On Fri, Apr 08, 2011 at 10:52:48AM +0100, Roger Leigh wrote: > I've attached an updated patch; exactly the same as before, but with > a couple of typos in comments fixed (thanks to Michael Biebl for > reviewing it).
Updated patch attached. Based on the patch series in this temporary git repo (created for just this work): http://git.debian.org/?p=collab-maint/sysvinit;a=summary git://git.debian.org/collab-maint/sysvinit This patch adds a number of fixes, and additionally also migrates /dev/shm to /run/shm. It also adds the ability to mount /tmp as a tmpfs with RAMTMP=yes, and have /run/shm use the main /run tmpfs with RAMSHM=no. I also went through the initscripts bugs with mbiebl, and this closes 15 bugs which /run and the associated changes fix. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
diff --git a/debian/changelog b/debian/changelog index a59f4e7..b65cc27 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,106 @@ +sysvinit (2.88dsf-13.1run0) UNRELEASED; urgency=low + + [ Martin F. Krafft ] + * Add comments to /etc/default/rcS (Closes: #530582). + + [ Roger Leigh ] + * Support for new top-level directory /run to replace /var/run, + /var/lock and /lib/init/rw as a place to store transient + writable data which should not be preserved across a system + reboot (Closes: #186892, #616571, #620191). /run fixes existing + issues with RAMRUN and RAMLOCK options using tmpfs on /var/run and + /var/lock (Closes: #423405, #481546, #564635, #607136, #620735). + Additionally, /run/shm replaces /dev/shm and may share the same + tmpfs as /run if RAMSHM is set to "no" in /etc/default/rcS. /tmp + may also be configured to be a tmpfs if RAMTMP is set to "yes" in + /etc/default/rcS. + Summary: + /var/run → /run + /var/lock → /run/lock + /dev/shm → /run/shm + /lib/init/rw → /run (not transitioned automatically) + /dev/.* → /run (not transitioned automatically) + These changes do not take effect until the system is rebooted as + is currently done for /lib/init/rw setup. Prior to a reboot, the + paths are made available via bind/nullfs mounts. Following a reboot, + the old paths will be converted to symlinks, or bind/nullfs mounts + where symlinking is not possible, to allow access via either the old + or new paths, to permit programs using the old paths to transition to + use the new paths for wheezy. + - debian/initscripts.postinst: + Take chroot detection logic from udev postinst (existing logic was + broken). + Trigger reboot to complete transition. + If the system has not yet transitioned to a tmpfs-based /run, set up + bind mounts as follows: + /var/run → /run + /var/lock → /run/lock + /dev/shm → /run/shm + On reboot, the system will complete the migration to a tmpfs-based + /run; this creates the directory heierachy from the old paths to + enable the use of the new /run paths prior to a restart. This means + packages may transition to using /run with a versioned dependency + upon initscripts. + Remove special handling for RAMRUN and RAMLOCK, which is now taken + care of by /run. + If in a chroot environment, directly move the directories to the new + locations rather than bind mount; since chroots don't run rcS + scripts, the changes would otherwise be lost. + - debian/src/initscripts/Makefile: + Provide top-level /run. + - debian/src/initscripts/doc/README.Debian: + Document new use of RUN_SIZE and LOCK_SIZE. + Document use of /run rather than /lib/init/rw. + Document use of SHM_SIZE and TMP_SIZE. + - debian/src/initscripts/etc/init.d/checkroot.sh: + Use /run in place of /lib/init/rw. + - debian/src/initscripts/etc/default/tmpfs: + Document TMPFS_SIZE, RUN_SIZE and LOCK_SIZE (Closes: #483643). + Document TMP_SIZE and SHM_SIZE. + - debian/src/initscripts/etc/init.d/mountkernfs.sh: + Create /run, /run/sendsigs.omit.d and /run/lock. + Mount /run/lock as a separate tmpfs if RAMLOCK=yes. + /run/lock has 01777 permissions to match /var/lock. + Mount /tmp as a separate tmpfs if RAMTMP=yes or / is being mounted + read-only (Closes: #503805, #585543). + Drop mounting of /var/run and /var/lock. + - debian/src/initscripts/etc/init.d/mountdevsubfs.sh: + Create /run/shm. Mount /run/shm as a separate tmpfs if RAMSHM=yes. + - debian/src/initscripts/etc/init.d/mtab.sh: + domtab mirrors behaviour of domount in mount-functions exactly, to + prevent duplicate mounts (required for bind mount support). + Bind mount /run/init and drop mounting of /var/run. Mount /run/lock + in place of /var/lock. + Mount /tmp if RAMTMP=yes. + Mount /run/shm if RAMSHM=yes. + - debian/src/initscripts/etc/init.d/sendsigs: + Use new paths: + files: /run/sendsigs.omit /lib/init/rw/sendsigs.omit + dirs: /run/sendsigs.omit.d/ /lib/init/rw/sendsigs.omit.d/ + - debian/src/initscripts/etc/init.d/umountfs: + Ignore /run. Continue to ignore /lib/init/rw in order to handle + clean shutdown. No longer ignore /var/run and /var/lock. + - debian/src/initscripts/etc/init.d/umountnfs.sh: + Check for presence of .ramfs than configuration variable when + skipping /var/run and /var/lock. + Ignore /run. Continue to ignore /lib/init/rw in order to handle + clean shutdown. No longer ignore /var/run and /var/lock. + - debian/src/initscripts/lib/init/bootclean.sh + Don't clean /var/run and /var/lock (Closes: #378776). Because + these directories are now a tmpfs, cleaning no longer makes sense. + - debian/src/initscripts/lib/init/mount-functions.sh: + Support bind mounts in domount() (Closes: #353943). + Drop support for mounting /var/run and /var/lock as separate + tmpfs filesystems. Symlink /var/run to /run and /var/lock to + /run/lock if possible. If /var/run and /var/lock are directories, + attempt to remove and symlink if successful, or else bind mount. + - debian/src/initscripts/man/rcS.5: + Drop documentation of RAMRUN. + Update documentation for RAMLOCK (Closes: #406685). + Document RAMTMP and RAMSHM. + + -- Roger Leigh <[email protected]> Mon, 11 Apr 2011 16:45:14 +0100 + sysvinit (2.88dsf-13.1) unstable; urgency=low * Non-maintainer upload. diff --git a/debian/initscripts.postinst b/debian/initscripts.postinst index 71725eb..8fa9a71 100644 --- a/debian/initscripts.postinst +++ b/debian/initscripts.postinst @@ -17,12 +17,37 @@ esac umask 022 chrooted() { - if [ -r /proc/1/root ]; then + if [ "$(stat -c %d/%i /)" = "$(stat -Lc %d/%i /proc/1/root 2>/dev/null)" ]; + then + # the devicenumber/inode pair of / is the same as that of /sbin/init's + # root, so we're *not* in a chroot and hence return false. return 1 fi return 0 } +bind_mount () +{ + SRC=$1 + DEST=$2 + + FSTYPE="" + OPTS="" + + case "$(uname -s)" in + Linux|GNU) FSTYPE=$SRC; OPTS="-obind" ;; + *FreeBSD) FSTYPE=nullfs ;; + *) FSTYPE=none ;; + esac + + # Bind mount $SRC on $DEST + if mount -t $FSTYPE "$SRC" "$DEST" -orw $OPTS ; then + return 0 + fi + + return 1 +} + # # Initialize rcS default file. # @@ -118,38 +143,96 @@ do done # -# Create /var/run and /var/lock on the root partition to make sure -# they are available when RAMRUN or RAMLOCK is enabled. -# If mount fail (like in a vserver environment), just clean up and ignore -# it. The admins enabling RAMRUN and RAMLOCK will have to create the -# directories themselves in this case. +# Setup /run if not already in use. Note that the intent here is to +# make the existing /var/run and /var/lock available as /run, +# /run/lock, respectively. When the system is next restarted, a +# proper /run tmpfs will be set up. The bind mounts set up here are +# intended to recreate the directory hierarchy using the existing +# locations in order that packages may transition to using /run +# without a system restart. # -if dpkg --compare-versions "$PREV_VER" lt "2.86.ds1-22" && ! chrooted -then - # We need to quickly bind / to another location so we can make them - # just in case /var is a mountpoint or a symlink to one. - mkdir -p /.root - if mount -n --bind / /.root ; then - if [ -L /.root/var ] && [ ! -d /.root/var ] ; then - # No use trying if /var is a relative symlink. It is not - # going to work. - : - else - mkdir -p /.root/var/run /.root/var/lock + +# If in a chroot, do not do any messing around with mounts, +# but do migration of /var/run and /var/lock. Bind mounting +# would not work in a chroot, because the migration would only +# be temporary--the rcS scripts are not guaranteed to run, so +# we must do the migration by hand. +if chrooted; then + if [ ! -L /var/run ] && [ -d /var/run ]; then + echo "chroot detected: Migrating /var/run to /run" + ( mv /var/run / && + ln -fs /run /var/run ) || + ( echo "Can't move /var/run to /run and replace with symlink; please fix manually."; exit 1 ) + fi + [ -d /run/lock ] || mkdir /run/lock + chmod 1777 /run/lock + if [ ! -L /var/lock ] && [ -d /var/lock ]; then + echo "chroot detected: Migrating /var/lock to /run/lock" + ( rm -fr /run/lock && + mv /var/lock /run && + ln -fs /run/lock /var/lock ) || + ( echo "Can't move /run/lock to /var/lock and replace with symlink; please fix manually."; exit 1 ) + [ -d /run/shm ] || mkdir /run/shm + chmod 1777 /run/shm + echo "chroot detected: Not migrating in-use files in /dev/shm to /run/shm" + fi +# Not a chroot. If /run/.run-transition does not exist then +# skip. /run/.run-transition should not exist either before +# or after the transition. This file is used to ensure we +# don't perform the initial migration more than once if +# initscripts is upgraded again before a system restart (and +# hence transition completion). +elif [ ! -f /run/.run-transition ]; then + # Device and inode of directories: + svarrun=$(/usr/bin/stat --format="%d %i" /var/run) + svarlock=$(/usr/bin/stat --format="%d %i" /var/lock) + sdevshm=$(/usr/bin/stat --format="%d %i" /dev/shm) + # May not exist yet + srun=$(/usr/bin/stat --format="%d %i" /run 2>/dev/null || :) + srunlock=$(/usr/bin/stat --format="%d %i" /run/lock 2>/dev/null || :) + srunshm=$(/usr/bin/stat --format="%d %i" /run/shm 2>/dev/null || :) + + # If /run/.ramfs exists, then a ramfs already exists, + # and we assume it's all set up correctly. If the + # device/inode are the same, it's not set up entirely + # correctly, but a bind mount already exists for some + # reason, so again assume set up is not required. + if [ ! -f /run/.ramfs ] && [ "$svarrun" != "$srun" ]; then + # Bind mount /var/run on /run + if bind_mount /var/run /run; then + # Bind mount /var/lock on /run/lock + [ -d /run/lock ] || mkdir /run/lock + if [ "$svarlock" != "$srunlock" ]; then + bind_mount /var/lock /run/lock + fi + + # Bind mount /dev/shm on /run/shm + [ -d /run/shm ] || mkdir /run/shm + if [ "$sdevshm" != "$srunshm" ]; then + bind_mount /dev/shm /run/shm + fi fi - umount /.root fi - rmdir /.root + + # Create a /run/.run-transition stamp file. This is + # to ensure we don't repeat the above setup if the + # package is upgraded again prior to a system reboot. + # On reboot, it will be deleted by the init scripts + # and the transition will be completed. This means + # the transition will complete at the sysadmin's + # convenience, since the system will function + # identically before and after a reboot. + echo "Please reboot to complete migration to tmpfs-based /run" > /run/.run-transition fi # -# When installing for the first time or upgrading from version before -# 2.86.ds1-27, a reboot is needed to make the /lib/init/rw/ tmpfs -# available. Flag this using notify-reboot-required. Not mounting it -# here as it creates problem for debootstrap, vservers, pbuilder and -# cowbuilder. +# When installing for the first time or upgrading from a version +# before or equal to 2.88dsf-14, a reboot is needed to make the /run +# tmpfs available. Flag this using notify-reboot-required. /run is +# available in some form before the reboot, so the need for a reboot +# isn't particularly urgent. # -if dpkg --compare-versions "$PREV_VER" lt "2.86.ds1-27" \ +if dpkg --compare-versions "$PREV_VER" le "2.88dsf-14" \ && [ -x /usr/share/update-notifier/notify-reboot-required ]; then /usr/share/update-notifier/notify-reboot-required fi diff --git a/debian/src/initscripts/Makefile b/debian/src/initscripts/Makefile index dd44ab6..b12f8bd 100644 --- a/debian/src/initscripts/Makefile +++ b/debian/src/initscripts/Makefile @@ -10,6 +10,11 @@ INSTALL_DATA = install -m644 -o root -g root all: install: + # TODO: Replace /lib/init/rw directory with symbolic link to + # /run. This requires the directory to be empty and unused, + # so needs doing post-wheezy. If the migration to /run is + # complete, could be removed entirely. + $(INSTALL) -d $(DESTDIR)/run/. $(INSTALL) -d $(DESTDIR)/lib/init/rw/. $(INSTALL) -d $(DESTDIR)/var/lib/initscripts/. $(INSTALL) -d $(DESTDIR)/var/lib/urandom/. diff --git a/debian/src/initscripts/doc/README.Debian b/debian/src/initscripts/doc/README.Debian index 2502a58..5d172e4 100644 --- a/debian/src/initscripts/doc/README.Debian +++ b/debian/src/initscripts/doc/README.Debian @@ -2,39 +2,43 @@ tmpfs ----- Tmpfs can be used as virtual memory filesystem. glibc 2.2 and above -expects a tmpfs to be mounted at /dev/shm for POSIX shared memory, -this is done automatically by /etc/init.d/mountdevsubfs.sh early in -the boot process. You can limit tmpfs max size by setting the -SHM_SIZE variable to a desired size in the /etc/default/tmpfs file -to prevent tmpfs from using up all system memory. - -A tmpfs can also be mounted over /var/run/ and /var/lock/. This can -be achieved by setting the RAMRUN and RAMLOCK variables to "yes" in -the /etc/default/rcS file. A size limit for the tmpfs filesystem -mounted over /var/run/ and /var/lock/ can be set via the RUN_SIZE -and LOCK_SIZE variables in the /etc/default/tmpfs file. +expects a tmpfs to be mounted at /dev/shm (/run/shm) for POSIX shared +memory, this is done automatically by /etc/init.d/mountdevsubfs.sh +early in the boot process. You can limit tmpfs max size by setting the +SHM_SIZE variable to a desired size in the /etc/default/tmpfs file to +prevent tmpfs from using up all system memory. + +A size limit for the tmpfs filesystem mounted over /run can be set via +the RUN_SIZE variable in the /etc/default/tmpfs file. Likewise, a +size limit for the tmpfs filesystem mounted over /run/lock can be set +via the LOCK_SIZE variable (if enabled with RAMLOCK=yes) and for +/run/shm via the SHM_SIZE variable (if enabled with RAMSHM=yes). +Additionally, a size limit for the tmpfs filesystem mounted over /tmp +can be set via the TMP_SIZE variable (if enabled with RAMTMP=yes). If TMPFS_SIZE is set in /etc/default/tmpfs, it will be used as the -default value for SHM_SIZE, RUN_SIZE and LOCK_SIZE. Otherwise, kernel -defaults are used. +default value for SHM_SIZE, RUN_SIZE, LOCK_SIZE and +TMP_SIZE. Otherwise, kernel defaults are used. sendsigs process omission interface ----------------------------------- -Since initscripts package version 2.86.ds1-48, /etc/init.d/sendsigs -is able to omit processes from being killed by killall5(8). Process -id's listed in /var/run/sendsigs.omit, /lib/init/rw/sendsigs.omit or -any file in the /lib/init/rw/sendsigs.omit.d/ directory will be -omitted by sendsigs. - -The recommended practise for adding a process id for omission is to -create a file in /lib/init/rw/sendsigs.omit.d/<package name> -containing the process id that is to be omitted by sendsigs. - -This feature is only to be used for processes that need to be -running when remote file systems are umounted, and that have -current working directory set to a directory in the root file system. +Since initscripts package version 2.86.ds1-48, /etc/init.d/sendsigs is +able to omit processes from being killed by killall5(8). Process id's +listed in /run/sendsigs.omit, /lib/init/rw/sendsigs.omit or any file +in the /run/sendsigs.omit.d/ or /lib/init/rw/sendsigs.omit.d/ +directories will be omitted by sendsigs. Note use of /lib/init/rw is +deprecated and will be removed; users of /lib/init/rw must migrate to +/run. + +The recommended practice for adding a process id for omission is to +create a file in /run/sendsigs.omit.d/<package name> containing the +process id that is to be omitted by sendsigs. + +This feature is only to be used for processes that need to be running +when remote file systems are umounted, and that have current working +directory set to a directory in the root file system. /sys in /etc/fstab diff --git a/debian/src/initscripts/etc/default/tmpfs b/debian/src/initscripts/etc/default/tmpfs index 10820ae..4c5c05a 100644 --- a/debian/src/initscripts/etc/default/tmpfs +++ b/debian/src/initscripts/etc/default/tmpfs @@ -1,6 +1,24 @@ -# SHM_SIZE sets the maximum size (in bytes) that the /dev/shm tmpfs can use. -# If this is not set then the size defaults to the value of TMPFS_SIZE -# if that is set; otherwise to the kernel's default. +# TMPFS_SIZE sets the maximum size (in bytes) that tmpfs filesystems can use. # # The size will be rounded down to a multiple of the page size, 4096 bytes. +TMPFS_SIZE= + +# SHM_SIZE sets the maximum size (in bytes) that the /run/shm tmpfs can use. +# If this is not set then the size defaults to the value of TMPFS_SIZE +# if that is set; otherwise to the kernel's default. SHM_SIZE= + +# RUN_SIZE sets the maximum size (in bytes) that the /run tmpfs can use. +# If this is not set then the size defaults to the value of TMPFS_SIZE +# if that is set; otherwise to the kernel's default. +RUN_SIZE= + +# LOCK_SIZE sets the maximum size (in bytes) that the /run/lock tmpfs can use. +# If this is not set then the size defaults to the value of TMPFS_SIZE +# if that is set; otherwise to the kernel's default. +LOCK_SIZE= + +# TMP_SIZE sets the maximum size (in bytes) that the /tmp tmpfs can use. +# If this is not set then the size defaults to the value of TMPFS_SIZE +# if that is set; otherwise to the kernel's default. +TMP_SIZE= diff --git a/debian/src/initscripts/etc/init.d/checkroot.sh b/debian/src/initscripts/etc/init.d/checkroot.sh index df84d22..798a216 100644 --- a/debian/src/initscripts/etc/init.d/checkroot.sh +++ b/debian/src/initscripts/etc/init.d/checkroot.sh @@ -35,63 +35,7 @@ do_start () { KERNEL="$(uname -s)" MACHINE="$(uname -m)" - # - # Read /etc/fstab, looking for: - # 1) The root filesystem, resolving LABEL=*|UUID=* entries to the - # device node, - # 2) Swap that is on a md device or a file that may be on a md - # device, - # - - exec 9<&0 </etc/fstab - - fstabroot=/dev/root - rootdev=none - roottype=none - rootopts=defaults - rootmode=rw - rootcheck=no - swap_on_lv=no - swap_on_file=no - - while read DEV MTPT FSTYPE OPTS DUMP PASS JUNK - do - case "$DEV" in - ""|\#*) - continue; - ;; - /dev/mapper/*) - [ "$FSTYPE" = "swap" ] && swap_on_lv=yes - ;; - /dev/*) - ;; - LABEL=*|UUID=*) - if [ "$MTPT" = "/" ] && [ -x /sbin/findfs ] - then - DEV="$(findfs "$DEV")" - fi - ;; - /*) - [ "$FSTYPE" = "swap" ] && swap_on_file=yes - ;; - *) - ;; - esac - [ "$MTPT" != "/" ] && continue - rootdev="$DEV" - fstabroot="$DEV" - rootopts="$OPTS" - roottype="$FSTYPE" - ( [ "$PASS" != 0 ] && [ "$PASS" != "" ] ) && rootcheck=yes - ( [ "$FSTYPE" = "nfs" ] || [ "$FSTYPE" = "nfs4" ] ) && rootcheck=no - case "$OPTS" in - ro|ro,*|*,ro|*,ro,*) - rootmode=ro - ;; - esac - done - - exec 0<&9 9<&- + read_fstab # # Activate the swap device(s) in /etc/fstab. This needs to be done @@ -137,7 +81,7 @@ do_start () { # # Does the root device in /etc/fstab match with the actual device ? # If not we try to use the /dev/root alias device, and if that - # fails we create a temporary node in /lib/init/rw. + # fails we create a temporary node in /run. # if [ "$rootcheck" = yes ] then @@ -150,11 +94,11 @@ do_start () { rootdev=/dev/root else if \ - rm -f /lib/init/rw/rootdev \ - && mknod -m 600 /lib/init/rw/rootdev b ${rdev%:*} ${rdev#*:} \ - && [ -e /lib/init/rw/rootdev ] + rm -f /run/rootdev \ + && mknod -m 600 /run/rootdev b ${rdev%:*} ${rdev#*:} \ + && [ -e /run/rootdev ] then - rootdev=/lib/init/rw/rootdev + rootdev=/run/rootdev else rootfatal=yes fi @@ -169,7 +113,7 @@ do_start () { then log_failure_msg "The device node $rootdev for the root filesystem is missing or incorrect or there is no entry for the root filesystem listed in /etc/fstab. -The system is also unable to create a temporary node in /lib/init/rw. +The system is also unable to create a temporary node in /run. This means you have to fix the problem manually." log_warning_msg "A maintenance shell will now be started. CONTROL-D will terminate this shell and restart the system." @@ -268,7 +212,7 @@ Will restart in 5 seconds." then log_action_begin_msg "Checking root file system" if [ "$roottype" = "ext2" -o "$roottype" = "ext3" -o "$roottype" = "ext4" ] && usplash_running; then - PROGRESS_FILE=`mktemp -p /lib/init/rw` || PROGRESS_FILE=/lib/init/rw/checkroot_fsck + PROGRESS_FILE=`mktemp -p /run` || PROGRESS_FILE=/run/checkroot_fsck set -m logsave -s $FSCK_LOGFILE fsck -C3 $force $fix -t $roottype $rootdev >/dev/console 2>&1 3>$PROGRESS_FILE & set +m @@ -385,9 +329,9 @@ but requested that the system be restarted." fi # - # Remove /lib/init/rw/rootdev if we created it. + # Remove /run/rootdev if we created it. # - rm -f /lib/init/rw/rootdev + rm -f /run/rootdev } do_status () { diff --git a/debian/src/initscripts/etc/init.d/mountdevsubfs.sh b/debian/src/initscripts/etc/init.d/mountdevsubfs.sh index 1b61621..1d8a795 100644 --- a/debian/src/initscripts/etc/init.d/mountdevsubfs.sh +++ b/debian/src/initscripts/etc/init.d/mountdevsubfs.sh @@ -24,21 +24,28 @@ TMPFS_SIZE= KERNEL="$(uname -s)" +. /lib/init/vars.sh + . /lib/lsb/init-functions . /lib/init/mount-functions.sh do_start () { # - # Mount a tmpfs on /dev/shm + # Mount a tmpfs on /run/shm # - if [ ! -d /dev/shm ] + if [ ! -d /run/shm ] then - mkdir --mode=755 /dev/shm - [ -x /sbin/restorecon ] && /sbin/restorecon /dev/shm + mkdir --mode=755 /run/shm + [ -x /sbin/restorecon ] && /sbin/restorecon /run/shm + fi + + if [ yes = "$RAMSHM" ] ; then + SHM_OPT= + [ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE" + domount tmpfs shmfs /run/shm tmpfs "-omode=1777,nosuid,nodev$SHM_OPT" + else + chmod 1777 /run/shm fi - SHM_OPT= - [ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE" - domount tmpfs shmfs /dev/shm tmpfs -onosuid,nodev$SHM_OPT # # Mount /dev/pts @@ -50,7 +57,7 @@ do_start () { mkdir --mode=755 /dev/pts [ -x /sbin/restorecon ] && /sbin/restorecon /dev/pts fi - domount devpts "" /dev/pts devpts -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE + domount devpts "" /dev/pts devpts "-onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE" fi } diff --git a/debian/src/initscripts/etc/init.d/mountkernfs.sh b/debian/src/initscripts/etc/init.d/mountkernfs.sh index f3222b8..1c90d18 100644 --- a/debian/src/initscripts/etc/init.d/mountkernfs.sh +++ b/debian/src/initscripts/etc/init.d/mountkernfs.sh @@ -20,22 +20,57 @@ PATH=/sbin:/bin [ -f /etc/default/tmpfs ] && . /etc/default/tmpfs do_start () { + # Needed to determine if root is being mounted read-only. + read_fstab + # # Get some writable area available before the root is checked # and remounted. # RW_OPT= [ "${RW_SIZE:=$TMPFS_SIZE}" ] && RW_OPT=",size=$RW_SIZE" - domount tmpfs "" /lib/init/rw tmpfs -omode=0755,nosuid$RW_OPT + domount tmpfs shmfs /lib/init/rw tmpfs "-omode=0755,nosuid$RW_OPT" touch /lib/init/rw/.ramfs + RUN_OPT= + [ "${RUN_SIZE:=$TMPFS_SIZE}" ] && RUN_OPT=",size=$RUN_SIZE" + domount tmpfs shmfs /run tmpfs "-omode=0755,nosuid$RUN_OPT" + touch /run/.ramfs + + # Make lock directory as the replacement for /var/lock + mkdir --mode=755 /run/lock + + # Mount /run/lock as tmpfs if enabled. This prevents user DoS + # of /run by filling /run/lock at the expense of using an + # additional tmpfs. + if [ yes = "$RAMLOCK" ] ; then + LOCK_OPT= + [ "${LOCK_SIZE:=$TMPFS_SIZE}" ] && LOCK_OPT=",size=$LOCK_SIZE" + domount tmpfs shmfs /run/lock tmpfs "-omode=1777,nodev,noexec,nosuid$LOCK_OPT" + else + chmod 1777 /run/lock + fi + + touch /run/lock/.ramfs + + # Mount /tmp as tmpfs if enabled. + if [ yes = "$RAMTMP" ] || [ rw != "$rootmode" ] ; then + TMP_OPT= + [ "${TMP_SIZE:=$TMPFS_SIZE}" ] && TMP_OPT=",size=$TMP_SIZE" + domount tmpfs shmfs /tmp tmpfs "-omode=1777,nodev,nosuid$TMP_OPT" + fi + # Make pidfile omit directory for sendsigs - mkdir /lib/init/rw/sendsigs.omit.d/ + # Note: /run transition: Move from /lib/init/rw to /run. + # /lib/init/rw will be removed following transition of + # /lib/init/rw users to /run. + mkdir --mode=755 /lib/init/rw/sendsigs.omit.d/ + mkdir --mode=755 /run/sendsigs.omit.d/ # # Mount proc filesystem on /proc # - domount proc "" /proc proc -onodev,noexec,nosuid + domount proc "" /proc proc "-onodev,noexec,nosuid" # # Mount sysfs on /sys @@ -43,21 +78,7 @@ do_start () { # Only mount sysfs if it is supported (kernel >= 2.6) if grep -E -qs "sysfs\$" /proc/filesystems then - domount sysfs "" /sys sysfs -onodev,noexec,nosuid - fi - - # Mount /var/run and /var/lock as tmpfs if enabled - if [ yes = "$RAMRUN" ] ; then - RUN_OPT= - [ "${RUN_SIZE:=$TMPFS_SIZE}" ] && RUN_OPT=",size=$RUN_SIZE" - domount tmpfs "" /var/run varrun -omode=0755,nosuid$RUN_OPT - touch /var/run/.ramfs - fi - if [ yes = "$RAMLOCK" ] ; then - LOCK_OPT= - [ "${LOCK_SIZE:=$TMPFS_SIZE}" ] && LOCK_OPT=",size=$LOCK_SIZE" - domount tmpfs "" /var/lock varlock -omode=1777,nodev,noexec,nosuid$LOCK_OPT - touch /var/lock/.ramfs + domount sysfs "" /sys sysfs "-onodev,noexec,nosuid" fi } diff --git a/debian/src/initscripts/etc/init.d/mtab.sh b/debian/src/initscripts/etc/init.d/mtab.sh index d81c928..1a58b31 100644 --- a/debian/src/initscripts/etc/init.d/mtab.sh +++ b/debian/src/initscripts/etc/init.d/mtab.sh @@ -31,39 +31,109 @@ KERNEL="$(uname -s)" . /lib/lsb/init-functions . /lib/init/mount-functions.sh -# $1 - fstype -# $2 - mount point -# $3 - mount name/device -# $4 - mount options +# Note any changes here must also be made in domount in mount-functions. +# $1: file system type +# $2: alternative file system type (or empty string if none) +# $3: mount point +# $4: mount device name +# $5... : extra mount program options domtab () { - # Directory present? - if [ ! -d $2 ] + MTPT="$3" + KERNEL="$(uname -s)" + # Figure out filesystem type + FSTYPE= + OPTS= + if [ "$1" = proc ] then + case "$KERNEL" in + Linux|GNU) FSTYPE=proc;; + *FreeBSD) FSTYPE=linprocfs ;; + *) FSTYPE=procfs ;; + esac + elif [ "$1" = bind ] + then + case "$KERNEL" in + Linux|GNU) FSTYPE=$4; OPTS="-obind" ;; + *FreeBSD) FSTYPE=nullfs ;; + *) FSTYPE=none ;; + esac + elif [ "$1" = tmpfs ] + then # always accept tmpfs, to mount /run before /proc + FSTYPE=$1 + elif grep -E -qs "$1\$" /proc/filesystems + then + FSTYPE=$1 + elif grep -E -qs "$2\$" /proc/filesystems + then + FSTYPE=$2 + fi + + if [ ! "$FSTYPE" ] + then + if [ "$2" ] + then + log_warning_msg "Filesystem types '$1' and '$2' are not supported. Skipping mount." + else + log_warning_msg "Filesystem type '$1' is not supported. Skipping mount." + fi return fi - # Not mounted? - if ! mountpoint -q $2 < /dev/null + # We give file system type as device name if not specified as + # an argument + if [ "$4" ] ; then + DEVNAME=$4 + else + DEVNAME=$FSTYPE + fi + + # Get the options from /etc/fstab. + if [ -f /etc/fstab ] + then + exec 9<&0 </etc/fstab + + while read TAB_DEV TAB_MTPT TAB_FSTYPE TAB_OPTS TAB_REST + do + case "$TAB_DEV" in ""|\#*) continue ;; esac + [ "$MTPT" = "$TAB_MTPT" ] || continue + [ "$FSTYPE" = "$TAB_FSTYPE" ] || continue + case "$TAB_OPTS" in + noauto|*,noauto|noauto,*|*,noauto,*) + exec 0<&9 9<&- + return + ;; + ?*) + OPTS="$OPTS -o$TAB_OPTS" + ;; + esac + break + done + + exec 0<&9 9<&- + fi + + if [ ! -d "$MTPT" ] then return fi - if [ -n "$3" ] + if ! mountpoint -q "$MTPT" then - NAME="$3" - else - NAME="$1" + return # Not mounted fi # Already recorded? - if ! grep -E -sq "^([^ ]+) +$2 +" /etc/mtab < /dev/null + if ! grep -E -sq "^([^ ]+) +$MTPT +" /etc/mtab < /dev/null then - mount -f -t $1 $OPTS $4 $NAME $2 < /dev/null + mount -f -t $FSTYPE $5 $OPTS $DEVNAME $MTPT < /dev/null fi } do_start () { + # Needed to determine if root is being mounted read-only. + read_fstab + DO_MTAB="" MTAB_PATH="$(readlink -f /etc/mtab || :)" case "$MTAB_PATH" in @@ -108,40 +178,53 @@ do_start () { # S02mountkernfs.sh RW_OPT= [ "${RW_SIZE:=$TMPFS_SIZE}" ] && RW_OPT=",size=$RW_SIZE" - domtab tmpfs /lib/init/rw tmpfs -omode=0755,nosuid$RW_OPT + domtab tmpfs shmfs /lib/init/rw tmpfs "-omode=0755,nosuid$RW_OPT" + + RUN_OPT= + [ "${RUN_SIZE:=$TMPFS_SIZE}" ] && RUN_OPT=",size=$RUN_SIZE" + domtab tmpfs shmfs /run tmpfs "-omode=0755,nosuid$RUN_OPT" - domtab proc /proc "proc" -onodev,noexec,nosuid - if grep -E -qs "sysfs\$" /proc/filesystems - then - domtab sysfs /sys sysfs -onodev,noexec,nosuid - fi - if [ yes = "$RAMRUN" ] ; then - RUN_OPT= - [ "${RUN_SIZE:=$TMPFS_SIZE}" ] && RUN_OPT=",size=$RUN_SIZE" - domtab tmpfs /var/run "varrun" -omode=0755,nosuid$RUN_OPT - fi if [ yes = "$RAMLOCK" ] ; then LOCK_OPT= [ "${LOCK_SIZE:=$TMPFS_SIZE}" ] && LOCK_OPT=",size=$LOCK_SIZE" - domtab tmpfs /var/lock "varlock" -omode=1777,nodev,noexec,nosuid$LOCK_OPT + domtab tmpfs shmfs /run/lock tmpfs "-omode=1777,nodev,noexec,nosuid$LOCK_OPT" + fi + + if [ yes = "$RAMTMP" ] || [ rw != "$rootmode" ] ; then + TMP_OPT= + [ "${TMP_SIZE:=$TMPFS_SIZE}" ] && TMP_OPT=",size=$TMP_SIZE" + domtab tmpfs shmfs /tmp tmpfs "-omode=1777,nodev,nosuid$TMP_OPT" fi + + domtab proc "" /proc proc "-onodev,noexec,nosuid" + + if grep -E -qs "sysfs\$" /proc/filesystems + then + domtab sysfs "" /sys sysfs "-onodev,noexec,nosuid" + fi + if [ -d /proc/bus/usb ] then - domtab usbfs /proc/bus/usb "procbususb" + domtab usbfs "" /proc/bus/usb "procbususb" fi # S03udev - domtab tmpfs /dev "udev" -omode=0755 + domtab tmpfs "" /dev "udev" "-omode=0755" # S04mountdevsubfs - SHM_OPT= - [ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE" - domtab tmpfs /dev/shm tmpfs -onosuid,nodev$SHM_OPT - domtab devpts /dev/pts "devpts" -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE + if [ yes = "$RAMSHM" ] ; then + SHM_OPT= + [ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE" + domtab tmpfs "" /dev/shm tmpfs "-omode=1777,nosuid,nodev$SHM_OPT" + fi + if [ "$KERNEL" = Linux ] + then + domtab devpts "" /dev/pts "devpts" "-onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE" + fi # Add everything else in /proc/mounts into /etc/mtab, with # special exceptions. - exec 9<&0 0</proc/mounts + exec 8<&0 0</proc/mounts while read FDEV FDIR FTYPE FOPTS REST do case "$FDIR" in @@ -155,9 +238,9 @@ do_start () { continue ;; esac - domtab "$FTYPE" "$FDIR" "$FDEV" "-o$FOPTS" + domtab "$FTYPE" "" "$FDIR" "$FDEV" "-o$FOPTS" done - exec 0<&9 9<&- + exec 0<&8 8<&- } case "$1" in diff --git a/debian/src/initscripts/etc/init.d/sendsigs b/debian/src/initscripts/etc/init.d/sendsigs index f5c33c5..3bc9492 100644 --- a/debian/src/initscripts/etc/init.d/sendsigs +++ b/debian/src/initscripts/etc/init.d/sendsigs @@ -27,9 +27,10 @@ report_unkillable() { do_stop () { OMITPIDS= - # The /var/run/sendsigs.omit file is used to be compatible - # with Ubuntu. - for omitfile in /var/run/sendsigs.omit /lib/init/rw/sendsigs.omit; do + # Note: /run transition: Now using /run in place of /var/run; + # /lib/init/rw will be removed following transition of + # /lib/init/rw users to /run. + for omitfile in /run/sendsigs.omit /lib/init/rw/sendsigs.omit; do if [ -e $omitfile ]; then for pid in $(cat $omitfile); do OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" @@ -40,14 +41,20 @@ do_stop () { # Load sendsigs.omit.d/packagename files too, to make it # possible for scripts that need to modify the list of pids at # run time without race conditions. - if [ -d /lib/init/rw/sendsigs.omit.d/ ]; then - for pidfile in /lib/init/rw/sendsigs.omit.d/*; do - [ -f "$pidfile" ] || continue - for pid in $(cat $pidfile); do - OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" + # Note: /run transition: both /run and /lib/init/rw are used + # at present during the transition to /run; /lib/init/rw will + # be removed following transition of /lib/init/rw users to + # /run. + for omitdir in /run/sendsigs.omit.d /lib/init/rw/sendsigs.omit.d; do + if [ -d "${omitdir}" ]; then + for pidfile in "${omitdir}/"*; do + [ -f "$pidfile" ] || continue + for pid in $(cat $pidfile); do + OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" + done done - done - fi + fi + done # Upstart jobs have their own "stop on" clauses that sends # SIGTERM/SIGKILL just like this, so if they're still running, diff --git a/debian/src/initscripts/etc/init.d/umountfs b/debian/src/initscripts/etc/init.d/umountfs index 7df5e3f..1f9fa7c 100644 --- a/debian/src/initscripts/etc/init.d/umountfs +++ b/debian/src/initscripts/etc/init.d/umountfs @@ -27,19 +27,9 @@ do_stop () { do echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV $MTPT " && continue case "$MTPT" in - /|/proc|/dev|/.dev|/dev/pts|/dev/shm|/dev/.static/dev|/proc/*|/sys|/sys/*|/lib/init/rw) + /|/proc|/dev|/.dev|/dev/pts|/dev/shm|/dev/.static/dev|/proc/*|/sys|/sys/*|/run|/run/*|/lib/init/rw) continue ;; - /var/run) - if [ yes = "$RAMRUN" ] ; then - continue - fi - ;; - /var/lock) - if [ yes = "$RAMLOCK" ] ; then - continue - fi - ;; esac case "$FSTYPE" in proc|procfs|linprocfs|sysfs|usbfs|usbdevfs|devpts) diff --git a/debian/src/initscripts/etc/init.d/umountnfs.sh b/debian/src/initscripts/etc/init.d/umountnfs.sh index 55fa96f..919aa18 100644 --- a/debian/src/initscripts/etc/init.d/umountnfs.sh +++ b/debian/src/initscripts/etc/init.d/umountnfs.sh @@ -36,7 +36,7 @@ do_stop () { halt -w # Remove bootclean flag files (precaution against symlink attacks) - rm -f /tmp/.clean /var/lock/.clean /var/run/.clean + rm -f /tmp/.clean # # Make list of points to unmount in reverse order of their creation @@ -48,19 +48,9 @@ do_stop () { while read -r DEV MTPT FSTYPE OPTS REST do case "$MTPT" in - /|/proc|/dev|/dev/pts|/dev/shm|/proc/*|/sys|/lib/init/rw) + /|/proc|/dev|/dev/pts|/dev/shm|/proc/*|/sys|/run|/run/*|/lib/init/rw) continue ;; - /var/run) - if [ yes = "$RAMRUN" ] ; then - continue - fi - ;; - /var/lock) - if [ yes = "$RAMLOCK" ] ; then - continue - fi - ;; esac case "$FSTYPE" in nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs) diff --git a/debian/src/initscripts/lib/init/bootclean.sh b/debian/src/initscripts/lib/init/bootclean.sh index 02e6cef..beca015 100644 --- a/debian/src/initscripts/lib/init/bootclean.sh +++ b/debian/src/initscripts/lib/init/bootclean.sh @@ -2,7 +2,7 @@ # # bootclean # -# Clean /tmp. Clean /var/run and /var/lock if not mounted as tmpfs +# Clean /tmp. # # DO NOT RUN AFTER S:55bootmisc.sh and do not run this script directly # in runlevel S. Instead write an initscript to call it. @@ -111,60 +111,12 @@ clean_tmp() { return 0 } -clean_lock() { - if [ yes = "$RAMLOCK" ] ; then - return 0 - fi - - cd /var/lock || { log_failure_msg "bootclean: Could not cd to /var/lock." ; return 1 ; } - - [ "$VERBOSE" = no ] || log_action_begin_msg "Cleaning /var/lock" - report_err() - { - if [ "$VERBOSE" = no ] - then - log_failure_msg "bootclean: Failure cleaning /var/lock." - else - log_action_end_msg 1 "bootclean: Failure cleaning /var/lock" - fi - } - find . ! -type d -delete \ - || { report_err ; return 1 ; } - [ "$VERBOSE" = no ] || log_action_end_msg 0 - mkflagfile /var/lock/.clean || return 1 - return 0 -} - -clean_run() { - if [ yes = "$RAMRUN" ] ; then - return 0 - fi - - cd /var/run || { log_action_end_msg 1 "bootclean: Could not cd to /var/run." ; return 1 ; } - - [ "$VERBOSE" = no ] || log_action_begin_msg "Cleaning /var/run" - report_err() - { - if [ "$VERBOSE" = no ] - then - log_failure_msg "bootclean: Failure cleaning /var/run." - else - log_action_end_msg 1 "bootclean: Failure cleaning /var/run" - fi - } - find . ! -xtype d ! -name utmp ! -name innd.pid -delete \ - || { report_err ; return 1 ; } - [ "$VERBOSE" = no ] || log_action_end_msg 0 - mkflagfile /var/run/.clean || return 1 - return 0 -} - which find >/dev/null 2>&1 || exit 1 log_begin_msg "Cleaning up temporary files..." # If there are flag files that have not been created by root # then remove them -for D in /tmp /var/run /var/lock +for D in /tmp do if [ -f $D/.clean ] then @@ -180,11 +132,9 @@ do fi done -[ -f /tmp/.clean ] && [ -f /var/run/.clean ] && [ -f /var/lock/.clean ] && { log_end_msg 0 ; exit 0 ; } +[ -f /tmp/.clean ] && { log_end_msg 0 ; exit 0 ; } ES=0 [ -d /tmp ] && ! [ -f /tmp/.clean ] && { clean_tmp || ES=1 ; } -[ -d /var/run ] && ! [ -f /var/run/.clean ] && { clean_run || ES=1 ; } -[ -d /var/lock ] && ! [ -f /var/lock/.clean ] && { clean_lock || ES=1 ; } log_end_msg $ES exit $ES diff --git a/debian/src/initscripts/lib/init/mount-functions.sh b/debian/src/initscripts/lib/init/mount-functions.sh index 007d127..7b4e14a 100644 --- a/debian/src/initscripts/lib/init/mount-functions.sh +++ b/debian/src/initscripts/lib/init/mount-functions.sh @@ -21,8 +21,65 @@ selinux_enabled () { which selinuxenabled >/dev/null 2>&1 && selinuxenabled } +# Read /etc/fstab, looking for: +# 1) The root filesystem, resolving LABEL=*|UUID=* entries to the +# device node, +# 2) Swap that is on a md device or a file that may be on a md +# device, +read_fstab () { + exec 9<&0 </etc/fstab + + fstabroot=/dev/root + rootdev=none + roottype=none + rootopts=defaults + rootmode=rw + rootcheck=no + swap_on_lv=no + swap_on_file=no + + while read DEV MTPT FSTYPE OPTS DUMP PASS JUNK + do + case "$DEV" in + ""|\#*) + continue; + ;; + /dev/mapper/*) + [ "$FSTYPE" = "swap" ] && swap_on_lv=yes + ;; + /dev/*) + ;; + LABEL=*|UUID=*) + if [ "$MTPT" = "/" ] && [ -x /sbin/findfs ] + then + DEV="$(findfs "$DEV")" + fi + ;; + /*) + [ "$FSTYPE" = "swap" ] && swap_on_file=yes + ;; + *) + ;; + esac + [ "$MTPT" != "/" ] && continue + rootdev="$DEV" + fstabroot="$DEV" + rootopts="$OPTS" + roottype="$FSTYPE" + ( [ "$PASS" != 0 ] && [ "$PASS" != "" ] ) && rootcheck=yes + ( [ "$FSTYPE" = "nfs" ] || [ "$FSTYPE" = "nfs4" ] ) && rootcheck=no + case "$OPTS" in + ro|ro,*|*,ro|*,ro,*) + rootmode=ro + ;; + esac + done + + exec 0<&9 9<&- +} # Called before mtab is writable to mount kernel and device file systems. +# Note any changes here must also be made in domtab in mtab.sh. # $1: file system type # $2: alternative file system type (or empty string if none) # $3: mount point @@ -33,6 +90,7 @@ domount () { KERNEL="$(uname -s)" # Figure out filesystem type FSTYPE= + OPTS= if [ "$1" = proc ] then case "$KERNEL" in @@ -40,8 +98,15 @@ domount () { *FreeBSD) FSTYPE=linprocfs ;; *) FSTYPE=procfs ;; esac + elif [ "$1" = bind ] + then + case "$KERNEL" in + Linux|GNU) FSTYPE=$4; OPTS="-obind" ;; + *FreeBSD) FSTYPE=nullfs ;; + *) FSTYPE=none ;; + esac elif [ "$1" = tmpfs ] - then # always accept tmpfs, to mount /lib/init/rw before /proc + then # always accept tmpfs, to mount /run before /proc FSTYPE=$1 elif grep -E -qs "$1\$" /proc/filesystems then @@ -71,14 +136,13 @@ domount () { fi # Get the options from /etc/fstab. - OPTS= if [ -f /etc/fstab ] then exec 9<&0 </etc/fstab while read TAB_DEV TAB_MTPT TAB_FSTYPE TAB_OPTS TAB_REST do - case "$TAB_DEV" in (""|\#*) continue ;; esac + case "$TAB_DEV" in ""|\#*) continue ;; esac [ "$MTPT" = "$TAB_MTPT" ] || continue [ "$FSTYPE" = "$TAB_FSTYPE" ] || continue case "$TAB_OPTS" in @@ -87,7 +151,7 @@ domount () { return ;; ?*) - OPTS="-o$TAB_OPTS" + OPTS="$OPTS -o$TAB_OPTS" ;; esac break @@ -121,45 +185,74 @@ domount () { # pre_mountall () { - # We may end up mounting something over top of /var, either directly - # or because /var is a symlink to something that's mounted. So keep - # copies of the /var/run and /var/lock mounts elsewhere on the root - # filesystem so they can be moved back. - if [ yes = "$RAMRUN" ] ; then - mkdir /lib/init/rw/var.run - mount -n --bind /var/run /lib/init/rw/var.run - fi - if [ yes = "$RAMLOCK" ] ; then - mkdir /lib/init/rw/var.lock - mount -n --bind /var/lock /lib/init/rw/var.lock - fi + # RAMRUN and RAMLOCK on /var/run and /var/lock are obsoleted by + # /run. Note that while RAMRUN is no longer used (/run is always + # a tmpfs), RAMLOCK is still functional, but will cause a second + # tmpfs to be mounted on /run/lock. + : } # -# Restore /var/run and /var/lock mountpoints if something was mounted -# as /var/. Avoid mounting them back over themselves if nothing was -# mounted as /var/ by checking if /var/run/ and /var/lock/ are still -# mount points. Enabling RAMRUN and RAMLOCK while listing /var/run or -# /var/lock in /etc/fstab is not supported. +# Migrate a directory to /run and create compatibility symlink or bind +# mount. # -post_mountall () +run_migrate () { - if [ yes = "$RAMRUN" ] ; then - [ -d /var/run ] || mkdir /var/run - if mountpoint -q /var/run ; then - umount /lib/init/rw/var.run - else - mount -n --move /lib/init/rw/var.run /var/run - fi - rmdir /lib/init/rw/var.run + OLD=$1 + RUN=$2 + + KERNEL="$(uname -s)" + OPTS="" + case "$KERNEL" in + Linux|GNU) FSTYPE=none OPTS="-obind";; + *FreeBSD) FSTYPE=nullfs ;; + *) FSTYPE=none ;; + esac + + # Try to remove if a directory. Note this is safe because the + # system is not yet fully up, and nothing is allowed to use + # them yet. If the user explicitly mounted a filesystem here, + # it will be cleaned out, but this would happen later on when + # bootclean runs in any case. + if [ ! -L "$OLD" ] && [ -d "$OLD" ] ; then + rm -fr "$OLD" 2>/dev/null || true fi - if [ yes = "$RAMLOCK" ] ; then - [ -d /var/lock ] || mkdir /var/lock - if mountpoint -q /var/lock ; then - umount /lib/init/rw/var.lock + + # If removal failed (directory still exists), set up bind mount. + if [ ! -L "$OLD" ] && [ -d "$OLD" ] ; then + if [ "$OLD" != "/tmp" ]; then + log_warning_msg "Filesystem mounted on $OLD; setting up compatibility bind mount." + log_warning_msg "Please remove this mount from /etc/fstab; it is no longer needed, and it is preventing completion of the transition to $RUN." + fi + mount -t $FSTYPE "$RUN" "$OLD" -orw $OPTS + else + # Create symlink if not already present. + if [ -L "$OLD" ] && [ "$(readlink "$OLD")" = "$RUN" ]; then + : else - mount -n --move /lib/init/rw/var.lock /var/lock + ln -fs "$RUN" "$OLD" fi - rmdir /lib/init/rw/var.lock fi } + +# +# For compatibility, create /var/run and /var/lock symlinks to /run +# and /run/lock, respectively. +# +post_mountall () +{ + # /var/run and /var/lock are now /run and /run/lock, + # respectively. Cope with filesystems being deliberately + # mounted on /var/run and /var/lock. We will create bind + # mounts from /run and /run/lock to /var/run and /var/lock if + # we can't remove the /var/run and /var/lock directories, or + # else simply create symlinks. For example, in the case that + # the user has explicitly mounted filesystems on /var/run or + # /var/lock, we bind mount over the top of them. Where no + # filesystems are mounted, we replace the directory with a + # symlink where possible. + + run_migrate /dev/shm /run/shm + run_migrate /var/run /run + run_migrate /var/lock /run/lock +} diff --git a/debian/src/initscripts/lib/init/vars.sh b/debian/src/initscripts/lib/init/vars.sh index 1b4769b..e733358 100644 --- a/debian/src/initscripts/lib/init/vars.sh +++ b/debian/src/initscripts/lib/init/vars.sh @@ -37,3 +37,34 @@ fi if [ "$INIT_VERBOSE" ] ; then VERBOSE="$INIT_VERBOSE" fi + +# Because /etc/default/rcS isn't a conffile, it's never updated +# automatically. So that an empty or outdated file missing newer +# options works correctly, set the default values here. +if [ -z "$TMPTIME" ]; then + TMPTIME=0 +fi +if [ -z "$SULOGIN" ]; then + SULOGIN=no +fi +if [ -z "$DELAYLOGIN" ]; then + DELAYLOGIN=no +fi +if [ -z "$UTC" ]; then + UTC=yes +fi +if [ -z "$VERBOSE" ]; then + VERBOSE=no +fi +if [ -z "$FSCKFIX" ]; then + FSCKFIX=no +fi +if [ -z "$RAMLOCK" ]; then + RAMLOCK=no +fi +if [ -z "$RAMSHM" ]; then + RAMSHM=yes +fi +if [ -z "$RAMTMP" ]; then + RAMTMP=no +fi diff --git a/debian/src/initscripts/man/rcS.5 b/debian/src/initscripts/man/rcS.5 index 275d8c6..4df3d75 100644 --- a/debian/src/initscripts/man/rcS.5 +++ b/debian/src/initscripts/man/rcS.5 @@ -97,19 +97,31 @@ to be run with the \fB\-y\fP option instead of the \fB\-a\fP option. This will tell fsck always to repair the file systems without asking for permission. -.IP \fBRAMRUN\fP -Make /var/run/ available as a ram file system (tmpfs). Will also disable -cleaning of /var/run/ during boot. Set to 'yes' to enable, to 'no' to disable. -The size of the tmpfs can be controlled using TMPFS_SIZE and RUN_SIZE in -/etc/default/tmpfs. Because of this, packages can not expect directories in /var/run -to exist after boot. Packages expecting this are buggy and need to be fixed. - .IP \fBRAMLOCK\fP -Make /var/lock/ available as a ram file system (tmpfs). Will also disable -cleaning of /var/lock/ during boot. Set to 'yes' to enable, to 'no' to disable. -The size of the tmpfs can be controlled using TMPFS_SIZE and LOCK_SIZE in -/etc/default/tmpfs. Because of this, packages can not expect directories in /var/lock -to exist after boot. Packages expecting this are buggy and need to be fixed. +Make /run/lock/ available as a ram file system (tmpfs). Set to 'yes' +to enable, to 'no' to disable (defaults to no). The size of the tmpfs +can be controlled using TMPFS_SIZE and LOCK_SIZE in +/etc/default/tmpfs. Because of this, packages can not expect +directories in /var/lock to exist after boot. Packages expecting this +are buggy and need to be fixed. Note that /run/lock was previously +/var/lock, and a compatibility symlink or bind mount will be created +to allow the old path to continue to function. + +.IP \fBRAMSHM\fP +Make /run/shm available as a ram file system (tmpfs). Set to 'yes' to +enable, to 'no' to disable (defaults to yes). The size of the tmpfs +can be controlled using TMPFS_SIZE and SHM_SIZE in /etc/default/tmpfs. +Because of this, packages can not expect directories in /run/shm to +exist after boot. Note that /run/shm was previously /dev/shm, and a +compatibility symlink or bind mount will be created to allow the old +path to continue to function. + +.IP \fBRAMTMP\fP +Make /tmp/ available as a ram file system (tmpfs). Set to 'yes' to +enable, to 'no' to disable (defaults to no). The size of the tmpfs +can be controlled using TMPFS_SIZE and TMP_SIZE in /etc/default/tmpfs. +Because of this, packages can not expect directories in /tmp to exist +after boot. .IP \fBASYNCMOUNTNFS\fP Set this to 'no' to disable asynchronous mounting of network drives diff --git a/debian/src/initscripts/share/default.rcS b/debian/src/initscripts/share/default.rcS index 2fee9cd..dccb3e2 100644 --- a/debian/src/initscripts/share/default.rcS +++ b/debian/src/initscripts/share/default.rcS @@ -7,11 +7,30 @@ # # This file belongs to the "initscripts" package. +# delete files in /tmp during boot older than x days. +# '0' means always, -1 or 'infinite' disables the feature TMPTIME=0 + +# spawn sulogin during boot, continue normal boot if not used in 30 seconds SULOGIN=no + +# do not allow users to log in until the boot has completed DELAYLOGIN=no + +# assume that the BIOS clock is set to UTC time (recommended) UTC=yes + +# be more verbose during the boot process VERBOSE=no + +# automatically repair filesystems with inconsistencies during boot FSCKFIX=no -RAMRUN=no + +# mount /run/lock as a tmpfs (separately from /run) RAMLOCK=no + +# mount /run/shm as a tmpfs (separately from /run) +RAMSHM=yes + +# mount /tmp as a tmpfs +RAMTMP=no
signature.asc
Description: Digital signature
_______________________________________________ Pkg-sysvinit-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-sysvinit-devel
