rc.conf: set artix defaults

etc/rc.conf

@@ -19,7 +19,7 @@
 # If not specified we use $SHELL, otherwise the one specified in /etc/passwd,
 # otherwise /bin/sh
 # Linux users could specify /sbin/sulogin
-#rc_shell=/bin/sh
+rc_shell=/usr/bin/sulogin
 
 # Do we allow any started service in the runlevel to satisfy the dependency
 # or do we want all of them regardless of state? For example, if net.eth0
@@ -48,7 +48,7 @@
 # /var/log/rc.log
 # NOTE: Linux systems require the devfs service to be started before
 # logging can take place and as such cannot log the sysinit runlevel.
-#rc_logger="NO"
+rc_logger="YES"
 
 # Through rc_log_path you can specify a custom log file.
 # The default value is: /var/log/rc.log
@@ -89,7 +89,7 @@
 # There variables are shared between many init scripts
 
 # Set unicode to NO to turn off unicode support for keyboards and screens.
-#unicode="YES"
+unicode="YES"
 
 # This is how long fuser should wait for a remote server to respond. The
 # default is 60 seconds, but  it can be adjusted here.
@@ -194,6 +194,21 @@ rc_tty_number=12
 ##############################################################################
 # LINUX CGROUPS RESOURCE MANAGEMENT
 
+# This sets the mode used to mount cgroups.
+# "hybrid" mounts cgroups version 2 on /sys/fs/cgroup/unified and
+# cgroups version 1 on /sys/fs/cgroup.
+# "legacy" mounts cgroups version 1 on /sys/fs/cgroup
+# "unified" mounts cgroups version 2 on /sys/fs/cgroup
+rc_cgroup_mode="unified"
+
+# override cgroup controller name
+rc_cgroup_name="artix"
+
+# This is a list of controllers which should be enabled for cgroups version 2
+# when hybrid mode is being used.
+# Controllers listed here will not be available for cgroups version 1.
+#rc_cgroup_controllers=""
+
 # This variable contains the cgroups version 2 settings for your services.
 # If this is set in this file, the settings will apply to all services.
 # If you want different settings for each service, place the settings in
@@ -212,6 +227,64 @@ rc_tty_number=12
 # source tree.
 #rc_cgroup_settings=""
 
+# This switch controls whether or not cgroups version 1 controllers are
+# individually mounted under
+# /sys/fs/cgroup in hybrid or legacy mode.
+#rc_controller_cgroups="YES"
+
+# The following setting turns on the memory.use_hierarchy setting in the
+# root memory cgroup for cgroups v1.
+# It must be set to yes in this file if you want this functionality.
+#rc_cgroup_memory_use_hierarchy="NO"
+
+# The following settings allow you to set up values for the cgroups version 1
+# controllers for your services.
+# They can be set in this file;, however, if you do this, the settings
+# will apply to all of your services.
+# If you want different settings for each service, place the settings in
+# /etc/conf.d/foo for service foo.
+# The format is to specify the names of the settings followed by their
+# values. Each variable can hold multiple settings.
+# For example, you would use this to set the cpu.shares setting in the
+# cpu controller to 512 for your service.
+# rc_cgroup_cpu="
+# cpu.shares 512
+# "
+#
+# For more information about the adjustments that can be made with
+# cgroups version 1, see Documentation/cgroups-v1/* in the linux kernel
+# source tree.
+
+# Set the blkio controller settings for this service.
+#rc_cgroup_blkio=""
+
+# Set the cpu controller settings for this service.
+#rc_cgroup_cpu=""
+
+# Add this service to the cpuacct controller (any value means yes).
+#rc_cgroup_cpuacct=""
+
+# Set the cpuset controller settings for this service.
+#rc_cgroup_cpuset=""
+
+# Set the devices controller settings for this service.
+#rc_cgroup_devices=""
+
+# Set the hugetlb controller settings for this service.
+#rc_cgroup_hugetlb=""
+
+# Set the memory controller settings for this service.
+#rc_cgroup_memory=""
+
+# Set the net_cls controller settings for this service.
+#rc_cgroup_net_cls=""
+
+# Set the net_prio controller settings for this service.
+#rc_cgroup_net_prio=""
+
+# Set the pids controller settings for this service.
+#rc_cgroup_pids=""
+
 # Set this to YES if you want all of the processes in a service's cgroup
 # killed when the service is stopped or restarted.
 # Be aware that setting this to yes means all of a service's

init.d/cgroups.in

@@ -13,12 +13,61 @@ description="Mount the control groups."
 
 : "${cgroup_opts:="nodev,noexec,nosuid"}"
 
+rc_cgroup_name=${rc_cgroup_name:-openrc}
+
 depend()
 {
 	keyword -docker -prefix -systemd-nspawn -vserver
 	after sysfs
 }
 
+cgroup1_base()
+{
+	grep -qw cgroup /proc/filesystems || return 0
+	if ! mountinfo -q /sys/fs/cgroup; then
+		ebegin "Mounting cgroup filesystem"
+		local opts="${cgroup_opts},mode=755,size=${rc_cgroupsize:-10m}"
+		mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup
+		eend $?
+	fi
+
+	if ! mountinfo -q /sys/fs/cgroup/"${rc_cgroup_name}"; then
+		local agent="${RC_LIBEXECDIR}/sh/cgroup-release-agent.sh"
+		mkdir /sys/fs/cgroup/"${rc_cgroup_name}"
+		mount -n -t cgroup \
+			-o none,${cgroup_opts},name="${rc_cgroup_name}",release_agent="$agent" \
+			"${rc_cgroup_name}" /sys/fs/cgroup/"${rc_cgroup_name}"
+		printf 1 > /sys/fs/cgroup/"${rc_cgroup_name}"/notify_on_release
+	fi
+	return 0
+}
+
+cgroup1_controllers()
+{
+	yesno "${rc_controller_cgroups:-YES}" && [ -e /proc/cgroups ]  &&
+	grep -qw cgroup /proc/filesystems || return 0
+	while read -r name _ _ enabled _; do
+		case "${enabled}" in
+			1)	mountinfo -q "/sys/fs/cgroup/${name}" && continue
+				local x
+				for x in $rc_cgroup_controllers; do
+				[ "${name}" = "blkio" ] && [ "${x}" = "io" ] &&
+					continue 2
+				[ "${name}" = "${x}" ] &&
+				continue 2
+				done
+				mkdir "/sys/fs/cgroup/${name}"
+				mount -n -t cgroup -o "${cgroup_opts},${name}" \
+					"${name}" "/sys/fs/cgroup/${name}"
+				yesno "${rc_cgroup_memory_use_hierarchy:-no}" &&
+					[ "${name}" = memory ] &&
+					echo 1 > /sys/fs/cgroup/memory/memory.use_hierarchy
+				;;
+		esac
+	done < /proc/cgroups
+	return 0
+}
+
 cgroup2_base()
 {
 	grep -qw cgroup2 /proc/filesystems || return 0
@@ -27,6 +76,7 @@ cgroup2_base()
 	mkdir -p "${base}"
 	mount -t cgroup2 none -o "${cgroup_opts},nsdelegate" "${base}" 2> /dev/null ||
 		mount -t cgroup2 none -o "${cgroup_opts}" "${base}"
+ mkdir -p ${base}/"${rc_cgroup_name}"
 	return 0
 }
 
@@ -34,17 +84,44 @@ cgroup2_controllers()
 {
 	grep -qw cgroup2 /proc/filesystems || return 0
 	local active cgroup_path x y
-	cgroup_path="$(cgroup2_find_path)"
+	cgroup_path="$(cgroup2_find_path)/${rc_cgroup_name}"
 	[ -z "${cgroup_path}" ] && return 0
 	[ ! -e "${cgroup_path}/cgroup.controllers" ] && return 0
 	[ ! -e "${cgroup_path}/cgroup.subtree_control" ]&& return 0
 	read -r active < "${cgroup_path}/cgroup.controllers"
 	for x in ${active}; do
+	case "${rc_cgroup_mode:-unified}" in
+		unified)
 			echo "+${x}"  > "${cgroup_path}/cgroup.subtree_control"
+			;;
+		hybrid)
+			for y in ${rc_cgroup_controllers}; do
+				if [ "$x" = "$y" ]; then
+					echo "+${x}"  > "${cgroup_path}/cgroup.subtree_control"
+				fi
+			done
+			;;
+		esac
 	done
 	return 0
 }
 
+cgroups_hybrid()
+{
+	cgroup1_base
+	cgroup2_base
+	cgroup2_controllers
+	cgroup1_controllers
+	return 0
+}
+
+cgroups_legacy()
+{
+	cgroup1_base
+	cgroup1_controllers
+	return 0
+}
+
 cgroups_unified()
 {
 	cgroup2_base
@@ -54,7 +131,11 @@ cgroups_unified()
 
 mount_cgroups()
 {
-	cgroups_unified
+	case "${rc_cgroup_mode:-unified}" in
+	hybrid) cgroups_hybrid ;;
+	legacy) cgroups_legacy ;;
+	unified) cgroups_unified ;;
+	esac
 	return 0
 }
 

sh/cgroup-release-agent.sh.in

@@ -12,7 +12,7 @@
 # This file may not be copied, modified, propagated, or distributed
 #    except according to the terms contained in the LICENSE file.
 
-cgroup=/sys/fs/cgroup/openrc
+cgroup=/sys/fs/cgroup/"${rc_cgroup_name:-openrc}"
 PATH=/bin:/usr/bin:/sbin:/usr/sbin
 if [ -d ${cgroup}/"$1" ]; then
 	rmdir ${cgroup}/"$1"

sh/openrc-run.sh.in

@@ -259,6 +259,20 @@ for _cmd; do
 				eerror "${RC_SVCNAME}: unable to apply RC_ULIMIT settings"
 			fi
 		fi
+		# Apply cgroups settings if defined
+		if [ "$(command -v cgroup_add_service)" = "cgroup_add_service" ]
+		then
+			if grep -qs /sys/fs/cgroup /proc/1/mountinfo
+			then
+				if [ -d /sys/fs/cgroup -a ! -w /sys/fs/cgroup ]; then
+					eerror "No permission to apply cgroup settings"
+					break
+				fi
+			fi
+			cgroup_add_service
+		fi
+		[ "$(command -v cgroup_set_limits)" = "cgroup_set_limits" ] &&
+			cgroup_set_limits
 		[ "$(command -v cgroup2_set_limits)" = "cgroup2_set_limits" ] &&
 			[ "$_cmd" = start ] &&
 			cgroup2_set_limits

sh/rc-cgroup.sh

@@ -11,6 +11,21 @@
 extra_stopped_commands="${extra_stopped_commands} cgroup_cleanup"
 description_cgroup_cleanup="Kill all processes in the cgroup"
 
+cg2_sv_name="${RC_SVCNAME}.sv"
+
+cgroup_find_path()
+{
+	local OIFS name dir result
+	[ -n "$1" ] || return 0
+	OIFS="$IFS"
+	IFS=":"
+	while read -r _ name dir; do
+		[ "$name" = "$1" ] && result="$dir"
+	done < /proc/1/cgroup
+	IFS="$OIFS"
+	printf "%s" "${result}"
+}
+
 # This extracts all pids in a cgroup and puts them in the cgroup_pids
 # variable.
 # It is done this way to avoid subshells so we don't have to worry about
@@ -22,7 +37,9 @@ cgroup_get_pids()
 	cgroup_pids=
 	cgroup_procs="$(cgroup2_find_path)"
 	if [ -n "${cgroup_procs}" ]; then
-		cgroup_procs="${cgroup_procs}/openrc.${RC_SVCNAME}/cgroup.procs"
+		cgroup_procs="${cgroup_procs}/${rc_cgroup_name}/${cg2_sv_name}/cgroup.procs"
+	else
+		cgroup_procs="/sys/fs/cgroup/"${rc_cgroup_name}"/${RC_SVCNAME}/tasks"
 	fi
 	[ -f "${cgroup_procs}" ] || return 0
 	while read -r p; do
@@ -34,13 +51,115 @@ cgroup_get_pids()
 
 cgroup_running()
 {
-			[ -d "/sys/fs/cgroup/${RC_SVCNAME}" ]
+	[ -d "/sys/fs/cgroup/unified/${RC_SVCNAME}" ] ||
+			[ -d "/sys/fs/cgroup/${RC_SVCNAME}" ] ||
+			[ -d "/sys/fs/cgroup/"${rc_cgroup_name}"/${RC_SVCNAME}" ]
+}
+
+cgroup_set_values()
+{
+	[ -n "$1" ] && [ -n "$2" ] && [ -d "/sys/fs/cgroup/$1" ] || return 0
+
+	local controller h
+	controller="$1"
+	h=$(cgroup_find_path "$1")
+	cgroup="/sys/fs/cgroup/${1}${h}"${rc_cgroup_name}"_${RC_SVCNAME}"
+	[ -d "$cgroup" ] || mkdir -p "$cgroup"
+
+	set -- $2
+	local name val
+	while [ -n "$1" ] && [ "$controller" != "cpuacct" ]; do
+		case "$1" in
+			$controller.*)
+				if [ -n "${name}" ] && [ -w "${cgroup}/${name}" ] &&
+					[ -n "${val}" ]; then
+					veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
+					printf "%s" "$val" > "$cgroup/$name"
+				fi
+				name=$1
+				val=
+				;;
+			*)
+				[ -n "$val" ] &&
+					val="$val $1" ||
+					val="$1"
+				;;
+		esac
+		shift
+	done
+	if [ -n "${name}" ] && [ -w "${cgroup}/${name}" ] && [ -n "${val}" ]; then
+		veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
+		printf "%s" "$val" > "$cgroup/$name"
+	fi
+
+	if [ -w "$cgroup/tasks" ]; then
+		veinfo "$RC_SVCNAME: adding to $cgroup/tasks"
+		printf "%d" 0 > "$cgroup/tasks"
+	fi
+
+	return 0
+}
+
+cgroup_add_service()
+{
+    # relocate starting process to the top of the cgroup
+    # it prevents from unwanted inheriting of the user
+    # cgroups. But may lead to a problems where that inheriting
+    # is needed.
+	for d in /sys/fs/cgroup/* ; do
+		[ -w "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
+	done
+
+	openrc_cgroup=/sys/fs/cgroup/"${rc_cgroup_name}"
+	if [ -d "$openrc_cgroup" ]; then
+		cgroup="$openrc_cgroup/$RC_SVCNAME"
+		mkdir -p "$cgroup"
+		[ -w "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
+	fi
+}
+
+cgroup_set_limits()
+{
+	local blkio="${rc_cgroup_blkio:-$RC_CGROUP_BLKIO}"
+	[ -n "$blkio" ] && cgroup_set_values blkio "$blkio"
+
+	local cpu="${rc_cgroup_cpu:-$RC_CGROUP_CPU}"
+	[ -n "$cpu" ] && cgroup_set_values cpu "$cpu"
+
+	local cpuacct="${rc_cgroup_cpuacct:-$RC_CGROUP_CPUACCT}"
+	[ -n "$cpuacct" ] && cgroup_set_values cpuacct "$cpuacct"
+
+	local cpuset="${rc_cgroup_cpuset:-$RC_CGROUP_cpuset}"
+	[ -n "$cpuset" ] && cgroup_set_values cpuset "$cpuset"
+
+	local devices="${rc_cgroup_devices:-$RC_CGROUP_DEVICES}"
+	[ -n "$devices" ] && cgroup_set_values devices "$devices"
+
+	local hugetlb="${rc_cgroup_hugetlb:-$RC_CGROUP_HUGETLB}"
+	[ -n "$hugetlb" ] && cgroup_set_values hugetlb "$hugetlb"
+
+	local memory="${rc_cgroup_memory:-$RC_CGROUP_MEMORY}"
+	[ -n "$memory" ] && cgroup_set_values memory "$memory"
+
+	local net_cls="${rc_cgroup_net_cls:-$RC_CGROUP_NET_CLS}"
+	[ -n "$net_cls" ] && cgroup_set_values net_cls "$net_cls"
+
+	local net_prio="${rc_cgroup_net_prio:-$RC_CGROUP_NET_PRIO}"
+	[ -n "$net_prio" ] && cgroup_set_values net_prio "$net_prio"
+
+	local pids="${rc_cgroup_pids:-$RC_CGROUP_PIDS}"
+	[ -n "$pids" ] && cgroup_set_values pids "$pids"
+
+	return 0
 }
 
 cgroup2_find_path()
 {
 	if grep -qw cgroup2 /proc/filesystems; then
-			printf "/sys/fs/cgroup"
+		case "${rc_cgroup_mode:-unified}" in
+			hybrid) printf "/sys/fs/cgroup/unified" ;;
+			unified) printf "/sys/fs/cgroup" ;;
+		esac
 	fi
 		return 0
 }
@@ -50,7 +169,7 @@ cgroup2_remove()
 	local cgroup_path rc_cgroup_path
 	cgroup_path="$(cgroup2_find_path)"
 	[ -z "${cgroup_path}" ] && return 0
-	rc_cgroup_path="${cgroup_path}/openrc.${RC_SVCNAME}"
+	rc_cgroup_path="${cgroup_path}/${rc_cgroup_name}/${cg2_sv_name}"
 	[ ! -d "${rc_cgroup_path}" ] ||
 		[ ! -e "${rc_cgroup_path}"/cgroup.events ] &&
 		return 0
@@ -74,7 +193,7 @@ cgroup2_set_limits()
 	cgroup_path="$(cgroup2_find_path)"
 	[ -z "${cgroup_path}" ] && return 0
 	mountinfo -q "${cgroup_path}"|| return 0
-	rc_cgroup_path="${cgroup_path}/openrc.${RC_SVCNAME}"
+	rc_cgroup_path="${cgroup_path}/${rc_cgroup_name}/${cg2_sv_name}"
 	[ ! -d "${rc_cgroup_path}" ] && mkdir "${rc_cgroup_path}"
 	[ -f "${rc_cgroup_path}"/cgroup.procs ] &&
 		printf 0 > "${rc_cgroup_path}"/cgroup.procs
@@ -93,7 +212,7 @@ cgroup2_kill_cgroup() {
 	local cgroup_path
 	cgroup_path="$(cgroup2_find_path)"
 	[ -z "${cgroup_path}" ] && return 1
-	rc_cgroup_path="${cgroup_path}/openrc.${RC_SVCNAME}"
+	rc_cgroup_path="${cgroup_path}/${rc_cgroup_name}/${cg2_sv_name}"
 	if [ -f "${rc_cgroup_path}"/cgroup.kill ]; then
 		printf "%d" 1 > "${rc_cgroup_path}"/cgroup.kill
 	fi