Commit Graph

3447 Commits

Author SHA1 Message Date
Jakub Jirutka
953172c6c6 supervise-daemon: don't overwrite empty supervise_daemon_args
If supervise_daemon_args is not set *or empty*, it defaults to
`start_stop_daemon_args`. This is bad because supervise-daemon doesn't
accept the same options as `start-stop-daemon`. So if we set e.g.
`start_stop_daemon_args="--wait 50"`, but not `supervise_daemon_args`,
and the user adds `supervisor=supervise-daemon` to the corresponding
/etc/conf.d/<service> file, the service will fail to start due to
unrecognized option "wait".

It would be best to remove this fallback, but that might break some
existing scripts that depend on it. So this commit just changes it to
use `start_stop_daemon_args` as the default for `supervise_daemon_args`
only if `supervise_daemon_args` is not set at all, but not if it's
empty.

This at least simplifies workarounds; we can just add
`supervise_daemon_args="$supervise_daemon_args"` to init scripts.

This fixes #558.
2022-12-07 16:42:14 -06:00
Sam James
0525de4f18 librc-depend: fix -Wmismatched-dealloc
Despite this being a 'deptree', it's actually
xmalloc'd in the same function (rc_deptree_update),
and so should be free'd, not rc_deptree_free'd,
as rc_deptree_load* wasn't used to allocate it.

```
[71/213] Compiling C object src/librc/librc.so.1.p/librc-depend.c.o
../src/librc/librc-depend.c: In function ‘rc_deptree_update’:
../src/librc/librc-depend.c:1077:9: warning: ‘rc_deptree_free’ called on pointer returned from a mismatched allocation function [-Wmismatched-dealloc]
 1077 |         rc_deptree_free(deptree);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../src/shared/misc.h:29,
                 from ../src/librc/librc.h:57,
                 from ../src/librc/librc-depend.c:21:
In function ‘xmalloc’,
    inlined from ‘rc_deptree_update’ at ../src/librc/librc-depend.c:775:12:
../src/shared/helpers.h:64:23: note: returned from ‘malloc’
   64 |         void *value = malloc(size);
      |                       ^~~~~~~~~~~~
```

This fixes #563.
2022-12-07 11:35:16 -06:00
Stefan Linke
9380347f04 Avoid warning on grep 3.8 in hwclock
Starting with grep version 3.8, the hwclock init script logs warnings
about stray backslashes:

> hwclock | * Setting system clock using the hardware clock [UTC] ...
> hwclock |grep: warning: stray \ before -
> hwclock |grep: warning: stray \ before -

This is caused by the check for existence of the `--noadjfile` argument
in function `get_noadjfile()`.

Replacing the affected logic with an explicit argument denoting the
pattern as such resolves the issue.

Fixes #548
2022-09-07 11:59:30 -04:00
Matt Whitlock
112b69860f start-stop-daemon, supervise-daemon: set autogroup nicelevel
As described in "Why nice levels are a placebo and have been for a very
long time, and no one seems to have noticed"[1], the Linux kernel in its
default configuration on many Linux distributions autogroups tasks by
session ID and "fairly" allocates CPU time among such autogroups. The
nice levels of tasks within each autogroup are only relative to
other tasks within the same autogroup. Effectively, this means that the
traditional nice level is rendered moot for tools like start-stop-daemon
and supervise-daemon, which start each daemon in its own session and
thus in its own autogroup. Linux does provide a means to change the
niceness of autogroups relative to each other, so let's have start-stop-
daemon and supervise-daemon make use of this feature where available so
that -N,--nicelevel/SSD_NICELEVEL will actually do what the user
intends. On systems where autogroups are not supported or are disabled,
this commit introduces no change in behavior.

Note that the setsid() call in the child process of start-stop-daemon is
moved to much earlier. This is necessary so that the new process will be
assigned to a new autogroup before the autogroup nicelevel is set. To
avoid inadvertently acquiring /dev/tty as the controlling terminal of
the new session after setsid() has given up the controlling terminal
inherited from the parent process, tty_fd is opened before the call to
setsid().

[1] https://www.reddit.com/r/linux/comments/d7hx2c/why_nice_levels_are_a_placebo_and_have_been_for_a/
This fixes #542.
2022-09-06 17:26:22 -05:00
Sören Tempel
d21dde73ba init.d/root: don't remount swap
While refactoring the changes proposed in #533 a minor error was
introduced were the root service will now attempt to remount swap.
This will fail with the error message `mountinfo: 'swap' is not a
mountpoint`.

This fixes #546
2022-09-04 18:44:47 -05:00
William Hubbs
9b08de926b Revert "start-stop-daemon: use vfork to avoid races"
This is broken, so revert it and reopen #532.

This reverts commit 9e5ce59a21.
2022-09-02 17:27:39 -05:00
Sören Tempel
f60d42e901 init.d/root: also remount / with options provided in /etc/fstab
Without this commit, the root OpenRC service remounts all mounted
filesystems (except /) with the options defined in /etc/fstab via
fstabinfo. It is presently unclear to me why / was excluded from
remounting in 497ff7ee41 and unfortunately
neither the commit nor the associated Bugzilla issue [1] provides
further information on this.

At Alpine, our initramfs does currently not remount / with all options
defined in /etc/fstab [2]. As part of the discussion on the Alpine side
of things we wondered why OpenRC does not remount / since this would be
the easier solution for us. For this reason, this commit changes the
behavior of the OpenRC root services accordingly to also remount / with
the options defined in /etc/fstab.

[1]: https://bugs.gentoo.org/401573
[2]: https://gitlab.alpinelinux.org/alpine/mkinitfs/-/merge_requests/103
This fixes #533.
2022-09-02 13:41:44 -05:00
Arusekk
9e5ce59a21 start-stop-daemon: use vfork to avoid races
While running `rc-service start docker` on Gentoo,
I found that the command does not start the service 90% of the time,
with an enigmatic 'service crashed' message.

The root cause of this is apparently rc-service spawning a pty,
running start-stop-daemon inside that pty, and exitting,
before start-stop-daemon child process calls setsid(),
which results in the child process being killed with SIGHUP (SI_KERNEL).

Theoretically this bug was present ever since the file was created in
5af58b4514 ("Rewrite the core parts in C. We now provide...")
(or even before that), but it should have been only a minor issue before
45bd125dcc ("Use a pty for prefixed output instead of pipes for...").
Not sure why nobody has had the issue so far (it has been present for
almost 15 years).

As here setsid() is the last call before execve(), the most natural
locking mechanism is vfork(), as it gives back control to parent
process only after execve() or process termination.
So this way the bug can be fixed by adding a single letter. :-)

Another way to ensure this would be using an O_CLOEXEC file descriptor
or some custom lock, which would need to be released not before setsid().

Fixes: 5af58b4514 ("Rewrite the core parts in C. We now provide...")
Fixes #532.
2022-09-02 12:41:09 -05:00
xdavidwu
95dc83bfbc openrc: fix help messages
The two lines seem to both belong to --override, but made into seperate
array elements accidentally, making options after --override and their
help mismatch. This fixes it.
2022-07-21 03:53:42 -04:00
psykose
14b153c1a4 fix quoting of loggers in start-stop-daemon
previously broken in 6034866d1c
caused *_logger options to be passed unquoted, so
`error_logger="logger -t .."` would pass -t to s-s-d and fail to start
the service.

Fixes: #531
2022-07-03 12:40:34 -05:00
William Hubbs
3cc4c01485 remove trailing space 2022-06-28 17:21:54 -05:00
William Hubbs
414f398498 modules.in: always return 0, make loading more verbose 2022-06-27 17:32:42 -05:00
William Hubbs
107b23819d restore the init symlink for sysvinit mode
This symlink got lost in the transition to meson.

X-Gentoo-Bug: 850754
X-Gentoo-Bug-URL: https://bugs.gentoo.org/850754
2022-06-10 10:28:57 -05:00
William Hubbs
d2b3144070 clean up hostname service script
- use _ throw-away variable to get rid of a shellcheck warning
- remove tests for /etc/hostname and just try to read it
- drop reference to bash HOSTNAME variable.
- make source of host name more accurate

X-Gentoo-Bug: 850577
X-Gentoo-Bug-URL: https://bugs.gentoo.org/850577
2022-06-08 13:40:29 -05:00
William Hubbs
cddb29507d version 0.45 2022-06-07 18:04:20 -05:00
William Hubbs
399200e248 add note about seedrng to news 2022-06-07 17:43:24 -05:00
William Hubbs
ffa7443395 update news 2022-06-07 12:41:01 -05:00
William Hubbs
6c773fb4d0 drop changelog
Currently, I do not have a way to generate this since we moved to a
meson-based build.
2022-06-06 23:34:38 -05:00
William Hubbs
98d2b43a7b cirrus: drop FreeBSD 11 and 12.2, add FreeBSD 12.3 2022-05-08 19:00:00 -05:00
William Hubbs
5ffa1c7fd7 librc: fix resource leaks 2022-05-08 17:10:44 -05:00
Sam James
026472ce5e supervise-daemon: fix -Wshadow
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
e82baa17ca checkpath: fix memory leak
```
=================================================================
==22862==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 4096 byte(s) in 1 object(s) allocated from:
    #0 0x7f1fd5b12cb7 in __interceptor_malloc /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x55556abecea7 in xmalloc ../src/includes/helpers.h:64
    #2 0x55556abecea7 in xasprintf ../src/includes/helpers.h:149
    #3 0x55556abeb6fb in do_check ../src/rc/checkpath.c:206
    #4 0x55556abeb6fb in main ../src/rc/checkpath.c:443
    #5 0x7f1fd58576cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: 4096 byte(s) leaked in 1 allocation(s).
```

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
adc1e33f7e checkpath: fix memory leak
```
Direct leak of 4 byte(s) in 1 object(s) allocated from:
    #0 0x7f49539534a7 in __interceptor_strdup /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_interceptors.cpp:454
    #1 0x55d76fa66867 in xstrdup ../src/includes/helpers.h:91
    #2 0x55d76fa66867 in get_dirfd ../src/rc/checkpath.c:111
    #3 0x55d76fa66867 in do_check ../src/rc/checkpath.c:206
    #4 0x55d76fa66867 in main ../src/rc/checkpath.c:442
    #5 0x7f49536f06cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
```

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
e7f45ce31f rc-update: style fixes
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
d0a2e30137 rc-update: fix mismatched alloc
Found by GCC 11's -fanalyzer.

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
17496f3c2b rc-status: fix mismatched alloc
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
c47b37ea68 shared/misc.c: free env_allow if returning early from env_filter
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
7b2e8f9efd librc: mark rc_deptree_* functions as mallocs
(This is analogous to the rc_stringlist change.)

This gives a hint to the compiler that allocations (return values)
from this function should be paired with a corresponding dealloc/free
function.

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
000a2c19b4 librc: mark stringlist functions as warn_unused_result
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
17de4e5dfd librc: mark stringlist functions as mallocs
This gives a hint to the compiler that allocations (return values)
from this function should be paired with a corresponding dealloc/free
function

In this case, it means that every rc_stringlist that rc_stringlist_new()
returns should eventually be freed by calling rc_stringlist_free(ptr)
where ptr is the relevant rc_stringlist.

We have to add a test for this into the build system
because only GCC supports this for now. In future, we might
be able to use meson's has_function_attribute (it does support
'malloc', just not AFAICT 'malloc with arguments').

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
1afcc37803 librc: fix potential use-after-free
Both 'pkg' and 'local' are referenced within list,
so we can't free them yet.

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
c4f8b1559c librc: fix double-free
'services' is still referenced by the list
which gets returned. We can't free it.

Thanks to GCC 11's -fanalyzer.

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
fbefd68b2d librc: fix mismatched allocs
Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Sam James
14835a2262 librc: fix memory leak in rc_services_in_runlevel_stacked
Seen on running rc-status.

```
=================================================================
==14636==ERROR: LeakSanitizer: detected memory leaks

Indirect leak of 72 byte(s) in 3 object(s) allocated from:
    #0 0x7f443412dcb7 in __interceptor_malloc /usr/src/debug/sys-devel/gcc-11.2.1_p20220312/gcc-11-20220312/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x7f443400c727 in xmalloc ../src/includes/helpers.h:64
    #2 0x7f443400d1f4 in rc_stringlist_add ../src/librc/librc-stringlist.c:32
    #3 0x7f4433fecc34 in get_runlevel_chain ../src/librc/librc.c:390
    #4 0x7f4433fedc00 in rc_runlevel_stacks ../src/librc/librc.c:519
    #5 0x7f4433ff1d8e in rc_services_in_runlevel_stacked ../src/librc/librc.c:976
    #6 0x55be0e8f9517 in main ../src/rc/rc-status.c:407
    #7 0x7f44334736cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
```

Signed-off-by: Sam James <sam@gentoo.org>
2022-05-08 14:56:26 -05:00
Josh Soref
3054046e18 multiple spelling and typo fixes
This fixes #516.
2022-04-30 21:32:32 -05:00
Jason A. Donenfeld
f81bb7e2c4 seedrng: use posix positional params to avoid space splitting
The value of ${seed_dir} may have spaces in it, making the current
argument string building method unsafe. Instead, use positional
parameters to pass these arguments safely.
2022-04-21 13:44:44 -04:00
William Hubbs
b5f713124b seedrng: initialize seed_dir 2022-04-20 20:49:47 -05:00
William Hubbs
c0f5586743 seedrng: more improvements
- drop initialization of some variables.
- use eerrorx where possible
- drop final cleanup instructions
2022-04-20 20:38:03 -05:00
Jason A. Donenfeld
9b16bfe0e7 seedrng: incorporate various improvements
There have been a number of subtle improvements and cleanups to seedrng,
including using openat and locking the directory fd instead of a
separate lock file. Also various stylistic cleanups.

This fixes #519.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-04-20 15:45:20 -05:00
Doug Freed
c3545b54f3 simplify github workflows using the matrix syntax 2022-04-16 15:15:15 -05:00
William Hubbs
fdfa6dbb0e
rewrite tests (#515)
* rewrite tests to work with meson

This ports our tests to meson and makes them able to be run in parallel.

* add tests to ci

* rewrite test/check-trailing-newlines in bash

This test was using a GNU sed command which does not work on Alpine Linux.
2022-04-16 15:13:08 -05:00
William Hubbs
0b3f8750e7 openrc-shutdown: remove rc- prefix from file names 2022-04-09 22:54:03 -05:00
mochaaP
39eb3384f6 binfmt: ignore empty lines (#492) 2022-04-09 14:36:47 -04:00
William Hubbs
82e5478d0e start-stop-daemon: remove rc-prefix from file names 2022-04-07 11:18:56 -05:00
William Hubbs
391d12db48 migrate fully to meson build system
- drop old build system
- move shared include and source files to common directory
- drop "rc-" prefix from shared include and source files
- move executable-specific code to individual directories under src
- adjust top-level .gitignore file for new build system

This closes #489.
2022-04-06 10:51:55 -05:00
Sam James
0efc1b133e init.d/seedrng.in: fix rc_yesno typo
This fixes #512.
2022-03-31 09:57:01 -05:00
LinkTed
7b544b9866 Add clangd support for development
This fixes #502.
2022-03-31 00:52:36 -05:00
Jason A. Donenfeld
586d1c9af3 seedrng: remove environment variables
Now that we have the command line arguments, there's no need for the
environment variables.

This fixes #511.
2022-03-30 22:25:19 -05:00
William Hubbs
96b0c695d9 init.d/urandom.in: drop the use of the psz variable
Since this service is now *bsd only, we don't need to worry about
reading this value from /proc/sys.
2022-03-30 22:08:10 -05:00
William Hubbs
0fb11190fa add seedrng service for Linux
This moves urandom to *bsd only and adds seedrng as a separate service
for Linux.

This fixes #510
2022-03-30 22:07:35 -05:00