dinit-rc: initial commit
This commit is contained in:
parent
80cbb06241
commit
923f459081
|
@ -0,0 +1,26 @@
|
|||
Copyright (C) 2021 Muhammad Herdiansyah
|
||||
Copyright (C) 2021 Artix Linux Developers
|
||||
Copyright (C) 2021 Daniel "q66" Kolesa
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
@ -0,0 +1,139 @@
|
|||
PREFIX ?= /usr
|
||||
SYSCONFDIR ?= /etc
|
||||
LOCALSTATEDIR ?= /var
|
||||
BINDIR ?= $(PREFIX)/bin
|
||||
LIBDIR ?= $(PREFIX)/lib
|
||||
DATADIR ?= $(PREFIX)/share
|
||||
DINITSRVDIR ?= $(LIBDIR)/dinit.d
|
||||
DINITCNFDIR ?= $(SYSCONFDIR)/dinit.d
|
||||
|
||||
BIN_PROGRAMS = modules-load seedrng
|
||||
|
||||
MANPAGES = modules-load.8
|
||||
|
||||
CONF_FILES = \
|
||||
agetty-default.conf \
|
||||
console.conf \
|
||||
cgroups.conf \
|
||||
hwclock.conf \
|
||||
rc.local \
|
||||
rc.shutdown
|
||||
|
||||
SERVICEDIR = boot.d \
|
||||
mount.d
|
||||
|
||||
SERVICES = \
|
||||
boot \
|
||||
cgroups \
|
||||
cleanup \
|
||||
dmesg \
|
||||
fsck \
|
||||
getty \
|
||||
hostname \
|
||||
hwclock \
|
||||
loginready \
|
||||
locale \
|
||||
misc \
|
||||
modules \
|
||||
mount \
|
||||
mount-all \
|
||||
net-lo \
|
||||
network \
|
||||
network-pre \
|
||||
pseudofs \
|
||||
random-seed \
|
||||
rclocal \
|
||||
recovery \
|
||||
root-rw \
|
||||
setup \
|
||||
single \
|
||||
swap \
|
||||
sysctl \
|
||||
tmpfs \
|
||||
udevd \
|
||||
udevd-early \
|
||||
udev-settle \
|
||||
udev-trigger \
|
||||
vconsole
|
||||
|
||||
|
||||
SCRIPTS = \
|
||||
agetty \
|
||||
agetty-default \
|
||||
cgroup-release-agent.sh \
|
||||
cgroups \
|
||||
cleanup \
|
||||
dmesg \
|
||||
fsck \
|
||||
hostname \
|
||||
hwclock \
|
||||
pseudofs \
|
||||
udevd \
|
||||
vconsole
|
||||
|
||||
TTY_SERVICES = \
|
||||
tty1 \
|
||||
tty2 \
|
||||
tty3 \
|
||||
tty4 \
|
||||
tty5 \
|
||||
tty6
|
||||
|
||||
LOCALSTATEDIR ?= /var/lib
|
||||
CFLAGS ?= -O2 -pipe
|
||||
|
||||
CFLAGS += -Wall -Wextra -pedantic
|
||||
CFLAGS += -DLOCALSTATEDIR="\"$(LOCALSTATEDIR)\""
|
||||
|
||||
seedrng: bin/seedrng.c
|
||||
cc -o bin/seedrng bin/seedrng.c $(CFLAGS)
|
||||
|
||||
install:
|
||||
install -d $(DESTDIR)$(BINDIR)
|
||||
install -d $(DESTDIR)$(LIBDIR)
|
||||
install -d $(DESTDIR)$(DATADIR)
|
||||
install -d $(DESTDIR)$(SYSCONFDIR)
|
||||
install -d $(DESTDIR)$(MANDIR)
|
||||
install -d $(DESTDIR)$(DINITSRVDIR)
|
||||
install -d $(DESTDIR)$(DINITCNFDIR)/config
|
||||
install -d $(DESTDIR)$(LIBDIR)/dinit
|
||||
install -d $(DESTDIR)$(DINITCNFDIR)/boot.d
|
||||
install -d $(DESTDIR)$(DINITCNFDIR)/mount.d
|
||||
install -d $(DESTDIR)$(DINITCNFDIR)/live.d
|
||||
install -d $(DESTDIR)$(LOCALSTATEDIR)/log/dinit
|
||||
# placeholder
|
||||
touch $(DESTDIR)$(DINITCNFDIR)/mount.d/.KEEP
|
||||
touch $(DESTDIR)$(DINITCNFDIR)/boot.d/.KEEP
|
||||
touch $(DESTDIR)$(DINITCNFDIR)/live.d/.KEEP
|
||||
# config files
|
||||
for conf in $(CONF_FILES); do \
|
||||
install -m 644 config/$$conf $(DESTDIR)$(DINITCNFDIR)/config; \
|
||||
done
|
||||
# scripts
|
||||
for script in $(SCRIPTS); do \
|
||||
install -m 755 scripts/$$script $(DESTDIR)$(LIBDIR)/dinit; \
|
||||
done
|
||||
# programs
|
||||
for prog in $(BIN_PROGRAMS); do \
|
||||
install -m 755 bin/$$prog $(DESTDIR)$(LIBDIR)/dinit; \
|
||||
done
|
||||
# manpages
|
||||
for man in $(MANPAGES); do \
|
||||
install -m 644 man/$$man $(DESTDIR)$(MANDIR); \
|
||||
done
|
||||
# services
|
||||
for srv in $(SERVICES); do \
|
||||
install -m 644 services/$$srv $(DESTDIR)$(DINITSRVDIR); \
|
||||
done
|
||||
# getty services
|
||||
for srv in $(TTY_SERVICES); do \
|
||||
install -m 644 services/$$srv $(DESTDIR)$(DINITCNFDIR); \
|
||||
done
|
||||
# misc
|
||||
install -Dm644 misc/50-default.conf $(DESTDIR)$(LIBDIR)/sysctl.d/50-default.conf
|
||||
install -Dm644 misc/dinit.logrotate $(DESTDIR)$(SYSCONFDIR)/logrotate.d/dinit
|
||||
|
||||
clean:
|
||||
rm -f bin/seedrng
|
||||
|
||||
.PHONY: clean
|
|
@ -0,0 +1,6 @@
|
|||
Artix's dinit stage 1.
|
||||
|
||||
Adapted from s6-scripts, runit-rc, Chimera Linux, and dinit's own configuration.
|
||||
|
||||
TODO: Either remove cgroup code, or clean it, it's messy, and it's on dinit's
|
||||
plan post-1.0.
|
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh
|
||||
|
||||
if [ "$(id -u)" != "0" ];then
|
||||
echo "$(basename $0) need to run as root!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
MODULES_DIR=/etc/modules-load.d
|
||||
|
||||
error=0
|
||||
|
||||
for file in "$MODULES_DIR"/*.conf; do
|
||||
[ ! -f "$file" ] && continue
|
||||
while read -r module junk; do
|
||||
# Ignore comments and blank lines
|
||||
case "$module" in
|
||||
""|\#*) continue ;;
|
||||
esac
|
||||
modprobe -ab "$module" || error=$?
|
||||
done < "$file"
|
||||
done
|
||||
|
||||
exit $error
|
||||
|
|
@ -0,0 +1,488 @@
|
|||
// SPDX-License-Identifier: (GPL-2.0 OR Apache-2.0 OR MIT OR BSD-1-Clause OR CC0-1.0)
|
||||
/*
|
||||
* Copyright (C) 2022 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||
*/
|
||||
|
||||
#include <linux/random.h>
|
||||
#include <sys/random.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/file.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/types.h>
|
||||
#include <fcntl.h>
|
||||
#include <poll.h>
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <errno.h>
|
||||
#include <endian.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#ifndef LOCALSTATEDIR
|
||||
#define LOCALSTATEDIR "/var/lib"
|
||||
#endif
|
||||
|
||||
#define SEED_DIR LOCALSTATEDIR "/seedrng"
|
||||
#define CREDITABLE_SEED "seed.credit"
|
||||
#define NON_CREDITABLE_SEED "seed.no-credit"
|
||||
|
||||
enum blake2s_lengths {
|
||||
BLAKE2S_BLOCK_LEN = 64,
|
||||
BLAKE2S_HASH_LEN = 32,
|
||||
BLAKE2S_KEY_LEN = 32
|
||||
};
|
||||
|
||||
enum seedrng_lengths {
|
||||
MAX_SEED_LEN = 512,
|
||||
MIN_SEED_LEN = BLAKE2S_HASH_LEN
|
||||
};
|
||||
|
||||
struct blake2s_state {
|
||||
uint32_t h[8];
|
||||
uint32_t t[2];
|
||||
uint32_t f[2];
|
||||
uint8_t buf[BLAKE2S_BLOCK_LEN];
|
||||
unsigned int buflen;
|
||||
unsigned int outlen;
|
||||
};
|
||||
|
||||
#define le32_to_cpup(a) le32toh(*(a))
|
||||
#define cpu_to_le32(a) htole32(a)
|
||||
#ifndef ARRAY_SIZE
|
||||
#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
|
||||
#endif
|
||||
#ifndef DIV_ROUND_UP
|
||||
#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
|
||||
#endif
|
||||
|
||||
static inline void cpu_to_le32_array(uint32_t *buf, unsigned int words)
|
||||
{
|
||||
while (words--) {
|
||||
*buf = cpu_to_le32(*buf);
|
||||
++buf;
|
||||
}
|
||||
}
|
||||
|
||||
static inline void le32_to_cpu_array(uint32_t *buf, unsigned int words)
|
||||
{
|
||||
while (words--) {
|
||||
*buf = le32_to_cpup(buf);
|
||||
++buf;
|
||||
}
|
||||
}
|
||||
|
||||
static inline uint32_t ror32(uint32_t word, unsigned int shift)
|
||||
{
|
||||
return (word >> (shift & 31)) | (word << ((-shift) & 31));
|
||||
}
|
||||
|
||||
static const uint32_t blake2s_iv[8] = {
|
||||
0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL,
|
||||
0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
|
||||
};
|
||||
|
||||
static const uint8_t blake2s_sigma[10][16] = {
|
||||
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 },
|
||||
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 },
|
||||
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 },
|
||||
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 },
|
||||
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 },
|
||||
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 },
|
||||
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 },
|
||||
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 },
|
||||
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 },
|
||||
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 },
|
||||
};
|
||||
|
||||
static void blake2s_set_lastblock(struct blake2s_state *state)
|
||||
{
|
||||
state->f[0] = -1;
|
||||
}
|
||||
|
||||
static void blake2s_increment_counter(struct blake2s_state *state, const uint32_t inc)
|
||||
{
|
||||
state->t[0] += inc;
|
||||
state->t[1] += (state->t[0] < inc);
|
||||
}
|
||||
|
||||
static void blake2s_init_param(struct blake2s_state *state, const uint32_t param)
|
||||
{
|
||||
int i;
|
||||
|
||||
memset(state, 0, sizeof(*state));
|
||||
for (i = 0; i < 8; ++i)
|
||||
state->h[i] = blake2s_iv[i];
|
||||
state->h[0] ^= param;
|
||||
}
|
||||
|
||||
static void blake2s_init(struct blake2s_state *state, const size_t outlen)
|
||||
{
|
||||
blake2s_init_param(state, 0x01010000 | outlen);
|
||||
state->outlen = outlen;
|
||||
}
|
||||
|
||||
static void blake2s_compress(struct blake2s_state *state, const uint8_t *block, size_t nblocks, const uint32_t inc)
|
||||
{
|
||||
uint32_t m[16];
|
||||
uint32_t v[16];
|
||||
int i;
|
||||
|
||||
while (nblocks > 0) {
|
||||
blake2s_increment_counter(state, inc);
|
||||
memcpy(m, block, BLAKE2S_BLOCK_LEN);
|
||||
le32_to_cpu_array(m, ARRAY_SIZE(m));
|
||||
memcpy(v, state->h, 32);
|
||||
v[ 8] = blake2s_iv[0];
|
||||
v[ 9] = blake2s_iv[1];
|
||||
v[10] = blake2s_iv[2];
|
||||
v[11] = blake2s_iv[3];
|
||||
v[12] = blake2s_iv[4] ^ state->t[0];
|
||||
v[13] = blake2s_iv[5] ^ state->t[1];
|
||||
v[14] = blake2s_iv[6] ^ state->f[0];
|
||||
v[15] = blake2s_iv[7] ^ state->f[1];
|
||||
|
||||
#define G(r, i, a, b, c, d) do { \
|
||||
a += b + m[blake2s_sigma[r][2 * i + 0]]; \
|
||||
d = ror32(d ^ a, 16); \
|
||||
c += d; \
|
||||
b = ror32(b ^ c, 12); \
|
||||
a += b + m[blake2s_sigma[r][2 * i + 1]]; \
|
||||
d = ror32(d ^ a, 8); \
|
||||
c += d; \
|
||||
b = ror32(b ^ c, 7); \
|
||||
} while (0)
|
||||
|
||||
#define ROUND(r) do { \
|
||||
G(r, 0, v[0], v[ 4], v[ 8], v[12]); \
|
||||
G(r, 1, v[1], v[ 5], v[ 9], v[13]); \
|
||||
G(r, 2, v[2], v[ 6], v[10], v[14]); \
|
||||
G(r, 3, v[3], v[ 7], v[11], v[15]); \
|
||||
G(r, 4, v[0], v[ 5], v[10], v[15]); \
|
||||
G(r, 5, v[1], v[ 6], v[11], v[12]); \
|
||||
G(r, 6, v[2], v[ 7], v[ 8], v[13]); \
|
||||
G(r, 7, v[3], v[ 4], v[ 9], v[14]); \
|
||||
} while (0)
|
||||
ROUND(0);
|
||||
ROUND(1);
|
||||
ROUND(2);
|
||||
ROUND(3);
|
||||
ROUND(4);
|
||||
ROUND(5);
|
||||
ROUND(6);
|
||||
ROUND(7);
|
||||
ROUND(8);
|
||||
ROUND(9);
|
||||
|
||||
#undef G
|
||||
#undef ROUND
|
||||
|
||||
for (i = 0; i < 8; ++i)
|
||||
state->h[i] ^= v[i] ^ v[i + 8];
|
||||
|
||||
block += BLAKE2S_BLOCK_LEN;
|
||||
--nblocks;
|
||||
}
|
||||
}
|
||||
|
||||
static void blake2s_update(struct blake2s_state *state, const void *inp, size_t inlen)
|
||||
{
|
||||
const size_t fill = BLAKE2S_BLOCK_LEN - state->buflen;
|
||||
const uint8_t *in = inp;
|
||||
|
||||
if (!inlen)
|
||||
return;
|
||||
if (inlen > fill) {
|
||||
memcpy(state->buf + state->buflen, in, fill);
|
||||
blake2s_compress(state, state->buf, 1, BLAKE2S_BLOCK_LEN);
|
||||
state->buflen = 0;
|
||||
in += fill;
|
||||
inlen -= fill;
|
||||
}
|
||||
if (inlen > BLAKE2S_BLOCK_LEN) {
|
||||
const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2S_BLOCK_LEN);
|
||||
blake2s_compress(state, in, nblocks - 1, BLAKE2S_BLOCK_LEN);
|
||||
in += BLAKE2S_BLOCK_LEN * (nblocks - 1);
|
||||
inlen -= BLAKE2S_BLOCK_LEN * (nblocks - 1);
|
||||
}
|
||||
memcpy(state->buf + state->buflen, in, inlen);
|
||||
state->buflen += inlen;
|
||||
}
|
||||
|
||||
static void blake2s_final(struct blake2s_state *state, uint8_t *out)
|
||||
{
|
||||
blake2s_set_lastblock(state);
|
||||
memset(state->buf + state->buflen, 0, BLAKE2S_BLOCK_LEN - state->buflen);
|
||||
blake2s_compress(state, state->buf, 1, state->buflen);
|
||||
cpu_to_le32_array(state->h, ARRAY_SIZE(state->h));
|
||||
memcpy(out, state->h, state->outlen);
|
||||
}
|
||||
|
||||
static ssize_t getrandom_full(void *buf, size_t count, unsigned int flags)
|
||||
{
|
||||
ssize_t ret, total = 0;
|
||||
uint8_t *p = buf;
|
||||
|
||||
do {
|
||||
ret = getrandom(p, count, flags);
|
||||
if (ret < 0 && errno == EINTR)
|
||||
continue;
|
||||
else if (ret < 0)
|
||||
return ret;
|
||||
total += ret;
|
||||
p += ret;
|
||||
count -= ret;
|
||||
} while (count);
|
||||
return total;
|
||||
}
|
||||
|
||||
static ssize_t read_full(int fd, void *buf, size_t count)
|
||||
{
|
||||
ssize_t ret, total = 0;
|
||||
uint8_t *p = buf;
|
||||
|
||||
do {
|
||||
ret = read(fd, p, count);
|
||||
if (ret < 0 && errno == EINTR)
|
||||
continue;
|
||||
else if (ret < 0)
|
||||
return ret;
|
||||
else if (ret == 0)
|
||||
break;
|
||||
total += ret;
|
||||
p += ret;
|
||||
count -= ret;
|
||||
} while (count);
|
||||
return total;
|
||||
}
|
||||
|
||||
static ssize_t write_full(int fd, const void *buf, size_t count)
|
||||
{
|
||||
ssize_t ret, total = 0;
|
||||
const uint8_t *p = buf;
|
||||
|
||||
do {
|
||||
ret = write(fd, p, count);
|
||||
if (ret < 0 && errno == EINTR)
|
||||
continue;
|
||||
else if (ret < 0)
|
||||
return ret;
|
||||
total += ret;
|
||||
p += ret;
|
||||
count -= ret;
|
||||
} while (count);
|
||||
return total;
|
||||
}
|
||||
|
||||
static size_t determine_optimal_seed_len(void)
|
||||
{
|
||||
size_t ret = 0;
|
||||
char poolsize_str[11] = { 0 };
|
||||
int fd = open("/proc/sys/kernel/random/poolsize", O_RDONLY);
|
||||
|
||||
if (fd < 0 || read_full(fd, poolsize_str, sizeof(poolsize_str) - 1) < 0) {
|
||||
perror("Unable to determine pool size, falling back to 256 bits");
|
||||
ret = MIN_SEED_LEN;
|
||||
} else
|
||||
ret = DIV_ROUND_UP(strtoul(poolsize_str, NULL, 10), 8);
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
if (ret < MIN_SEED_LEN)
|
||||
ret = MIN_SEED_LEN;
|
||||
else if (ret > MAX_SEED_LEN)
|
||||
ret = MAX_SEED_LEN;
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int read_new_seed(uint8_t *seed, size_t len, bool *is_creditable)
|
||||
{
|
||||
ssize_t ret;
|
||||
int urandom_fd;
|
||||
|
||||
*is_creditable = false;
|
||||
ret = getrandom_full(seed, len, GRND_NONBLOCK);
|
||||
if (ret == (ssize_t)len) {
|
||||
*is_creditable = true;
|
||||
return 0;
|
||||
} else if (ret < 0 && errno == ENOSYS) {
|
||||
struct pollfd random_fd = {
|
||||
.fd = open("/dev/random", O_RDONLY),
|
||||
.events = POLLIN
|
||||
};
|
||||
if (random_fd.fd < 0)
|
||||
return -errno;
|
||||
*is_creditable = poll(&random_fd, 1, 0) == 1;
|
||||
close(random_fd.fd);
|
||||
} else if (getrandom_full(seed, len, GRND_INSECURE) == (ssize_t)len)
|
||||
return 0;
|
||||
urandom_fd = open("/dev/urandom", O_RDONLY);
|
||||
if (urandom_fd < 0)
|
||||
return -1;
|
||||
ret = read_full(urandom_fd, seed, len);
|
||||
if (ret == (ssize_t)len)
|
||||
ret = 0;
|
||||
else
|
||||
ret = -errno ? -errno : -EIO;
|
||||
close(urandom_fd);
|
||||
errno = -ret;
|
||||
return ret ? -1 : 0;
|
||||
}
|
||||
|
||||
static int seed_rng(uint8_t *seed, size_t len, bool credit)
|
||||
{
|
||||
struct {
|
||||
int entropy_count;
|
||||
int buf_size;
|
||||
uint8_t buffer[MAX_SEED_LEN];
|
||||
} req = {
|
||||
.entropy_count = credit ? len * 8 : 0,
|
||||
.buf_size = len
|
||||
};
|
||||
int random_fd, ret;
|
||||
|
||||
if (len > sizeof(req.buffer)) {
|
||||
errno = EFBIG;
|
||||
return -1;
|
||||
}
|
||||
memcpy(req.buffer, seed, len);
|
||||
|
||||
random_fd = open("/dev/urandom", O_RDONLY);
|
||||
if (random_fd < 0)
|
||||
return -1;
|
||||
ret = ioctl(random_fd, RNDADDENTROPY, &req);
|
||||
if (ret)
|
||||
ret = -errno ? -errno : -EIO;
|
||||
close(random_fd);
|
||||
errno = -ret;
|
||||
return ret ? -1 : 0;
|
||||
}
|
||||
|
||||
static int seed_from_file_if_exists(const char *filename, int dfd, bool credit, struct blake2s_state *hash)
|
||||
{
|
||||
uint8_t seed[MAX_SEED_LEN];
|
||||
ssize_t seed_len;
|
||||
int fd = -1, ret = 0;
|
||||
|
||||
fd = openat(dfd, filename, O_RDONLY);
|
||||
if (fd < 0 && errno == ENOENT)
|
||||
return 0;
|
||||
else if (fd < 0) {
|
||||
ret = -errno;
|
||||
perror("Unable to open seed file");
|
||||
goto out;
|
||||
}
|
||||
seed_len = read_full(fd, seed, sizeof(seed));
|
||||
if (seed_len < 0) {
|
||||
ret = -errno;
|
||||
perror("Unable to read seed file");
|
||||
goto out;
|
||||
}
|
||||
if ((unlinkat(dfd, filename, 0) < 0 || fsync(dfd) < 0) && seed_len) {
|
||||
ret = -errno;
|
||||
perror("Unable to remove seed after reading, so not seeding");
|
||||
goto out;
|
||||
}
|
||||
if (!seed_len)
|
||||
goto out;
|
||||
|
||||
blake2s_update(hash, &seed_len, sizeof(seed_len));
|
||||
blake2s_update(hash, seed, seed_len);
|
||||
|
||||
printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without");
|
||||
if (seed_rng(seed, seed_len, credit) < 0) {
|
||||
ret = -errno;
|
||||
perror("Unable to seed");
|
||||
}
|
||||
|
||||
out:
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
errno = -ret;
|
||||
return ret ? -1 : 0;
|
||||
}
|
||||
|
||||
static bool skip_credit(void)
|
||||
{
|
||||
const char *skip = getenv("SEEDRNG_SKIP_CREDIT");
|
||||
return skip && (!strcmp(skip, "1") || !strcasecmp(skip, "true") ||
|
||||
!strcasecmp(skip, "yes") || !strcasecmp(skip, "y"));
|
||||
}
|
||||
|
||||
int main(int argc __attribute__((unused)), char *argv[] __attribute__((unused)))
|
||||
{
|
||||
static const char seedrng_prefix[] = "SeedRNG v1 Old+New Prefix";
|
||||
static const char seedrng_failure[] = "SeedRNG v1 No New Seed Failure";
|
||||
int fd = -1, dfd = -1, program_ret = 0;
|
||||
uint8_t new_seed[MAX_SEED_LEN];
|
||||
size_t new_seed_len;
|
||||
bool new_seed_creditable;
|
||||
struct timespec realtime = { 0 }, boottime = { 0 };
|
||||
struct blake2s_state hash;
|
||||
|
||||
umask(0077);
|
||||
if (getuid()) {
|
||||
errno = EACCES;
|
||||
perror("This program requires root");
|
||||
return 1;
|
||||
}
|
||||
|
||||
blake2s_init(&hash, BLAKE2S_HASH_LEN);
|
||||
blake2s_update(&hash, seedrng_prefix, strlen(seedrng_prefix));
|
||||
clock_gettime(CLOCK_REALTIME, &realtime);
|
||||
clock_gettime(CLOCK_BOOTTIME, &boottime);
|
||||
blake2s_update(&hash, &realtime, sizeof(realtime));
|
||||
blake2s_update(&hash, &boottime, sizeof(boottime));
|
||||
|
||||
if (mkdir(SEED_DIR, 0700) < 0 && errno != EEXIST) {
|
||||
perror("Unable to create seed directory");
|
||||
return 1;
|
||||
}
|
||||
|
||||
dfd = open(SEED_DIR, O_DIRECTORY | O_RDONLY);
|
||||
if (dfd < 0 || flock(dfd, LOCK_EX) < 0) {
|
||||
perror("Unable to lock seed directory");
|
||||
program_ret = 1;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (seed_from_file_if_exists(NON_CREDITABLE_SEED, dfd, false, &hash) < 0)
|
||||
program_ret |= 1 << 1;
|
||||
if (seed_from_file_if_exists(CREDITABLE_SEED, dfd, !skip_credit(), &hash) < 0)
|
||||
program_ret |= 1 << 2;
|
||||
|
||||
new_seed_len = determine_optimal_seed_len();
|
||||
if (read_new_seed(new_seed, new_seed_len, &new_seed_creditable) < 0) {
|
||||
perror("Unable to read new seed");
|
||||
new_seed_len = BLAKE2S_HASH_LEN;
|
||||
strncpy((char *)new_seed, seedrng_failure, new_seed_len);
|
||||
program_ret |= 1 << 3;
|
||||
}
|
||||
blake2s_update(&hash, &new_seed_len, sizeof(new_seed_len));
|
||||
blake2s_update(&hash, new_seed, new_seed_len);
|
||||
blake2s_final(&hash, new_seed + new_seed_len - BLAKE2S_HASH_LEN);
|
||||
|
||||
printf("Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable");
|
||||
fd = openat(dfd, NON_CREDITABLE_SEED, O_WRONLY | O_CREAT | O_TRUNC, 0400);
|
||||
if (fd < 0) {
|
||||
perror("Unable to open seed file for writing");
|
||||
program_ret |= 1 << 4;
|
||||
goto out;
|
||||
}
|
||||
if (write_full(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) {
|
||||
perror("Unable to write seed file");
|
||||
program_ret |= 1 << 5;
|
||||
goto out;
|
||||
}
|
||||
if (new_seed_creditable && renameat(dfd, NON_CREDITABLE_SEED, dfd, CREDITABLE_SEED) < 0) {
|
||||
perror("Unable to make new seed creditable");
|
||||
program_ret |= 1 << 6;
|
||||
}
|
||||
out:
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
if (dfd >= 0)
|
||||
close(dfd);
|
||||
return program_ret;
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/sh
|
||||
|
||||
# DO NOT REMOVE THIS FILE!
|
||||
# Note: You can copy and rename this file to the name of the tty you
|
||||
# want (e.g.: /etc/dinit.d/config/agetty-tty1.conf will make a
|
||||
# configuration specific to tty1)
|
||||
|
||||
GETTY_BAUD=38400
|
||||
GETTY_TERM=linux
|
||||
GETTY_ARGS=
|
|
@ -0,0 +1,19 @@
|
|||
# cgroups mode
|
||||
# legacy mounts cgroups version 1 on /sys/fs/cgroup
|
||||
# unified mounts cgroups version 2 on /sys/fs/cgroup
|
||||
# hybrid mounts cgroups version 2 on /sys/fs/cgroup/unified and
|
||||
# cgroups version 1 on /sys/fs/cgroup
|
||||
|
||||
CGROUP_MODE=hybrid
|
||||
|
||||
# This is a list of controllers which should be enabled for cgroups version 2.
|
||||
# If hybrid mode is being used, controllers listed here will not be
|
||||
# available for cgroups version 1. none means no controllers will be used
|
||||
|
||||
CGROUP_CONTROLLERS=none
|
||||
|
||||
# This switch controls whether or not cgroups version 1 controllers are
|
||||
# individually mounted under
|
||||
# /sys/fs/cgroup in hybrid or legacy mode
|
||||
|
||||
HAVE_CONTROLLER1_GROUPS=true
|
|
@ -0,0 +1,5 @@
|
|||
!#/bin/sh
|
||||
|
||||
# Active consoles
|
||||
# Currently available: /dev/tty1 until /dev/tty6
|
||||
ACTIVE_CONSOLES="/dev/tty[1-6]"
|
|
@ -0,0 +1,7 @@
|
|||
# Set HARDWARECLOCK to UTC if your Hardware Clock is set to UTC (also known as
|
||||
# Greenwich Mean Time). If that clock is set to the local time, then set
|
||||
# HARDWARECLOCK to localtime Note that if you dual boot with Windows, then you
|
||||
# should set it to localtime (or edit the Windows registry to make the Hardware
|
||||
# Clock set to UTC).
|
||||
|
||||
HARDWARECLOCK=UTC
|
|
@ -0,0 +1,12 @@
|
|||
#!/bin/sh
|
||||
|
||||
# /etc/dinit.d/config/rc.local -- rc.local for Artix Linux
|
||||
#
|
||||
|
||||
if [ -d /etc/local.d ]; then
|
||||
for file in /etc/local.d/*.start; do
|
||||
sh "$file"
|
||||
done
|
||||
fi
|
||||
|
||||
# Enter your custom commands here.
|
|
@ -0,0 +1,12 @@
|
|||
#!/bin/sh
|
||||
|
||||
# /etc/dinit.d/config/rc.shutdown -- rc.shutdown for Artix Linux
|
||||
#
|
||||
|
||||
if [ -d /etc/local.d ]; then
|
||||
for file in /etc/local.d/*.stop; do
|
||||
sh "$file"
|
||||
done
|
||||
fi
|
||||
|
||||
# Enter your custom commands here.
|
|
@ -0,0 +1,42 @@
|
|||
# See sysctl.d(5) and core(5) for documentation.
|
||||
|
||||
# System Request functionality of the kernel (SYNC)
|
||||
#
|
||||
# Use kernel.sysrq = 1 to allow all keys.
|
||||
# See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html for a list
|
||||
# of values and keys.
|
||||
kernel.sysrq = 16
|
||||
|
||||
# Append the PID to the core filename
|
||||
kernel.core_uses_pid = 1
|
||||
|
||||
# Source route verification
|
||||
net.ipv4.conf.default.rp_filter = 2
|
||||
-net.ipv4.conf.all.rp_filter = 1
|
||||
|
||||
# Do not accept source routing
|
||||
net.ipv4.conf.default.accept_source_route = 0
|
||||
-net.ipv4.conf.all.accept_source_route = 0
|
||||
|
||||
# Promote secondary addresses when the primary address is removed
|
||||
net.ipv4.conf.default.promote_secondaries = 1
|
||||
-net.ipv4.conf.all.promote_secondaries = 1
|
||||
|
||||
# ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
|
||||
# The upper limit is set to 2^31-1. Values greater than that get rejected by
|
||||
# the kernel because of this definition in linux/include/net/ping.h:
|
||||
# #define GID_T_MAX (((gid_t)~0U) >> 1)
|
||||
# That's not so bad because values between 2^31 and 2^32-1 are reserved on
|
||||
# systemd-based systems anyway: https://systemd.io/UIDS-GIDS.html#summary
|
||||
-net.ipv4.ping_group_range = 0 2147483647
|
||||
|
||||
# Fair Queue CoDel packet scheduler to fight bufferbloat
|
||||
net.core.default_qdisc = fq_codel
|
||||
|
||||
# Enable hard and soft link protection
|
||||
fs.protected_hardlinks = 1
|
||||
fs.protected_symlinks = 1
|
||||
|
||||
# Enable regular file and FIFO protection
|
||||
fs.protected_regular = 1
|
||||
fs.protected_fifos = 1
|
|
@ -0,0 +1,7 @@
|
|||
/var/log/dinit/*.log {
|
||||
compress
|
||||
rotate 4
|
||||
weekly
|
||||
missingok
|
||||
notifempty
|
||||
}
|
|
@ -0,0 +1,62 @@
|
|||
#!/bin/sh
|
||||
# Originally written by Daniel "q66" Kolesa for nyagetty on Chimera Linux
|
||||
# nyagetty was licensed under Public Domain or the following terms:
|
||||
#
|
||||
# Permission to use, copy, modify, and/or distribute this software for
|
||||
# any purpose with or without fee is hereby granted.
|
||||
|
||||
# THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL
|
||||
# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
|
||||
# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE
|
||||
# FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
|
||||
# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
|
||||
# AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
|
||||
# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
[ -r /etc/dinit.d/config/console.conf ] && . /etc/dinit.d/config/console.conf
|
||||
|
||||
export PATH=/usr/bin
|
||||
|
||||
# the specified active consoles we want
|
||||
ACTIVE_CONSOLES=$(
|
||||
for tty in $ACTIVE_CONSOLES; do
|
||||
if [ -e $tty ]; then
|
||||
echo $tty
|
||||
fi
|
||||
done
|
||||
)
|
||||
|
||||
# possibly already active console list
|
||||
PREV_CONSOLES=
|
||||
[ -f /run/agetty-active ] && PREV_CONSOLES=$(cat /run/agetty-active)
|
||||
|
||||
# add dependency links for all possible requested consoles
|
||||
ACTIVE_SERVICES=$(
|
||||
for tty in $ACTIVE_CONSOLES; do
|
||||
tty=${tty##*/}
|
||||
[ -f /etc/dinit.d/$tty ] || continue
|
||||
dinitctl add-dep milestone getty $tty > /dev/null
|
||||
echo $tty
|
||||
done
|
||||
)
|
||||
|
||||
# clear dependency links for consoles that were active but should not be
|
||||
for otty in $PREV_CONSOLES; do
|
||||
for tty in $ACTIVE_SERVICES; do
|
||||
if [ "$tty" = "$otty" ]; then
|
||||
otty=
|
||||
break
|
||||
fi
|
||||
done
|
||||
[ -n "$otty" ] && dinitctl rm-dep milestone getty $otty > /dev/null
|
||||
done
|
||||
|
||||
rm -f /run/agetty-active
|
||||
|
||||
# wake whichever services newly got links and generate a new active list
|
||||
for tty in $ACTIVE_SERVICES; do
|
||||
echo $tty >> /run/agetty-active
|
||||
dinitctl wake $tty > /dev/null &
|
||||
done
|
||||
|
||||
wait || :
|
|
@ -0,0 +1,28 @@
|
|||
#!/bin/sh
|
||||
# A wrapper for agetty with config files.
|
||||
# Adapted from Chimera Linux
|
||||
# Copyright 2023 Daniel "q66" Kolesa
|
||||
# License: BSD-2-Clause
|
||||
|
||||
GETTY="$1"
|
||||
[ -n "$GETTY" ] && shift
|
||||
|
||||
[ -z "$GETTY" ] && echo "$0: no tty given"
|
||||
|
||||
[ ! -c "/dev/$GETTY" ] && echo "$0: /dev/$GETTY is not a terminal"
|
||||
|
||||
# defaults
|
||||
GETTY_BAUD="$1"
|
||||
[ -n "$GETTY_BAUD" ] && shift
|
||||
[ -n "$GETTY_BAUD" ] || GETTY_BAUD=38400
|
||||
GETTY_TERM="$1"
|
||||
[ -n "$GETTY_TERM" ] && shift
|
||||
[ -n "$GETTY_TERM" ] || GETTY_TERM=linux
|
||||
GETTY_ARGS=$*
|
||||
|
||||
[ "$GETTY" = tty1 ] && GETTY_ARGS="$GETTY_ARGS --noclear"
|
||||
|
||||
# read config, which may override the above vars
|
||||
[ -r "/etc/dinit.d/config/agetty-$GETTY.conf" ] && . "/etc/dinit.d/config/agetty-$GETTY.conf"
|
||||
|
||||
exec /usr/bin/agetty $GETTY_ARGS "$GETTY" "$GETTY_BAUD" "$GETTY_TERM"
|
|
@ -0,0 +1,19 @@
|
|||
#!/bin/sh
|
||||
# This is run by the kernel after the last task is removed from a
|
||||
# control group in the openrc hierarchy.
|
||||
|
||||
# Copyright (c) 2007-2015 The OpenRC Authors.
|
||||
# See the Authors file at the top-level directory of this distribution and
|
||||
# https://github.com/OpenRC/openrc/blob/master/AUTHORS
|
||||
#
|
||||
# This file is part of OpenRC. It is subject to the license terms in
|
||||
# the LICENSE file found in the top-level directory of this
|
||||
# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE
|
||||
# This file may not be copied, modified, propagated, or distributed
|
||||
# except according to the terms contained in the LICENSE file.
|
||||
|
||||
cgroup=/sys/fs/cgroup/openrc
|
||||
PATH=/bin:/usr/bin:/sbin:/usr/sbin
|
||||
if [ -d ${cgroup}/"$1" ]; then
|
||||
rmdir ${cgroup}/"$1"
|
||||
fi
|
|
@ -0,0 +1,118 @@
|
|||
#!/bin/sh
|
||||
|
||||
[ -r /etc/dinit.d/config/cgroups.conf ] && . /etc/dinit.d/config/cgroups.conf
|
||||
|
||||
CGROUP_OPTS=nodev,noexec,nosuid
|
||||
|
||||
[ "$CGROUP_CONTROLLERS" = "none" ] && CGROUP_CONTROLLERS=""
|
||||
|
||||
cgroup2_find_path() {
|
||||
if grep -qw cgroup2 /proc/filesystems; then
|
||||
case "${CGROUP_MODE}" in
|
||||
hybrid) printf "/sys/fs/cgroup/unified" ;;
|
||||
unified) printf "/sys/fs/cgroup" ;;
|
||||
esac
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroup1_base() {
|
||||
grep -qw cgroup /proc/filesystems || return 0
|
||||
if ! mountpoint -q /sys/fs/cgroup; then
|
||||
local opts="${CGROUP_OPTS},mode=755,size=${rc_cgroupsize:-10m}"
|
||||
mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup
|
||||
fi
|
||||
|
||||
if ! mountpoint -q /sys/fs/cgroup/openrc; then
|
||||
local agent
|
||||
agent="/usr/lib/dinit/cgroup-release-agent.sh"
|
||||
mkdir /sys/fs/cgroup/openrc
|
||||
mount -n -t cgroup -o none,${CGROUP_OPTS},name=openrc,release_agent="$agent" openrc /sys/fs/cgroup/openrc
|
||||
printf 1 > /sys/fs/cgroup/openrc/notify_on_release
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroup1_controllers() {
|
||||
${HAVE_CONTROLLER1_GROUPS} && [ -e /proc/cgroups ] && grep -qw cgroup /proc/filesystems || return 0
|
||||
while read -r name _ _ enabled _; do
|
||||
case "${enabled}" in
|
||||
1) if mountpoint -q "/sys/fs/cgroup/${name}";then continue;fi
|
||||
local x
|
||||
for x in $CGROUP_CONTROLLERS; do
|
||||
[ "${name}" = "blkio" ] && [ "${x}" = "io" ] &&
|
||||
continue 2
|
||||
[ "${name}" = "${x}" ] &&
|
||||
continue 2
|
||||
done
|
||||
mkdir "/sys/fs/cgroup/${name}"
|
||||
mount -n -t cgroup -o "${CGROUP_OPTS},${name}" "${name}" "/sys/fs/cgroup/${name}"
|
||||
;;
|
||||
esac
|
||||
done < /proc/cgroups
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroup2_base() {
|
||||
grep -qw cgroup2 /proc/filesystems || return 0
|
||||
local base
|
||||
base="$(cgroup2_find_path)"
|
||||
mkdir -p "${base}"
|
||||
mount -t cgroup2 none -o "${CGROUP_OPTS},nsdelegate" "${base}" 2> /dev/null ||
|
||||
mount -t cgroup2 none -o "${CGROUP_OPTS}" "${base}"
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroup2_controllers() {
|
||||
grep -qw cgroup2 /proc/filesystems || return 0
|
||||
local active cgroup_path x y
|
||||
cgroup_path="$(cgroup2_find_path)"
|
||||
[ -z "${cgroup_path}" ] && return 0
|
||||
[ -e "${cgroup_path}/cgroup.controllers" ] && read -r active < "${cgroup_path}/cgroup.controllers"
|
||||
for x in ${CGROUP_CONTROLLERS}; do
|
||||
for y in ${active}; do
|
||||
[ "$x" = "$y" ] && [ -e "${cgroup_path}/cgroup.subtree_control" ] &&
|
||||
echo "+${x}" > "${cgroup_path}/cgroup.subtree_control"
|
||||
done
|
||||
done
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroups_hybrid() {
|
||||
cgroup1_base
|
||||
cgroup2_base
|
||||
cgroup2_controllers
|
||||
cgroup1_controllers
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroups_legacy() {
|
||||
cgroup1_base
|
||||
cgroup1_controllers
|
||||
return 0
|
||||
}
|
||||
|
||||
cgroups_unified() {
|
||||
cgroup2_base
|
||||
cgroup2_controllers
|
||||
return 0
|
||||
}
|
||||
|
||||
mount_cgroups() {
|
||||
case "${CGROUP_MODE}" in
|
||||
hybrid) cgroups_hybrid ;;
|
||||
legacy) cgroups_legacy ;;
|
||||
unified) cgroups_unified ;;
|
||||
esac
|
||||
return 0
|
||||
}
|
||||
|
||||
mount_cgs() {
|
||||
if [ -d /sys/fs/cgroup ];then
|
||||
mount_cgroups
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
mount_cgs
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/sh
|
||||
install -m0664 -o root -g utmp /dev/null /run/utmp
|
||||
if [ ! -e /var/log/wtmp ]; then
|
||||
install -m0664 -o root -g utmp /dev/null /var/log/wtmp
|
||||
fi
|
||||
if [ ! -e /var/log/btmp ]; then
|
||||
install -m0600 -o root -g utmp /dev/null /var/log/btmp
|
||||
fi
|
||||
|
||||
rm -f /etc/nologin /forcefsck /forcequotacheck /fastboot
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/sh
|
||||
dmesg > /var/log/dmesg.log
|
||||
if [ -e /proc/sys/kernel/dmesg_restrict ] && \
|
||||
[ "$(cat /proc/sys/kernel/dmesg_restrict)" = 1 ]; then
|
||||
chmod 0600 /var/log/dmesg.log
|
||||
else
|
||||
chmod 0644 /var/log/dmesg.log
|
||||
fi
|
|
@ -0,0 +1,41 @@
|
|||
#!/bin/sh
|
||||
# From Chimera Linux's dinit fsck service
|
||||
# Copyright (C) 2021 Daniel "q66" Kolesa
|
||||
# For terms, see COPYING file at main directory
|
||||
|
||||
command -v fsck > /dev/null 2>&1 || exit 0
|
||||
|
||||
FORCEARG=
|
||||
FIXARG="-a"
|
||||
|
||||
if [ -r /proc/cmdline ]; then
|
||||
for x in $(cat /proc/cmdline); do
|
||||
case "$x" in
|
||||
fastboot|fsck.mode=skip)
|
||||
echo "Skipping filesystem checks (fastboot)."
|
||||
exit 0
|
||||
;;
|
||||
forcefsck|fsck.mode=force)
|
||||
FORCEARG="-f"
|
||||
;;
|
||||
fsckfix|fsck.repair=yes)
|
||||
FIXARG="-y"
|
||||
;;
|
||||
fsck.repair=no)
|
||||
FIXARG="-n"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
|
||||
fsck -A -R -C -t noopts=_netdev $FORCEARG $FIXARG
|
||||
FSCKRET=$?
|
||||
|
||||
if [ $(($FSCKRET & 4)) -eq 4 ]; then
|
||||
echo "ERROR: at least one fstab filesystem has unrecoverable errors."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# we don't care about the other conditions much; the
|
||||
# filesystems were either repaired or nothing has happened
|
||||
exit 0
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
|
||||
[ -s /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)"
|
||||
[ "$HOSTNAME" ] && echo "$HOSTNAME" >| /proc/sys/kernel/hostname
|
|
@ -0,0 +1,15 @@
|
|||
#!/bin/sh
|
||||
. /etc/dinit.d/config/hwclock.conf
|
||||
|
||||
HARDWARECLOCK=${HARDWARECLOCK:-UTC}
|
||||
|
||||
case $HARDWARECLOCK in
|
||||
UTC) HWCLOCK_PARAMS="--utc" ;;
|
||||
localtime) HWCLOCK_PARAMS="--localtime" ;;
|
||||
*) HWCLOCK_PARAMS="" ;;
|
||||
esac
|
||||
|
||||
case "$1" in
|
||||
start) hwclock --systz "$HWCLOCK_PARAMS" --noadjfile ;;
|
||||
stop) hwclock --systohc "$HWCLOCK_PARAMS" ;;
|
||||
esac
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
default="$(ip route | awk '/^default/{print ($3!="")+($5!="")}')"
|
||||
[ "$default" = 2 ] && exit 0
|
||||
exit 1
|
|
@ -0,0 +1,36 @@
|
|||
#!/bin/sh
|
||||
|
||||
mountpoint -q /sys || mount -t sysfs sys /sys -o nosuid,noexec,nodev
|
||||
mountpoint -q /sys/kernel/security || mount -n -t securityfs securityfs /sys/kernel/security
|
||||
[ -d /sys/firmware/efi ] && (mountpoint -q /sys/firmware/efi/efivars || mount -n -t efivarfs -o ro efivarfs /sys/firmware/efi/efivars)
|
||||
mountpoint -q /proc || mount -t proc proc /proc -o nosuid,noexec,nodev
|
||||
mountpoint -q /dev || mount -t devtmpfs dev /dev -o mode=0755,nosuid
|
||||
|
||||
# seed /dev with some things that might be needed (for example,
|
||||
# xudev doesn't do this compared to eudev), code from OpenRC
|
||||
|
||||
# creating /dev/console, /dev/tty and /dev/tty1 to be able to write
|
||||
# to $CONSOLE with/without bootsplash before udevd creates it
|
||||
[ -c /dev/console ] || mknod -m 600 /dev/console c 5 1
|
||||
[ -c /dev/tty1 ] || mknod -m 620 /dev/tty1 c 4 1
|
||||
[ -c /dev/tty ] || mknod -m 666 /dev/tty c 5 0
|
||||
|
||||
# udevd will dup its stdin/stdout/stderr to /dev/null
|
||||
# and we do not want a file which gets buffered in ram
|
||||
[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3
|
||||
|
||||
# so udev can add its start-message to dmesg
|
||||
[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
|
||||
|
||||
# extra symbolic links not provided by default
|
||||
[ -e /dev/fd ] || ln -snf /proc/self/fd /dev/fd
|
||||
[ -e /dev/stdin ] || ln -snf /proc/self/fd/0 /dev/stdin
|
||||
[ -e /dev/stdout ] || ln -snf /proc/self/fd/1 /dev/stdout
|
||||
[ -e /dev/stderr ] || ln -snf /proc/self/fd/2 /dev/stderr
|
||||
[ -e /proc/kcore ] && ln -snf /proc/kcore /dev/core
|
||||
|
||||
mkdir -p /dev/pts /dev/shm
|
||||
mountpoint -q /dev/pts || mount -t devpts devpts /dev/pts -o mode=0620,gid=5,nosuid,noexec
|
||||
mountpoint -q /dev/shm || mount -t tmpfs shm /dev/shm -o mode=1777,nosuid,nodev
|
||||
mountpoint -q /run || mount -t tmpfs run /run -o mode=0755,nosuid,nodev
|
||||
mkdir -p /run/dinit
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh
|
||||
|
||||
umask 077
|
||||
bytes="$(cat /proc/sys/kernel/random/poolsize)" || bytes=512
|
||||
|
||||
case "$1" in
|
||||
load)
|
||||
cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
|
||||
dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1
|
||||
;;
|
||||
save)
|
||||
bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1
|
||||
;;
|
||||
esac
|
|
@ -0,0 +1,5 @@
|
|||
#!/bin/sh
|
||||
# Run after udevd-early so udevd can be properly supervised
|
||||
|
||||
/usr/bin/udevadm control --exit >/dev/null 2>&1
|
||||
exec /usr/bin/udevd "$@"
|
|
@ -0,0 +1,15 @@
|
|||
#!/bin/sh
|
||||
[ -r /etc/vconsole.conf ] && . /etc/vconsole.conf
|
||||
TTYS=${TTYS:-6}
|
||||
_index=0
|
||||
while [ ${_index} -le "$TTYS" ]; do
|
||||
if [ -n "$FONT" ]; then
|
||||
setfont ${FONT_MAP:+-m $FONT_MAP} ${FONT_UNIMAP:+-u $FONT_UNIMAP} \
|
||||
"$FONT" -C "/dev/tty${_index}"
|
||||
fi
|
||||
printf "\033%s" "%G" >/dev/tty${_index}
|
||||
_index=$((_index + 1))
|
||||
done
|
||||
if [ -n "$KEYMAP" ]; then
|
||||
loadkeys -q -u "${KEYMAP}"
|
||||
fi
|
|
@ -0,0 +1,9 @@
|
|||
# The primary service
|
||||
|
||||
type = internal
|
||||
|
||||
depends-ms = getty
|
||||
|
||||
waits-for = rclocal
|
||||
waits-for = loginready
|
||||
waits-for.d = /etc/dinit.d/boot.d
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/cgroups
|
||||
restart = false
|
||||
depends-on = pseudofs
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/cleanup
|
||||
restart = false
|
||||
after = fsck
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/dmesg
|
||||
restart = false
|
||||
waits-for = loginready
|
|
@ -0,0 +1,8 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/fsck
|
||||
restart = false
|
||||
options = starts-on-console start-interruptible skippable
|
||||
start-timeout = 0
|
||||
depends-on = udevd
|
||||
after = udev-settle
|
||||
waits-for.d = /etc/dinit.d/mount.d
|
|
@ -0,0 +1,3 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/agetty
|
||||
depends-on = loginready
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/hostname
|
||||
restart = false
|
||||
after = pseudofs
|
|
@ -0,0 +1,6 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/hwclock start
|
||||
stop-command = /usr/lib/dinit/hwclock stop
|
||||
restart = false
|
||||
depends-on = udevd
|
||||
depends-on = pseudofs
|
|
@ -0,0 +1,5 @@
|
|||
type = scripted
|
||||
command = /bin/sh /etc/profile.d/locale.sh
|
||||
restart = false
|
||||
depends-on = root-rw
|
||||
depends-on = pseudofs
|
|
@ -0,0 +1,7 @@
|
|||
type = internal
|
||||
restart = false
|
||||
options = runs-on-console
|
||||
waits-for = setup
|
||||
waits-for = mount
|
||||
waits-for = misc
|
||||
waits-for = network
|
|
@ -0,0 +1,5 @@
|
|||
type = internal
|
||||
restart = false
|
||||
waits-for = hostname
|
||||
waits-for = hwclock
|
||||
waits-for = modules
|
|
@ -0,0 +1,5 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/modules-load
|
||||
restart = false
|
||||
after = pseudofs
|
||||
waits-for = udev-settle
|
|
@ -0,0 +1,6 @@
|
|||
type = internal
|
||||
restart = false
|
||||
waits-for = root-rw
|
||||
waits-for = cgroups
|
||||
waits-for = pseudofs
|
||||
waits-for = tmpfs
|
|
@ -0,0 +1,5 @@
|
|||
type = scripted
|
||||
command = /usr/bin/mount -a -t nonfs,nonfs4,nosmbfs,nocifs,nocodafs,noncpfs,noshfs,nofuse,nofuseblk,noglusterfs,nodavfs,nofuse.glusterfs -O no_netdev
|
||||
restart = false
|
||||
waits-for = fsck
|
||||
waits-for.d = /etc/dinit.d/mount.d
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/bin/ip link set up dev lo
|
||||
restart = false
|
||||
after = pseudofs
|
|
@ -0,0 +1,9 @@
|
|||
# For services that need network, depend on this.
|
||||
# Run network services before this service.
|
||||
|
||||
type = internal
|
||||
restart = false
|
||||
depends-on = network-pre
|
||||
after = pseudofs
|
||||
after = net-lo
|
||||
after = mount
|
|
@ -0,0 +1,8 @@
|
|||
# Network services should depend on this internal service.
|
||||
# Run network services before this service.
|
||||
|
||||
type = internal
|
||||
restart = false
|
||||
depends-on = rclocal
|
||||
after = pseudofs
|
||||
after = net-lo
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/pseudofs
|
||||
restart = false
|
||||
options = starts-rwfs
|
|
@ -0,0 +1,6 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/seedrng
|
||||
restart = false
|
||||
after = pseudofs
|
||||
after = udev-settle
|
||||
after = root-rw
|
|
@ -0,0 +1,6 @@
|
|||
type = scripted
|
||||
command = /bin/sh /etc/dinit.d/config/rc.local
|
||||
stop-command = /bin/sh /etc/dinit.d/config/rc.shutdown
|
||||
restart = false
|
||||
after = mount
|
||||
before = loginready
|
|
@ -0,0 +1,3 @@
|
|||
type = process
|
||||
command = /sbin/sulogin
|
||||
options = runs-on-console
|
|
@ -0,0 +1,9 @@
|
|||
type = scripted
|
||||
command = /bin/mount -o remount,rw /
|
||||
restart = false
|
||||
options = starts-rwfs
|
||||
logfile = /var/log/dinit/rootrw.log
|
||||
|
||||
waits-for = mount-all
|
||||
after = hwclock
|
||||
after = fsck
|
|
@ -0,0 +1,9 @@
|
|||
type = internal
|
||||
restart = false
|
||||
waits-for = cleanup
|
||||
waits-for = locale
|
||||
waits-for = net-lo
|
||||
waits-for = random-seed
|
||||
waits-for = swap
|
||||
waits-for = sysctl
|
||||
waits-for = vconsole
|
|
@ -0,0 +1,5 @@
|
|||
type = process
|
||||
command = /bin/sh
|
||||
restart = false
|
||||
options = shares-console
|
||||
chain-to = boot
|
|
@ -0,0 +1,6 @@
|
|||
type = scripted
|
||||
command = /sbin/swapon -a
|
||||
stop-command = /sbin/swapoff -a
|
||||
waits-for = root-rw
|
||||
depends-on = udevd
|
||||
after = udev-settle
|
|
@ -0,0 +1,5 @@
|
|||
type = scripted
|
||||
command = /usr/bin/sysctl --system
|
||||
restart = false
|
||||
after = udevd
|
||||
after = mount-all
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /bin/mount -t tmpfs tmpfs /tmp
|
||||
restart = false
|
||||
after = pseudofs
|
|
@ -0,0 +1,8 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/agetty-default tty1
|
||||
restart = true
|
||||
depends-on = loginready
|
||||
termsignal = HUP
|
||||
smooth-recovery = true
|
||||
inittab-id = 1
|
||||
inittab-line = tty1
|
|
@ -0,0 +1,8 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/agetty-default tty2
|
||||
restart = true
|
||||
depends-on = loginready
|
||||
termsignal = HUP
|
||||
smooth-recovery = true
|
||||
inittab-id = 2
|
||||
inittab-line = tty2
|
|
@ -0,0 +1,8 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/agetty-default tty3
|
||||
restart = true
|
||||
depends-on = loginready
|
||||
termsignal = HUP
|
||||
smooth-recovery = true
|
||||
inittab-id = 3
|
||||
inittab-line = tty3
|
|
@ -0,0 +1,8 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/agetty-default tty4
|
||||
restart = true
|
||||
depends-on = loginready
|
||||
termsignal = HUP
|
||||
smooth-recovery = true
|
||||
inittab-id = 4
|
||||
inittab-line = tty4
|
|
@ -0,0 +1,8 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/agetty-default tty5
|
||||
restart = true
|
||||
depends-on = loginready
|
||||
termsignal = HUP
|
||||
smooth-recovery = true
|
||||
inittab-id = 5
|
||||
inittab-line = tty5
|
|
@ -0,0 +1,8 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/agetty-default tty6
|
||||
restart = true
|
||||
depends-on = loginready
|
||||
termsignal = HUP
|
||||
smooth-recovery = true
|
||||
inittab-id = 6
|
||||
inittab-line = tty6
|
|
@ -0,0 +1,5 @@
|
|||
type = scripted
|
||||
command = /usr/bin/udevadm settle
|
||||
restart = false
|
||||
depends-on = udevd-early
|
||||
depends-on = udev-trigger
|
|
@ -0,0 +1,4 @@
|
|||
type = scripted
|
||||
command = /usr/bin/udevadm trigger --action=add
|
||||
restart = false
|
||||
depends-on = udevd-early
|
|
@ -0,0 +1,7 @@
|
|||
type = process
|
||||
command = /usr/lib/dinit/udevd
|
||||
before = setup
|
||||
depends-on = udevd-early
|
||||
depends-ms = udev-settle
|
||||
restart = true
|
||||
smooth-recovery = true
|
|
@ -0,0 +1,7 @@
|
|||
type = scripted
|
||||
command = /usr/bin/udevd --daemon
|
||||
stop-command = /usr/bin/sh -c "/usr/bin/udevadm control -e || :"
|
||||
restart = false
|
||||
depends-on = pseudofs
|
||||
depends-on = tmpfs
|
||||
depends-on = cgroups
|
|
@ -0,0 +1,5 @@
|
|||
type = scripted
|
||||
command = /usr/lib/dinit/vconsole
|
||||
restart = false
|
||||
waits-for = hostname
|
||||
waits-for = udev-settle
|
Loading…
Reference in New Issue