diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..994d134 --- /dev/null +++ b/COPYING @@ -0,0 +1,26 @@ +Copyright (C) 2021 Muhammad Herdiansyah +Copyright (C) 2021 Artix Linux Developers +Copyright (C) 2021 Daniel "q66" Kolesa + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +1. Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..7e60a11 --- /dev/null +++ b/Makefile @@ -0,0 +1,139 @@ +PREFIX ?= /usr +SYSCONFDIR ?= /etc +LOCALSTATEDIR ?= /var +BINDIR ?= $(PREFIX)/bin +LIBDIR ?= $(PREFIX)/lib +DATADIR ?= $(PREFIX)/share +DINITSRVDIR ?= $(LIBDIR)/dinit.d +DINITCNFDIR ?= $(SYSCONFDIR)/dinit.d + +BIN_PROGRAMS = modules-load seedrng + +MANPAGES = modules-load.8 + +CONF_FILES = \ + agetty-default.conf \ + console.conf \ + cgroups.conf \ + hwclock.conf \ + rc.local \ + rc.shutdown + +SERVICEDIR = boot.d \ + mount.d + +SERVICES = \ + boot \ + cgroups \ + cleanup \ + dmesg \ + fsck \ + getty \ + hostname \ + hwclock \ + loginready \ + locale \ + misc \ + modules \ + mount \ + mount-all \ + net-lo \ + network \ + network-pre \ + pseudofs \ + random-seed \ + rclocal \ + recovery \ + root-rw \ + setup \ + single \ + swap \ + sysctl \ + tmpfs \ + udevd \ + udevd-early \ + udev-settle \ + udev-trigger \ + vconsole + + +SCRIPTS = \ + agetty \ + agetty-default \ + cgroup-release-agent.sh \ + cgroups \ + cleanup \ + dmesg \ + fsck \ + hostname \ + hwclock \ + pseudofs \ + udevd \ + vconsole + +TTY_SERVICES = \ + tty1 \ + tty2 \ + tty3 \ + tty4 \ + tty5 \ + tty6 + +LOCALSTATEDIR ?= /var/lib +CFLAGS ?= -O2 -pipe + +CFLAGS += -Wall -Wextra -pedantic +CFLAGS += -DLOCALSTATEDIR="\"$(LOCALSTATEDIR)\"" + +seedrng: bin/seedrng.c + cc -o bin/seedrng bin/seedrng.c $(CFLAGS) + +install: + install -d $(DESTDIR)$(BINDIR) + install -d $(DESTDIR)$(LIBDIR) + install -d $(DESTDIR)$(DATADIR) + install -d $(DESTDIR)$(SYSCONFDIR) + install -d $(DESTDIR)$(MANDIR) + install -d $(DESTDIR)$(DINITSRVDIR) + install -d $(DESTDIR)$(DINITCNFDIR)/config + install -d $(DESTDIR)$(LIBDIR)/dinit + install -d $(DESTDIR)$(DINITCNFDIR)/boot.d + install -d $(DESTDIR)$(DINITCNFDIR)/mount.d + install -d $(DESTDIR)$(DINITCNFDIR)/live.d + install -d $(DESTDIR)$(LOCALSTATEDIR)/log/dinit + # placeholder + touch $(DESTDIR)$(DINITCNFDIR)/mount.d/.KEEP + touch $(DESTDIR)$(DINITCNFDIR)/boot.d/.KEEP + touch $(DESTDIR)$(DINITCNFDIR)/live.d/.KEEP + # config files + for conf in $(CONF_FILES); do \ + install -m 644 config/$$conf $(DESTDIR)$(DINITCNFDIR)/config; \ + done + # scripts + for script in $(SCRIPTS); do \ + install -m 755 scripts/$$script $(DESTDIR)$(LIBDIR)/dinit; \ + done + # programs + for prog in $(BIN_PROGRAMS); do \ + install -m 755 bin/$$prog $(DESTDIR)$(LIBDIR)/dinit; \ + done + # manpages + for man in $(MANPAGES); do \ + install -m 644 man/$$man $(DESTDIR)$(MANDIR); \ + done + # services + for srv in $(SERVICES); do \ + install -m 644 services/$$srv $(DESTDIR)$(DINITSRVDIR); \ + done + # getty services + for srv in $(TTY_SERVICES); do \ + install -m 644 services/$$srv $(DESTDIR)$(DINITCNFDIR); \ + done + # misc + install -Dm644 misc/50-default.conf $(DESTDIR)$(LIBDIR)/sysctl.d/50-default.conf + install -Dm644 misc/dinit.logrotate $(DESTDIR)$(SYSCONFDIR)/logrotate.d/dinit + +clean: + rm -f bin/seedrng + +.PHONY: clean diff --git a/README b/README new file mode 100644 index 0000000..4455849 --- /dev/null +++ b/README @@ -0,0 +1,6 @@ +Artix's dinit stage 1. + +Adapted from s6-scripts, runit-rc, Chimera Linux, and dinit's own configuration. + +TODO: Either remove cgroup code, or clean it, it's messy, and it's on dinit's +plan post-1.0. diff --git a/bin/modules-load b/bin/modules-load new file mode 100755 index 0000000..2cfd8ce --- /dev/null +++ b/bin/modules-load @@ -0,0 +1,24 @@ +#!/bin/sh + +if [ "$(id -u)" != "0" ];then + echo "$(basename $0) need to run as root!" + exit 1 +fi + +MODULES_DIR=/etc/modules-load.d + +error=0 + +for file in "$MODULES_DIR"/*.conf; do + [ ! -f "$file" ] && continue + while read -r module junk; do + # Ignore comments and blank lines + case "$module" in + ""|\#*) continue ;; + esac + modprobe -ab "$module" || error=$? + done < "$file" +done + +exit $error + diff --git a/bin/seedrng.c b/bin/seedrng.c new file mode 100644 index 0000000..9f93fe2 --- /dev/null +++ b/bin/seedrng.c @@ -0,0 +1,488 @@ +// SPDX-License-Identifier: (GPL-2.0 OR Apache-2.0 OR MIT OR BSD-1-Clause OR CC0-1.0) +/* + * Copyright (C) 2022 Jason A. Donenfeld . All Rights Reserved. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#ifndef LOCALSTATEDIR +#define LOCALSTATEDIR "/var/lib" +#endif + +#define SEED_DIR LOCALSTATEDIR "/seedrng" +#define CREDITABLE_SEED "seed.credit" +#define NON_CREDITABLE_SEED "seed.no-credit" + +enum blake2s_lengths { + BLAKE2S_BLOCK_LEN = 64, + BLAKE2S_HASH_LEN = 32, + BLAKE2S_KEY_LEN = 32 +}; + +enum seedrng_lengths { + MAX_SEED_LEN = 512, + MIN_SEED_LEN = BLAKE2S_HASH_LEN +}; + +struct blake2s_state { + uint32_t h[8]; + uint32_t t[2]; + uint32_t f[2]; + uint8_t buf[BLAKE2S_BLOCK_LEN]; + unsigned int buflen; + unsigned int outlen; +}; + +#define le32_to_cpup(a) le32toh(*(a)) +#define cpu_to_le32(a) htole32(a) +#ifndef ARRAY_SIZE +#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) +#endif +#ifndef DIV_ROUND_UP +#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d)) +#endif + +static inline void cpu_to_le32_array(uint32_t *buf, unsigned int words) +{ + while (words--) { + *buf = cpu_to_le32(*buf); + ++buf; + } +} + +static inline void le32_to_cpu_array(uint32_t *buf, unsigned int words) +{ + while (words--) { + *buf = le32_to_cpup(buf); + ++buf; + } +} + +static inline uint32_t ror32(uint32_t word, unsigned int shift) +{ + return (word >> (shift & 31)) | (word << ((-shift) & 31)); +} + +static const uint32_t blake2s_iv[8] = { + 0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL, + 0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL +}; + +static const uint8_t blake2s_sigma[10][16] = { + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, + { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, + { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, + { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, + { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, + { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, + { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, + { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, + { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 }, +}; + +static void blake2s_set_lastblock(struct blake2s_state *state) +{ + state->f[0] = -1; +} + +static void blake2s_increment_counter(struct blake2s_state *state, const uint32_t inc) +{ + state->t[0] += inc; + state->t[1] += (state->t[0] < inc); +} + +static void blake2s_init_param(struct blake2s_state *state, const uint32_t param) +{ + int i; + + memset(state, 0, sizeof(*state)); + for (i = 0; i < 8; ++i) + state->h[i] = blake2s_iv[i]; + state->h[0] ^= param; +} + +static void blake2s_init(struct blake2s_state *state, const size_t outlen) +{ + blake2s_init_param(state, 0x01010000 | outlen); + state->outlen = outlen; +} + +static void blake2s_compress(struct blake2s_state *state, const uint8_t *block, size_t nblocks, const uint32_t inc) +{ + uint32_t m[16]; + uint32_t v[16]; + int i; + + while (nblocks > 0) { + blake2s_increment_counter(state, inc); + memcpy(m, block, BLAKE2S_BLOCK_LEN); + le32_to_cpu_array(m, ARRAY_SIZE(m)); + memcpy(v, state->h, 32); + v[ 8] = blake2s_iv[0]; + v[ 9] = blake2s_iv[1]; + v[10] = blake2s_iv[2]; + v[11] = blake2s_iv[3]; + v[12] = blake2s_iv[4] ^ state->t[0]; + v[13] = blake2s_iv[5] ^ state->t[1]; + v[14] = blake2s_iv[6] ^ state->f[0]; + v[15] = blake2s_iv[7] ^ state->f[1]; + +#define G(r, i, a, b, c, d) do { \ + a += b + m[blake2s_sigma[r][2 * i + 0]]; \ + d = ror32(d ^ a, 16); \ + c += d; \ + b = ror32(b ^ c, 12); \ + a += b + m[blake2s_sigma[r][2 * i + 1]]; \ + d = ror32(d ^ a, 8); \ + c += d; \ + b = ror32(b ^ c, 7); \ +} while (0) + +#define ROUND(r) do { \ + G(r, 0, v[0], v[ 4], v[ 8], v[12]); \ + G(r, 1, v[1], v[ 5], v[ 9], v[13]); \ + G(r, 2, v[2], v[ 6], v[10], v[14]); \ + G(r, 3, v[3], v[ 7], v[11], v[15]); \ + G(r, 4, v[0], v[ 5], v[10], v[15]); \ + G(r, 5, v[1], v[ 6], v[11], v[12]); \ + G(r, 6, v[2], v[ 7], v[ 8], v[13]); \ + G(r, 7, v[3], v[ 4], v[ 9], v[14]); \ +} while (0) + ROUND(0); + ROUND(1); + ROUND(2); + ROUND(3); + ROUND(4); + ROUND(5); + ROUND(6); + ROUND(7); + ROUND(8); + ROUND(9); + +#undef G +#undef ROUND + + for (i = 0; i < 8; ++i) + state->h[i] ^= v[i] ^ v[i + 8]; + + block += BLAKE2S_BLOCK_LEN; + --nblocks; + } +} + +static void blake2s_update(struct blake2s_state *state, const void *inp, size_t inlen) +{ + const size_t fill = BLAKE2S_BLOCK_LEN - state->buflen; + const uint8_t *in = inp; + + if (!inlen) + return; + if (inlen > fill) { + memcpy(state->buf + state->buflen, in, fill); + blake2s_compress(state, state->buf, 1, BLAKE2S_BLOCK_LEN); + state->buflen = 0; + in += fill; + inlen -= fill; + } + if (inlen > BLAKE2S_BLOCK_LEN) { + const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2S_BLOCK_LEN); + blake2s_compress(state, in, nblocks - 1, BLAKE2S_BLOCK_LEN); + in += BLAKE2S_BLOCK_LEN * (nblocks - 1); + inlen -= BLAKE2S_BLOCK_LEN * (nblocks - 1); + } + memcpy(state->buf + state->buflen, in, inlen); + state->buflen += inlen; +} + +static void blake2s_final(struct blake2s_state *state, uint8_t *out) +{ + blake2s_set_lastblock(state); + memset(state->buf + state->buflen, 0, BLAKE2S_BLOCK_LEN - state->buflen); + blake2s_compress(state, state->buf, 1, state->buflen); + cpu_to_le32_array(state->h, ARRAY_SIZE(state->h)); + memcpy(out, state->h, state->outlen); +} + +static ssize_t getrandom_full(void *buf, size_t count, unsigned int flags) +{ + ssize_t ret, total = 0; + uint8_t *p = buf; + + do { + ret = getrandom(p, count, flags); + if (ret < 0 && errno == EINTR) + continue; + else if (ret < 0) + return ret; + total += ret; + p += ret; + count -= ret; + } while (count); + return total; +} + +static ssize_t read_full(int fd, void *buf, size_t count) +{ + ssize_t ret, total = 0; + uint8_t *p = buf; + + do { + ret = read(fd, p, count); + if (ret < 0 && errno == EINTR) + continue; + else if (ret < 0) + return ret; + else if (ret == 0) + break; + total += ret; + p += ret; + count -= ret; + } while (count); + return total; +} + +static ssize_t write_full(int fd, const void *buf, size_t count) +{ + ssize_t ret, total = 0; + const uint8_t *p = buf; + + do { + ret = write(fd, p, count); + if (ret < 0 && errno == EINTR) + continue; + else if (ret < 0) + return ret; + total += ret; + p += ret; + count -= ret; + } while (count); + return total; +} + +static size_t determine_optimal_seed_len(void) +{ + size_t ret = 0; + char poolsize_str[11] = { 0 }; + int fd = open("/proc/sys/kernel/random/poolsize", O_RDONLY); + + if (fd < 0 || read_full(fd, poolsize_str, sizeof(poolsize_str) - 1) < 0) { + perror("Unable to determine pool size, falling back to 256 bits"); + ret = MIN_SEED_LEN; + } else + ret = DIV_ROUND_UP(strtoul(poolsize_str, NULL, 10), 8); + if (fd >= 0) + close(fd); + if (ret < MIN_SEED_LEN) + ret = MIN_SEED_LEN; + else if (ret > MAX_SEED_LEN) + ret = MAX_SEED_LEN; + return ret; +} + +static int read_new_seed(uint8_t *seed, size_t len, bool *is_creditable) +{ + ssize_t ret; + int urandom_fd; + + *is_creditable = false; + ret = getrandom_full(seed, len, GRND_NONBLOCK); + if (ret == (ssize_t)len) { + *is_creditable = true; + return 0; + } else if (ret < 0 && errno == ENOSYS) { + struct pollfd random_fd = { + .fd = open("/dev/random", O_RDONLY), + .events = POLLIN + }; + if (random_fd.fd < 0) + return -errno; + *is_creditable = poll(&random_fd, 1, 0) == 1; + close(random_fd.fd); + } else if (getrandom_full(seed, len, GRND_INSECURE) == (ssize_t)len) + return 0; + urandom_fd = open("/dev/urandom", O_RDONLY); + if (urandom_fd < 0) + return -1; + ret = read_full(urandom_fd, seed, len); + if (ret == (ssize_t)len) + ret = 0; + else + ret = -errno ? -errno : -EIO; + close(urandom_fd); + errno = -ret; + return ret ? -1 : 0; +} + +static int seed_rng(uint8_t *seed, size_t len, bool credit) +{ + struct { + int entropy_count; + int buf_size; + uint8_t buffer[MAX_SEED_LEN]; + } req = { + .entropy_count = credit ? len * 8 : 0, + .buf_size = len + }; + int random_fd, ret; + + if (len > sizeof(req.buffer)) { + errno = EFBIG; + return -1; + } + memcpy(req.buffer, seed, len); + + random_fd = open("/dev/urandom", O_RDONLY); + if (random_fd < 0) + return -1; + ret = ioctl(random_fd, RNDADDENTROPY, &req); + if (ret) + ret = -errno ? -errno : -EIO; + close(random_fd); + errno = -ret; + return ret ? -1 : 0; +} + +static int seed_from_file_if_exists(const char *filename, int dfd, bool credit, struct blake2s_state *hash) +{ + uint8_t seed[MAX_SEED_LEN]; + ssize_t seed_len; + int fd = -1, ret = 0; + + fd = openat(dfd, filename, O_RDONLY); + if (fd < 0 && errno == ENOENT) + return 0; + else if (fd < 0) { + ret = -errno; + perror("Unable to open seed file"); + goto out; + } + seed_len = read_full(fd, seed, sizeof(seed)); + if (seed_len < 0) { + ret = -errno; + perror("Unable to read seed file"); + goto out; + } + if ((unlinkat(dfd, filename, 0) < 0 || fsync(dfd) < 0) && seed_len) { + ret = -errno; + perror("Unable to remove seed after reading, so not seeding"); + goto out; + } + if (!seed_len) + goto out; + + blake2s_update(hash, &seed_len, sizeof(seed_len)); + blake2s_update(hash, seed, seed_len); + + printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without"); + if (seed_rng(seed, seed_len, credit) < 0) { + ret = -errno; + perror("Unable to seed"); + } + +out: + if (fd >= 0) + close(fd); + errno = -ret; + return ret ? -1 : 0; +} + +static bool skip_credit(void) +{ + const char *skip = getenv("SEEDRNG_SKIP_CREDIT"); + return skip && (!strcmp(skip, "1") || !strcasecmp(skip, "true") || + !strcasecmp(skip, "yes") || !strcasecmp(skip, "y")); +} + +int main(int argc __attribute__((unused)), char *argv[] __attribute__((unused))) +{ + static const char seedrng_prefix[] = "SeedRNG v1 Old+New Prefix"; + static const char seedrng_failure[] = "SeedRNG v1 No New Seed Failure"; + int fd = -1, dfd = -1, program_ret = 0; + uint8_t new_seed[MAX_SEED_LEN]; + size_t new_seed_len; + bool new_seed_creditable; + struct timespec realtime = { 0 }, boottime = { 0 }; + struct blake2s_state hash; + + umask(0077); + if (getuid()) { + errno = EACCES; + perror("This program requires root"); + return 1; + } + + blake2s_init(&hash, BLAKE2S_HASH_LEN); + blake2s_update(&hash, seedrng_prefix, strlen(seedrng_prefix)); + clock_gettime(CLOCK_REALTIME, &realtime); + clock_gettime(CLOCK_BOOTTIME, &boottime); + blake2s_update(&hash, &realtime, sizeof(realtime)); + blake2s_update(&hash, &boottime, sizeof(boottime)); + + if (mkdir(SEED_DIR, 0700) < 0 && errno != EEXIST) { + perror("Unable to create seed directory"); + return 1; + } + + dfd = open(SEED_DIR, O_DIRECTORY | O_RDONLY); + if (dfd < 0 || flock(dfd, LOCK_EX) < 0) { + perror("Unable to lock seed directory"); + program_ret = 1; + goto out; + } + + if (seed_from_file_if_exists(NON_CREDITABLE_SEED, dfd, false, &hash) < 0) + program_ret |= 1 << 1; + if (seed_from_file_if_exists(CREDITABLE_SEED, dfd, !skip_credit(), &hash) < 0) + program_ret |= 1 << 2; + + new_seed_len = determine_optimal_seed_len(); + if (read_new_seed(new_seed, new_seed_len, &new_seed_creditable) < 0) { + perror("Unable to read new seed"); + new_seed_len = BLAKE2S_HASH_LEN; + strncpy((char *)new_seed, seedrng_failure, new_seed_len); + program_ret |= 1 << 3; + } + blake2s_update(&hash, &new_seed_len, sizeof(new_seed_len)); + blake2s_update(&hash, new_seed, new_seed_len); + blake2s_final(&hash, new_seed + new_seed_len - BLAKE2S_HASH_LEN); + + printf("Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable"); + fd = openat(dfd, NON_CREDITABLE_SEED, O_WRONLY | O_CREAT | O_TRUNC, 0400); + if (fd < 0) { + perror("Unable to open seed file for writing"); + program_ret |= 1 << 4; + goto out; + } + if (write_full(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) { + perror("Unable to write seed file"); + program_ret |= 1 << 5; + goto out; + } + if (new_seed_creditable && renameat(dfd, NON_CREDITABLE_SEED, dfd, CREDITABLE_SEED) < 0) { + perror("Unable to make new seed creditable"); + program_ret |= 1 << 6; + } +out: + if (fd >= 0) + close(fd); + if (dfd >= 0) + close(dfd); + return program_ret; +} diff --git a/config/agetty-default.conf b/config/agetty-default.conf new file mode 100644 index 0000000..1ce309a --- /dev/null +++ b/config/agetty-default.conf @@ -0,0 +1,10 @@ +#!/bin/sh + +# DO NOT REMOVE THIS FILE! +# Note: You can copy and rename this file to the name of the tty you +# want (e.g.: /etc/dinit.d/config/agetty-tty1.conf will make a +# configuration specific to tty1) + +GETTY_BAUD=38400 +GETTY_TERM=linux +GETTY_ARGS= diff --git a/config/cgroups.conf b/config/cgroups.conf new file mode 100644 index 0000000..65dbb82 --- /dev/null +++ b/config/cgroups.conf @@ -0,0 +1,19 @@ +# cgroups mode +# legacy mounts cgroups version 1 on /sys/fs/cgroup +# unified mounts cgroups version 2 on /sys/fs/cgroup +# hybrid mounts cgroups version 2 on /sys/fs/cgroup/unified and +# cgroups version 1 on /sys/fs/cgroup + +CGROUP_MODE=hybrid + +# This is a list of controllers which should be enabled for cgroups version 2. +# If hybrid mode is being used, controllers listed here will not be +# available for cgroups version 1. none means no controllers will be used + +CGROUP_CONTROLLERS=none + +# This switch controls whether or not cgroups version 1 controllers are +# individually mounted under +# /sys/fs/cgroup in hybrid or legacy mode + +HAVE_CONTROLLER1_GROUPS=true diff --git a/config/console.conf b/config/console.conf new file mode 100644 index 0000000..f81e2d1 --- /dev/null +++ b/config/console.conf @@ -0,0 +1,5 @@ +!#/bin/sh + +# Active consoles +# Currently available: /dev/tty1 until /dev/tty6 +ACTIVE_CONSOLES="/dev/tty[1-6]" diff --git a/config/hwclock.conf b/config/hwclock.conf new file mode 100644 index 0000000..f45148b --- /dev/null +++ b/config/hwclock.conf @@ -0,0 +1,7 @@ +# Set HARDWARECLOCK to UTC if your Hardware Clock is set to UTC (also known as +# Greenwich Mean Time). If that clock is set to the local time, then set +# HARDWARECLOCK to localtime Note that if you dual boot with Windows, then you +# should set it to localtime (or edit the Windows registry to make the Hardware +# Clock set to UTC). + +HARDWARECLOCK=UTC diff --git a/config/rc.local b/config/rc.local new file mode 100644 index 0000000..dc6023a --- /dev/null +++ b/config/rc.local @@ -0,0 +1,12 @@ +#!/bin/sh + +# /etc/dinit.d/config/rc.local -- rc.local for Artix Linux +# + +if [ -d /etc/local.d ]; then + for file in /etc/local.d/*.start; do + sh "$file" + done +fi + +# Enter your custom commands here. diff --git a/config/rc.shutdown b/config/rc.shutdown new file mode 100644 index 0000000..7470252 --- /dev/null +++ b/config/rc.shutdown @@ -0,0 +1,12 @@ +#!/bin/sh + +# /etc/dinit.d/config/rc.shutdown -- rc.shutdown for Artix Linux +# + +if [ -d /etc/local.d ]; then + for file in /etc/local.d/*.stop; do + sh "$file" + done +fi + +# Enter your custom commands here. diff --git a/misc/50-default.conf b/misc/50-default.conf new file mode 100644 index 0000000..447c393 --- /dev/null +++ b/misc/50-default.conf @@ -0,0 +1,42 @@ +# See sysctl.d(5) and core(5) for documentation. + +# System Request functionality of the kernel (SYNC) +# +# Use kernel.sysrq = 1 to allow all keys. +# See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html for a list +# of values and keys. +kernel.sysrq = 16 + +# Append the PID to the core filename +kernel.core_uses_pid = 1 + +# Source route verification +net.ipv4.conf.default.rp_filter = 2 +-net.ipv4.conf.all.rp_filter = 1 + +# Do not accept source routing +net.ipv4.conf.default.accept_source_route = 0 +-net.ipv4.conf.all.accept_source_route = 0 + +# Promote secondary addresses when the primary address is removed +net.ipv4.conf.default.promote_secondaries = 1 +-net.ipv4.conf.all.promote_secondaries = 1 + +# ping(8) without CAP_NET_ADMIN and CAP_NET_RAW +# The upper limit is set to 2^31-1. Values greater than that get rejected by +# the kernel because of this definition in linux/include/net/ping.h: +# #define GID_T_MAX (((gid_t)~0U) >> 1) +# That's not so bad because values between 2^31 and 2^32-1 are reserved on +# systemd-based systems anyway: https://systemd.io/UIDS-GIDS.html#summary +-net.ipv4.ping_group_range = 0 2147483647 + +# Fair Queue CoDel packet scheduler to fight bufferbloat +net.core.default_qdisc = fq_codel + +# Enable hard and soft link protection +fs.protected_hardlinks = 1 +fs.protected_symlinks = 1 + +# Enable regular file and FIFO protection +fs.protected_regular = 1 +fs.protected_fifos = 1 diff --git a/misc/dinit.logrotate b/misc/dinit.logrotate new file mode 100644 index 0000000..ba044c9 --- /dev/null +++ b/misc/dinit.logrotate @@ -0,0 +1,7 @@ +/var/log/dinit/*.log { + compress + rotate 4 + weekly + missingok + notifempty +} diff --git a/scripts/agetty b/scripts/agetty new file mode 100644 index 0000000..d11e734 --- /dev/null +++ b/scripts/agetty @@ -0,0 +1,62 @@ +#!/bin/sh +# Originally written by Daniel "q66" Kolesa for nyagetty on Chimera Linux +# nyagetty was licensed under Public Domain or the following terms: +# +# Permission to use, copy, modify, and/or distribute this software for +# any purpose with or without fee is hereby granted. + +# THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL +# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE +# FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY +# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN +# AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT +# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +[ -r /etc/dinit.d/config/console.conf ] && . /etc/dinit.d/config/console.conf + +export PATH=/usr/bin + +# the specified active consoles we want +ACTIVE_CONSOLES=$( + for tty in $ACTIVE_CONSOLES; do + if [ -e $tty ]; then + echo $tty + fi + done +) + +# possibly already active console list +PREV_CONSOLES= +[ -f /run/agetty-active ] && PREV_CONSOLES=$(cat /run/agetty-active) + +# add dependency links for all possible requested consoles +ACTIVE_SERVICES=$( + for tty in $ACTIVE_CONSOLES; do + tty=${tty##*/} + [ -f /etc/dinit.d/$tty ] || continue + dinitctl add-dep milestone getty $tty > /dev/null + echo $tty + done +) + +# clear dependency links for consoles that were active but should not be +for otty in $PREV_CONSOLES; do + for tty in $ACTIVE_SERVICES; do + if [ "$tty" = "$otty" ]; then + otty= + break + fi + done + [ -n "$otty" ] && dinitctl rm-dep milestone getty $otty > /dev/null +done + +rm -f /run/agetty-active + +# wake whichever services newly got links and generate a new active list +for tty in $ACTIVE_SERVICES; do + echo $tty >> /run/agetty-active + dinitctl wake $tty > /dev/null & +done + +wait || : diff --git a/scripts/agetty-default b/scripts/agetty-default new file mode 100644 index 0000000..29b1413 --- /dev/null +++ b/scripts/agetty-default @@ -0,0 +1,28 @@ +#!/bin/sh +# A wrapper for agetty with config files. +# Adapted from Chimera Linux +# Copyright 2023 Daniel "q66" Kolesa +# License: BSD-2-Clause + +GETTY="$1" +[ -n "$GETTY" ] && shift + +[ -z "$GETTY" ] && echo "$0: no tty given" + +[ ! -c "/dev/$GETTY" ] && echo "$0: /dev/$GETTY is not a terminal" + +# defaults +GETTY_BAUD="$1" +[ -n "$GETTY_BAUD" ] && shift +[ -n "$GETTY_BAUD" ] || GETTY_BAUD=38400 +GETTY_TERM="$1" +[ -n "$GETTY_TERM" ] && shift +[ -n "$GETTY_TERM" ] || GETTY_TERM=linux +GETTY_ARGS=$* + +[ "$GETTY" = tty1 ] && GETTY_ARGS="$GETTY_ARGS --noclear" + +# read config, which may override the above vars +[ -r "/etc/dinit.d/config/agetty-$GETTY.conf" ] && . "/etc/dinit.d/config/agetty-$GETTY.conf" + +exec /usr/bin/agetty $GETTY_ARGS "$GETTY" "$GETTY_BAUD" "$GETTY_TERM" diff --git a/scripts/cgroup-release-agent.sh b/scripts/cgroup-release-agent.sh new file mode 100644 index 0000000..179e6bc --- /dev/null +++ b/scripts/cgroup-release-agent.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# This is run by the kernel after the last task is removed from a +# control group in the openrc hierarchy. + +# Copyright (c) 2007-2015 The OpenRC Authors. +# See the Authors file at the top-level directory of this distribution and +# https://github.com/OpenRC/openrc/blob/master/AUTHORS +# +# This file is part of OpenRC. It is subject to the license terms in +# the LICENSE file found in the top-level directory of this +# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE +# This file may not be copied, modified, propagated, or distributed +# except according to the terms contained in the LICENSE file. + +cgroup=/sys/fs/cgroup/openrc +PATH=/bin:/usr/bin:/sbin:/usr/sbin +if [ -d ${cgroup}/"$1" ]; then + rmdir ${cgroup}/"$1" +fi diff --git a/scripts/cgroups b/scripts/cgroups new file mode 100644 index 0000000..8df6653 --- /dev/null +++ b/scripts/cgroups @@ -0,0 +1,118 @@ +#!/bin/sh + +[ -r /etc/dinit.d/config/cgroups.conf ] && . /etc/dinit.d/config/cgroups.conf + +CGROUP_OPTS=nodev,noexec,nosuid + +[ "$CGROUP_CONTROLLERS" = "none" ] && CGROUP_CONTROLLERS="" + +cgroup2_find_path() { + if grep -qw cgroup2 /proc/filesystems; then + case "${CGROUP_MODE}" in + hybrid) printf "/sys/fs/cgroup/unified" ;; + unified) printf "/sys/fs/cgroup" ;; + esac + fi + return 0 +} + +cgroup1_base() { + grep -qw cgroup /proc/filesystems || return 0 + if ! mountpoint -q /sys/fs/cgroup; then + local opts="${CGROUP_OPTS},mode=755,size=${rc_cgroupsize:-10m}" + mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup + fi + + if ! mountpoint -q /sys/fs/cgroup/openrc; then + local agent + agent="/usr/lib/dinit/cgroup-release-agent.sh" + mkdir /sys/fs/cgroup/openrc + mount -n -t cgroup -o none,${CGROUP_OPTS},name=openrc,release_agent="$agent" openrc /sys/fs/cgroup/openrc + printf 1 > /sys/fs/cgroup/openrc/notify_on_release + fi + return 0 +} + +cgroup1_controllers() { + ${HAVE_CONTROLLER1_GROUPS} && [ -e /proc/cgroups ] && grep -qw cgroup /proc/filesystems || return 0 + while read -r name _ _ enabled _; do + case "${enabled}" in + 1) if mountpoint -q "/sys/fs/cgroup/${name}";then continue;fi + local x + for x in $CGROUP_CONTROLLERS; do + [ "${name}" = "blkio" ] && [ "${x}" = "io" ] && + continue 2 + [ "${name}" = "${x}" ] && + continue 2 + done + mkdir "/sys/fs/cgroup/${name}" + mount -n -t cgroup -o "${CGROUP_OPTS},${name}" "${name}" "/sys/fs/cgroup/${name}" + ;; + esac + done < /proc/cgroups + return 0 +} + +cgroup2_base() { + grep -qw cgroup2 /proc/filesystems || return 0 + local base + base="$(cgroup2_find_path)" + mkdir -p "${base}" + mount -t cgroup2 none -o "${CGROUP_OPTS},nsdelegate" "${base}" 2> /dev/null || + mount -t cgroup2 none -o "${CGROUP_OPTS}" "${base}" + return 0 +} + +cgroup2_controllers() { + grep -qw cgroup2 /proc/filesystems || return 0 + local active cgroup_path x y + cgroup_path="$(cgroup2_find_path)" + [ -z "${cgroup_path}" ] && return 0 + [ -e "${cgroup_path}/cgroup.controllers" ] && read -r active < "${cgroup_path}/cgroup.controllers" + for x in ${CGROUP_CONTROLLERS}; do + for y in ${active}; do + [ "$x" = "$y" ] && [ -e "${cgroup_path}/cgroup.subtree_control" ] && + echo "+${x}" > "${cgroup_path}/cgroup.subtree_control" + done + done + return 0 +} + +cgroups_hybrid() { + cgroup1_base + cgroup2_base + cgroup2_controllers + cgroup1_controllers + return 0 +} + +cgroups_legacy() { + cgroup1_base + cgroup1_controllers + return 0 +} + +cgroups_unified() { + cgroup2_base + cgroup2_controllers + return 0 +} + +mount_cgroups() { + case "${CGROUP_MODE}" in + hybrid) cgroups_hybrid ;; + legacy) cgroups_legacy ;; + unified) cgroups_unified ;; + esac + return 0 +} + +mount_cgs() { + if [ -d /sys/fs/cgroup ];then + mount_cgroups + return 0 + fi + return 1 +} + +mount_cgs diff --git a/scripts/cleanup b/scripts/cleanup new file mode 100644 index 0000000..26b1036 --- /dev/null +++ b/scripts/cleanup @@ -0,0 +1,10 @@ +#!/bin/sh +install -m0664 -o root -g utmp /dev/null /run/utmp +if [ ! -e /var/log/wtmp ]; then + install -m0664 -o root -g utmp /dev/null /var/log/wtmp +fi +if [ ! -e /var/log/btmp ]; then + install -m0600 -o root -g utmp /dev/null /var/log/btmp +fi + +rm -f /etc/nologin /forcefsck /forcequotacheck /fastboot diff --git a/scripts/dmesg b/scripts/dmesg new file mode 100644 index 0000000..14aa0a7 --- /dev/null +++ b/scripts/dmesg @@ -0,0 +1,8 @@ +#!/bin/sh +dmesg > /var/log/dmesg.log +if [ -e /proc/sys/kernel/dmesg_restrict ] && \ + [ "$(cat /proc/sys/kernel/dmesg_restrict)" = 1 ]; then + chmod 0600 /var/log/dmesg.log +else + chmod 0644 /var/log/dmesg.log +fi diff --git a/scripts/fsck b/scripts/fsck new file mode 100644 index 0000000..027c32e --- /dev/null +++ b/scripts/fsck @@ -0,0 +1,41 @@ +#!/bin/sh +# From Chimera Linux's dinit fsck service +# Copyright (C) 2021 Daniel "q66" Kolesa +# For terms, see COPYING file at main directory + +command -v fsck > /dev/null 2>&1 || exit 0 + +FORCEARG= +FIXARG="-a" + +if [ -r /proc/cmdline ]; then + for x in $(cat /proc/cmdline); do + case "$x" in + fastboot|fsck.mode=skip) + echo "Skipping filesystem checks (fastboot)." + exit 0 + ;; + forcefsck|fsck.mode=force) + FORCEARG="-f" + ;; + fsckfix|fsck.repair=yes) + FIXARG="-y" + ;; + fsck.repair=no) + FIXARG="-n" + ;; + esac + done +fi + +fsck -A -R -C -t noopts=_netdev $FORCEARG $FIXARG +FSCKRET=$? + +if [ $(($FSCKRET & 4)) -eq 4 ]; then + echo "ERROR: at least one fstab filesystem has unrecoverable errors." + exit 1 +fi + +# we don't care about the other conditions much; the +# filesystems were either repaired or nothing has happened +exit 0 diff --git a/scripts/hostname b/scripts/hostname new file mode 100644 index 0000000..6361f2c --- /dev/null +++ b/scripts/hostname @@ -0,0 +1,4 @@ +#!/bin/sh + +[ -s /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)" +[ "$HOSTNAME" ] && echo "$HOSTNAME" >| /proc/sys/kernel/hostname diff --git a/scripts/hwclock b/scripts/hwclock new file mode 100644 index 0000000..a304313 --- /dev/null +++ b/scripts/hwclock @@ -0,0 +1,15 @@ +#!/bin/sh +. /etc/dinit.d/config/hwclock.conf + +HARDWARECLOCK=${HARDWARECLOCK:-UTC} + +case $HARDWARECLOCK in + UTC) HWCLOCK_PARAMS="--utc" ;; + localtime) HWCLOCK_PARAMS="--localtime" ;; + *) HWCLOCK_PARAMS="" ;; +esac + +case "$1" in + start) hwclock --systz "$HWCLOCK_PARAMS" --noadjfile ;; + stop) hwclock --systohc "$HWCLOCK_PARAMS" ;; +esac diff --git a/scripts/network b/scripts/network new file mode 100644 index 0000000..c347338 --- /dev/null +++ b/scripts/network @@ -0,0 +1,4 @@ +#!/bin/sh +default="$(ip route | awk '/^default/{print ($3!="")+($5!="")}')" +[ "$default" = 2 ] && exit 0 +exit 1 diff --git a/scripts/pseudofs b/scripts/pseudofs new file mode 100644 index 0000000..f25be9f --- /dev/null +++ b/scripts/pseudofs @@ -0,0 +1,36 @@ +#!/bin/sh + +mountpoint -q /sys || mount -t sysfs sys /sys -o nosuid,noexec,nodev +mountpoint -q /sys/kernel/security || mount -n -t securityfs securityfs /sys/kernel/security +[ -d /sys/firmware/efi ] && (mountpoint -q /sys/firmware/efi/efivars || mount -n -t efivarfs -o ro efivarfs /sys/firmware/efi/efivars) +mountpoint -q /proc || mount -t proc proc /proc -o nosuid,noexec,nodev +mountpoint -q /dev || mount -t devtmpfs dev /dev -o mode=0755,nosuid + +# seed /dev with some things that might be needed (for example, +# xudev doesn't do this compared to eudev), code from OpenRC + +# creating /dev/console, /dev/tty and /dev/tty1 to be able to write +# to $CONSOLE with/without bootsplash before udevd creates it +[ -c /dev/console ] || mknod -m 600 /dev/console c 5 1 +[ -c /dev/tty1 ] || mknod -m 620 /dev/tty1 c 4 1 +[ -c /dev/tty ] || mknod -m 666 /dev/tty c 5 0 + +# udevd will dup its stdin/stdout/stderr to /dev/null +# and we do not want a file which gets buffered in ram +[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3 + +# so udev can add its start-message to dmesg +[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11 + +# extra symbolic links not provided by default +[ -e /dev/fd ] || ln -snf /proc/self/fd /dev/fd +[ -e /dev/stdin ] || ln -snf /proc/self/fd/0 /dev/stdin +[ -e /dev/stdout ] || ln -snf /proc/self/fd/1 /dev/stdout +[ -e /dev/stderr ] || ln -snf /proc/self/fd/2 /dev/stderr +[ -e /proc/kcore ] && ln -snf /proc/kcore /dev/core + +mkdir -p /dev/pts /dev/shm +mountpoint -q /dev/pts || mount -t devpts devpts /dev/pts -o mode=0620,gid=5,nosuid,noexec +mountpoint -q /dev/shm || mount -t tmpfs shm /dev/shm -o mode=1777,nosuid,nodev +mountpoint -q /run || mount -t tmpfs run /run -o mode=0755,nosuid,nodev +mkdir -p /run/dinit diff --git a/scripts/random-seed b/scripts/random-seed new file mode 100644 index 0000000..64d422f --- /dev/null +++ b/scripts/random-seed @@ -0,0 +1,14 @@ +#!/bin/sh + +umask 077 +bytes="$(cat /proc/sys/kernel/random/poolsize)" || bytes=512 + +case "$1" in + load) + cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true + dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 + ;; + save) + bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 + ;; +esac diff --git a/scripts/udevd b/scripts/udevd new file mode 100644 index 0000000..7600b94 --- /dev/null +++ b/scripts/udevd @@ -0,0 +1,5 @@ +#!/bin/sh +# Run after udevd-early so udevd can be properly supervised + +/usr/bin/udevadm control --exit >/dev/null 2>&1 +exec /usr/bin/udevd "$@" diff --git a/scripts/vconsole b/scripts/vconsole new file mode 100644 index 0000000..3a73bf0 --- /dev/null +++ b/scripts/vconsole @@ -0,0 +1,15 @@ +#!/bin/sh +[ -r /etc/vconsole.conf ] && . /etc/vconsole.conf +TTYS=${TTYS:-6} +_index=0 +while [ ${_index} -le "$TTYS" ]; do + if [ -n "$FONT" ]; then + setfont ${FONT_MAP:+-m $FONT_MAP} ${FONT_UNIMAP:+-u $FONT_UNIMAP} \ + "$FONT" -C "/dev/tty${_index}" + fi + printf "\033%s" "%G" >/dev/tty${_index} + _index=$((_index + 1)) +done +if [ -n "$KEYMAP" ]; then + loadkeys -q -u "${KEYMAP}" +fi diff --git a/services/boot b/services/boot new file mode 100644 index 0000000..d7f4de7 --- /dev/null +++ b/services/boot @@ -0,0 +1,9 @@ +# The primary service + +type = internal + +depends-ms = getty + +waits-for = rclocal +waits-for = loginready +waits-for.d = /etc/dinit.d/boot.d diff --git a/services/cgroups b/services/cgroups new file mode 100644 index 0000000..3a4cef3 --- /dev/null +++ b/services/cgroups @@ -0,0 +1,4 @@ +type = scripted +command = /usr/lib/dinit/cgroups +restart = false +depends-on = pseudofs diff --git a/services/cleanup b/services/cleanup new file mode 100644 index 0000000..9a21ae2 --- /dev/null +++ b/services/cleanup @@ -0,0 +1,4 @@ +type = scripted +command = /usr/lib/dinit/cleanup +restart = false +after = fsck diff --git a/services/dmesg b/services/dmesg new file mode 100644 index 0000000..75dc344 --- /dev/null +++ b/services/dmesg @@ -0,0 +1,4 @@ +type = scripted +command = /usr/lib/dinit/dmesg +restart = false +waits-for = loginready diff --git a/services/fsck b/services/fsck new file mode 100644 index 0000000..61690af --- /dev/null +++ b/services/fsck @@ -0,0 +1,8 @@ +type = scripted +command = /usr/lib/dinit/fsck +restart = false +options = starts-on-console start-interruptible skippable +start-timeout = 0 +depends-on = udevd +after = udev-settle +waits-for.d = /etc/dinit.d/mount.d diff --git a/services/getty b/services/getty new file mode 100644 index 0000000..834ee4f --- /dev/null +++ b/services/getty @@ -0,0 +1,3 @@ +type = scripted +command = /usr/lib/dinit/agetty +depends-on = loginready diff --git a/services/hostname b/services/hostname new file mode 100644 index 0000000..398f4af --- /dev/null +++ b/services/hostname @@ -0,0 +1,4 @@ +type = scripted +command = /usr/lib/dinit/hostname +restart = false +after = pseudofs diff --git a/services/hwclock b/services/hwclock new file mode 100644 index 0000000..66e7670 --- /dev/null +++ b/services/hwclock @@ -0,0 +1,6 @@ +type = scripted +command = /usr/lib/dinit/hwclock start +stop-command = /usr/lib/dinit/hwclock stop +restart = false +depends-on = udevd +depends-on = pseudofs diff --git a/services/locale b/services/locale new file mode 100644 index 0000000..a89f073 --- /dev/null +++ b/services/locale @@ -0,0 +1,5 @@ +type = scripted +command = /bin/sh /etc/profile.d/locale.sh +restart = false +depends-on = root-rw +depends-on = pseudofs diff --git a/services/loginready b/services/loginready new file mode 100644 index 0000000..af70abc --- /dev/null +++ b/services/loginready @@ -0,0 +1,7 @@ +type = internal +restart = false +options = runs-on-console +waits-for = setup +waits-for = mount +waits-for = misc +waits-for = network diff --git a/services/misc b/services/misc new file mode 100644 index 0000000..9eb0533 --- /dev/null +++ b/services/misc @@ -0,0 +1,5 @@ +type = internal +restart = false +waits-for = hostname +waits-for = hwclock +waits-for = modules diff --git a/services/modules b/services/modules new file mode 100644 index 0000000..9d50d67 --- /dev/null +++ b/services/modules @@ -0,0 +1,5 @@ +type = scripted +command = /usr/lib/dinit/modules-load +restart = false +after = pseudofs +waits-for = udev-settle diff --git a/services/mount b/services/mount new file mode 100644 index 0000000..cedc966 --- /dev/null +++ b/services/mount @@ -0,0 +1,6 @@ +type = internal +restart = false +waits-for = root-rw +waits-for = cgroups +waits-for = pseudofs +waits-for = tmpfs diff --git a/services/mount-all b/services/mount-all new file mode 100644 index 0000000..ed601f7 --- /dev/null +++ b/services/mount-all @@ -0,0 +1,5 @@ +type = scripted +command = /usr/bin/mount -a -t nonfs,nonfs4,nosmbfs,nocifs,nocodafs,noncpfs,noshfs,nofuse,nofuseblk,noglusterfs,nodavfs,nofuse.glusterfs -O no_netdev +restart = false +waits-for = fsck +waits-for.d = /etc/dinit.d/mount.d diff --git a/services/net-lo b/services/net-lo new file mode 100644 index 0000000..bef532d --- /dev/null +++ b/services/net-lo @@ -0,0 +1,4 @@ +type = scripted +command = /usr/bin/ip link set up dev lo +restart = false +after = pseudofs diff --git a/services/network b/services/network new file mode 100644 index 0000000..4779506 --- /dev/null +++ b/services/network @@ -0,0 +1,9 @@ +# For services that need network, depend on this. +# Run network services before this service. + +type = internal +restart = false +depends-on = network-pre +after = pseudofs +after = net-lo +after = mount diff --git a/services/network-pre b/services/network-pre new file mode 100644 index 0000000..68d7377 --- /dev/null +++ b/services/network-pre @@ -0,0 +1,8 @@ +# Network services should depend on this internal service. +# Run network services before this service. + +type = internal +restart = false +depends-on = rclocal +after = pseudofs +after = net-lo diff --git a/services/pseudofs b/services/pseudofs new file mode 100644 index 0000000..ac2da7e --- /dev/null +++ b/services/pseudofs @@ -0,0 +1,4 @@ +type = scripted +command = /usr/lib/dinit/pseudofs +restart = false +options = starts-rwfs diff --git a/services/random-seed b/services/random-seed new file mode 100644 index 0000000..a365a0b --- /dev/null +++ b/services/random-seed @@ -0,0 +1,6 @@ +type = scripted +command = /usr/lib/dinit/seedrng +restart = false +after = pseudofs +after = udev-settle +after = root-rw diff --git a/services/rclocal b/services/rclocal new file mode 100644 index 0000000..0e9e7c3 --- /dev/null +++ b/services/rclocal @@ -0,0 +1,6 @@ +type = scripted +command = /bin/sh /etc/dinit.d/config/rc.local +stop-command = /bin/sh /etc/dinit.d/config/rc.shutdown +restart = false +after = mount +before = loginready diff --git a/services/recovery b/services/recovery new file mode 100644 index 0000000..72498c0 --- /dev/null +++ b/services/recovery @@ -0,0 +1,3 @@ +type = process +command = /sbin/sulogin +options = runs-on-console diff --git a/services/root-rw b/services/root-rw new file mode 100644 index 0000000..70063af --- /dev/null +++ b/services/root-rw @@ -0,0 +1,9 @@ +type = scripted +command = /bin/mount -o remount,rw / +restart = false +options = starts-rwfs +logfile = /var/log/dinit/rootrw.log + +waits-for = mount-all +after = hwclock +after = fsck diff --git a/services/setup b/services/setup new file mode 100644 index 0000000..ea8cd56 --- /dev/null +++ b/services/setup @@ -0,0 +1,9 @@ +type = internal +restart = false +waits-for = cleanup +waits-for = locale +waits-for = net-lo +waits-for = random-seed +waits-for = swap +waits-for = sysctl +waits-for = vconsole diff --git a/services/single b/services/single new file mode 100644 index 0000000..ddc4598 --- /dev/null +++ b/services/single @@ -0,0 +1,5 @@ +type = process +command = /bin/sh +restart = false +options = shares-console +chain-to = boot diff --git a/services/swap b/services/swap new file mode 100644 index 0000000..f6403ef --- /dev/null +++ b/services/swap @@ -0,0 +1,6 @@ +type = scripted +command = /sbin/swapon -a +stop-command = /sbin/swapoff -a +waits-for = root-rw +depends-on = udevd +after = udev-settle diff --git a/services/sysctl b/services/sysctl new file mode 100644 index 0000000..1807ad3 --- /dev/null +++ b/services/sysctl @@ -0,0 +1,5 @@ +type = scripted +command = /usr/bin/sysctl --system +restart = false +after = udevd +after = mount-all diff --git a/services/tmpfs b/services/tmpfs new file mode 100644 index 0000000..70c1b1f --- /dev/null +++ b/services/tmpfs @@ -0,0 +1,4 @@ +type = scripted +command = /bin/mount -t tmpfs tmpfs /tmp +restart = false +after = pseudofs diff --git a/services/tty1 b/services/tty1 new file mode 100644 index 0000000..bfb255b --- /dev/null +++ b/services/tty1 @@ -0,0 +1,8 @@ +type = process +command = /usr/lib/dinit/agetty-default tty1 +restart = true +depends-on = loginready +termsignal = HUP +smooth-recovery = true +inittab-id = 1 +inittab-line = tty1 diff --git a/services/tty2 b/services/tty2 new file mode 100644 index 0000000..eb66ba8 --- /dev/null +++ b/services/tty2 @@ -0,0 +1,8 @@ +type = process +command = /usr/lib/dinit/agetty-default tty2 +restart = true +depends-on = loginready +termsignal = HUP +smooth-recovery = true +inittab-id = 2 +inittab-line = tty2 diff --git a/services/tty3 b/services/tty3 new file mode 100644 index 0000000..a12875a --- /dev/null +++ b/services/tty3 @@ -0,0 +1,8 @@ +type = process +command = /usr/lib/dinit/agetty-default tty3 +restart = true +depends-on = loginready +termsignal = HUP +smooth-recovery = true +inittab-id = 3 +inittab-line = tty3 diff --git a/services/tty4 b/services/tty4 new file mode 100644 index 0000000..de45003 --- /dev/null +++ b/services/tty4 @@ -0,0 +1,8 @@ +type = process +command = /usr/lib/dinit/agetty-default tty4 +restart = true +depends-on = loginready +termsignal = HUP +smooth-recovery = true +inittab-id = 4 +inittab-line = tty4 diff --git a/services/tty5 b/services/tty5 new file mode 100644 index 0000000..816bdea --- /dev/null +++ b/services/tty5 @@ -0,0 +1,8 @@ +type = process +command = /usr/lib/dinit/agetty-default tty5 +restart = true +depends-on = loginready +termsignal = HUP +smooth-recovery = true +inittab-id = 5 +inittab-line = tty5 diff --git a/services/tty6 b/services/tty6 new file mode 100644 index 0000000..be641de --- /dev/null +++ b/services/tty6 @@ -0,0 +1,8 @@ +type = process +command = /usr/lib/dinit/agetty-default tty6 +restart = true +depends-on = loginready +termsignal = HUP +smooth-recovery = true +inittab-id = 6 +inittab-line = tty6 diff --git a/services/udev-settle b/services/udev-settle new file mode 100644 index 0000000..cbf3710 --- /dev/null +++ b/services/udev-settle @@ -0,0 +1,5 @@ +type = scripted +command = /usr/bin/udevadm settle +restart = false +depends-on = udevd-early +depends-on = udev-trigger diff --git a/services/udev-trigger b/services/udev-trigger new file mode 100644 index 0000000..67c8f62 --- /dev/null +++ b/services/udev-trigger @@ -0,0 +1,4 @@ +type = scripted +command = /usr/bin/udevadm trigger --action=add +restart = false +depends-on = udevd-early diff --git a/services/udevd b/services/udevd new file mode 100644 index 0000000..5add0fd --- /dev/null +++ b/services/udevd @@ -0,0 +1,7 @@ +type = process +command = /usr/lib/dinit/udevd +before = setup +depends-on = udevd-early +depends-ms = udev-settle +restart = true +smooth-recovery = true diff --git a/services/udevd-early b/services/udevd-early new file mode 100644 index 0000000..2472984 --- /dev/null +++ b/services/udevd-early @@ -0,0 +1,7 @@ +type = scripted +command = /usr/bin/udevd --daemon +stop-command = /usr/bin/sh -c "/usr/bin/udevadm control -e || :" +restart = false +depends-on = pseudofs +depends-on = tmpfs +depends-on = cgroups diff --git a/services/vconsole b/services/vconsole new file mode 100644 index 0000000..253fbe5 --- /dev/null +++ b/services/vconsole @@ -0,0 +1,5 @@ +type = scripted +command = /usr/lib/dinit/vconsole +restart = false +waits-for = hostname +waits-for = udev-settle