dinit-rc: initial commit

COPYING

@@ -0,0 +1,26 @@
+Copyright (C) 2021 Muhammad Herdiansyah
+Copyright (C) 2021 Artix Linux Developers
+Copyright (C) 2021 Daniel "q66" Kolesa
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+1. Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Makefile

@@ -0,0 +1,139 @@
+PREFIX        ?= /usr
+SYSCONFDIR    ?= /etc
+LOCALSTATEDIR ?= /var
+BINDIR        ?= $(PREFIX)/bin
+LIBDIR        ?= $(PREFIX)/lib
+DATADIR       ?= $(PREFIX)/share
+DINITSRVDIR   ?= $(LIBDIR)/dinit.d
+DINITCNFDIR   ?= $(SYSCONFDIR)/dinit.d
+
+BIN_PROGRAMS = modules-load seedrng
+
+MANPAGES = modules-load.8
+
+CONF_FILES = \
+	agetty-default.conf \
+	console.conf \
+	cgroups.conf \
+	hwclock.conf \
+	rc.local \
+	rc.shutdown
+
+SERVICEDIR = boot.d \
+	mount.d
+
+SERVICES = \
+	boot \
+	cgroups \
+	cleanup \
+	dmesg \
+	fsck \
+	getty \
+	hostname \
+	hwclock \
+	loginready \
+	locale \
+	misc \
+	modules \
+	mount \
+	mount-all \
+	net-lo \
+	network \
+	network-pre \
+	pseudofs \
+	random-seed \
+	rclocal \
+	recovery \
+	root-rw \
+	setup \
+	single \
+	swap \
+	sysctl \
+	tmpfs \
+	udevd \
+	udevd-early \
+	udev-settle \
+	udev-trigger \
+	vconsole
+
+
+SCRIPTS = \
+	agetty \
+	agetty-default \
+	cgroup-release-agent.sh \
+	cgroups \
+	cleanup \
+	dmesg \
+	fsck \
+	hostname \
+	hwclock \
+	pseudofs \
+	udevd \
+	vconsole
+
+TTY_SERVICES = \
+	tty1 \
+	tty2 \
+	tty3 \
+	tty4 \
+	tty5 \
+	tty6
+
+LOCALSTATEDIR ?= /var/lib
+CFLAGS ?= -O2 -pipe
+
+CFLAGS += -Wall -Wextra -pedantic
+CFLAGS += -DLOCALSTATEDIR="\"$(LOCALSTATEDIR)\""
+
+seedrng: bin/seedrng.c
+	cc -o bin/seedrng bin/seedrng.c $(CFLAGS)
+
+install:
+	install -d $(DESTDIR)$(BINDIR)
+	install -d $(DESTDIR)$(LIBDIR)
+	install -d $(DESTDIR)$(DATADIR)
+	install -d $(DESTDIR)$(SYSCONFDIR)
+	install -d $(DESTDIR)$(MANDIR)
+	install -d $(DESTDIR)$(DINITSRVDIR)
+	install -d $(DESTDIR)$(DINITCNFDIR)/config
+	install -d $(DESTDIR)$(LIBDIR)/dinit
+	install -d $(DESTDIR)$(DINITCNFDIR)/boot.d
+	install -d $(DESTDIR)$(DINITCNFDIR)/mount.d
+	install -d $(DESTDIR)$(DINITCNFDIR)/live.d
+	install -d $(DESTDIR)$(LOCALSTATEDIR)/log/dinit
+	# placeholder
+	touch $(DESTDIR)$(DINITCNFDIR)/mount.d/.KEEP
+	touch $(DESTDIR)$(DINITCNFDIR)/boot.d/.KEEP
+	touch $(DESTDIR)$(DINITCNFDIR)/live.d/.KEEP
+	# config files
+	for conf in $(CONF_FILES); do \
+		install -m 644 config/$$conf $(DESTDIR)$(DINITCNFDIR)/config; \
+	done
+	# scripts
+	for script in $(SCRIPTS); do \
+		install -m 755 scripts/$$script $(DESTDIR)$(LIBDIR)/dinit; \
+	done
+	# programs
+	for prog in $(BIN_PROGRAMS); do \
+		install -m 755 bin/$$prog $(DESTDIR)$(LIBDIR)/dinit; \
+	done
+	# manpages
+	for man in $(MANPAGES); do \
+		install -m 644 man/$$man $(DESTDIR)$(MANDIR); \
+	done
+	# services
+	for srv in $(SERVICES); do \
+		install -m 644 services/$$srv $(DESTDIR)$(DINITSRVDIR); \
+	done
+	# getty services
+	for srv in $(TTY_SERVICES); do \
+		install -m 644 services/$$srv $(DESTDIR)$(DINITCNFDIR); \
+	done
+	# misc
+	install -Dm644 misc/50-default.conf $(DESTDIR)$(LIBDIR)/sysctl.d/50-default.conf
+	install -Dm644 misc/dinit.logrotate $(DESTDIR)$(SYSCONFDIR)/logrotate.d/dinit
+
+clean:
+	rm -f bin/seedrng
+
+.PHONY: clean

README

@@ -0,0 +1,6 @@
+Artix's dinit stage 1.
+
+Adapted from s6-scripts, runit-rc, Chimera Linux, and dinit's own configuration.
+
+TODO: Either remove cgroup code, or clean it, it's messy, and it's on dinit's
+plan post-1.0.

bin/modules-load

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+if [ "$(id -u)" != "0" ];then
+	echo "$(basename $0) need to run as root!"
+	exit 1
+fi
+
+MODULES_DIR=/etc/modules-load.d
+
+error=0
+
+for file in "$MODULES_DIR"/*.conf; do
+	[ ! -f "$file" ] && continue
+	while read -r module junk; do
+		# Ignore comments and blank lines
+		case "$module" in
+			""|\#*) continue ;;
+		esac
+		modprobe -ab "$module" || error=$?
+	done < "$file"
+done
+
+exit $error
+

bin/seedrng.c

@@ -0,0 +1,488 @@
+// SPDX-License-Identifier: (GPL-2.0 OR Apache-2.0 OR MIT OR BSD-1-Clause OR CC0-1.0)
+/*
+ * Copyright (C) 2022 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ */
+
+#include <linux/random.h>
+#include <sys/random.h>
+#include <sys/ioctl.h>
+#include <sys/file.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <poll.h>
+#include <unistd.h>
+#include <time.h>
+#include <errno.h>
+#include <endian.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef LOCALSTATEDIR
+#define LOCALSTATEDIR "/var/lib"
+#endif
+
+#define SEED_DIR LOCALSTATEDIR "/seedrng"
+#define CREDITABLE_SEED "seed.credit"
+#define NON_CREDITABLE_SEED "seed.no-credit"
+
+enum blake2s_lengths {
+	BLAKE2S_BLOCK_LEN = 64,
+	BLAKE2S_HASH_LEN = 32,
+	BLAKE2S_KEY_LEN = 32
+};
+
+enum seedrng_lengths {
+	MAX_SEED_LEN = 512,
+	MIN_SEED_LEN = BLAKE2S_HASH_LEN
+};
+
+struct blake2s_state {
+	uint32_t h[8];
+	uint32_t t[2];
+	uint32_t f[2];
+	uint8_t buf[BLAKE2S_BLOCK_LEN];
+	unsigned int buflen;
+	unsigned int outlen;
+};
+
+#define le32_to_cpup(a) le32toh(*(a))
+#define cpu_to_le32(a) htole32(a)
+#ifndef ARRAY_SIZE
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+#endif
+#ifndef DIV_ROUND_UP
+#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
+#endif
+
+static inline void cpu_to_le32_array(uint32_t *buf, unsigned int words)
+{
+	while (words--) {
+		*buf = cpu_to_le32(*buf);
+		++buf;
+	}
+}
+
+static inline void le32_to_cpu_array(uint32_t *buf, unsigned int words)
+{
+	while (words--) {
+		*buf = le32_to_cpup(buf);
+		++buf;
+	}
+}
+
+static inline uint32_t ror32(uint32_t word, unsigned int shift)
+{
+	return (word >> (shift & 31)) | (word << ((-shift) & 31));
+}
+
+static const uint32_t blake2s_iv[8] = {
+	0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL,
+	0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
+};
+
+static const uint8_t blake2s_sigma[10][16] = {
+	{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 },
+	{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 },
+	{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 },
+	{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 },
+	{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 },
+	{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 },
+	{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 },
+	{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 },
+	{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 },
+	{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 },
+};
+
+static void blake2s_set_lastblock(struct blake2s_state *state)
+{
+	state->f[0] = -1;
+}
+
+static void blake2s_increment_counter(struct blake2s_state *state, const uint32_t inc)
+{
+	state->t[0] += inc;
+	state->t[1] += (state->t[0] < inc);
+}
+
+static void blake2s_init_param(struct blake2s_state *state, const uint32_t param)
+{
+	int i;
+
+	memset(state, 0, sizeof(*state));
+	for (i = 0; i < 8; ++i)
+		state->h[i] = blake2s_iv[i];
+	state->h[0] ^= param;
+}
+
+static void blake2s_init(struct blake2s_state *state, const size_t outlen)
+{
+	blake2s_init_param(state, 0x01010000 | outlen);
+	state->outlen = outlen;
+}
+
+static void blake2s_compress(struct blake2s_state *state, const uint8_t *block, size_t nblocks, const uint32_t inc)
+{
+	uint32_t m[16];
+	uint32_t v[16];
+	int i;
+
+	while (nblocks > 0) {
+		blake2s_increment_counter(state, inc);
+		memcpy(m, block, BLAKE2S_BLOCK_LEN);
+		le32_to_cpu_array(m, ARRAY_SIZE(m));
+		memcpy(v, state->h, 32);
+		v[ 8] = blake2s_iv[0];
+		v[ 9] = blake2s_iv[1];
+		v[10] = blake2s_iv[2];
+		v[11] = blake2s_iv[3];
+		v[12] = blake2s_iv[4] ^ state->t[0];
+		v[13] = blake2s_iv[5] ^ state->t[1];
+		v[14] = blake2s_iv[6] ^ state->f[0];
+		v[15] = blake2s_iv[7] ^ state->f[1];
+
+#define G(r, i, a, b, c, d) do { \
+	a += b + m[blake2s_sigma[r][2 * i + 0]]; \
+	d = ror32(d ^ a, 16); \
+	c += d; \
+	b = ror32(b ^ c, 12); \
+	a += b + m[blake2s_sigma[r][2 * i + 1]]; \
+	d = ror32(d ^ a, 8); \
+	c += d; \
+	b = ror32(b ^ c, 7); \
+} while (0)
+
+#define ROUND(r) do { \
+	G(r, 0, v[0], v[ 4], v[ 8], v[12]); \
+	G(r, 1, v[1], v[ 5], v[ 9], v[13]); \
+	G(r, 2, v[2], v[ 6], v[10], v[14]); \
+	G(r, 3, v[3], v[ 7], v[11], v[15]); \
+	G(r, 4, v[0], v[ 5], v[10], v[15]); \
+	G(r, 5, v[1], v[ 6], v[11], v[12]); \
+	G(r, 6, v[2], v[ 7], v[ 8], v[13]); \
+	G(r, 7, v[3], v[ 4], v[ 9], v[14]); \
+} while (0)
+		ROUND(0);
+		ROUND(1);
+		ROUND(2);
+		ROUND(3);
+		ROUND(4);
+		ROUND(5);
+		ROUND(6);
+		ROUND(7);
+		ROUND(8);
+		ROUND(9);
+
+#undef G
+#undef ROUND
+
+		for (i = 0; i < 8; ++i)
+			state->h[i] ^= v[i] ^ v[i + 8];
+
+		block += BLAKE2S_BLOCK_LEN;
+		--nblocks;
+	}
+}
+
+static void blake2s_update(struct blake2s_state *state, const void *inp, size_t inlen)
+{
+	const size_t fill = BLAKE2S_BLOCK_LEN - state->buflen;
+	const uint8_t *in = inp;
+
+	if (!inlen)
+		return;
+	if (inlen > fill) {
+		memcpy(state->buf + state->buflen, in, fill);
+		blake2s_compress(state, state->buf, 1, BLAKE2S_BLOCK_LEN);
+		state->buflen = 0;
+		in += fill;
+		inlen -= fill;
+	}
+	if (inlen > BLAKE2S_BLOCK_LEN) {
+		const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2S_BLOCK_LEN);
+		blake2s_compress(state, in, nblocks - 1, BLAKE2S_BLOCK_LEN);
+		in += BLAKE2S_BLOCK_LEN * (nblocks - 1);
+		inlen -= BLAKE2S_BLOCK_LEN * (nblocks - 1);
+	}
+	memcpy(state->buf + state->buflen, in, inlen);
+	state->buflen += inlen;
+}
+
+static void blake2s_final(struct blake2s_state *state, uint8_t *out)
+{
+	blake2s_set_lastblock(state);
+	memset(state->buf + state->buflen, 0, BLAKE2S_BLOCK_LEN - state->buflen);
+	blake2s_compress(state, state->buf, 1, state->buflen);
+	cpu_to_le32_array(state->h, ARRAY_SIZE(state->h));
+	memcpy(out, state->h, state->outlen);
+}
+
+static ssize_t getrandom_full(void *buf, size_t count, unsigned int flags)
+{
+	ssize_t ret, total = 0;
+	uint8_t *p = buf;
+
+	do {
+		ret = getrandom(p, count, flags);
+		if (ret < 0 && errno == EINTR)
+			continue;
+		else if (ret < 0)
+			return ret;
+		total += ret;
+		p += ret;
+		count -= ret;
+	} while (count);
+	return total;
+}
+
+static ssize_t read_full(int fd, void *buf, size_t count)
+{
+	ssize_t ret, total = 0;
+	uint8_t *p = buf;
+
+	do {
+		ret = read(fd, p, count);
+		if (ret < 0 && errno == EINTR)
+			continue;
+		else if (ret < 0)
+			return ret;
+		else if (ret == 0)
+			break;
+		total += ret;
+		p += ret;
+		count -= ret;
+	} while (count);
+	return total;
+}
+
+static ssize_t write_full(int fd, const void *buf, size_t count)
+{
+	ssize_t ret, total = 0;
+	const uint8_t *p = buf;
+
+	do {
+		ret = write(fd, p, count);
+		if (ret < 0 && errno == EINTR)
+			continue;
+		else if (ret < 0)
+			return ret;
+		total += ret;
+		p += ret;
+		count -= ret;
+	} while (count);
+	return total;
+}
+
+static size_t determine_optimal_seed_len(void)
+{
+	size_t ret = 0;
+	char poolsize_str[11] = { 0 };
+	int fd = open("/proc/sys/kernel/random/poolsize", O_RDONLY);
+
+	if (fd < 0 || read_full(fd, poolsize_str, sizeof(poolsize_str) - 1) < 0) {
+		perror("Unable to determine pool size, falling back to 256 bits");
+		ret = MIN_SEED_LEN;
+	} else
+		ret = DIV_ROUND_UP(strtoul(poolsize_str, NULL, 10), 8);
+	if (fd >= 0)
+		close(fd);
+	if (ret < MIN_SEED_LEN)
+		ret = MIN_SEED_LEN;
+	else if (ret > MAX_SEED_LEN)
+		ret = MAX_SEED_LEN;
+	return ret;
+}
+
+static int read_new_seed(uint8_t *seed, size_t len, bool *is_creditable)
+{
+	ssize_t ret;
+	int urandom_fd;
+
+	*is_creditable = false;
+	ret = getrandom_full(seed, len, GRND_NONBLOCK);
+	if (ret == (ssize_t)len) {
+		*is_creditable = true;
+		return 0;
+	} else if (ret < 0 && errno == ENOSYS) {
+		struct pollfd random_fd = {
+			.fd = open("/dev/random", O_RDONLY),
+			.events = POLLIN
+		};
+		if (random_fd.fd < 0)
+			return -errno;
+		*is_creditable = poll(&random_fd, 1, 0) == 1;
+		close(random_fd.fd);
+	} else if (getrandom_full(seed, len, GRND_INSECURE) == (ssize_t)len)
+		return 0;
+	urandom_fd = open("/dev/urandom", O_RDONLY);
+	if (urandom_fd < 0)
+		return -1;
+	ret = read_full(urandom_fd, seed, len);
+	if (ret == (ssize_t)len)
+		ret = 0;
+	else
+		ret = -errno ? -errno : -EIO;
+	close(urandom_fd);
+	errno = -ret;
+	return ret ? -1 : 0;
+}
+
+static int seed_rng(uint8_t *seed, size_t len, bool credit)
+{
+	struct {
+		int entropy_count;
+		int buf_size;
+		uint8_t buffer[MAX_SEED_LEN];
+	} req = {
+		.entropy_count = credit ? len * 8 : 0,
+		.buf_size = len
+	};
+	int random_fd, ret;
+
+	if (len > sizeof(req.buffer)) {
+		errno = EFBIG;
+		return -1;
+	}
+	memcpy(req.buffer, seed, len);
+
+	random_fd = open("/dev/urandom", O_RDONLY);
+	if (random_fd < 0)
+		return -1;
+	ret = ioctl(random_fd, RNDADDENTROPY, &req);
+	if (ret)
+		ret = -errno ? -errno : -EIO;
+	close(random_fd);
+	errno = -ret;
+	return ret ? -1 : 0;
+}
+
+static int seed_from_file_if_exists(const char *filename, int dfd, bool credit, struct blake2s_state *hash)
+{
+	uint8_t seed[MAX_SEED_LEN];
+	ssize_t seed_len;
+	int fd = -1, ret = 0;
+
+	fd = openat(dfd, filename, O_RDONLY);
+	if (fd < 0 && errno == ENOENT)
+		return 0;
+	else if (fd < 0) {
+		ret = -errno;
+		perror("Unable to open seed file");
+		goto out;
+	}
+	seed_len = read_full(fd, seed, sizeof(seed));
+	if (seed_len < 0) {
+		ret = -errno;
+		perror("Unable to read seed file");
+		goto out;
+	}
+	if ((unlinkat(dfd, filename, 0) < 0 || fsync(dfd) < 0) && seed_len) {
+		ret = -errno;
+		perror("Unable to remove seed after reading, so not seeding");
+		goto out;
+	}
+	if (!seed_len)
+		goto out;
+
+	blake2s_update(hash, &seed_len, sizeof(seed_len));
+	blake2s_update(hash, seed, seed_len);
+
+	printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without");
+	if (seed_rng(seed, seed_len, credit) < 0) {
+		ret = -errno;
+		perror("Unable to seed");
+	}
+
+out:
+	if (fd >= 0)
+		close(fd);
+	errno = -ret;
+	return ret ? -1 : 0;
+}
+
+static bool skip_credit(void)
+{
+	const char *skip = getenv("SEEDRNG_SKIP_CREDIT");
+	return skip && (!strcmp(skip, "1") || !strcasecmp(skip, "true") ||
+			!strcasecmp(skip, "yes") || !strcasecmp(skip, "y"));
+}
+
+int main(int argc __attribute__((unused)), char *argv[] __attribute__((unused)))
+{
+	static const char seedrng_prefix[] = "SeedRNG v1 Old+New Prefix";
+	static const char seedrng_failure[] = "SeedRNG v1 No New Seed Failure";
+	int fd = -1, dfd = -1, program_ret = 0;
+	uint8_t new_seed[MAX_SEED_LEN];
+	size_t new_seed_len;
+	bool new_seed_creditable;
+	struct timespec realtime = { 0 }, boottime = { 0 };
+	struct blake2s_state hash;
+
+	umask(0077);
+	if (getuid()) {
+		errno = EACCES;
+		perror("This program requires root");
+		return 1;
+	}
+
+	blake2s_init(&hash, BLAKE2S_HASH_LEN);
+	blake2s_update(&hash, seedrng_prefix, strlen(seedrng_prefix));
+	clock_gettime(CLOCK_REALTIME, &realtime);
+	clock_gettime(CLOCK_BOOTTIME, &boottime);
+	blake2s_update(&hash, &realtime, sizeof(realtime));
+	blake2s_update(&hash, &boottime, sizeof(boottime));
+
+	if (mkdir(SEED_DIR, 0700) < 0 && errno != EEXIST) {
+		perror("Unable to create seed directory");
+		return 1;
+	}
+
+	dfd = open(SEED_DIR, O_DIRECTORY | O_RDONLY);
+	if (dfd < 0 || flock(dfd, LOCK_EX) < 0) {
+		perror("Unable to lock seed directory");
+		program_ret = 1;
+		goto out;
+	}
+
+	if (seed_from_file_if_exists(NON_CREDITABLE_SEED, dfd, false, &hash) < 0)
+		program_ret |= 1 << 1;
+	if (seed_from_file_if_exists(CREDITABLE_SEED, dfd, !skip_credit(), &hash) < 0)
+		program_ret |= 1 << 2;
+
+	new_seed_len = determine_optimal_seed_len();
+	if (read_new_seed(new_seed, new_seed_len, &new_seed_creditable) < 0) {
+		perror("Unable to read new seed");
+		new_seed_len = BLAKE2S_HASH_LEN;
+		strncpy((char *)new_seed, seedrng_failure, new_seed_len);
+		program_ret |= 1 << 3;
+	}
+	blake2s_update(&hash, &new_seed_len, sizeof(new_seed_len));
+	blake2s_update(&hash, new_seed, new_seed_len);
+	blake2s_final(&hash, new_seed + new_seed_len - BLAKE2S_HASH_LEN);
+
+	printf("Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable");
+	fd = openat(dfd, NON_CREDITABLE_SEED, O_WRONLY | O_CREAT | O_TRUNC, 0400);
+	if (fd < 0) {
+		perror("Unable to open seed file for writing");
+		program_ret |= 1 << 4;
+		goto out;
+	}
+	if (write_full(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) {
+		perror("Unable to write seed file");
+		program_ret |= 1 << 5;
+		goto out;
+	}
+	if (new_seed_creditable && renameat(dfd, NON_CREDITABLE_SEED, dfd, CREDITABLE_SEED) < 0) {
+		perror("Unable to make new seed creditable");
+		program_ret |= 1 << 6;
+	}
+out:
+	if (fd >= 0)
+		close(fd);
+	if (dfd >= 0)
+		close(dfd);
+	return program_ret;
+}

config/agetty-default.conf

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# DO NOT REMOVE THIS FILE!
+# Note: You can copy and rename this file to the name of the tty you
+# 	want (e.g.: /etc/dinit.d/config/agetty-tty1.conf will make a
+# 	configuration specific to tty1)
+
+GETTY_BAUD=38400
+GETTY_TERM=linux
+GETTY_ARGS=

config/cgroups.conf

@@ -0,0 +1,19 @@
+# cgroups mode
+# legacy mounts cgroups version 1 on /sys/fs/cgroup
+# unified mounts cgroups version 2 on /sys/fs/cgroup
+# hybrid mounts cgroups version 2 on /sys/fs/cgroup/unified and
+# cgroups version 1 on /sys/fs/cgroup
+
+CGROUP_MODE=hybrid
+
+# This is a list of controllers which should be enabled for cgroups version 2.
+# If hybrid mode is being used, controllers listed here will not be
+# available for cgroups version 1. none means no controllers will be used
+
+CGROUP_CONTROLLERS=none
+
+# This switch controls whether or not cgroups version 1 controllers are
+# individually mounted under
+# /sys/fs/cgroup in hybrid or legacy mode
+
+HAVE_CONTROLLER1_GROUPS=true

config/console.conf

@@ -0,0 +1,5 @@
+!#/bin/sh
+
+# Active consoles
+# Currently available: /dev/tty1 until /dev/tty6
+ACTIVE_CONSOLES="/dev/tty[1-6]"

config/hwclock.conf

@@ -0,0 +1,7 @@
+# Set HARDWARECLOCK to UTC if your Hardware Clock is set to UTC (also known as
+# Greenwich Mean Time).  If that clock is set to the local time, then set
+# HARDWARECLOCK to localtime Note that if you dual boot with Windows, then you
+# should set it to localtime (or edit the Windows registry to make the Hardware
+# Clock set to UTC).
+
+HARDWARECLOCK=UTC

config/rc.local

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# /etc/dinit.d/config/rc.local -- rc.local for Artix Linux
+#
+
+if [ -d /etc/local.d ]; then
+    for file in /etc/local.d/*.start; do
+        sh "$file"
+    done
+fi
+
+# Enter your custom commands here.

config/rc.shutdown

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# /etc/dinit.d/config/rc.shutdown -- rc.shutdown for Artix Linux
+#
+
+if [ -d /etc/local.d ]; then
+    for file in /etc/local.d/*.stop; do
+        sh "$file"
+    done
+fi
+
+# Enter your custom commands here.

misc/50-default.conf

@@ -0,0 +1,42 @@
+# See sysctl.d(5) and core(5) for documentation.
+
+# System Request functionality of the kernel (SYNC)
+#
+# Use kernel.sysrq = 1 to allow all keys.
+# See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html for a list
+# of values and keys.
+kernel.sysrq = 16
+
+# Append the PID to the core filename
+kernel.core_uses_pid = 1
+
+# Source route verification
+net.ipv4.conf.default.rp_filter = 2
+-net.ipv4.conf.all.rp_filter = 1
+
+# Do not accept source routing
+net.ipv4.conf.default.accept_source_route = 0
+-net.ipv4.conf.all.accept_source_route = 0
+
+# Promote secondary addresses when the primary address is removed
+net.ipv4.conf.default.promote_secondaries = 1
+-net.ipv4.conf.all.promote_secondaries = 1
+
+# ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
+# The upper limit is set to 2^31-1. Values greater than that get rejected by
+# the kernel because of this definition in linux/include/net/ping.h:
+#   #define GID_T_MAX (((gid_t)~0U) >> 1)
+# That's not so bad because values between 2^31 and 2^32-1 are reserved on
+# systemd-based systems anyway: https://systemd.io/UIDS-GIDS.html#summary
+-net.ipv4.ping_group_range = 0 2147483647
+
+# Fair Queue CoDel packet scheduler to fight bufferbloat
+net.core.default_qdisc = fq_codel
+
+# Enable hard and soft link protection
+fs.protected_hardlinks = 1
+fs.protected_symlinks = 1
+
+# Enable regular file and FIFO protection
+fs.protected_regular = 1
+fs.protected_fifos = 1

misc/dinit.logrotate

@@ -0,0 +1,7 @@
+/var/log/dinit/*.log {
+    compress
+    rotate 4
+    weekly
+    missingok
+    notifempty
+}

scripts/agetty

@@ -0,0 +1,62 @@
+#!/bin/sh
+# Originally written by Daniel "q66" Kolesa for nyagetty on Chimera Linux
+# nyagetty was licensed under Public Domain or the following terms:
+#
+# Permission to use, copy, modify, and/or distribute this software for
+# any purpose with or without fee is hereby granted.
+
+# THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL
+# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE
+# FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
+# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
+# AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
+# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+[ -r /etc/dinit.d/config/console.conf ] && . /etc/dinit.d/config/console.conf
+
+export PATH=/usr/bin
+
+# the specified active consoles we want
+ACTIVE_CONSOLES=$(
+    for tty in $ACTIVE_CONSOLES; do
+        if [ -e $tty ]; then
+            echo $tty
+        fi
+    done
+)
+
+# possibly already active console list
+PREV_CONSOLES=
+[ -f /run/agetty-active ] && PREV_CONSOLES=$(cat /run/agetty-active)
+
+# add dependency links for all possible requested consoles
+ACTIVE_SERVICES=$(
+    for tty in $ACTIVE_CONSOLES; do
+        tty=${tty##*/}
+        [ -f /etc/dinit.d/$tty ] || continue
+        dinitctl add-dep milestone getty $tty > /dev/null
+        echo $tty
+    done
+)
+
+# clear dependency links for consoles that were active but should not be
+for otty in $PREV_CONSOLES; do
+    for tty in $ACTIVE_SERVICES; do
+        if [ "$tty" = "$otty" ]; then
+            otty=
+            break
+        fi
+    done
+    [ -n "$otty" ] && dinitctl rm-dep milestone getty $otty > /dev/null
+done
+
+rm -f /run/agetty-active
+
+# wake whichever services newly got links and generate a new active list
+for tty in $ACTIVE_SERVICES; do
+    echo $tty >> /run/agetty-active
+    dinitctl wake $tty > /dev/null &
+done
+
+wait || :

scripts/agetty-default

@@ -0,0 +1,28 @@
+#!/bin/sh
+# A wrapper for agetty with config files.
+# Adapted from Chimera Linux
+# Copyright 2023 Daniel "q66" Kolesa
+# License: BSD-2-Clause
+
+GETTY="$1"
+[ -n "$GETTY" ] && shift
+
+[ -z "$GETTY" ] && echo "$0: no tty given"
+
+[ ! -c "/dev/$GETTY" ] && echo "$0: /dev/$GETTY is not a terminal"
+
+# defaults
+GETTY_BAUD="$1"
+[ -n "$GETTY_BAUD" ] && shift
+[ -n "$GETTY_BAUD" ] || GETTY_BAUD=38400
+GETTY_TERM="$1"
+[ -n "$GETTY_TERM" ] && shift
+[ -n "$GETTY_TERM" ] || GETTY_TERM=linux
+GETTY_ARGS=$*
+
+[ "$GETTY" = tty1 ] && GETTY_ARGS="$GETTY_ARGS --noclear"
+
+# read config, which may override the above vars
+[ -r "/etc/dinit.d/config/agetty-$GETTY.conf" ] && . "/etc/dinit.d/config/agetty-$GETTY.conf"
+
+exec /usr/bin/agetty $GETTY_ARGS "$GETTY" "$GETTY_BAUD" "$GETTY_TERM"

scripts/cgroup-release-agent.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+# This is run by the kernel after the last task is removed from a
+# control group in the openrc hierarchy.
+
+# Copyright (c) 2007-2015 The OpenRC Authors.
+# See the Authors file at the top-level directory of this distribution and
+# https://github.com/OpenRC/openrc/blob/master/AUTHORS
+#
+# This file is part of OpenRC. It is subject to the license terms in
+# the LICENSE file found in the top-level directory of this
+# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE
+# This file may not be copied, modified, propagated, or distributed
+#    except according to the terms contained in the LICENSE file.
+
+cgroup=/sys/fs/cgroup/openrc
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+if [ -d ${cgroup}/"$1" ]; then
+	rmdir ${cgroup}/"$1"
+fi

scripts/cgroups

@@ -0,0 +1,118 @@
+#!/bin/sh
+
+[ -r /etc/dinit.d/config/cgroups.conf ] && . /etc/dinit.d/config/cgroups.conf
+
+CGROUP_OPTS=nodev,noexec,nosuid
+
+[ "$CGROUP_CONTROLLERS" = "none" ] && CGROUP_CONTROLLERS=""
+
+cgroup2_find_path() {
+    if grep -qw cgroup2 /proc/filesystems; then
+        case "${CGROUP_MODE}" in
+            hybrid) printf "/sys/fs/cgroup/unified" ;;
+            unified) printf "/sys/fs/cgroup" ;;
+        esac
+    fi
+    return 0
+}
+
+cgroup1_base() {
+    grep -qw cgroup /proc/filesystems || return 0
+    if ! mountpoint -q /sys/fs/cgroup; then
+        local opts="${CGROUP_OPTS},mode=755,size=${rc_cgroupsize:-10m}"
+        mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup
+    fi
+
+    if ! mountpoint -q /sys/fs/cgroup/openrc; then
+        local agent
+        agent="/usr/lib/dinit/cgroup-release-agent.sh"
+        mkdir /sys/fs/cgroup/openrc
+        mount -n -t cgroup -o none,${CGROUP_OPTS},name=openrc,release_agent="$agent" openrc /sys/fs/cgroup/openrc
+        printf 1 > /sys/fs/cgroup/openrc/notify_on_release
+    fi
+    return 0
+}
+
+cgroup1_controllers() {
+    ${HAVE_CONTROLLER1_GROUPS} && [ -e /proc/cgroups ]  && grep -qw cgroup /proc/filesystems || return 0
+    while read -r name _ _ enabled _; do
+        case "${enabled}" in
+            1)	if mountpoint -q "/sys/fs/cgroup/${name}";then continue;fi
+                local x
+                for x in $CGROUP_CONTROLLERS; do
+                    [ "${name}" = "blkio" ] && [ "${x}" = "io" ] &&
+                        continue 2
+                    [ "${name}" = "${x}" ] &&
+                    continue 2
+                done
+                mkdir "/sys/fs/cgroup/${name}"
+                mount -n -t cgroup -o "${CGROUP_OPTS},${name}" "${name}" "/sys/fs/cgroup/${name}"
+            ;;
+        esac
+    done < /proc/cgroups
+    return 0
+}
+
+cgroup2_base() {
+    grep -qw cgroup2 /proc/filesystems || return 0
+    local base
+    base="$(cgroup2_find_path)"
+    mkdir -p "${base}"
+    mount -t cgroup2 none -o "${CGROUP_OPTS},nsdelegate" "${base}" 2> /dev/null ||
+        mount -t cgroup2 none -o "${CGROUP_OPTS}" "${base}"
+    return 0
+}
+
+cgroup2_controllers() {
+    grep -qw cgroup2 /proc/filesystems || return 0
+    local active cgroup_path x y
+    cgroup_path="$(cgroup2_find_path)"
+    [ -z "${cgroup_path}" ] && return 0
+    [ -e "${cgroup_path}/cgroup.controllers" ] && read -r active < "${cgroup_path}/cgroup.controllers"
+    for x in ${CGROUP_CONTROLLERS}; do
+        for y in ${active}; do
+            [ "$x" = "$y" ] && [ -e "${cgroup_path}/cgroup.subtree_control" ] &&
+            echo "+${x}"  > "${cgroup_path}/cgroup.subtree_control"
+        done
+    done
+    return 0
+}
+
+cgroups_hybrid() {
+    cgroup1_base
+    cgroup2_base
+    cgroup2_controllers
+    cgroup1_controllers
+    return 0
+}
+
+cgroups_legacy() {
+    cgroup1_base
+    cgroup1_controllers
+    return 0
+}
+
+cgroups_unified() {
+    cgroup2_base
+    cgroup2_controllers
+    return 0
+}
+
+mount_cgroups() {
+    case "${CGROUP_MODE}" in
+        hybrid) cgroups_hybrid ;;
+        legacy) cgroups_legacy ;;
+        unified) cgroups_unified ;;
+    esac
+    return 0
+}
+
+mount_cgs() {
+    if [ -d /sys/fs/cgroup ];then
+        mount_cgroups
+        return 0
+    fi
+    return 1
+}
+
+mount_cgs

scripts/cleanup

@@ -0,0 +1,10 @@
+#!/bin/sh
+install -m0664 -o root -g utmp /dev/null /run/utmp
+if [ ! -e /var/log/wtmp ]; then
+    install -m0664 -o root -g utmp /dev/null /var/log/wtmp
+fi
+if [ ! -e /var/log/btmp ]; then
+    install -m0600 -o root -g utmp /dev/null /var/log/btmp
+fi
+
+rm -f /etc/nologin /forcefsck /forcequotacheck /fastboot

scripts/dmesg

@@ -0,0 +1,8 @@
+#!/bin/sh
+dmesg > /var/log/dmesg.log
+if [ -e /proc/sys/kernel/dmesg_restrict ] && \
+    [ "$(cat /proc/sys/kernel/dmesg_restrict)" = 1 ]; then
+    chmod 0600 /var/log/dmesg.log
+else
+    chmod 0644 /var/log/dmesg.log
+fi

scripts/fsck

@@ -0,0 +1,41 @@
+#!/bin/sh
+# From Chimera Linux's dinit fsck service
+# Copyright (C) 2021 Daniel "q66" Kolesa
+# For terms, see COPYING file at main directory
+
+command -v fsck > /dev/null 2>&1 || exit 0
+
+FORCEARG=
+FIXARG="-a"
+
+if [ -r /proc/cmdline ]; then
+    for x in $(cat /proc/cmdline); do
+        case "$x" in
+            fastboot|fsck.mode=skip)
+                echo "Skipping filesystem checks (fastboot)."
+                exit 0
+                ;;
+            forcefsck|fsck.mode=force)
+                FORCEARG="-f"
+                ;;
+            fsckfix|fsck.repair=yes)
+                FIXARG="-y"
+                ;;
+            fsck.repair=no)
+                FIXARG="-n"
+                ;;
+        esac
+    done
+fi
+
+fsck -A -R -C -t noopts=_netdev $FORCEARG $FIXARG
+FSCKRET=$?
+
+if [ $(($FSCKRET & 4)) -eq 4 ]; then
+    echo "ERROR: at least one fstab filesystem has unrecoverable errors."
+    exit 1
+fi
+
+# we don't care about the other conditions much; the
+# filesystems were either repaired or nothing has happened
+exit 0

scripts/hostname

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+[ -s /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)"
+[ "$HOSTNAME" ] && echo "$HOSTNAME" >| /proc/sys/kernel/hostname

scripts/hwclock

@@ -0,0 +1,15 @@
+#!/bin/sh
+. /etc/dinit.d/config/hwclock.conf
+
+HARDWARECLOCK=${HARDWARECLOCK:-UTC}
+
+case $HARDWARECLOCK in
+    UTC) HWCLOCK_PARAMS="--utc" ;;
+    localtime) HWCLOCK_PARAMS="--localtime" ;;
+    *) HWCLOCK_PARAMS="" ;;
+esac
+
+case "$1" in
+    start) hwclock --systz "$HWCLOCK_PARAMS" --noadjfile ;;
+    stop) hwclock --systohc "$HWCLOCK_PARAMS" ;;
+esac

scripts/network

@@ -0,0 +1,4 @@
+#!/bin/sh
+default="$(ip route | awk '/^default/{print ($3!="")+($5!="")}')"
+[ "$default" = 2 ] && exit 0
+exit 1

scripts/pseudofs

@@ -0,0 +1,36 @@
+#!/bin/sh
+
+mountpoint -q /sys                 || mount -t sysfs sys /sys -o nosuid,noexec,nodev
+mountpoint -q /sys/kernel/security || mount -n -t securityfs securityfs /sys/kernel/security
+[ -d /sys/firmware/efi ] && (mountpoint -q /sys/firmware/efi/efivars || mount -n -t efivarfs -o ro efivarfs /sys/firmware/efi/efivars)
+mountpoint -q /proc || mount -t proc proc /proc -o nosuid,noexec,nodev
+mountpoint -q /dev  || mount -t devtmpfs dev /dev -o mode=0755,nosuid
+
+# seed /dev with some things that might be needed (for example,
+# xudev doesn't do this compared to eudev), code from OpenRC
+
+# creating /dev/console, /dev/tty and /dev/tty1 to be able to write
+# to $CONSOLE with/without bootsplash before udevd creates it
+[ -c /dev/console ] || mknod -m 600 /dev/console c 5 1
+[ -c /dev/tty1 ]    || mknod -m 620 /dev/tty1 c 4 1
+[ -c /dev/tty ]     || mknod -m 666 /dev/tty c 5 0
+
+# udevd will dup its stdin/stdout/stderr to /dev/null
+# and we do not want a file which gets buffered in ram
+[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3
+
+# so udev can add its start-message to dmesg
+[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
+
+# extra symbolic links not provided by default
+[ -e /dev/fd ]     || ln -snf /proc/self/fd /dev/fd
+[ -e /dev/stdin ]  || ln -snf /proc/self/fd/0 /dev/stdin
+[ -e /dev/stdout ] || ln -snf /proc/self/fd/1 /dev/stdout
+[ -e /dev/stderr ] || ln -snf /proc/self/fd/2 /dev/stderr
+[ -e /proc/kcore ] && ln -snf /proc/kcore /dev/core
+
+mkdir -p /dev/pts /dev/shm
+mountpoint -q /dev/pts || mount -t devpts devpts /dev/pts -o mode=0620,gid=5,nosuid,noexec
+mountpoint -q /dev/shm || mount -t tmpfs shm /dev/shm -o mode=1777,nosuid,nodev
+mountpoint -q /run     || mount -t tmpfs run /run -o mode=0755,nosuid,nodev
+mkdir -p /run/dinit

scripts/random-seed

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+umask 077
+bytes="$(cat /proc/sys/kernel/random/poolsize)" || bytes=512
+
+case "$1" in
+    load)
+        cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
+        dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1
+    ;;
+    save)
+        bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1
+    ;;
+esac

scripts/udevd

@@ -0,0 +1,5 @@
+#!/bin/sh
+# Run after udevd-early so udevd can be properly supervised
+
+/usr/bin/udevadm control --exit >/dev/null 2>&1
+exec /usr/bin/udevd "$@"

scripts/vconsole

@@ -0,0 +1,15 @@
+#!/bin/sh
+[ -r /etc/vconsole.conf ] && . /etc/vconsole.conf
+TTYS=${TTYS:-6}
+_index=0
+while [ ${_index} -le "$TTYS" ]; do
+    if [ -n "$FONT" ]; then
+        setfont ${FONT_MAP:+-m $FONT_MAP} ${FONT_UNIMAP:+-u $FONT_UNIMAP} \
+                "$FONT" -C "/dev/tty${_index}"
+    fi
+    printf "\033%s" "%G" >/dev/tty${_index}
+    _index=$((_index + 1))
+done
+if [ -n "$KEYMAP" ]; then
+    loadkeys -q -u "${KEYMAP}"
+fi

services/boot

@@ -0,0 +1,9 @@
+# The primary service
+
+type = internal
+
+depends-ms = getty
+
+waits-for   = rclocal
+waits-for   = loginready
+waits-for.d = /etc/dinit.d/boot.d

services/cgroups

@@ -0,0 +1,4 @@
+type       = scripted
+command    = /usr/lib/dinit/cgroups
+restart    = false
+depends-on = pseudofs

services/cleanup

@@ -0,0 +1,4 @@
+type      = scripted
+command   = /usr/lib/dinit/cleanup
+restart   = false
+after     = fsck

services/dmesg

@@ -0,0 +1,4 @@
+type      = scripted
+command   = /usr/lib/dinit/dmesg
+restart   = false
+waits-for = loginready

services/fsck

@@ -0,0 +1,8 @@
+type          = scripted
+command       = /usr/lib/dinit/fsck
+restart       = false
+options       = starts-on-console start-interruptible skippable
+start-timeout = 0
+depends-on    = udevd
+after         = udev-settle
+waits-for.d   = /etc/dinit.d/mount.d

services/getty

@@ -0,0 +1,3 @@
+type        = scripted
+command     = /usr/lib/dinit/agetty
+depends-on  = loginready

services/hostname

@@ -0,0 +1,4 @@
+type      = scripted
+command   = /usr/lib/dinit/hostname
+restart   = false
+after     = pseudofs

services/hwclock

@@ -0,0 +1,6 @@
+type         = scripted
+command      = /usr/lib/dinit/hwclock start
+stop-command = /usr/lib/dinit/hwclock stop
+restart      = false
+depends-on   = udevd
+depends-on   = pseudofs

services/locale

@@ -0,0 +1,5 @@
+type       = scripted
+command    = /bin/sh /etc/profile.d/locale.sh
+restart    = false
+depends-on = root-rw
+depends-on = pseudofs

services/loginready

@@ -0,0 +1,7 @@
+type        = internal
+restart     = false
+options     = runs-on-console
+waits-for   = setup
+waits-for   = mount
+waits-for   = misc
+waits-for   = network

services/misc

@@ -0,0 +1,5 @@
+type      = internal
+restart   = false
+waits-for = hostname
+waits-for = hwclock
+waits-for = modules

services/modules

@@ -0,0 +1,5 @@
+type      = scripted
+command   = /usr/lib/dinit/modules-load
+restart   = false
+after     = pseudofs
+waits-for = udev-settle

services/mount

@@ -0,0 +1,6 @@
+type       = internal
+restart    = false
+waits-for  = root-rw
+waits-for  = cgroups
+waits-for  = pseudofs
+waits-for  = tmpfs

services/mount-all

@@ -0,0 +1,5 @@
+type         = scripted
+command      = /usr/bin/mount -a -t nonfs,nonfs4,nosmbfs,nocifs,nocodafs,noncpfs,noshfs,nofuse,nofuseblk,noglusterfs,nodavfs,nofuse.glusterfs -O no_netdev
+restart      = false
+waits-for    = fsck
+waits-for.d  = /etc/dinit.d/mount.d

services/net-lo

@@ -0,0 +1,4 @@
+type      = scripted
+command   = /usr/bin/ip link set up dev lo
+restart   = false
+after     = pseudofs

services/network

@@ -0,0 +1,9 @@
+# For services that need network, depend on this.
+# Run network services before this service.
+
+type       = internal
+restart    = false
+depends-on = network-pre
+after      = pseudofs
+after      = net-lo
+after      = mount

services/network-pre

@@ -0,0 +1,8 @@
+# Network services should depend on this internal service.
+# Run network services before this service.
+
+type       = internal
+restart    = false
+depends-on = rclocal
+after      = pseudofs
+after      = net-lo

services/pseudofs

@@ -0,0 +1,4 @@
+type     = scripted
+command  = /usr/lib/dinit/pseudofs
+restart  = false
+options  = starts-rwfs

services/random-seed

@@ -0,0 +1,6 @@
+type         = scripted
+command      = /usr/lib/dinit/seedrng
+restart      = false
+after        = pseudofs
+after        = udev-settle
+after        = root-rw

services/rclocal

@@ -0,0 +1,6 @@
+type         = scripted
+command      = /bin/sh /etc/dinit.d/config/rc.local
+stop-command = /bin/sh /etc/dinit.d/config/rc.shutdown
+restart      = false
+after        = mount
+before       = loginready

services/recovery

@@ -0,0 +1,3 @@
+type    = process
+command = /sbin/sulogin
+options = runs-on-console

services/root-rw

@@ -0,0 +1,9 @@
+type    = scripted
+command = /bin/mount -o remount,rw /
+restart = false
+options = starts-rwfs
+logfile = /var/log/dinit/rootrw.log
+
+waits-for  = mount-all
+after      = hwclock
+after      = fsck

services/setup

@@ -0,0 +1,9 @@
+type      = internal
+restart   = false
+waits-for = cleanup
+waits-for = locale
+waits-for = net-lo
+waits-for = random-seed
+waits-for = swap
+waits-for = sysctl
+waits-for = vconsole

services/single

@@ -0,0 +1,5 @@
+type     = process
+command  = /bin/sh
+restart  = false
+options  = shares-console
+chain-to = boot

services/swap

@@ -0,0 +1,6 @@
+type         = scripted
+command      = /sbin/swapon -a
+stop-command = /sbin/swapoff -a
+waits-for    = root-rw
+depends-on   = udevd
+after        = udev-settle

services/sysctl

@@ -0,0 +1,5 @@
+type      = scripted
+command   = /usr/bin/sysctl --system
+restart   = false
+after     = udevd
+after     = mount-all

services/tmpfs

@@ -0,0 +1,4 @@
+type      = scripted
+command   = /bin/mount -t tmpfs tmpfs /tmp
+restart   = false
+after     = pseudofs

services/tty1

@@ -0,0 +1,8 @@
+type            = process
+command         = /usr/lib/dinit/agetty-default tty1
+restart         = true
+depends-on      = loginready
+termsignal      = HUP
+smooth-recovery = true
+inittab-id      = 1
+inittab-line    = tty1

services/tty2

@@ -0,0 +1,8 @@
+type            = process
+command         = /usr/lib/dinit/agetty-default tty2
+restart         = true
+depends-on      = loginready
+termsignal      = HUP
+smooth-recovery = true
+inittab-id      = 2
+inittab-line    = tty2

services/tty3

@@ -0,0 +1,8 @@
+type            = process
+command         = /usr/lib/dinit/agetty-default tty3
+restart         = true
+depends-on      = loginready
+termsignal      = HUP
+smooth-recovery = true
+inittab-id      = 3
+inittab-line    = tty3

services/tty4

@@ -0,0 +1,8 @@
+type            = process
+command         = /usr/lib/dinit/agetty-default tty4
+restart         = true
+depends-on      = loginready
+termsignal      = HUP
+smooth-recovery = true
+inittab-id      = 4
+inittab-line    = tty4

services/tty5

@@ -0,0 +1,8 @@
+type            = process
+command         = /usr/lib/dinit/agetty-default tty5
+restart         = true
+depends-on      = loginready
+termsignal      = HUP
+smooth-recovery = true
+inittab-id      = 5
+inittab-line    = tty5

services/tty6

@@ -0,0 +1,8 @@
+type            = process
+command         = /usr/lib/dinit/agetty-default tty6
+restart         = true
+depends-on      = loginready
+termsignal      = HUP
+smooth-recovery = true
+inittab-id      = 6
+inittab-line    = tty6

services/udev-settle

@@ -0,0 +1,5 @@
+type       = scripted
+command    = /usr/bin/udevadm settle
+restart    = false
+depends-on = udevd-early
+depends-on = udev-trigger

services/udev-trigger

@@ -0,0 +1,4 @@
+type       = scripted
+command    = /usr/bin/udevadm trigger --action=add
+restart    = false
+depends-on = udevd-early

services/udevd

@@ -0,0 +1,7 @@
+type            = process
+command         = /usr/lib/dinit/udevd
+before          = setup
+depends-on      = udevd-early
+depends-ms      = udev-settle
+restart         = true
+smooth-recovery = true

services/udevd-early

@@ -0,0 +1,7 @@
+type            = scripted
+command         = /usr/bin/udevd --daemon
+stop-command    = /usr/bin/sh -c "/usr/bin/udevadm control -e || :"
+restart         = false
+depends-on      = pseudofs
+depends-on      = tmpfs
+depends-on      = cgroups

services/vconsole

@@ -0,0 +1,5 @@
+type      = scripted
+command   = /usr/lib/dinit/vconsole
+restart   = false
+waits-for = hostname
+waits-for = udev-settle