Commit Graph

56 Commits

Author SHA1 Message Date
William Hubbs
7cb8d94323 Stop mounting efivarfs read-only
We do not need to do this any longer since all supported linux kernels
make efivarfs immutable and the tools that manipulate it are aware of
this feature.

This fixes https://github.com/openrc/openrc/issues/238.
2018-08-14 10:21:27 -05:00
William Hubbs
3de6395ae3 split cgroups mounting out of sysfs
This is neceessary to allow cgroups to be mounted in an lxc/lxd
container.

Fixes https://github.com/openrc/openrc/issues/187
2017-11-28 17:14:33 -06:00
William Hubbs
efa9ba485d init.d/sysfs.in: fix reference to RC_LIBEXECDIR
The sysfs init script referred to @LIBEXECDIR@ before this change, but
it is better to refer to RC_LIBEXECDIR so that we get rid of a sed
substitution.
2017-10-09 15:54:06 -05:00
William Hubbs
3fafd7a76e sysfs: fix cgroup hybrid mode
In hybrid mode, we should not try to mount cgroup2 if it is not
available in the kernel.

This fixes #164.
2017-09-16 17:02:52 -05:00
William Hubbs
457f928e79 add support for control groups version 2
This is for #94.
2017-09-14 10:38:10 -05:00
William Hubbs
f87a9eec3d init.d/sysfs: mount efivars read only
This fixes #134.
2017-06-13 13:19:36 -05:00
William Hubbs
5f5b1f7cbe init.d/sysfs.in: efivarfs tweaks
Since we check for /sys/firmware/efi/efivars, we do not need to check
for /sys/firmware/efi

Since Failing to mount efivarfs is not critical, we silence the error
message from mount.
2017-03-12 13:55:49 -05:00
William Hubbs
21ca2b746c init.d/sysfs: drop modules completely from the dependencies
This is for #112.
2017-03-08 10:44:10 -06:00
William Hubbs
6a79aef015 init.d/sysfs: Do not load efivarfs module
My understanding is that the kernel can autoload this module. If it
doesn't, the module should be built in or loaded from an initramfs.

This fixes https://github.com/openrc/openrc/pulls/112.
2017-03-07 17:49:42 -06:00
William Hubbs
deaae7ab5c init.d/sysfs: load efivarfs module when booting in efi mode:1
The presence of /sys/firmware/efi is used to indicate that the system
was booted in efi mode.
2016-10-05 22:48:17 -05:00
William Hubbs
3d2c2f0b87 init.d/sysfs: fix efivarfs module test 2016-10-04 18:18:17 -05:00
William Hubbs
6a0c033a64 init.d/sysfs: fix efivarfs handling
Separate loading the module, if it isn't built in or loaded, from
mounting the file system.

This also makes sure the warning about configuring the module in
/etc/conf.d/modules or building it in is displayed only if it is loaded
successfully.

X-Gentoo-Bug: 595836
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=595836
2016-10-04 12:06:58 -05:00
Doug Freed
61882821e0 init.d: Clean up some bad ewarn output 2016-09-28 15:00:40 -04:00
William Hubbs
73cdf10f1f Deprecate automatic loading of modules
In the hwclock, procfs and sysfs service scripts, we automatically
attempt to load the kernel modules we need before we take any action. We
shouldn't do this, because there are systems which do not use kernel
modules and do not have the kmod package installed.

With this change, we continue to load the modules ourselves, but we warn
the admin that they need to be added to /etc/conf.d/modules or built
into the kernel.

In the future, this automatic loading will be dropped.

X-Gentoo-Bug: 342313
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=342313
2016-08-19 11:08:27 -05:00
William Hubbs
da28a3d367 init.d: initial service adjustments for docker support
Add -docker keyword to the same scripts that have -lxc keyword.
2016-07-31 13:01:17 -05:00
Mike Frysinger
2c1f6a16e1 sysfs: mount pstore when available 2016-02-09 15:39:43 -06:00
William Hubbs
000503fad7 Convert OpenRC to a centralized copyright/license structure
In the past, OpenRC was a hybrid of a centralized and file-scope
license/copyright structure.

I followed the instructions from the Software Freedom Law Center [1] to
convert to a Centralized structure where possible, for easier future
maintenance.

[1] https://softwarefreedom.org/resources/2012/ManagingCopyrightInformation.html
2015-12-21 12:16:06 -06:00
William Hubbs
9d53d436ae sysfs: consolidate cgroup processing code in a single function 2015-10-13 15:07:53 -05:00
William Hubbs
17ef205bc6 sysfs: use printf instead of echo to write to cgroup files
This is needed for compatibility with musl and printf is also posix.

X-Gentoo-Bug: 562334
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=562334
2015-10-06 13:31:43 -05:00
Mike Gilbert
7bd456ed7b Disable service scripts for systemd-nspawn
This adds the -systemd-nspawn keyword to service scripts which are not
intended to run in systemd-nspawn containers.

This fixes #52.

    X-Gentoo-Bug: 548058
    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=548058
2015-05-01 09:14:09 -05:00
William Hubbs
62addf1180 Move SELinux mount to sysfs service
The selinux file system is mounted under /sys, so move the code for it
to the appropriate service.

X-Gentoo-Bug: 546290
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=546290
2015-04-14 11:41:17 -05:00
William Hubbs
30cc3cdb76 Make sysfs behave like netmount and localmount
sysfs now mounts all related sysfs file systems and returns success,
like netmount and localmount.

Also, we now check to make sure the cgroups are not mounted before we
mount them.

X-Gentoo-Bug: 530138
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=530138
2014-11-23 21:39:20 -06:00
William Hubbs
e860b7cb4f Revert "sysfs: fix permissions on cgroup mounts"
This reverts commit 7a25491ced.
This was broken; I need to look further into it.
2014-09-16 17:44:30 -05:00
William Hubbs
7a25491ced sysfs: fix permissions on cgroup mounts 2014-09-16 15:14:12 -05:00
William Hubbs
4f4f00d612 cgroups: fix cgroup subsystem mounting
Originally, we aborted all of the cgroup setup if /sys/fs/cgroup/openrc
was already mounted. This  caused an issue in lxc containers, so we
should always allow the subsystems to be mounted.

X-Gentoo-Bug: 520606
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=520606
2014-08-22 14:01:20 -05:00
Jason Zaman
99939b9839 sysfs: restorecon after mounting /sys
X-Gentoo-Bug: 516956
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=516956
2014-07-16 18:21:59 -05:00
William Hubbs
25c229cf83 sysfs.in: fix indentation 2014-07-14 15:58:50 -05:00
William Hubbs
56112a6f1f sysfs: Do not mount openrc cgroup if it is already mounted
We were not checking to see if /sys/fs/cgroup/openrc was already mounted
before we mounted it. This fixes that issue.
Thanks to Robin Johnson <robbat2@gentoo.org> for pointing this out.
2014-06-30 20:30:39 -05:00
William Hubbs
3470eda3f5 Rename runscript to openrc-run
This was requested by Debian, because the minicom software, which is
available on Debian and other distros, has a binary named runscript. We
are keeping a backward compatibility symlink for now, but this allows
Debian or any other distro to safely remove the symlink.

X-Gentoo-Bug: 494220
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=494220
2013-12-29 22:57:31 -06:00
Robin H. Johnson
02a7d3573d efivarfs: Support EFI variable access in 3.10 kernels.
In the 3.10 kernel, EFI variables are now provided by a dedicated
filesystem that needs to be mounted.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
2013-06-24 15:42:56 -05:00
Andrew Gregory
8a44067838 Fix shebangs in services to point to the correct location of runscript
SBINDIR and BINDIR can be set independently of PREFIX.  This fixes
broken shebangs in service files when SBINDIR is set to something other
than PREFIX/sbin

Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2013-02-23 20:30:39 -06:00
William Hubbs
8a6c3391bd sysfs: mount the fusectl file system
Reported-by: vapier@gentoo.org
X-Gentoo-Bug: 453740
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=453740
2013-02-01 13:49:02 -06:00
William Hubbs
ae9acfaed8 sysfs: add -lxc keyword
The sysfs filesystem should not be mounted inside a linux container.

Reported-by: permeakra@gmail.com
X-Gentoo-Bug: 425790
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=425790
2012-10-02 15:02:11 -05:00
William Hubbs
e641b43849 Bring Back prefix support
We now have a team member who is interested in OpenRC on prefix, so I am
bringing it back to the main tree.
2012-07-26 10:54:48 -05:00
William Hubbs
3df0bd64cb cgroups: allow users to turn off creation of controller cgroups
This adds a switch to not create the one-cgroup-per-controller setup of
cgroups.

reported-by: davidweb@klaftenegger.de
X-Gentoo-Bug: 423317
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=423317
2012-07-03 13:49:58 -05:00
William Hubbs
3247184d86 Remove prefix support
I spoke with the prefix team sometime back and was told that they do not
have an interest in using OpenRC on prefix systems.
2012-02-21 07:27:16 -06:00
William Hubbs
58e04035ed Cgroups: do not update mtab when mounting control groups
This is based on a patch submitted by the reporter; however, there was
another mount command which needed -n as well so it was added to the
patch.

Reported-by: Ben Kohler <bkohler@gmail.com>
X-Gentoo-Bug: 400967
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=400967
2012-01-27 11:19:41 -06:00
William Hubbs
de5cee2c21 cgroups: make sure /sys/fs/cgroup is a mount point
We need to make sure this directory is a mount point before we add the
control groups.

Reported-by: Andrej Filipcic <andrej.filipcic@ijs.si>
X-Gentoo-Bug: 400903
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=400903
2012-01-26 11:02:00 -06:00
William Hubbs
cacea4e7f3 Cgroups: activate the openrc control group release agent 2012-01-23 22:00:08 -06:00
William Hubbs
ce4c9b5397 Cgroups: create openrc control group
This creates the "openrc" control group with no subsystems attached. The
next step will be to add everything openrc starts to this group.
2012-01-23 21:46:33 -06:00
William Hubbs
cd52fecc4e cgroups: turn on groups by default
The control groups we create are the ones recommended by the linux
kernel, so this should be on most of the time if cgroups are enabled in
the kernel.
2012-01-05 22:28:04 -06:00
William Hubbs
29da0c8bf0 cgroups: default the size of the tmpfs to 10 mb 2011-12-29 10:01:28 -06:00
William Hubbs
f6dc3d5ae9 cgroups: always mount the tmpfs on /sys/fs/cgroup
X-Gentoo-Bug:395079
X-Gentoo-Bug-URL:https://bugs.gentoo.org/show_bug.cgi?id=395079
2011-12-20 01:42:36 -06:00
Piotr Karbowski
3e2001f6a2 add rc_cgroup option to allow disabling of cgroup default setup
Currently, cgroups are still in development, so we are not setting them
up by default. However, this default will be changed in the future.

This commit message and patch were updated by
William Hubbs <williamh@gentoo.org>.

X-Gentoo-Bug: 395079
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=395079
2011-12-20 01:14:08 -06:00
William Hubbs
ed4605bf9f cgroups: remove references to the "openrc" cgroup
Openrc will set up cgroups the way the kernel documentation recommends.
2011-12-19 21:54:53 -06:00
William Hubbs
461c69acdb cgroups: mount cgroups suggested by the kernel documentation
The linux kernel documentation suggests mounting a separate cgroup
hierarchy for each subsystem you want to control/monitor. This changes
the cgroups mounting code to do this.
2011-12-18 13:33:27 -06:00
William Hubbs
d8bbeb184f CGroups: create the openrc cgroup hierarchy
Openrc will create a cgroup hierarchy called openrc which will have all
services it starts and all subsystems attached to it. If you need other
groups/hierarchies, please use libcgroup.
2011-11-20 14:07:46 -06:00
William Hubbs
0510c473d4 CGroups: /sys/fs/cgroups should be a tmpfs
The kernel documentation states that a cgroup file system should not be
mounted here, but a tmpfs.

This also means that we should not create a group for each process, but
we should allow the user to specify which group a process should be
assigned to. The rc_cgroup variable will be used for this purpose.

For more information, see /usr/src/linux/Documentation/cgroups/cgroups.txt.
2011-11-18 17:58:37 -06:00
Alexey Shvetsov
b1da4dcb99 Add support for automounting configfs and cgroupfs
Signed-off-by: Alexey Shvetsov <alexxy@gentoo.org>
2011-10-26 10:35:01 -05:00
Mike Frysinger
d0bc4f20ad drop useless "All rights reserved" notice
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2011-06-29 19:46:31 -04:00