update ChangeLog

This adds the -systemd-nspawn keyword to service scripts which are not
intended to run in systemd-nspawn containers.

This fixes #52.

    X-Gentoo-Bug: 548058
    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=548058

BUSYBOX.md

@@ -1,6 +1,4 @@
-Using Busybox as your Default Shell
------------------------------------
-
+# Using Busybox as your Default Shell with OpenRC
 
 If you have/bin/sh linked to busybox, you need to be aware of several
 incompatibilities between busybox's applets and the standalone
@@ -27,5 +25,8 @@ CONFIG_SETFONT -- The setfont applet does not support the -u option from kbd.
 CONFIG_IP -- The ip applet  doesn't support the "scope" modifier for
 "ip route add" and "ip address add".
 
+CONFIG_BB_SYSCTL -- The sysctl applet does not support the --system command
+line switch.
+
 There is work to get most of these supported by busybox, so this file
 will be updated as things change.

ChangeLog

@@ -1,4 +1,428 @@
-commit 90ecf23310111d06086454f9ee709bdafb257056
+commit 9225bfa6918cfd488c8f1055cf986b542f1f157e
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Build: make snapshot remove .git directory from tarball
+
+commit 7bd456ed7bf35da2d7a53650baa33637e178064e
+Author: Mike Gilbert <floppym@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Disable service scripts for systemd-nspawn
+    
+    This adds the -systemd-nspawn keyword to service scripts which are not
+    intended to run in systemd-nspawn containers.
+    
+    This fixes #52.
+    
+        X-Gentoo-Bug: 548058
+        X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=548058
+
+commit c709e6077c6eda3f4f7e7222298213413254ee0f
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Add support for systemd-nspawn containers
+    
+    This adds support for running OpenRC in a container created by
+    the systemd-nspawn utility.
+    
+    This fixes #52.
+    
+    X-Gentoo-Bug: 548058
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=548058
+
+commit a27d577da8cf4f1c7f9784a043ecf02d71a81ca6
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Build: fix the dist target
+    
+    The dist target now creates an archive based on the version setting.
+    This makes it possible to create an archive identical to the ones github
+    generates once the release is tagged.
+
+commit 8b9349208696e5caed1a8b34f066cec4ee642194
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    convert all references from runscript to openrc-run
+
+commit 4b1b457cd15cc1609c101b99a49a5e4c67b62567
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Start work on 0.15
+
+commit 1d6602bb8e7062323ead03eaa0c4ae307c517b9e
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Add ChangeLog
+
+commit a6391f44ee6c68d674ae8425983467b971710d5d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    mtab: move toward requiring /etc/mtab to be a symbolic link
+    
+    This changes the mtab service in the following way:
+    
+    - If /etc/mtab is a symbolic link, success is returned.
+    - If /etc is not writable, we warn that we could not update /etc/mtab
+      and return success.
+    - If /etc/mtab does not exist, we create a symbolic link from
+      /etc/mtab to /proc/self/mounts.
+    - Otherwise, we warn that updating /etc/mtab as a file is
+      deprecated and continue to update it after outputting instructions to
+      the user for how to move it to a symbolic link.
+
+commit a8c6dbac96a20eb35ce55befe0e64d89dd30de4d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    typo fix in NEWS
+    
+    The binfmt service should be added to the boot runlevel, not sysinit.
+
+commit a7c0400177e504fe07e7c39168b7a92e40ab334a
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Update news
+
+commit 03803ae8e966755e8bf6d52b61209792cb830cf4
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    start-stop-daemon: redirect stdin if --background option is used
+    
+    X-Gentoo-Bug: 498684
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=498684
+
+commit 1c2f7bf607ee7e24dca0a2710cef9e9b24e819f7
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Convert feature removal schedule to markdown
+
+commit 1ebffa517f6f1dafc206d5ee943d3cacd25feaf6
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Convert news to markdown
+
+commit e6dd26d185e4a9722f4d4813a084ca77eba913c7
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    convert README.history to markdown
+
+commit 628b35e1beeea6aaab181b1511b2a879bdc45b61
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Update busybox documentation
+    
+    Convert README.busybox to markdown and add the note on the sysctl applet
+    incompatibility.
+
+commit ebc32aadada564095b70f0ff439a9863102a2ae5
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Convert style guide to markdown
+
+commit 362dfa33804d2ba5bed241f697aac0178be07d3d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    README.md: small formatting changes
+
+commit dccc0a91292240022c4b120304b9198055d0d240
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Update README.md format and bug reporting information
+
+commit c2aa56a7c49214b1fef355f79dfcd94265efe089
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Rename README README.md
+    
+    This fixes #26.
+
+commit 23d806ca24845261fd89104c16bc28a60505fe5c
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    savecache: clean up creation of cache directory
+    
+    The cache directory should be created via mkdir -p instead of
+    mkdir. This makes sure all parent directories are created.
+    
+    Also, we now display an error message explaining that we were unable to
+    create the cache directory if creation fails.
+
+commit de7d184909d561b68b411325d32471c047549bca
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    savecache: fix check for $RC_LIBEXECDIR writability
+    
+    We were originally checking to see if $RC_LIBEXECDIR/cache was writable. For
+    a new install, this check will fail since this path does not exist. This
+    is also incorrect because later we create $RC_LIBEXECDIR/cache.
+    
+    The correct check is checkpath -W $RC_LIBEXECDIR, and this fixes the
+    issue.
+    
+    X-Gentoo-Bug: 544632
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=544632
+
+commit 15ab3f39c69ff8d69fd08a9cde7495a04b4dec9e
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    cgroups: use printf to write to cgroup files
+    
+    This fixes #33.
+
+commit ee1768a419122d288256cce1723d4997bd965eab
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Add binfmt service to sysinit runlevel
+    
+    This makes binfmt processing behave like tmpfiles processing which
+    follows the same specification as systemd.
+    
+    This fixes #48.
+    
+    X-Gentoo-Bug: 545162
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=545162
+
+commit 95ed0665393c353dbc24afb8c63c615402136f5d
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    procfs: do not force loading of usbcore module
+    
+    It appears that the only reason we were force loading the usbcore
+    module was to facilitate mounting usbfs. Since we no longer mount
+    usbfs, this is no longer necessary.
+    
+    X-Gentoo-Bug: 480312
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=480312
+
+commit 4c5132421f37bd6831eab1f9527a197340f2e9ae
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    procfs: remove usbfs and usbdevfs support
+    
+    The usbfs and usbdevfs file systems have been deprecated since
+    Linux-2.6.32, so we remove the code to automount them.
+    
+    X-Gentoo-Bug: 480312
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=480312
+
+commit 6d81d3be1bcba81a68086f2a17561d13e1f844e6
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    procfs: do not test for the existence of /proc/filesystems
+    
+    The test for the existence of /proc/filesystems is redundant since we
+    always return success.
+
+commit 8d307a6fadd516f26d9c72016119277a7a5c1946
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    procfs: remove redundant check for OpenVZ
+    
+    The check for OpenVZ is not necessary since the procfs service already
+    will not run on OpenVZ due to the keywords setting.
+
+commit 62addf118067dd2cd57c3f5fee35c9e80f9fec42
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Move SELinux mount to sysfs service
+    
+    The selinux file system is mounted under /sys, so move the code for it
+    to the appropriate service.
+    
+    X-Gentoo-Bug: 546290
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=546290
+
+commit 1eab656ca1d3258ff00495710a68ad459ce50d3e
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Fix tmpfiles processing
+    
+    Tmpfiles.d processing had /run overriding /usr/lib and /etc, but this is
+    not correct. The correct order, from lowest to highest, for tmpfiles
+    processing is:
+    
+    * /usr/lib/tmpfiles.d/*.conf
+    * /run/tmpfiles.d/*.conf
+    * /etc/tmpfiles.d
+    
+    This means /run/tmpfiles.d/*.conf can override /etc/tmpfiles.d/*.conf,
+    but /etc/tmpfiles.d/*.conf can override both of them.
+    
+    This fixes #49.
+
+commit 731a3affdce31e2971a84cde11df2d122049ec99
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Fix script execution in the local service
+    
+    The local service should use eval when it executes scripts since it has
+    the redirection set up in a variable.
+    
+    This fixes #50.
+    X-Gentoo-Bug: 545012
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=545012
+
+commit 3e9bb3b021620654f99a0ead71ed73d34b5c6826
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Make sysctl on Linux respect rc_verbose setting
+    
+    We do not need to spam the console with variable settings by default.
+    This fixes #51.
+    
+    X-Gentoo-Bug: 541922
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=541922
+
+commit c068762c4cf49e7ea9719dcab2e5f7d4c4e7e2e5
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: Doug Freed <dwfreed@mtu.edu>
+
+    Fix rc_verbose processing
+    
+    We were processing the rc_verbose setting before we sourced the
+    configuration file where it was set; this fixes the issue.
+    
+    Fixes #46
+
+commit b8ab99b5d3ee1a93f215157c36fb120857afde64
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    checkpath: Remove the last HAVE_SELINUX test
+
+commit a4cf61e8bf827dc405a547c314e840dab11fc979
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    selinux: unconditionally include the header and provide stub methods
+    
+    If selinux is disabled, then stub methods will be provided instead of
+    calling the real methods. This removes some warnings about unused
+    parameters which used to be covered up with #ifdef HAVE_SELINUX.
+    
+    Signed-off-by: Jason Zaman <jason@perfinion.com>
+
+commit d38cc8f2210e839c4935208917138e4809ece758
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    checkpath: fix warning about selinux_on being unused
+
+commit f085ae400c60289f61d99e9e80ce037beedf38b4
+Author: Doug Freed <dwfreed@mtu.edu>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Fix some compiler warnings
+    
+    librc: Fix C90 warning (mixed declaration and code)
+    rc: Fix warning about discarding const qualifier
+    
+    Fixes #45.
+
+commit c1faafcad8197a821282b8e56a10132e27eb5d9f
+Author: Will Miles <wmiles@sgl.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    start-stop-daemon: Fix regression for --test
+    
+    The previous fix to --test (PR #34) prevented reading one too many
+    arguments when --exec -or --name was not specified, but created a
+    regression where the last argument would not print if either of those
+    arguments was specified. This corrects the issue.
+    
+    Fixes #41.
+
+commit de93587affb17675e6f7cab2b85613d61e11b98b
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: Doug Freed <dwfreed@mtu.edu>
+
+    Silence warning about _DEFAULT_SOURCE for Linux/glibc
+    
+    In >=glibc-2.20, the _BSD_SOURCE macro is deprecated in favor of
+    _DEFAULT_SOURCE. This adds -D_DEFAULT_SOURCE to CPPFLAGS on Linux.
+    
+    Fixes #44
+
+commit be497229b64613ebfbc4073985107a275d49f78e
+Author: Anthony Donnelly <Amzo@archbsd.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Fix savecore service on FreeBSD
+    
+    savecore -C only needs the dumpdevice otherwise it causes an error on startup.
+    
+    This fixes #40.
+
+commit e16b7183e90090ecee539697508582d208859a8b
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    mk/os-GNU.mk: fix typo
+    
+    MAX_PATH should have been PATH_MAX
+
+commit ccd83a5e9cc24833e1ab098cac1688f69ab6e9b6
+Author: Will Miles <wmiles@sgl.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    savecache: Make sure cache directory exists before running checkpath
+    
+    checkpath -W can fail if the specified path doesn't actually exist yet.
+    In this case savecache script should attempt to create the path if it is
+    missing, however it is pre-empted by the checkpath call.  This patch adds
+    an explicit existence test before executing checkpath.
+    
+    This fixes #36.
+
+commit 7bbb73574b44972b0c1b364e24f71623068d7a1c
+Author: Robin H. Johnson <robbat2@gentoo.org>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    bootmisc: clean_run safety improvements.
+    
+    If /tmp or / are read-only, the clean_run function can fail in some very
+    bad ways.
+    
+    1. dir=$(mktemp -d) returns an EMPTY string on error.
+    2. "mount -o bind / $dir", and don't check the result of that,
+    3. "rm -rf $dir/run/*", which removes the REAL /run contents
+    4. box gets very weird from this point forward
+    
+    Signed-Off-By: Robin H. Johnson <robbat2@gentoo.org>
+    Signed-Off-By: Chip Parker <infowolfe@gmail.com>
+    Reported-by: Chip Parker <infowolfe@gmail.com>
+    Tested-by: Chip Parker <infowolfe@gmail.com>
+
+commit a0378f38713e630e1af9101c2ece5d27ca2130fe
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -11,25 +435,13 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 540006
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
 
-commit 55a3746d80c77e1ba3fd0d55151a4adffea85db8
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    increment version
-
-commit 8f7351cf7f31cbf005d2dd32a280d0bb0dcea5d1
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Update ChangeLog
-
-commit 52220d5df177353b222c16bd941261501fce9ddb
+commit 423f82bae9f91f1f5a27d30a2542d8884c6f757a
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     ChangeLog: show authors and committers
 
-commit d5dfc6d529115a3216e70491173468e8edfb1d63
+commit 9dfb85d5d236dd126d13d039eb02a97aa0e6c8ac
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -41,13 +453,13 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 537444
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=537444
 
-commit 7f33410e5d68de990ebef84c76924e485d933e80
+commit 6781667641580fef852ccffc2f42d060f791b354
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     typo fix
 
-commit 56993950f26026cc0bce20ae32abc289540eb361
+commit b17af3c85fc94ecc12857146ba2133a3782ead52
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -60,19 +472,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 540006
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
 
-commit e3999c15ad26816934d0ea0792f06c5666bfc9ee
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    bump version to 0.13.10
-
-commit 4a9c450ec2e73e66ceeba8c9e6ca9496cf3363f4
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    update change log
-
-commit bb4c14999c569781c7289269949b205955f376bb
+commit 3100114bc104741145fb6c1d4b1664759114cc5c
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -81,37 +481,46 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 537996
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=537996
 
-commit 252422dcf0c408742cdb039a8a7eb1732ea15b78
+commit 3f80f22e22ec16ed517397fd303c3df99f9340fc
+Author: Will Miles <wmiles@sgl.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Prioritize local includes and libraries
+    
+    This fixes #35.
+
+commit 8250ac94dfc6156075081e0e2d0986cb51b3098d
+Author: Consus <consus@gmx.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    tmpfiles.*: Follow OpenRC's message style
+    
+    Just to be consistent.
+
+commit fbdd669ba7c5d1a67129236b4ffcd76198340a1b
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    start openrc-0.13.9
+    Makefile: add variable for path to source tree
+    
+    Add a new variable, ${TOP}, to the top level makefile, which points to
+    the path of the source tree.
 
-commit a3a64ac94eaadb38dcb78f8c88437d8a1335fa07
-Author: William Hubbs <w.d.hubbs@gmail.com>
+commit cddb4aad08615420320f75050042d946b18d2bb5
+Author: Will Miles <wmiles@sgl.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    update ChangeLog
+    Fix off-by-one error in --test argument printout in start-stop-daemon.
+    
+    Fixes #34.
 
-commit 1a2f45a4c540c5ff29b8615e7241c60f36637608
+commit 3c5dc0ec7774a72e243da43ac5180ea36a311ad8
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     tmpfiles.dev: pass --boot to tmpfiles.sh so kmod works properly
 
-commit 34b55f31b357af37b999bc3e619c332fc5be1938
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    start work on 0.13.8
-
-commit e0c746e938f7f22dc270cd0802ccfd2803ca7a8c
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Create ChangeLog
-
-commit 50329eee7a126dd1e961d8fb823e5f35f515a143
+commit 7e3a33c8f5ccae03e035cf4c9d1c3c01a0f57b1e
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -120,7 +529,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 535184
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=535184
 
-commit fb81028121471c32bbcc88a61956baa7264ff090
+commit 74478830a8d035c078e986b57efd40a5c48bc896
 Author: Doug Freed <dwfreed@mtu.edu>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -132,7 +541,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 531600
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=531600
 
-commit 50e99aa30aee155865842e0a198fda473b647096
+commit 6a9679377f4de257f02de1d16a513df14b4c25ba
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -141,7 +550,13 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     The git log command understands dates such as "1 year ago", so there is
     no need to use the date command.
 
-commit b177b7924250058d1ad9f8d758dcf8182099341d
+commit 72186ea3bbbf0b09b88a6f3e1fb23bf04ce1ddad
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    etc/rc and etc/rc.shutdown: change references from rc to openrc
+
+commit 3647db7a27f7a5ca14b33b14effeb945fd986210
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -151,13 +566,16 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     
     This fixes #29.
 
-commit 7009f6687289753e6b8207c32c1294fbe48b65c2
+commit 7a92eb888794819a339babd0ee220b6aa3993db1
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    start working on 0.13.7
+    rename git.mk to gitver.mk
+    
+    This is a more descriptive name since this file only sets the gitver
+    variable.
 
-commit 2eb0ea9afbba584fc4c5ee0feefa9ae6a3d3278d
+commit 30cc3cdb76a66c7c0f89a52db4e5cff77b570e31
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -172,13 +590,22 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 530138
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=530138
 
-commit 534031fc7ac3795cc42ea6f54b7ee1c304ee53de
+commit dff6e4a004afeaa64f4ccb07c7d31bb821b043b4
+Author: S. Gilles <sgilles@umd.edu>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Fix mdoc warning for empty line in rc-update man page.
+    
+    X-Gentoo-Bug: 529374
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=529374
+
+commit 3fad31a994f7eb14f3f001f3980eb2b0ae8fe4f1
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    Start work on 0.13.6
+    init.d: add osclock to ignore patterns
 
-commit 6b85d4288c9409f8870396b8026862463e732bf8
+commit 8d0ca13fbd38e782bae655eca6646dabc8d63899
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -187,25 +614,26 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     If symbolic links for /dev/{fd,stdin,stdout,stderr,core} do not exist
     once /dev is mounted, we should create them.
 
-commit dec899b946281c7c12829f3300d533f40e468c20
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Start work on 0.13.5
-
-commit c9f6e2a6c8ca4e258f1b577010586668759b361a
+commit 93ba67eff9333e434c969bb8131467f777546764
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     netmount: unmount nfs file systems
 
-commit e1a4aef3e551371a83a38eb1a275f10b0e9e165e
-Author: William Hubbs <w.d.hubbs@gmail.com>
+commit 1932360adca3f9fe9b47bcfad7b8bd5efbd33bee
+Author: Jason Zaman <jason@perfinion.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    start work on 0.13.4
+    Integrate the functionality from runscript_selinux.so
+    
+    runscript used to dlopen() runscript_selinux.so. This adds equivalent
+    functionality directly in to runscript instead. It authenticates with
+    either PAM or shadow and optionally has a dep on audit.
+    
+    X-Gentoo-Bug: 517450
+    X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=517450
 
-commit cb2c45a3c092de617fa037089599e624a758aea9
+commit be952bebb3647069fb93b9791ee3439698f697ca
 Author: Alexander Vershilov <alexander.vershilov@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -215,13 +643,16 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: #527370
     X-Gentoo-Bug-Url: https://bugs.gentoo.org/show_bug.cgi?id=527370
 
-commit d92eca3988a1756e12c22c99a5e17f525ebffc6c
-Author: William Hubbs <w.d.hubbs@gmail.com>
+commit 0bfde472d0154f14ea88c0f5ddd21a510443d713
+Author: Ralph Sennhauser <sera@gentoo.org>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    Start work on 0.13.3
+    Add osclock service
+    
+    This scripts sole purpose is to "provide clock" on OSs that already
+    take care of the clock being properly set.
 
-commit 5bdd08e0e74bb071e775c706cf88b7bd7c48a572
+commit ba0a11fc94d303e208dd364b06c1c2a75bcdd62b
 Author: Johan Bergström <bugs@bergstroem.nu>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -232,13 +663,13 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     The original patch overwrote CFLAGS. I modified this patch to add the
     ncurses cflags to CPPFLAGS instead of overwriting CFLAGS.
 
-commit 8a68dc899e93ff925fac8417148cebbdaa975849
+commit 7700e6fe796cabfa22eefddc024d66257a28d4dc
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     Fix compile errors created by bundling queue.h
 
-commit 2d1e2552857c51b424704d214c3226d9b2a89ec6
+commit 6ca79042b9aa9752e577346e6f355356ef8f2f9a
 Author: Anthony G. Basile <blueness@gentoo.org>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -247,7 +678,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     TAILQ_CONCAT, TAILQ_FOREACH_SAFE and LIST_FOREACH_SAFE are defined
     in our bundled queue.h and are no longer required.
 
-commit 6f9fd30edb7f9938cff5efcf33d4f867c9b94def
+commit 1e0a4bebdefd06af09ba8f2459287d3ca28f89d7
 Author: Anthony G. Basile <blueness@gentoo.org>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -256,7 +687,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     We are bundling this to allow building on musl-based systems since musl
     does not include <sys/queue.h>.
 
-commit e0c32c23dc00d7aff79614129614944f4b1fde92
+commit ca6b86be44fc7ed618a7ab3bd021e208d38878b1
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -267,37 +698,37 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     
     [1] http://sourceforge.net/p/predef/wiki/OperatingSystems/
 
-commit 4777035d53cc56444865cbeb287e2b5e73d7e901
+commit 4ac289b5397a688393c596a9a01651c94d3b5711
 Author: Gabriele Giacone <1o5g4r8o@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     Fix rc_svcdir for GNU/Hurd
 
-commit f049b535b3dfb4becd62143289a0f7804329c72d
+commit 875f03e27c3475675f7b9572b071dd8c26257be7
 Author: Svante Signell <svante.signell@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     fix defines for GNU/Hurd
 
-commit 4ba30c5a1bb0571e7d79f30c29525f206bed12e5
+commit 203b754f843fe6af0a40e983d557a9cdbc89f84b
 Author: Svante Signell <svante.signell@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     add missing files for GNU/Hurd
 
-commit 91734d20be62dfbf7f637df576b70c9f04bae73d
+commit 89c8a62a1078e770e12c47f06c8dbc9c2924e771
 Author: Gabriele Giacone <1o5g4r8o@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     Fix rc_svcdir for GNU/kFreeBSD
 
-commit b4194fef43c05cb7c601a2c454687eebf6e77e99
+commit d8e1d9a6edf94ecac580e80e1113f4fdbdc5a23b
 Author: Gabriele Giacone <1o5g4r8o@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     Add missing files for GNU/kFreeBSD
 
-commit 5f23128f303b98ec882a3afaf7d98087f452a938
+commit 3f82edbeb9251149c6aff071d6537379af4e5eea
 Author: Svante Signell <svante.signell@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -310,18 +741,18 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     C  library the source is being compiled against.
     GNU/kFreeBSD than checking which library we are using.
 
-commit a634534167f4fb66464568a837ba22a5e0c97410
+commit 86e9aa0d36813e2630c6613cd71c3ce8db642f71
 Author: Anthony G. Basile <blueness@gentoo.org>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
+Commit: Anthony G. Basile <blueness@gentoo.org>
 
     einfo.h, rc.h.in: simplify __BEGIN_DECLS logic
     
     There is no need to redefine __BEGIN_DECLS and __END_DECLS.
     We simplify the logic here and avoid undefining these macros.
 
-commit f77006b58e3fffb80208804dae75a69a29414e95
+commit 4a08517cac3c68c232694db7288654b58b68b8ba
 Author: Anthony G. Basile <blueness@gentoo.org>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
+Commit: Anthony G. Basile <blueness@gentoo.org>
 
     einfo.h, rc.h.in: ensure __BEGIN_DECLS is defined
     
@@ -329,13 +760,13 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     or __END_DECLS.  We add some ifdef magic to ensure these are
     available.
 
-commit ef22f78a480e4f6efb1ae7a9bef0b2ef9c456cd3
+commit 9bf789f78890c8b5879d29acb9fb0e23285baee4
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     Update news file wrt chroot variable
 
-commit 735dc45c392821fbb278ed9cbdefbf8b07b2c750
+commit f9acd65497c6e561fbf5420386a99d681fede859
 Author: Alexander Vershilov <alexander.vershilov@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -344,7 +775,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 524388
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=524388
 
-commit 0d3fdd3769be9801b800f89ee8ce9d1b816434db
+commit 8c7ea4e9e8da500877a514402bbe90aababda2d6
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -358,13 +789,13 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 524388
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=524388
 
-commit 5a1a94b2cc7a5ab8e6a7bc75e503d2dd2377558a
+commit 5f1439f1aac14618592789042e05daaf80f55a15
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     Add NEWS file
 
-commit a76e5a827c23616760e8aab8870239b66c9fda59
+commit 85da4a5e2621dc5f5356d440735aa058008a1b7e
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -378,19 +809,40 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 508574
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=508574
 
-commit b964de828731b5989fb1117822016cacbfe1ad8a
-Author: William Hubbs <w.d.hubbs@gmail.com>
+commit ad770d739cd7d68dd16b4b2e23d4822ebeb3305b
+Author: Rick Farina (ZeroChaos) <sidhayn@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    man: Document start_inactive and in_background_fake
+    localmount: unmount aufs branches
 
-commit 2c1051ad3fc6d39a6201b676f94b055d00265813
+commit 866501be1c554de074533ee98400124393d7fe9d
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     typo fix
 
-commit a2187e897e3c0fc9a29adb0b81a57f2b718e74c5
+commit 20006625a6d37c5add84dd4c8454649279645604
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    man: Document start_inactive and in_background_fake
+
+commit e860b7cb4f3749528ae3db0f3cb500ef889d2781
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    Revert "sysfs: fix permissions on cgroup mounts"
+    
+    This reverts commit 7a25491ced95e14b04b8fe6225171564c87fcde0.
+    This was broken; I need to look further into it.
+
+commit 7a25491ced95e14b04b8fe6225171564c87fcde0
+Author: William Hubbs <w.d.hubbs@gmail.com>
+Commit: William Hubbs <w.d.hubbs@gmail.com>
+
+    sysfs: fix permissions on cgroup mounts
+
+commit 50658449bd46f1a53b8eb11d34f6eefdd1ceba9c
 Author: Roy Marples <roy@marples.name>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -405,25 +857,19 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 522408
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=522408
 
-commit e8043fe378a410dfa78b1e14162a94cc859a5f69
-Author: Rick Farina (ZeroChaos) <sidhayn@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    localmount: unmount aufs branches
-
-commit 082fd53d9e634318e87e2cb1f2ccc7bf12bf09df
+commit de60ffeebe93ffdc09c1dda51e04f29485d96cdb
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     runscript: move verbose mode setting near debug setting
 
-commit 61fd8b29961650a0132b9cfece80bdf7d16cd05c
+commit d032b17897278659ae103d1bcf2aea7739cdbfbb
 Author: Joe M <joe9mail@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
     savecache: check permissions on the correct directory
 
-commit 43d727dc3f17bc9a1d020ed2a5684d4a26bb620a
+commit d4204a97a2410fcf37a64385204e6452c6958e8d
 Author: Andrew Gregory <andrew.gregory.8@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -431,7 +877,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     
     Recursively copies files or directories.  Added by systemd in 849958d1.
 
-commit b8e52583ca590d0f956acea0ec558e84495e3818
+commit 6f3f50d4530f583d0d2aedec8af20077a9d07f4f
 Author: Andrew Gregory <andrew.gregory.8@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -440,13 +886,7 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     systemd added support for b+, c+, p+, and L+ in 2e78fa79 and 1554afae to
     remove the target path if it already exists.
 
-commit 1a7af5bbde0108d5d997d96af7e513eb362d71c5
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    Start work on 0.13.2
-
-commit 785b61e8725f26b7d7c66b00e6e87597dd7bd735
+commit 4f4f00d612ce6b43a2dcba9e0c39816e5d6d92a7
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
@@ -459,11 +899,11 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     X-Gentoo-Bug: 520606
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=520606
 
-commit 54ed42503fbae45eb1fa6cf8c09ca1e34c8002cd
+commit 7b9fe5fced762935c48c90797b3bba2c82f10eb2
 Author: William Hubbs <w.d.hubbs@gmail.com>
 Commit: William Hubbs <w.d.hubbs@gmail.com>
 
-    start work on 0.13.1
+    start work on 0.14
 
 commit c60ef5c381e9edc7e30be9dcc9cc7e123515452e
 Author: William Hubbs <w.d.hubbs@gmail.com>
@@ -1006,59 +1446,3 @@ Commit: William Hubbs <w.d.hubbs@gmail.com>
     
     X-Gentoo-Bug: 376817
     X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=376817
-
-commit a817915632f7f2162e7c3740d204989f6cfde554
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    README.busybox: document incompatibility with built-in ip applet
-
-commit 20d7b83150b18b0eca550d9bb2e1d5fb0acbbd89
-Author: Andrew Gregory <andrew.gregory.8@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    tmpfiles.dev: remove --remove option
-    
-    For compatibility with systemd.
-    
-    Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
-
-commit 686ee62a79e12ad73581ef4e151baad21b624935
-Author: Andrew Gregory <andrew.gregory.8@gmail.com>
-Commit: Andrew Gregory <andrew.gregory.8@gmail.com>
-
-    tmpfiles: add support for --boot option
-    
-    For compatibility with systemd-tmpfiles.
-    
-    Fixes #17
-    
-    Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
-
-commit c081633762dc66235fe385eedcc2cdf6bff83391
-Author: Andrew Gregory <andrew.gregory.8@gmail.com>
-Commit: Andrew Gregory <andrew.gregory.8@gmail.com>
-
-    tmpfiles: ignore all files starting with systemd-
-    
-    systemd recently moved creation of /run/nologin to systemd-nologin.conf
-    
-    Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
-
-commit e0e1f2a4da376d9d05487ec23922c1ca356cbbc6
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    rc.conf: typo fix
-
-commit 7fb209a6fc3512d3437bbb175853f1f01393b74d
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    conf.d/hwclock: typo fix
-
-commit d0186d422c3bb75ac2977dfe7d1f8f97c3ce5c3b
-Author: William Hubbs <w.d.hubbs@gmail.com>
-Commit: William Hubbs <w.d.hubbs@gmail.com>
-
-    rc.conf: document rc_nocolor setting

FEATURE-REMOVAL-SCHEDULE.md

@@ -1,34 +1,31 @@
+# Features Scheduled for Removal
+
 The following is a list of files and features that are going to be removed in
 the source tree.  Every entry should contain what exactly is going away, why it
 is happening, and who is going to be doing the work.  When the feature is
 removed, it should also be removed from this file.
 
----------------------------
-
-What: Service pause action
+## Service pause action
 
 When: 1.0
 
-Why: ...
+Why: The same affect can be obtained with the --nodeps option to stop.
 
 Who:
 
----------------------------
-
-What: start-stop-daemon options --startas, --chuid , --oknodo
+## start-stop-daemon options --startas, --chuid , --oknodo
 
 When: 1.0
 
 Why: Obsolete or replaced by other options.
-	 --startas => use --name or --exec
-	 --chuid => use --user
-	 --oknodo => ignore return code instead
+
+* --startas => use --name or --exec
+* --chuid => use --user
+* --oknodo => ignore return code instead
 
 Who:
 
----------------------------
-
-What: runscript and rc symbolic links
+## runscript and rc symbolic links
 
 When: 1.0
 
@@ -37,9 +34,7 @@ Why: Deprecated in favor of openrc-run and openrc due to naming
 
 Who:
 
----------------------------
-
-What: support for the opts variable in service scripts
+## support for the opts variable in service scripts
 
 When: 1.0
 
@@ -48,9 +43,7 @@ Why: Depprecated in favor of extra_commands, extra_started_commands
 
 Who:
 
----------------------------
-
-What: support for local_start and local_stop
+## support for local_start and local_stop
 
 When: 1.0
 
@@ -58,9 +51,7 @@ Why: Depprecated in favor of executable scripts in @SYSCONFDIR@/local.d
 
 Who:
 
----------------------------
-
-What: the mtab service script
+## the mtab service script
 
 When: make warnings more visible in 1.0, remove in 2.0
 
@@ -68,5 +59,3 @@ Why: /etc/mtab should be a symbolic link to /proc/self/mounts on modern
 	 Linux systems
 
 Who:
-
----------------------------

HISTORY.md

@@ -1,3 +1,5 @@
+# OpenRC History
+
 This history of OpenRC was written by Daniel Robbins, Roy Marples, William
 Hubbs and others.
 

Makefile

@@ -2,7 +2,10 @@
 # Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
 
-include Makefile.inc
+TOP:=		${dir ${realpath ${firstword ${MAKEFILE_LIST}}}}
+MK=			${TOP}/mk
+
+include ${TOP}/Makefile.inc
 
 SUBDIR=		conf.d etc init.d local.d man scripts sh src sysctl.d
 
@@ -17,12 +20,11 @@ SUBDIR+=	runlevels
 
 INSTALLAFTER=	_installafter
 
-MK= 		mk
 include ${MK}/sys.mk
 include ${MK}/os.mk
 include ${MK}/subdir.mk
 include ${MK}/dist.mk
-include ${MK}/git.mk
+include ${MK}/gitver.mk
 
 _installafter:
 ifeq (${MKPREFIX},yes)

Makefile.inc

@@ -1,3 +1,3 @@
 NAME=		openrc
-VERSION=	0.13.11
+VERSION=	0.15
 PKG=		${NAME}-${VERSION}

NEWS.md

@@ -1,9 +1,30 @@
-OpenRC NEWS
+# OpenRC NEWS
 
-This file will contain a list of notable changes for each release.
+This file will contain a list of notable changes for each release. Note
+the information in this file is in reverse order.
 
-OpenRC-0.13.2
-=============
+## OpenRC-0.14
+
+The binfmt service, which registers misc binary formats with the Linux
+kernel, has been separated from the procfs service. This service will be
+automatically added to the boot runlevel for new Linux installs. When
+you upgrade, you will need to use rc-update to add it to your boot
+runlevel.
+
+The procfs service no longer automounts the deprecated usbfs and
+usbdevfs file systems. Nothing should be using usbdevfs any longer, and
+if you still need usbfs it can be added to fstab.
+
+Related to the above change, the procfs service no longer attempts to
+modprobe the usbcore module. If your device manager does not load it,
+you will need to configure the modules service to do so.
+
+The override order of binfmt.d and tmpfiles.d directories has been
+changed to match systemd. Files in /run/binfmt.d and /run/tmpfiles.d
+override their /usr/lib counterparts, and files in the /etc counterparts
+override both /usr/lib and /run.
+
+## OpenRC-0.13.2
 
 A chroot variable has been added to the service script variables.
 This fixes the support for running a service in a chroot.
@@ -12,8 +33,7 @@ This is documented in man 8 openrc-run.
 The netmount service now mounts nfs file systems.
 This change was made to correct a fix for an earlier bug.
 
-OpenRC-0.13
-===========
+## OpenRC-0.13
 
 /sbin/rc was renamed to /sbin/openrc and /sbin/runscript was renamed to
 /sbin/openrc-run due to naming conflicts with other software.
@@ -36,8 +56,7 @@ kernel. If not, it attempts to mount tmpfs.
 If none of these is available, an error message is displayed and static
 /dev is assumed.
 
-OpenRC-0.12
-===========
+## OpenRC-0.12
 
 The net.* scripts, originally from Gentoo Linux, have
 been removed. If you need these scripts, look for a package called

README

@@ -1,66 +0,0 @@
-OpenRC README
-
-
-Installation
-------------
-make install
-Yup, that simple. Works with GNU make.
-
-You may wish to tweak the installation with the below arguments
-PROGLDFLAGS=-static
-LIBNAME=lib64
-DESTDIR=/tmp/openrc-image
-MKNET=no
-MKPAM=pam
-MKPREFIX=yes
-MKPKGCONFIG=no
-MKSELINUX=yes
-MKSTATICLIBS=no
-MKTERMCAP=ncurses
-MKTERMCAP=termcap
-MKTOOLS=yes
-PKG_PREFIX=/usr/pkg
-LOCAL_PREFIX=/usr/local
-PREFIX=/usr/local
-
-We don't support building a static OpenRC with PAM.
-You may need to use PROGLDFLAGS=-Wl,-Bstatic on glibc instead of just -static.
-If you debug memory under valgrind, add -DDEBUG_MEMORY to your CPPFLAGS
-so that all malloc memory should be freed at exit.
-If you are building OpenRC for a Gentoo Prefix installation, add
-MKPREFIX=yes.
-
-You can also brand OpenRC if you so wish like so
-BRANDING=\"Gentoo/$(uname -s)\"
-
-PKG_PREFIX should be set to where packages install to by default.
-LOCAL_PREFIX should be set when to where user maintained packages are.
-Only set LOCAL_PREFIX if different from PKG_PREFIX.
-PREFIX should be set when OpenRC is not installed to /.
-
-If any of the following files exist then we do not overwrite them
-/etc/devd.conf
-/etc/rc
-/etc/rc.shutdown
-/etc/conf.d/*
-
-rc and rc.shutdown are the hooks from the BSD init into OpenRC.
-devd.conf is modified from FreeBSD to call /etc/rc.devd which is a generic
-hook into OpenRC.
-inittab is the same, but for SysVInit as used by most Linux distributions.
-This can be found in the support folder.
-Obviously, if you're installing this onto a system that does not use OpenRC
-by default then you may wish to backup the above listed files, remove them
-and then install so that the OS hooks into OpenRC.
-
-init.d.misc is not installed by default as the scripts will need
-tweaking on a per distro basis. They are also non essential to the operation
-of the system.
-
-Reporting Bugs
---------------
-Since Gentoo Linux is hosting OpenRC development, Bugs should go to
-the Gentoo Bugzilla:
-	http://bugs.gentoo.org/
-They should be filed under the "Gentoo Hosted Projects" product and
-the "openrc" component.

README.md

@@ -0,0 +1,99 @@
+# OpenRC README
+
+OpenRC is a dependency-based init system that works with the
+system-provided init program, normally `/sbin/init`. Currently, it does
+not have an init program of its own.
+
+## Installation
+
+OpenRC requires GNU make.
+
+Once you have GNU Make installed, the default OpenRC installation can be
+executed using this command:
+
+make install
+
+## Configuration
+
+You may wish to configure the installation by passing one or more of the
+below arguments to the make command
+
+```
+PROGLDFLAGS=-static
+LIBNAME=lib64
+DESTDIR=/tmp/openrc-image
+MKNET=no
+MKPAM=pam
+MKPREFIX=yes
+MKPKGCONFIG=no
+MKSELINUX=yes
+MKSTATICLIBS=no
+MKTERMCAP=ncurses
+MKTERMCAP=termcap
+MKTOOLS=yes
+PKG_PREFIX=/usr/pkg
+LOCAL_PREFIX=/usr/local
+PREFIX=/usr/local
+BRANDING=\"Gentoo/$(uname -s)\"
+```
+
+## Notes
+
+We don't support building a static OpenRC with PAM.
+
+You may need to use `PROGLDFLAGS=-Wl,-Bstatic` on glibc instead of just `-static`.
+
+If you debug memory under valgrind, add `-DDEBUG_MEMORY`
+to your `CPPFLAGS` so that all malloc memory should be freed at exit.
+
+If you are building OpenRC for a Gentoo Prefix installation, add `MKPREFIX=yes`.
+
+`PKG_PREFIX` should be set to where packages install to by default.
+
+`LOCAL_PREFIX` should be set when to where user maintained packages are.
+Only set `LOCAL_PREFIX` if different from `PKG_PREFIX`.
+
+`PREFIX` should be set when OpenRC is not installed to /.
+
+If any of the following files exist then we do not overwrite them
+
+```
+/etc/devd.conf
+/etc/rc
+/etc/rc.shutdown
+/etc/conf.d/*
+```
+
+`rc` and `rc.shutdown` are the hooks from the BSD init into OpenRC.
+
+`devd.conf` is modified from FreeBSD to call `/etc/rc.devd` which is a
+generic hook into OpenRC.
+
+`inittab` is the same, but for SysVInit as used by most Linux distributions.
+This can be found in the support folder.
+
+Obviously, if you're installing this onto a system that does not use
+OpenRC by default then you may wish to backup the above listed files,
+remove them and then install so that the OS hooks into OpenRC.
+
+`init.d.misc` is not installed by default as the scripts will need
+tweaking on a per distro basis. They are also non essential to the
+operation of the system.
+
+## Reporting Bugs
+
+If you are using Gentoo Linux, bugs can be filed on their bugzilla under
+the `gentoo hosted projects` product and the `openrc` component [1].
+Otherwise, you can report issues on our github [2].
+
+Better yet, if you can contribute code, please feel free to submit pull
+requests [3].
+
+## IRC Channel
+
+We have an official irc channel, #openrc on freenode, feel free to join
+us there.
+
+[1]	https://bugs.gentoo.org/
+[2]	https://github.com/openrc/openrc/issues
+[3]	https://github.com/openrc/openrc/pulls

STYLE-GUIDE.md

@@ -1,23 +1,23 @@
+# OpenRC Style Guide
+
 This is the openrc style manual.  It governs the coding style of all code
 in this repository.  Follow it.  Contact openrc@gentoo.org for any questions
 or fixes you might notice.
 
-##########
-# C CODE #
-##########
+## C CODE
 
-The BSD Kernel Normal Form (KNF) style is used:
-	http://en.wikipedia.org/wiki/Indent_style#BSD_KNF_style
-Basically, it's like K&R/LKML, but wrapped lines that are indented use 4 spaces.
+The BSD Kernel Normal Form (KNF) style is used [1]. Basically, it is like
+K&R/LKML, but wrapped lines that are indented use 4 spaces. Here are the
+highlights.
 
-Highlights:
-	- no trailing whitespace
-	- indented code use tabs (not line wrapped)
-	- cuddle the braces (except for functions)
-	- space after native statements and before paren (for/if/while/...)
-	- no space between function and paren
-	- pointer asterisk cuddles the variable, not the type
+- no trailing whitespace
+- indented code use tabs (not line wrapped)
+- cuddle the braces (except for functions)
+- space after native statements and before paren (for/if/while/...)
+- no space between function and paren
+- pointer asterisk cuddles the variable, not the type
 
+```
 void foo(int c)
 {
 	int ret = 0;
@@ -32,16 +32,15 @@ void foo(int c)
 
 	return ret;
 }
+```
 
-##################
-# COMMIT MESSAGES #
-##################
+## COMMIT MESSAGES
 
 The following is an example of a correctly formatted git commit message
 for this repository. Most of this information came from this blog post
-[1], so I would like to thank the author.
+[2], so I would like to thank the author.
 
-### cut here ###
+```
 Capitalized, short (50 chars or less) summary
 
 More detailed explanatory text, if necessary.  Wrap it to about 72
@@ -67,7 +66,7 @@ Further paragraphs come after blank lines.
 Reported-by: User Name <email>
 X-[Distro]-Bug: BugID
 X-[Distro]-Bug-URL: URL for the bug (on the distribution's web site typically)
-### cut here ###
+```
 
 If you did not write the code and the patch does not include authorship
 information in a format git can use, please use the --author option of the
@@ -81,5 +80,5 @@ different from the author and committer.
   *BSD. Also, [Distro] should be replaced with the name of the
   distribution, e.g. X-Gentoo-Bug.
 
-[1] http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
-
+[1]	http://en.wikipedia.org/wiki/Indent_style#BSD_KNF_style
+[2] http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html

etc/rc.conf.Linux

@@ -2,14 +2,15 @@
 # LINUX SPECIFIC OPTIONS
 
 # This is the subsystem type. Valid options on Linux:
-# ""        - nothing special
-# "lxc"     - Linux Containers
-# "openvz"  - Linux OpenVZ
-# "prefix"  - Prefix
-# "uml"     - Usermode Linux
-# "vserver" - Linux vserver
-# "xen0"    - Xen0 Domain
-# "xenU"    - XenU Domain
+# ""               - nothing special
+# "lxc"            - Linux Containers
+# "openvz"         - Linux OpenVZ
+# "prefix"         - Prefix
+# "uml"            - Usermode Linux
+# "vserver"        - Linux vserver
+# "systemd-nspawn" - Container created by the systemd-nspawn utility
+# "xen0"           - Xen0 Domain
+# "xenU"           - XenU Domain
 # If this is commented out, automatic detection will be used.
 #
 # This should be set to the value representing the environment this file is

etc/rc.in

@@ -10,9 +10,9 @@
 trap : SIGINT
 trap "echo 'Boot interrupted'; exit 1" SIGQUIT
 
-/sbin/rc sysinit || exit 1
-/sbin/rc boot || exit 1
-/sbin/rc default
+/sbin/openrc sysinit || exit 1
+/sbin/openrc boot || exit 1
+/sbin/openrc default
 
 # We don't actually care if rc default worked or not, we should exit 0
 # to allow logins

etc/rc.shutdown.in

@@ -14,4 +14,4 @@ LD_LIBRARY_PATH="/lib${LD_LIBRARY_PATH:+:}${LDLIBRARY_PATH}" ; export LD_LIBRARY
 [ -z "$TERM" -o "$TERM" = "dumb" ] && TERM="@TERM@" && export TERM
 
 action=${1:-shutdown}
-exec /sbin/rc "${action}"
+exec /sbin/openrc "${action}"

init.d/.gitignore

@@ -23,6 +23,7 @@ modules
 mount-ro
 mtab
 numlock
+osclock
 procfs
 staticroute
 sysfs

init.d/Makefile

@@ -2,7 +2,7 @@ include ../mk/net.mk
 
 DIR=	${INITDIR}
 SRCS=	bootmisc.in fsck.in hostname.in local.in localmount.in loopback.in \
-	netmount.in root.in savecache.in swap.in swapfiles.in \
+	netmount.in osclock.in root.in savecache.in swap.in swapfiles.in \
 	tmpfiles.setup.in swclock.in sysctl.in urandom.in ${SRCS-${OS}}
 BIN=	${OBJS}
 
@@ -21,7 +21,7 @@ SRCS-FreeBSD=	hostid.in moused.in newsyslog.in pf.in rarpd.in rc-enabled.in \
 SRCS-FreeBSD+=	adjkerntz.in devd.in dumpon.in encswap.in ipfw.in \
 		mixer.in nscd.in powerd.in syscons.in
 
-SRCS-Linux=	devfs.in dmesg.in hwclock.in consolefont.in keymaps.in \
+SRCS-Linux=	binfmt.in devfs.in dmesg.in hwclock.in consolefont.in keymaps.in \
 		killprocs.in modules.in mount-ro.in mtab.in numlock.in \
 		procfs.in sysfs.in termencoding.in tmpfiles.dev.in
 

init.d/binfmt.in

@@ -0,0 +1,20 @@
+#!@SBINDIR@/openrc-run
+# Copyright 2015 William Hubbs <w.d.hubbs@gmail.com>
+# Released under the 2-clause BSD license.
+
+description="Register misc binary format handlers"
+
+depend()
+{
+	after procfs
+	use modules devfs
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
+}
+
+start()
+{
+	ebegin "Loading custom binary format handlers"
+	"$RC_LIBEXECDIR"/sh/binfmt.sh
+	eend $?
+return 0
+}

init.d/bootmisc.in

@@ -119,11 +119,32 @@ clean_run()
 {
 	[ "$RC_SYS" = VSERVER -o "$RC_SYS" = LXC ] && return 0
 	local dir
+	# If / is still read-only due to a problem, this will fail!
+	if ! checkpath -W /; then
+		eerror "/ is not writable; unable to clean up underlying /run"
+		return 1
+	fi
+	if ! checkpath -W /tmp; then
+		eerror "/tmp is not writable; unable to clean up underlying /run"
+		return 1
+	fi
+	# Now we know that we can modify /tmp and /
+	# if mktemp -d fails, it returns an EMPTY string
+	# STDERR: mktemp: failed to create directory via template ‘/tmp/tmp.XXXXXXXXXX’: Read-only file system
+	# STDOUT: ''
+	rc=0
 	dir=$(mktemp -d)
-	mount --bind / $dir
-	rm -rf $dir/run/*
-	umount $dir
-	rm -rf $dir
+	if [ -n "$dir" -a -d $dir -a -w $dir ]; then
+		mount --bind / $dir && rm -rf $dir/run/* || rc=1
+		umount $dir
+		rm -rf $dir
+	else
+		rc=1
+	fi
+	if [ $rc -ne 0 ]; then
+		eerror "Could not clean up underlying /run on /"
+		return 1
+	fi
 }
 
 start()

init.d/consolefont.in

@@ -8,7 +8,7 @@ depend()
 {
 	need localmount termencoding
 	after hotplug bootmisc
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 start()

init.d/devfs.in

@@ -8,7 +8,7 @@ depend()
 {
 	provide dev-mount
 	before dev
-	keyword -prefix -vserver -lxc
+	keyword -prefix -systemd-nspawn -vserver -lxc
 }
 
 mount_dev()

init.d/dmesg.in

@@ -7,7 +7,7 @@ description="Set the dmesg level for a cleaner boot"
 depend()
 {
 	before dev modules
-	keyword -lxc -prefix -vserver
+	keyword -lxc -prefix -systemd-nspawn -vserver
 }
 
 start()

init.d/fsck.in

@@ -9,7 +9,7 @@ _IFS="
 depend()
 {
 	use dev clock modules
-	keyword -jail -openvz -prefix -timeout -vserver -lxc -uml
+	keyword -jail -openvz -prefix -systemd-nspawn -timeout -vserver -lxc -uml
 }
 
 _abort() {

init.d/hostname.in

@@ -5,7 +5,7 @@
 description="Sets the hostname of the machine."
 
 depend() {
-	keyword -prefix -lxc
+	keyword -prefix -systemd-nspawn -lxc
 }
 
 start()

init.d/hwclock.in

@@ -28,7 +28,7 @@ depend()
 	else
 		before *
 	fi
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 setupopts()

init.d/keymaps.in

@@ -8,7 +8,7 @@ depend()
 {
 	need localmount termencoding
 	after bootmisc
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 start()

init.d/local.in

@@ -20,7 +20,7 @@ start()
 	for file in @SYSCONFDIR@/local.d/*.start; do
 		if [ -x "${file}" ]; then
 			vebegin "Executing \"${file}\""
-			"${file}" $redirect
+			eval "${file}" $redirect
 			retval=$?
 			if [ ${retval} -ne 0 ]; then
 				has_errors=1
@@ -59,7 +59,7 @@ stop()
 	for file in @SYSCONFDIR@/local.d/*.stop; do
 		if [ -x "${file}" ]; then
 			vebegin "Executing \"${file}\""
-			"${file}" $redirect
+			eval "${file}" $redirect
 			retval=$?
 			if [ ${retval} -ne 0 ]; then
 				has_errors=1

init.d/localmount.in

@@ -9,7 +9,7 @@ depend()
 	need fsck
 	use lvm modules mtab
 	after lvm modules
-	keyword -jail -prefix -vserver -lxc
+	keyword -jail -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/loopback.in

@@ -6,7 +6,7 @@ description="Configures the loopback interface."
 
 depend()
 {
-	keyword -jail -prefix -vserver
+	keyword -jail -prefix -systemd-nspawn -vserver
 }
 
 start()

init.d/modules.in

@@ -7,7 +7,7 @@ description="Loads a user defined list of kernel modules."
 depend()
 {
 	use isapnp
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/mount-ro.in

@@ -7,7 +7,7 @@ description="Re-mount filesytems read-only for a clean reboot."
 depend()
 {
 	need killprocs savecache
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/mtab.in

@@ -7,33 +7,35 @@ description="Update /etc/mtab to match what the kernel knows about"
 depend()
 {
 	need root
-	keyword -prefix
+	keyword -prefix -systemd-nspawn
 }
 
 start()
 {
-	if [ -L /etc/mtab ]; then
-		return 0
-	fi
-
+	[ -L /etc/mtab ] && return 0
+	local rc=0
 	ebegin "Updating /etc/mtab"
-	vewarn "The support for updating /etc/mtab as a file is"
-	vewarn "deprecated and will be removed in the future."
-	vewarn "Please run the following command as root on your system."
-	vewarn
-	vewarn "ln -snf /proc/self/mounts /etc/mtab"
-	if ! echo 2>/dev/null >/etc/mtab; then
-		ewend 1 "/etc/mtab is not updateable"
-		return 0
+	if ! checkpath -W /etc; then
+		rc=1
+	elif [ ! -e /etc/mtab ]; then
+		ln -snf /proc/self/mounts /etc/mtab
+	else
+		ewarn "The support for updating /etc/mtab as a file is"
+		ewarn "deprecated and will be removed in the future."
+		ewarn "Please run the following command as root on your system."
+		ewarn
+		ewarn "ln -snf /proc/self/mounts /etc/mtab"
+		ewarn
+
+		# With / as tmpfs we cannot umount -at tmpfs in localmount as that
+		# makes / readonly and dismounts all tmpfs even if in use which is
+		# not good. Luckily, umount uses /etc/mtab instead of /proc/mounts
+		# which allows this hack to work.
+		grep -v "^[! ]* / tmpfs " /proc/mounts > /etc/mtab
+
+		# Remove stale backups
+		rm -f /etc/mtab~ /etc/mtab~~
 	fi
-
-	# With / as tmpfs we cannot umount -at tmpfs in localmount as that
-	# makes / readonly and dismounts all tmpfs even if in use which is
-	# not good. Luckily, umount uses /etc/mtab instead of /proc/mounts
-	# which allows this hack to work.
-	grep -v "^[! ]* / tmpfs " /proc/mounts > /etc/mtab
-
-	# Remove stale backups
-	rm -f /etc/mtab~ /etc/mtab~~
-	eend 0
+	eend $rc "/etc is not writable; unable to create /etc/mtab"
+	return 0
 }

init.d/netmount.in

@@ -9,7 +9,7 @@ depend()
 	config /etc/fstab
 	use afc-client amd nfsclient autofs openvpn
 	use dns
-	keyword -jail -prefix -vserver -lxc
+	keyword -jail -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/numlock.in

@@ -9,7 +9,7 @@ ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
 depend()
 {
 	need localmount
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 _setleds()

init.d/osclock.in

@@ -0,0 +1,12 @@
+#!@SBINDIR@/openrc-run
+# Copyright (c) 2014 Ralph Sennhauser <sera@igentoo.org>
+# Released under the 2-clause BSD license.
+
+# Can be used on OSs that take care of the clock.
+
+description="Provides clock"
+
+depend()
+{
+	provide clock
+}

init.d/procfs.in

@@ -8,66 +8,20 @@ depend()
 {
 	use modules devfs
 	need localmount
-	keyword -openvz -prefix -vserver -lxc
+	keyword -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()
 {
-	# Make sure we insert usbcore if it's a module
-	if [ -f /proc/modules -a ! -d /sys/module/usbcore -a ! -d /proc/bus/usb ]; then
-		modprobe -q usbcore
-	fi
-
-	[ -e /proc/filesystems ] || return 0
-
 	# Setup Kernel Support for miscellaneous Binary Formats
 	if [ -d /proc/sys/fs/binfmt_misc -a ! -e /proc/sys/fs/binfmt_misc/register ]; then
+		modprobe -q binfmt-misc
 		if grep -qs binfmt_misc /proc/filesystems; then
 			ebegin "Mounting misc binary format filesystem"
 			mount -t binfmt_misc -o nodev,noexec,nosuid \
 				binfmt_misc /proc/sys/fs/binfmt_misc
-			if eend $? ; then
-				local fmts
-				ebegin "Loading custom binary format handlers"
-				fmts=$(grep -hsv -e '^[#;]' -e '^[[:space:]]*$' \
-					/run/binfmt.d/*.conf \
-					/etc/binfmt.d/*.conf \
-					""/usr/lib/binfmt.d/*.conf)
-				if [ -n "${fmts}" ]; then
-					echo "${fmts}" > /proc/sys/fs/binfmt_misc/register
-				fi
 				eend $?
-			fi
 		fi
 	fi
-
-	[ "$RC_SYS" = "OPENVZ" ] && return 0
-
-	# Check what USB fs the kernel support.  Currently
-	# 2.5+ kernels, and later 2.4 kernels have 'usbfs',
-	# while older kernels have 'usbdevfs'.
-	if [ -d /proc/bus/usb -a ! -e /proc/bus/usb/devices ]; then
-		local usbfs=$(grep -Fow usbfs /proc/filesystems ||
-			grep -Fow usbdevfs /proc/filesystems)
-		if [ -n "$usbfs" ]; then
-			ebegin "Mounting USB device filesystem [$usbfs]"
-			local usbgid="$(getent group usb | \
-				sed -e 's/.*:.*:\(.*\):.*/\1/')"
-			mount -t $usbfs \
-				-o ${usbgid:+devmode=0664,devgid=$usbgid,}noexec,nosuid \
-				usbfs /proc/bus/usb
-			eend $?
-		fi
-	fi
-
-	# Setup Kernel Support for SELinux
-	if [ -d /sys/fs/selinux ] && ! mountinfo -q /sys/fs/selinux; then
-		if grep -qs selinuxfs /proc/filesystems; then
-			ebegin "Mounting SELinux filesystem"
-			mount -t selinuxfs selinuxfs /sys/fs/selinux
-			eend $?
-		fi
-	fi
-
 	return 0
 }

init.d/root.in

@@ -7,7 +7,7 @@ description="Mount the root fs read/write"
 depend()
 {
 	need fsck
-	keyword -jail -openvz -prefix -vserver -lxc
+	keyword -jail -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/savecache.in

@@ -13,8 +13,8 @@ start()
 			return 1
 		fi
 	fi
-	if ! checkpath -W "$RC_LIBEXECDIR"/cache; then
-		ewarn "WARNING: ${RC_LIBEXECDIR}/cache is not writable!"
+	if ! checkpath -W "$RC_LIBEXECDIR"; then
+		ewarn "WARNING: ${RC_LIBEXECDIR} is not writable!"
 		if ! yesno "${RC_GOINGDOWN}"; then
 			ewarn "Unable to save deptree cache"
 			return 1
@@ -25,12 +25,12 @@ start()
 	local rc=
 	if [ ! -d "$RC_LIBEXECDIR"/cache ]; then
 		rm -rf "$RC_LIBEXECDIR"/cache
-		if ! mkdir "$RC_LIBEXECDIR"/cache; then
+		if ! mkdir -p "$RC_LIBEXECDIR"/cache; then
 			rc=$?
 			if yesno "${RC_GOINGDOWN}"; then
 				rc=0
 			fi
-			eend $rc
+			eend $rc "Unable to create $RC_SVCDIR/cache"
 			return $rc
 		fi
 	fi

init.d/savecore.in

@@ -23,7 +23,7 @@ start()
 		# Don't quote ${dump_device}, so that if it's unset,
 		# savecore will check on the partitions listed in fstab
 		# without errors in the output
-		savecore -C "$dump_dir" $dump_device >/dev/null
+		savecore -C $dump_device >/dev/null
 	else
 		ls "$dump_dir"/bsd* > /dev/null 2>&1
 	fi

init.d/swap.in

@@ -5,7 +5,7 @@
 depend()
 {
 	before localmount
-	keyword -jail -openvz -prefix -vserver -lxc
+	keyword -jail -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/swapfiles.in

@@ -5,7 +5,7 @@
 depend()
 {
 	need localmount
-	keyword -jail -openvz -prefix -vserver -lxc
+	keyword -jail -openvz -prefix -systemd-nspawn -vserver -lxc
 }
 
 start()

init.d/swclock.in

@@ -8,7 +8,7 @@ depend()
 {
 	before *
 	provide clock
-	keyword -openvz -prefix -uml -vserver -xenu -lxc
+	keyword -openvz -prefix -systemd-nspawn -uml -vserver -xenu -lxc
 }
 
 # swclock is an OpenRC built in

init.d/sysctl.GNU.in

@@ -1,4 +1,4 @@
-#!@PREFIX@/sbin/runscript
+#!@PREFIX@/sbin/openrc-run
 # Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
 #FIXME: Modify for GNU/Hurd

init.d/sysctl.Linux.in

@@ -5,12 +5,15 @@
 depend()
 {
 	before bootmisc logger
-	keyword -prefix -vserver
+	keyword -prefix -systemd-nspawn -vserver
 }
 
 start()
 {
+	local quiet
+	yesno $rc_verbose || quiet=-q
+
 	ebegin "Configuring kernel parameters"
-	sysctl --system
+	sysctl ${quiet} --system
 	eend $? "Unable to configure some kernel parameters"
 }

init.d/sysfs.in

@@ -8,7 +8,7 @@ sysfs_opts=nodev,noexec,nosuid
 
 depend()
 {
-	keyword -lxc -prefix -vserver
+	keyword -lxc -prefix -systemd-nspawn -vserver
 }
 
 mount_sys()
@@ -82,6 +82,15 @@ mount_misc()
 		fi
 	fi
 
+	# Setup Kernel Support for SELinux
+	if [ -d /sys/fs/selinux ] && ! mountinfo -q /sys/fs/selinux; then
+		if grep -qs selinuxfs /proc/filesystems; then
+			ebegin "Mounting SELinux filesystem"
+			mount -t selinuxfs selinuxfs /sys/fs/selinux
+			eend $?
+		fi
+	fi
+
 	# setup up kernel support for efivarfs
 	# slightly complicated, as if it's build as a module but NOT yet loaded,
 	# it will NOT appear in /proc/filesystems yet

init.d/termencoding.in

@@ -9,7 +9,7 @@ ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
 
 depend()
 {
-	keyword -lxc -openvz -prefix -uml -vserver -xenu
+	keyword -lxc -openvz -prefix -systemd-nspawn -uml -vserver -xenu
 	use root
 	after bootmisc
 }

init.d/tmpfiles.dev.in

@@ -2,7 +2,7 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Released under the 2-clause BSD license.
 
-description="set up tmpfiles.d entries"
+description="Set up tmpfiles.d entries"
 
 depend()
 {
@@ -13,7 +13,7 @@ depend()
 
 start()
 {
-	ebegin "setting up tmpfiles.d entries for /dev"
+	ebegin "Setting up tmpfiles.d entries for /dev"
 	@LIBEXECDIR@/sh/tmpfiles.sh --prefix=/dev --create --boot ${tmpfiles_opts}
 	eend $?
 	return 0

init.d/tmpfiles.setup.in

@@ -2,7 +2,7 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Released under the 2-clause BSD license.
 
-description="set up tmpfiles.d entries"
+description="Set up tmpfiles.d entries"
 
 depend()
 {
@@ -11,7 +11,7 @@ depend()
 
 start()
 {
-	ebegin "setting up tmpfiles.d entries"
+	ebegin "Setting up tmpfiles.d entries"
 	@LIBEXECDIR@/sh/tmpfiles.sh --exclude-prefix=/dev --create --remove --boot \
 		${tmpfiles_opts}
 	eend $?

init.d/urandom.in

@@ -8,7 +8,7 @@ description="Initializes the random number generator."
 depend()
 {
 	need localmount
-	keyword -jail -lxc -openvz -prefix
+	keyword -jail -lxc -openvz -prefix -systemd-nspawn
 }
 
 save_seed()

man/rc-update.8

@@ -87,7 +87,7 @@ If the
 .Fl s , -stack
 option is given then we either add or remove the runlevel from the runlevel.
 This allows inheritance of runlevels.
-
+.Pp
 If the
 .Fl a, -all
 option is given, we remove the service from all runlevels. This is

mk/depend.mk

@@ -6,7 +6,7 @@ IGNOREFILES+=	.depend
 
 .depend: ${SRCS}
 	rm -f .depend
-	${CC} ${CPPFLAGS} -MM ${SRCS} > .depend
+	${CC} ${LOCAL_CPPFLAGS} ${CPPFLAGS} -MM ${SRCS} > .depend
 
 depend: .depend extra_depend
 

mk/dist.mk

@@ -2,7 +2,7 @@
 # Copyright (c) 2008 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
 
-GITREF?=	HEAD
+GITREF?=	${VERSION}
 DISTPREFIX?=	${NAME}-${VERSION}
 DISTFILE?=	${DISTPREFIX}.tar.bz2
 
@@ -34,7 +34,7 @@ snapshot:
 	mkdir /tmp/${SNAPDIR}
 	cp -RPp * /tmp/${SNAPDIR}
 	(cd /tmp/${SNAPDIR}; make clean)
-	find /tmp/${SNAPDIR} -name .svn -exec rm -rf -- {} \; 2>/dev/null || true
+	rm -rf /tmp/${SNAPDIR}/.git 2>/dev/null || true
 	tar -cvjpf ${SNAPFILE} -C /tmp ${SNAPDIR}
 	rm -rf /tmp/${SNAPDIR}
 	ls -l ${SNAPFILE}

mk/lib.mk

@@ -21,10 +21,10 @@ _LIBS+=			${SHLIB_NAME}
 CLEANFILES+=		${OBJS} ${SOBJS} ${_LIBS} ${SHLIB_LINK}
 
 %.o: %.c
-	${CC} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
+	${CC} ${LOCAL_CFLAGS} ${LOCAL_CPPFLAGS} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
 
 %.So: %.c
-	${CC} ${PICFLAG} -DPIC ${CPPFLAGS} ${CFLAGS} -c $< -o $@
+	${CC} ${PICFLAG} -DPIC ${LOCAL_CFLAGS} ${LOCAL_CPPFLAGS} ${CPPFLAGS} ${CFLAGS} -c $< -o $@
 
 all: depend ${_LIBS}
 
@@ -40,7 +40,7 @@ ${SHLIB_NAME}:	${SOBJS}
 	@${ECHO} building shared library $@
 	@rm -f $@ ${SHLIB_LINK}
 	@ln -fs $@ ${SHLIB_LINK}
-	${CC} ${CFLAGS} ${LDFLAGS} -shared -Wl,-x \
+	${CC} ${LOCAL_CFLAGS} ${CFLAGS} ${LOCAL_LDFLAGS} ${LDFLAGS} -shared -Wl,-x \
 	-o $@ -Wl,-soname,${SONAME} \
 	${SOBJS} ${LDADD}
 

mk/os-GNU.mk

@@ -4,5 +4,5 @@
 SFX=		.GNU.in
 PKG_PREFIX?=	/usr
 
-CPPFLAGS+=	-D_BSD_SOURCE -D_XOPEN_SOURCE=700 -DMAXPATHLEN=4096 -DMAX_PATH=4096
+CPPFLAGS+=	-D_BSD_SOURCE -D_XOPEN_SOURCE=700 -DMAXPATHLEN=4096 -DPATH_MAX=4096
 LIBDL=		-Wl,-Bdynamic -ldl

mk/os-Linux.mk

@@ -4,11 +4,24 @@
 SFX=		.Linux.in
 PKG_PREFIX?=	/usr
 
-CPPFLAGS+=	-D_BSD_SOURCE -D_XOPEN_SOURCE=700
+CPPFLAGS+=	-D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=700
 LIBDL=		-Wl,-Bdynamic -ldl
 
 ifeq (${MKSELINUX},yes)
 CPPFLAGS+= -DHAVE_SELINUX
-LIBSELINUX= -lselinux
+LIBSELINUX?= -lselinux
 LDADD += $(LIBSELINUX)
+
+ifneq (${MKPAM},pam)
+# if using selinux but not pam then we need crypt
+LIBCRYPT?= -lcrypt
+LDADD += $(LIBCRYPT)
+endif
+
+endif
+
+ifeq (${MKAUDIT},yes)
+LIBAUDIT?=	-laudit
+CPPFLAGS+=	-DHAVE_AUDIT
+LDADD+=		${LIBAUDIT}
 endif

mk/pam.mk

@@ -3,6 +3,12 @@ LIBPAM?=	-lpam
 CPPFLAGS+=	-DHAVE_PAM
 LDADD+=		${LIBPAM}
 
+ifeq (${MKSELINUX},yes)
+# with selinux, pam_misc is needed too
+LIBPAM_MISC?=	-lpam_misc
+LDADD+=		${LIBPAM_MISC}
+endif
+
 PAMDIR?=	/etc/pam.d
 PAMMODE?=	0644
 else ifneq (${MKPAM},)

mk/prog.mk

@@ -1,4 +1,4 @@
-# rules to build a library
+# rules to build a program
 # based on FreeBSD's bsd.prog.mk
 
 # Copyright (c) 2008 Roy Marples <roy@marples.name>
@@ -25,10 +25,10 @@ CLEANFILES+=		${OBJS} ${PROG}
 all: depend ${PROG}
 
 %.o: %.c
-	${CC} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
+	${CC} ${LOCAL_CFLAGS} ${LOCAL_CPPFLAGS} ${CFLAGS} ${CPPFLAGS} -c $< -o $@
 
 ${PROG}: ${SCRIPTS} ${OBJS}
-	${CC} ${CFLAGS} ${LDFLAGS} -o $@ ${OBJS} ${LDADD}
+	${CC} ${LOCAL_CFLAGS} ${LOCAL_LDFLAGS}  ${CFLAGS} ${LDFLAGS} -o $@ ${OBJS} ${LDADD}
 
 clean:
 	rm -f ${CLEANFILES}

runlevels/Makefile

@@ -34,7 +34,8 @@ BOOT-FreeBSD+=	hostid newsyslog savecore syslogd
 # FreeBSD specific stuff
 BOOT-FreeBSD+=	adjkerntz dumpon syscons
 
-BOOT-Linux+=	hwclock keymaps modules mtab procfs termencoding tmpfiles.setup
+BOOT-Linux+=	binfmt hwclock keymaps modules mtab procfs termencoding \
+	tmpfiles.setup
 SHUTDOWN-Linux=	killprocs mount-ro
 SYSINIT-Linux=	devfs dmesg sysfs tmpfiles.dev
 

sh/.gitignore

@@ -1,10 +1,11 @@
 functions.sh
 gendepends.sh
 rc-functions.sh
-runscript.sh
+openrc-run.sh
 cgroup-release-agent.sh
 init.sh
 init-early.sh
 rc-cgroup.sh
 tmpfiles.sh
 migrate-to-run.sh
+binfmt.sh

sh/Makefile

@@ -1,8 +1,8 @@
 DIR=	${LIBEXECDIR}/sh
 SRCS=	init.sh.in functions.sh.in gendepends.sh.in \
-	rc-functions.sh.in runscript.sh.in tmpfiles.sh.in ${SRCS-${OS}}
+	openrc-run.sh.in rc-functions.sh.in tmpfiles.sh.in ${SRCS-${OS}}
 INC=	rc-mount.sh functions.sh rc-functions.sh
-BIN=	gendepends.sh init.sh runscript.sh tmpfiles.sh ${BIN-${OS}}
+BIN=	gendepends.sh init.sh openrc-run.sh tmpfiles.sh ${BIN-${OS}}
 
 INSTALLAFTER=	_installafter
 
@@ -12,9 +12,9 @@ include ${MK}/os.mk
 SRCS-FreeBSD=
 BIN-FreeBSD=
 
-SRCS-Linux=	cgroup-release-agent.sh.in init-early.sh.in migrate-to-run.sh.in \
-	rc-cgroup.sh.in
-BIN-Linux=	cgroup-release-agent.sh init-early.sh migrate-to-run.sh \
+SRCS-Linux=	binfmt.sh.in cgroup-release-agent.sh.in init-early.sh.in \
+	migrate-to-run.sh.in rc-cgroup.sh.in
+BIN-Linux=	binfmt.sh cgroup-release-agent.sh init-early.sh migrate-to-run.sh \
 	rc-cgroup.sh
 
 SRCS-NetBSD=

sh/binfmt.sh.in

@@ -0,0 +1,85 @@
+#!@SHELL@
+# This is a reimplementation of the systemd binfmt.d code to register
+# misc binary formats with the kernel.
+#
+# Copyright (c) 2015 William Hubbs <w.d.hubbs@gmail.com>
+# Released under the 2-clause BSD license.
+#
+# See the binfmt.d manpage as well:
+# http://0pointer.de/public/systemd-man/binfmt.d.html
+# This script should match the manpage as of 2015/03/31
+#
+
+apply_file() {
+	[ $# -lt 1 ] && return 0
+	FILE="$1"
+	LINENUM=0
+
+	### FILE FORMAT ###
+	# See https://www.kernel.org/doc/Documentation/binfmt_misc.txt
+	while read line; do
+		LINENUM=$(( LINENUM+1 ))
+		case $line in
+			\#*) continue ;;
+			\;*) continue ;;
+		esac
+
+		echo "${line}" > /proc/sys/fs/binfmt_misc/register
+		rc=$?
+		if [ $rc -ne 0 ]; then
+			printf "binfmt: invalid entry on line %d of \`%s'\n" \
+				"$LINENUM" "$FILE" >&2
+			error=1
+		fi
+	done <$FILE
+	return $rc
+}
+
+[ -e /proc/sys/fs/binfmt_misc/register ] || exit 0
+error=0
+if [ $# -gt 0 ]; then
+	while [ $# -gt 0 ]; do
+		apply_file "$1"
+		shift
+	done
+else
+	# The hardcoding of these paths is intentional; we are following the
+	# systemd spec.
+	binfmt_dirs='/usr/lib/binfmt.d/ /run/binfmt.d/ /etc/binfmt.d/'
+	binfmt_basenames=''
+	binfmt_d=''
+
+	# Build a list of sorted unique basenames
+	# directories declared later in the binfmt_d list will override earlier
+	# directories, on a per file basename basis.
+	# `/run/binfmt.d/foo.conf' supersedes `/usr/lib/binfmt.d/foo.conf'.
+	# `/run/binfmt.d/foo.conf' will always be read after `/etc/binfmt.d/bar.conf'
+	for d in ${binfmt_dirs} ; do
+		[ -d $d ] && for f in ${d}/*.conf ; do
+			case "${f##*/}" in
+				systemd.conf|systemd-*.conf) continue;;
+			esac
+			[ -e $f ] && binfmt_basenames="${binfmt_basenames}\n${f##*/}"
+		done # for f in ${d}
+	done # for d in ${binfmt_dirs}
+	binfmt_basenames="$(printf "${binfmt_basenames}\n" | sort -u )"
+
+	for b in $binfmt_basenames ; do
+		real_f=''
+		for d in $binfmt_dirs ; do
+			f=${d}/${b}
+			[ -e "${f}" ] && real_f=$f
+		done
+		[ -e "${real_f}" ] && binfmt_d="${binfmt_d} ${real_f}"
+	done
+
+	# loop through the gathered fragments, sorted globally by filename.
+	# `/run/binfmt.d/foo.conf' will always be read after `/etc/binfmt.d/bar.conf'
+	for FILE in $binfmt_d ; do
+		apply_file "$FILE"
+	done
+fi
+
+exit $error
+
+# vim: set ts=2 sw=2 sts=2 noet ft=sh:

sh/openrc-run.sh.in

@@ -1,5 +1,5 @@
 #!@SHELL@
-# Shell wrapper for runscript
+# Shell wrapper for openrc-run
 
 # Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
 # Released under the 2-clause BSD license.
@@ -34,7 +34,10 @@ sourcex()
 
 sourcex "@LIBEXECDIR@/sh/functions.sh"
 sourcex "@LIBEXECDIR@/sh/rc-functions.sh"
-[ "$RC_SYS" != "PREFIX" ] && sourcex -e "@LIBEXECDIR@/sh/rc-cgroup.sh"
+case $RC_SYS in
+	PREFIX|SYSTEMD-NSPAWN) ;;
+	*) sourcex -e "@LIBEXECDIR@/sh/rc-cgroup.sh";;
+esac
 
 # Support LiveCD foo
 if sourcex -e "/sbin/livecd-functions.sh"; then
@@ -189,10 +192,6 @@ status()
 }
 
 yesno $RC_DEBUG && set -x
-if yesno "${rc_verbose:-$RC_VERBOSE}"; then
-	EINFO_VERBOSE=yes
-	export EINFO_VERBOSE
-fi
 
 _conf_d=${RC_SERVICE%/*}/../conf.d
 # If we're net.eth0 or openvpn.work then load net or openvpn config
@@ -213,6 +212,12 @@ unset _conf_d
 # Load any system overrides
 sourcex -e "@SYSCONFDIR@/rc.conf"
 
+# Set verbose mode
+if yesno "${rc_verbose:-$RC_VERBOSE}"; then
+	EINFO_VERBOSE=yes
+	export EINFO_VERBOSE
+fi
+
 for _cmd; do
 	if [ "$_cmd" != status -a "$_cmd" != describe ]; then
 		# Apply any ulimit defined

sh/rc-cgroup.sh.in

@@ -1,6 +1,7 @@
 #!@SHELL@
 # Copyright (c) 2012 Alexander Vershilov <qnikst@gentoo.org>
 # Released under the 2-clause BSD license.
+
 extra_stopped_commands="${extra_stopped_commands} cgroup_cleanup"
 description_cgroup_cleanup="Kill all processes in the cgroup"
 
@@ -47,7 +48,7 @@ cgroup_set_values()
 			$controller.*)
 				if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
 					veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
-					echo $val > "$cgroup/$name"
+					printf "%s" "$val" > "$cgroup/$name"
 				fi
 				name=$1
 				val=
@@ -60,12 +61,12 @@ cgroup_set_values()
 	done
 	if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
 		veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
-		echo $val > "$cgroup/$name"
+		printf "%s" "$val" > "$cgroup/$name"
 	fi
 
 	if [ -f "$cgroup/tasks" ]; then
 		veinfo "$RC_SVCNAME: adding to $cgroup/tasks"
-		echo 0 > "$cgroup/tasks"
+		printf "%d" 0 > "$cgroup/tasks"
 	fi
 
 	return 0
@@ -78,14 +79,14 @@ cgroup_add_service()
     # cgroups. But may lead to a problems where that inheriting
     # is needed.
 	for d in /sys/fs/cgroup/* ; do
-		[ -f "${d}"/tasks ] && echo 0 > "${d}"/tasks
+		[ -f "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
 	done
 
 	openrc_cgroup=/sys/fs/cgroup/openrc
 	if [ -d "$openrc_cgroup" ]; then
 		cgroup="$openrc_cgroup/$RC_SVCNAME"
 		mkdir -p "$cgroup"
-		[ -f "$cgroup/tasks" ] && echo 0 > "$cgroup/tasks"
+		[ -f "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
 	fi
 }
 

sh/rc-functions.sh.in

@@ -85,7 +85,7 @@ get_bootparam()
 	return 1
 }
 
-# Called from runscript.sh or gendepends.sh
+# Called from openrc-run.sh or gendepends.sh
 _depend() {
 	depend
 	local _rc_svcname=$(shell_var "$RC_SVCNAME") _deptype= _depends=

sh/tmpfiles.sh.in

@@ -245,7 +245,7 @@ PREFIX=
 FILE=
 fragments=
 # XXX: The harcoding of /usr/lib/ is an explicit choice by upstream
-tmpfiles_dirs='/usr/lib/tmpfiles.d/ /etc/tmpfiles.d/ /run/tmpfiles.d/'
+tmpfiles_dirs='/usr/lib/tmpfiles.d/ /run/tmpfiles.d/ /etc/tmpfiles.d/'
 tmpfiles_basenames=''
 tmpfiles_d=''
 # Build a list of sorted unique basenames

src/libeinfo/Makefile

@@ -4,7 +4,7 @@ SRCS=			libeinfo.c
 INCS=			einfo.h
 VERSION_MAP=		einfo.map
 
-CPPFLAGS+=		-I../includes
+LOCAL_CPPFLAGS+=		-I../includes
 
 MK=			../../mk
 include ${MK}/lib.mk

src/librc/Makefile

@@ -7,7 +7,7 @@ VERSION_MAP=	rc.map
 
 LDADD+=		${LIBKVM}
 
-CPPFLAGS+=	-I../includes
+LOCAL_CPPFLAGS+=	-I../includes
 
 MK=		../../mk
 include ${MK}/lib.mk

src/librc/librc-daemon.c

@@ -99,7 +99,7 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 	pid_t p;
 	char buffer[PATH_MAX];
 	struct stat sb;
-	pid_t runscript_pid = 0;
+	pid_t openrc_pid = 0;
 	char *pp;
 	RC_PIDLIST *pids = NULL;
 	RC_PID *pi;
@@ -108,7 +108,7 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 		return NULL;
 
 	/*
-	  We never match RC_RUNSCRIPT_PID if present so we avoid the below
+	  We never match RC_OPENRC_PID if present so we avoid the below
 	  scenario
 
 	  /etc/init.d/ntpd stop does
@@ -118,9 +118,9 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 	  nasty
 	*/
 
-	if ((pp = getenv("RC_RUNSCRIPT_PID"))) {
-		if (sscanf(pp, "%d", &runscript_pid) != 1)
-			runscript_pid = 0;
+	if ((pp = getenv("RC_OPENRC_PID"))) {
+		if (sscanf(pp, "%d", &openrc_pid) != 1)
+			openrc_pid = 0;
 	}
 
 	/*
@@ -146,7 +146,7 @@ rc_find_pids(const char *exec, const char *const *argv, uid_t uid, pid_t pid)
 	while ((entry = readdir(procdir)) != NULL) {
 		if (sscanf(entry->d_name, "%d", &p) != 1)
 			continue;
-		if (runscript_pid != 0 && runscript_pid == p)
+		if (openrc_pid != 0 && openrc_pid == p)
 			continue;
 		if (pid != 0 && pid != p)
 			continue;
@@ -510,6 +510,8 @@ rc_service_daemons_crashed(const char *service)
 	RC_STRINGLIST *list = NULL;
 	RC_STRING *s;
 	size_t i;
+	char *ch_root;
+	char *spidfile;
 
 	path += snprintf(dirpath, sizeof(dirpath), RC_SVCDIR "/daemons/%s",
 	    basename_c(service));
@@ -554,8 +556,8 @@ rc_service_daemons_crashed(const char *service)
 		}
 		fclose(fp);
 
-		char *ch_root = rc_service_value_get(basename_c(service), "chroot");
-		char *spidfile = pidfile;
+		ch_root = rc_service_value_get(basename_c(service), "chroot");
+		spidfile = pidfile;
 		if (ch_root && pidfile) {
 			spidfile = xmalloc(strlen(ch_root) + strlen(pidfile) + 1);
 			strcpy(spidfile, ch_root);

src/librc/librc.c

@@ -294,6 +294,8 @@ rc_sys_v1(void)
 		return RC_SYS_OPENVZ; /* old test */
 	else if (file_regex("/proc/1/environ", "container=lxc"))
 		return RC_SYS_LXC;
+	else if (file_regex("/proc/1/environ", "container=systemd-nspawn"))
+		return RC_SYS_SYSTEMD_NSPAWN;
 #endif
 
 	return NULL;

src/librc/rc.h.in

@@ -332,6 +332,7 @@ bool rc_service_daemons_crashed(const char *);
 #define RC_SYS_OPENVZ  "OPENVZ"
 #define RC_SYS_LXC     "LXC"
 #define RC_SYS_PREFIX  "PREFIX"
+#define RC_SYS_SYSTEMD_NSPAWN "SYSTEMD-NSPAWN"
 #define RC_SYS_UML     "UML"
 #define RC_SYS_VSERVER "VSERVER"
 #define RC_SYS_XEN0    "XEN0"

src/rc/Makefile

@@ -1,8 +1,8 @@
 PROG=		openrc
-SRCS=		checkpath.c fstabinfo.c mountinfo.c start-stop-daemon.c \
+SRCS=		checkpath.c fstabinfo.c mountinfo.c openrc-run.c \
 		rc-applets.c rc-depend.c rc-logger.c \
 		rc-misc.c rc-plugin.c rc-service.c rc-status.c rc-update.c \
-		runscript.c rc.c swclock.c
+		rc.c start-stop-daemon.c swclock.c
 
 ifeq (${MKSELINUX},yes)
 SRCS+=		rc-selinux.c
@@ -35,14 +35,14 @@ RC_SBINLINKS=	mark_service_starting mark_service_started \
 ALL_LINKS=	${BINLINKS} ${SBINLINKS} ${RC_BINLINKS} ${RC_SBINLINKS}
 CLEANFILES+=	${ALL_LINKS}
 
-CPPFLAGS+=	-I../includes -I../librc -I../libeinfo
-LDFLAGS+=	-L../librc -L../libeinfo
+LOCAL_CPPFLAGS=-I../includes -I../librc -I../libeinfo
+LOCAL_LDFLAGS=-L../librc -L../libeinfo
 LDADD+=		-lutil -lrc -leinfo
 
 include ../../Makefile.inc
 MK=		../../mk
 include ${MK}/prog.mk
-include ${MK}/git.mk
+include ${MK}/gitver.mk
 include ${MK}/cc.mk
 
 include ${MK}/termcap.mk

src/rc/checkpath.c

@@ -45,10 +45,7 @@
 #include "builtins.h"
 #include "einfo.h"
 #include "rc-misc.h"
-
-#ifdef HAVE_SELINUX
 #include "rc-selinux.h"
-#endif
 
 typedef enum {
 	inode_unknown = 0,
@@ -164,10 +161,8 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
 		}
 	}
 
-#ifdef HAVE_SELINUX
 	if (selinux_on)
 		selinux_util_label(path);
-#endif
 
 	return 0;
 }
@@ -296,10 +291,8 @@ int checkpath(int argc, char **argv)
 	if (gr)
 		gid = gr->gr_gid;
 
-#ifdef HAVE_SELINUX
 	if (selinux_util_open() == 1)
 		selinux_on = true;
-#endif
 
 	while (optind < argc) {
 		if (writable)
@@ -309,10 +302,8 @@ int checkpath(int argc, char **argv)
 		optind++;
 	}
 
-#ifdef HAVE_SELINUX
 	if (selinux_on)
 		selinux_util_close();
-#endif
 
 	return retval;
 }

src/rc/openrc-run.c

@@ -1,5 +1,5 @@
 /*
- * runscript.c
+ * openrc-run.c
  * Handle launching of init scripts.
  */
 
@@ -66,10 +66,7 @@
 #include "rc.h"
 #include "rc-misc.h"
 #include "rc-plugin.h"
-
-#ifdef HAVE_SELINUX
 #include "rc-selinux.h"
-#endif
 
 #define PREFIX_LOCK	RC_SVCDIR "/prefix.lock"
 
@@ -373,18 +370,18 @@ svc_exec(const char *arg1, const char *arg2)
 			dup2(slave_tty, STDERR_FILENO);
 		}
 
-		if (exists(RC_SVCDIR "/runscript.sh")) {
-			execl(RC_SVCDIR "/runscript.sh",
-			    RC_SVCDIR "/runscript.sh",
+		if (exists(RC_SVCDIR "/openrc-run.sh")) {
+			execl(RC_SVCDIR "/openrc-run.sh",
+			    RC_SVCDIR "/openrc-run.sh",
 			    service, arg1, arg2, (char *) NULL);
-			eerror("%s: exec `" RC_SVCDIR "/runscript.sh': %s",
+			eerror("%s: exec `" RC_SVCDIR "/openrc-run.sh': %s",
 			    service, strerror(errno));
 			_exit(EXIT_FAILURE);
 		} else {
-			execl(RC_LIBEXECDIR "/sh/runscript.sh",
-			    RC_LIBEXECDIR "/sh/runscript.sh",
+			execl(RC_LIBEXECDIR "/sh/openrc-run.sh",
+			    RC_LIBEXECDIR "/sh/openrc-run.sh",
 			    service, arg1, arg2, (char *) NULL);
-			eerror("%s: exec `" RC_LIBEXECDIR "/sh/runscript.sh': %s",
+			eerror("%s: exec `" RC_LIBEXECDIR "/sh/openrc-run.sh': %s",
 			    service, strerror(errno));
 			_exit(EXIT_FAILURE);
 		}
@@ -1165,6 +1162,11 @@ openrc_run(int argc, char **argv)
 	   subshells the init script may create so that our mark_service_*
 	   functions can always instruct us of this change */
 	snprintf(pidstr, sizeof(pidstr), "%d", (int) getpid());
+	setenv("RC_OPENRC_PID", pidstr, 1);
+	/*
+	 * RC_RUNSCRIPT_PID is deprecated, but we will keep it for a while
+	 * for safety.
+	 */
 	setenv("RC_RUNSCRIPT_PID", pidstr, 1);
 
 	/* eprefix is kinda klunky, but it works for our purposes */
@@ -1191,10 +1193,8 @@ openrc_run(int argc, char **argv)
 		eprefix(prefix);
 	}
 
-#ifdef HAVE_SELINUX
 	/* Ok, we are ready to go, so setup selinux if applicable */
-	selinux_setup(argc, argv);
-#endif
+	selinux_setup(argv);
 
 	deps = true;
 

src/rc/rc-applets.c

@@ -329,7 +329,7 @@ do_mark_service(int argc, char **argv)
 	bool ok = false;
 	char *svcname = getenv("RC_SVCNAME");
 	char *service = NULL;
-	char *runscript_pid;
+	char *openrc_pid;
 	/* char *mtime; */
 	pid_t pid;
 	RC_SERVICE bit;
@@ -350,7 +350,7 @@ do_mark_service(int argc, char **argv)
 		eerrorx("%s: unknown applet", applet);
 
 	/* If we're marking ourselves then we need to inform our parent
-	   runscript process so they do not mark us based on our exit code */
+	   openrc-run process so they do not mark us based on our exit code */
 	/*
 	 * FIXME: svcname and service are almost always equal except called from a
 	 * shell with just argv[1] - So that doesn't seem to do what Roy initially
@@ -359,8 +359,8 @@ do_mark_service(int argc, char **argv)
 	 * openrc@gentoo.org).
 	 */
 	if (ok && svcname && strcmp(svcname, service) == 0) {
-		runscript_pid = getenv("RC_RUNSCRIPT_PID");
-		if (runscript_pid && sscanf(runscript_pid, "%d", &pid) == 1)
+		openrc_pid = getenv("RC_OPENRC_PID");
+		if (openrc_pid && sscanf(openrc_pid, "%d", &pid) == 1)
 			if (kill(pid, SIGHUP) != 0)
 				eerror("%s: failed to signal parent %d: %s",
 				    applet, pid, strerror(errno));
@@ -369,10 +369,10 @@ do_mark_service(int argc, char **argv)
 		   in control as well */
 		/*
 		l = strlen(RC_SVCDIR "/exclusive") + strlen(svcname) +
-		    strlen(runscript_pid) + 4;
+		    strlen(openrc_pid) + 4;
 		mtime = xmalloc(l);
 		snprintf(mtime, l, RC_SVCDIR "/exclusive/%s.%s",
-		    svcname, runscript_pid);
+		    svcname, openrc_pid);
 		if (exists(mtime) && unlink(mtime) != 0)
 			eerror("%s: unlink: %s", applet, strerror(errno));
 		free(mtime);

src/rc/rc-selinux.c

@@ -1,7 +1,7 @@
 /*
-  rc-selinux.c
-  SELinux helpers to get and set contexts.
-*/
+ * rc-selinux.c
+ * SELinux helpers to get and set contexts.
+ */
 
 /*
  * Copyright (c) 2014 Jason Zaman <jason@perfinion.com>
@@ -31,11 +31,18 @@
 #include <stddef.h>
 #include <errno.h>
 #include <dlfcn.h>
-
-#include <sys/stat.h>
+#include <ctype.h>
+#include <limits.h>
+#include <pwd.h>
+#include <unistd.h>
 
 #include <selinux/selinux.h>
 #include <selinux/label.h>
+#include <selinux/get_default_type.h>
+#include <selinux/context.h>
+
+#include <sys/stat.h>
+#include <sys/types.h>
 
 #include "einfo.h"
 #include "queue.h"
@@ -44,11 +51,28 @@
 #include "rc-plugin.h"
 #include "rc-selinux.h"
 
-#define SELINUX_LIB     RC_LIBDIR "/runscript_selinux.so"
+/* the context files for selinux */
+#define RUN_INIT_FILE "run_init_type"
+#define INITRC_FILE "initrc_context"
 
-static void (*selinux_run_init_old) (void);
-static void (*selinux_run_init_new) (int argc, char **argv);
+#ifdef HAVE_AUDIT
+#include <libaudit.h>
+#endif
 
+/* PAM or shadow for authentication */
+#ifdef HAVE_PAM
+#    define PAM_SERVICE_NAME "run_init" /* the name of this program for PAM */
+#    include <security/pam_appl.h>
+#    include <security/pam_misc.h>
+#else
+#    define PASSWORD_PROMPT "Password:"
+#    include <crypt.h>
+#    include <shadow.h>
+#    include <string.h>
+#endif
+
+
+/* The handle for the fcontext lookups */
 static struct selabel_handle *hnd = NULL;
 
 int selinux_util_label(const char *path)
@@ -133,33 +157,243 @@ int selinux_util_close(void)
 	return 0;
 }
 
-void selinux_setup(int argc, char **argv)
+/*
+ * This will check the users password and return 0 on success or -1 on fail
+ *
+ * We ask for the password to make sure it is intended vs run by malicious software.
+ * Actual authorization is covered by the policy itself.
+ */
+static int check_password(char *username)
 {
-	void *lib_handle = NULL;
+	int ret = 1;
+#ifdef HAVE_PAM
+	pam_handle_t *pamh;
+	int pam_err = 0;
+	const struct pam_conv pconv = {
+		misc_conv,
+		NULL
+	};
 
-	if (!exists(SELINUX_LIB))
-		return;
+	pam_err = pam_start(PAM_SERVICE_NAME, username, &pconv, &pamh);
+	if (pam_err != PAM_SUCCESS) {
+		ret = -1;
+		goto outpam;
+	}
 
-	lib_handle = dlopen(SELINUX_LIB, RTLD_NOW | RTLD_GLOBAL);
-	if (!lib_handle) {
-		eerror("dlopen: %s", dlerror());
+	pam_err = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK);
+	if (pam_err != PAM_SUCCESS) {
+		ret = -1;
+		goto outpam;
+	}
+
+	ret = 0;
+outpam:
+	pam_end(pamh, pam_err);
+	pamh = NULL;
+
+#else /* authenticating via /etc/shadow instead */
+	struct spwd *spw;
+	char *password;
+	char *attempt;
+
+	spw = getspnam(username);
+	if (!spw) {
+		eerror("Failed to read shadow entry");
+		ret = -1;
+		goto outshadow;
+	}
+
+	attempt = getpass(PASSWORD_PROMPT);
+	if (!attempt) {
+		ret = -1;
+		goto outshadow;
+	}
+
+	if (*spw->sp_pwdp == '\0' && *attempt == '\0') {
+		ret = -1;
+		goto outshadow;
+	}
+
+	/* salt must be at least two characters long */
+	if (!(spw->sp_pwdp[0] && spw->sp_pwdp[1])) {
+		ret = -1;
+		goto outshadow;
+	}
+
+	/* encrypt the password attempt */
+	password = crypt(attempt, spw->sp_pwdp);
+
+	if (password && strcmp(password, spw->sp_pwdp) == 0)
+		ret = 0;
+	else
+		ret = -1;
+outshadow:
+#endif
+	return ret;
+}
+
+/* Authenticates the user, returns 0 on success, 1 on fail */
+static int check_auth()
+{
+	struct passwd *pw;
+	uid_t uid;
+
+#ifdef HAVE_AUDIT
+	uid = audit_getloginuid();
+	if (uid == (uid_t) -1)
+		uid = getuid();
+#else
+	uid = getuid();
+#endif
+
+	pw = getpwuid(uid);
+	if (!pw) {
+		eerror("cannot find your entry in the passwd file.");
+		return (-1);
+	}
+
+	printf("Authenticating %s.\n", pw->pw_name);
+
+	/* do the actual check */
+	if (check_password(pw->pw_name) == 0) {
+		return 0;
+	}
+
+	eerrorx("Authentication failed for %s", pw->pw_name);
+	return 1;
+}
+
+/*
+ * Read the context from the given context file. context must be free'd by the user.
+ */
+static int read_context_file(const char *filename, char **context)
+{
+	int ret = -1;
+	FILE *fp;
+	char filepath[PATH_MAX];
+	char *line = NULL;
+	char *p;
+	char *p2;
+	size_t len = 0;
+	ssize_t read;
+
+	memset(filepath, '\0', PATH_MAX);
+	snprintf(filepath, PATH_MAX - 1, "%s/%s", selinux_contexts_path(), filename);
+
+	fp = fopen(filepath, "r");
+	if (fp == NULL) {
+		eerror("Failed to open context file: %s", filename);
+		return -1;
+	}
+
+	while ((read = getline(&line, &len, fp)) != -1) {
+		/* cut off spaces before the string */
+		p = line;
+		while (isspace(*p) && *p != '\0')
+			p++;
+
+		/* empty string, skip */
+		if (*p == '\0')
+			continue;
+
+		/* cut off spaces after the string */
+		p2 = p;
+		while (!isspace(*p2) && *p2 != '\0')
+			p2++;
+		*p2 = '\0';
+
+		*context = xstrdup(p);
+		ret = 0;
+		break;
+	}
+
+	free(line);
+	fclose(fp);
+	return ret;
+}
+
+void selinux_setup(char **argv)
+{
+	char *new_context = NULL;
+	char *curr_context = NULL;
+	context_t curr_con;
+	char *curr_t = NULL;
+	char *run_init_t = NULL;
+
+	/* Return, if selinux is disabled. */
+	if (is_selinux_enabled() < 1) {
 		return;
 	}
 
-	selinux_run_init_old = (void (*)(void))
-	    dlfunc(lib_handle, "selinux_runscript");
-	selinux_run_init_new = (void (*)(int, char **))
-	    dlfunc(lib_handle, "selinux_runscript2");
+	if (read_context_file(RUN_INIT_FILE, &run_init_t) != 0) {
+		/* assume a reasonable default, rather than bailing out */
+		run_init_t = xstrdup("run_init_t");
+		ewarn("Assuming SELinux run_init type is %s", run_init_t);
+	}
 
-	/* Use new run_init if it exists, else fall back to old */
-	if (selinux_run_init_new)
-		selinux_run_init_new(argc, argv);
-	else if (selinux_run_init_old)
-		selinux_run_init_old();
-	else
-		/* This shouldnt happen... probably corrupt lib */
-		eerrorx
-		    ("run_init is missing from runscript_selinux.so!");
+	/* Get our current context. */
+	if (getcon(&curr_context) < 0) {
+		if (errno == ENOENT) {
+			/* should only hit this if proc is not mounted.  this
+			 * happens on Gentoo right after init starts, when
+			 * the init script processing starts.
+			 */
+			goto out;
+		} else {
+			perror("getcon");
+			exit(1);
+		}
+	}
 
-	dlclose(lib_handle);
+	/* extract the type from the context */
+	curr_con = context_new(curr_context);
+	curr_t = xstrdup(context_type_get(curr_con));
+	/* dont need them anymore so free() now */
+	context_free(curr_con);
+	free(curr_context);
+
+	/* if we are not in the run_init domain, we should not do anything */
+	if (strncmp(run_init_t, curr_t, strlen(run_init_t)) != 0) {
+		goto out;
+	}
+
+	free(curr_t);
+	free(run_init_t);
+
+	if (check_auth() != 0) {
+		eerrorx("Authentication failed.");
+	}
+
+	/* Get the context for the script to be run in. */
+	if (read_context_file(INITRC_FILE, &new_context) != 0) {
+		/* assume a reasonable default, rather than bailing out */
+		new_context = xstrdup("system_u:system_r:initrc_t");
+		ewarn("Assuming SELinux initrc context is %s", new_context);
+	}
+
+	/* Set the new context */
+	if (setexeccon(new_context) < 0) {
+		eerrorx("Could not set SELinux exec context to %s.", new_context);
+	}
+
+	free(new_context);
+
+	/*
+	 * exec will recycle ptys so try and use open_init_pty if it exists
+	 * which will open the pty with initrc_devpts_t, if it doesnt exist,
+	 * fall back to plain exec
+	 */
+	if (access("/usr/sbin/open_init_pty", X_OK)) {
+		if (execvp("/usr/sbin/open_init_pty", argv)) {
+			perror("execvp");
+			exit(-1);
+		}
+	} else if (execvp(argv[1], argv + 1)) {
+		perror("execvp");
+		exit(-1);
+	}
+
+out:
+	free(run_init_t);
+	free(curr_t);
 }

src/rc/rc-selinux.h

@@ -26,10 +26,24 @@
 #ifndef RC_SELINUX_UTIL_H
 #define RC_SELINUX_UTIL_H
 
+#ifdef HAVE_SELINUX
+
 int selinux_util_open(void);
 int selinux_util_label(const char *path);
 int selinux_util_close(void);
 
-void selinux_setup(int argc, char **argv);
+void selinux_setup(char **argv);
+
+#else
+
+/* always return false for selinux_util_open() */
+#define selinux_util_open() (0)
+#define selinux_util_label(x) do { } while(0)
+#define selinux_util_close() do { } while(0)
+
+#define selinux_setup(x) do { } while(0)
+
+#endif
+
 
 #endif

src/rc/rc.c

@@ -519,7 +519,7 @@ runlevel_config(const char *service, const char *level)
 }
 
 static void
-do_stop_services(const RC_STRINGLIST *types_n, const RC_STRINGLIST *start_services,
+do_stop_services(RC_STRINGLIST *types_n, RC_STRINGLIST *start_services,
 				 const RC_STRINGLIST *stop_services, const RC_DEPTREE *deptree,
 				 const char *newlevel, bool parallel, bool going_down)
 {

src/rc/start-stop-daemon.c

@@ -678,6 +678,7 @@ start_stop_daemon(int argc, char **argv)
 	int tid = 0;
 	char *redirect_stderr = NULL;
 	char *redirect_stdout = NULL;
+	int stdin_fd;
 	int stdout_fd;
 	int stderr_fd;
 	pid_t pid, spid;
@@ -919,10 +920,13 @@ start_stop_daemon(int argc, char **argv)
 			exec = name;
 		if (name && start)
 			*argv = name;
-	} else if (name)
+	} else if (name) {
 		*--argv = name;
-	else if (exec)
+		++argc;
+    } else if (exec) {
 		*--argv = exec;
+		++argc;
+	};
 
 	if (stop || sig != -1) {
 		if (sig == -1)
@@ -1075,7 +1079,7 @@ start_stop_daemon(int argc, char **argv)
 			exit (EXIT_SUCCESS);
 
 		einfon("Would start");
-		while (argc-- >= 0)
+		while (argc-- > 0)
 			printf(" %s", *argv++);
 		printf("\n");
 		eindent();
@@ -1244,6 +1248,7 @@ start_stop_daemon(int argc, char **argv)
 			setenv("PATH", newpath, 1);
 		}
 
+		stdin_fd = devnull_fd;
 		stdout_fd = devnull_fd;
 		stderr_fd = devnull_fd;
 		if (redirect_stdout) {
@@ -1263,7 +1268,8 @@ start_stop_daemon(int argc, char **argv)
 				    applet, redirect_stderr, strerror(errno));
 		}
 
-		/* We don't redirect stdin as some daemons may need it */
+		if (background)
+			dup2(stdin_fd, STDIN_FILENO);
 		if (background || redirect_stdout || rc_yesno(getenv("EINFO_QUIET")))
 			dup2(stdout_fd, STDOUT_FILENO);
 		if (background || redirect_stderr || rc_yesno(getenv("EINFO_QUIET")))