aboutsummaryrefslogtreecommitdiff
path: root/sh
AgeCommit message (Collapse)Author
2022-02-06linux: Add support for No New Privs flagLinkTed
This add No New Privs flag for start-stop-daemon and supervise-daemon by adding --no-new-privs flag. As a result, the user set the No New Privs flag for the program should run with. see PR_SET_NO_NEW_PRIVS prctl(2)
2022-02-06capabilities: Add support for securebits flagsLinkTed
This adds securebits flags for start-stop-daemon and supervise-daemon by adding --secbits option. As a result, the user can specify securebits the program should run with. see capabilities(7)
2021-12-29build: rename sh_dir variable to rc_shdirWilliam Hubbs
2021-12-23capabilities: Add support for Linux capabilities(7)LinkTed
This adds capabilities for start-stop-daemon by adding --capabilities option. As a result, the user can specify the inheritable, ambient and bounding set by define capabilities in the service script. This fixes #314.
2021-12-20use HEAD in git URIs to point to the default branchMike Frysinger
This makes the URIs shorter and dynamic: whatever the default branch the repo uses will be used.
2021-10-15 Use cgroup.kill in cgroup_cleanup when possibleAidan Harris
The old code is moved to a cgroup_fallback_cleanup function and only called if cgroup2_kill fails. This fixes #454.
2021-09-11[runit integration] give a bit of time to start the serviceAaditya Bagga
Currently, we run sv start immediately after linking the service. The runsv process may not be up at the moment, as a result of which openrc will mark the service as stopped, even though it may be brought up by runit at the next scan. This is documented in the gentoo wiki: https://wiki.gentoo.org/wiki/Runit#OpenRC.27s_runit_integration_feature This PR adds a timeout so that correct process state can be reported. Before: * Starting netdata-runit ... fail: /run/openrc/sv/netdata: runsv not running * Failed to start netdata-runit After: * Starting netdata-runit ... fail: /run/openrc/sv/netdata: runsv not running ok: run: /run/openrc/sv/netdata: (pid 9042) 0s This fixes #253.
2021-09-09rc-mount: make timeout invocation compatible with busybox timeoutSören Tempel
Busybox timeout does not support the `-k` flag. As such, invoking fuser from do_unmount never worked without this patch. This went unnoticed as standard error is redirected to /dev/null. This patch fixes this by simply removing the incompatible `-k` flag. [Ariadne: the `-k` is redundant anyway, since we are sending the KILL signal to begin with.]
2021-09-06build: change root_prefix to rootprefixWilliam Hubbs
2021-09-04add meson build filesWilliam Hubbs
Closes #116. Closes #171. Closes #172. Closes #175.
2021-08-12sh/rc-cgroup.sh: fix case in starting messageWilliam Hubbs
X-Gentoo-Bug: 804193 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=804193
2021-08-12sh/rc-cgroup.sh: fix cgroup_cleanupWilliam Hubbs
X-Gentoo-Bug: 804193 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=804193
2021-04-04cgroup2_set_limits: fix harmless error messageWilliam Hubbs
In legacy cgroups mode, we were running `mountinfo -q ""` which was generating an error message. If we return immediately when cgroup2_find_path returns an empty value, we avoid this message.
2021-03-22init.sh: rework the /run setup for linux xystemsWilliam Hubbs
- fix mount options for /run. - run restorecon after everything is set up. X-Gentoo-Bug: 740576 X-Gentoo-Bug-URL: https://bugs.gentoo.org/740576
2021-03-15rc_cgroup.sh: do not add newline when writing group2 valuesWilliam Hubbs
Fixes: #407
2021-03-01rc-cgroup.sh: avoid process substitution for cgroup_get_pidsWilliam Hubbs
This should make cgroup_cleanup work successfully since cgroup_get_pids no longer uses a subshell. This fixes #396. This fixes #397.
2021-01-05typo fixWilliam Hubbs
2021-01-05improve the diagnostic when the ulimit builtin failsWilliam Hubbs
X-Gentoo-Bug:739274 X-Gentoo-Bug-URL:https://bugs.gentoo.org/739274
2020-01-11binfmt: ensure a file is ungegistered before registeringartoo
This fixes #328
2020-01-11make grep usage POSIX compliantEthan Sommer
use grep -E instead of egrep check for space or end of line instead of GNU-specific word boundary This fixes #345
2019-09-03cgroup2_set_limits: verify that the cgroup2 path is a mount pointE5ten
prior to cgroups getting mounted, /sys/fs/cgroup will still exist, but attempts to make directories in it will fail, change cgroup2_set_limits() to verify that cgroups are mounted instead of just checking that /sys/fs/cgroup exists. This fixes #307. This fixes #321.
2019-02-22combine test directoriesWilliam Hubbs
This fixes #295.
2019-02-13add experimental support for an alternate shell for service scriptsWilliam Hubbs
This is for #288.
2018-12-23remove /run migration script againWilliam Hubbs
This time it was done correctly. I missed a '\' the last time.
2018-12-23Revert "remove /run migration script"William Hubbs
For some reason removing this broke the build. This reverts commit 5246ea7b6f8c6a247403f725f8301457f6ddfffd.
2018-12-23remove /run migration scriptWilliam Hubbs
We have used /run for some time now and we have had this migration script for 6 years. Linux users should have upgraded by now to a version of OpenRC which stores its information in /run.
2018-12-08standardize the default shellWilliam Hubbs
I do not know of a need to have the default shell be a build-time configurable setting. All *nix systems I am aware of have /bin/sh as a default posix compatible shell. If some systems running OpenRC do not make that assumption about /bin/sh, I will consider bringing this back, so feel free to open an issue.
2018-12-07rc-cgroup.sh: remove shebang lineWilliam Hubbs
This is not a stand-alone script, so it does not need the shebang line. This also means it is not necessary to run this through sed.
2018-12-03supervise-daemon.sh: drop the unused stopsig variableWilliam Hubbs
2018-12-03supervise-daemon: use a default pid file if one is not specifiedWilliam Hubbs
Since the pid file is internal to us, start moving toward deprecating it by not requiring the user to specify it. In the next release, I plan on working on code to start phasing out the use of a pid file if this is possible.
2018-11-18sh/functions.sh.in: return a different value for invalid input in yesno()Austin English
2018-11-15supervise-daemon: make the pidfile an implementation detailWilliam Hubbs
The pidfile of the supervisor doesn't need to be adjustable by the service script. It is only used so the supervisor can stop itself when the --stop option is used.
2018-11-06supervise-daemon.sh: drop invalid --signal switchWilliam Hubbs
This fixes #230.
2018-10-23supervise-daemon: add health checksWilliam Hubbs
Health checks are a way to monitor a service and make sure it stays healthy. If a service is not healthy, it will be automatically restarted after running the unhealthy() function to clean up.
2018-10-13misc: whitespace fixesAustin English
2018-07-09rc-functions.sh: Remove addon supportWilliam Hubbs
This is an old relic from Gentoo baselayout-1.x which should not be used any longer.
2018-06-15sh/start-stop-daemon.sh: fix processing of the logger argumentsWilliam Hubbs
2018-06-15start-stop-daemon: add ability to log stdout or stderr to processesWilliam Hubbs
2018-05-30sh/supervise-daemon.sh: use start_stop_daemon_args if supervise_daemon_args ↵Austin English
is undefined
2018-05-22openrc-run.sh: move crashed test outside started testWilliam Hubbs
This is handled inside librc, so we don't need the nesting in this script.
2018-03-11Clean up cgroups v2 codeWilliam Hubbs
Remove the IFS manipulation and simplify the loop that processes the settings.
2018-02-28init.sh: apply SELinux label for /run early in bootJason Zaman
Some initramfs mount /run which then ends up with the wrong labels. Force relabel all of /run right after its mounted to fix.
2018-02-28init-early.sh.Linux.in: apply the selinux label to /dev/console earlyJason Zaman
/dev/console is relabelled later in the devfs init script, but by then we have already missed some of the messages, so fix that label early.
2018-02-23check whether /sys/fs/cgroup is a mountpointChristian Brauner
The current check only tries to detect whether /sys/fs/cgroup exists and whether it is writable or not. But when the init system doesn't mount cgroups then /sys/fs/cgroup will just be an empty directory. When paired with unprivileged containers that mount sysfs this will cause misleading errors to be printed since /sys/fs/cgroup will be owned by user nobody:nogroup in this case. Independent of this specific problem this check will also be misleading when the /sys/fs/cgroup exists and is in fact writable by the init system but isn't actually a mountpoint. Note from William. "grep -qs" doesn't need to redirect output to /dev/null since it is completely silent. This fixes #209.
2017-12-01Clean up the calls to group_add_serviceWilliam Hubbs
This function should only be called once and it does not take any arguments. X-Gentoo-Bug: 639166 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=639166
2017-11-29add more variables for start-stop-daemon and supervise-daemon optionsJulien Reichardt
Add the following variables to expose more arguments that can be passed to start-stop-daemon or supervise-daemon: - directory will be passed to --chdir - error_log will be passed to --stderr - output_log will be passed to --stdout - umask will be passed to umask This is for #184.
2017-11-16s6 supervisor fixesWilliam Hubbs
Add the ability to force-kill a service if it does not go down successfully. Also, adjust the default wait time for an s6 service to go down to 60 seconds.
2017-10-27supervise-daemon: use RC_SVCNAME as the first argument to the daemonWilliam Hubbs
This makes ps show which service the supervisor is monitoring.
2017-10-26implement "unsupervised" statusWilliam Hubbs
The unsupervised status is to be used when a supervisor of a supervised service dies but leaves the service daemon itself running.
2017-10-25supervise-daemon.sh: fix status function with no namespacesWilliam Hubbs