[Buildroot] [PATCH] package/restorecond: Add new init script

José Pekkarinen jose.pekkarinen at unikie.com
Tue Aug 17 08:11:49 UTC 2021


Hi,

Would you mind to take a look here or forward

it to the relevant people? The get_developers script
doesn't give much of a clue.

Thanks!

José Pekkarinen.


On Tue, Jul 27, 2021 at 3:07 PM José Pekkarinen <jose.pekkarinen at unikie.com>
wrote:

> The current restorecond upstream init script is no
> good fit for the user space generated by buildroot,
> this script is an extension of the original, that
> brings some changes from the debian init script to
> use start-stop-daemon instead of daemon, while
> removing dependencies on /etc/rc.d/init.d/functions
> and /lib/lsb/init-functions.
>
> Signed-off-by: José Pekkarinen <jose.pekkarinen at unikie.com>
> ---
>  package/restorecond/S02restorecond | 113 +++++++++++++++++++++++++++++
>  package/restorecond/restorecond.mk |   4 +-
>  2 files changed, 115 insertions(+), 2 deletions(-)
>  create mode 100644 package/restorecond/S02restorecond
>
> diff --git a/package/restorecond/S02restorecond
> b/package/restorecond/S02restorecond
> new file mode 100644
> index 0000000000..24ee30853f
> --- /dev/null
> +++ b/package/restorecond/S02restorecond
> @@ -0,0 +1,113 @@
> +#!/bin/sh
> +#
> +# restorecond:         Daemon used to maintain path file context
> +#
> +# chkconfig:   - 12 87
> +# description: restorecond uses inotify to look for creation of new files
> \
> +# listed in the /etc/selinux/restorecond.conf file, and restores the \
> +# correct security context.
> +#
> +# processname: /usr/sbin/restorecond
> +# config: /etc/selinux/restorecond.conf
> +# pidfile: /run/restorecond.pid
> +#
> +# Return values according to LSB for all commands but status:
> +# 0 - success
> +# 1 - generic or unspecified error
> +# 2 - invalid or excess argument(s)
> +# 3 - unimplemented feature (e.g. "reload")
> +# 4 - insufficient privilege
> +# 5 - program is not installed
> +# 6 - program is not configured
> +# 7 - program is not running
> +
> +PATH=/sbin:/bin:/usr/bin:/usr/sbin
> +DESC="SELinux file context maintaining daemon"
> +NAME=restorecond
> +DAEMON=/usr/sbin/$NAME
> +DAEMON_ARGS=""
> +PIDFILE=/var/run/$NAME.pid
> +LOCKFILE=/var/run/$NAME.pid
> +SCRIPTNAME=/etc/init.d/$NAME
> +
> +[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7
> +
> +# Check that we are root ... so non-root users stop here
> +test $EUID = 0  || exit 4
> +
> +test -x /usr/sbin/restorecond  || exit 5
> +test -f /etc/selinux/restorecond.conf  || exit 6
> +
> +RETVAL=0
> +
> +start()
> +{
> +       # Return
> +       #   0 if daemon has been started
> +       #   1 if daemon was already running
> +       #   2 if daemon could not be started
> +       start-stop-daemon --start --quiet --pidfile $PIDFILE --exec
> $DAEMON --test > /dev/null \
> +               || return 1
> +       start-stop-daemon --start --quiet --pidfile $PIDFILE --exec
> $DAEMON -- \
> +               $DAEMON_ARGS \
> +               || return 2
> +       touch $LOCKFILE
> +       return "$RETVAL"
> +}
> +
> +stop()
> +{
> +       # Return
> +       #   0 if daemon has been stopped
> +       #   1 if daemon was already stopped
> +       #   2 if daemon could not be stopped
> +       #   other if a failure occurred
> +       start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile
> $PIDFILE --name $NAME
> +       RETVAL="$?"
> +       [ "$RETVAL" = 2 ] && return 2
> +
> +       rm -f $PIDFILE
> +       rm -f $LOCKFILE
> +       return "$RETVAL"
> +}
> +
> +restart()
> +{
> +    stop
> +    start
> +}
> +
> +# See how we were called.
> +case "$1" in
> +  start)
> +       echo -n $"Starting restorecond: "
> +       start
> +    case "$?" in
> +        0|1) echo "Ok!" ;;
> +        2) echo "Failed" ;;
> +    esac
> +       ;;
> +  stop)
> +       echo -n $"Shutting down restorecond: "
> +       stop
> +    case "$?" in
> +        0|1) echo "Ok!" ;;
> +        2) echo "Failed" ;;
> +    esac
> +       ;;
> +  status)
> +       status restorecond
> +       RETVAL=$?
> +       ;;
> +  force-reload|restart|reload)
> +       restart
> +       ;;
> +  condrestart)
> +       [ -e /var/lock/subsys/restorecond ] && restart || :
> +       ;;
> +  *)
> +        echo $"Usage: $0
> {start|stop|restart|force-reload|status|condrestart}"
> +        RETVAL=3
> +esac
> +
> +exit $RETVAL
> diff --git a/package/restorecond/restorecond.mk b/package/restorecond/
> restorecond.mk
> index 7ab7e978dd..3c6fb57ea6 100644
> --- a/package/restorecond/restorecond.mk
> +++ b/package/restorecond/restorecond.mk
> @@ -27,8 +27,8 @@ define RESTORECOND_BUILD_CMDS
>  endef
>
>  define RESTORECOND_INSTALL_INIT_SYSV
> -       $(INSTALL) -m 0755 -D $(@D)/restorecond.init \
> -               $(TARGET_DIR)/etc/init.d/S20restorecond
> +       $(INSTALL) -m 0755 -D package/restorecond/S02restorecond \
> +               $(TARGET_DIR)/etc/init.d/S02restorecond
>  endef
>
>  define RESTORECOND_INSTALL_INIT_SYSTEMD
> --
> 2.25.1
>
>

-- 

José.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20210817/39d0d9b0/attachment.html>


More information about the buildroot mailing list