Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
Add fallback for the close_range syscall wrapper. This is needed for
musl libc, which currently does not have a close_range wrapper.
Also set errno on errors.
|
|
Set file descriptors to CLOEXEC instead of closing them before exec,
similar to what we do in supervise-daemon.
Use the share cloexec_fds_from() helper for this.
closefrom() is no longer used so remove the test.
|
|
Use HAVE_CLOSE_RANGE to tell if system provides a close_range(2)
wrapper, which better explains the purpose.
Add a compat inline which returns -1 if close_range is unavailable.
|
|
|
|
`>=glibc-2.38` implements strlcpy, strlcat, etc so check for those functions
with Meson and don't provide conflicting prototypes.
Technically, it doesn't need _GNU_SOURCE, but it's easier because it's not
clear right now what glibc wants to guard it with. Note that these are in
POSIX next anyway.
Fixes: https://github.com/OpenRC/openrc/issues/643
Signed-off-by: Sam James <sam@gentoo.org>
|
|
|
|
Clang 16 makes these warnings fatal and GCC 14 is likely to as well.
|
|
|
|
On systems with a very large RLIMIT_NOFILE, calling close() in a loop
from 3 to getdtablesize() effects an enormous number of system calls.
There are better alternatives. Both BSD and Linux have the closefrom()
system call that closes all file descriptors with indices not less than
a specified minimum. Have start-stop-daemon call closefrom() on systems
where it's implemented, falling back to the old loop elsewhere.
Likewise, calling fcntl(i, F_SETFD, FD_CLOEXEC) in a loop from 3 to
getdtablesize() raises a similar performance concern. Linux 5.11 and
onward has a close_range() system call with a CLOSE_RANGE_CLOEXEC flag
that sets the FD_CLOEXEC flag on all file descriptors in a specified
range. Have supervise-daemon utilize this feature on systems where it's
implemented, falling back to the old loop elsewhere.
|
|
|
|
The default behavior of check: false is going to change to true in the
future, see <https://github.com/mesonbuild/meson/issues/9300>.
Thus we are explicit about the desired behavior. The error in uname is
important but with test we check ourselves using returncode().
This fixes #556.
|
|
This symlink got lost in the transition to meson.
X-Gentoo-Bug: 850754
X-Gentoo-Bug-URL: https://bugs.gentoo.org/850754
|
|
|
|
This gives a hint to the compiler that allocations (return values)
from this function should be paired with a corresponding dealloc/free
function
In this case, it means that every rc_stringlist that rc_stringlist_new()
returns should eventually be freed by calling rc_stringlist_free(ptr)
where ptr is the relevant rc_stringlist.
We have to add a test for this into the build system
because only GCC supports this for now. In future, we might
be able to use meson's has_function_attribute (it does support
'malloc', just not AFAICT 'malloc with arguments').
Signed-off-by: Sam James <sam@gentoo.org>
|
|
* rewrite tests to work with meson
This ports our tests to meson and makes them able to be run in parallel.
* add tests to ci
* rewrite test/check-trailing-newlines in bash
This test was using a GNU sed command which does not work on Alpine Linux.
|
|
- drop old build system
- move shared include and source files to common directory
- drop "rc-" prefix from shared include and source files
- move executable-specific code to individual directories under src
- adjust top-level .gitignore file for new build system
This closes #489.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This adds capabilities for start-stop-daemon by adding --capabilities
option. As a result, the user can specify the inheritable, ambient and
bounding set by define capabilities in the service script.
This fixes #314.
|
|
This requires at leaste meson 0.53.0 since it uses the fs module.
This is for #474.
|
|
Much like PAM, not all implementations of libcrypt provide a pkg-config
file, and hence we can't find it using the old logic.
Let's fall back to the standard AC_SEARCH_LIBS-style check if the pkg-config-style
detection fails.
This fixes finding e.g. musl's libcrypt.
X-Gentoo-Bug: 827074
X-Gentoo-Bug-URL: https://bugs.gentoo.org/827074
|
|
We only need libcrypt if we're building _with_ SELinux and
_without_ PAM. We don't use libcrypt for general SELinux
with PAM.
This is mostly a correctness change as libcrypt should
generally be available (as opposed to the previous
change which fixed some real-world cases).
Fixes: f3f0fde861b438c80f99afdd49fe175e9d0a68ca
Fixes: #478
|
|
We use libcrypt's crypt() if we're _not_ using PAM
in the SELinux code (rc-selinux, specifically).
X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/openrc/openrc/pull/477
|
|
X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/OpenRC/openrc/issues/470
Fixes: https://github.com/OpenRC/openrc/pull/477
|
|
Set the HAVE_PAM option if the dependency is found *and* pam is
requested.
X-Gentoo-Bug: 821211
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821211
|
|
|
|
Some distros are still using versions of pam which do not create
*.pc files, so we need fallback logic for that situation.
|
|
Pam generates pkgconfig files now, so meson can use them to find the pam
dependencies.
|
|
|
|
This fixes #438.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Closes #116.
Closes #171.
Closes #172.
Closes #175.
|