's has_function_attribute (it does support 'malloc', just not AFAICT 'malloc with arguments'). Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: fix potential use-after-freeSam James
Both 'pkg' and 'local' are referenced within list, so we can't free them yet. Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: fix double-freeSam James
'services' is still referenced by the list which gets returned. We can't free it. Thanks to GCC 11's -fanalyzer. Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: fix mismatched allocsSam James
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08librc: fix memory leak in rc_services_in_runlevel_stackedSam James
Seen on running rc-status. ``` ================================================================= ==14636==ERROR: LeakSanitizer: detected memory leaks Indirect leak of 72 byte(s) in 3 object(s) allocated from: #0 0x7f443412dcb7 in __interceptor_malloc /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x7f443400c727 in xmalloc ../src/includes/helpers.h:64 #2 0x7f443400d1f4 in rc_stringlist_add ../src/librc/librc-stringlist.c:32 #3 0x7f4433fecc34 in get_runlevel_chain ../src/librc/librc.c:390 #4 0x7f4433fedc00 in rc_runlevel_stacks ../src/librc/librc.c:519 #5 0x7f4433ff1d8e in rc_services_in_runlevel_stacked ../src/librc/librc.c:976 #6 0x55be0e8f9517 in main ../src/rc/rc-status.c:407 #7 0x7f44334736cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 ``` Signed-off-by: Sam James <sam@gentoo.org>
2022-04-30multiple spelling and typo fixesJosh Soref
This fixes #516.
2022-04-21seedrng: use posix positional params to avoid space splittingJason A. Donenfeld
The value of ${seed_dir} may have spaces in it, making the current argument string building method unsafe. Instead, use positional parameters to pass these arguments safely.
2022-04-20seedrng: initialize seed_dirWilliam Hubbs
2022-04-20seedrng: more improvementsWilliam Hubbs
- drop initialization of some variables. - use eerrorx where possible - drop final cleanup instructions
2022-04-20seedrng: incorporate various improvementsJason A. Donenfeld
There have been a number of subtle improvements and cleanups to seedrng, including using openat and locking the directory fd instead of a separate lock file. Also various stylistic cleanups. This fixes #519. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-04-16simplify github workflows using the matrix syntaxDoug Freed
2022-04-16rewrite tests (#515)William Hubbs
* rewrite tests to work with meson This ports our tests to meson and makes them able to be run in parallel. * add tests to ci * rewrite test/check-trailing-newlines in bash This test was using a GNU sed command which does not work on Alpine Linux.
2022-04-09openrc-shutdown: remove rc- prefix from file namesWilliam Hubbs
2022-04-09binfmt: ignore empty lines (#492)mochaaP
2022-04-07start-stop-daemon: remove rc-prefix from file namesWilliam Hubbs
2022-04-06migrate fully to meson build systemWilliam Hubbs
- drop old build system - move shared include and source files to common directory - drop "rc-" prefix from shared include and source files - move executable-specific code to individual directories under src - adjust top-level .gitignore file for new build system This closes #489.
2022-03-31init.d/seedrng.in: fix rc_yesno typoSam James
This fixes #512.
2022-03-31Add clangd support for developmentLinkTed
This fixes #502.
2022-03-30seedrng: remove environment variablesJason A. Donenfeld
Now that we have the command line arguments, there's no need for the environment variables. This fixes #511.
2022-03-30init.d/urandom.in: drop the use of the psz variableWilliam Hubbs
Since this service is now *bsd only, we don't need to worry about reading this value from /proc/sys.
2022-03-30add seedrng service for LinuxWilliam Hubbs
This moves urandom to *bsd only and adds seedrng as a separate service for Linux. This fixes #510
2022-03-30seedrng.c: multiple cleanupsWilliam Hubbs
This fixes #508.
2022-03-29seedrng: clean up fds and avoid -1 close on exit (#509)Jason A. Donenfeld
This cleans up the exit path a little bit. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-03-26Use seedrng for seeding the random number generatorJason A. Donenfeld
The RNG can't actually be seeded from a shell script, due to the reliance on ioctls. For this reason, the seedrng project provides a basic script meant to be copy and pasted into projects like OpenRC and tweaked as needed: https://git.zx2c4.com/seedrng/about/ This commit imports it into OpenRC and wires up /etc/init.d/urandom to call it. It shouldn't be called by other things on the system, so it lives in rc_sbindir. Closes #506. Closes #507. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>