Update ChangeLog

If a service has the same name as the runlevel it is in, openrc will
crash on changing to such runlevel. It goes in a recursive madness and
eventually gets a SEGV while in snprintf (don't know why).

This fixes two errors:
1. ls_dir stats files not with full path -> stat always returns != 0
2. ls_dir adds files to list if stat failed

This fixes #53.

X-Gentoo-Bug: 537304
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=537304

BUSYBOX.md

@@ -1,6 +1,4 @@
-Using Busybox as your Default Shell
------------------------------------
-
+# Using Busybox as your Default Shell with OpenRC
 
 If you have/bin/sh linked to busybox, you need to be aware of several
 incompatibilities between busybox's applets and the standalone
@@ -27,5 +25,8 @@ CONFIG_SETFONT -- The setfont applet does not support the -u option from kbd.
 CONFIG_IP -- The ip applet  doesn't support the "scope" modifier for
 "ip route add" and "ip address add".
 
+CONFIG_BB_SYSCTL -- The sysctl applet does not support the --system command
+line switch.
+
 There is work to get most of these supported by busybox, so this file
 will be updated as things change.

FEATURE-REMOVAL-SCHEDULE.md

@@ -1,34 +1,31 @@
+# Features Scheduled for Removal
+
 The following is a list of files and features that are going to be removed in
 the source tree.  Every entry should contain what exactly is going away, why it
 is happening, and who is going to be doing the work.  When the feature is
 removed, it should also be removed from this file.
 
----------------------------
-
-What: Service pause action
+## Service pause action
 
 When: 1.0
 
-Why: ...
+Why: The same affect can be obtained with the --nodeps option to stop.
 
 Who:
 
----------------------------
-
-What: start-stop-daemon options --startas, --chuid , --oknodo
+## start-stop-daemon options --startas, --chuid , --oknodo
 
 When: 1.0
 
 Why: Obsolete or replaced by other options.
-	 --startas => use --name or --exec
-	 --chuid => use --user
-	 --oknodo => ignore return code instead
+
+* --startas => use --name or --exec
+* --chuid => use --user
+* --oknodo => ignore return code instead
 
 Who:
 
----------------------------
-
-What: runscript and rc symbolic links
+## runscript and rc symbolic links
 
 When: 1.0
 
@@ -37,9 +34,7 @@ Why: Deprecated in favor of openrc-run and openrc due to naming
 
 Who:
 
----------------------------
-
-What: support for the opts variable in service scripts
+## support for the opts variable in service scripts
 
 When: 1.0
 
@@ -48,9 +43,7 @@ Why: Depprecated in favor of extra_commands, extra_started_commands
 
 Who:
 
----------------------------
-
-What: support for local_start and local_stop
+## support for local_start and local_stop
 
 When: 1.0
 
@@ -58,9 +51,7 @@ Why: Depprecated in favor of executable scripts in @SYSCONFDIR@/local.d
 
 Who:
 
----------------------------
-
-What: the mtab service script
+## the mtab service script
 
 When: make warnings more visible in 1.0, remove in 2.0
 
@@ -68,5 +59,3 @@ Why: /etc/mtab should be a symbolic link to /proc/self/mounts on modern
 	 Linux systems
 
 Who:
-
----------------------------

HISTORY.md

@@ -1,3 +1,5 @@
+# OpenRC History
+
 This history of OpenRC was written by Daniel Robbins, Roy Marples, William
 Hubbs and others.
 

Makefile

@@ -2,7 +2,10 @@
 # Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
 
-include Makefile.inc
+TOP:=		${dir ${realpath ${firstword ${MAKEFILE_LIST}}}}
+MK=			${TOP}/mk
+
+include ${TOP}/Makefile.inc
 
 SUBDIR=		conf.d etc init.d local.d man scripts sh src sysctl.d
 
@@ -17,12 +20,11 @@ SUBDIR+=	runlevels
 
 INSTALLAFTER=	_installafter
 
-MK= 		mk
 include ${MK}/sys.mk
 include ${MK}/os.mk
 include ${MK}/subdir.mk
 include ${MK}/dist.mk
-include ${MK}/git.mk
+include ${MK}/gitver.mk
 
 _installafter:
 ifeq (${MKPREFIX},yes)

Makefile.inc

@@ -1,3 +1,3 @@
 NAME=		openrc
-VERSION=	0.13
+VERSION=	0.15.1
 PKG=		${NAME}-${VERSION}

NEWS.md

@@ -0,0 +1,63 @@
+# OpenRC NEWS
+
+This file will contain a list of notable changes for each release. Note
+the information in this file is in reverse order.
+
+## OpenRC-0.14
+
+The binfmt service, which registers misc binary formats with the Linux
+kernel, has been separated from the procfs service. This service will be
+automatically added to the boot runlevel for new Linux installs. When
+you upgrade, you will need to use rc-update to add it to your boot
+runlevel.
+
+The procfs service no longer automounts the deprecated usbfs and
+usbdevfs file systems. Nothing should be using usbdevfs any longer, and
+if you still need usbfs it can be added to fstab.
+
+Related to the above change, the procfs service no longer attempts to
+modprobe the usbcore module. If your device manager does not load it,
+you will need to configure the modules service to do so.
+
+The override order of binfmt.d and tmpfiles.d directories has been
+changed to match systemd. Files in /run/binfmt.d and /run/tmpfiles.d
+override their /usr/lib counterparts, and files in the /etc counterparts
+override both /usr/lib and /run.
+
+## OpenRC-0.13.2
+
+A chroot variable has been added to the service script variables.
+This fixes the support for running a service in a chroot.
+This is documented in man 8 openrc-run.
+
+The netmount service now mounts nfs file systems.
+This change was made to correct a fix for an earlier bug.
+
+## OpenRC-0.13
+
+/sbin/rc was renamed to /sbin/openrc and /sbin/runscript was renamed to
+/sbin/openrc-run due to naming conflicts with other software.
+
+Backward compatible symbolic links are currently in place so your
+system will keep working if you are using the old names; however, it is
+strongly advised that you migrate to the new names because the symbolic
+links will be removed in the future.
+Warnings have been added to assist with this migration; however, due to the
+level of noise they produce, they only appear in verbose mode in this release.
+
+The devfs script now handles the initial mounting and setup of the
+/dev directory. If /dev has already been mounted by the kernel or an
+initramfs, devfs will remount /dev with the correct mount options
+instead of mounting a second /dev over the existing mount point.
+
+It attempts to mount /dev from fstab first if an entry exists there. If
+it doesn't it attempts to mount devtmpfs if it is configured in the
+kernel. If not, it attempts to mount tmpfs.
+If none of these is available, an error message is displayed and static
+/dev is assumed.
+
+## OpenRC-0.12
+
+The net.* scripts, originally from Gentoo Linux, have
+been removed. If you need these scripts, look for a package called
+netifrc, which is maintained by them.

README

@@ -1,94 +0,0 @@
-OpenRC README
-
-
-Installation
-------------
-make install
-Yup, that simple. Works with GNU make.
-
-You may wish to tweak the installation with the below arguments
-PROGLDFLAGS=-static
-LIBNAME=lib64
-DESTDIR=/tmp/openrc-image
-MKNET=no
-MKPAM=pam
-MKPREFIX=yes
-MKPKGCONFIG=no
-MKSELINUX=yes
-MKSTATICLIBS=no
-MKTERMCAP=ncurses
-MKTERMCAP=termcap
-MKTOOLS=yes
-PKG_PREFIX=/usr/pkg
-LOCAL_PREFIX=/usr/local
-PREFIX=/usr/local
-
-We don't support building a static OpenRC with PAM.
-You may need to use PROGLDFLAGS=-Wl,-Bstatic on glibc instead of just -static.
-If you debug memory under valgrind, add -DDEBUG_MEMORY to your CPPFLAGS
-so that all malloc memory should be freed at exit.
-If you are building OpenRC for a Gentoo Prefix installation, add
-MKPREFIX=yes.
-
-You can also brand OpenRC if you so wish like so
-BRANDING=\"Gentoo/$(uname -s)\"
-
-PKG_PREFIX should be set to where packages install to by default.
-LOCAL_PREFIX should be set when to where user maintained packages are.
-Only set LOCAL_PREFIX if different from PKG_PREFIX.
-PREFIX should be set when OpenRC is not installed to /.
-
-If any of the following files exist then we do not overwrite them
-/etc/devd.conf
-/etc/rc
-/etc/rc.shutdown
-/etc/conf.d/*
-
-rc and rc.shutdown are the hooks from the BSD init into OpenRC.
-devd.conf is modified from FreeBSD to call /etc/rc.devd which is a generic
-hook into OpenRC.
-inittab is the same, but for SysVInit as used by most Linux distributions.
-This can be found in the support folder.
-Obviously, if you're installing this onto a system that does not use OpenRC
-by default then you may wish to backup the above listed files, remove them
-and then install so that the OS hooks into OpenRC.
-
-init.d.misc is not installed by default as the scripts will need
-tweaking on a per distro basis. They are also non essential to the operation
-of the system.
-
-As of OpenRC-0.12, the net.* scripts, originally from Gentoo Linux, have
-been removed. If you need these scripts, look for a package called
-netifrc, which is maintained by them.
-
-As of OpenRC-0.13, two binaries have been renamed due to naming
-conflicts with other software. The /sbin/rc binary was renamed to
-/sbin/openrc, and /sbin/runscript was renamed to /sbin/openrc-run.
-
-Backward compatible symbolic links are currently in place so your
-system will keep working if you are using the old names; however, it is
-strongly advised that you migrate to the new names because the symbolic
-links will be removed in the future.
-
-Warnings have been added to assist with this migration; however, they
-only show in verbose mode in this release due to the level of noise they
-produce.
-
-Also, the devfs script now handles the initial mounting and setup of the
-/dev directory. If /dev has already been mounted by the kernel or an
-initramfs, devfs will remount /dev with the correct mount options
-instead of mounting a second /dev over the existing mount point.
-
-It attempts to mount /dev from fstab first if an entry exists there. If
-it doesn't it attempts to mount devtmpfs if it is configured in the
-kernel. If not, it attempts to mount tmpfs.
-If none of these is available, an error message is displayed and static
-/dev is assumed.
-
-Reporting Bugs
---------------
-Since Gentoo Linux is hosting OpenRC development, Bugs should go to
-the Gentoo Bugzilla:
-	http://bugs.gentoo.org/
-They should be filed under the "Gentoo Hosted Projects" product and
-the "openrc" component.

README.md

@@ -0,0 +1,99 @@
+# OpenRC README
+
+OpenRC is a dependency-based init system that works with the
+system-provided init program, normally `/sbin/init`. Currently, it does
+not have an init program of its own.
+
+## Installation
+
+OpenRC requires GNU make.
+
+Once you have GNU Make installed, the default OpenRC installation can be
+executed using this command:
+
+make install
+
+## Configuration
+
+You may wish to configure the installation by passing one or more of the
+below arguments to the make command
+
+```
+PROGLDFLAGS=-static
+LIBNAME=lib64
+DESTDIR=/tmp/openrc-image
+MKNET=no
+MKPAM=pam
+MKPREFIX=yes
+MKPKGCONFIG=no
+MKSELINUX=yes
+MKSTATICLIBS=no
+MKTERMCAP=ncurses
+MKTERMCAP=termcap
+MKTOOLS=yes
+PKG_PREFIX=/usr/pkg
+LOCAL_PREFIX=/usr/local
+PREFIX=/usr/local
+BRANDING=\"Gentoo/$(uname -s)\"
+```
+
+## Notes
+
+We don't support building a static OpenRC with PAM.
+
+You may need to use `PROGLDFLAGS=-Wl,-Bstatic` on glibc instead of just `-static`.
+
+If you debug memory under valgrind, add `-DDEBUG_MEMORY`
+to your `CPPFLAGS` so that all malloc memory should be freed at exit.
+
+If you are building OpenRC for a Gentoo Prefix installation, add `MKPREFIX=yes`.
+
+`PKG_PREFIX` should be set to where packages install to by default.
+
+`LOCAL_PREFIX` should be set when to where user maintained packages are.
+Only set `LOCAL_PREFIX` if different from `PKG_PREFIX`.
+
+`PREFIX` should be set when OpenRC is not installed to /.
+
+If any of the following files exist then we do not overwrite them
+
+```
+/etc/devd.conf
+/etc/rc
+/etc/rc.shutdown
+/etc/conf.d/*
+```
+
+`rc` and `rc.shutdown` are the hooks from the BSD init into OpenRC.
+
+`devd.conf` is modified from FreeBSD to call `/etc/rc.devd` which is a
+generic hook into OpenRC.
+
+`inittab` is the same, but for SysVInit as used by most Linux distributions.
+This can be found in the support folder.
+
+Obviously, if you're installing this onto a system that does not use
+OpenRC by default then you may wish to backup the above listed files,
+remove them and then install so that the OS hooks into OpenRC.
+
+`init.d.misc` is not installed by default as the scripts will need
+tweaking on a per distro basis. They are also non essential to the
+operation of the system.
+
+## Reporting Bugs
+
+If you are using Gentoo Linux, bugs can be filed on their bugzilla under
+the `gentoo hosted projects` product and the `openrc` component [1].
+Otherwise, you can report issues on our github [2].
+
+Better yet, if you can contribute code, please feel free to submit pull
+requests [3].
+
+## IRC Channel
+
+We have an official irc channel, #openrc on freenode, feel free to join
+us there.
+
+[1]	https://bugs.gentoo.org/
+[2]	https://github.com/openrc/openrc/issues
+[3]	https://github.com/openrc/openrc/pulls

STYLE-GUIDE.md

@@ -1,23 +1,23 @@
+# OpenRC Style Guide
+
 This is the openrc style manual.  It governs the coding style of all code
 in this repository.  Follow it.  Contact openrc@gentoo.org for any questions
 or fixes you might notice.
 
-##########
-# C CODE #
-##########
+## C CODE
 
-The BSD Kernel Normal Form (KNF) style is used:
-	http://en.wikipedia.org/wiki/Indent_style#BSD_KNF_style
-Basically, it's like K&R/LKML, but wrapped lines that are indented use 4 spaces.
+The BSD Kernel Normal Form (KNF) style is used [1]. Basically, it is like
+K&R/LKML, but wrapped lines that are indented use 4 spaces. Here are the
+highlights.
 
-Highlights:
-	- no trailing whitespace
-	- indented code use tabs (not line wrapped)
-	- cuddle the braces (except for functions)
-	- space after native statements and before paren (for/if/while/...)
-	- no space between function and paren
-	- pointer asterisk cuddles the variable, not the type
+- no trailing whitespace
+- indented code use tabs (not line wrapped)
+- cuddle the braces (except for functions)
+- space after native statements and before paren (for/if/while/...)
+- no space between function and paren
+- pointer asterisk cuddles the variable, not the type
 
+```
 void foo(int c)
 {
 	int ret = 0;
@@ -32,16 +32,15 @@ void foo(int c)
 
 	return ret;
 }
+```
 
-##################
-# COMMIT MESSAGES #
-##################
+## COMMIT MESSAGES
 
 The following is an example of a correctly formatted git commit message
 for this repository. Most of this information came from this blog post
-[1], so I would like to thank the author.
+[2], so I would like to thank the author.
 
-### cut here ###
+```
 Capitalized, short (50 chars or less) summary
 
 More detailed explanatory text, if necessary.  Wrap it to about 72
@@ -67,7 +66,7 @@ Further paragraphs come after blank lines.
 Reported-by: User Name <email>
 X-[Distro]-Bug: BugID
 X-[Distro]-Bug-URL: URL for the bug (on the distribution's web site typically)
-### cut here ###
+```
 
 If you did not write the code and the patch does not include authorship
 information in a format git can use, please use the --author option of the
@@ -81,5 +80,5 @@ different from the author and committer.
   *BSD. Also, [Distro] should be replaced with the name of the
   distribution, e.g. X-Gentoo-Bug.
 
-[1] http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
-
+[1]	http://en.wikipedia.org/wiki/Indent_style#BSD_KNF_style
+[2] http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html

conf.d/network.GNU-kFreeBSD.in

@@ -0,0 +1,4 @@
+
+# You can assign a default route
+#defaultroute="192.168.0.1"
+#defaultroute6="2001:a:b:c"

conf.d/network.GNU.in

@@ -0,0 +1,4 @@
+
+# You can assign a default route
+#defaultroute="gw 192.168.0.1"
+#defaultroute6="gw 2001:a:b:c"

conf.d/staticroute.GNU-kFreeBSD.in

@@ -0,0 +1,5 @@
+# Separate multiple routes using ; or new lines.
+
+# Example static routes. See route(8) for syntax.
+#staticroute="net 192.168.0.0 10.73.1.1 netmask 255.255.255.0
+#net 192.168.1.0 10.73.1.1 netmask 255.255.255.0"

conf.d/staticroute.GNU.in

@@ -0,0 +1,7 @@
+# Separate multiple routes using ; or new lines.
+# /etc/route.conf(5) takes precedence over this configuration.
+
+# Example static routes. See route(8) for syntax.
+# FIXME: "net ..." not supported
+#staticroute="net 192.168.0.0 -netmask 255.255.255.0 --address 10.73.1.1
+#net 192.168.1.0 -netmask 255.255.255.0 --address 10.73.1.1"

etc/rc.conf.GNU

@@ -0,0 +1,14 @@
+##############################################################################
+# GNU/Hurd SPECIFIC OPTIONS
+
+# This is the subsystem type. Valid options on GNU/Hurd:
+# ""        - nothing special
+# "subhurd" - Hurd subhurds (to be checked)
+# If this is commented out, automatic detection will be used.
+#
+# This should be set to the value representing the environment this file is
+# PRESENTLY in, not the virtualization the environment is capable of.
+#rc_sys=""
+# This is the number of tty's used in most of the rc-scripts (like
+# consolefont, numlock, etc ...)
+#rc_tty_number=6?

etc/rc.conf.Linux

@@ -2,14 +2,15 @@
 # LINUX SPECIFIC OPTIONS
 
 # This is the subsystem type. Valid options on Linux:
-# ""        - nothing special
-# "lxc"     - Linux Containers
-# "openvz"  - Linux OpenVZ
-# "prefix"  - Prefix
-# "uml"     - Usermode Linux
-# "vserver" - Linux vserver
-# "xen0"    - Xen0 Domain
-# "xenU"    - XenU Domain
+# ""               - nothing special
+# "lxc"            - Linux Containers
+# "openvz"         - Linux OpenVZ
+# "prefix"         - Prefix
+# "uml"            - Usermode Linux
+# "vserver"        - Linux vserver
+# "systemd-nspawn" - Container created by the systemd-nspawn utility
+# "xen0"           - Xen0 Domain
+# "xenU"           - XenU Domain
 # If this is commented out, automatic detection will be used.
 #
 # This should be set to the value representing the environment this file is

etc/rc.in

@@ -10,9 +10,9 @@
 trap : SIGINT
 trap "echo 'Boot interrupted'; exit 1" SIGQUIT
 
-/sbin/rc sysinit || exit 1
-/sbin/rc boot || exit 1
-/sbin/rc default
+/sbin/openrc sysinit || exit 1
+/sbin/openrc boot || exit 1
+/sbin/openrc default
 
 # We don't actually care if rc default worked or not, we should exit 0
 # to allow logins

etc/rc.shutdown.in

@@ -14,4 +14,4 @@ LD_LIBRARY_PATH="/lib${LD_LIBRARY_PATH:+:}${LDLIBRARY_PATH}" ; export LD_LIBRARY
 [ -z "$TERM" -o "$TERM" = "dumb" ] && TERM="@TERM@" && export TERM
 
 action=${1:-shutdown}
-exec /sbin/rc "${action}"
+exec /sbin/openrc "${action}"

init.d/.gitignore

@@ -23,6 +23,7 @@ modules
 mount-ro
 mtab
 numlock
+osclock
 procfs
 staticroute
 sysfs

init.d/Makefile

@@ -2,7 +2,7 @@ include ../mk/net.mk
 
 DIR=	${INITDIR}
 SRCS=	bootmisc.in fsck.in hostname.in local.in localmount.in loopback.in \
-	netmount.in root.in savecache.in swap.in swapfiles.in \
+	netmount.in osclock.in root.in savecache.in swap.in swapfiles.in \
 	tmpfiles.setup.in swclock.in sysctl.in urandom.in ${SRCS-${OS}}
 BIN=	${OBJS}
 
@@ -21,7 +21,7 @@ SRCS-FreeBSD=	hostid.in moused.in newsyslog.in pf.in rarpd.in rc-enabled.in \
 SRCS-FreeBSD+=	adjkerntz.in devd.in dumpon.in encswap.in ipfw.in \
 		mixer.in nscd.in powerd.in syscons.in
 
-SRCS-Linux=	devfs.in dmesg.in hwclock.in consolefont.in keymaps.in \
+SRCS-Linux=	binfmt.in devfs.in dmesg.in hwclock.in consolefont.in keymaps.in \
 		killprocs.in modules.in mount-ro.in mtab.in numlock.in \
 		procfs.in sysfs.in termencoding.in tmpfiles.dev.in
 

init.d/binfmt.in

@@ -0,0 +1,20 @@
+#!@SBINDIR@/openrc-run
+# Copyright 2015 William Hubbs <w.d.hubbs@gmail.com>
+# Released under the 2-clause BSD license.
+
+description="Register misc binary format handlers"
+
+depend()
+{
+	after procfs
+	use modules devfs
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
+}
+
+start()
+{
+	ebegin "Loading custom binary format handlers"
+	"$RC_LIBEXECDIR"/sh/binfmt.sh
+	eend $?
+return 0
+}

init.d/bootmisc.in

@@ -119,11 +119,32 @@ clean_run()
 {
 	[ "$RC_SYS" = VSERVER -o "$RC_SYS" = LXC ] && return 0
 	local dir
+	# If / is still read-only due to a problem, this will fail!
+	if ! checkpath -W /; then
+		eerror "/ is not writable; unable to clean up underlying /run"
+		return 1
+	fi
+	if ! checkpath -W /tmp; then
+		eerror "/tmp is not writable; unable to clean up underlying /run"
+		return 1
+	fi
+	# Now we know that we can modify /tmp and /
+	# if mktemp -d fails, it returns an EMPTY string
+	# STDERR: mktemp: failed to create directory via template ‘/tmp/tmp.XXXXXXXXXX’: Read-only file system
+	# STDOUT: ''
+	rc=0
 	dir=$(mktemp -d)
-	mount --bind / $dir
-	rm -rf $dir/run/*
-	umount $dir
-	rm -rf $dir
+	if [ -n "$dir" -a -d $dir -a -w $dir ]; then
+		mount --bind / $dir && rm -rf $dir/run/* || rc=1
+		umount $dir
+		rm -rf $dir
+	else
+		rc=1
+	fi
+	if [ $rc -ne 0 ]; then
+		eerror "Could not clean up underlying /run on /"
+		return 1
+	fi
 }
 
 start()

init.d/consolefont.in

@@ -8,7 +8,7 @@ depend()
 {
 	need localmount termencoding
 	after hotplug bootmisc
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 start()

init.d/devfs.in

@@ -8,7 +8,7 @@ depend()
 {
 	provide dev-mount
 	before dev
-	keyword -prefix -vserver -lxc
+	keyword -prefix -systemd-nspawn -vserver -lxc
 }
 
 mount_dev()
@@ -69,7 +69,14 @@ seed_dev()
 	# so udev can add its start-message to dmesg
 	[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
 
-	# Mount required stuff as user may not have then in /etc/fstab
+	# extra symbolic links not provided by default
+	[ -e /dev/fd ] || ln -snf /proc/self/fd /dev/fd
+	[ -e /dev/stdin ] || ln -snf /proc/self/fd/0 /dev/stdin
+	[ -e /dev/stdout ] || ln -snf /proc/self/fd/1 /dev/stdout
+	[ -e /dev/stderr ] || ln -snf /proc/self/fd/2 /dev/stderr
+	[ -e /proc/kcore ] && ln -snf /proc/kcore /dev/core
+
+	# Mount required directories as user may not have them in /etc/fstab
 	for x in \
 		"mqueue /dev/mqueue 1777 ,nodev mqueue" \
 		"devpts /dev/pts 0755 ,gid=5,mode=0620 devpts" \

init.d/dmesg.in

@@ -7,7 +7,7 @@ description="Set the dmesg level for a cleaner boot"
 depend()
 {
 	before dev modules
-	keyword -lxc -prefix -vserver
+	keyword -lxc -prefix -systemd-nspawn -vserver
 }
 
 start()

init.d/fsck.in

@@ -9,7 +9,7 @@ _IFS="
 depend()
 {
 	use dev clock modules
-	keyword -jail -openvz -prefix -timeout -vserver -lxc -uml
+	keyword -jail -openvz -prefix -systemd-nspawn -timeout -vserver -lxc -uml
 }
 
 _abort() {

init.d/hostname.in

@@ -5,7 +5,7 @@
 description="Sets the hostname of the machine."
 
 depend() {
-	keyword -prefix -lxc
+	keyword -prefix -systemd-nspawn -lxc
 }
 
 start()

init.d/hwclock.in

@@ -28,7 +28,7 @@ depend()
 	else
 		before *
 	fi
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 setupopts()

init.d/keymaps.in

@@ -8,7 +8,7 @@ depend()
 {
 	need localmount termencoding
 	after bootmisc
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 start()

init.d/local.in

@@ -14,12 +14,13 @@ start()
 {
 	ebegin "Starting local"
 
-	local file has_errors=0 retval
+	local file has_errors=0 redirect retval
+	yesno $rc_verbose || redirect='> /dev/null 2>&1'
 	eindent
 	for file in @SYSCONFDIR@/local.d/*.start; do
 		if [ -x "${file}" ]; then
 			vebegin "Executing \"${file}\""
-			"${file}" 2>&1 >/dev/null
+			eval "${file}" $redirect
 			retval=$?
 			if [ ${retval} -ne 0 ]; then
 				has_errors=1
@@ -52,12 +53,13 @@ stop()
 {
 	ebegin "Stopping local"
 
-	local file has_errors=0 retval
+	local file has_errors=0 redirect retval
+	yesno $rc_verbose || redirect='> /dev/null 2>&1'
 	eindent
 	for file in @SYSCONFDIR@/local.d/*.stop; do
 		if [ -x "${file}" ]; then
 			vebegin "Executing \"${file}\""
-			"${file}" 2>&1 >/dev/null
+			eval "${file}" $redirect
 			retval=$?
 			if [ ${retval} -ne 0 ]; then
 				has_errors=1

init.d/localmount.in

@@ -9,7 +9,7 @@ depend()
 	need fsck
 	use lvm modules mtab
 	after lvm modules
-	keyword -jail -prefix -vserver -lxc
+	keyword -jail -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()
@@ -63,6 +63,31 @@ stop()
 
 	. "$RC_LIBEXECDIR"/sh/rc-mount.sh
 
+	if [ "$RC_UNAME" = Linux ] && [ -d /sys/fs/aufs ] ; then
+		#if / is aufs we remount it noxino during shutdown
+		if mountinfo -q -f '^aufs$' / ; then
+			mount -o remount,noxino,rw /
+			sync
+		fi
+
+		local aufs_branch aufs_mount_dir aufs_mount_point aufs_si_dir aufs_si_id
+		for aufs_si_dir in /sys/fs/aufs/*; do
+			aufs_mount_dir=${aufs_si_dir#/sys/fs/aufs/}
+			aufs_si_id="$(printf "%s" $aufs_mount_dir | sed 's/_/=/g')"
+			aufs_mount_point="$(mountinfo -o ${aufs_si_id})"
+			for x in $aufs_si_dir/br[0-9][0-9][0-9]; do
+				aufs_branch=$(sed 's/=.*//g' $x)
+				eindent
+				if ! mount -o "remount,del:$aufs_branch" "$aufs_mount_point" > /dev/null 2>&1; then
+					ewarn "Failed to remove branch $aufs_branch from aufs \
+						$aufs_mount_point"
+				fi
+				eoutdent
+				sync
+			done
+		done
+	fi
+
 	# Umount loop devices
 	einfo "Unmounting loop devices"
 	eindent

init.d/loopback.in

@@ -6,7 +6,7 @@ description="Configures the loopback interface."
 
 depend()
 {
-	keyword -jail -prefix -vserver
+	keyword -jail -prefix -systemd-nspawn -vserver
 }
 
 start()

init.d/modules.in

@@ -7,7 +7,7 @@ description="Loads a user defined list of kernel modules."
 depend()
 {
 	use isapnp
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/mount-ro.in

@@ -7,7 +7,7 @@ description="Re-mount filesytems read-only for a clean reboot."
 depend()
 {
 	need killprocs savecache
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/mtab.in

@@ -7,33 +7,35 @@ description="Update /etc/mtab to match what the kernel knows about"
 depend()
 {
 	need root
-	keyword -prefix
+	keyword -prefix -systemd-nspawn
 }
 
 start()
 {
-	if [ -L /etc/mtab ]; then
-		return 0
-	fi
-
+	[ -L /etc/mtab ] && return 0
+	local rc=0
 	ebegin "Updating /etc/mtab"
-	vewarn "The support for updating /etc/mtab as a file is"
-	vewarn "deprecated and will be removed in the future."
-	vewarn "Please run the following command as root on your system."
-	vewarn
-	vewarn "ln -snf /proc/self/mounts /etc/mtab"
-	if ! echo 2>/dev/null >/etc/mtab; then
-		ewend 1 "/etc/mtab is not updateable"
-		return 0
+	if ! checkpath -W /etc; then
+		rc=1
+	elif [ ! -e /etc/mtab ]; then
+		ln -snf /proc/self/mounts /etc/mtab
+	else
+		ewarn "The support for updating /etc/mtab as a file is"
+		ewarn "deprecated and will be removed in the future."
+		ewarn "Please run the following command as root on your system."
+		ewarn
+		ewarn "ln -snf /proc/self/mounts /etc/mtab"
+		ewarn
+
+		# With / as tmpfs we cannot umount -at tmpfs in localmount as that
+		# makes / readonly and dismounts all tmpfs even if in use which is
+		# not good. Luckily, umount uses /etc/mtab instead of /proc/mounts
+		# which allows this hack to work.
+		grep -v "^[! ]* / tmpfs " /proc/mounts > /etc/mtab
+
+		# Remove stale backups
+		rm -f /etc/mtab~ /etc/mtab~~
 	fi
-
-	# With / as tmpfs we cannot umount -at tmpfs in localmount as that
-	# makes / readonly and dismounts all tmpfs even if in use which is
-	# not good. Luckily, umount uses /etc/mtab instead of /proc/mounts
-	# which allows this hack to work.
-	grep -v "^[! ]* / tmpfs " /proc/mounts > /etc/mtab
-
-	# Remove stale backups
-	rm -f /etc/mtab~ /etc/mtab~~
-	eend 0
+	eend $rc "/etc is not writable; unable to create /etc/mtab"
+	return 0
 }

init.d/netmount.in

@@ -2,28 +2,20 @@
 # Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
 
-description="Mounts network shares, other than NFS, according to /etc/fstab."
-# We skip all NFS shares in this script because they require extra
-# daemons to be running on the client in order to work correctly.
-# It is best to allow nfs-utils to handle all nfs shares.
+description="Mounts network shares according to /etc/fstab."
 
 depend()
 {
 	config /etc/fstab
-	use afc-client amd autofs openvpn
+	use afc-client amd nfsclient autofs openvpn
 	use dns
-	keyword -jail -prefix -vserver -lxc
+	keyword -jail -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()
 {
 	local x= fs= rc=
 	for x in $net_fs_list $extra_net_fs_list; do
-		case "$x" in
-			nfs|nfs4)
-			continue
-			;;
-		esac
 		fs="$fs${fs:+,}$x"
 	done
 
@@ -46,14 +38,7 @@ stop()
 	. "$RC_LIBEXECDIR"/sh/rc-mount.sh
 
 	for x in $net_fs_list $extra_net_fs_list; do
-		case "$x" in
-			nfs|nfs4)
-				continue
-				;;
-			*)
-				fs="$fs${fs:+,}$x"
-				;;
-		esac
+		fs="$fs${fs:+,}$x"
 	done
 	if [ -n "$fs" ]; then
 		umount -at $fs || eerror "Failed to simply unmount filesystems"
@@ -62,14 +47,7 @@ stop()
 	eindent
 	fs=
 	for x in $net_fs_list $extra_net_fs_list; do
-		case "$x" in
-			nfs|nfs4)
-				continue
-				;;
-			*)
-				fs="$fs${fs:+|}$x"
-				;;
-		esac
+		fs="$fs${fs:+|}$x"
 	done
 	[ -n "$fs" ] && fs="^($fs)$"
 	do_unmount umount ${fs:+--fstype-regex} $fs --netdev

init.d/numlock.in

@@ -9,7 +9,7 @@ ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
 depend()
 {
 	need localmount
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 _setleds()

init.d/osclock.in

@@ -0,0 +1,12 @@
+#!@SBINDIR@/openrc-run
+# Copyright (c) 2014 Ralph Sennhauser <sera@igentoo.org>
+# Released under the 2-clause BSD license.
+
+# Can be used on OSs that take care of the clock.
+
+description="Provides clock"
+
+depend()
+{
+	provide clock
+}

init.d/procfs.in

@@ -8,66 +8,20 @@ depend()
 {
 	use modules devfs
 	need localmount
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()
 {
-	# Make sure we insert usbcore if it's a module
-	if [ -f /proc/modules -a ! -d /sys/module/usbcore -a ! -d /proc/bus/usb ]; then
-		modprobe -q usbcore
-	fi
-
-	[ -e /proc/filesystems ] || return 0
-
 	# Setup Kernel Support for miscellaneous Binary Formats
 	if [ -d /proc/sys/fs/binfmt_misc -a ! -e /proc/sys/fs/binfmt_misc/register ]; then
+		modprobe -q binfmt-misc
 		if grep -qs binfmt_misc /proc/filesystems; then
 			ebegin "Mounting misc binary format filesystem"
 			mount -t binfmt_misc -o nodev,noexec,nosuid \
 				binfmt_misc /proc/sys/fs/binfmt_misc
-			if eend $? ; then
-				local fmts
-				ebegin "Loading custom binary format handlers"
-				fmts=$(grep -hsv -e '^[#;]' -e '^[[:space:]]*$' \
-					/run/binfmt.d/*.conf \
-					/etc/binfmt.d/*.conf \
-					""/usr/lib/binfmt.d/*.conf)
-				if [ -n "${fmts}" ]; then
-					echo "${fmts}" > /proc/sys/fs/binfmt_misc/register
-				fi
 				eend $?
-			fi
 		fi
 	fi
-
-	[ "$RC_SYS" = "OPENVZ" ] && return 0
-
-	# Check what USB fs the kernel support.  Currently
-	# 2.5+ kernels, and later 2.4 kernels have 'usbfs',
-	# while older kernels have 'usbdevfs'.
-	if [ -d /proc/bus/usb -a ! -e /proc/bus/usb/devices ]; then
-		local usbfs=$(grep -Fow usbfs /proc/filesystems ||
-			grep -Fow usbdevfs /proc/filesystems)
-		if [ -n "$usbfs" ]; then
-			ebegin "Mounting USB device filesystem [$usbfs]"
-			local usbgid="$(getent group usb | \
-				sed -e 's/.*:.*:\(.*\):.*/\1/')"
-			mount -t $usbfs \
-				-o ${usbgid:+devmode=0664,devgid=$usbgid,}noexec,nosuid \
-				usbfs /proc/bus/usb
-			eend $?
-		fi
-	fi
-
-	# Setup Kernel Support for SELinux
-	if [ -d /sys/fs/selinux ] && ! mountinfo -q /sys/fs/selinux; then
-		if grep -qs selinuxfs /proc/filesystems; then
-			ebegin "Mounting SELinux filesystem"
-			mount -t selinuxfs selinuxfs /sys/fs/selinux
-			eend $?
-		fi
-	fi
-
 	return 0
 }

init.d/root.in

@@ -7,7 +7,7 @@ description="Mount the root fs read/write"
 depend()
 {
 	need fsck
-	keyword -jail -openvz -prefix -vserver -lxc
+	keyword -jail -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/savecache.in

@@ -25,12 +25,12 @@ start()
 	local rc=
 	if [ ! -d "$RC_LIBEXECDIR"/cache ]; then
 		rm -rf "$RC_LIBEXECDIR"/cache
-		if ! mkdir "$RC_LIBEXECDIR"/cache; then
+		if ! mkdir -p "$RC_LIBEXECDIR"/cache; then
 			rc=$?
 			if yesno "${RC_GOINGDOWN}"; then
 				rc=0
 			fi
-			eend $rc
+			eend $rc "Unable to create $RC_SVCDIR/cache"
 			return $rc
 		fi
 	fi

init.d/savecore.in

@@ -23,7 +23,7 @@ start()
 		# Don't quote ${dump_device}, so that if it's unset,
 		# savecore will check on the partitions listed in fstab
 		# without errors in the output
-		savecore -C "$dump_dir" $dump_device >/dev/null
+		savecore -C $dump_device >/dev/null
 	else
 		ls "$dump_dir"/bsd* > /dev/null 2>&1
 	fi

init.d/swap.in

@@ -5,7 +5,7 @@
 depend()
 {
 	before localmount
-	keyword -jail -openvz -prefix -vserver -lxc
+	keyword -jail -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/swapfiles.in

@@ -5,7 +5,7 @@
 depend()
 {
 	need localmount
-	keyword -jail -openvz -prefix -vserver -lxc
+	keyword -jail -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/swclock.in

@@ -8,7 +8,7 @@ depend()
 {
 	before *
 	provide clock
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 # swclock is an OpenRC built in

init.d/sysctl.GNU-kFreeBSD.in

@@ -0,0 +1,31 @@
+#!@SBINDIR@/openrc-run
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+depend()
+{
+	before bootmisc logger
+	keyword -prefix
+}
+
+start()
+{
+	[ -e /etc/sysctl.conf ] || return 0
+	local retval=0 var= comments= conf=
+	ebegin "Configuring kernel parameters"
+	eindent
+	for conf in @SYSCONFDIR@/sysctl.conf @SYSCONFDIR@/sysctl.d/*.conf; do
+		if [ -r "$conf" ]; then
+			vebegin "applying $conf"
+			while read var comments; do
+				case "$var" in
+				""|"#"*) continue;;
+				esac
+				sysctl -w "$var" >/dev/null || retval=1
+			done < "$conf"
+			veend $retval
+		fi
+	done
+	eoutdent
+	eend $retval "Some errors were encountered"
+}

init.d/sysctl.GNU.in

@@ -0,0 +1,32 @@
+#!@PREFIX@/sbin/openrc-run
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+#FIXME: Modify for GNU/Hurd
+
+depend()
+{
+	before bootmisc logger
+	keyword -prefix
+}
+
+start()
+{
+	[ -e /etc/sysctl.conf ] || return 0
+	local retval=0 var= comments= conf=
+	ebegin "Configuring kernel parameters"
+	eindent
+	for conf in @SYSCONFDIR@/sysctl.conf @SYSCONFDIR@/sysctl.d/*.conf; do
+		if [ -r "$conf" ]; then
+			vebegin "applying $conf"
+			while read var comments; do
+				case "$var" in
+				""|"#"*) continue;;
+				esac
+				sysctl -w "$var" >/dev/null || retval=1
+			done < "$conf"
+			veend $retval
+		fi
+	done
+	eoutdent
+	eend $retval "Some errors were encountered"
+}

init.d/sysctl.Linux.in

@@ -5,12 +5,15 @@
 depend()
 {
 	before bootmisc logger
-	keyword -prefix -vserver
+	keyword -prefix -systemd-nspawn -vserver
 }
 
 start()
 {
+	local quiet
+	yesno $rc_verbose || quiet=-q
+
 	ebegin "Configuring kernel parameters"
-	sysctl --system
+	sysctl ${quiet} --system
 	eend $? "Unable to configure some kernel parameters"
 }

init.d/sysfs.in

@@ -8,7 +8,7 @@ sysfs_opts=nodev,noexec,nosuid
 
 depend()
 {
-	keyword -lxc -prefix -vserver
+	keyword -lxc -prefix -systemd-nspawn -vserver
 }
 
 mount_sys()
@@ -82,6 +82,15 @@ mount_misc()
 		fi
 	fi
 
+	# Setup Kernel Support for SELinux
+	if [ -d /sys/fs/selinux ] && ! mountinfo -q /sys/fs/selinux; then
+		if grep -qs selinuxfs /proc/filesystems; then
+			ebegin "Mounting SELinux filesystem"
+			mount -t selinuxfs selinuxfs /sys/fs/selinux
+			eend $?
+		fi
+	fi
+
 	# setup up kernel support for efivarfs
 	# slightly complicated, as if it's build as a module but NOT yet loaded,
 	# it will NOT appear in /proc/filesystems yet
@@ -100,19 +109,21 @@ mount_misc()
 mount_cgroups()
 {
 	mountinfo -q /sys/fs/cgroup || return 0
-	mountinfo -q /sys/fs/cgroup/openrc || return 0
 
-	local agent="@LIBEXECDIR@/sh/cgroup-release-agent.sh"
-	mkdir /sys/fs/cgroup/openrc
-	mount -n -t cgroup \
-		-o none,${sysfs_opts},name=openrc,release_agent="$agent" \
-		openrc /sys/fs/cgroup/openrc
-	echo 1 > /sys/fs/cgroup/openrc/notify_on_release
+	if ! mountinfo -q /sys/fs/cgroup/openrc; then
+		local agent="@LIBEXECDIR@/sh/cgroup-release-agent.sh"
+		mkdir /sys/fs/cgroup/openrc
+		mount -n -t cgroup \
+			-o none,${sysfs_opts},name=openrc,release_agent="$agent" \
+			openrc /sys/fs/cgroup/openrc
+		echo 1 > /sys/fs/cgroup/openrc/notify_on_release
+	fi
 
 	yesno ${rc_controller_cgroups:-YES} && [ -e /proc/cgroups ] || return 0
 	while read name hier groups enabled rest; do
 		case "${enabled}" in
-			1)	mkdir /sys/fs/cgroup/${name}
+			1)	mountinfo -q /sys/fs/cgroup/${name} && continue
+				mkdir /sys/fs/cgroup/${name}
 				mount -n -t cgroup -o ${sysfs_opts},${name} \
 					${name} /sys/fs/cgroup/${name}
 				;;
@@ -128,25 +139,13 @@ restorecon_sys()
 		restorecon -rF /sys/fs/cgroup >/dev/null 2>&1
 		eend $?
 	fi
-
-	return 0
 }
 
 start()
 {
-	local retval
 	mount_sys
-	retval=$?
-	if [ $retval -eq 0 ]; then
-		mount_misc
-		retval=$?
-	fi
-	if [ $retval -eq 0 ]; then
-		mount_cgroups
-		retval=$?
-	fi
-
+	mount_misc
+	mount_cgroups
 	restorecon_sys
-
-	return $retval
+	return 0
 }

init.d/termencoding.in

@@ -9,7 +9,7 @@ ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
 
 depend()
 {
-	keyword -lxc -openvz -prefix -uml -vserver -xenu
+	keyword -lxc -openvz -prefix -systemd-nspawn -uml -vserver -xenu
 	use root
 	after bootmisc
 }

init.d/tmpfiles.dev.in

@@ -2,7 +2,7 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Released under the 2-clause BSD license.
 
-description="set up tmpfiles.d entries"
+description="Set up tmpfiles.d entries"
 
 depend()
 {
@@ -13,8 +13,8 @@ depend()
 
 start()
 {
-	ebegin "setting up tmpfiles.d entries for /dev"
-	@LIBEXECDIR@/sh/tmpfiles.sh --prefix=/dev --create ${tmpfiles_opts}
+	ebegin "Setting up tmpfiles.d entries for /dev"
+	@LIBEXECDIR@/sh/tmpfiles.sh --prefix=/dev --create --boot ${tmpfiles_opts}
 	eend $?
 	return 0
 }

init.d/tmpfiles.setup.in

@@ -2,7 +2,7 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Released under the 2-clause BSD license.
 
-description="set up tmpfiles.d entries"
+description="Set up tmpfiles.d entries"
 
 depend()
 {
@@ -11,7 +11,7 @@ depend()
 
 start()
 {
-	ebegin "setting up tmpfiles.d entries"
+	ebegin "Setting up tmpfiles.d entries"
 	@LIBEXECDIR@/sh/tmpfiles.sh --exclude-prefix=/dev --create --remove --boot \
 		${tmpfiles_opts}
 	eend $?

init.d/urandom.in

@@ -8,7 +8,7 @@ description="Initializes the random number generator."
 depend()
 {
 	need localmount
-	keyword -jail -lxc -openvz -prefix
+	keyword -jail -lxc -openvz -prefix -systemd-nspawn
 }
 
 save_seed()

man/openrc-run.8

@@ -120,6 +120,9 @@ Set this to "true", "yes" or "1" (case-insensitive) to force the daemon into
 the background. This implies the "--make-pidfile" and "--pidfile" option of
 .Xr start-stop-daemon 8
 so the pidfile variable must be set.
+.It Ar chroot
+.Xr start-stop-daemon 8
+will chroot into this path before writing the pid file or starting the daemon.
 .It Ar pidfile
 Pidfile to use for the above defined command.
 .It Ar name
@@ -131,6 +134,12 @@ timeout in seconds or multiple signal/timeout pairs (like SIGTERM/5).
 A list of directories which must exist for the service to start.
 .It Ar required_files
 A list of files which must exist for the service to start.
+.It Ar start_inactive
+Set to yes to have the service marked inactive when it starts. This is
+used along with in_background_fake to support re-entrant services.
+.It Ar in_background_fake
+Space separated list of commands which should always succeed when
+in_background is yes.
 .El
 .Sh DEPENDENCIES
 You should define a

man/rc-update.8

@@ -87,7 +87,7 @@ If the
 .Fl s , -stack
 option is given then we either add or remove the runlevel from the runlevel.
 This allows inheritance of runlevels.
-
+.Pp
 If the
 .Fl a, -all
 option is given, we remove the service from all runlevels. This is

mk/depend.mk

@@ -6,7 +6,7 @@ IGNOREFILES+=	.depend
 
 .depend: ${SRCS}
 	rm -f .depend
-	${CC} ${CPPFLAGS} -MM ${SRCS} > .depend
+	${CC} ${LOCAL_CPPFLAGS} ${CPPFLAGS} -MM ${SRCS} > .depend
 
 depend: .depend extra_depend
 

mk/dist.mk

@@ -2,18 +2,23 @@
 # Copyright (c) 2008 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
 
-GITREF?=	HEAD
+GITREF?=	${VERSION}
 DISTPREFIX?=	${NAME}-${VERSION}
 DISTFILE?=	${DISTPREFIX}.tar.bz2
 
 CLEANFILES+=	${NAME}-*.tar.bz2
 
+CHANGELOG_LIMIT?= --after="1 year ago"
+
 _SNAP_SH=	date -u +%Y%m%d%H%M
 _SNAP:=		$(shell ${_SNAP_SH})
 SNAP=		${_SNAP}
 SNAPDIR=	${DISTPREFIX}-${SNAP}
 SNAPFILE=	${SNAPDIR}.tar.bz2
 
+changelog:
+	git log ${CHANGELOG_LIMIT} --format=full > ChangeLog
+
 dist:
 	git archive --prefix=${DISTPREFIX}/ ${GITREF} | bzip2 > ${DISTFILE}
 
@@ -29,7 +34,7 @@ snapshot:
 	mkdir /tmp/${SNAPDIR}
 	cp -RPp * /tmp/${SNAPDIR}
 	(cd /tmp/${SNAPDIR}; make clean)
-	find /tmp/${SNAPDIR} -name .svn -exec rm -rf -- {} \; 2>/dev/null || true
+	rm -rf /tmp/${SNAPDIR}/.git 2>/dev/null || true
 	tar -cvjpf ${SNAPFILE} -C /tmp ${SNAPDIR}
 	rm -rf /tmp/${SNAPDIR}
 	ls -l ${SNAPFILE}

mk/lib.mk

@@ -21,10 +21,10 @@ _LIBS+=			${SHLIB_NAME}
 CLEANFILES+=		${OBJS} ${SOBJS} ${_LIBS} ${SHLIB_LINK}
 
 %.o: %.c
-	${CC} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
+	${CC} ${LOCAL_CFLAGS} ${LOCAL_CPPFLAGS} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
 
 %.So: %.c
-	${CC} ${PICFLAG} -DPIC ${CPPFLAGS} ${CFLAGS} -c $< -o $@
+	${CC} ${PICFLAG} -DPIC ${LOCAL_CFLAGS} ${LOCAL_CPPFLAGS} ${CPPFLAGS} ${CFLAGS} -c $< -o $@
 
 all: depend ${_LIBS}
 
@@ -40,7 +40,7 @@ ${SHLIB_NAME}:	${SOBJS}
 	@${ECHO} building shared library $@
 	@rm -f $@ ${SHLIB_LINK}
 	@ln -fs $@ ${SHLIB_LINK}
-	${CC} ${CFLAGS} ${LDFLAGS} -shared -Wl,-x \
+	${CC} ${LOCAL_CFLAGS} ${CFLAGS} ${LOCAL_LDFLAGS} ${LDFLAGS} -shared -Wl,-x \
 	-o $@ -Wl,-soname,${SONAME} \
 	${SOBJS} ${LDADD}
 

mk/os-GNU-kFreeBSD.mk

@@ -3,7 +3,9 @@
 
 # Generic definitions
 
+SFX=		.GNU-kFreeBSD.in
+PKG_PREFIX?=	/usr
+
 CPPFLAGS+=	-D_BSD_SOURCE -D_XOPEN_SOURCE=700
 LIBDL=		-Wl,-Bdynamic -ldl
 LIBKVM?=
-include ${MK}/os-BSD.mk

mk/os-GNU.mk

@@ -0,0 +1,8 @@
+# Copyright (c) 2008 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+SFX=		.GNU.in
+PKG_PREFIX?=	/usr
+
+CPPFLAGS+=	-D_BSD_SOURCE -D_XOPEN_SOURCE=700 -DMAXPATHLEN=4096 -DPATH_MAX=4096
+LIBDL=		-Wl,-Bdynamic -ldl

mk/os-Linux.mk

@@ -4,11 +4,24 @@
 SFX=		.Linux.in
 PKG_PREFIX?=	/usr
 
-CPPFLAGS+=	-D_BSD_SOURCE -D_XOPEN_SOURCE=700
+CPPFLAGS+=	-D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=700
 LIBDL=		-Wl,-Bdynamic -ldl
 
 ifeq (${MKSELINUX},yes)
 CPPFLAGS+= -DHAVE_SELINUX
-LIBSELINUX= -lselinux
+LIBSELINUX?= -lselinux
 LDADD += $(LIBSELINUX)
+
+ifneq (${MKPAM},pam)
+# if using selinux but not pam then we need crypt
+LIBCRYPT?= -lcrypt
+LDADD += $(LIBCRYPT)
+endif
+
+endif
+
+ifeq (${MKAUDIT},yes)
+LIBAUDIT?=	-laudit
+CPPFLAGS+=	-DHAVE_AUDIT
+LDADD+=		${LIBAUDIT}
 endif

mk/pam.mk

@@ -3,6 +3,12 @@ LIBPAM?=	-lpam
 CPPFLAGS+=	-DHAVE_PAM
 LDADD+=		${LIBPAM}
 
+ifeq (${MKSELINUX},yes)
+# with selinux, pam_misc is needed too
+LIBPAM_MISC?=	-lpam_misc
+LDADD+=		${LIBPAM_MISC}
+endif
+
 PAMDIR?=	/etc/pam.d
 PAMMODE?=	0644
 else ifneq (${MKPAM},)

mk/prog.mk

@@ -1,4 +1,4 @@
-# rules to build a library
+# rules to build a program
 # based on FreeBSD's bsd.prog.mk
 
 # Copyright (c) 2008 Roy Marples <roy@marples.name>
@@ -25,10 +25,10 @@ CLEANFILES+=		${OBJS} ${PROG}
 all: depend ${PROG}
 
 %.o: %.c
-	${CC} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
+	${CC} ${LOCAL_CFLAGS} ${LOCAL_CPPFLAGS} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
 
 ${PROG}: ${SCRIPTS} ${OBJS}
-	${CC} ${CFLAGS} ${LDFLAGS} -o $@ ${OBJS} ${LDADD}
+	${CC} ${LOCAL_CFLAGS} ${LOCAL_LDFLAGS}  ${CFLAGS} ${LDFLAGS} -o $@ ${OBJS} ${LDADD}
 
 clean:
 	rm -f ${CLEANFILES}

mk/termcap.mk

@@ -1,11 +1,12 @@
 ifeq (${MKTERMCAP},ncurses)
-	LTERMCAP:=	$(shell pkg-config ncurses --libs 2> /dev/null)
+TERMCAP_CFLAGS:=	$(shell pkg-config ncurses --cflags 2> /dev/null)
+LTERMCAP:=			$(shell pkg-config ncurses --libs 2> /dev/null)
 ifeq ($(LTERMCAP),)
 LIBTERMCAP?=	-lncurses
 else
 LIBTERMCAP?= $(LTERMCAP)
 endif
-CPPFLAGS+=	-DHAVE_TERMCAP
+CPPFLAGS+=	-DHAVE_TERMCAP ${TERMCAP_CFLAGS}
 LDADD+=		${LIBTERMCAP}
 else ifeq (${MKTERMCAP},termcap)
 LIBTERMCAP?=	-ltermcap

runlevels/Makefile

@@ -34,7 +34,8 @@ BOOT-FreeBSD+=	hostid newsyslog savecore syslogd
 # FreeBSD specific stuff
 BOOT-FreeBSD+=	adjkerntz dumpon syscons
 
-BOOT-Linux+=	hwclock keymaps modules mtab procfs termencoding tmpfiles.setup
+BOOT-Linux+=	binfmt hwclock keymaps modules mtab procfs termencoding \
+	tmpfiles.setup
 SHUTDOWN-Linux=	killprocs mount-ro
 SYSINIT-Linux=	devfs dmesg sysfs tmpfiles.dev
 

sh/.gitignore

@@ -1,10 +1,11 @@
 functions.sh
 gendepends.sh
 rc-functions.sh
-runscript.sh
+openrc-run.sh
 cgroup-release-agent.sh
 init.sh
 init-early.sh
 rc-cgroup.sh
 tmpfiles.sh
 migrate-to-run.sh
+binfmt.sh

sh/Makefile

@@ -1,8 +1,8 @@
 DIR=	${LIBEXECDIR}/sh
 SRCS=	init.sh.in functions.sh.in gendepends.sh.in \
-	rc-functions.sh.in runscript.sh.in tmpfiles.sh.in ${SRCS-${OS}}
+	openrc-run.sh.in rc-functions.sh.in tmpfiles.sh.in ${SRCS-${OS}}
 INC=	rc-mount.sh functions.sh rc-functions.sh
-BIN=	gendepends.sh init.sh runscript.sh tmpfiles.sh ${BIN-${OS}}
+BIN=	gendepends.sh init.sh openrc-run.sh tmpfiles.sh ${BIN-${OS}}
 
 INSTALLAFTER=	_installafter
 
@@ -12,9 +12,9 @@ include ${MK}/os.mk
 SRCS-FreeBSD=
 BIN-FreeBSD=
 
-SRCS-Linux=	cgroup-release-agent.sh.in init-early.sh.in migrate-to-run.sh.in \
-	rc-cgroup.sh.in
-BIN-Linux=	cgroup-release-agent.sh init-early.sh migrate-to-run.sh \
+SRCS-Linux=	binfmt.sh.in cgroup-release-agent.sh.in init-early.sh.in \
+	migrate-to-run.sh.in rc-cgroup.sh.in
+BIN-Linux=	binfmt.sh cgroup-release-agent.sh init-early.sh migrate-to-run.sh \
 	rc-cgroup.sh
 
 SRCS-NetBSD=

sh/binfmt.sh.in

@@ -0,0 +1,85 @@
+#!@SHELL@
+# This is a reimplementation of the systemd binfmt.d code to register
+# misc binary formats with the kernel.
+#
+# Copyright (c) 2015 William Hubbs <w.d.hubbs@gmail.com>
+# Released under the 2-clause BSD license.
+#
+# See the binfmt.d manpage as well:
+# http://0pointer.de/public/systemd-man/binfmt.d.html
+# This script should match the manpage as of 2015/03/31
+#
+
+apply_file() {
+	[ $# -lt 1 ] && return 0
+	FILE="$1"
+	LINENUM=0
+
+	### FILE FORMAT ###
+	# See https://www.kernel.org/doc/Documentation/binfmt_misc.txt
+	while read line; do
+		LINENUM=$(( LINENUM+1 ))
+		case $line in
+			\#*) continue ;;
+			\;*) continue ;;
+		esac
+
+		echo "${line}" > /proc/sys/fs/binfmt_misc/register
+		rc=$?
+		if [ $rc -ne 0 ]; then
+			printf "binfmt: invalid entry on line %d of \`%s'\n" \
+				"$LINENUM" "$FILE" >&2
+			error=1
+		fi
+	done <$FILE
+	return $rc
+}
+
+[ -e /proc/sys/fs/binfmt_misc/register ] || exit 0
+error=0
+if [ $# -gt 0 ]; then
+	while [ $# -gt 0 ]; do
+		apply_file "$1"
+		shift
+	done
+else
+	# The hardcoding of these paths is intentional; we are following the
+	# systemd spec.
+	binfmt_dirs='/usr/lib/binfmt.d/ /run/binfmt.d/ /etc/binfmt.d/'
+	binfmt_basenames=''
+	binfmt_d=''
+
+	# Build a list of sorted unique basenames
+	# directories declared later in the binfmt_d list will override earlier
+	# directories, on a per file basename basis.
+	# `/run/binfmt.d/foo.conf' supersedes `/usr/lib/binfmt.d/foo.conf'.
+	# `/run/binfmt.d/foo.conf' will always be read after `/etc/binfmt.d/bar.conf'
+	for d in ${binfmt_dirs} ; do
+		[ -d $d ] && for f in ${d}/*.conf ; do
+			case "${f##*/}" in
+				systemd.conf|systemd-*.conf) continue;;
+			esac
+			[ -e $f ] && binfmt_basenames="${binfmt_basenames}\n${f##*/}"
+		done # for f in ${d}
+	done # for d in ${binfmt_dirs}
+	binfmt_basenames="$(printf "${binfmt_basenames}\n" | sort -u )"
+
+	for b in $binfmt_basenames ; do
+		real_f=''
+		for d in $binfmt_dirs ; do
+			f=${d}/${b}
+			[ -e "${f}" ] && real_f=$f
+		done
+		[ -e "${real_f}" ] && binfmt_d="${binfmt_d} ${real_f}"
+	done
+
+	# loop through the gathered fragments, sorted globally by filename.
+	# `/run/binfmt.d/foo.conf' will always be read after `/etc/binfmt.d/bar.conf'
+	for FILE in $binfmt_d ; do
+		apply_file "$FILE"
+	done
+fi
+
+exit $error
+
+# vim: set ts=2 sw=2 sts=2 noet ft=sh:

sh/init.sh.GNU-kFreeBSD.in

@@ -0,0 +1,35 @@
+#!@SHELL@
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Released under the 2-clause BSD license.
+
+if [ ! -d /run ]; then
+    ebegin "Creating /run"
+    mkdir -p /run
+    eend $?
+fi
+
+if [ -L $RC_SVCDIR ]; then
+    rm $RC_SVCDIR
+fi
+
+ebegin "Mounting /run"
+if ! fstabinfo --mount /run; then
+    mount -t tmpfs -o mode=0755,noexec,nosuid,size=10% tmpfs /run
+    if [ $? != 0 ]; then
+        eerror "Unable to mount tmpfs on /run."
+        eerror "Can't continue."
+        exit 1
+    fi
+fi
+eend
+
+ebegin "Creating $RC_SVCDIR"
+mkdir -p $RC_SVCDIR
+eend $?
+
+if [ -e "$RC_LIBEXECDIR"/cache/deptree ]; then
+    cp -p "$RC_LIBEXECDIR"/cache/* "$RC_SVCDIR" 2>/dev/null
+fi
+
+echo sysinit >"$RC_SVCDIR"/softlevel
+exit 0

sh/init.sh.GNU.in

@@ -0,0 +1,38 @@
+#!@SHELL@
+# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
+# Copyright (c) 2014 Svante Signell <svante.signell@gmail.com>
+# Released under the 2-clause BSD license.
+
+if [ ! -d /run ]; then
+    ebegin "Creating /run"
+    mkdir -p /run
+    eend $?
+fi
+
+if [ -L $RC_SVCDIR ]; then
+    rm $RC_SVCDIR
+fi
+
+if ! mountinfo -q /run; then
+    ebegin "Mounting /run"
+    if ! fstabinfo --mount /run; then
+        mount -t tmpfs -o mode=0755,no-suid,size=10% tmpfs /run
+        if [ $? != 0 ]; then
+            eerror "Unable to mount tmpfs on /run."
+            eerror "Can't continue."
+            exit 1
+        fi
+    fi
+    eend
+fi
+
+ebegin "Creating $RC_SVCDIR"
+mkdir -p $RC_SVCDIR
+eend $?
+
+if [ -e "$RC_LIBEXECDIR"/cache/deptree ]; then
+    cp -p "$RC_LIBEXECDIR"/cache/* "$RC_SVCDIR" 2>/dev/null
+fi
+
+echo sysinit >"$RC_SVCDIR"/softlevel
+exit 0

sh/openrc-run.sh.in

@@ -1,5 +1,5 @@
 #!@SHELL@
-# Shell wrapper for runscript
+# Shell wrapper for openrc-run
 
 # Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
@@ -34,7 +34,10 @@ sourcex()
 
 sourcex "@LIBEXECDIR@/sh/functions.sh"
 sourcex "@LIBEXECDIR@/sh/rc-functions.sh"
-[ "$RC_SYS" != "PREFIX" ] && sourcex -e "@LIBEXECDIR@/sh/rc-cgroup.sh"
+case $RC_SYS in
+	PREFIX|SYSTEMD-NSPAWN) ;;
+	*) sourcex -e "@LIBEXECDIR@/sh/rc-cgroup.sh";;
+esac
 
 # Support LiveCD foo
 if sourcex -e "/sbin/livecd-functions.sh"; then
@@ -142,12 +145,14 @@ start()
 	fi
 	eval start-stop-daemon --start \
 		--exec $command \
+		${chroot:+--chroot} $chroot \
 		${procname:+--name} $procname \
 		${pidfile:+--pidfile} $pidfile \
 		$_background $start_stop_daemon_args \
 		-- $command_args
 	if eend $? "Failed to start $RC_SVCNAME"; then
 		service_set_value "command" "${command}"
+		[ -n "${chroot}" ] && service_set_value "chroot" "${chroot}"
 		[ -n "${pidfile}" ] && service_set_value "pidfile" "${pidfile}"
 		[ -n "${procname}" ] && service_set_value "procname" "${procname}"
 		return 0
@@ -163,9 +168,11 @@ start()
 stop()
 {
 	local startcommand="$(service_get_value "command")"
+	local startchroot="$(service_get_value "chroot")"
 	local startpidfile="$(service_get_value "pidfile")"
 	local startprocname="$(service_get_value "procname")"
 	command="${startcommand:-$command}"
+	chroot="${startchroot:-$chroot}"
 	pidfile="${startpidfile:-$pidfile}"
 	procname="${startprocname:-$procname}"
 	[ -n "$command" -o -n "$procname" -o -n "$pidfile" ] || return 0
@@ -174,7 +181,7 @@ stop()
 		${retry:+--retry} $retry \
 		${command:+--exec} $command \
 		${procname:+--name} $procname \
-		${pidfile:+--pidfile} $pidfile \
+		${pidfile:+--pidfile} $chroot$pidfile \
 		${stopsig:+--signal} $stopsig
 	eend $? "Failed to stop $RC_SVCNAME"
 }
@@ -205,25 +212,35 @@ unset _conf_d
 # Load any system overrides
 sourcex -e "@SYSCONFDIR@/rc.conf"
 
-# Apply any ulimit defined
-[ -n "${rc_ulimit:-$RC_ULIMIT}" ] && ulimit ${rc_ulimit:-$RC_ULIMIT}
-
 # Set verbose mode
 if yesno "${rc_verbose:-$RC_VERBOSE}"; then
 	EINFO_VERBOSE=yes
 	export EINFO_VERBOSE
 fi
 
-# Apply cgroups settings if defined
-if [ "$1" = "start" ] ; then
-	if [ "$(command -v cgroup_add_service)" = "cgroup_add_service" ]; then
-		cgroup_add_service /sys/fs/cgroup/openrc
-		cgroup_add_service /sys/fs/cgroup/systemd/system
+for _cmd; do
+	if [ "$_cmd" != status -a "$_cmd" != describe ]; then
+		# Apply any ulimit defined
+		[ -n "${rc_ulimit:-$RC_ULIMIT}" ] && \
+			ulimit ${rc_ulimit:-$RC_ULIMIT}
+		# Apply cgroups settings if defined
+		if [ "$(command -v cgroup_add_service)" = \
+		    "cgroup_add_service" ]
+		then
+			if [ -d /sys/fs/cgroup -a ! -w /sys/fs/cgroup ]; then
+				eerror "No permission to apply cgroup settings"
+				break
+			fi
+			cgroup_add_service /sys/fs/cgroup/openrc
+			cgroup_add_service /sys/fs/cgroup/systemd/system
+		fi
+		[ "$(command -v cgroup_set_limits)" = \
+		    "cgroup_set_limits" ] && \
+		    cgroup_set_limits
+		break
 	fi
-	[ "$(command -v cgroup_set_limits)" = "cgroup_set_limits" ] && \
-		cgroup_set_limits
-fi
-
+done
+ 
 # Load our script
 sourcex "$RC_SERVICE"
 

sh/rc-cgroup.sh.in

@@ -1,7 +1,9 @@
 #!@SHELL@
 # Copyright (c) 2012 Alexander Vershilov <qnikst@gentoo.org>
 # Released under the 2-clause BSD license.
+
 extra_stopped_commands="${extra_stopped_commands} cgroup_cleanup"
+description_cgroup_cleanup="Kill all processes in the cgroup"
 
 cgroup_find_path()
 {
@@ -46,7 +48,7 @@ cgroup_set_values()
 			$controller.*)
 				if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
 					veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
-					echo $val > "$cgroup/$name"
+					printf "%s" "$val" > "$cgroup/$name"
 				fi
 				name=$1
 				val=
@@ -59,12 +61,12 @@ cgroup_set_values()
 	done
 	if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
 		veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
-		echo $val > "$cgroup/$name"
+		printf "%s" "$val" > "$cgroup/$name"
 	fi
 
 	if [ -f "$cgroup/tasks" ]; then
 		veinfo "$RC_SVCNAME: adding to $cgroup/tasks"
-		echo 0 > "$cgroup/tasks"
+		printf "%d" 0 > "$cgroup/tasks"
 	fi
 
 	return 0
@@ -77,14 +79,14 @@ cgroup_add_service()
     # cgroups. But may lead to a problems where that inheriting
     # is needed.
 	for d in /sys/fs/cgroup/* ; do
-		[ -f "${d}"/tasks ] && echo 0 > "${d}"/tasks
+		[ -f "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
 	done
 
 	openrc_cgroup=/sys/fs/cgroup/openrc
 	if [ -d "$openrc_cgroup" ]; then
 		cgroup="$openrc_cgroup/$RC_SVCNAME"
 		mkdir -p "$cgroup"
-		[ -f "$cgroup/tasks" ] && echo 0 > "$cgroup/tasks"
+		[ -f "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
 	fi
 }
 

sh/rc-functions.sh.in

@@ -85,7 +85,7 @@ get_bootparam()
 	return 1
 }
 
-# Called from runscript.sh or gendepends.sh
+# Called from openrc-run.sh or gendepends.sh
 _depend() {
 	depend
 	local _rc_svcname=$(shell_var "$RC_SVCNAME") _deptype= _depends=

sh/tmpfiles.sh.in

@@ -80,6 +80,17 @@ _c() {
 	fi
 }
 
+_C() {
+	# recursively copy a file or directory
+	local path=$1 mode=$2 uid=$3 gid=$4 age=$5 arg=$6
+	if [ ! -e "$path" ]; then
+		dryrun_or_real cp -r "$arg" "$path"
+		_restorecon "$path"
+		[ $uid != '-' ] && dryrun_or_real chown "$uid" "$path"
+		[ $gid != '-' ] && dryrun_or_real chgrp "$gid" "$path"
+		[ $mode != '-' ] && dryrun_or_real chmod "$mode" "$path"
+	fi
+}
 
 _f() {
 	# Create a file if it doesn't exist yet
@@ -234,7 +245,7 @@ PREFIX=
 FILE=
 fragments=
 # XXX: The harcoding of /usr/lib/ is an explicit choice by upstream
-tmpfiles_dirs='/usr/lib/tmpfiles.d/ /etc/tmpfiles.d/ /run/tmpfiles.d/'
+tmpfiles_dirs='/usr/lib/tmpfiles.d/ /run/tmpfiles.d/ /etc/tmpfiles.d/'
 tmpfiles_basenames=''
 tmpfiles_d=''
 # Build a list of sorted unique basenames
@@ -304,6 +315,7 @@ for FILE in $tmpfiles_d ; do
 	# But IS allowed when globs are expanded for the x/r/R/z/Z types.
 	while read cmd path mode uid gid age arg; do
 		LINENUM=$(( LINENUM+1 ))
+		FORCE=0
 
 		# Unless we have both command and path, skip this line.
 		if [ -z "$cmd" -o -z "$path" ]; then
@@ -311,13 +323,20 @@ for FILE in $tmpfiles_d ; do
 		fi
 
 		case $cmd in
-			*!) [ "$BOOT" -eq "1" ] || continue; cmd=${cmd%!} ;;
+			\#*) continue ;;
 		esac
 
+		while [ ${#cmd} -gt 1 ]; do
+			case $cmd in
+				*!) cmd=${cmd%!}; [ "$BOOT" -eq "1" ] || continue 2 ;;
+				*+) cmd=${cmd%+}; FORCE=1; ;;
+				*) warninvalid ; continue 2 ;;
+			esac
+		done
+
 		# whine about invalid entries
 		case $cmd in
-			f|F|w|d|D|p|L|c|b|x|X|r|R|z|Z) ;;
-			\#*) continue ;;
+			f|F|w|d|D|p|L|c|C|b|x|X|r|R|z|Z) ;;
 			*) warninvalid ; continue ;;
 		esac
 
@@ -326,7 +345,7 @@ for FILE in $tmpfiles_d ; do
 			case "$cmd" in
 				p|f|F) mode=0644 ;;
 				d|D) mode=0755 ;;
-				z|Z|x|r|R|L) ;;
+				C|z|Z|x|r|R|L) ;;
 			esac
 		fi
 
@@ -338,6 +357,13 @@ for FILE in $tmpfiles_d ; do
 
 		[ -n "$EXCLUDE" ] && checkprefix $path $EXCLUDE && continue
 		[ -n "$PREFIX" ] && ! checkprefix $path $PREFIX && continue
+
+		if [ $FORCE -gt 0 ]; then
+			case $cmd in
+				p|L|c|b) [ -f "$path" ] && dryrun_or_real rm -f "$path"
+			esac
+		fi
+
 		[ "$VERBOSE" -eq "1" ] && echo _$cmd "$@"
 		_$cmd "$@"
 		rc=$?

src/includes/helpers.h

@@ -48,25 +48,6 @@
 
 #define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0]))
 
-/* Some libc implemntations don't have these */
-#ifndef TAILQ_CONCAT
-#define TAILQ_CONCAT(head1, head2, field) do {				      \
-		if (!TAILQ_EMPTY(head2)) {				      \
-			*(head1)->tqh_last = (head2)->tqh_first;	      \
-			(head2)->tqh_first->field.tqe_prev = (head1)->tqh_last; \
-			(head1)->tqh_last = (head2)->tqh_last;		      \
-			TAILQ_INIT((head2));				      \
-		}							      \
-	} while (0)
-#endif
-
-#ifndef TAILQ_FOREACH_SAFE
-#define	TAILQ_FOREACH_SAFE(var, head, field, tvar)			      \
-	for ((var) = TAILQ_FIRST((head));				      \
-	     (var) && ((tvar) = TAILQ_NEXT((var), field), 1);		      \
-	     (var) = (tvar))
-#endif
-
 #ifdef __GLIBC__
 #  if ! defined (__UCLIBC__) && ! defined (__dietlibc__)
 #    define strlcpy(dst, src, size) snprintf(dst, size, "%s", src)

src/includes/queue.h

@@ -0,0 +1,846 @@
+/*	$NetBSD: queue.h,v 1.67 2014/05/17 21:22:56 rmind Exp $	*/
+
+/*
+ * Copyright (c) 1991, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	@(#)queue.h	8.5 (Berkeley) 8/20/94
+ */
+
+#ifndef	_SYS_QUEUE_H_
+#define	_SYS_QUEUE_H_
+
+/*
+ * This file defines five types of data structures: singly-linked lists,
+ * lists, simple queues, tail queues, and circular queues.
+ *
+ * A singly-linked list is headed by a single forward pointer. The
+ * elements are singly linked for minimum space and pointer manipulation
+ * overhead at the expense of O(n) removal for arbitrary elements. New
+ * elements can be added to the list after an existing element or at the
+ * head of the list.  Elements being removed from the head of the list
+ * should use the explicit macro for this purpose for optimum
+ * efficiency. A singly-linked list may only be traversed in the forward
+ * direction.  Singly-linked lists are ideal for applications with large
+ * datasets and few or no removals or for implementing a LIFO queue.
+ *
+ * A list is headed by a single forward pointer (or an array of forward
+ * pointers for a hash table header). The elements are doubly linked
+ * so that an arbitrary element can be removed without a need to
+ * traverse the list. New elements can be added to the list before
+ * or after an existing element or at the head of the list. A list
+ * may only be traversed in the forward direction.
+ *
+ * A simple queue is headed by a pair of pointers, one the head of the
+ * list and the other to the tail of the list. The elements are singly
+ * linked to save space, so elements can only be removed from the
+ * head of the list. New elements can be added to the list after
+ * an existing element, at the head of the list, or at the end of the
+ * list. A simple queue may only be traversed in the forward direction.
+ *
+ * A tail queue is headed by a pair of pointers, one to the head of the
+ * list and the other to the tail of the list. The elements are doubly
+ * linked so that an arbitrary element can be removed without a need to
+ * traverse the list. New elements can be added to the list before or
+ * after an existing element, at the head of the list, or at the end of
+ * the list. A tail queue may be traversed in either direction.
+ *
+ * A circle queue is headed by a pair of pointers, one to the head of the
+ * list and the other to the tail of the list. The elements are doubly
+ * linked so that an arbitrary element can be removed without a need to
+ * traverse the list. New elements can be added to the list before or after
+ * an existing element, at the head of the list, or at the end of the list.
+ * A circle queue may be traversed in either direction, but has a more
+ * complex end of list detection.
+ *
+ * For details on the use of these macros, see the queue(3) manual page.
+ */
+
+/*
+ * Include the definition of NULL only on NetBSD because sys/null.h
+ * is not available elsewhere.  This conditional makes the header
+ * portable and it can simply be dropped verbatim into any system.
+ * The caveat is that on other systems some other header
+ * must provide NULL before the macros can be used.
+ */
+#ifdef __NetBSD__
+#include <sys/null.h>
+#endif
+
+#if defined(QUEUEDEBUG)
+# if defined(_KERNEL)
+#  define QUEUEDEBUG_ABORT(...) panic(__VA_ARGS__)
+# else
+#  include <err.h>
+#  define QUEUEDEBUG_ABORT(...) err(1, __VA_ARGS__)
+# endif
+#endif
+
+/*
+ * Singly-linked List definitions.
+ */
+#define	SLIST_HEAD(name, type)						\
+struct name {								\
+	struct type *slh_first;	/* first element */			\
+}
+
+#define	SLIST_HEAD_INITIALIZER(head)					\
+	{ NULL }
+
+#define	SLIST_ENTRY(type)						\
+struct {								\
+	struct type *sle_next;	/* next element */			\
+}
+
+/*
+ * Singly-linked List access methods.
+ */
+#define	SLIST_FIRST(head)	((head)->slh_first)
+#define	SLIST_END(head)		NULL
+#define	SLIST_EMPTY(head)	((head)->slh_first == NULL)
+#define	SLIST_NEXT(elm, field)	((elm)->field.sle_next)
+
+#define	SLIST_FOREACH(var, head, field)					\
+	for((var) = (head)->slh_first;					\
+	    (var) != SLIST_END(head);					\
+	    (var) = (var)->field.sle_next)
+
+#define	SLIST_FOREACH_SAFE(var, head, field, tvar)			\
+	for ((var) = SLIST_FIRST((head));				\
+	    (var) != SLIST_END(head) &&					\
+	    ((tvar) = SLIST_NEXT((var), field), 1);			\
+	    (var) = (tvar))
+
+/*
+ * Singly-linked List functions.
+ */
+#define	SLIST_INIT(head) do {						\
+	(head)->slh_first = SLIST_END(head);				\
+} while (/*CONSTCOND*/0)
+
+#define	SLIST_INSERT_AFTER(slistelm, elm, field) do {			\
+	(elm)->field.sle_next = (slistelm)->field.sle_next;		\
+	(slistelm)->field.sle_next = (elm);				\
+} while (/*CONSTCOND*/0)
+
+#define	SLIST_INSERT_HEAD(head, elm, field) do {			\
+	(elm)->field.sle_next = (head)->slh_first;			\
+	(head)->slh_first = (elm);					\
+} while (/*CONSTCOND*/0)
+
+#define	SLIST_REMOVE_AFTER(slistelm, field) do {			\
+	(slistelm)->field.sle_next =					\
+	    SLIST_NEXT(SLIST_NEXT((slistelm), field), field);		\
+} while (/*CONSTCOND*/0)
+
+#define	SLIST_REMOVE_HEAD(head, field) do {				\
+	(head)->slh_first = (head)->slh_first->field.sle_next;		\
+} while (/*CONSTCOND*/0)
+
+#define	SLIST_REMOVE(head, elm, type, field) do {			\
+	if ((head)->slh_first == (elm)) {				\
+		SLIST_REMOVE_HEAD((head), field);			\
+	}								\
+	else {								\
+		struct type *curelm = (head)->slh_first;		\
+		while(curelm->field.sle_next != (elm))			\
+			curelm = curelm->field.sle_next;		\
+		curelm->field.sle_next =				\
+		    curelm->field.sle_next->field.sle_next;		\
+	}								\
+} while (/*CONSTCOND*/0)
+
+
+/*
+ * List definitions.
+ */
+#define	LIST_HEAD(name, type)						\
+struct name {								\
+	struct type *lh_first;	/* first element */			\
+}
+
+#define	LIST_HEAD_INITIALIZER(head)					\
+	{ NULL }
+
+#define	LIST_ENTRY(type)						\
+struct {								\
+	struct type *le_next;	/* next element */			\
+	struct type **le_prev;	/* address of previous next element */	\
+}
+
+/*
+ * List access methods.
+ */
+#define	LIST_FIRST(head)		((head)->lh_first)
+#define	LIST_END(head)			NULL
+#define	LIST_EMPTY(head)		((head)->lh_first == LIST_END(head))
+#define	LIST_NEXT(elm, field)		((elm)->field.le_next)
+
+#define	LIST_FOREACH(var, head, field)					\
+	for ((var) = ((head)->lh_first);				\
+	    (var) != LIST_END(head);					\
+	    (var) = ((var)->field.le_next))
+
+#define	LIST_FOREACH_SAFE(var, head, field, tvar)			\
+	for ((var) = LIST_FIRST((head));				\
+	    (var) != LIST_END(head) &&					\
+	    ((tvar) = LIST_NEXT((var), field), 1);			\
+	    (var) = (tvar))
+
+#define	LIST_MOVE(head1, head2) do {					\
+	LIST_INIT((head2));						\
+	if (!LIST_EMPTY((head1))) {					\
+		(head2)->lh_first = (head1)->lh_first;			\
+		LIST_INIT((head1));					\
+	}								\
+} while (/*CONSTCOND*/0)
+
+/*
+ * List functions.
+ */
+#if defined(QUEUEDEBUG)
+#define	QUEUEDEBUG_LIST_INSERT_HEAD(head, elm, field)			\
+	if ((head)->lh_first &&						\
+	    (head)->lh_first->field.le_prev != &(head)->lh_first)	\
+		QUEUEDEBUG_ABORT("LIST_INSERT_HEAD %p %s:%d", (head),	\
+		    __FILE__, __LINE__);
+#define	QUEUEDEBUG_LIST_OP(elm, field)					\
+	if ((elm)->field.le_next &&					\
+	    (elm)->field.le_next->field.le_prev !=			\
+	    &(elm)->field.le_next)					\
+		QUEUEDEBUG_ABORT("LIST_* forw %p %s:%d", (elm),		\
+		    __FILE__, __LINE__);				\
+	if (*(elm)->field.le_prev != (elm))				\
+		QUEUEDEBUG_ABORT("LIST_* back %p %s:%d", (elm),		\
+		    __FILE__, __LINE__);
+#define	QUEUEDEBUG_LIST_POSTREMOVE(elm, field)				\
+	(elm)->field.le_next = (void *)1L;				\
+	(elm)->field.le_prev = (void *)1L;
+#else
+#define	QUEUEDEBUG_LIST_INSERT_HEAD(head, elm, field)
+#define	QUEUEDEBUG_LIST_OP(elm, field)
+#define	QUEUEDEBUG_LIST_POSTREMOVE(elm, field)
+#endif
+
+#define	LIST_INIT(head) do {						\
+	(head)->lh_first = LIST_END(head);				\
+} while (/*CONSTCOND*/0)
+
+#define	LIST_INSERT_AFTER(listelm, elm, field) do {			\
+	QUEUEDEBUG_LIST_OP((listelm), field)				\
+	if (((elm)->field.le_next = (listelm)->field.le_next) != 	\
+	    LIST_END(head))						\
+		(listelm)->field.le_next->field.le_prev =		\
+		    &(elm)->field.le_next;				\
+	(listelm)->field.le_next = (elm);				\
+	(elm)->field.le_prev = &(listelm)->field.le_next;		\
+} while (/*CONSTCOND*/0)
+
+#define	LIST_INSERT_BEFORE(listelm, elm, field) do {			\
+	QUEUEDEBUG_LIST_OP((listelm), field)				\
+	(elm)->field.le_prev = (listelm)->field.le_prev;		\
+	(elm)->field.le_next = (listelm);				\
+	*(listelm)->field.le_prev = (elm);				\
+	(listelm)->field.le_prev = &(elm)->field.le_next;		\
+} while (/*CONSTCOND*/0)
+
+#define	LIST_INSERT_HEAD(head, elm, field) do {				\
+	QUEUEDEBUG_LIST_INSERT_HEAD((head), (elm), field)		\
+	if (((elm)->field.le_next = (head)->lh_first) != LIST_END(head))\
+		(head)->lh_first->field.le_prev = &(elm)->field.le_next;\
+	(head)->lh_first = (elm);					\
+	(elm)->field.le_prev = &(head)->lh_first;			\
+} while (/*CONSTCOND*/0)
+
+#define	LIST_REMOVE(elm, field) do {					\
+	QUEUEDEBUG_LIST_OP((elm), field)				\
+	if ((elm)->field.le_next != NULL)				\
+		(elm)->field.le_next->field.le_prev = 			\
+		    (elm)->field.le_prev;				\
+	*(elm)->field.le_prev = (elm)->field.le_next;			\
+	QUEUEDEBUG_LIST_POSTREMOVE((elm), field)			\
+} while (/*CONSTCOND*/0)
+
+#define LIST_REPLACE(elm, elm2, field) do {				\
+	if (((elm2)->field.le_next = (elm)->field.le_next) != NULL)	\
+		(elm2)->field.le_next->field.le_prev =			\
+		    &(elm2)->field.le_next;				\
+	(elm2)->field.le_prev = (elm)->field.le_prev;			\
+	*(elm2)->field.le_prev = (elm2);				\
+	QUEUEDEBUG_LIST_POSTREMOVE((elm), field)			\
+} while (/*CONSTCOND*/0)
+
+/*
+ * Simple queue definitions.
+ */
+#define	SIMPLEQ_HEAD(name, type)					\
+struct name {								\
+	struct type *sqh_first;	/* first element */			\
+	struct type **sqh_last;	/* addr of last next element */		\
+}
+
+#define	SIMPLEQ_HEAD_INITIALIZER(head)					\
+	{ NULL, &(head).sqh_first }
+
+#define	SIMPLEQ_ENTRY(type)						\
+struct {								\
+	struct type *sqe_next;	/* next element */			\
+}
+
+/*
+ * Simple queue access methods.
+ */
+#define	SIMPLEQ_FIRST(head)		((head)->sqh_first)
+#define	SIMPLEQ_END(head)		NULL
+#define	SIMPLEQ_EMPTY(head)		((head)->sqh_first == SIMPLEQ_END(head))
+#define	SIMPLEQ_NEXT(elm, field)	((elm)->field.sqe_next)
+
+#define	SIMPLEQ_FOREACH(var, head, field)				\
+	for ((var) = ((head)->sqh_first);				\
+	    (var) != SIMPLEQ_END(head);					\
+	    (var) = ((var)->field.sqe_next))
+
+#define	SIMPLEQ_FOREACH_SAFE(var, head, field, next)			\
+	for ((var) = ((head)->sqh_first);				\
+	    (var) != SIMPLEQ_END(head) &&				\
+	    ((next = ((var)->field.sqe_next)), 1);			\
+	    (var) = (next))
+
+/*
+ * Simple queue functions.
+ */
+#define	SIMPLEQ_INIT(head) do {						\
+	(head)->sqh_first = NULL;					\
+	(head)->sqh_last = &(head)->sqh_first;				\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_INSERT_HEAD(head, elm, field) do {			\
+	if (((elm)->field.sqe_next = (head)->sqh_first) == NULL)	\
+		(head)->sqh_last = &(elm)->field.sqe_next;		\
+	(head)->sqh_first = (elm);					\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_INSERT_TAIL(head, elm, field) do {			\
+	(elm)->field.sqe_next = NULL;					\
+	*(head)->sqh_last = (elm);					\
+	(head)->sqh_last = &(elm)->field.sqe_next;			\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do {		\
+	if (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\
+		(head)->sqh_last = &(elm)->field.sqe_next;		\
+	(listelm)->field.sqe_next = (elm);				\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_REMOVE_HEAD(head, field) do {				\
+	if (((head)->sqh_first = (head)->sqh_first->field.sqe_next) == NULL) \
+		(head)->sqh_last = &(head)->sqh_first;			\
+} while (/*CONSTCOND*/0)
+
+#define SIMPLEQ_REMOVE_AFTER(head, elm, field) do {			\
+	if (((elm)->field.sqe_next = (elm)->field.sqe_next->field.sqe_next) \
+	    == NULL)							\
+		(head)->sqh_last = &(elm)->field.sqe_next;		\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_REMOVE(head, elm, type, field) do {			\
+	if ((head)->sqh_first == (elm)) {				\
+		SIMPLEQ_REMOVE_HEAD((head), field);			\
+	} else {							\
+		struct type *curelm = (head)->sqh_first;		\
+		while (curelm->field.sqe_next != (elm))			\
+			curelm = curelm->field.sqe_next;		\
+		if ((curelm->field.sqe_next =				\
+			curelm->field.sqe_next->field.sqe_next) == NULL) \
+			    (head)->sqh_last = &(curelm)->field.sqe_next; \
+	}								\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_CONCAT(head1, head2) do {				\
+	if (!SIMPLEQ_EMPTY((head2))) {					\
+		*(head1)->sqh_last = (head2)->sqh_first;		\
+		(head1)->sqh_last = (head2)->sqh_last;		\
+		SIMPLEQ_INIT((head2));					\
+	}								\
+} while (/*CONSTCOND*/0)
+
+#define	SIMPLEQ_LAST(head, type, field)					\
+	(SIMPLEQ_EMPTY((head)) ?						\
+		NULL :							\
+	        ((struct type *)(void *)				\
+		((char *)((head)->sqh_last) - offsetof(struct type, field))))
+
+/*
+ * Tail queue definitions.
+ */
+#define	_TAILQ_HEAD(name, type, qual)					\
+struct name {								\
+	qual type *tqh_first;		/* first element */		\
+	qual type *qual *tqh_last;	/* addr of last next element */	\
+}
+#define TAILQ_HEAD(name, type)	_TAILQ_HEAD(name, struct type,)
+
+#define	TAILQ_HEAD_INITIALIZER(head)					\
+	{ TAILQ_END(head), &(head).tqh_first }
+
+#define	_TAILQ_ENTRY(type, qual)					\
+struct {								\
+	qual type *tqe_next;		/* next element */		\
+	qual type *qual *tqe_prev;	/* address of previous next element */\
+}
+#define TAILQ_ENTRY(type)	_TAILQ_ENTRY(struct type,)
+
+/*
+ * Tail queue access methods.
+ */
+#define	TAILQ_FIRST(head)		((head)->tqh_first)
+#define	TAILQ_END(head)			(NULL)
+#define	TAILQ_NEXT(elm, field)		((elm)->field.tqe_next)
+#define	TAILQ_LAST(head, headname) \
+	(*(((struct headname *)((head)->tqh_last))->tqh_last))
+#define	TAILQ_PREV(elm, headname, field) \
+	(*(((struct headname *)((elm)->field.tqe_prev))->tqh_last))
+#define	TAILQ_EMPTY(head)		(TAILQ_FIRST(head) == TAILQ_END(head))
+
+
+#define	TAILQ_FOREACH(var, head, field)					\
+	for ((var) = ((head)->tqh_first);				\
+	    (var) != TAILQ_END(head);					\
+	    (var) = ((var)->field.tqe_next))
+
+#define	TAILQ_FOREACH_SAFE(var, head, field, next)			\
+	for ((var) = ((head)->tqh_first);				\
+	    (var) != TAILQ_END(head) &&					\
+	    ((next) = TAILQ_NEXT(var, field), 1); (var) = (next))
+
+#define	TAILQ_FOREACH_REVERSE(var, head, headname, field)		\
+	for ((var) = (*(((struct headname *)((head)->tqh_last))->tqh_last));\
+	    (var) != TAILQ_END(head);					\
+	    (var) = (*(((struct headname *)((var)->field.tqe_prev))->tqh_last)))
+
+#define	TAILQ_FOREACH_REVERSE_SAFE(var, head, headname, field, prev)	\
+	for ((var) = TAILQ_LAST((head), headname);			\
+	    (var) != TAILQ_END(head) && 				\
+	    ((prev) = TAILQ_PREV((var), headname, field), 1); (var) = (prev))
+
+/*
+ * Tail queue functions.
+ */
+#if defined(QUEUEDEBUG)
+#define	QUEUEDEBUG_TAILQ_INSERT_HEAD(head, elm, field)			\
+	if ((head)->tqh_first &&					\
+	    (head)->tqh_first->field.tqe_prev != &(head)->tqh_first)	\
+		QUEUEDEBUG_ABORT("TAILQ_INSERT_HEAD %p %s:%d", (head),	\
+		    __FILE__, __LINE__);
+#define	QUEUEDEBUG_TAILQ_INSERT_TAIL(head, elm, field)			\
+	if (*(head)->tqh_last != NULL)					\
+		QUEUEDEBUG_ABORT("TAILQ_INSERT_TAIL %p %s:%d", (head),	\
+		    __FILE__, __LINE__);
+#define	QUEUEDEBUG_TAILQ_OP(elm, field)					\
+	if ((elm)->field.tqe_next &&					\
+	    (elm)->field.tqe_next->field.tqe_prev !=			\
+	    &(elm)->field.tqe_next)					\
+		QUEUEDEBUG_ABORT("TAILQ_* forw %p %s:%d", (elm),	\
+		    __FILE__, __LINE__);				\
+	if (*(elm)->field.tqe_prev != (elm))				\
+		QUEUEDEBUG_ABORT("TAILQ_* back %p %s:%d", (elm),	\
+		    __FILE__, __LINE__);
+#define	QUEUEDEBUG_TAILQ_PREREMOVE(head, elm, field)			\
+	if ((elm)->field.tqe_next == NULL &&				\
+	    (head)->tqh_last != &(elm)->field.tqe_next)			\
+		QUEUEDEBUG_ABORT("TAILQ_PREREMOVE head %p elm %p %s:%d",\
+		    (head), (elm), __FILE__, __LINE__);
+#define	QUEUEDEBUG_TAILQ_POSTREMOVE(elm, field)				\
+	(elm)->field.tqe_next = (void *)1L;				\
+	(elm)->field.tqe_prev = (void *)1L;
+#else
+#define	QUEUEDEBUG_TAILQ_INSERT_HEAD(head, elm, field)
+#define	QUEUEDEBUG_TAILQ_INSERT_TAIL(head, elm, field)
+#define	QUEUEDEBUG_TAILQ_OP(elm, field)
+#define	QUEUEDEBUG_TAILQ_PREREMOVE(head, elm, field)
+#define	QUEUEDEBUG_TAILQ_POSTREMOVE(elm, field)
+#endif
+
+#define	TAILQ_INIT(head) do {						\
+	(head)->tqh_first = TAILQ_END(head);				\
+	(head)->tqh_last = &(head)->tqh_first;				\
+} while (/*CONSTCOND*/0)
+
+#define	TAILQ_INSERT_HEAD(head, elm, field) do {			\
+	QUEUEDEBUG_TAILQ_INSERT_HEAD((head), (elm), field)		\
+	if (((elm)->field.tqe_next = (head)->tqh_first) != TAILQ_END(head))\
+		(head)->tqh_first->field.tqe_prev =			\
+		    &(elm)->field.tqe_next;				\
+	else								\
+		(head)->tqh_last = &(elm)->field.tqe_next;		\
+	(head)->tqh_first = (elm);					\
+	(elm)->field.tqe_prev = &(head)->tqh_first;			\
+} while (/*CONSTCOND*/0)
+
+#define	TAILQ_INSERT_TAIL(head, elm, field) do {			\
+	QUEUEDEBUG_TAILQ_INSERT_TAIL((head), (elm), field)		\
+	(elm)->field.tqe_next = TAILQ_END(head);			\
+	(elm)->field.tqe_prev = (head)->tqh_last;			\
+	*(head)->tqh_last = (elm);					\
+	(head)->tqh_last = &(elm)->field.tqe_next;			\
+} while (/*CONSTCOND*/0)
+
+#define	TAILQ_INSERT_AFTER(head, listelm, elm, field) do {		\
+	QUEUEDEBUG_TAILQ_OP((listelm), field)				\
+	if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != 	\
+	    TAILQ_END(head))						\
+		(elm)->field.tqe_next->field.tqe_prev = 		\
+		    &(elm)->field.tqe_next;				\
+	else								\
+		(head)->tqh_last = &(elm)->field.tqe_next;		\
+	(listelm)->field.tqe_next = (elm);				\
+	(elm)->field.tqe_prev = &(listelm)->field.tqe_next;		\
+} while (/*CONSTCOND*/0)
+
+#define	TAILQ_INSERT_BEFORE(listelm, elm, field) do {			\
+	QUEUEDEBUG_TAILQ_OP((listelm), field)				\
+	(elm)->field.tqe_prev = (listelm)->field.tqe_prev;		\
+	(elm)->field.tqe_next = (listelm);				\
+	*(listelm)->field.tqe_prev = (elm);				\
+	(listelm)->field.tqe_prev = &(elm)->field.tqe_next;		\
+} while (/*CONSTCOND*/0)
+
+#define	TAILQ_REMOVE(head, elm, field) do {				\
+	QUEUEDEBUG_TAILQ_PREREMOVE((head), (elm), field)		\
+	QUEUEDEBUG_TAILQ_OP((elm), field)				\
+	if (((elm)->field.tqe_next) != TAILQ_END(head))			\
+		(elm)->field.tqe_next->field.tqe_prev = 		\
+		    (elm)->field.tqe_prev;				\
+	else								\
+		(head)->tqh_last = (elm)->field.tqe_prev;		\
+	*(elm)->field.tqe_prev = (elm)->field.tqe_next;			\
+	QUEUEDEBUG_TAILQ_POSTREMOVE((elm), field);			\
+} while (/*CONSTCOND*/0)
+
+#define TAILQ_REPLACE(head, elm, elm2, field) do {                      \
+        if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != 	\
+	    TAILQ_END(head))   						\
+                (elm2)->field.tqe_next->field.tqe_prev =                \
+                    &(elm2)->field.tqe_next;                            \
+        else                                                            \
+                (head)->tqh_last = &(elm2)->field.tqe_next;             \
+        (elm2)->field.tqe_prev = (elm)->field.tqe_prev;                 \
+        *(elm2)->field.tqe_prev = (elm2);                               \
+	QUEUEDEBUG_TAILQ_POSTREMOVE((elm), field);			\
+} while (/*CONSTCOND*/0)
+
+#define	TAILQ_CONCAT(head1, head2, field) do {				\
+	if (!TAILQ_EMPTY(head2)) {					\
+		*(head1)->tqh_last = (head2)->tqh_first;		\
+		(head2)->tqh_first->field.tqe_prev = (head1)->tqh_last;	\
+		(head1)->tqh_last = (head2)->tqh_last;			\
+		TAILQ_INIT((head2));					\
+	}								\
+} while (/*CONSTCOND*/0)
+
+/*
+ * Singly-linked Tail queue declarations.
+ */
+#define	STAILQ_HEAD(name, type)						\
+struct name {								\
+	struct type *stqh_first;	/* first element */		\
+	struct type **stqh_last;	/* addr of last next element */	\
+}
+
+#define	STAILQ_HEAD_INITIALIZER(head)					\
+	{ NULL, &(head).stqh_first }
+
+#define	STAILQ_ENTRY(type)						\
+struct {								\
+	struct type *stqe_next;	/* next element */			\
+}
+
+/*
+ * Singly-linked Tail queue access methods.
+ */
+#define	STAILQ_FIRST(head)	((head)->stqh_first)
+#define	STAILQ_END(head)	NULL
+#define	STAILQ_NEXT(elm, field)	((elm)->field.stqe_next)
+#define	STAILQ_EMPTY(head)	(STAILQ_FIRST(head) == STAILQ_END(head))
+
+/*
+ * Singly-linked Tail queue functions.
+ */
+#define	STAILQ_INIT(head) do {						\
+	(head)->stqh_first = NULL;					\
+	(head)->stqh_last = &(head)->stqh_first;				\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_INSERT_HEAD(head, elm, field) do {			\
+	if (((elm)->field.stqe_next = (head)->stqh_first) == NULL)	\
+		(head)->stqh_last = &(elm)->field.stqe_next;		\
+	(head)->stqh_first = (elm);					\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_INSERT_TAIL(head, elm, field) do {			\
+	(elm)->field.stqe_next = NULL;					\
+	*(head)->stqh_last = (elm);					\
+	(head)->stqh_last = &(elm)->field.stqe_next;			\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_INSERT_AFTER(head, listelm, elm, field) do {		\
+	if (((elm)->field.stqe_next = (listelm)->field.stqe_next) == NULL)\
+		(head)->stqh_last = &(elm)->field.stqe_next;		\
+	(listelm)->field.stqe_next = (elm);				\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_REMOVE_HEAD(head, field) do {				\
+	if (((head)->stqh_first = (head)->stqh_first->field.stqe_next) == NULL) \
+		(head)->stqh_last = &(head)->stqh_first;			\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_REMOVE(head, elm, type, field) do {			\
+	if ((head)->stqh_first == (elm)) {				\
+		STAILQ_REMOVE_HEAD((head), field);			\
+	} else {							\
+		struct type *curelm = (head)->stqh_first;		\
+		while (curelm->field.stqe_next != (elm))			\
+			curelm = curelm->field.stqe_next;		\
+		if ((curelm->field.stqe_next =				\
+			curelm->field.stqe_next->field.stqe_next) == NULL) \
+			    (head)->stqh_last = &(curelm)->field.stqe_next; \
+	}								\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_FOREACH(var, head, field)				\
+	for ((var) = ((head)->stqh_first);				\
+		(var);							\
+		(var) = ((var)->field.stqe_next))
+
+#define	STAILQ_FOREACH_SAFE(var, head, field, tvar)			\
+	for ((var) = STAILQ_FIRST((head));				\
+	    (var) && ((tvar) = STAILQ_NEXT((var), field), 1);		\
+	    (var) = (tvar))
+
+#define	STAILQ_CONCAT(head1, head2) do {				\
+	if (!STAILQ_EMPTY((head2))) {					\
+		*(head1)->stqh_last = (head2)->stqh_first;		\
+		(head1)->stqh_last = (head2)->stqh_last;		\
+		STAILQ_INIT((head2));					\
+	}								\
+} while (/*CONSTCOND*/0)
+
+#define	STAILQ_LAST(head, type, field)					\
+	(STAILQ_EMPTY((head)) ?						\
+		NULL :							\
+	        ((struct type *)(void *)				\
+		((char *)((head)->stqh_last) - offsetof(struct type, field))))
+
+
+#ifndef _KERNEL
+/*
+ * Circular queue definitions. Do not use. We still keep the macros
+ * for compatibility but because of pointer aliasing issues their use
+ * is discouraged!
+ */
+
+/*
+ * __launder_type():  We use this ugly hack to work around the the compiler
+ * noticing that two types may not alias each other and elide tests in code.
+ * We hit this in the CIRCLEQ macros when comparing 'struct name *' and
+ * 'struct type *' (see CIRCLEQ_HEAD()).  Modern compilers (such as GCC
+ * 4.8) declare these comparisons as always false, causing the code to
+ * not run as designed.
+ *
+ * This hack is only to be used for comparisons and thus can be fully const.
+ * Do not use for assignment.
+ *
+ * If we ever choose to change the ABI of the CIRCLEQ macros, we could fix
+ * this by changing the head/tail sentinal values, but see the note above
+ * this one.
+ */
+static __inline const void * __launder_type(const void *);
+static __inline const void *
+__launder_type(const void *__x)
+{
+	__asm __volatile("" : "+r" (__x));
+	return __x;
+}
+
+#if defined(QUEUEDEBUG)
+#define QUEUEDEBUG_CIRCLEQ_HEAD(head, field)				\
+	if ((head)->cqh_first != CIRCLEQ_ENDC(head) &&			\
+	    (head)->cqh_first->field.cqe_prev != CIRCLEQ_ENDC(head))	\
+		QUEUEDEBUG_ABORT("CIRCLEQ head forw %p %s:%d", (head),	\
+		      __FILE__, __LINE__);				\
+	if ((head)->cqh_last != CIRCLEQ_ENDC(head) &&			\
+	    (head)->cqh_last->field.cqe_next != CIRCLEQ_ENDC(head))	\
+		QUEUEDEBUG_ABORT("CIRCLEQ head back %p %s:%d", (head),	\
+		      __FILE__, __LINE__);
+#define QUEUEDEBUG_CIRCLEQ_ELM(head, elm, field)			\
+	if ((elm)->field.cqe_next == CIRCLEQ_ENDC(head)) {		\
+		if ((head)->cqh_last != (elm))				\
+			QUEUEDEBUG_ABORT("CIRCLEQ elm last %p %s:%d",	\
+			    (elm), __FILE__, __LINE__);			\
+	} else {							\
+		if ((elm)->field.cqe_next->field.cqe_prev != (elm))	\
+			QUEUEDEBUG_ABORT("CIRCLEQ elm forw %p %s:%d",	\
+			    (elm), __FILE__, __LINE__);			\
+	}								\
+	if ((elm)->field.cqe_prev == CIRCLEQ_ENDC(head)) {		\
+		if ((head)->cqh_first != (elm))				\
+			QUEUEDEBUG_ABORT("CIRCLEQ elm first %p %s:%d",	\
+			    (elm), __FILE__, __LINE__);			\
+	} else {							\
+		if ((elm)->field.cqe_prev->field.cqe_next != (elm))	\
+			QUEUEDEBUG_ABORT("CIRCLEQ elm prev %p %s:%d",	\
+			    (elm), __FILE__, __LINE__);			\
+	}
+#define QUEUEDEBUG_CIRCLEQ_POSTREMOVE(elm, field)			\
+	(elm)->field.cqe_next = (void *)1L;				\
+	(elm)->field.cqe_prev = (void *)1L;
+#else
+#define QUEUEDEBUG_CIRCLEQ_HEAD(head, field)
+#define QUEUEDEBUG_CIRCLEQ_ELM(head, elm, field)
+#define QUEUEDEBUG_CIRCLEQ_POSTREMOVE(elm, field)
+#endif
+
+#define	CIRCLEQ_HEAD(name, type)					\
+struct name {								\
+	struct type *cqh_first;		/* first element */		\
+	struct type *cqh_last;		/* last element */		\
+}
+
+#define	CIRCLEQ_HEAD_INITIALIZER(head)					\
+	{ CIRCLEQ_END(&head), CIRCLEQ_END(&head) }
+
+#define	CIRCLEQ_ENTRY(type)						\
+struct {								\
+	struct type *cqe_next;		/* next element */		\
+	struct type *cqe_prev;		/* previous element */		\
+}
+
+/*
+ * Circular queue functions.
+ */
+#define	CIRCLEQ_INIT(head) do {						\
+	(head)->cqh_first = CIRCLEQ_END(head);				\
+	(head)->cqh_last = CIRCLEQ_END(head);				\
+} while (/*CONSTCOND*/0)
+
+#define	CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) do {		\
+	QUEUEDEBUG_CIRCLEQ_HEAD((head), field)				\
+	QUEUEDEBUG_CIRCLEQ_ELM((head), (listelm), field)		\
+	(elm)->field.cqe_next = (listelm)->field.cqe_next;		\
+	(elm)->field.cqe_prev = (listelm);				\
+	if ((listelm)->field.cqe_next == CIRCLEQ_ENDC(head))		\
+		(head)->cqh_last = (elm);				\
+	else								\
+		(listelm)->field.cqe_next->field.cqe_prev = (elm);	\
+	(listelm)->field.cqe_next = (elm);				\
+} while (/*CONSTCOND*/0)
+
+#define	CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) do {		\
+	QUEUEDEBUG_CIRCLEQ_HEAD((head), field)				\
+	QUEUEDEBUG_CIRCLEQ_ELM((head), (listelm), field)		\
+	(elm)->field.cqe_next = (listelm);				\
+	(elm)->field.cqe_prev = (listelm)->field.cqe_prev;		\
+	if ((listelm)->field.cqe_prev == CIRCLEQ_ENDC(head))		\
+		(head)->cqh_first = (elm);				\
+	else								\
+		(listelm)->field.cqe_prev->field.cqe_next = (elm);	\
+	(listelm)->field.cqe_prev = (elm);				\
+} while (/*CONSTCOND*/0)
+
+#define	CIRCLEQ_INSERT_HEAD(head, elm, field) do {			\
+	QUEUEDEBUG_CIRCLEQ_HEAD((head), field)				\
+	(elm)->field.cqe_next = (head)->cqh_first;			\
+	(elm)->field.cqe_prev = CIRCLEQ_END(head);			\
+	if ((head)->cqh_last == CIRCLEQ_ENDC(head))			\
+		(head)->cqh_last = (elm);				\
+	else								\
+		(head)->cqh_first->field.cqe_prev = (elm);		\
+	(head)->cqh_first = (elm);					\
+} while (/*CONSTCOND*/0)
+
+#define	CIRCLEQ_INSERT_TAIL(head, elm, field) do {			\
+	QUEUEDEBUG_CIRCLEQ_HEAD((head), field)				\
+	(elm)->field.cqe_next = CIRCLEQ_END(head);			\
+	(elm)->field.cqe_prev = (head)->cqh_last;			\
+	if ((head)->cqh_first == CIRCLEQ_ENDC(head))			\
+		(head)->cqh_first = (elm);				\
+	else								\
+		(head)->cqh_last->field.cqe_next = (elm);		\
+	(head)->cqh_last = (elm);					\
+} while (/*CONSTCOND*/0)
+
+#define	CIRCLEQ_REMOVE(head, elm, field) do {				\
+	QUEUEDEBUG_CIRCLEQ_HEAD((head), field)				\
+	QUEUEDEBUG_CIRCLEQ_ELM((head), (elm), field)			\
+	if ((elm)->field.cqe_next == CIRCLEQ_ENDC(head))		\
+		(head)->cqh_last = (elm)->field.cqe_prev;		\
+	else								\
+		(elm)->field.cqe_next->field.cqe_prev =			\
+		    (elm)->field.cqe_prev;				\
+	if ((elm)->field.cqe_prev == CIRCLEQ_ENDC(head))		\
+		(head)->cqh_first = (elm)->field.cqe_next;		\
+	else								\
+		(elm)->field.cqe_prev->field.cqe_next =			\
+		    (elm)->field.cqe_next;				\
+	QUEUEDEBUG_CIRCLEQ_POSTREMOVE((elm), field)			\
+} while (/*CONSTCOND*/0)
+
+#define	CIRCLEQ_FOREACH(var, head, field)				\
+	for ((var) = ((head)->cqh_first);				\
+		(var) != CIRCLEQ_ENDC(head);				\
+		(var) = ((var)->field.cqe_next))
+
+#define	CIRCLEQ_FOREACH_REVERSE(var, head, field)			\
+	for ((var) = ((head)->cqh_last);				\
+		(var) != CIRCLEQ_ENDC(head);				\
+		(var) = ((var)->field.cqe_prev))
+
+/*
+ * Circular queue access methods.
+ */
+#define	CIRCLEQ_FIRST(head)		((head)->cqh_first)
+#define	CIRCLEQ_LAST(head)		((head)->cqh_last)
+/* For comparisons */
+#define	CIRCLEQ_ENDC(head)		(__launder_type(head))
+/* For assignments */
+#define	CIRCLEQ_END(head)		((void *)(head))
+#define	CIRCLEQ_NEXT(elm, field)	((elm)->field.cqe_next)
+#define	CIRCLEQ_PREV(elm, field)	((elm)->field.cqe_prev)
+#define	CIRCLEQ_EMPTY(head)						\
+    (CIRCLEQ_FIRST(head) == CIRCLEQ_ENDC(head))
+
+#define CIRCLEQ_LOOP_NEXT(head, elm, field)				\
+	(((elm)->field.cqe_next == CIRCLEQ_ENDC(head))			\
+	    ? ((head)->cqh_first)					\
+	    : (elm->field.cqe_next))
+#define CIRCLEQ_LOOP_PREV(head, elm, field)				\
+	(((elm)->field.cqe_prev == CIRCLEQ_ENDC(head))			\
+	    ? ((head)->cqh_last)					\
+	    : (elm->field.cqe_prev))
+#endif /* !_KERNEL */
+
+#endif	/* !_SYS_QUEUE_H_ */

src/libeinfo/Makefile

@@ -4,7 +4,7 @@ SRCS=			libeinfo.c
 INCS=			einfo.h
 VERSION_MAP=		einfo.map
 
-CPPFLAGS+=		-I../includes
+LOCAL_CPPFLAGS+=		-I../includes
 
 MK=			../../mk
 include ${MK}/lib.mk

src/libeinfo/einfo.h

@@ -48,7 +48,10 @@
 # endif
 #endif
 
-__BEGIN_DECLS
+/* __BEGIN_DECLS */
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 /*! @brief Color types to use */
 typedef enum
@@ -140,5 +143,9 @@ void eoutdentv(void);
 /*! @brief Prefix each einfo line with something */
 void eprefix(const char * EINFO_RESTRICT);
 
-__END_DECLS
+/* __END_DECLS */
+#ifdef __cplusplus
+}
+#endif
+
 #endif

src/librc/Makefile

@@ -7,7 +7,7 @@ VERSION_MAP=	rc.map
 
 LDADD+=		${LIBKVM}
 
-CPPFLAGS+=	-I../includes
+LOCAL_CPPFLAGS+=	-I../includes
 
 MK=		../../mk
 include ${MK}/lib.mk

src/librc/librc-daemon.c

@@ -28,9 +28,10 @@
  * SUCH DAMAGE.
  */
 
+#include "queue.h"
 #include "librc.h"
 
-#if defined(__linux__) || defined (__GLIBC__)
+#if defined(__linux__) || (defined (__FreeBSD_kernel__) && defined(__GLIBC__))
 static bool
 pid_is_exec(pid_t pid, const char *exec)
 {
@@ -98,7 +99,7 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 	pid_t p;
 	char buffer[PATH_MAX];
 	struct stat sb;
-	pid_t runscript_pid = 0;
+	pid_t openrc_pid = 0;
 	char *pp;
 	RC_PIDLIST *pids = NULL;
 	RC_PID *pi;
@@ -107,7 +108,7 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 		return NULL;
 
 	/*
-	  We never match RC_RUNSCRIPT_PID if present so we avoid the below
+	  We never match RC_OPENRC_PID if present so we avoid the below
 	  scenario
 
 	  /etc/init.d/ntpd stop does
@@ -117,9 +118,9 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 	  nasty
 	*/
 
-	if ((pp = getenv("RC_RUNSCRIPT_PID"))) {
-		if (sscanf(pp, "%d", &runscript_pid) != 1)
-			runscript_pid = 0;
+	if ((pp = getenv("RC_OPENRC_PID"))) {
+		if (sscanf(pp, "%d", &openrc_pid) != 1)
+			openrc_pid = 0;
 	}
 
 	/*
@@ -145,7 +146,7 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 	while ((entry = readdir(procdir)) != NULL) {
 		if (sscanf(entry->d_name, "%d", &p) != 1)
 			continue;
-		if (runscript_pid != 0 && runscript_pid == p)
+		if (openrc_pid != 0 && openrc_pid == p)
 			continue;
 		if (pid != 0 && pid != p)
 			continue;
@@ -509,6 +510,8 @@ rc_service_daemons_crashed(const char *service)
 	RC_STRINGLIST *list = NULL;
 	RC_STRING *s;
 	size_t i;
+	char *ch_root;
+	char *spidfile;
 
 	path += snprintf(dirpath, sizeof(dirpath), RC_SVCDIR "/daemons/%s",
 	    basename_c(service));
@@ -553,6 +556,16 @@ rc_service_daemons_crashed(const char *service)
 		}
 		fclose(fp);
 
+		ch_root = rc_service_value_get(basename_c(service), "chroot");
+		spidfile = pidfile;
+		if (ch_root && pidfile) {
+			spidfile = xmalloc(strlen(ch_root) + strlen(pidfile) + 1);
+			strcpy(spidfile, ch_root);
+			strcat(spidfile, pidfile);
+			free(pidfile);
+			pidfile = spidfile;
+		}
+
 		pid = 0;
 		if (pidfile) {
 			retval = true;

src/librc/librc-depend.c

@@ -30,6 +30,7 @@
 
 #include <sys/utsname.h>
 
+#include "queue.h"
 #include "librc.h"
 
 #define GENDEP          RC_LIBEXECDIR "/sh/gendepends.sh"

src/librc/librc-misc.c

@@ -28,6 +28,7 @@
  * SUCH DAMAGE.
  */
 
+#include "queue.h"
 #include "librc.h"
 
 bool

src/librc/librc-stringlist.c

@@ -28,6 +28,7 @@
  * SUCH DAMAGE.
  */
 
+#include "queue.h"
 #include "librc.h"
 
 RC_STRINGLIST *

src/librc/librc.c

@@ -30,6 +30,7 @@
 
 const char librc_copyright[] = "Copyright (c) 2007-2008 Roy Marples";
 
+#include "queue.h"
 #include "librc.h"
 #ifdef __FreeBSD__
 #  include <sys/sysctl.h>
@@ -100,7 +101,9 @@ ls_dir(const char *dir, int options)
 					continue;
 			}
 			if (options & LS_DIR) {
-				if (stat(d->d_name, &buf) == 0 &&
+				snprintf(file, sizeof(file), "%s/%s",
+				    dir, d->d_name);
+				if (stat(file, &buf) != 0 ||
 				    !S_ISDIR(buf.st_mode))
 					continue;
 			}
@@ -293,6 +296,8 @@ rc_sys_v1(void)
 		return RC_SYS_OPENVZ; /* old test */
 	else if (file_regex("/proc/1/environ", "container=lxc"))
 		return RC_SYS_LXC;
+	else if (file_regex("/proc/1/environ", "container=systemd-nspawn"))
+		return RC_SYS_SYSTEMD_NSPAWN;
 #endif
 
 	return NULL;

src/librc/librc.h

@@ -57,11 +57,13 @@
 #include <time.h>
 #include <unistd.h>
 
-#ifdef BSD
+#if defined(BSD) && !defined(__GNU__)
 #include <sys/param.h>
 #include <sys/user.h>
 #include <sys/sysctl.h>
 #include <kvm.h>
+#else
+#include <sys/param.h>
 #endif
 
 #include "rc.h"

src/librc/rc.h.in

@@ -27,11 +27,13 @@
 #define __RC_H__
 
 #include <sys/types.h>
-#include <sys/queue.h>
 #include <stdbool.h>
 #include <stdio.h>
 
-__BEGIN_DECLS
+/* __BEGIN_DECLS */
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 #define RC_PREFIX "@PREFIX@"
 #define RC_SYSCONFDIR		"@SYSCONFDIR@"
@@ -39,7 +41,8 @@ __BEGIN_DECLS
 #define RC_LIBEXECDIR           "@LIBEXECDIR@"
 #if defined(PREFIX)
 #define RC_SVCDIR               RC_LIBEXECDIR "/init.d"
-#elif defined(__linux__)
+#elif defined(__linux__) || (defined(__FreeBSD_kernel__) && \
+		defined(__GLIBC__)) || defined(__GNU__)
 #define RC_SVCDIR               "/run/openrc"
 #else
 #define RC_SVCDIR               RC_LIBEXECDIR "/init.d"
@@ -74,6 +77,51 @@ __BEGIN_DECLS
 #  define RC_LOCAL_CONFDIR      RC_LOCAL_PREFIX "/etc/conf.d"
 #endif
 
+#ifndef _SYS_QUEUE_H_
+
+/*
+ * The following are copied directly from our imported queue.h.
+ */
+
+/*
+ * List definitions.
+ */
+#define	LIST_HEAD(name, type)						\
+struct name {								\
+	struct type *lh_first;	/* first element */			\
+}
+
+#define	LIST_HEAD_INITIALIZER(head)					\
+	{ NULL }
+
+#define	LIST_ENTRY(type)						\
+struct {								\
+	struct type *le_next;	/* next element */			\
+	struct type **le_prev;	/* address of previous next element */	\
+}
+
+/*
+ * Tail queue definitions.
+ */
+#define	_TAILQ_HEAD(name, type, qual)					\
+struct name {								\
+	qual type *tqh_first;		/* first element */		\
+	qual type *qual *tqh_last;	/* addr of last next element */	\
+}
+#define TAILQ_HEAD(name, type)	_TAILQ_HEAD(name, struct type,)
+
+#define	TAILQ_HEAD_INITIALIZER(head)					\
+	{ TAILQ_END(head), &(head).tqh_first }
+
+#define	_TAILQ_ENTRY(type, qual)					\
+struct {								\
+	qual type *tqe_next;		/* next element */		\
+	qual type *qual *tqe_prev;	/* address of previous next element */\
+}
+#define TAILQ_ENTRY(type)	_TAILQ_ENTRY(struct type,)
+
+#endif /* _SYS_QUEUE_H_ */
+
 /* A doubly linked list using queue(3) for ease of use */
 typedef struct rc_string {
 	char *value;
@@ -284,6 +332,7 @@ bool rc_service_daemons_crashed(const char *);
 #define RC_SYS_OPENVZ  "OPENVZ"
 #define RC_SYS_LXC     "LXC"
 #define RC_SYS_PREFIX  "PREFIX"
+#define RC_SYS_SYSTEMD_NSPAWN "SYSTEMD-NSPAWN"
 #define RC_SYS_UML     "UML"
 #define RC_SYS_VSERVER "VSERVER"
 #define RC_SYS_XEN0    "XEN0"
@@ -563,5 +612,9 @@ bool rc_getfile(const char *, char **, size_t *);
  * we have our own */
 ssize_t rc_getline(char **, size_t *, FILE *);
 
-__END_DECLS
+/* __END_DECLS */
+#ifdef __cplusplus
+}
+#endif
+
 #endif

src/rc/Makefile

@@ -1,8 +1,8 @@
 PROG=		openrc
-SRCS=		checkpath.c fstabinfo.c mountinfo.c start-stop-daemon.c \
+SRCS=		checkpath.c fstabinfo.c mountinfo.c openrc-run.c \
 		rc-applets.c rc-depend.c rc-logger.c \
 		rc-misc.c rc-plugin.c rc-service.c rc-status.c rc-update.c \
-		runscript.c rc.c swclock.c
+		rc.c start-stop-daemon.c swclock.c
 
 ifeq (${MKSELINUX},yes)
 SRCS+=		rc-selinux.c
@@ -35,14 +35,14 @@ RC_SBINLINKS=	mark_service_starting mark_service_started \
 ALL_LINKS=	${BINLINKS} ${SBINLINKS} ${RC_BINLINKS} ${RC_SBINLINKS}
 CLEANFILES+=	${ALL_LINKS}
 
-CPPFLAGS+=	-I../includes -I../librc -I../libeinfo
-LDFLAGS+=	-L../librc -L../libeinfo
+LOCAL_CPPFLAGS=-I../includes -I../librc -I../libeinfo
+LOCAL_LDFLAGS=-L../librc -L../libeinfo
 LDADD+=		-lutil -lrc -leinfo
 
 include ../../Makefile.inc
 MK=		../../mk
 include ${MK}/prog.mk
-include ${MK}/git.mk
+include ${MK}/gitver.mk
 include ${MK}/cc.mk
 
 include ${MK}/termcap.mk

src/rc/builtins.h

@@ -23,6 +23,7 @@
  * SUCH DAMAGE.
  */
 
+#include "queue.h"
 #include "rc.h"
 
 int checkpath(int, char **);

src/rc/checkpath.c

@@ -45,10 +45,7 @@
 #include "builtins.h"
 #include "einfo.h"
 #include "rc-misc.h"
-
-#ifdef HAVE_SELINUX
 #include "rc-selinux.h"
-#endif
 
 typedef enum {
 	inode_unknown = 0,
@@ -68,7 +65,7 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
 	int u;
 
 	memset(&st, 0, sizeof(st));
-	if (stat(path, &st) || trunc) {
+	if (lstat(path, &st) || trunc) {
 		if (type == inode_file) {
 			einfo("%s: creating file", path);
 			if (!mode) /* 664 */
@@ -133,6 +130,14 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
 	}
 
 	if (mode && (st.st_mode & 0777) != mode) {
+		if ((type != inode_dir) && (st.st_nlink > 1)) {
+			eerror("%s: chmod: %s %s", applet, "Too many hard links to", path);
+			return -1;
+		}
+		if (S_ISLNK(st.st_mode)) {
+			eerror("%s: chmod: %s %s", applet, path, " is a symbolic link");
+			return -1;
+		}
 		einfo("%s: correcting mode", path);
 		if (chmod(path, mode)) {
 			eerror("%s: chmod: %s", applet, strerror(errno));
@@ -141,6 +146,14 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
 	}
 
 	if (chowner && (st.st_uid != uid || st.st_gid != gid)) {
+		if ((type != inode_dir) && (st.st_nlink > 1)) {
+			eerror("%s: chown: %s %s", applet, "Too many hard links to", path);
+			return -1;
+		}
+		if (S_ISLNK(st.st_mode)) {
+			eerror("%s: chown: %s %s", applet, path, " is a symbolic link");
+			return -1;
+		}
 		einfo("%s: correcting owner", path);
 		if (chown(path, uid, gid)) {
 			eerror("%s: chown: %s", applet, strerror(errno));
@@ -148,10 +161,8 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
 		}
 	}
 
-#ifdef HAVE_SELINUX
 	if (selinux_on)
 		selinux_util_label(path);
-#endif
 
 	return 0;
 }
@@ -280,10 +291,8 @@ int checkpath(int argc, char **argv)
 	if (gr)
 		gid = gr->gr_gid;
 
-#ifdef HAVE_SELINUX
 	if (selinux_util_open() == 1)
 		selinux_on = true;
-#endif
 
 	while (optind < argc) {
 		if (writable)
@@ -293,10 +302,8 @@ int checkpath(int argc, char **argv)
 		optind++;
 	}
 
-#ifdef HAVE_SELINUX
 	if (selinux_on)
 		selinux_util_close();
-#endif
 
 	return retval;
 }

src/rc/fstabinfo.c

@@ -70,6 +70,7 @@
 
 #include "builtins.h"
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 

src/rc/mountinfo.c

@@ -35,11 +35,12 @@
 #  include <sys/ucred.h>
 #  include <sys/mount.h>
 #  define F_FLAGS f_flags
-#elif defined(BSD)
+#elif defined(BSD) && !defined(__GNU__)
 #  include <sys/statvfs.h>
 #  define statfs statvfs
 #  define F_FLAGS f_flag
-#elif defined (__linux__) || defined (__GLIBC__)
+#elif defined (__linux__) || (defined(__FreeBSD_kernel__) && \
+		defined(__GLIBC__)) || defined(__GNU__)
 #  include <mntent.h>
 #endif
 
@@ -53,6 +54,7 @@
 
 #include "builtins.h"
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 
@@ -168,7 +170,7 @@ process_mount(RC_STRINGLIST *list, struct args *args,
 	return -1;
 }
 
-#ifdef BSD
+#if defined(BSD) && !defined(__GNU__)
 
 /* Translate the mounted options to english
  * This is taken directly from FreeBSD mount.c */
@@ -265,7 +267,8 @@ find_mounts(struct args *args)
 	return list;
 }
 
-#elif defined (__linux__) || defined (__GLIBC__)
+#elif defined (__linux__) || (defined (__FreeBSD_kernel__) && \
+		defined(__GLIBC__))
 static struct mntent *
 getmntfile(const char *file)
 {

src/rc/openrc-run.c

@@ -1,5 +1,5 @@
 /*
- * runscript.c
+ * openrc-run.c
  * Handle launching of init scripts.
  */
 
@@ -51,7 +51,8 @@
 #include <time.h>
 #include <unistd.h>
 
-#if defined(__linux__) || defined(__GLIBC__)
+#if defined(__linux__) || (defined(__FreeBSD_kernel__) && \
+		defined(__GLIBC__))
 #  include <pty.h>
 #elif defined(__NetBSD__) || defined(__OpenBSD__)
 #  include <util.h>
@@ -61,13 +62,11 @@
 
 #include "builtins.h"
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 #include "rc-plugin.h"
-
-#ifdef HAVE_SELINUX
 #include "rc-selinux.h"
-#endif
 
 #define PREFIX_LOCK	RC_SVCDIR "/prefix.lock"
 
@@ -371,18 +370,18 @@ svc_exec(const char *arg1, const char *arg2)
 			dup2(slave_tty, STDERR_FILENO);
 		}
 
-		if (exists(RC_SVCDIR "/runscript.sh")) {
-			execl(RC_SVCDIR "/runscript.sh",
-			    RC_SVCDIR "/runscript.sh",
+		if (exists(RC_SVCDIR "/openrc-run.sh")) {
+			execl(RC_SVCDIR "/openrc-run.sh",
+			    RC_SVCDIR "/openrc-run.sh",
 			    service, arg1, arg2, (char *) NULL);
-			eerror("%s: exec `" RC_SVCDIR "/runscript.sh': %s",
+			eerror("%s: exec `" RC_SVCDIR "/openrc-run.sh': %s",
 			    service, strerror(errno));
 			_exit(EXIT_FAILURE);
 		} else {
-			execl(RC_LIBEXECDIR "/sh/runscript.sh",
-			    RC_LIBEXECDIR "/sh/runscript.sh",
+			execl(RC_LIBEXECDIR "/sh/openrc-run.sh",
+			    RC_LIBEXECDIR "/sh/openrc-run.sh",
 			    service, arg1, arg2, (char *) NULL);
-			eerror("%s: exec `" RC_LIBEXECDIR "/sh/runscript.sh': %s",
+			eerror("%s: exec `" RC_LIBEXECDIR "/sh/openrc-run.sh': %s",
 			    service, strerror(errno));
 			_exit(EXIT_FAILURE);
 		}
@@ -1163,6 +1162,11 @@ openrc_run(int argc, char **argv)
 	   subshells the init script may create so that our mark_service_*
 	   functions can always instruct us of this change */
 	snprintf(pidstr, sizeof(pidstr), "%d", (int) getpid());
+	setenv("RC_OPENRC_PID", pidstr, 1);
+	/*
+	 * RC_RUNSCRIPT_PID is deprecated, but we will keep it for a while
+	 * for safety.
+	 */
 	setenv("RC_RUNSCRIPT_PID", pidstr, 1);
 
 	/* eprefix is kinda klunky, but it works for our purposes */
@@ -1189,10 +1193,8 @@ openrc_run(int argc, char **argv)
 		eprefix(prefix);
 	}
 
-#ifdef HAVE_SELINUX
 	/* Ok, we are ready to go, so setup selinux if applicable */
-	selinux_setup(argc, argv);
-#endif
+	selinux_setup(argv);
 
 	deps = true;
 

src/rc/rc-applets.c

@@ -329,7 +329,7 @@ do_mark_service(int argc, char **argv)
 	bool ok = false;
 	char *svcname = getenv("RC_SVCNAME");
 	char *service = NULL;
-	char *runscript_pid;
+	char *openrc_pid;
 	/* char *mtime; */
 	pid_t pid;
 	RC_SERVICE bit;
@@ -350,7 +350,7 @@ do_mark_service(int argc, char **argv)
 		eerrorx("%s: unknown applet", applet);
 
 	/* If we're marking ourselves then we need to inform our parent
-	   runscript process so they do not mark us based on our exit code */
+	   openrc-run process so they do not mark us based on our exit code */
 	/*
 	 * FIXME: svcname and service are almost always equal except called from a
 	 * shell with just argv[1] - So that doesn't seem to do what Roy initially
@@ -359,8 +359,8 @@ do_mark_service(int argc, char **argv)
 	 * openrc@gentoo.org).
 	 */
 	if (ok && svcname && strcmp(svcname, service) == 0) {
-		runscript_pid = getenv("RC_RUNSCRIPT_PID");
-		if (runscript_pid && sscanf(runscript_pid, "%d", &pid) == 1)
+		openrc_pid = getenv("RC_OPENRC_PID");
+		if (openrc_pid && sscanf(openrc_pid, "%d", &pid) == 1)
 			if (kill(pid, SIGHUP) != 0)
 				eerror("%s: failed to signal parent %d: %s",
 				    applet, pid, strerror(errno));
@@ -369,10 +369,10 @@ do_mark_service(int argc, char **argv)
 		   in control as well */
 		/*
 		l = strlen(RC_SVCDIR "/exclusive") + strlen(svcname) +
-		    strlen(runscript_pid) + 4;
+		    strlen(openrc_pid) + 4;
 		mtime = xmalloc(l);
 		snprintf(mtime, l, RC_SVCDIR "/exclusive/%s.%s",
-		    svcname, runscript_pid);
+		    svcname, openrc_pid);
 		if (exists(mtime) && unlink(mtime) != 0)
 			eerror("%s: unlink: %s", applet, strerror(errno));
 		free(mtime);

src/rc/rc-depend.c

@@ -46,6 +46,7 @@
 
 #include "builtins.h"
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 

src/rc/rc-logger.c

@@ -44,7 +44,7 @@
 #include <time.h>
 #include <unistd.h>
 
-#if defined(__linux__) || defined(__GLIBC__)
+#if defined(__linux__) || (defined(__FreeBSD_kernel__) && defined(__GLIBC__))
 #  include <pty.h>
 #elif defined(__NetBSD__) || defined(__OpenBSD__)
 #  include <util.h>
@@ -54,6 +54,7 @@
 
 #include "einfo.h"
 #include "rc-logger.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 

src/rc/rc-misc.c

@@ -47,6 +47,7 @@
 #include <unistd.h>
 
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 #include "version.h"

src/rc/rc-plugin.c

@@ -43,6 +43,7 @@
 #include <unistd.h>
 
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 #include "rc-plugin.h"

src/rc/rc-selinux.c

@@ -1,7 +1,7 @@
 /*
-  rc-selinux.c
-  SELinux helpers to get and set contexts.
-*/
+ * rc-selinux.c
+ * SELinux helpers to get and set contexts.
+ */
 
 /*
  * Copyright (c) 2014 Jason Zaman <jason@perfinion.com>
@@ -31,23 +31,48 @@
 #include <stddef.h>
 #include <errno.h>
 #include <dlfcn.h>
-
-#include <sys/stat.h>
+#include <ctype.h>
+#include <limits.h>
+#include <pwd.h>
+#include <unistd.h>
 
 #include <selinux/selinux.h>
 #include <selinux/label.h>
+#include <selinux/get_default_type.h>
+#include <selinux/context.h>
+
+#include <sys/stat.h>
+#include <sys/types.h>
 
 #include "einfo.h"
+#include "queue.h"
 #include "rc.h"
 #include "rc-misc.h"
 #include "rc-plugin.h"
 #include "rc-selinux.h"
 
-#define SELINUX_LIB     RC_LIBDIR "/runscript_selinux.so"
+/* the context files for selinux */
+#define RUN_INIT_FILE "run_init_type"
+#define INITRC_FILE "initrc_context"
 
-static void (*selinux_run_init_old) (void);
-static void (*selinux_run_init_new) (int argc, char **argv);
+#ifdef HAVE_AUDIT
+#include <libaudit.h>
+#endif
 
+/* PAM or shadow for authentication */
+#ifdef HAVE_PAM
+#    define PAM_SERVICE_NAME "run_init" /* the name of this program for PAM */
+#    include <security/pam_appl.h>
+#    include <security/pam_misc.h>
+#else
+#    define PASSWORD_PROMPT "Password:"
+#    include <crypt.h>
+#    include <shadow.h>
+#    include <string.h>
+#endif
+
+
+/* The handle for the fcontext lookups */
 static struct selabel_handle *hnd = NULL;
 
 int selinux_util_label(const char *path)
@@ -132,33 +157,243 @@ int selinux_util_close(void)
 	return 0;
 }
 
-void selinux_setup(int argc, char **argv)
+/*
+ * This will check the users password and return 0 on success or -1 on fail
+ *
+ * We ask for the password to make sure it is intended vs run by malicious software.
+ * Actual authorization is covered by the policy itself.
+ */
+static int check_password(char *username)
 {
-	void *lib_handle = NULL;
+	int ret = 1;
+#ifdef HAVE_PAM
+	pam_handle_t *pamh;
+	int pam_err = 0;
+	const struct pam_conv pconv = {
+		misc_conv,
+		NULL
+	};
 
-	if (!exists(SELINUX_LIB))
-		return;
+	pam_err = pam_start(PAM_SERVICE_NAME, username, &pconv, &pamh);
+	if (pam_err != PAM_SUCCESS) {
+		ret = -1;
+		goto outpam;
+	}
 
-	lib_handle = dlopen(SELINUX_LIB, RTLD_NOW | RTLD_GLOBAL);
-	if (!lib_handle) {
-		eerror("dlopen: %s", dlerror());
+	pam_err = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK);
+	if (pam_err != PAM_SUCCESS) {
+		ret = -1;
+		goto outpam;
+	}
+
+	ret = 0;
+outpam:
+	pam_end(pamh, pam_err);
+	pamh = NULL;
+
+#else /* authenticating via /etc/shadow instead */
+	struct spwd *spw;
+	char *password;
+	char *attempt;
+
+	spw = getspnam(username);
+	if (!spw) {
+		eerror("Failed to read shadow entry");
+		ret = -1;
+		goto outshadow;
+	}
+
+	attempt = getpass(PASSWORD_PROMPT);
+	if (!attempt) {
+		ret = -1;
+		goto outshadow;
+	}
+
+	if (*spw->sp_pwdp == '\0' && *attempt == '\0') {
+		ret = -1;
+		goto outshadow;
+	}
+
+	/* salt must be at least two characters long */
+	if (!(spw->sp_pwdp[0] && spw->sp_pwdp[1])) {
+		ret = -1;
+		goto outshadow;
+	}
+
+	/* encrypt the password attempt */
+	password = crypt(attempt, spw->sp_pwdp);
+
+	if (password && strcmp(password, spw->sp_pwdp) == 0)
+		ret = 0;
+	else
+		ret = -1;
+outshadow:
+#endif
+	return ret;
+}
+
+/* Authenticates the user, returns 0 on success, 1 on fail */
+static int check_auth()
+{
+	struct passwd *pw;
+	uid_t uid;
+
+#ifdef HAVE_AUDIT
+	uid = audit_getloginuid();
+	if (uid == (uid_t) -1)
+		uid = getuid();
+#else
+	uid = getuid();
+#endif
+
+	pw = getpwuid(uid);
+	if (!pw) {
+		eerror("cannot find your entry in the passwd file.");
+		return (-1);
+	}
+
+	printf("Authenticating %s.\n", pw->pw_name);
+
+	/* do the actual check */
+	if (check_password(pw->pw_name) == 0) {
+		return 0;
+	}
+
+	eerrorx("Authentication failed for %s", pw->pw_name);
+	return 1;
+}
+
+/*
+ * Read the context from the given context file. context must be free'd by the user.
+ */
+static int read_context_file(const char *filename, char **context)
+{
+	int ret = -1;
+	FILE *fp;
+	char filepath[PATH_MAX];
+	char *line = NULL;
+	char *p;
+	char *p2;
+	size_t len = 0;
+	ssize_t read;
+
+	memset(filepath, '\0', PATH_MAX);
+	snprintf(filepath, PATH_MAX - 1, "%s/%s", selinux_contexts_path(), filename);
+
+	fp = fopen(filepath, "r");
+	if (fp == NULL) {
+		eerror("Failed to open context file: %s", filename);
+		return -1;
+	}
+
+	while ((read = getline(&line, &len, fp)) != -1) {
+		/* cut off spaces before the string */
+		p = line;
+		while (isspace(*p) && *p != '\0')
+			p++;
+
+		/* empty string, skip */
+		if (*p == '\0')
+			continue;
+
+		/* cut off spaces after the string */
+		p2 = p;
+		while (!isspace(*p2) && *p2 != '\0')
+			p2++;
+		*p2 = '\0';
+
+		*context = xstrdup(p);
+		ret = 0;
+		break;
+	}
+
+	free(line);
+	fclose(fp);
+	return ret;
+}
+
+void selinux_setup(char **argv)
+{
+	char *new_context = NULL;
+	char *curr_context = NULL;
+	context_t curr_con;
+	char *curr_t = NULL;
+	char *run_init_t = NULL;
+
+	/* Return, if selinux is disabled. */
+	if (is_selinux_enabled() < 1) {
 		return;
 	}
 
-	selinux_run_init_old = (void (*)(void))
-	    dlfunc(lib_handle, "selinux_runscript");
-	selinux_run_init_new = (void (*)(int, char **))
-	    dlfunc(lib_handle, "selinux_runscript2");
+	if (read_context_file(RUN_INIT_FILE, &run_init_t) != 0) {
+		/* assume a reasonable default, rather than bailing out */
+		run_init_t = xstrdup("run_init_t");
+		ewarn("Assuming SELinux run_init type is %s", run_init_t);
+	}
 
-	/* Use new run_init if it exists, else fall back to old */
-	if (selinux_run_init_new)
-		selinux_run_init_new(argc, argv);
-	else if (selinux_run_init_old)
-		selinux_run_init_old();
-	else
-		/* This shouldnt happen... probably corrupt lib */
-		eerrorx
-		    ("run_init is missing from runscript_selinux.so!");
+	/* Get our current context. */
+	if (getcon(&curr_context) < 0) {
+		if (errno == ENOENT) {
+			/* should only hit this if proc is not mounted.  this
+			 * happens on Gentoo right after init starts, when
+			 * the init script processing starts.
+			 */
+			goto out;
+		} else {
+			perror("getcon");
+			exit(1);
+		}
+	}
 
-	dlclose(lib_handle);
+	/* extract the type from the context */
+	curr_con = context_new(curr_context);
+	curr_t = xstrdup(context_type_get(curr_con));
+	/* dont need them anymore so free() now */
+	context_free(curr_con);
+	free(curr_context);
+
+	/* if we are not in the run_init domain, we should not do anything */
+	if (strncmp(run_init_t, curr_t, strlen(run_init_t)) != 0) {
+		goto out;
+	}
+
+	free(curr_t);
+	free(run_init_t);
+
+	if (check_auth() != 0) {
+		eerrorx("Authentication failed.");
+	}
+
+	/* Get the context for the script to be run in. */
+	if (read_context_file(INITRC_FILE, &new_context) != 0) {
+		/* assume a reasonable default, rather than bailing out */
+		new_context = xstrdup("system_u:system_r:initrc_t");
+		ewarn("Assuming SELinux initrc context is %s", new_context);
+	}
+
+	/* Set the new context */
+	if (setexeccon(new_context) < 0) {
+		eerrorx("Could not set SELinux exec context to %s.", new_context);
+	}
+
+	free(new_context);
+
+	/*
+	 * exec will recycle ptys so try and use open_init_pty if it exists
+	 * which will open the pty with initrc_devpts_t, if it doesnt exist,
+	 * fall back to plain exec
+	 */
+	if (access("/usr/sbin/open_init_pty", X_OK)) {
+		if (execvp("/usr/sbin/open_init_pty", argv)) {
+			perror("execvp");
+			exit(-1);
+		}
+	} else if (execvp(argv[1], argv + 1)) {
+		perror("execvp");
+		exit(-1);
+	}
+
+out:
+	free(run_init_t);
+	free(curr_t);
 }

src/rc/rc-selinux.h

@@ -26,10 +26,24 @@
 #ifndef RC_SELINUX_UTIL_H
 #define RC_SELINUX_UTIL_H
 
+#ifdef HAVE_SELINUX
+
 int selinux_util_open(void);
 int selinux_util_label(const char *path);
 int selinux_util_close(void);
 
-void selinux_setup(int argc, char **argv);
+void selinux_setup(char **argv);
+
+#else
+
+/* always return false for selinux_util_open() */
+#define selinux_util_open() (0)
+#define selinux_util_label(x) do { } while(0)
+#define selinux_util_close() do { } while(0)
+
+#define selinux_setup(x) do { } while(0)
+
+#endif
+
 
 #endif