Make netmount look up services for file systems

The tmpfiles "d" entry will create a full path and only the last dir in
the path will have its SELinux label set correctly. This patch will
restorecon the parents as well so that the selinux labels are correct.

eg, "d /run/libvirt/lxc", then "lxc" would have the correct SELinux
label but "libvirt" would not.

Signed-off-by: Jason Zaman <jason@perfinion.com>

ChangeLog

@@ -1,22 +1,58 @@
-commit fe0847c9a2565518334ef03da5c6cdc63726e122
+commit d2ce07e227ec95370e8aee5f1199edc6ad61aff9
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Add rc-sstat script
+    
+    The rc-sstat script is written to display status of s6 services and
+    run rc-status to display all services status.
+    
+    This currently only works on Linux.
+
+commit b209fe3859c05c286037843bb34058f849c54b15
+Author: Mike Gilbert <floppym@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    bootmisc: Don't call dmesg in systemd-nspawn containers
+    
+    This fixes #57.
+
+commit c94c8288cd5217b01c24d6f048c64ebbc30bee02
+Author: Mike Frysinger <vapier@gentoo.org>
+Commit: Mike Frysinger <vapier@gentoo.org>
+
+    fix link to s6 website
+
+commit bcb9c44e73ccf332c7c961a6f82520699c6e776d
+Author: Mike Gilbert <floppym@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    man: Document the stopsig variable
+    
+    This variable can be used to set the signal to send if the service is
+    using start-stop-daemon.
+    
+    This fixes #56
+
+commit bbabf546f9d72cbfc48bd839a6d01b402ee6cced
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Document bash's handling of ulimit options
+    
+    When bash is used in posix mode for the shell, the ulimit command uses
+    a block size of 512 bytes for the -c and -f options.
+    
+    X-Gentoo-Bug: 549238
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=549238
+
+commit a7fcc1e264b035177b4e524a40b27145baa86969
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     S6: kick the scanner and sleep 1.5 seconds to avoid a race condition
 
-commit 58156137f9bbb0d853d994b793622cf48281cf08
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Start on 0.16.3
-
-commit b1d7df15ef017e7b011a211eff2b2b75a39c8c9e
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    update change log
-
-commit 01088e282f08ca373ae1d61b2ed954c3075f130a
+commit b79d058f162d8b49ccc968744e7cb1b7a7ba729c
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -25,19 +61,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     This allows us to get rid of the sleep call in the stop function. Also,
     we set a configurable timeout value for stopping daemons.
 
-commit b95ae213e9435f267da3331fd4568a5ad297b54c
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Start work on 0.16.2
-
-commit 4f544f4130e0b62e18bdde42cad2b3aed085136d
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    update change log
-
-commit c65bed756e5f5cfa244d9aa4325691345d8c324d
+commit ddce529c71c2e9f01d8e5666e27050b6ed6c6761
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -47,7 +71,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
       stopped message.
     - Do not remove the service link when stopping the service.
 
-commit ccc81a9cad5d9beb739593827fc4bbc04c4a3304
+commit e372f97bebd4866633ad56aa5d5b1ae59fa88118
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -57,11 +81,11 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     it changes the code to work with the individual services instead of
     forcing a rescan when a service is started or stopped.
 
-commit 3a1e304d6c56875838b884b6e0608fe756ccce4e
+commit c2abf4b436b8cca8ebed395ff08f5fdc546eadac
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    Start work on 0.16.1
+    Start work on 0.17
 
 commit d247ac4cbbe0ab62564ef82a5940b4f1a03973b3
 Author: William Hubbs <w.d.hubbs@gmail.com>

Makefile.inc

@@ -1,3 +1,3 @@
 NAME=		openrc
-VERSION=	0.16.3
+VERSION=	0.18
 PKG=		${NAME}-${VERSION}

etc/rc.conf.in

@@ -116,6 +116,9 @@
 #SSD_NICELEVEL="-19"
 
 # Pass ulimit parameters
+# If you are using bash in POSIX mode for your shell, note that the
+# ulimit command uses a block size of 512 bytes for the -c and -f
+# options
 #rc_ulimit="-u 30"
 
 # It's possible to define extra dependencies for services like so

init.d/bootmisc.in

@@ -214,10 +214,13 @@ start()
 	if yesno $log_dmesg; then
 		if $logw || checkpath -W /var/log; then
 			# Create an 'after-boot' dmesg log
-			if [ "$RC_SYS" != VSERVER -a "$RC_SYS" != OPENVZ -a "$RC_SYS" != LXC ]; then
-				dmesg > /var/log/dmesg
-				chmod 640 /var/log/dmesg
-			fi
+			case "$RC_SYS" in
+				VSERVER|OPENVZ|LXC|SYSTEMD-NSPAWN) ;;
+				*)
+					dmesg > /var/log/dmesg
+					chmod 640 /var/log/dmesg
+					;;
+			esac
 		fi
 	fi
 

init.d/netmount.in

@@ -4,11 +4,24 @@
 
 description="Mounts network shares according to /etc/fstab."
 
+get_fs_services()
+{
+	local fsclient fstype list=$(ls $RC_LIBEXECDIR/netfs/*) services
+	local x
+	for x in $list; do
+		fstype=${x##*/}
+		fstabinfo -q -t ${fstype} && services="${services} $(cat x)"
+	done
+	printf "%s\n" $services
+	}
+
 depend()
 {
 	config /etc/fstab
 	use afc-client amd nfsclient autofs openvpn
 	use dns
+	local fs_services ="$(get_fs_services)"
+	[ -n "$fs_services" ] && use $fs_services
 	keyword -jail -prefix -systemd-nspawn -vserver -lxc
 }
 

init.d/savecache.in

@@ -30,7 +30,7 @@ start()
 			if yesno "${RC_GOINGDOWN}"; then
 				rc=0
 			fi
-			eend $rc "Unable to create $RC_SVCDIR/cache"
+			eend $rc "Unable to create $RC_LIBEXECDIR/cache"
 			return $rc
 		fi
 	fi

man/Makefile

@@ -1,9 +1,17 @@
+MK=		../mk
+include ${MK}/sys.mk
+include ${MK}/os.mk
+
 MAN3=		einfo.3 \
 		rc_config.3 rc_deptree.3 rc_find_pids.3 rc_plugin_hook.3 \
 		rc_runlevel.3 rc_service.3 rc_stringlist.3
 MAN8=		rc-service.8 rc-status.8 rc-update.8 openrc.8 openrc-run.8 \
 		service.8 start-stop-daemon.8
 
+ifeq (${OS},Linux)
+MAN8 += rc-sstat.8
+endif
+
 # Handy macro to create symlinks
 # This does rely on correctly formatting our manpages!
 MAKE_LINKS=	suffix=$${man\#*.}; \
@@ -16,8 +24,6 @@ MAKE_LINKS=	suffix=$${man\#*.}; \
 		fi; \
 		done;
 
-MK=		../mk
-include ${MK}/sys.mk
 include ${MK}/gitignore.mk
 
 all:

man/openrc-run.8

@@ -141,6 +141,8 @@ will chroot into this path before writing the pid file or starting the daemon.
 Pidfile to use for the above defined command.
 .It Ar name
 Display name used for the above defined command.
+.It Ar stopsig
+Signal to send when stopping the daemon.
 .It Ar retry
 Retry schedule to use when stopping the daemon. It can either be a
 timeout in seconds or multiple signal/timeout pairs (like SIGTERM/5).

man/rc-sstat.8

@@ -0,0 +1,46 @@
+.\" Copyright (c) 2015 William Hubbs
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.Dd April 24, 2008
+.Dt RC-sstat 8 SMM
+.Os OpenRC
+.Sh NAME
+.Nm rc-sstat
+.Nd show status info about services supervised by s6 then rc-status
+info
+.Sh SYNOPSIS
+.Nm
+.Sh DESCRIPTION
+.Nm
+gathers and displays information about the status of services supervised
+by s6 then runs rc-status to show info about nnormal OpenRC services.
+.Pp
+.Sh EXIT STATUS
+.Nm
+exits 1 if there is an internal error or exits with the same exit codes
+as rc-status.
+.Sh SEE ALSO
+.Xr rc-status 8 ,
+.Xr rc-update 8
+.Sh AUTHORS
+.An William Hubbs <w.d.hubbs@gmail.com>

s6-guide.md

@@ -45,4 +45,4 @@ should wait for a service to go down when stopping.
 This is very early support, so feel free to file bugs if you have
 issues.
 
-[1] https://www.skarnet.org/software/s6
+[1] http://www.skarnet.org/software/s6

scripts/.gitignore

@@ -0,0 +1 @@
+rc-sstat

scripts/Makefile

@@ -1,5 +1,19 @@
+MK=	../mk
+include ${MK}/os.mk
+
 DIR=	${LIBEXECDIR}/bin
 BIN=	on_ac_power
+INSTALLAFTER = _installafter
+
+ifeq (${OS},Linux)
+SRCS+= rc-sstat.in
+BIN+=	rc-sstat
+endif
+
+_installafter:
+ifeq (${OS},Linux)
+	${INSTALL} -d ${DESTDIR}${SBINDIR}
+	ln -s ${DIR}/rc-sstat ${DESTDIR}/${SBINDIR}/rc-sstat
+endif
 
-MK=	../mk
 include ${MK}/scripts.mk

scripts/rc-sstat.in

@@ -0,0 +1,140 @@
+#!@SHELL@
+
+# Define variables
+scandir="/run/openrc/s6-scan"
+statfile=/dev/shm/s6-svstat.${USER}
+
+color_red='\E[01;31m'
+color_green='\E[32m'
+color_yellow='\E[01;33m'
+
+# Time Modules
+uptimeModules() {
+	# Given a single integer argument representing seconds of uptime...
+	# convert uptime to a friendly human readable string: '2d 16h 58m 46s'
+	# define a variable to keep track of the longest length uptime string
+	uSec=${1:-0}
+
+	uDay=$(( $uSec / 86400 ))
+	uSec=$(( $uSec % 86400 ))
+	uHour=$(( $uSec / 3600 ))
+	uSec=$(( $uSec % 3600 ))
+	uMin=$(( $uSec / 60 ))
+	uSec=$(( $uSec % 60 ))
+
+	[ $uDay -ne 0 ] && pDay="${uDay}d " || pDay=""
+	[ $uHour -ne 0 ] && pHour="${uHour}h " || pHour=""
+	[ $uMin -ne 0 ] && pMin="${uMin}m " || pMin=""
+	[ $uSec -ne 0 ] && pSec="${uSec}s " || pSec=""
+
+	parsedUptime="$( echo ${pDay}${pHour}${pMin}${pSec} | sed 's#[ \t]*$##' )"
+	uCharCount=${#parsedUptime}
+}
+
+# Make sure we are running as root
+if [ $(id -u) != 0 ]; then
+	printf "This command must be run as root\n"
+	exit 1
+fi
+
+# Make sure scandir exists
+if [ ! -d $scandir ]; then
+	printf "%s\n" "$scandir does not exist"
+	exit 1
+fi
+
+# Make sure s6-svscan is running 
+if ! pgrep s6-svscan >/dev/null ; then 
+	printf "s6-svscan is not running\n"
+	exit 1
+fi
+
+# If TERM is undefined (launching sstat through an ssh command) then make it vt100
+if [ -z $TERM -o $TERM = "dumb" ]; then
+	export TERM=vt100
+fi
+
+# Gather list of candidate services s6-supervise may be supervising
+# filter for folders and symlinks at /run/openrc/s6-scan/* ommiting output starting with '.'
+services="$(find $scandir -maxdepth 1 -mindepth 1 \( -type d -or -type l \) | awk -F'/' '{ if ( $NF !~ "^\\." ) print $NF}')"
+if [ -z "$services" ]; then
+	printf "s6 found no services configured for supervision\n"
+	exit 1
+fi
+
+# Gather status for each service from s6-svstat
+# write to tmp file in memory for non I/O bound repeatative access
+rm -f $statfile 2>/dev/null
+for service in $services ; do
+	echo "$service $(s6-svstat ${scandir}/${service})" >> $statfile
+done
+
+# Define longest string from parsed uptime (default to 7 to match string length of 'Up Time')
+timeStringLength=7
+for uptime in $(awk '$2 == "up" {print $5}' $statfile | sort -run)
+do
+	uptimeModules $uptime
+	[ ${uCharCount} -gt $timeStringLength ] && timeStringLength=$uCharCount
+done
+
+
+#   Print the status header like so...
+#                Service Name  State    PID         Up Time           Start Time
+#----------------------------  -----  -----  --------------  -------------------
+printf "\n"
+printf "%28s  %5s  %5s  %${timeStringLength}s  %19s\n" "Service Name" "State" "PID" "Up Time" "Start Time"
+for dashes in 28 5 5 $timeStringLength 19 ; do
+	printf "%0.s-" $(seq 1 $dashes) ; echo -n '  '
+done && printf "\n"
+
+
+#   sshd up (pid 26300) 80373 seconds
+cat $statfile | \
+while read line
+do
+	set $line
+
+	service=$1
+	state=$2
+	pid=${4/)/}
+	time=$5
+
+	# call function to convert time in seconds and define additional variables
+	uptimeModules $time
+
+	if [ "$state" = up ]; then
+		if [ $time -lt 30 ]; then
+			# uptime < 30 seconds, color the whole line yellow
+			echo -en "$color_yellow"
+			# 1st 4 columns are printed with printf for space padding
+			printf "%28s  %5s  %5s  %${timeStringLength}s" $service $state $pid "$parsedUptime"
+			# 4th column is output from date -d
+			echo -e "  $(date -d "${time} seconds ago" "+%F %T")"
+			# reset terminal colors
+			tput sgr0
+		else
+			printf "%28s" $service
+			# uptime > 30 seconds, color just the "state" value green
+			echo -en "$color_green"
+			printf "  %5s" $state
+			# reset terminal colors
+			tput sgr0
+			printf "  %5s" $pid
+			printf "  %${timeStringLength}s"  "$parsedUptime"
+			echo -e "  $(date -d "${time} seconds ago" "+%F %T")"
+		fi
+	else
+		printf "%28s" $service
+		echo -en "$color_red"
+		printf "  %5s" $state
+		tput sgr0
+		echo ""
+	fi
+done
+
+# Cleanup 
+rm -f $statfile 2>/dev/null
+
+printf "\n\n"
+
+rc-status

sh/tmpfiles.sh.in

@@ -53,10 +53,18 @@ relabel() {
 	done
 }
 
+splitpath() {
+    local path=$1
+    while [ -n "$path" ]; do
+        echo $path
+        path=${path%/*}
+    done
+}
+
 _restorecon() {
     local path=$1
     if [ -x /sbin/restorecon ]; then
-        dryrun_or_real restorecon -F "$path"
+        dryrun_or_real restorecon -F $(splitpath "$path")
     fi
 }
 
@@ -122,6 +130,7 @@ _d() {
 
 	if [ ! -d "$path" ]; then
 		dryrun_or_real mkdir -p "$path" 2>/dev/null
+		_restorecon "$path"
 		dryrun_or_real $CHECKPATH -dq -m "$mode" -o "$uid:$gid" "$path"
 	fi
 }
@@ -137,10 +146,18 @@ _D() {
 
 	if [ $CREATE -gt 0 ]; then
 		dryrun_or_real mkdir -p "$path" 2>/dev/null
+		_restorecon "$path"
 		dryrun_or_real $CHECKPATH -Dq -m "$mode" -o "$uid:$gid" "$path"
 	fi
 }
 
+_v() {
+	# Create a subvolume if the path does not exist yet and the file system
+	# supports this (btrfs). Otherwise create a normal directory.
+	# TODO: Implement btrfs subvol creation.
+	_d "$@"
+}
+
 _L() {
 	# Create a symlink if it doesn't exist yet
 	local path=$1 mode=$2 uid=$3 gid=$4 age=$5 arg=$6
@@ -336,7 +353,7 @@ for FILE in $tmpfiles_d ; do
 
 		# whine about invalid entries
 		case $cmd in
-			f|F|w|d|D|p|L|c|C|b|x|X|r|R|z|Z) ;;
+			f|F|w|d|D|v|p|L|c|C|b|x|X|r|R|z|Z) ;;
 			*) warninvalid ; continue ;;
 		esac
 
@@ -344,7 +361,7 @@ for FILE in $tmpfiles_d ; do
 		if [ "$mode" = '-' -o "$mode" = '' ]; then
 			case "$cmd" in
 				p|f|F) mode=0644 ;;
-				d|D) mode=0755 ;;
+				d|D|v) mode=0755 ;;
 				C|z|Z|x|r|R|L) ;;
 			esac
 		fi

src/rc/mountinfo.c

@@ -347,7 +347,7 @@ get_regex(const char *string)
 
 #include "_usage.h"
 #define extraopts "[mount1] [mount2] ..."
-#define getoptstring "f:F:n:N:o:O:p:P:ist" getoptstring_COMMON
+#define getoptstring "f:F:n:N:o:O:p:P:iste:E:" getoptstring_COMMON
 static const struct option longopts[] = {
 	{ "fstype-regex",        1, NULL, 'f'},
 	{ "skip-fstype-regex",   1, NULL, 'F'},

src/rc/rc-misc.c

@@ -66,6 +66,7 @@ static const char *const env_whitelist[] = {
 	"LC_MONETARY", "LC_MESSAGES", "LC_PAPER", "LC_NAME", "LC_ADDRESS",
 	"LC_TELEPHONE", "LC_MEASUREMENT", "LC_IDENTIFICATION", "LC_ALL",
 	"IN_HOTPLUG", "IN_BACKGROUND", "RC_INTERFACE_KEEP_CONFIG",
+	"EERROR_QUIET", "EINFO_QUIET",
 	NULL
 };