[Buildroot] [PATCH] package/restorecond: Add new init script
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Thu Aug 19 21:21:56 UTC 2021
Hello José,
On Mon, 9 Aug 2021 08:55:57 +0300
José Pekkarinen <jose.pekkarinen at unikie.com> wrote:
> The current restorecond upstream init script is no
> good fit for the user space generated by buildroot,
> this script is an extension of the original, that
> brings some changes from the debian init script to
> use start-stop-daemon instead of daemon, while
> removing dependencies on /etc/rc.d/init.d/functions
> and /lib/lsb/init-functions.
>
> Signed-off-by: José Pekkarinen <jose.pekkarinen at unikie.com>
Thanks a lot, but unfortunately your proposed script still doesn't
follow the model/template of package/busybox/S01syslogd. Could you try
to follow the template as closely as possible ?
> diff --git a/package/restorecond/S02restorecond b/package/restorecond/S02restorecond
> new file mode 100644
> index 0000000000..24ee30853f
> --- /dev/null
> +++ b/package/restorecond/S02restorecond
> @@ -0,0 +1,113 @@
> +#!/bin/sh
> +#
> +# restorecond: Daemon used to maintain path file context
> +#
> +# chkconfig: - 12 87
> +# description: restorecond uses inotify to look for creation of new files \
> +# listed in the /etc/selinux/restorecond.conf file, and restores the \
> +# correct security context.
> +#
> +# processname: /usr/sbin/restorecond
> +# config: /etc/selinux/restorecond.conf
> +# pidfile: /run/restorecond.pid
> +#
> +# Return values according to LSB for all commands but status:
> +# 0 - success
> +# 1 - generic or unspecified error
> +# 2 - invalid or excess argument(s)
> +# 3 - unimplemented feature (e.g. "reload")
> +# 4 - insufficient privilege
> +# 5 - program is not installed
> +# 6 - program is not configured
> +# 7 - program is not running
We don't care about all those comments.
> +PATH=/sbin:/bin:/usr/bin:/usr/sbin
> +DESC="SELinux file context maintaining daemon"
These variables are not needed.
> +NAME=restorecond
> +DAEMON=/usr/sbin/$NAME
> +DAEMON_ARGS=""
> +PIDFILE=/var/run/$NAME.pid
> +LOCKFILE=/var/run/$NAME.pid
> +SCRIPTNAME=/etc/init.d/$NAME
> +
> +[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7
We don't care about this either.
> +# Check that we are root ... so non-root users stop here
> +test $EUID = 0 || exit 4
Same.
> +test -x /usr/sbin/restorecond || exit 5
> +test -f /etc/selinux/restorecond.conf || exit 6
Same.
> +
> +RETVAL=0
> +
> +start()
> +{
> + # Return
> + # 0 if daemon has been started
> + # 1 if daemon was already running
> + # 2 if daemon could not be started
> + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
> + || return 1
Don't test.
> + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
> + $DAEMON_ARGS \
> + || return 2
Please see S01syslogd on how to do this.
> +stop()
> +{
> + # Return
> + # 0 if daemon has been stopped
> + # 1 if daemon was already stopped
> + # 2 if daemon could not be stopped
> + # other if a failure occurred
> + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
> + RETVAL="$?"
> + [ "$RETVAL" = 2 ] && return 2
> +
> + rm -f $PIDFILE
> + rm -f $LOCKFILE
> + return "$RETVAL"
Please do like S01syslogd.
Thanks a lot!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list