| Age | Commit message (Collapse) | Author | 
|---|
|  | ```
Direct leak of 4 byte(s) in 1 object(s) allocated from:
    #0 0x7f49539534a7 in __interceptor_strdup /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_interceptors.cpp:454
    #1 0x55d76fa66867 in xstrdup ../src/includes/helpers.h:91
    #2 0x55d76fa66867 in get_dirfd ../src/rc/checkpath.c:111
    #3 0x55d76fa66867 in do_check ../src/rc/checkpath.c:206
    #4 0x55d76fa66867 in main ../src/rc/checkpath.c:442
    #5 0x7f49536f06cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
```
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Found by GCC 11's -fanalyzer.
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Signed-off-by: Sam James <sam@gentoo.org> | 
|  | (This is analogous to the rc_stringlist change.)
This gives a hint to the compiler that allocations (return values)
from this function should be paired with a corresponding dealloc/free
function.
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Signed-off-by: Sam James <sam@gentoo.org> | 
|  | This gives a hint to the compiler that allocations (return values)
from this function should be paired with a corresponding dealloc/free
function
In this case, it means that every rc_stringlist that rc_stringlist_new()
returns should eventually be freed by calling rc_stringlist_free(ptr)
where ptr is the relevant rc_stringlist.
We have to add a test for this into the build system
because only GCC supports this for now. In future, we might
be able to use meson's has_function_attribute (it does support
'malloc', just not AFAICT 'malloc with arguments').
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Both 'pkg' and 'local' are referenced within list,
so we can't free them yet.
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | 'services' is still referenced by the list
which gets returned. We can't free it.
Thanks to GCC 11's -fanalyzer.
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Seen on running rc-status.
```
=================================================================
==14636==ERROR: LeakSanitizer: detected memory leaks
Indirect leak of 72 byte(s) in 3 object(s) allocated from:
    #0 0x7f443412dcb7 in __interceptor_malloc /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x7f443400c727 in xmalloc ../src/includes/helpers.h:64
    #2 0x7f443400d1f4 in rc_stringlist_add ../src/librc/librc-stringlist.c:32
    #3 0x7f4433fecc34 in get_runlevel_chain ../src/librc/librc.c:390
    #4 0x7f4433fedc00 in rc_runlevel_stacks ../src/librc/librc.c:519
    #5 0x7f4433ff1d8e in rc_services_in_runlevel_stacked ../src/librc/librc.c:976
    #6 0x55be0e8f9517 in main ../src/rc/rc-status.c:407
    #7 0x7f44334736cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
```
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | This fixes #516. | 
|  | The value of ${seed_dir} may have spaces in it, making the current
argument string building method unsafe. Instead, use positional
parameters to pass these arguments safely. | 
|  |  | 
|  | - drop initialization of some variables.
- use eerrorx where possible
- drop final cleanup instructions | 
|  | There have been a number of subtle improvements and cleanups to seedrng,
including using openat and locking the directory fd instead of a
separate lock file. Also various stylistic cleanups.
This fixes #519.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | 
|  |  | 
|  | * rewrite tests to work with meson
This ports our tests to meson and makes them able to be run in parallel.
* add tests to ci
* rewrite test/check-trailing-newlines in bash
This test was using a GNU sed command which does not work on Alpine Linux. | 
|  |  | 
|  |  | 
|  |  | 
|  | - drop old build system
- move shared include and source files to common directory
- drop "rc-" prefix from shared include and source files
- move executable-specific code to individual directories under src
- adjust top-level .gitignore file for new build system
This closes #489. | 
|  | This fixes #512. | 
|  | This fixes #502. | 
|  | Now that we have the command line arguments, there's no need for the
environment variables.
This fixes #511. | 
|  | Since this service is now *bsd only, we don't need to worry about
reading this value from /proc/sys. | 
|  | This moves urandom to *bsd only and adds seedrng as a separate service
for Linux.
This fixes #510 | 
|  | This fixes #508. | 
|  | This cleans up the exit path a little bit.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | 
|  | The RNG can't actually be seeded from a shell script, due to the
reliance on ioctls. For this reason, the seedrng project provides a
basic script meant to be copy and pasted into projects like OpenRC and
tweaked as needed: https://git.zx2c4.com/seedrng/about/
This commit imports it into OpenRC and wires up /etc/init.d/urandom to
call it. It shouldn't be called by other things on the system, so it
lives in rc_sbindir.
Closes #506.
Closes #507.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | 
|  |  | 
|  | This should make the code easier to maintain without having to remember
what the exact 0x100 constant means. | 
|  | We use 0x100+ to avoid collisions in the 8 bit getopt interface, so
switch 0x80 to align with the other existing 0x100 options we have. | 
|  |  | 
|  |  | 
|  | The comment block for `want` seemed to be unintentionally part of the `use` block. Added a newline so `want` will have its own section. | 
|  |  | 
|  | This add No New Privs flag for start-stop-daemon and supervise-daemon
by adding --no-new-privs flag. As a result, the user set the No New
Privs flag for the program should run with.
see PR_SET_NO_NEW_PRIVS prctl(2) | 
|  | This adds securebits flags for start-stop-daemon and supervise-daemon
by adding --secbits option. As a result, the user can specify
securebits the program should run with. see capabilities(7) | 
|  |  | 
|  | During boot if the "previous_dmesg" setting is enabled in
/etc/conf.d/bootmisc then during the 1st boot of a machine the
bootmisc init.d script will attempt to move a nonexistant dmesg
file, so generating an error on the console.
Modify the script to only move an existing file. | 
|  | This is a partial revert of commit 8e02406d ("rc-misc.c: remove
references to PATH_MAX"), which changed 'file' to a null pointer with no
associated storage.
../openrc-0.44.10/src/rc/rc-misc.c: In function ‘_rc_deptree_load’:
../openrc-0.44.10/src/rc/rc-misc.c:392:33: warning: ‘%s’ directive argument is null [-Wformat-overflow=]
392 |                                 eerror("Clock skew detected with `%s'", file);
    |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes: 8e02406d ("rc-misc.c: remove references to PATH_MAX")
Closes: #493 | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  |