Update ChangeLog

This makes the cgroups handling consistent between cgroups v1 and v2.
Also, it fixes #167.

ChangeLog

@@ -1,3 +1,119 @@
+commit 7f3b41311119e3a96a15b0fb473b44f422e903e9
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    use printf consistently in cgroups handling
+    
+    This makes the cgroups handling consistent between cgroups v1 and v2.
+    Also, it fixes #167.
+
+commit 1ccba056584ee1a8e09fb1d5eebd988b47912c06
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    sh/rc-functions.sh: add need_if_exists convenience function
+
+commit c46adf14343df3a74aef7e4ae5be175ae5fa7a01
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    man/openrc-run.8: Clarify the explanation of the need dependency
+
+commit 1cac8b080c16f9aab19c7a3ae1ca155c20dfa14d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    ignore sigchld when shutting down the supervised process
+    
+    We need to do this to skip the zombie state for the child process since
+    we are not easily able to wait() for it.
+
+commit b58194ef63ec8c0a7e0ea3c291da9c19aa83cb1a
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    typo fix
+
+commit b28c0d6f66e42b1e6d2a39c286a18c8d92881790
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    typo fix
+
+commit 3cf19b0f30a90157d23d09ded304439f1eb42d4a
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    supervise-daemon: code cleanup
+    
+    Clean up the process for killing an active supervisor when stopping.
+
+commit 0eb47b9af340dd07209a3920944ed085fe7bd359
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    initialize the stop schedule
+
+commit 4ab60ff10935122277bbaed437f82a765279cd19
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    rc-schedules.c: pass the correct pid to rc_find_pids
+    
+    This is for #163.
+
+commit db4a578273dbfa15b8b96686391bcc9ecc04b646
+Author: Jason Zaman <jason@perfinion.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    selinux: fix const qualifier warning
+    
+    rc-selinux.c: In function ‘selinux_setup’:
+    rc-selinux.c:361:9: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
+      curr_t = context_type_get(curr_con);
+             ^
+
+commit b1c3422f453921e838d419640fe39144dbf8d13d
+Author: Jason Zaman <jason@perfinion.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    selinux: use openrc contexts path to get contexts
+    
+    The minimum requirement for libselinux is now >=2.6
+    The refpolicy and the gentoo policy contain the
+    contexts since version 2.20170204-r4
+
+commit 3fafd7a76e6adf15ec72a7ba5f44583eff8fab7a
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    sysfs: fix cgroup hybrid mode
+    
+    In hybrid mode, we should not try to mount cgroup2 if it is not
+    available in the kernel.
+    
+    This fixes #164.
+
+commit cd5722aca50f0eaddde7ce04ee00da53c313ba7d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    cgroup2_find_path: use legacy mode if cgroup2 is not in the kernel
+    
+    This is related to #164.
+
+commit dcb4a4d2613a1fdf85651b32e5b7a87528f487bc
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.32
+
+commit e312e569970c74cf52e255da67034391b68dafac
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Update ChangeLog
+
 commit 2f60a959b442866b0e879d83f2732c4fa3ed3f7d
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
@@ -1299,140 +1415,3 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     
     X-Gentoo-Bug: 595836
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=595836
-
-commit 6710316a18c33601e780282e72c60f09b5175280
-Author: Doug Freed <dwfreed@mtu.edu>
-Commit: Doug Freed <dwfreed@mtu.edu>
-
-    openrc-run: fix double free
-
-commit 61882821e0d6110a2ca2f67fad7c362983a85cf0
-Author: Doug Freed <dwfreed@mtu.edu>
-Commit: Doug Freed <dwfreed@mtu.edu>
-
-    init.d: Clean up some bad ewarn output
-
-commit 969546bcf0203379db286be21c7f709d27cc73b0
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    typo fix
-    
-    X-Gentoo-Bug: 595306
-    X-Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=595306
-
-commit d0ae7ffc2534fa65c2e8927931f5107ce4505ca6
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    version 0.23
-
-commit b71bcc242202752bc74fce3a5c629f172b04fca5
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    update ChangeLog
-
-commit 24010dcb483cf7284cd8a5db111ae63f0d4e1038
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    dist: convert to tar.gz
-    
-    This allows the "make dist" target to be used as well as the github
-    archive generation.
-
-commit 0a76627345a173fc00be9864f3f3f5c3b15319cd
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    init.d/swap: remove the case for linux
-    
-    I am removing the separate case for Linux, because we are droppping the
-    "-e" switch.
-
-commit bbf98befb86337a36ef5af7f273e503a6de4b9bd
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    sh/init.sh.Linux.in: update test for live /proc to use md5sum
-    
-    This allows us to avoid the warnings from bash-4.4 about null bytes in
-    command substitutions.
-    
-    If you have separate /usr, are not using an initramfs, and have a file
-    called /proc/self/environ on your root file system, this will break.
-    X-Gentoo-Bug: 594534
-    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=594534
-
-commit 316903fbf0da6edc067a98327c8c6cb2b3cdcf93
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    man/openrc-run.8: typo fix
-
-commit 66a9788435e51e658e4ae9d3ce0d0e54ea53e4f9
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    man/openrc-run.8: Add note about eval usage
-    
-    This fixes #77.
-
-commit bf73363f220ff086d2559e7c2015801f80862749
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Add --use-blacklist to modprobe calls in modules and modules-load
-    
-    This means that we will honor the modprobe black lists.
-    
-    X-Gentoo-Bug: 594012
-    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=594012
-
-commit d6c30ab12a3b335ac57cd1f0ac00231bb34fc0c4
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Revert "Remove eval calls from supervisor start functions"
-    
-    This reverts commit 0d1f1010c299a95332f224c3be9e8dfdd85eec54.
-    We need the eval in case someone uses something like:
-    command_args="this \"is a\" test"
-    
-    This is related to #77.
-
-commit 0d1f1010c299a95332f224c3be9e8dfdd85eec54
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Remove eval calls from supervisor start functions
-    
-    This fixes #77.
-
-commit 83bb827edf5b9be04a326d1970d6f55db239281f
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Revert "Disable parallel startup in interactive mode"
-    
-    This reverts commit 8b4fc05ff2645b2ecb0f153492f72dd8b39ba431.
-    The original commit did not explain why this feature was disabled, and I
-    now have a request to enable it.
-    
-    This fixes #24.
-
-commit c146b966913ae80652e3be925d3aba60ed82f14d
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Add command_progress variable
-    
-    If this is set to yes, 1, true, or on, start-stop-daemon will display a
-    progress meter while waiting for a daemon to stop.
-
-commit 6cabaf274defa11773094a2c85b3d0a9f0bd9b08
-Author: Doug Freed <dwfreed@mtu.edu>
-Commit: Doug Freed <dwfreed@mtu.edu>
-
-    rc-misc: allow EINFO_VERBOSE through too

Makefile.inc

@@ -1,3 +1,3 @@
 NAME=		openrc
-VERSION=	0.31
+VERSION=	0.32
 PKG=		${NAME}-${VERSION}

init.d/sysfs.in

@@ -150,6 +150,16 @@ cgroup1_controllers()
 	return 0
 }
 
+cgroup2_base()
+{
+	local base
+	base="$(cgroup2_find_path)"
+	mkdir -p "${base}"
+	mount -t cgroup2 none -o "${sysfs_opts},nsdelegate" "${base}" 2> /dev/null ||
+		mount -t cgroup2 none -o "${sysfs_opts}" "${base}"
+	return 0
+}
+
 cgroup2_controllers()
 {
 	local active cgroup_path x y
@@ -169,13 +179,12 @@ cgroup2_controllers()
 
 cgroups_hybrid()
 {
-	grep -qw cgroup /proc/filesystems &&
+	grep -qw cgroup /proc/filesystems || return 0
-		grep -qw cgroup2 /proc/filesystems ||
-		return 0
 	cgroup1_base
-	mkdir /sys/fs/cgroup/unified
+	if grep -qw cgroup2 /proc/filesystems; then
-	mount -t cgroup2 none -o "${sysfs_opts},nsdelegate" /sys/fs/cgroup/unified
+		cgroup2_base
-	cgroup2_controllers
+		cgroup2_controllers
+	fi
 	cgroup1_controllers
 	return 0
 }
@@ -190,8 +199,8 @@ cgroups_legacy()
 
 cgroups_unified()
 {
-	grep -qw cgroup2 /proc/filesystems || return 0
+	cgroup2_base
-	mount -t cgroup2 none -o "${sysfs_opts},nsdelegate" /sys/fs/cgroup
+	cgroup2_controllers
 	return 0
 }
 

man/openrc-run.8

@@ -217,8 +217,10 @@ that dependency type to the function, or prefix the names with ! to
 remove them from the dependencies.
 .Bl -tag -width "RC_DEFAULTLEVEL"
 .It Ic need
-The service will refuse to start until needed services have started and it
+The service will attempt to start any services it needs regardless of
-will refuse to stop until any services that need it have stopped.
+whether they have been added to the runlevel. It will refuse to start
+until all services it needs have started, and it will refuse to stop until all
+services that need it have stopped.
 .It Ic use
 The service will attempt to start any services it uses that have been added
 to the runlevel.

sh/rc-cgroup.sh.in

@@ -146,10 +146,12 @@ cgroup_set_limits()
 
 cgroup2_find_path()
 {
-	case "${rc_cgroup_mode:-hybrid}" in
+	if grep -qw cgroup2 /proc/filesystems; then
-		hybrid) printf "/sys/fs/cgroup/unified" ;;
+		case "${rc_cgroup_mode:-hybrid}" in
-		unified) printf "/sys/fs/cgroup" ;;
+			hybrid) printf "/sys/fs/cgroup/unified" ;;
+			unified) printf "/sys/fs/cgroup" ;;
 		esac
+	fi
 		return 0
 }
 
@@ -163,7 +165,7 @@ cgroup2_remove()
 		[ ! -e "${rc_cgroup_path}"/cgroup.events ] &&
 		return 0
 	grep -qx "$$" "${rc_cgroup_path}/cgroup.procs" &&
-		echo 0 > "${cgroup_path}/cgroup.procs"
+		printf "%d" 0 > "${cgroup_path}/cgroup.procs"
 	local key populated vvalue
 	while read -r key value; do
 		case "${key}" in
@@ -180,18 +182,18 @@ cgroup2_set_limits()
 {
 	local cgroup_path
 	cgroup_path="$(cgroup2_find_path)"
-	[ -z "${cgroup_path}" ] && return 0
+	[ -d "${cgroup_path}" ] || return 0
 	rc_cgroup_path="${cgroup_path}/${RC_SVCNAME}"
 	local OIFS="$IFS"
 	IFS="
 "
 	[ ! -d "${rc_cgroup_path}" ] && mkdir "${rc_cgroup_path}"
-	echo 0 > "${rc_cgroup_path}/cgroup.procs"
+	printf "%d" 0 > "${rc_cgroup_path}/cgroup.procs"
 	echo "${rc_cgroup_settings}" | while IFS="$OIFS" read -r key value; do
 		[ -z "${key}" ] || [ -z "${value}" ] && continue
 		[ ! -e "${rc_cgroup_path}/${key}" ] && continue
 		veinfo "${RC_SVCNAME}: cgroups: ${key} ${value}"
-		echo "${value}" > "${rc_cgroup_path}/${key}"
+		printf "%s" "${value}" > "${rc_cgroup_path}/${key}"
 	done
 	IFS="$OIFS"
 	return 0

sh/rc-functions.sh.in

@@ -119,6 +119,13 @@ get_bootparam_value()
 	echo $result
 }
 
+need_if_exists()
+{
+	for x; do
+		rc-service --exists "${x}" && need "${x}"
+	done
+}
+
 # Called from openrc-run.sh or gendepends.sh
 _get_containers() {
 	local c

src/rc/rc-schedules.c

@@ -56,11 +56,6 @@ typedef struct scheduleitem {
 
 static TAILQ_HEAD(, scheduleitem) schedule;
 
-void initialize_schedulelist(void)
-{
-	TAILQ_INIT(&schedule);
-}
-
 void free_schedulelist(void)
 {
 	SCHEDULEITEM *s1 = TAILQ_FIRST(&schedule);
@@ -186,6 +181,7 @@ void parse_schedule(const char *applet, const char *string, int timeout)
 	size_t len;
 	SCHEDULEITEM *item;
 
+	TAILQ_INIT(&schedule);
 	if (string)
 		for (slash = string; *slash; slash++)
 			if (*slash == '/')
@@ -261,10 +257,10 @@ int do_stop(const char *applet, const char *exec, const char *const *argv,
 	bool killed;
 	int nkilled = 0;
 
-	if (pid)
+	if (pid > 0)
 		pids = rc_find_pids(NULL, NULL, 0, pid);
 	else
-		pids = rc_find_pids(exec, argv, uid, pid);
+		pids = rc_find_pids(exec, argv, uid, 0);
 
 	if (!pids)
 		return 0;

src/rc/rc-schedules.h

@@ -13,7 +13,6 @@
 #ifndef __RC_SCHEDULES_H
 #define __RC_SCHEDULES_H
 
-void initialize_schedulelist(void);
 void free_schedulelist(void);
 int parse_signal(const char *applet, const char *sig);
 void parse_schedule(const char *applet, const char *string, int timeout);

src/rc/rc-selinux.c

@@ -39,7 +39,6 @@
 #include "rc-selinux.h"
 
 /* the context files for selinux */
-#define RUN_INIT_FILE "run_init_type"
 #define INITRC_FILE "initrc_context"
 
 #ifdef HAVE_AUDIT
@@ -299,6 +298,26 @@ static int read_context_file(const char *filename, char **context)
 	return ret;
 }
 
+static int read_run_init_context(char **context)
+{
+	int ret = -1;
+	RC_STRINGLIST *list;
+	char *value = NULL;
+
+	list = rc_config_list(selinux_openrc_contexts_path());
+	if (list == NULL)
+		return ret;
+
+	value = rc_config_value(list, "run_init");
+	if (value != NULL && strlen(value) > 0) {
+		*context = xstrdup(value);
+		ret = 0;
+	}
+
+	rc_stringlist_free(list);
+	return ret;
+}
+
 void selinux_setup(char **argv)
 {
 	char *new_context = NULL;
@@ -312,7 +331,7 @@ void selinux_setup(char **argv)
 		return;
 	}
 
-	if (read_context_file(RUN_INIT_FILE, &run_init_t) != 0) {
+	if (read_run_init_context(&run_init_t) != 0) {
 		/* assume a reasonable default, rather than bailing out */
 		run_init_t = xstrdup("run_init_t");
 		ewarn("Assuming SELinux run_init type is %s", run_init_t);
@@ -339,14 +358,13 @@ void selinux_setup(char **argv)
 		goto out;
 	}
 
-	curr_t = context_type_get(curr_con);
+	curr_t = xstrdup(context_type_get(curr_con));
 	if (!curr_t) {
 		context_free(curr_con);
 		free(curr_context);
 		goto out;
 	}
 
-	curr_t = xstrdup(curr_t);
 	/* dont need them anymore so free() now */
 	context_free(curr_con);
 	free(curr_context);

src/rc/supervise-daemon.c

@@ -432,6 +432,7 @@ int main(int argc, char **argv)
 	int respawn_period = 5;
 	time_t respawn_now= 0;
 	time_t first_spawn= 0;
+	struct timespec ts;
 	struct passwd *pw;
 	struct group *gr;
 	FILE *fp;
@@ -658,17 +659,19 @@ int main(int argc, char **argv)
 
 	if (stop) {
 		pid = get_pid(applet, pidfile);
-		if (pid == -1)
+		if (pid != -1) {
-			i = pid;
-		else
 			i = kill(pid, SIGTERM);
-		if (i != 0)
+			if (i != 0)
-			/* We failed to send the signal */
+				/* We failed to send the signal */
-			exit(EXIT_FAILURE);
+				exit(EXIT_FAILURE);
 
-		/* wait for the supervisor to go down */
+			/* wait for the supervisor to go down */
-		while (kill(pid, 0) == 0)
+			while (kill(pid, 0) == 0) {
-			sleep(1);
+				ts.tv_sec = 0;
+				ts.tv_nsec = 1;
+				nanosleep(&ts, NULL);
+			}
+		}
 
 		/* Even if we have not actually killed anything, we should
 		 * remove information about it as it may have unexpectedly
@@ -750,6 +753,7 @@ int main(int argc, char **argv)
 		while (!exiting) {
 			wait(&i);
 			if (exiting) {
+				signal_setup(SIGCHLD, SIG_IGN);
 				syslog(LOG_INFO, "stopping %s, pid %d", exec, child_pid);
 				nkilled = run_stop_schedule(applet, exec, NULL, child_pid,
 						0, false, false, true);