Age | Commit message (Collapse) | Author |
|
This is our own version of asprintf(). This original code was written by
Mike Frysinger, and I was able to modify it to use our memory helper
functions.
We need a version of this code because it is not available on glibc at
least without defining _GNU_SOURCE, and I would rather not do that.
This is the first step in improving string handling in OpenRC for #207.
|
|
|
|
|
|
This is related to #195.
This is an attempt to shorten the window for the first two issues
discussed by using a file descriptor which does not follow symbolic
links and using the fchmod and fchown calls instead of chown and chmod.
with.
|
|
X-Gentoo-Bug: 643084
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=643084
|
|
X-Gentoo-Bug: 643084
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=643084
|
|
Checkpath should never follow symbolic links when changing ownership of a file.
This is for https://github.com/openrc/openrc/issues/195.
|
|
This works like the other --if options. If the service is crashed, run
the command.
This fixes #154.
|
|
rc_deptree_update_needed would return early as soon as it found
any file newer than the existing dependency cache. Unfortunately,
the first file found may not be the newest one there; so the
clock skew workaround in rc-misc:_rc_deptree_load would be given
a timestamp that was still too old.
This fix forces a full scan of all relevant files, so as to
ensure that we return a timestamp that will allow the clock skew
fix to operate. The runtime cost is no worse than the case where
the cache is up to date (ie. we must check every possible file).
This fixes #161.
|
|
X-Gentoo-Bug: 639218
X-Gentoo-Bug-URL: https://bugs.gentoo.org/639218
|
|
This is for #186.
|
|
This avoids trying to kill everything.
X-Gentoo-Bug: 631958
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=631958
|
|
Ignore namespaces if there are errors reading either the pid namespace
for the current process or the process we aare testing.
This fixes https://github.com/openrc/openrc/issues/180.
|
|
X-Gentoo-Bug: 636574
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=636574
|
|
|
|
This makes ps show which service the supervisor is monitoring.
|
|
|
|
|
|
|
|
|
|
|
|
The unsupervised status is to be used when a supervisor of a supervised
service dies but leaves the service daemon itself running.
|
|
This allows us to detect when the supervisor dies unexpectedly because
in that case child_pid will still exist.
|
|
This allows the equivalent of "unsetting" a value for a service.
|
|
X-Gentoo-Bug: 635334
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=635334
|
|
X-Gentoo-Bug: 634634
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=634634
|
|
- Harden against dying by handling all signals that would terminate the
program and adding --reexec support
- factor the supervisor into its own function
- fix test for whether we are already running
|
|
Prior to this change, we were logging unexpected terminations of daemons
we were supervising at the info level. This change moves the logs to
warnings.
|
|
|
|
The service binary was just a synonym for rc-service, so use rc-service
instead of service. If you want a "service" binary, it should be
something that can determine which service manager you are running and
run the appropriate service manager commands.
|
|
We need to do this to skip the zombie state for the child process since
we are not easily able to wait() for it.
|
|
|
|
|
|
Clean up the process for killing an active supervisor when stopping.
|
|
|
|
This is for #163.
|
|
rc-selinux.c: In function ‘selinux_setup’:
rc-selinux.c:361:9: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
curr_t = context_type_get(curr_con);
^
|
|
The minimum requirement for libselinux is now >=2.6
The refpolicy and the gentoo policy contain the
contexts since version 2.20170204-r4
|
|
This allows supervise-daemon to run this code without attempting to
print some status messages used by start-stop-daemon.
|
|
|
|
The --retry option for supervise-daemon defines how the supervisor will
attempt to stop the child process it is monitoring. It is defined when
the supervisor is started since stopping the supervisor just sends a
signal to the active supervisor.
This fixes #160.
|
|
|
|
This was part of start-stop-daemon; however, it needs to be shared in
order to be used by supervise-daemon.
|
|
|
|
X-Gentoo-Bug: 624796
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=624796
|
|
|
|
|
|
|
|
|
|
How to reproduce 1-byte overflow:
```
$ FEATURES=-test CFLAGS="-fsanitize=address -O0 -ggdb3" emerge -1 openrc
=================================================================
==1==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff0efd8710
at pc 0x000000402076 bp 0x7fff0efd7d50 sp 0x7fff0efd7d40
WRITE of size 1 at 0x7fff0efd8710 thread T0
#0 0x402075 (/sbin/openrc-init+0x402075)
#1 0x3cf6e2070f in __libc_start_main (/lib64/libc.so.6+0x3cf6e2070f)
#2 0x4013b8 (/sbin/openrc-init+0x4013b8)
Address 0x7fff0efd8710 is located in stack of thread T0 at offset 2432 in frame
#0 0x401cfb (/sbin/openrc-init+0x401cfb)
This frame has 3 object(s):
[32, 160) 'signals'
[192, 344) 'sa'
[384, 2432) 'buf' <== Memory access at offset 2432 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow ??:0 ??
```
The problem here is in the code handling reads from 'init.ctl':
```
int main(int argc, char **argv) {
...
char buf[2048];
for (;;) {
/* This will block until a command is sent down the pipe... */
fifo = fopen(RC_INIT_FIFO, "r");
count = fread(buf, 1, 2048, fifo);
buf[count] = 0;
...
}
```
`buf[count] = 0;` writes outside the buffer when `fread()` returns non-truncated read.
This fixes #138.
|