Commit Graph

3408 Commits

Author SHA1 Message Date
William Hubbs
da30767353 supervise-daemon: do not spawn a process if we are exiting
This fixes #375 and allows us to not add another level of indentation in
the supervisor loop.
2020-11-29 21:22:43 -06:00
Dermot Bradley
57d9528a0b Remove warning when osclock init.d script runs
Currently when osclock is enabled as a init.d service the following
messages appear during boot when osclock starts:

  * The command variable is undefined.
  * There is nothing for osclock to start.
  * If this is what you intend, please write a start function.
  * This will become a failure in a future release.

osclock is activated whenever a machine's system clock is automatically
configured from a RTC by the kernel and the osclock's only purpose is to
satisfy the "clock" dependency defined by other init.d services.

Adding a stub start() function prevents OpenRC from showing warnings but
continues to ensure that the osclock service still does not actually do
anything.

This fixes #377.
2020-11-27 18:06:38 -06:00
Calvin Montgomery
6ce48f124a man/openrc.8: populate OPTIONS from --help output
This fixes #378.
2020-11-27 17:46:27 -06:00
Michael Orlitzky
00ea216608 src/rc/checkpath.c: replace mkdir() with mkdirat().
The do_check() function recently gained some defenses against symlink
replacement attacks that involve the use of *at functions in place of
their vanilla counterparts; openat() instead of open(), for example.
One opportunity to replace mkdir() with mkdirat() was missed, however,
and this commit replaces it.

This fixes #386.
2020-11-27 17:29:26 -06:00
Michael Orlitzky
ac7ca6d901 src/rc/checkpath.c: fix typo "synbolic" -> "symbolic". 2020-11-27 17:25:30 -06:00
Johannes Heimansberg
47819f004c start-stop-daemon, supervise-daemon: fix parsing of usernames passed via --user that start with a number
start-stop-daemon and supervise-daemon parse usernames and group names
passed via the --user argument as numeric UID/GID if they start with a
number (e.g. user "4foo" will be treated as UID 4). This results in the
process that is being started to run under a totally unexpected user if
that UID exists.

Even though the result of the sscanf calls are tested for a result of
exactly 1, which means exactly one value was extracted, because sscanf's
format string only contains only one placeholder, it will never return
a value greater than 1, even if there are still characters left to be
parsed. This causes start-stop-daemon and supervise-daemon to assume
that usernames starting with a number are just that number. Adding a
second placeholder "%1s" to the format string, which matches a string of
length 1, makes sure that sscanf can distinguish between pure numbers
(in which case it will return 1) and strings either starting with a
number (in which case it will return 2) and any other string (in which
case it will return 0).

This fixes #379.
This fixes #380.
2020-11-27 16:40:12 -06:00
William Hubbs
0fab3e837b bootmisc: allow sysvinit compatibility during shutdown
Use "halt -w" to write the halt record if it exists.
Otherwise use openrc-shutdown.

This fixes #336.
2020-11-27 15:18:57 -06:00
William Hubbs
38aaba28ee scripts/shutdown.in: fix sysvinit compatible shutdown
X-Gentoo-Bug: https://bugs.gentoo.org/755422
2020-11-20 14:57:04 -06:00
William Hubbs
3ed4126a31 update news for 0.43 with info on checkpath fix 2020-11-20 10:00:34 -06:00
Lars Wendler
aa0fdf6d08 start-stop-daemon: Don't segfault if --exec was given a non-existing file name
Starting program: /sbin/start-stop-daemon --start --exec i-dont-exist

  Program received signal SIGSEGV, Segmentation fault.
  0x0000555555559053 in main (argc=1, argv=0x7fffffffdc20)
      at start-stop-daemon.c:631
  631                         *exec_file ? exec_file : exec);

This fixes #385.
2020-11-20 09:22:18 -06:00
William Hubbs
b6fef599bf checkpath: fix CVE-2018-21269
This walks the directory path to the file we are going to manipulate to make
sure that when we create the file and change the ownership and permissions
we are working on the same file.
Also, all non-terminal symbolic links must be owned by root. This will
keep a non-root user from making a symbolic link as described in the
bug. If root creates the symbolic link, it is assumed to be trusted.

On non-linux platforms, we no longer follow non-terminal symbolic links
by default. If you need to do that, add the -s option on the checkpath
command line, but keep in mind that this is not secure.

This fixes #201.
2020-11-20 09:15:59 -06:00
Julien Surloppe
aac1734a70 Update user-guide.md
Add missing underscore.
2020-11-01 15:45:12 -05:00
William Hubbs
2355f1a3f2 supervise-daemon: only log debug logs when verbose mode is active 2020-09-25 16:33:32 -05:00
Manuel Rüger
fbec1eed51 .cirrus.yml: Update FreeBSD releases
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
2020-04-19 13:15:35 +02:00
Austin English
229692cc34 man/openrc-run.8: fix a typo 2020-02-05 12:37:46 -05:00
Sergei Trofimovich
375ef42393 src/rc/rc-logger.h: fix build failure against gcc-10
On gcc-10 (and gcc-9 -fno-common) build fails as:

```
cc  -L../librc -L../libeinfo -O2 -g -std=c99 -Wall -Wextra -Wimplicit -Wshadow \
  -Wformat=2 -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn \
  -Wmissing-format-attribute -Wnested-externs -Winline -Wwrite-strings \
  -Wcast-align -Wcast-qual -Wpointer-arith -Wdeclaration-after-statement \
  -Wsequence-point -Werror=implicit-function-declaration    \
  -Wl,-rpath=/lib   -o openrc rc.o rc-logger.o rc-misc.o rc-plugin.o _usage.o -lutil -lrc -leinfo -Wl,-Bdynamic -ldl
ld: rc-logger.o:/home/slyfox/dev/git/openrc/src/rc/rc-logger.h:16:
  multiple definition of `rc_logger_pid'; rc.o:openrc/src/rc/rc-logger.h:16: first defined here
ld: rc-logger.o:/home/slyfox/dev/git/openrc/src/rc/rc-logger.h:17:
  multiple definition of `rc_logger_tty'; rc.o:openrc/src/rc/rc-logger.h:17: first defined here
```

gcc-10 will change the default from -fcommon to fno-common:
https://gcc.gnu.org/PR85678.

The error also happens if CFLAGS=-fno-common passed explicitly.

This fixes #348.
2020-01-19 16:52:21 -06:00
Wolf
6deda13754 supervise-daemon: Fix segfault when executable does not exist
When executable is provided just by name (and therefore searched in a
path), exec_file is reset to NULL every time. exists() handles it being
NULL just fine, but dereferencing it in eerror does not work.

Fixes #326
Fixes #327
2020-01-11 13:36:33 -06:00
artoo
eb61085951 binfmt: ensure a file is ungegistered before registering
This fixes #328
2020-01-11 13:32:38 -06:00
Andrew Scheller
039845b742 Fix typo in README
This fixes #338
2020-01-11 12:16:19 -06:00
Ethan Sommer
a7e7fd2b37 make grep usage POSIX compliant
use grep -E instead of egrep
check for space or end of line instead of GNU-specific word boundary

This fixes #345
2020-01-11 12:09:10 -06:00
Jason Bowen
12e147a107 Delete stray text.
It looks like some stray text was left at the bottom of the file:
```
package.
migrating your system to openrc-init.
```
There's a subsection on migrating a system to `openrc-ini`; perhaps this was
an embryonic section title?

This fixes #347.
2020-01-11 11:15:56 -06:00
William Hubbs
fd852865e0 openrc-shutdown.c: typo fix 2019-12-05 12:11:08 -06:00
William Hubbs
35ec935741 ci/travis.sh: run shellcheck on shell scripts 2019-10-28 18:42:10 -05:00
Austin English
19cfd82dad .travis.yml: install shellcheck 2019-10-28 16:48:40 -05:00
E5ten
87cfad3d6c cgroup2_set_limits: verify that the cgroup2 path is a mount point
prior to cgroups getting mounted, /sys/fs/cgroup will still exist,
but attempts to make directories in it will fail, change cgroup2_set_limits() to
verify that cgroups are mounted instead of just checking that /sys/fs/cgroup
exists.

This fixes #307.
This fixes #321.
2019-09-03 16:38:03 -05:00
William Hubbs
8e31614c4b fix clang build 2019-08-20 16:06:46 -05:00
William Hubbs
a177d15641 version 0.42 2019-08-20 13:13:30 -05:00
William Hubbs
2b4c486043 Update ChangeLog 2019-08-20 13:09:50 -05:00
William Hubbs
ed24d28163 update sysvinit support files 2019-08-20 13:08:44 -05:00
William Hubbs
1bc96141e6 fix single user mode 2019-08-19 14:55:54 -05:00
William Hubbs
c7000aeaab optimize loops for installing gettys 2019-08-15 18:40:51 -05:00
William Hubbs
5c5129b534 Remove "single" runlevel directory
Single user mode should be handled in the init process directly.
2019-08-15 18:40:51 -05:00
William Hubbs
0dabda6f6f fix sysvinit compatibility
This allows openrc to direct sysvinit to shut down the system by setting
the INIT_HALT environment variable appropriately. Also, we do not try to
communicate with sysvinit if its fifo does not exist.
2019-08-15 12:02:30 -05:00
William Hubbs
92de9a693b Add documentation for openrc-init and update the NEWS file 2019-08-02 16:29:03 -05:00
William Hubbs
a71aebcae1 init.d/agetty: provide the getty virtual service 2019-07-29 17:39:11 -05:00
William Hubbs
61596b16d2 Install gettys if the MKSYSVINIT switch is set to yes
The default is to put one getty in the "single" runlevel and 6 in the
"default" runlevel.
2019-07-29 17:38:47 -05:00
William Hubbs
104eb3420b Add the "single" runlevel 2019-07-29 16:27:14 -05:00
Chloe Kudryavtsev
70b8df3e9c clarify supervise-daemon-guide
1. The given default for respawn_max is wrong.
2. The example for respawn_period is nonsensical.

This fixes #311.
2019-07-26 12:52:52 -05:00
William Hubbs
cac41092e4 add ability for openrc-shutdown to communicate with sysvinit
This fixes #315.
2019-07-25 14:47:18 -05:00
Martin Wilke
7ddc281ab6 Fix build with Clang
This fixes #313.
2019-07-24 12:32:23 -05:00
William Hubbs
c092ff6da1 Add Sony Interactive Entertainment as an author 2019-07-22 10:46:32 -05:00
William Hubbs
54780a4582 supervise-daemon: allow --respawn-max to be zero 2019-03-29 14:09:08 -05:00
William Hubbs
44f5a72d1a remove hidden-visibility.h
I am removing this on the advice of a member of the Gentoo toolchain
team. It was explained to me that this doesn't offer any significant
benefits to OpenRC.

If anyone ffeels differently, please open a pull request reverting
this and adding an explanation of what it does and how to know which
functions to mark hidden in the future.

This fixes #301.
2019-02-26 17:47:55 -06:00
William Hubbs
0d378974bf openrc-init: fix waitpid checks
The do_openrc() function was not waiting properly for the child process
which started the runlevel to return. We need to repeatedly call
waitpid() until its return value matches the pid of the child process or
the child process does not exist.

This fixes #216.
This fixes #300.
2019-02-25 18:55:13 -06:00
William Hubbs
028da5c2e3 librc: fix potential buffer overflow in pid_is_argv
This fixes #299.
2019-02-23 17:44:07 -06:00
William Hubbs
d8dbb890aa Revert "src/librc/librc-daemon.c: fix buffer overrun in pid_is_argv"
This reverts commit 084877eb52.
The mentioned commit caused some systems to have some services reported
as crashed.

This fixes #297.
This fixes #298.
2019-02-23 16:24:55 -06:00
William Hubbs
56c006ebd6 Update ChangeLog 2019-02-22 19:03:41 -06:00
William Hubbs
067088bbff move ci scripts to their own directory
This fixes #296.
2019-02-22 18:50:13 -06:00
William Hubbs
52d4e56674 combine test directories
This fixes #295.
2019-02-22 18:08:19 -06:00
William Hubbs
6e6902c28b remove unused test ignore patterns 2019-02-22 16:27:52 -06:00