version 0.44.10

This fixes #484.
This fixes #483.

.cirrus.yml

@@ -4,7 +4,8 @@
 test_task:
   freebsd_instance:
     matrix:
-      image: freebsd-12-1-release-amd64
+      image: freebsd-13-0-release-amd64
+      image: freebsd-12-2-release-amd64
       image: freebsd-11-4-release-amd64
   env:
     OS: FreeBSD

.github/workflows/ci-alpine-linux.yml

@@ -0,0 +1,26 @@
+name: ci_alpine_linux
+
+on: [push, pull_request]
+
+jobs:
+
+  gcc-musl:
+    runs-on: ubuntu-latest
+    container: alpine:latest
+    steps:
+      - name: install deps
+        run: >-
+          apk --no-cache add \
+            build-base \
+            meson \
+            pkgconf \
+            linux-pam \
+            linux-pam-dev
+      - name: checkout
+        uses: actions/checkout@v2
+      - run: meson setup builddir/
+        env:
+          CC: gcc
+      - run: ninja -C builddir
+        env:
+          CC: gcc

.github/workflows/ci-ubuntu.yml

@@ -0,0 +1,32 @@
+name: ci_ubuntu
+
+on: [push, pull_request]
+
+jobs:
+
+  gcc-glibc:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - run: sudo apt-get update -q
+    - run: sudo apt-get install -q -y build-essential libpam-dev meson
+    - run: meson setup builddir/
+      env:
+        CC: gcc
+    - run: ninja -C builddir
+      env:
+        CC: gcc
+
+
+  clang-glibc:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - run: sudo apt-get update -q
+    - run: sudo apt-get install -q -y build-essential clang libpam-dev meson
+    - run: meson setup builddir/
+      env:
+        CC: clang
+    - run: ninja -C builddir
+      env:
+        CC: clang

ChangeLog

@@ -1,3 +1,337 @@
+commit 7d46c8ca6e8271aa1c9bc1e5247fd1f861f68153
+Author: Doug Freed <dwfreed@mtu.edu>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    rc-status: fix uptime types and simplify
+    
+    This fixes #484.
+    This fixes #483.
+
+commit 20f049b0e94c0ef386b65a9a786fe24c51877ba8
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.44.9
+    
+    This will need to be bumped again if we do 0.44.10
+
+commit d0160dd96e92d0aadc531d4c06b010ee2ef72955
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    update ChangeLog
+
+commit eca4c2d31efc29ed653dbcfc3a3cc043d24bd08d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    support/init.d.examples: Do not use @PKG_PREFIX@ in service examples
+    
+    I can't think of a reason to do this since these scripts are just
+    examples.
+    
+    This is for #474.
+
+commit 6a91444bd9f7f122f580d1297f33d58d5b518359
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    meson: fallback to libcrypt detection outside of pkg-config
+    
+    Much like PAM, not all implementations of libcrypt provide a pkg-config
+    file, and hence we can't find it using the old logic.
+    
+    Let's fall back to the standard AC_SEARCH_LIBS-style check if the pkg-config-style
+    detection fails.
+    
+    This fixes finding e.g. musl's libcrypt.
+    
+    X-Gentoo-Bug: 827074
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/827074
+
+commit 075fb7c6465824b51881fa47c6419650011f4e0f
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    src/rc/rc-selinux.c: fix use of deprecated security_context_t
+    
+    It's only a char* and has been deprecated upstream [0].
+    
+    [0] https://github.com/SELinuxProject/selinux/commit/7a124ca27581
+    
+    Fixes: #478
+
+commit 7f597d024af1612d8a104ed6fe591aae71105220
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    meson: only find libcrypt if SELinux and no PAM
+    
+    We only need libcrypt if we're building _with_ SELinux and
+    _without_ PAM. We don't use libcrypt for general SELinux
+    with PAM.
+    
+    This is mostly a correctness change as libcrypt should
+    generally be available (as opposed to the previous
+    change which fixed some real-world cases).
+    
+    Fixes: f3f0fde861b438c80f99afdd49fe175e9d0a68ca
+    Fixes: #478
+
+commit 27219666abf15117c8722dcd716681f7e6e957bf
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    meson: link against libcrypt for SELinux if no PAM
+    
+    We use libcrypt's crypt() if we're _not_ using PAM
+    in the SELinux code (rc-selinux, specifically).
+    
+    X-Gentoo-Bug: 824954
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
+    Fixes: https://github.com/openrc/openrc/pull/477
+
+commit 76022cba36a5281f1da227a40f7fe7d805b85426
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    meson: fix pam_misc_dep definition
+    
+    X-Gentoo-Bug: 824954
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
+    Fixes: https://github.com/OpenRC/openrc/issues/470
+    Fixes: https://github.com/OpenRC/openrc/pull/477
+
+commit 792dc7f6e8f31acace120b9e562412517ccea9d8
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    src/librc/librc-daemon.c: add missing include for kill (fix uclibc)
+    
+    Fixes: #471
+    Fixes: #473
+
+commit b5d576255bbe7ca3175046540a28d9613d40f9eb
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    src/librc/librc-misc.c: add missing include for fileno (fix uclibc)
+    
+    Fixes: #471
+    Fixes: #473
+
+commit 45d1494b5d741d1f061c5a28e2ef8b506d36249d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.44.8
+
+commit 20856a14e9e045fc2ab3d87a2a7f5e1408d1914f
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    update ChangeLog
+
+commit a850651f5ce29a37574f7d76ae40ef9e1d2d4a62
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    openrc-init: fix build for selinux
+    
+    X-Gentoo-Bug: 821520
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821520
+
+commit b0a80a042d20d3d0ee4d204c5c96e1538a65575f
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    build: pam fix
+    
+    Set the HAVE_PAM option if the dependency is found *and* pam is
+    requested.
+    
+    X-Gentoo-Bug: 821211
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821211
+
+commit 49620e95ec8ecd5d91c554d8e50cdf65df1920b5
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    fix permission of installed version file
+
+commit b4789b99104f08136ad160920388b8d4df000508
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.44.7
+
+commit d5ae8a2ad1b66f4f20609b3eadf9968b36133f7a
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    update ChangeLog
+
+commit 3a276728e079aa9f44ab19cf5858e1eac2670462
+Author: Kerin Millar <kfm@plushkava.net>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    init.d/s6-svscan.in: make sure $command exists
+    
+    While the s6-svscan runscript belongs to OpenRC, the user is required to
+    install s6 before it can actually be used, potentially leading to
+    confusion. Check for the existence of $command in start_pre and, if it does not
+    exist, bail out with an error that makes this observation.
+    
+    X-Gentoo-Bug: 816978
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=816978
+
+commit 29d3e0bde237e13f8c5083d2f0db50652061bf2c
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    selinux build fix
+
+commit 969a0362252a7f9459337ac564ebf5f0c2c74476
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    fix bug in pam build tests
+
+commit 9767d24510e1d52b86a2051c25af2fa5928e7319
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    support older pam versions
+    
+    Some distros are still using versions of pam which do not create
+    *.pc files, so we need fallback logic for that situation.
+
+commit c73284ef963cd6b3c47dd007a45f5c13c5dafcb0
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    build: fix pam and pam_misc dependencies
+    
+    Pam generates pkgconfig files now, so meson can use them to find the pam
+    dependencies.
+
+commit 0657bf0d25a460b4b56579984eb326302f3bf121
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    separate github actions based on OS
+    
+    This fixes #466.
+
+commit 80aad11b02d575d5a949914bb6942b92fc15e834
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    add github action to build on several linux platforms
+    
+    This github action runs a build on each of the following platforms on a
+    push or pull request.
+    
+    - Ubuntu LTS with gcc and glibc
+    - Ubuntu LTS with clang and glibc
+    - Alpine with gcc and musl
+    
+    This fixes #463.
+
+commit 2d9dc654b58c4a523b01097369ce94708c8cf43a
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    .cirrus.yml: update FreeBSD images
+
+commit f46cc83ef7100ce713c4e616524e63371825e153
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    move rc_bindir and rc_sbindir definitions to the top level
+
+commit cc45b55f895d0c21b5ac3e5a65b0bf00f76adeb7
+Author: Sam James <sam@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    checkpath: fix allocation size of path buffer
+    
+    strlen's return value isn't enough to be used
+    directly for (x)malloc; it doesn't include
+    the null byte at the end of the string.
+    
+    X-Gentoo-Bug: 816900
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/816900
+    Fixes: #459
+    Fixes: #462
+
+commit 930e69017f95766c662763c2445e2827eb037fd7
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.44.6
+
+commit 44912434cfe139a1953bbd3b2cde7e0b2bce0ae7
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    update ChangeLog
+
+commit c7fde9a3dab01d30d16f9907f7cce00799f92821
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    fix build for selinux
+    
+    I would like to thank jpds@protonmail.com for the patch.
+    
+    X-Gentoo-Bug: 815847
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=815847
+
+commit ffededbf955e39add0fbbacc22f2c0d7a8901b35
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.44.5
+
+commit b0efb663f9ed84627c302a2d051fc5a74fb0c2b6
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    update ChangeLog
+
+commit aa69e48125df7684ab3b77eaf9013f8c126b1fca
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    build: fix rootprefix
+    
+    This fixes #438.
+
+commit 4ba10f1d5074a45b4ddd96d2d404842fa3b38e63
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    link runscript with audit
+
+commit 38a9e2ff630b0e0bd261afb2e66072f904b5d608
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    link openrc-run with audit and libpam_misc
+
+commit 783af5abac209c7745fd5c06dc89b2f5dfa3b313
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    version 0.44.4
+
+commit 75c3b53e3195f2d3541a7d83920667d1c4b14337
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    update ChangeLog
+
 commit c300c180a2a7dbefb46272c2acac6462372b8eb0
 Author: Natanael Copa <ncopa@alpinelinux.org>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
@@ -671,209 +1005,3 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     remove statement about not providing an init
     
     This fixes #359.
-
-commit 4b2a61f1b8b786600e39ba1a223ff8d9b389b275
-Author: Manuel Rüger <manuel@rueg.eu>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    rc-status: Remove noise from ini-formatted output
-    
-    Otherwise this would create the following output:
-    
-    rc-status -f ini
-     * Caching service dependencies ...        [ ok ]
-    [default]
-    dbus =  started
-    NetworkManager =  started
-    syslog-ng =  started
-    ...
-    
-    This fixes #364.
-
-commit 62bc463c63a3beeeead0b6fb164f7c7e9b917849
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    update freebsd 11.x image on cirrus ci
-
-commit 7019bfad3b4cf6eff31d967f6f4e0960f67858fb
-Author: Clayton Craft <clayton@craftyguy.net>
-Commit: Luca Barbato <luca.barbato@gmail.com>
-
-    user-guide: clarify note for Runlevels/rc-update usage
-    
-    I found the original note a little confusing, since using rc-update will
-    add it to a runlevel so it *is* auto-started when the system reaches
-    that runlevel again, but I don't think that was the intended meaning of
-    'auto-start', so hopefully this makes it a little more clear.
-
-commit 8346c985d598385e760375a8adf69c986bb4a350
-Author: lishuxiang <GoldenMean58@outlook.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Update user-guide.md
-    
-    fix a typo
-    
-    This fixes #389.
-
-commit da30767353eb1cc13826176bf19308a05c7bade4
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    supervise-daemon: do not spawn a process if we are exiting
-    
-    This fixes #375 and allows us to not add another level of indentation in
-    the supervisor loop.
-
-commit 57d9528a0bc64366ea3e0fbbb21b1282ce5c1212
-Author: Dermot Bradley <dermot_bradley@yahoo.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Remove warning when osclock init.d script runs
-    
-    Currently when osclock is enabled as a init.d service the following
-    messages appear during boot when osclock starts:
-    
-      * The command variable is undefined.
-      * There is nothing for osclock to start.
-      * If this is what you intend, please write a start function.
-      * This will become a failure in a future release.
-    
-    osclock is activated whenever a machine's system clock is automatically
-    configured from a RTC by the kernel and the osclock's only purpose is to
-    satisfy the "clock" dependency defined by other init.d services.
-    
-    Adding a stub start() function prevents OpenRC from showing warnings but
-    continues to ensure that the osclock service still does not actually do
-    anything.
-    
-    This fixes #377.
-
-commit 6ce48f124aea593b77163d6f198d18bbe9093068
-Author: Calvin Montgomery <calzoneman@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    man/openrc.8: populate OPTIONS from --help output
-    
-    This fixes #378.
-
-commit 00ea2166081856774f24f7243126f701c7fe6db9
-Author: Michael Orlitzky <michael@orlitzky.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    src/rc/checkpath.c: replace mkdir() with mkdirat().
-    
-    The do_check() function recently gained some defenses against symlink
-    replacement attacks that involve the use of *at functions in place of
-    their vanilla counterparts; openat() instead of open(), for example.
-    One opportunity to replace mkdir() with mkdirat() was missed, however,
-    and this commit replaces it.
-    
-    This fixes #386.
-
-commit ac7ca6d901d72b1bc4ed13be5438e825c07fc0da
-Author: Michael Orlitzky <michael@orlitzky.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    src/rc/checkpath.c: fix typo "synbolic" -> "symbolic".
-
-commit 47819f004cec3cc3e911ba69003b8b52bacbebef
-Author: Johannes Heimansberg <git@jhe.dedyn.io>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    start-stop-daemon, supervise-daemon: fix parsing of usernames passed via --user that start with a number
-    
-    start-stop-daemon and supervise-daemon parse usernames and group names
-    passed via the --user argument as numeric UID/GID if they start with a
-    number (e.g. user "4foo" will be treated as UID 4). This results in the
-    process that is being started to run under a totally unexpected user if
-    that UID exists.
-    
-    Even though the result of the sscanf calls are tested for a result of
-    exactly 1, which means exactly one value was extracted, because sscanf's
-    format string only contains only one placeholder, it will never return
-    a value greater than 1, even if there are still characters left to be
-    parsed. This causes start-stop-daemon and supervise-daemon to assume
-    that usernames starting with a number are just that number. Adding a
-    second placeholder "%1s" to the format string, which matches a string of
-    length 1, makes sure that sscanf can distinguish between pure numbers
-    (in which case it will return 1) and strings either starting with a
-    number (in which case it will return 2) and any other string (in which
-    case it will return 0).
-    
-    This fixes #379.
-    This fixes #380.
-
-commit 0fab3e837b45021fdcc02a71873c3c245ce96080
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    bootmisc: allow sysvinit compatibility  during shutdown
-    
-    Use "halt -w" to write the halt record if it exists.
-    Otherwise use openrc-shutdown.
-    
-    This fixes #336.
-
-commit 38aaba28ee86602e29d8a31f155dfa72f5481e68
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    scripts/shutdown.in: fix sysvinit compatible shutdown
-    
-    X-Gentoo-Bug: https://bugs.gentoo.org/755422
-
-commit 3ed4126a31406124ae8042fc3d4c0bf963d6961e
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    update news for 0.43 with info on checkpath fix
-
-commit aa0fdf6d08b987dfcabebf5b8d05beff015ad8f4
-Author: Lars Wendler <polynomial-c@gentoo.org>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    start-stop-daemon: Don't segfault if --exec was given a non-existing file name
-    
-      Starting program: /sbin/start-stop-daemon --start --exec i-dont-exist
-    
-      Program received signal SIGSEGV, Segmentation fault.
-      0x0000555555559053 in main (argc=1, argv=0x7fffffffdc20)
-          at start-stop-daemon.c:631
-      631                         *exec_file ? exec_file : exec);
-    
-    This fixes #385.
-
-commit b6fef599bf8493480664b766040fa9b0d4b1e335
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    checkpath: fix CVE-2018-21269
-    
-    This walks the directory path to the file we are going to manipulate to make
-    sure that when we create the file and change the ownership and permissions
-    we are working on the same file.
-    Also, all non-terminal symbolic links must be owned by root. This will
-    keep a non-root user from making a symbolic link as described in the
-    bug. If root creates the symbolic link, it is assumed to be trusted.
-    
-    On non-linux platforms, we no longer follow non-terminal symbolic links
-    by default. If you need to do that, add the -s option on the checkpath
-    command line, but keep in mind that this is not secure.
-    
-    This fixes #201.
-
-commit aac1734a70b60da97d4d24930f1902ca46894b44
-Author: Julien Surloppe <julien@surloppe.fr>
-Commit: Mike Frysinger <vapier@gmail.com>
-
-    Update user-guide.md
-    
-    Add missing underscore.
-
-commit 2355f1a3f2a4fd62cac6d9af0e94c8731acd4c0f
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    supervise-daemon: only log debug logs when verbose mode is active

Makefile.inc

@@ -1,3 +1,3 @@
 NAME=		openrc
-VERSION=	0.44.4
+VERSION=	0.44.10
 PKG=		${NAME}-${VERSION}

init.d/s6-svscan.in

@@ -21,9 +21,13 @@ depend()
 
 start_pre()
 {
+	if [ ! -e "$command" ]; then
+		eerror "$command is missing (please install s6)"
+	else
 		einfo "Creating s6 scan directory"
 		checkpath -d -m 0755 "$RC_SVCDIR"/s6-scan
-	return $?
+	fi
+	return
 }
 
 stop_post()

meson.build

@@ -1,5 +1,5 @@
 project('OpenRC', 'c',
-  version : '0.44.4',
+  version : '0.44.10',
   license: 'BSD-2',
   default_options : [
     'c_std=c99',
@@ -42,17 +42,20 @@ else
   os = option_os
 endif
 
-pam = get_option('pam')
-if pam
-  libpam = cc.find_library('pam')
-  libpam_misc = cc.find_library('pam_misc')
+pam_dep = dependency('pam', required: false)
+if not pam_dep.found()
+  pam_dep = cc.find_library('pam', required: false)
+endif
+if pam_dep.found() and get_option('pam')
   cc_pam_flags = '-DHAVE_PAM'
 else
-  libpam = []
-  libpam_misc = []
   cc_pam_flags = []
 endif
 
+if not pam_dep.found() and get_option('pam')
+  error('Pam was requested but could not be located')
+  endif
+
 option_pkg_prefix = get_option('pkg_prefix')
 if option_pkg_prefix == ''
   if os == 'Dragonfly' or os == 'FreeBSD'
@@ -72,26 +75,45 @@ else
   split_usr = get_option('split-usr') == 'true'
 endif
 
-rootprefix_default = split_usr ? '/' : '/usr'
-rootprefix_path = get_option('rootprefix')
-rootprefix = rootprefix_path != '' ? rootprefix_path : rootprefix_default
+rootprefix = get_option('rootprefix')
+rootprefix_default = '/'
+if rootprefix == ''
+rootprefix = rootprefix_default
+endif
 
 bindir = rootprefix / get_option('bindir')
 libdir = rootprefix / get_option('libdir')
-if os == 'Linux' and split_usr
-  libexecpath = 'lib'
-else
-  libexecpath = get_option('libexecdir')
+libexecdir = get_option('libexecdir')
+if os == 'Linux' and libexecdir == 'libexec'
+  libexecdir = 'lib'
 endif
-libexecdir = split_usr ? rootprefix / libexecpath :
-  get_option('prefix') / libexecpath
+libexecdir = rootprefix / libexecdir
 rc_libexecdir = libexecdir / 'rc'
+rc_bindir = rc_libexecdir / 'bin'
+rc_sbindir = rc_libexecdir / 'sbin'
 sbindir = rootprefix / get_option('sbindir')
 
+crypt_dep = []
+
 selinux_dep = dependency('libselinux', required : get_option('selinux'))
+pam_misc_dep = []
 if selinux_dep.found()
   cc_selinux_flags = '-DHAVE_SELINUX'
+  if pam_dep.found() and get_option('pam')
+    pam_misc_dep = dependency('pam_misc', required: false)
+    if not pam_misc_dep.found()
+      pam_misc_dep = cc.find_library('pam_misc', required: false)
+    endif
+    if not pam_misc_dep.found() and get_option('pam')
+      error('Pam was requested but could not be located')
+    endif
   else
+    crypt_dep = dependency('libcrypt', required : false)
+    if not crypt_dep.found()
+      crypt_dep = cc.find_library('crypt', required : true)
+    endif
+  endif
+else
   cc_selinux_flags = []
 endif
 

src/librc/librc-daemon.c

@@ -15,6 +15,8 @@
  *    except according to the terms contained in the LICENSE file.
  */
 
+#include <signal.h>
+
 #include "queue.h"
 #include "librc.h"
 

src/librc/librc-misc.c

@@ -16,6 +16,7 @@
  */
 
 #include <fnmatch.h>
+#include <stdio.h>
 
 #include "queue.h"
 #include "librc.h"

src/rc/checkpath.c

@@ -151,7 +151,7 @@ static char *clean_path(char *path)
 	char *ch;
 	char *ch2;
 	char *str;
-	str = xmalloc(strlen(path));
+	str = xmalloc(strlen(path) + 1);
 	ch = path;
 	ch2 = str;
 	while (true) {

src/rc/meson.build

@@ -14,7 +14,7 @@ usage_c = files([
   '_usage.c',
   ])
 
-if get_option('selinux').enabled()
+if selinux_dep.found()
   rc_selinux_c = files([
     'rc-selinux.c',
     ])
@@ -26,9 +26,6 @@ rc_wtmp_c = files([
   'rc-wtmp.c',
   ])
 
-rc_bindir = rc_libexecdir / 'bin'
-rc_sbindir = rc_libexecdir / 'sbin'
-
 executable('rc-status',
   ['rc-status.c', rc_misc_c, usage_c, version_h],
   c_args : cc_branding_flags,
@@ -53,7 +50,7 @@ executable('openrc-run',
   rc_selinux_c, version_h],
   c_args : [cc_audit_flags, cc_branding_flags, cc_pam_flags, cc_selinux_flags],
   link_with: [libeinfo, librc],
-  dependencies: [dl_dep, libpam, selinux_dep, util_dep],
+  dependencies: [audit_dep, dl_dep, pam_dep, pam_misc_dep, selinux_dep, util_dep, crypt_dep],
   include_directories: [incdir, einfo_incdir, rc_incdir],
   install: true,
   install_dir: sbindir)
@@ -88,7 +85,7 @@ executable('runscript',
     rc_selinux_c, version_h],
   c_args : [cc_audit_flags, cc_branding_flags, cc_pam_flags, cc_selinux_flags],
   link_with: [libeinfo, librc],
-  dependencies: [dl_dep, libpam, util_dep, selinux_dep],
+  dependencies: [audit_dep, dl_dep, pam_dep, pam_misc_dep, util_dep, selinux_dep, crypt_dep],
   include_directories: [incdir, einfo_incdir, rc_incdir],
   install: true,
   install_dir: sbindir)
@@ -98,7 +95,7 @@ executable('start-stop-daemon',
 	rc_selinux_c, usage_c, version_h],
   c_args : [cc_audit_flags, cc_branding_flags, cc_pam_flags, cc_selinux_flags],
   link_with: [libeinfo, librc],
-  dependencies: [dl_dep, libpam, util_dep, selinux_dep],
+  dependencies: [audit_dep, dl_dep, pam_dep, pam_misc_dep, util_dep, selinux_dep, crypt_dep],
   include_directories: [incdir, einfo_incdir, rc_incdir],
   install: true,
   install_dir: sbindir)
@@ -108,7 +105,7 @@ executable('supervise-daemon',
     usage_c, version_h],
   c_args : [cc_branding_flags, cc_pam_flags, cc_selinux_flags],
   link_with: [libeinfo, librc],
-  dependencies: [dl_dep, libpam, util_dep, selinux_dep],
+  dependencies: [dl_dep, pam_dep, util_dep, selinux_dep],
   include_directories: [incdir, einfo_incdir, rc_incdir],
   install: true,
   install_dir: sbindir)
@@ -116,9 +113,10 @@ executable('supervise-daemon',
 if os == 'Linux'
   executable('openrc-init',
     ['openrc-init.c', rc_plugin_c, rc_wtmp_c, version_h],
+  c_args : cc_selinux_flags,
     include_directories: [incdir, einfo_incdir, rc_incdir],
     link_with: [libeinfo, librc],
-    dependencies: [dl_dep],
+    dependencies: [dl_dep, selinux_dep],
     install: true,
     install_dir: sbindir)
 
@@ -171,7 +169,7 @@ executable('checkpath',
   c_args : [cc_audit_flags, cc_branding_flags, cc_pam_flags, cc_selinux_flags],
   include_directories: [incdir, einfo_incdir, rc_incdir],
   link_with: [libeinfo, librc],
-  dependencies: [libpam, selinux_dep],
+  dependencies: [audit_dep, pam_dep, pam_misc_dep, selinux_dep, crypt_dep],
   install: true,
   install_dir: rc_bindir)
 

src/rc/rc-selinux.c

@@ -66,7 +66,7 @@ int selinux_util_label(const char *path)
 	int retval = 0;
 	int enforce;
 	struct stat st;
-	security_context_t con;
+	char *con;
 
 	enforce = security_getenforce();
 	if (retval < 0)

src/rc/rc-status.c

@@ -97,14 +97,12 @@ static char *get_uptime(const char *service)
 {
 	RC_SERVICE state = rc_service_state(service);
 	char *start_count;
-	time_t now;
 	char *start_time_string;
 	time_t start_time;
-	time_t time_diff;
-	time_t diff_days = (time_t) 0;
-	time_t diff_hours = (time_t) 0;
-	time_t diff_mins = (time_t) 0;
-	time_t diff_secs = (time_t) 0;
+	int64_t diff_days;
+	int64_t diff_hours;
+	int64_t diff_mins;
+	int64_t diff_secs;
 	char *uptime = NULL;
 
 	if (state & RC_SERVICE_STARTED) {
@@ -112,21 +110,13 @@ static char *get_uptime(const char *service)
 		start_time_string = rc_service_value_get(service, "start_time");
 		if (start_count && start_time_string) {
 			start_time = to_time_t(start_time_string);
-			now = time(NULL);
-			time_diff = (time_t) difftime(now, start_time);
-			diff_secs = time_diff;
-			if (diff_secs > (time_t) 86400) {
-				diff_days = diff_secs / (time_t) 86400;
-				diff_secs %= diff_days * (time_t) 86400;
-			}
-			if (diff_secs > (time_t) 3600) {
-				diff_hours = diff_secs / (time_t) 3600;
-				diff_secs %= diff_hours * (time_t) 3600;
-			}
-			if (diff_secs > (time_t) 60) {
-				diff_mins = diff_secs / (time_t) 60;
-				diff_secs %= diff_mins * (time_t) 60;
-			}
+			diff_secs = (int64_t) difftime(time(NULL), start_time);
+			diff_days = diff_secs / 86400;
+			diff_secs = diff_secs % 86400;
+			diff_hours = diff_secs / 3600;
+			diff_secs = diff_secs % 3600;
+			diff_mins = diff_secs / 60;
+			diff_secs = diff_secs % 60;
 			if (diff_days > 0)
 				xasprintf(&uptime,
 						"%"PRId64" day(s) %02"PRId64":%02"PRId64":%02"PRId64" (%s)",

support/init.d.examples/avahi-dnsconfd.in

@@ -9,7 +9,7 @@
 # This file may not be copied, modified, propagated, or distributed
 # except according to the terms contained in the LICENSE file.
 
-command=@PKG_PREFIX@/sbin/avahi-dnsconfd
+command=/sbin/avahi-dnsconfd
 command_args="$avahi_dnsconfd_args -D"
 pidfile=/var/run/avahi-dnsconfd.pid
 name="Avahi DNS Configuration Daemon"

support/init.d.examples/avahid.in

@@ -9,7 +9,7 @@
 # This file may not be copied, modified, propagated, or distributed
 # except according to the terms contained in the LICENSE file.
 
-command=@PKG_PREFIX@/sbin/avahi-daemon
+command=/sbin/avahi-daemon
 command_args="$avahid_args -D"
 pidfile=/var/run/avahi-daemon/pid
 name="Avahi Service Advertisement Daemon"

support/init.d.examples/dbus.in

@@ -9,7 +9,7 @@
 # This file may not be copied, modified, propagated, or distributed
 # except according to the terms contained in the LICENSE file.
 
-command=@PKG_PREFIX@/bin/dbus-daemon
+command=/bin/dbus-daemon
 pidfile=/var/run/dbus/pid
 command_args="${dbusd_args---system}"
 name="Message Bus Daemon"

support/init.d.examples/dnsmasq.in

@@ -9,7 +9,7 @@
 # This file may not be copied, modified, propagated, or distributed
 # except according to the terms contained in the LICENSE file.
 
-command=@PKG_PREFIX@/sbin/dnsmasq
+command=/sbin/dnsmasq
 command_args=$dnsmasq_args
 pidfile=/var/run/dnsmasq.pid
 required_files=/etc/dnsmasq.conf

support/init.d.examples/hald.in

@@ -9,7 +9,7 @@
 # This file may not be copied, modified, propagated, or distributed
 # except according to the terms contained in the LICENSE file.
 
-command=@PKG_PREFIX@/sbin/hald
+command=/sbin/hald
 pidfile=/var/run/hald/hald.pid
 command_args=$hald_args
 name="Hardware Abstraction Layer Daemon"

support/init.d.examples/openvpn.in

@@ -12,10 +12,10 @@
 vpn=${RC_SVCNAME#*.}
 name="OpenVPN"
 [ "$vpn" != openvpn ] && name="$name ($vpn)"
-command=@PKG_PREFIX@/sbin/openvpn
+command=/sbin/openvpn
 
 pidfile=/var/run/"$RC_SVCNAME".pid
-: ${openvpn_dir:=@PKG_PREFIX@/etc/openvpn}
+: ${openvpn_dir:=/etc/openvpn}
 : ${openvpn_config:=$openvpn_dir/$vpn.conf}
 command_args="$openvpn_args --daemon --config $openvpn_config"
 command_args="$command_args --writepid $pidfile"

support/init.d.examples/polkitd.in

@@ -9,7 +9,7 @@
 # This file may not be copied, modified, propagated, or distributed
 # except according to the terms contained in the LICENSE file.
 
-command=@PKG_PREFIX@/sbin/polkitd
+command=/sbin/polkitd
 pidfile=/var/run/polkitd/polkitd.pid
 command_args="$polkitd_args"
 name="PolicyKit Daemon"

tools/meson_final.sh

@@ -10,4 +10,4 @@ if [ ${os} != Linux ]; then
 	install -d "${DESTDIR}/${rc_libexecdir}"/init.d
 fi
 install -d "${DESTDIR}/${rc_libexecdir}"/tmp
-install "${MESON_BUILD_ROOT}/src/common/version" "${DESTDIR}/${rc_libexecdir}"
+install -m 644 "${MESON_BUILD_ROOT}/src/common/version" "${DESTDIR}/${rc_libexecdir}"