aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2022-02-06capabilities: Add support for securebits flagsLinkTed
This adds securebits flags for start-stop-daemon and supervise-daemon by adding --secbits option. As a result, the user can specify securebits the program should run with. see capabilities(7)
2022-01-26rc-misc.c: Allocate memory for 'file'Matt Turner
This is a partial revert of commit 8e02406d ("rc-misc.c: remove references to PATH_MAX"), which changed 'file' to a null pointer with no associated storage. ../openrc-0.44.10/src/rc/rc-misc.c: In function ‘_rc_deptree_load’: ../openrc-0.44.10/src/rc/rc-misc.c:392:33: warning: ‘%s’ directive argument is null [-Wformat-overflow=] 392 | eerror("Clock skew detected with `%s'", file); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Fixes: 8e02406d ("rc-misc.c: remove references to PATH_MAX") Closes: #493
2021-12-31define the pam directory at the top levelWilliam Hubbs
2021-12-30fix libkvm dependency for *bsdWilliam Hubbs
2021-12-29remove separate pam directoryWilliam Hubbs
2021-12-23capabilities: Add support for Linux capabilities(7)LinkTed
This adds capabilities for start-stop-daemon by adding --capabilities option. As a result, the user can specify the inheritable, ambient and bounding set by define capabilities in the service script. This fixes #314.
2021-12-22add option for OOM score adjustmentMatt Whitlock
This commit adds a new --oom-score-adj option to start-stop-daemon and supervise-daemon, as well as an equivalent SSD_OOM_SCORE_ADJ environment variable. If either of these are specified (with the command-line option taking precedence), then the specified adjustment value is written to /proc/self/oom_score_adj after forking but prior to exec'ing the daemon (at the time when nice and ionice are applied). Additionally, per a suggestion by Mike Frysinger, the suggested values for the SSD_NICELEVEL, SSD_IONICELEVEL, and SSD_OOM_SCORE_ADJ variables in the example config file are now given as zeros, which are the kernel's default values of these process knobs for the init process at boot. Note that uncommenting any of these zero-valued suggestions will cause SSD/SD to set the corresponding process knob affirmatively to zero, whereas leaving the variable unset (and the equivalent command- line option unspecified) means SSD/SD will not change the corresponding process knob from its inherited value. See: https://github.com/OpenRC/openrc/pull/435#discussion_r688310672 This fixes #435.
2021-12-21start-stop-daemon: fix typo in error messageMatt Whitlock
2021-12-21broadcast: fix compiler warningsMike Frysinger
Newer gcc reports: broadcast.c: In function 'broadcast': broadcast.c:132:15: warning: variable 'tp' might be clobbered by 'longjmp' or 'vfork' [-Wclobbered] 132 | FILE *tp; Move the storage off the stack to avoid. This makes the function not safe for multithread use, but we don't do that anywhere, so who cares!
2021-12-21code style: remove space after unary "not" operatorMatt Whitlock
There are no semantic changes in this commit. Suggested-by: Mike Frysinger <vapier@gentoo.org> See: https://github.com/OpenRC/openrc/pull/435#pullrequestreview-727035394
2021-12-20use HEAD in git URIs to point to the default branchMike Frysinger
This makes the URIs shorter and dynamic: whatever the default branch the repo uses will be used.
2021-12-20drop unused copyright variablesMike Frysinger
The existing copyright notices in the file headers cover these vars.
2021-12-20change getopt definition to elide pointer storageMike Frysinger
Make this a const pointer to the storage directly instead of a pointer variable that points to the storage. Makes the code slightly smaller.
2021-12-12rc-status: fix uptime types and simplifyDoug Freed
This fixes #484. This fixes #483.
2021-11-27src/rc/rc-selinux.c: fix use of deprecated security_context_tSam James
It's only a char* and has been deprecated upstream [0]. [0] https://github.com/SELinuxProject/selinux/commit/7a124ca27581 Fixes: #478
2021-11-20meson: link against libcrypt for SELinux if no PAMSam James
We use libcrypt's crypt() if we're _not_ using PAM in the SELinux code (rc-selinux, specifically). X-Gentoo-Bug: 824954 X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954 Fixes: https://github.com/openrc/openrc/pull/477
2021-11-12src/librc/librc-daemon.c: add missing include for kill (fix uclibc)Sam James
Fixes: #471 Fixes: #473
2021-11-12src/librc/librc-misc.c: add missing include for fileno (fix uclibc)Sam James
Fixes: #471 Fixes: #473
2021-11-12Added missing comma in openrc/src/rcEric Turgeon
Clang was failing with: ``` /zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:70:2: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation] "when leaving single user or boot runlevels", ^ /zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:69:2: note: place parentheses around the string literal to silence warning "override the next runlevel to change into\n" ^ ``` This fixes #469.
2021-11-12openrc-init: fix build for selinuxWilliam Hubbs
X-Gentoo-Bug: 821520 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821520
2021-10-08selinux build fixWilliam Hubbs
2021-10-07checkpath: fix allocation size of path bufferSam James
strlen's return value isn't enough to be used directly for (x)malloc; it doesn't include the null byte at the end of the string. X-Gentoo-Bug: 816900 X-Gentoo-Bug-URL: https://bugs.gentoo.org/816900 Fixes: #459 Fixes: #462
2021-10-04fix build for selinuxWilliam Hubbs
2021-10-02build: fix pam and pam_misc dependenciesWilliam Hubbs
Pam generates pkgconfig files now, so meson can use them to find the pam dependencies.
2021-09-21move rc_bindir and rc_sbindir definitions to the top levelWilliam Hubbs
2021-09-18link runscript with auditWilliam Hubbs
2021-09-18link openrc-run with audit and libpam_miscWilliam Hubbs
2021-09-09Fix undeclared UT_LINESIZEJakub Jirutka
Fix the following error: broadcast.c:41:21: error: '__UT_LINESIZE' undeclared (first use in this function); did you mean 'UT_LINESIZE'? #define UT_LINESIZE __UT_LINESIZE ^~~~~~~~~~ Constant UT_LINESIZE is defined in <utmp.h> provided by musl.
2021-09-09fix build under musl 1.2 on 32 bit systemsAriadne Conill
Since musl 1.2 time_t is a 64 bit value, even on 32 bit systems. A hotfix for printing the value is simply using PRIu64 from inttypes.h in the format string. This fixes #446.
2021-09-08meson: typo fixWilliam Hubbs
2021-09-06build: change root_prefix to rootprefixWilliam Hubbs
2021-09-04add meson build filesWilliam Hubbs
Closes #116. Closes #171. Closes #172. Closes #175.
2021-08-17supervise-daemon: implement SSD_IONICELEVELMatt Whitlock
supervise-daemon was apparently overlooked when support for the SSD_IONICELEVEL environment variable was added. This commit brings supervise-daemon up to parity with start-stop-daemon with respect to this environment variable.
2021-08-13move supervise-daemon out of experimental statuskyoreln
supervise-daemon is no longer experimental so remove the statements to that affect. This fixes #434.
2021-08-13Revert "openrc-init: ignore an empty string in argv[1]"William Hubbs
This reverts commit dec9ef200b0d7e96993e2725792a9e7abe9c5f1f. This check is no longer needed since rc_runlevel_exists() is fixed. X-Gentoo-Bug: 803536 X-Gentoo-Bug-URL: https://bugs.gentoo.org/803536 Closes: https://github.com/OpenRC/openrc/pull/431
2021-08-13librc: fix rc_runlevel_exists return for empty stringWilliam Hubbs
This function should return false if the runlevel is an empty string. X-Gentoo-Bug: 803536 X-Gentoo-Bug-URL: https://bugs.gentoo.org/803536 Closes: https://github.com/OpenRC/openrc/pull/431
2021-08-12openrc-init: ignore an empty string in argv[1]Mike Gilbert
X-Gentoo-Bug: 803536 X-Gentoo-Bug-URL: https://bugs.gentoo.org/803536 Closes: https://github.com/OpenRC/openrc/pull/431
2021-04-15checkpath: fix code to walk the directory pathWilliam Hubbs
X-Gentoo-Bug: 782808 X-Gentoo-Bug-URL: https://bugs.gentoo.org/782808
2021-04-13checkpath: remove extra slashes from pathsWilliam Hubbs
This fixes #418.
2021-04-13style fixWilliam Hubbs
2021-03-22stop namespaced services with specified pidsWilliam Hubbs
The previous fix excludes PIDs of processes running in a different namespace regardless of whether the PID has been explicitly stored in a PID file mentioned in the --pidfile parameter. The correct behavior is to only exclude the pid if it is not stored in a pidfile. X-Gentoo-Bug: 776010 X-Gentoo-Bug-URL: https://bugs.gentoo.org/776010
2021-02-22start-stop-daemon: Fix off by ones when checking for RC_* envvarsDisconnect3d
The same as https://github.com/OpenRC/openrc/pull/361 This fixes #362.
2021-02-22supervise-daemon: Fix off by ones when checking for RC_* envvarsDisconnect3d
Fixes strncmp size argument off by one as the current implementation didn't match the `=` character. This fixes #361.
2021-02-22Support docker and lxc stopRin Cat
This fixes #398.
2020-12-20rc-status: Remove noise from ini-formatted outputManuel Rüger
Otherwise this would create the following output: rc-status -f ini * Caching service dependencies ... [ ok ] [default] dbus = started NetworkManager = started syslog-ng = started ... This fixes #364.
2020-11-29supervise-daemon: do not spawn a process if we are exitingWilliam Hubbs
This fixes #375 and allows us to not add another level of indentation in the supervisor loop.
2020-11-27src/rc/checkpath.c: replace mkdir() with mkdirat().Michael Orlitzky
The do_check() function recently gained some defenses against symlink replacement attacks that involve the use of *at functions in place of their vanilla counterparts; openat() instead of open(), for example. One opportunity to replace mkdir() with mkdirat() was missed, however, and this commit replaces it. This fixes #386.
2020-11-27src/rc/checkpath.c: fix typo "synbolic" -> "symbolic".Michael Orlitzky
2020-11-27start-stop-daemon, supervise-daemon: fix parsing of usernames passed via ↵Johannes Heimansberg
--user that start with a number start-stop-daemon and supervise-daemon parse usernames and group names passed via the --user argument as numeric UID/GID if they start with a number (e.g. user "4foo" will be treated as UID 4). This results in the process that is being started to run under a totally unexpected user if that UID exists. Even though the result of the sscanf calls are tested for a result of exactly 1, which means exactly one value was extracted, because sscanf's format string only contains only one placeholder, it will never return a value greater than 1, even if there are still characters left to be parsed. This causes start-stop-daemon and supervise-daemon to assume that usernames starting with a number are just that number. Adding a second placeholder "%1s" to the format string, which matches a string of length 1, makes sure that sscanf can distinguish between pure numbers (in which case it will return 1) and strings either starting with a number (in which case it will return 2) and any other string (in which case it will return 0). This fixes #379. This fixes #380.
2020-11-20start-stop-daemon: Don't segfault if --exec was given a non-existing file nameLars Wendler
Starting program: /sbin/start-stop-daemon --start --exec i-dont-exist Program received signal SIGSEGV, Segmentation fault. 0x0000555555559053 in main (argc=1, argv=0x7fffffffdc20) at start-stop-daemon.c:631 631 *exec_file ? exec_file : exec); This fixes #385.