#!@SBINDIR@/openrc-run
# Copyright (c) 2007-2015 The OpenRC Authors.
# See the Authors file at the top-level directory of this distribution and
# https://github.com/OpenRC/openrc/blob/master/AUTHORS
#
# This file is part of OpenRC. It is subject to the license terms in
# the LICENSE file found in the top-level directory of this
# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE
# This file may not be copied, modified, propagated, or distributed
# except according to the terms contained in the LICENSE file.

description="Mount the sys filesystem."

sysfs_opts=nodev,noexec,nosuid

depend()
{
	keyword -docker -lxc -prefix -systemd-nspawn -vserver
}

mount_sys()
{
	grep -Eq "[[:space:]]+sysfs$" /proc/filesystems || return 1
	mountinfo -q /sys && return 0

	if [ ! -d /sys ]; then
		if ! mkdir -m 0755 /sys; then
			ewarn "Could not create /sys!"
			return 1
		fi
	fi

	ebegin "Mounting /sys"
	if ! fstabinfo --mount /sys; then
		mount -n -t sysfs -o ${sysfs_opts} sysfs /sys
	fi
	eend $?
}

mount_misc()
{
	# Setup Kernel Support for securityfs
	if [ -d /sys/kernel/security ] && \
		! mountinfo -q /sys/kernel/security; then
		if grep -qs securityfs /proc/filesystems; then
			ebegin "Mounting security filesystem"
			mount -n -t securityfs -o ${sysfs_opts} \
				securityfs /sys/kernel/security
			eend $?
		fi
	fi

	# Setup Kernel Support for debugfs
	if [ -d /sys/kernel/debug ] && ! mountinfo -q /sys/kernel/debug; then
		if grep -qs debugfs /proc/filesystems; then
			ebegin "Mounting debug filesystem"
			mount -n -t debugfs -o ${sysfs_opts} debugfs /sys/kernel/debug
			eend $?
		fi
	fi

	# Setup Kernel Support for configfs
	if [ -d /sys/kernel/config ] && ! mountinfo -q /sys/kernel/config; then
		if grep -qs configfs /proc/filesystems; then
			ebegin "Mounting config filesystem"
			mount -n -t configfs -o  ${sysfs_opts} configfs /sys/kernel/config
			eend $?
		fi
	fi

	# set up kernel support for fusectl
	if [ -d /sys/fs/fuse/connections ] \
		&& ! mountinfo -q /sys/fs/fuse/connections; then
		if grep -qs fusectl /proc/filesystems; then
			ebegin "Mounting fuse control filesystem"
			mount -n -t fusectl -o ${sysfs_opts} \
				fusectl /sys/fs/fuse/connections
			eend $?
		fi
	fi

	# Setup Kernel Support for SELinux
	if [ -d /sys/fs/selinux ] && ! mountinfo -q /sys/fs/selinux; then
		if grep -qs selinuxfs /proc/filesystems; then
			ebegin "Mounting SELinux filesystem"
			mount -t selinuxfs selinuxfs /sys/fs/selinux
			eend $?
		fi
	fi

	# Setup Kernel Support for persistent storage
	if [ -d /sys/fs/pstore ] && ! mountinfo -q /sys/fs/pstore; then
		if grep -qs 'pstore$' /proc/filesystems; then
			ebegin "Mounting persistent storage (pstore) filesystem"
			mount -t pstore pstore -o ${sysfs_opts} /sys/fs/pstore
			eend $?
		fi
	fi

	# set up kernel support for efivarfs
	if [ -d /sys/firmware/efi/efivars ] &&
		! mountinfo -q /sys/firmware/efi/efivars; then
		ebegin "Mounting efivarfs filesystem"
		mount -n -t efivarfs -o ro \
			efivarfs /sys/firmware/efi/efivars 2> /dev/null
		eend 0
	fi
}

cgroup1_base()
{
	grep -qw cgroup /proc/filesystems || return 0
	if ! mountinfo -q /sys/fs/cgroup; then
		ebegin "Mounting cgroup filesystem"
		local opts="${sysfs_opts},mode=755,size=${rc_cgroupsize:-10m}"
		mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup
		eend $?
	fi

	if ! mountinfo -q /sys/fs/cgroup/openrc; then
		local agent="@LIBEXECDIR@/sh/cgroup-release-agent.sh"
		mkdir /sys/fs/cgroup/openrc
		mount -n -t cgroup \
			-o none,${sysfs_opts},name=openrc,release_agent="$agent" \
			openrc /sys/fs/cgroup/openrc
		printf 1 > /sys/fs/cgroup/openrc/notify_on_release
	fi
	return 0
}

cgroup1_controllers()
{
	yesno "${rc_controller_cgroups:-YES}" && [ -e /proc/cgroups ] || return 0
	while read -r name _ _ enabled rest; do
		case "${enabled}" in
			1)	mountinfo -q "/sys/fs/cgroup/${name}" && continue
				local x
				for x in $rc_cgroup_controllers; do
				[ "${name}" = "blkio" ] && [ "${x}" = "io" ] &&
					continue 2
				[ "${name}" = "${x}" ] &&
				continue 2
				done
				mkdir "/sys/fs/cgroup/${name}"
				mount -n -t cgroup -o "${sysfs_opts},${name}" \
					"${name}" "/sys/fs/cgroup/${name}"
				;;
		esac
	done < /proc/cgroups
	return 0
}

cgroup2_controllers()
{
	local active cgroup_path x y
	cgroup_path="$(cgroup2_find_path)"
	[ -z "${cgroup_path}" ] && return 0
	[ -e "${cgroup_path}/cgroup.controllers" ] &&
	read -r active < "${cgroup_path}/cgroup.controllers"
	for x in ${rc_cgroup_controllers}; do
		for y in ${active}; do
		[ "$x" = "$y" ] &&
			[ -e "${cgroup_path}/cgroup.subtree_control" ]&&
			echo "+${x}"  > "${cgroup_path}/cgroup.subtree_control"
		done
	done
	return 0
}

cgroups_hybrid()
{
	grep -qw cgroup /proc/filesystems &&
		grep -qw cgroup2 /proc/filesystems ||
		return 0
	cgroup1_base
	mkdir /sys/fs/cgroup/unified
	mount -t cgroup2 none -o "${sysfs_opts},nsdelegate" /sys/fs/cgroup/unified
	cgroup2_controllers
	cgroup1_controllers
	return 0
}

cgroups_legacy()
{
	grep -qw cgroup /proc/filesystems || return 0
	cgroup1_base
	cgroup1_controllers
	return 0
}

cgroups_unified()
{
	grep -qw cgroup2 /proc/filesystems || return 0
	mount -t cgroup2 none -o "${sysfs_opts},nsdelegate" /sys/fs/cgroup
	return 0
}

mount_cgroups()
{
	# set up kernel support for cgroups
	if [ -d /sys/fs/cgroup ]; then
		case "${rc_cgroup_mode:-hybrid}" in
		hybrid) cgroups_hybrid ;;
		legacy) cgroups_legacy ;;
		unified) cgroups_unified ;;
		esac
	fi
	return 0
}

restorecon_sys()
{
	if [ -x /sbin/restorecon ]; then
		ebegin "Restoring SELinux contexts in /sys"
		restorecon -F /sys/devices/system/cpu/online >/dev/null 2>&1
		restorecon -rF /sys/fs/cgroup >/dev/null 2>&1
		eend $?
	fi
}

start()
{
	mount_sys
	mount_misc
	mount_cgroups
	restorecon_sys
	return 0
}