| Age | Commit message (Collapse) | Author | 
|---|
|  |  | 
|  | This binary is a copy of the openrc binary. Referring to it as rc was
deprecated in 2016, so we should be able to drop it at this point. | 
|  | Fixes the problem described in https://bugs.gentoo.org/916947 -
start-stop-daemon hangs in infinite loop when stopping some daemons on
linux 6.6+
It appears linux 6.6 reworked tmpfs, and since then it triggers this
problem in openrc: when iterating over files via readdir, running rename
on a file could result in reading the same file again with next readdir
call.
The Open Group manual for readdir explicitly states "If a file is
removed from or added to the directory after the most recent call to
opendir() or rewinddir(), whether a subsequent call to readdir() returns
an entry for that file is unspecified.". Linux man page don't seem to
mention that, but don't seem to say anything to contradict that either.
So I presume we can't rely on some specific behaviour here.
Bug: https://bugs.gentoo.org/916947 | 
|  |  | 
|  | With the addition of logger process redirect in supervise-daemon,
pipes.c and pipes.h are now included in both s-s-d and supervise-daemon.
Thus it makes sense to move the source files to the src/shared dir. | 
|  | Allows redirecting process stdin and stdout to another process,
just like is already possible with start-stop-daemon.
Also added --stdout-logger and --stderr-logger to the man page. | 
|  | Add fallback for the close_range syscall wrapper. This is needed for
musl libc, which currently does not have a close_range wrapper.
Also set errno on errors. | 
|  | Set file descriptors to CLOEXEC instead of closing them before exec,
similar to what we do in supervise-daemon.
Use the share cloexec_fds_from() helper for this.
closefrom() is no longer used so remove the test. | 
|  | Move logic to set file descriptors to a cloexec_fds_from() function in
misc.c so it can be shared by both supervisor-daemon and
start-stop-daemon, and hide the details behind. | 
|  | Use HAVE_CLOSE_RANGE to tell if system provides a close_range(2)
wrapper, which better explains the purpose.
Add a compat inline which returns -1 if close_range is unavailable. | 
|  | `>=glibc-2.38` implements strlcpy, strlcat, etc so check for those functions
with Meson and don't provide conflicting prototypes.
Technically, it doesn't need _GNU_SOURCE, but it's easier because it's not
clear right now what glibc wants to guard it with. Note that these are in
POSIX next anyway.
Fixes: https://github.com/OpenRC/openrc/issues/643
Signed-off-by: Sam James <sam@gentoo.org> | 
|  | Commit fc4f15d6cd8e7884f7094e5d3749b01f2d5a448f broke the automatic restart of
services having runlevel-specific conf.d files.
The double dirname() was not a mistake, but the way of getting from the
service script in init.d to the upper directory containing the conf.d
directory. dirname() modifies the argument in-place, so the second call
operated on a modified value. To make it more obvious what is going on,
have the second call operate on the returned value from the first call.
Fixes: fc4f15d ("openrc: fix double-assignment to dir")
Signed-off-by: Sven Wegener <sven.wegener@stealer.net> | 
|  | Fix typo preventing the args for the vewend applet from being handled. | 
|  | This was originally introduced in 14625346c07a2a66fe77ce578c9423918bec1d97 with
an example list (just one for rc_parallel) of options. Let's add in rc_interactive
as it's a pretty obvious thing one might want to override.
See https://forums.gentoo.org/viewtopic-p-8694588.html. | 
|  | svc_exec waits until SIGCHLD comes in to close its input, but in
rc_parallel case the SIGCHLD might be unrelated.
Checking the proper pid is found in signal handler and only signaling
signal_pipe the status code directly avoids this problem. | 
|  | work around scary warnings described in previous commit | 
|  | restarting a service with --no-deps ran into a "hairy workaround", which
had a few problems discussed in [1]:
 - it ignores --dry-run, really restarting the requested service
 - if the service was stopped, the program is started but the service
status stays stopped. This makes long-lived services impossible to
(re)start again (pid already exists and running), and the service also
won't stop on shutdown.
The kludge had a long comment describing the following situation:
 - openvpn needs net and dns
 - net restarts dns
 - dns needs net
If the restart in net handled deps, openrc would deadlock waiting for
net in dns' restart, as net won't be started until that is done.
Restarting with --nodeps works around the deadlock, but can display
errors without the kludge (note that the services did start properly
anyway, the problem is that the default service path tries to lock dns
twice from openvn's dep's start and net's start's restart):
---
alpine:~# rc-service openvn start
openvn                   | * Caching service dependencies ...                                                                                                      [ ok ]
net                      |net starting
net                      |dns                       | * Call to flock failed: Resource temporarily unavailable
net                      |dns                       | * ERROR: dns stopped by something else
net                      |net started
dns                      |dns started
openvn                   |openvn started
alpine:~# rc-status | grep s[1-3]
 net                                                               [  started  ]
 dns                                                               [  started  ]
 openvn                                                            [  started  ]
---
Locking again in restart --nodep can fail in two patterns:
 - openvpn's need dependency start was first, and the restart in net
failed (case above): we can just silence locking failures and exit quietly
with restart --no-deps, which is not worse than trying to restart while
another process hold the lock.
 - the restart in net's start was first, and openvpn's need dependency
start failed: not much can be done here short of adding a new status
that a no-deps restart is in progress as in the comment, but this case
can actually just be solved by adjusting dependencies -- and it actually
has already been fixed: the current openvpn init script in alpine only
'use dns', so it will not try to start it, and that will start just
fine with openvpn -> net -> dns only each starting each other once
sequentially.
Another failure pattern is just starting dns directly: that will start
net, which will try to restart dns while we are starting it.
Silencing messages on restart also solves this.
Link: https://github.com/OpenRC/openrc/issues/224 [1] | 
|  | according to the linux manpage, the "safe" variant may not be available
on all platform. however we bundle our own `queue.h` so this should not
be an issue. | 
|  | the pid list will be accessed inside the SIGCHLD signal handler. so we
must ensure SIGCHLD handler doesn't get invoked while the list is at an
inconsistent state making it unsafe to interact with.
Co-authored-by: Dominique MARTINET <dominique.martinet@atmark-techno.com>
Bug: https://github.com/OpenRC/openrc/issues/589#issuecomment-1406588576 | 
|  | `free` is not async-signal-safe and calling it inside a signal handler
can have bad effects, as reported in the musl ML:
https://www.openwall.com/lists/musl/2023/01/23/1
the solution:
- keep track of weather remove_pid() is being called from inside a
  signal handler or not.
- if it's inside a signal handler then DO NOT call free - instead put
  that pointer into a "to be freed later" list.
- if it's not inside a signal handler then take the "to be freed later"
  list and free anything in it.
Bug: https://github.com/OpenRC/openrc/issues/589
Reported-by: Dominique MARTINET <dominique.martinet@atmark-techno.com> | 
|  |  | 
|  | problem:
* vfork has been removed from POSIX [0].
* clang-tidy flags the `strerror` and `eerror` call inside the vfork-ed
  child as undefined behavior.
solution: use posix_spawnp, which is serves similar purpose and is
specified in posix. and as an added bonus, it's also easier to use and
less lines of code.
[0]: https://www.man7.org/linux/man-pages/man2/vfork.2.html#CONFORMING_TO | 
|  | Make function declarations use the EINFO_RESTRICT macro instead of
__EINFO_RESTRICT which gets treated as the name of the argument. | 
|  | Thanks to vapier for noticing. | 
|  | This conflicts with linux-headers which uses __unused for some padding members
on ppc64le at least.
Closes: https://github.com/OpenRC/openrc/issues/622 | 
|  | this was mistakenly changed to 2023 instead of 2022-2023 in 63a5ee3d | 
|  |  | 
|  |  | 
|  | `seed_dir` gets allocated via xstrdup but never gets freed - which
clang-tidy flags as a memory leak.
instead of free-ing the allocation, just don't allocate to begin with
since there's no need for it.
also bump the copyright year. | 
|  | same rational as 459783bb
Bug: https://github.com/OpenRC/openrc/issues/589 | 
|  | same rational as 459783bb
Bug: https://github.com/OpenRC/openrc/issues/589 | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  |