Make netmount look up services for file systems

tmpfiles: run restorecon on the entire path
The tmpfiles "d" entry will create a full path and only the last dir in the path will have its SELinux label set correctly. This patch will restorecon the parents as well so that the selinux labels are correct. eg, "d /run/libvirt/lxc", then "lxc" would have the correct SELinux label but "libvirt" would not. Signed-off-by: Jason Zaman <jason@perfinion.com>
2015-08-06 16:07:02 -05:00 · 2015-08-03 12:51:16 -07:00 · 2015-08-02 07:39:58 -05:00 · 2015-07-23 12:44:10 -05:00 · 2015-07-10 13:25:43 -05:00 · 2015-07-10 13:24:10 -04:00
6 changed files with 37 additions and 6 deletions
--- a/Makefile.inc
+++ b/Makefile.inc
@@ -1,3 +1,3 @@
 NAME=		openrc
-VERSION=	0.17
+VERSION=	0.18
 PKG=		${NAME}-${VERSION}
--- a/init.d/netmount.in
+++ b/init.d/netmount.in
@@ -4,11 +4,24 @@

 description="Mounts network shares according to /etc/fstab."

+get_fs_services()
+{
+	local fsclient fstype list=$(ls $RC_LIBEXECDIR/netfs/*) services
+	local x
+	for x in $list; do
+		fstype=${x##*/}
+		fstabinfo -q -t ${fstype} && services="${services} $(cat x)"
+	done
+	printf "%s\n" $services
+	}
+
 depend()
 {
 	config /etc/fstab
 	use afc-client amd nfsclient autofs openvpn
 	use dns
+	local fs_services ="$(get_fs_services)"
+	[ -n "$fs_services" ] && use $fs_services
 	keyword -jail -prefix -systemd-nspawn -vserver -lxc
 }

--- a/init.d/savecache.in
+++ b/init.d/savecache.in
@@ -30,7 +30,7 @@ start()
 			if yesno "${RC_GOINGDOWN}"; then
 				rc=0
 			fi
-			eend $rc "Unable to create $RC_SVCDIR/cache"
+			eend $rc "Unable to create $RC_LIBEXECDIR/cache"
 			return $rc
 		fi
 	fi
--- a/sh/tmpfiles.sh.in
+++ b/sh/tmpfiles.sh.in
@@ -53,10 +53,18 @@ relabel() {
 	done
 }

+splitpath() {
+    local path=$1
+    while [ -n "$path" ]; do
+        echo $path
+        path=${path%/*}
+    done
+}
+
 _restorecon() {
    local path=$1
    if [ -x /sbin/restorecon ]; then
-        dryrun_or_real restorecon -F "$path"
+        dryrun_or_real restorecon -F $(splitpath "$path")
    fi
 }

@@ -122,6 +130,7 @@ _d() {

 	if [ ! -d "$path" ]; then
 		dryrun_or_real mkdir -p "$path" 2>/dev/null
+		_restorecon "$path"
 		dryrun_or_real $CHECKPATH -dq -m "$mode" -o "$uid:$gid" "$path"
 	fi
 }
@@ -137,10 +146,18 @@ _D() {

 	if [ $CREATE -gt 0 ]; then
 		dryrun_or_real mkdir -p "$path" 2>/dev/null
+		_restorecon "$path"
 		dryrun_or_real $CHECKPATH -Dq -m "$mode" -o "$uid:$gid" "$path"
 	fi
 }

+_v() {
+	# Create a subvolume if the path does not exist yet and the file system
+	# supports this (btrfs). Otherwise create a normal directory.
+	# TODO: Implement btrfs subvol creation.
+	_d "$@"
+}
+
 _L() {
 	# Create a symlink if it doesn't exist yet
 	local path=$1 mode=$2 uid=$3 gid=$4 age=$5 arg=$6
@@ -336,7 +353,7 @@ for FILE in $tmpfiles_d ; do

 		# whine about invalid entries
 		case $cmd in
-			f|F|w|d|D|p|L|c|C|b|x|X|r|R|z|Z) ;;
+			f|F|w|d|D|v|p|L|c|C|b|x|X|r|R|z|Z) ;;
 			*) warninvalid ; continue ;;
 		esac

@@ -344,7 +361,7 @@ for FILE in $tmpfiles_d ; do
 		if [ "$mode" = '-' -o "$mode" = '' ]; then
 			case "$cmd" in
 				p|f|F) mode=0644 ;;
-				d|D) mode=0755 ;;
+				d|D|v) mode=0755 ;;
 				C|z|Z|x|r|R|L) ;;
 			esac
 		fi
--- a/src/rc/mountinfo.c
+++ b/src/rc/mountinfo.c
@@ -347,7 +347,7 @@ get_regex(const char *string)

 #include "_usage.h"
 #define extraopts "[mount1] [mount2] ..."
-#define getoptstring "f:F:n:N:o:O:p:P:ist" getoptstring_COMMON
+#define getoptstring "f:F:n:N:o:O:p:P:iste:E:" getoptstring_COMMON
 static const struct option longopts[] = {
 	{ "fstype-regex",        1, NULL, 'f'},
 	{ "skip-fstype-regex",   1, NULL, 'F'},
--- a/src/rc/rc-misc.c
+++ b/src/rc/rc-misc.c
@@ -66,6 +66,7 @@ static const char *const env_whitelist[] = {
 	"LC_MONETARY", "LC_MESSAGES", "LC_PAPER", "LC_NAME", "LC_ADDRESS",
 	"LC_TELEPHONE", "LC_MEASUREMENT", "LC_IDENTIFICATION", "LC_ALL",
 	"IN_HOTPLUG", "IN_BACKGROUND", "RC_INTERFACE_KEEP_CONFIG",
+	"EERROR_QUIET", "EINFO_QUIET",
 	NULL
 };
Author	SHA1	Message	Date
William Hubbs	8591a0ea73	Make netmount look up services for file systems	2015-08-06 16:07:02 -05:00
Jason Zaman	6a42298257	tmpfiles: run restorecon on the entire path The tmpfiles "d" entry will create a full path and only the last dir in the path will have its SELinux label set correctly. This patch will restorecon the parents as well so that the selinux labels are correct. eg, "d /run/libvirt/lxc", then "lxc" would have the correct SELinux label but "libvirt" would not. Signed-off-by: Jason Zaman <jason@perfinion.com>	2015-08-03 12:51:16 -07:00
William Hubbs	f69833a1e1	mountinfo: fix -e and -E options Add the -e and -E options to getoptstring so they are recognized.	2015-08-02 07:39:58 -05:00
William Hubbs	eeadca0b8a	Add EERROR_QUIET and EINFO_QUIET to environment whitelist	2015-07-23 12:44:10 -05:00
William Hubbs	dde339070b	Increment version	2015-07-10 13:25:43 -05:00
Doug Freed	1736be3bc3	savecache: Fix unable to create cache message The cache is created in $RC_LIBEXECDIR, not $RC_SVCDIR, so fix the error message when we fail to create it to match.	2015-07-10 13:24:10 -04:00
Mike Gilbert	a36a635b01	tmpfiles: Recognize type 'v' (create btrfs subvol) This change does NOT implement btrfs subvol creation. Instead, it treats 'v' the same as 'd', which is an acceptable fallback according to the manual. Fixes #58	2015-06-24 22:40:35 -07:00
Mike Gilbert	9310ccc06b	Remove execute bit from tmpfiles.sh.in	2015-06-24 22:40:02 -07:00