services started by init don't get any supplementary groups, but anything
started from a shell would inherit the groups, causing inconsistent
behaviour
we can either clear all groups, or always initalize root's groups. since
other init systems does not initialize anything, including us at boot,
let's just always clear them unconditionally
Now that the bug that made it fail is fixed, use the
start-stop-daemon readiness notification mechanism when
launching s6-svscan.
(We do not run s6-svscan under supervise-daemon because that
would needlessly lengthen the supervision chain. Yo dawg,
we heard you like supervisors.)
When the created notified pipe (often on 4) is the same number as
the notification fd target, dup2() does not clear the FD_CLOEXEC
flag, so the fd gets closed right when exec'ing the daemon,
reporting readiness failure. Fix this by explicitly testing for
the case and clearing the flag when necessary.
Note that this happens because of a call to close_range() right
before the test. close_range() is the real problem, it should
never be used and this bug is a perfect illustration of why; but
getting rid of close_range() is a much more invasive change that
I don't want to commit to right now, especially since navi's plan
is to eventually deprecate start-stop-daemon.
In order to avoid breaking things for the 3 users who use the old
s6 support, add compatibility.
When command= is empty and a service directory exists in /var/svc.d,
use that service directory instead of creating it from the service
file data.
this turns mouninfo into a multicall binary which can also do
parallel unmounting. most mountinfo code is unchanged; only
notable change is find_mounts() now returns the number of mounts
found and also takes the "process" function as an argument; so
that is_mounted() can be implemented on top of it.
do_unmount mostly follows the logic of previous code. some
notable changes:
- do_unmount is now "lazy" when it comes to retrying failed
unmounts. it will greedily keep running unmount as long as it
can before it looks at the "waiting" queue.
- it will check if the mountpoint is still mounted or not when
umount returns non-zero exit code. this is due to the fact that
multiple umount calls might race to unmount a shared mount. so
if umount fails _but_ the mountpoint is no longer mounted, we
assume success.
- do_unmount used to fail if fuser did not find any pids using
the mount. the new code tries one more time; the rationale being
that there's a gap between the umount call and the fuser call,
and so whatever was using the mount before might have stopped
using it now and so it's worth another attempt.
Fixes: https://github.com/OpenRC/openrc/issues/662
Closes: https://github.com/OpenRC/openrc/pull/698
openrc-run has a (hardcoded) 60 seconds timeout, it a service
fails to start/stop within that time, it will be SIGKILL-ed. so
a default 60 seconds fuser_timeout is kind of bad. change it to
20seconds which is somewhat more sensible.
Currently, the warning states that the user should increase the value of respawn-delay,
even though the code checks if respawn-delay is more than the cap and period value.
Thus, the correct warning is to recommend the opposite.
Fixes https://github.com/OpenRC/openrc/issues/939
e21b01b97e84f81589f52e087d2b2ac53f0bf144 fixed one of the issues mentioned
in Gentoo bug #650584 but not the other one. `ping` without `-n` will perform
reverse DNS lookups for IPs which we don't want, as it introduces a delay
and confuses the calculation we make.
Bug: https://bugs.gentoo.org/650584
Bug: https://github.com/OpenRC/openrc/issues/353
Originally, rc-update displayed service names with a padding of 20
characters. However, some services like "systemd-tmpfiles-setup-dev"
required longer padding and caused the displayed service table to
be missaligned.
Therefore, padding is increased to 26 characters.
Bug: https://github.com/OpenRC/openrc/issues/937
Signed-off-by: Tomas Fabrizio Orsi <torsi@fi.uba.ar>
Added missing options to the completion definition files for the
rc-service, rc-status, and rc-update commands.
(Including --user and -U):
Added status to the cmd option for rc-service.
