Commit Graph

151 Commits

Author SHA1 Message Date
Jilles Tjoelker
bddbe3b2b1 rc.subr: Swap checks so we only fork sysctl if *_oomprotect is set. 2016-11-17 22:49:51 +00:00
Marcelo Araujo
46542a426e We can't use protect(1) inside a jail(8)!
To avoid have warning for services that are using oomprotect, oomprotect
will only be applied on services that won't run inside jails.

Reported by:	allanjude
MFC after:	2 weeks.
2016-11-10 07:05:41 +00:00
Baptiste Daroussin
5b71d8999c Remove backup_uses_rcs from rc.subr
In preparation for the removal of GNU rcs from base, remove the backup_uses_rcs
functionality from the rc.subr backup_file feature. This functionnality was off
by default

Reviewed by:	wblock
Differential Revision:	https://reviews.freebsd.org/D7883
2016-09-18 12:49:23 +00:00
Edward Tomasz Napierala
6e9bf96d6f Refactor the root mount hold code and add the wait to etc/rc.d/fsck.
This fixes mounting (non-root) USB drives on boot with fsck enabled
(with non-zero 'Pass#' field in fstab(5)).

Reported by:	Graham Menhennitt <graham at menhennitt.com.au>
Reviewed by:	jilles@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D6221
2016-05-10 08:44:44 +00:00
Lars Engels
1980d11b5f - Add two new subcommands to rc.subr:
"describe" shows an rc script's description
  "extracommands" shows an rc script's non-standard commands like "reload", "configtest", "keygen", etc
- Update the rc(8) manpage and the tcsh(1) completion examples to reflect these changes

Approved by:	bapt
Sponsored by:	Essen Linuxhotel Hackathon 2016
Differential Revision:	D452
2016-04-23 16:19:34 +00:00
Marcelo Araujo
3bead71e95 - Add a global option where we can protect processes when swap space
is exhausted.

How to use:

Basically we need to add on rc.conf an another option like:

    If we want to protect only the main processes.
    syslogd_oomprotect="YES"

    If we want to protect all future children of the specified processes.
    syslogd_oomprotect="ALL"

PR:		204741 (based on)
Submitted by:	eugen@grosbein.net
Reviewed by:	jhb, allanjude, rpokala and bapt
MFC after:	4 weeks
Relnotes:	Yes
Sponsored by:	gandi.net
Differential Revision:	https://reviews.freebsd.org/D5176
2016-02-24 01:32:12 +00:00
Jilles Tjoelker
80fe6bcf09 rc.subr: Check for running daemons before a custom start_cmd is executed.
Currently rc scripts implementing their own start_cmd do not enjoy the
benefits of rc.subr's own check for rc_pid.

This leads to around a third of ports with such a start_cmd not to check for
the process at all and two thirds of ports to re-implement this check
(sometimes wrongly).

This patch moves the check for rc_pid to before ${rc_arg}_cmd is executed.

Submitted by:	Dirk Engling
Reviewed by:	feld
MFC after:	1 week
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D4156
2015-12-04 16:32:29 +00:00
Dag-Erling Smørgrav
0b9c2e7ac5 Correctly document the change made in r275359. 2015-10-26 15:14:55 +00:00
Adrian Chadd
ef4cd02bfa Enforce consistent limits of daemons run from rc.subr:
* Allow the user to configure the login class to use in rc.conf
  by using {daemon}_login_class, which;
* Use the daemon class by default;
* .. and then use 'limits' to set the login class so it works both
  via init at startup (which runs this in 'daemon' class) and via
  whichever root environment (eg command line, other daemons, etc.)

Reviewed by:	dteske
Differential Revision:	https://reviews.freebsd.org/D3630
2015-09-27 04:03:11 +00:00
Enji Cooper
1b44fd7506 Update the comment about handling old-style rc(5) scripts
The old-style (*.sh) scripts in /etc/rc.d are explicitly ignored, whereas
other scripts ending in .sh are permitted
2015-08-05 03:03:57 +00:00
Jilles Tjoelker
738b6d4109 rc.subr: Allow rc.conf.d with multi-directory local_startup.
I also changed ${...%*/rc.d} to ${...%/rc.d} since the shortest match always
has an empty string for the asterisk.

PR:		201641
Submitted by:	Jamie Landeg-Jones (original version)
MFC after:	1 week
2015-08-01 22:00:25 +00:00
Dag-Erling Smørgrav
e27961a496 Allow load_rc_config to be called without a service name.
MFC after:	1 week
2014-12-01 12:17:42 +00:00
Hiroki Sato
2869fca8b0 Add env and prepend to _rc_namevarlist. 2014-10-12 02:42:36 +00:00
Hiroki Sato
61a8e84918 Add ${name}_env and ${name}_prepend. ${name}_env is an argument list which
will be passed to env(1).  ${name}_prepend is simply prepended to the command
line for $command.
2014-10-11 23:49:27 +00:00
Hiroki Sato
4a387a583b Resurrect set_rcvar() as a function to define a rc.conf variable.
It defines a variable and its default value in load_rc_config() just after
rc.conf is loaded.  "rcvar" command shows the current and the default values.

This is an attempt to solve a problem that rc.d scripts from third-party
software do not have entries in /etc/defaults/rc.conf.  The fact that
load_rc_config() reads rc.conf only once and /etc/rc invokes the function
before running rc.d scripts made developers confused for a long time because
load_rc_config() just before run_rc_command() in each rc.d script overrides
variables only when the script is directly invoked, not from /etc/rc.

Variables defined in set_rcvar are always set in load_rc_config() after
loading rc.conf.  An rc.d script can now be written in a self-contained
manner regarding the related variables as follows:

---
name=foo
rcvar=foo_enable

set_rcvar foo_enable	YES	"Enable $name"
set_rcvar foo_flags	"-s"	"Flags to $name"

...

load_rc_config $name
run_rc_command "$@"
---
2014-10-02 01:16:30 +00:00
Hiroki Sato
363a68722a Do not set net.inet.ip.{sourceroute,accept_sourceroute} in a vnet jail.
The following warnings were displayed:

 sysctl: net.inet.ip.sourceroute=0: Operation not permitted
 sysctl: net.inet.ip.accept_sourceroute=0: Operation not permitted
2014-09-13 18:54:15 +00:00
Hiroki Sato
8eac80769b - Use $local_startup to load rc.conf.d/* scripts.
- Document support of rc.conf.d/<dir>/* introduced in r270392.

Discussed with:	bapt
2014-08-27 09:19:22 +00:00
Baptiste Daroussin
0dba3159e1 Allow to configure services from ${LOCALBASE}/etc/rc.conf.d
Reviewed by:	bdrewery
MFC after:	1 week
Relnotes:	yes
2014-08-26 22:33:34 +00:00
Dag-Erling Smørgrav
5407523fe5 Add support for /etc/rc.conf.d/<service> subdirectories. This is
particularly useful for services such as "network" (netif) where each
interface can now have its own separate configuration file.
Add /etc/rc.conf.d to the mtree file so it is always present.

MFC after:	3 days
2014-08-23 10:51:37 +00:00
Devin Teske
99082d19f1 Loosen the processing of *_IF_aliasN vars to be less strict. Previously,
the first alias had to be _alias0 and processing stopped at the first non-
defined variable (preventing gaps). Allowing gaps gives the administrator
the ability to group aliases in an adhoc manner and also lifts the
requirement to renumber aliases simply to comment-out an existing one.
Aliases are processed in numerical ascending order.

Discussed on:	-rc
MFC after:	1 week
2014-04-07 22:40:29 +00:00
Hiroki Sato
84b354cb9a - Update rc.d/jail to use a jail(8) configuration file instead of
command line options.  The "jail_<jname>_*" rc.conf(5) variables for
  per-jail configuration are automatically converted to
  /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
  This is transparently backward compatible.

- Fix a minor bug in jail(8) which prevented it from returning false
  when jail -r failed.

Approved by:	re (glebius)
2013-10-10 09:32:27 +00:00
Dag-Erling Smørgrav
49cede74ee Add a setup script for unbound(8) called local-unbound-setup. It
generates a configuration suitable for running unbound as a caching
forwarding resolver, and configures resolvconf(8) to update unbound's
list of forwarders in addition to /etc/resolv.conf.  The initial list
is taken from the existing resolv.conf, which is rewritten to point to
localhost.  Alternatively, a list of forwarders can be provided on the
command line.

To assist this script, add an rc.subr command called "enabled" which
does nothing except return 0 if the service is enabled and 1 if it is
not, without going through the usual checks.  We should consider doing
the same for "status", which is currently pointless.

Add an rc script for unbound, called local_unbound.  If there is no
configuration file, the rc script runs local-unbound-setup to generate
one.

Note that these scripts place the unbound configuration files in
/var/unbound rather than /etc/unbound.  This is necessary so that
unbound can reload its configuration while chrooted.  We should
probably provide symlinks in /etc.

Approved by:	re (blanket)
2013-09-23 04:36:51 +00:00
Andriy Gapon
3ee030e1e9 rc.subr: disabling globbing while processing devfs rules
The rules themselves typically have shell-like patterns and it is
incorrect when they get replaced with matching filesystem entries.

Shell magic by:	jilles
MFC after:	2 weeks
2013-03-28 08:13:52 +00:00
Steven Hartland
7ef204a2a9 Allow perl scripts to be used in rc.d scripts
PR:		conf/117027
Reviewed by:	pjd (mentor)
Approved by:	hrs
MFC after:	2 weeks
2013-01-10 11:08:22 +00:00
Hiroki Sato
c426f75e3b Do not put "already running" message when rc_quiet=yes.
PR:	bin/165477
2012-11-20 04:45:04 +00:00
Hiroki Sato
571b26027e Add check_namevarlist() to check if ${name}_var is reserved in rc.subr or not. 2012-11-17 18:11:10 +00:00
Hiroki Sato
c58c2dc7d5 Add setfib(1) support for services as <name>_fib in rc.conf. 2012-10-27 19:09:09 +00:00
Chris Rees
b2de5bffb6 Allow spaces in _chroot
Noticed by:	adj (IRC/#bsdports)
Approved by:	hrs
MFC after:	1 month
2012-10-27 17:43:30 +00:00
Kevin Lo
1424b561e1 Whitespace nit 2012-07-13 06:46:09 +00:00
Xin LI
90de8d2a65 Put the signal trap output to standard error instead of standard output.
Without this change, pressing ^T could result in rc.d script putting
junk strings like:

	Script <filename> running

in configuration files when redirecting standard output to these files.

MFC after:	2 weeks
2012-02-18 00:46:18 +00:00
Doug Barton
20ceedfb69 Fix various issues with the NFS and RPC related scripts:
1. Add new functionality to the force_depend method to incorporate the
   tests for whether the service is enabled and/or already running.
2. Add a new option to bypass checking only that the service is enabled
   at boot time, and always check if it is running.
3. Use this new functionality to greatly simplify the rc.d scripts that
   use force_depend.
4. Add a force_depend for statd in lockd
5. Remove the check that either nfs_server or nfs_client is _enable'd
   from statd and lockd. This was always overkill, and prevented using
   the {one|force}start options, as well as stop'ing on the command line.
6. The yp* scripts had some of their arguments in various weird orders.
   Bring them into line with the model.
7. If mountd fails to create /var/db/mountdtab, err out.

Ideas, suggestions, and/or review from delphij and jilles.
Pointy hats are completely my responsibility however.
2012-02-14 10:51:24 +00:00
Doug Barton
72fc1aafe2 If we're booting there is no need to waste time determining if the service
is running or not.

PR:		conf/150752
Submitted by:	YIN Xiaofeng <75394094@qq.com>
2012-01-20 10:31:27 +00:00
Doug Barton
61d4638e52 Now that its callers have been udpated, remove set_rcvar().
The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.
2012-01-14 08:59:02 +00:00
Eygene Ryabinkin
0113cca483 rc.d: document 'quiet' prefix and fix dhclient/devd interaction
Document the current semantics of the 'quiet' command prefix
in the rc.subr(8).

Fix dhclient rc.d script: it should not call err() for
non-DHCP-enabled interface when it is called from devd, because the
latter just blindly calls 'service dhclient quietstart' on each "link
up" event.

Since the 'quietstart' will silence the message "Cannot 'start' <foo>.
Set <foo>_enable to YES in /etc/rc.conf or use 'onestart' instead of
'start'." and running dhclient on the non-DHCP-enabled interface is
the same thing as running the service <foo> without <foo>_enable set,
such modification is in sync with the current semantics of the 'quiet'
prefix.

Approved by: glebius
Reviewed by: freebsd-rc list
MFC after:	2 weeks
2012-01-12 06:48:11 +00:00
Doug Barton
a194b02d88 There is no longer a need to abstract ${rcvar_manpage} as we are not
attempting to maintain compatibility with NetBSD for some years now.
2012-01-08 20:25:29 +00:00
Ulrich Spörlein
081dc98788 Spelling fixes for etc/ 2012-01-07 16:10:32 +00:00
Jilles Tjoelker
e60150fafa rc.d: Eliminate some unnecessary non-POSIX constructs:
* set - ...
 * empty braces
 * ^ in character class
2011-11-08 23:02:32 +00:00
Jilles Tjoelker
1cbcfc538b rc.subr: Make sure all functions are under if [ -z "${_rc_subr_loaded}" ]. 2011-06-19 15:23:32 +00:00
Jilles Tjoelker
5062455134 rc.subr: Eliminate a fork from check_kern_features, like r223227.
MFC after:	2 weeks
2011-06-19 11:42:48 +00:00
Jilles Tjoelker
cfb739b854 rc.subr: Eliminate about 100 forks from the boot sequence.
With the current sh, placing eval in a command substitution always results
in a fork(), even if it is the only command and only executes a single
simple command. Therefore, avoid it where it can be avoided easily.

Side effect: values starting with a hyphen and all whitespace are preserved.
The values are defaults and names for rc.conf variables and messages to be
given about obsolete ones.

MFC after:	2 weeks
2011-06-18 11:05:30 +00:00
Hiroki Sato
d3ae0231fe Add a helper function to check kern.features.* sysctls.
Discussed with:	dougb
2011-06-11 21:40:37 +00:00
Doug Barton
d7c2f00c7c As previously advertised, remove the error message for enable_quotas
prior to 9.0-RELEASE.

This change should not be MFC'ed.
2011-04-23 17:37:14 +00:00
Doug Barton
b1850238b7 Improve the error handling for the new get_pidfile_from_conf() 2011-04-23 05:24:17 +00:00
Doug Barton
8028832653 Introduce to rc.subr get_pidfile_from_conf(). It does just what it sounds
like, determines the path to a pid file as it is specified in a conf file.

Use the new feature for rc.d/named and rc.d/devd, the 2 services in the
base that list their pid files in their conf files.

Remove the now-obsolete named_pidfile, and warn users if they have it set.
2011-04-23 04:26:31 +00:00
Doug Barton
ed52acf61d The change in r206686 to allow the stop argument to work for a service
that is running even though not _enable'd had an annoying side effect.
If the service was already started at boot time by another means when
the related script came around again in rcorder it would start again,
regardless of _enable, because there was a valid pid. [1]

So, split the test into 2 parts, one for (!rcvar && !stop), and one
for (stop && !valid_pid). This preserves the behavior from r206686
while preventing the undesired side effect.

PR:		conf/156427 [1]
Submitted by:	Eugene Grosbein <eugen@grosbein.pp.ru> [1]
2011-04-17 22:31:36 +00:00
Doug Barton
a3b50b5603 Revert r219578 2011-03-13 16:27:36 +00:00
Doug Barton
e729c4f2fd Use the allexport option in load_rc_config() in order to avoid having
to repeatedly read the conf files. Depending on what is enabled the
files are being read anywhere from 15, 30, or more times currently.
By loading the values in the environment this is reduced to 1, with
perhaps a couple more, again depending on what is enabled.

The speed-up for boot and shutdown is negligible when rc.conf is
on local disk, noticable when accessing files over NFS, and dramatic
when pulling rc.conf values from a database.

This change also includes a minor optimization to the conditional
for $_rc_conf_loaded.
2011-03-12 21:13:08 +00:00
Jaakko Heinonen
8ef92ea65e Warn if rules could not be read from a ruleset file. Now at least
something gets logged if the file has syntax errors.

PR:		conf/91342
Silence on:	freebsd-rc
2011-01-07 10:59:22 +00:00
Doug Barton
15539a8a80 Fix silly typo on my part (s/quotas_enable/quota_enable/)
Submitted by:	ed
2010-08-14 22:28:07 +00:00
Doug Barton
a7112b557f Give people some warning before removing enable_quotas 2010-08-14 18:58:05 +00:00