Patches to allow one to allow one to specify a directory to chroot to.
This includes support for running a script to setup that directory. The kenv variables init_chroot and init_script control this behavior, and are documented in loader(8) that's about to be committed (along with the other variables like init_path...). Submitted by: Oliver Fromme Reviewed by: myself, jhb (earlier versions)
This commit is contained in:
parent
9f1eaf60b8
commit
25c9a05e1c
202
sbin/init/init.c
202
sbin/init/init.c
@ -55,6 +55,7 @@ static const char rcsid[] =
|
||||
#include <db.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <kenv.h>
|
||||
#include <libutil.h>
|
||||
#include <paths.h>
|
||||
#include <signal.h>
|
||||
@ -121,6 +122,8 @@ state_func_t clean_ttys(void);
|
||||
state_func_t catatonia(void);
|
||||
state_func_t death(void);
|
||||
|
||||
state_func_t run_script(const char *);
|
||||
|
||||
enum { AUTOBOOT, FASTBOOT } runcom_mode = AUTOBOOT;
|
||||
#define FALSE 0
|
||||
#define TRUE 1
|
||||
@ -131,9 +134,11 @@ int howto = RB_AUTOBOOT;
|
||||
int devfs;
|
||||
|
||||
void transition(state_t);
|
||||
state_t requested_transition = runcom;
|
||||
state_t requested_transition;
|
||||
|
||||
void setctty(const char *);
|
||||
const char *get_shell(void);
|
||||
void write_stderr(const char *message);
|
||||
|
||||
typedef struct init_session {
|
||||
int se_index; /* index of entry in ttys file */
|
||||
@ -187,6 +192,8 @@ DB *session_db;
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
state_t initial_transition = runcom;
|
||||
char kenv_value[PATH_MAX];
|
||||
int c;
|
||||
struct sigaction sa;
|
||||
sigset_t mask;
|
||||
@ -262,7 +269,7 @@ main(int argc, char *argv[])
|
||||
devfs = 1;
|
||||
break;
|
||||
case 's':
|
||||
requested_transition = single_user;
|
||||
initial_transition = single_user;
|
||||
break;
|
||||
case 'f':
|
||||
runcom_mode = FASTBOOT;
|
||||
@ -275,6 +282,63 @@ main(int argc, char *argv[])
|
||||
if (optind != argc)
|
||||
warning("ignoring excess arguments");
|
||||
|
||||
/*
|
||||
* We catch or block signals rather than ignore them,
|
||||
* so that they get reset on exec.
|
||||
*/
|
||||
handle(badsys, SIGSYS, 0);
|
||||
handle(disaster, SIGABRT, SIGFPE, SIGILL, SIGSEGV,
|
||||
SIGBUS, SIGXCPU, SIGXFSZ, 0);
|
||||
handle(transition_handler, SIGHUP, SIGINT, SIGTERM, SIGTSTP,
|
||||
SIGUSR1, SIGUSR2, 0);
|
||||
handle(alrm_handler, SIGALRM, 0);
|
||||
sigfillset(&mask);
|
||||
delset(&mask, SIGABRT, SIGFPE, SIGILL, SIGSEGV, SIGBUS, SIGSYS,
|
||||
SIGXCPU, SIGXFSZ, SIGHUP, SIGINT, SIGTERM, SIGTSTP, SIGALRM,
|
||||
SIGUSR1, SIGUSR2, 0);
|
||||
sigprocmask(SIG_SETMASK, &mask, (sigset_t *) 0);
|
||||
sigemptyset(&sa.sa_mask);
|
||||
sa.sa_flags = 0;
|
||||
sa.sa_handler = SIG_IGN;
|
||||
(void) sigaction(SIGTTIN, &sa, (struct sigaction *)0);
|
||||
(void) sigaction(SIGTTOU, &sa, (struct sigaction *)0);
|
||||
|
||||
/*
|
||||
* Paranoia.
|
||||
*/
|
||||
close(0);
|
||||
close(1);
|
||||
close(2);
|
||||
|
||||
if (kenv(KENV_GET, "init_script", kenv_value, sizeof(kenv_value)) > 0) {
|
||||
state_func_t next_transition;
|
||||
|
||||
if ((next_transition = run_script(kenv_value)) != 0)
|
||||
initial_transition = (state_t) next_transition;
|
||||
}
|
||||
|
||||
if (kenv(KENV_GET, "init_chroot", kenv_value, sizeof(kenv_value)) > 0) {
|
||||
if (chdir(kenv_value) != 0 || chroot(".") != 0)
|
||||
warning("Can't chroot to %s: %m", kenv_value);
|
||||
}
|
||||
|
||||
/*
|
||||
* Additional check if devfs needs to be mounted:
|
||||
* If "/" and "/dev" have the same device number,
|
||||
* then it hasn't been mounted yet.
|
||||
*/
|
||||
if (!devfs) {
|
||||
struct stat stst;
|
||||
dev_t root_devno;
|
||||
|
||||
stat("/", &stst);
|
||||
root_devno = stst.st_dev;
|
||||
if (stat("/dev", &stst) != 0)
|
||||
warning("Can't stat /dev: %m");
|
||||
else if (stst.st_dev == root_devno)
|
||||
devfs++;
|
||||
}
|
||||
|
||||
if (devfs) {
|
||||
struct iovec iov[4];
|
||||
char *s;
|
||||
@ -311,38 +375,10 @@ main(int argc, char *argv[])
|
||||
free(s);
|
||||
}
|
||||
|
||||
/*
|
||||
* We catch or block signals rather than ignore them,
|
||||
* so that they get reset on exec.
|
||||
*/
|
||||
handle(badsys, SIGSYS, 0);
|
||||
handle(disaster, SIGABRT, SIGFPE, SIGILL, SIGSEGV,
|
||||
SIGBUS, SIGXCPU, SIGXFSZ, 0);
|
||||
handle(transition_handler, SIGHUP, SIGINT, SIGTERM, SIGTSTP,
|
||||
SIGUSR1, SIGUSR2, 0);
|
||||
handle(alrm_handler, SIGALRM, 0);
|
||||
sigfillset(&mask);
|
||||
delset(&mask, SIGABRT, SIGFPE, SIGILL, SIGSEGV, SIGBUS, SIGSYS,
|
||||
SIGXCPU, SIGXFSZ, SIGHUP, SIGINT, SIGTERM, SIGTSTP, SIGALRM,
|
||||
SIGUSR1, SIGUSR2, 0);
|
||||
sigprocmask(SIG_SETMASK, &mask, (sigset_t *) 0);
|
||||
sigemptyset(&sa.sa_mask);
|
||||
sa.sa_flags = 0;
|
||||
sa.sa_handler = SIG_IGN;
|
||||
(void) sigaction(SIGTTIN, &sa, (struct sigaction *)0);
|
||||
(void) sigaction(SIGTTOU, &sa, (struct sigaction *)0);
|
||||
|
||||
/*
|
||||
* Paranoia.
|
||||
*/
|
||||
close(0);
|
||||
close(1);
|
||||
close(2);
|
||||
|
||||
/*
|
||||
* Start the state machine.
|
||||
*/
|
||||
transition(requested_transition);
|
||||
transition(initial_transition);
|
||||
|
||||
/*
|
||||
* Should never reach here.
|
||||
@ -558,6 +594,23 @@ setctty(const char *name)
|
||||
}
|
||||
}
|
||||
|
||||
const char *
|
||||
get_shell(void)
|
||||
{
|
||||
static char kenv_value[PATH_MAX];
|
||||
|
||||
if (kenv(KENV_GET, "init_shell", kenv_value, sizeof(kenv_value)) > 0)
|
||||
return kenv_value;
|
||||
else
|
||||
return _PATH_BSHELL;
|
||||
}
|
||||
|
||||
void
|
||||
write_stderr(const char *message)
|
||||
{
|
||||
write(STDERR_FILENO, message, strlen(message));
|
||||
}
|
||||
|
||||
/*
|
||||
* Bring the system up single user.
|
||||
*/
|
||||
@ -567,7 +620,7 @@ single_user(void)
|
||||
pid_t pid, wpid;
|
||||
int status;
|
||||
sigset_t mask;
|
||||
const char *shell = _PATH_BSHELL;
|
||||
const char *shell;
|
||||
char *argv[2];
|
||||
#ifdef SECURE
|
||||
struct ttyent *typ;
|
||||
@ -589,6 +642,8 @@ single_user(void)
|
||||
_exit(0);
|
||||
}
|
||||
|
||||
shell = get_shell();
|
||||
|
||||
if ((pid = fork()) == 0) {
|
||||
/*
|
||||
* Start the single user session.
|
||||
@ -605,7 +660,7 @@ single_user(void)
|
||||
pp = getpwnam("root");
|
||||
if (typ && (typ->ty_status & TTY_SECURE) == 0 &&
|
||||
pp && *pp->pw_passwd) {
|
||||
write(STDERR_FILENO, banner, sizeof banner - 1);
|
||||
write_stderr(banner);
|
||||
for (;;) {
|
||||
clear = getpass("Password:");
|
||||
if (clear == 0 || *clear == '\0')
|
||||
@ -626,10 +681,10 @@ single_user(void)
|
||||
char *cp = altshell;
|
||||
int num;
|
||||
|
||||
#define SHREQUEST \
|
||||
"Enter full pathname of shell or RETURN for " _PATH_BSHELL ": "
|
||||
(void)write(STDERR_FILENO,
|
||||
SHREQUEST, sizeof(SHREQUEST) - 1);
|
||||
#define SHREQUEST "Enter full pathname of shell or RETURN for "
|
||||
write_stderr(SHREQUEST);
|
||||
write_stderr(shell);
|
||||
write_stderr(": ");
|
||||
while ((num = read(STDIN_FILENO, cp, 1)) != -1 &&
|
||||
num != 0 && *cp != '\n' && cp < &altshell[127])
|
||||
cp++;
|
||||
@ -717,12 +772,36 @@ single_user(void)
|
||||
*/
|
||||
state_func_t
|
||||
runcom(void)
|
||||
{
|
||||
state_func_t next_transition;
|
||||
|
||||
if ((next_transition = run_script(_PATH_RUNCOM)) != 0)
|
||||
return next_transition;
|
||||
|
||||
runcom_mode = AUTOBOOT; /* the default */
|
||||
/* NB: should send a message to the session logger to avoid blocking. */
|
||||
logwtmp("~", "reboot", "");
|
||||
return (state_func_t) read_ttys;
|
||||
}
|
||||
|
||||
/*
|
||||
* Run a shell script.
|
||||
* Returns 0 on success, otherwise the next transition to enter:
|
||||
* - single_user if fork/execv/waitpid failed, or if the script
|
||||
* terminated with a signal or exit code != 0.
|
||||
* - death if a SIGTERM was delivered to init(8).
|
||||
*/
|
||||
state_func_t
|
||||
run_script(const char *script)
|
||||
{
|
||||
pid_t pid, wpid;
|
||||
int status;
|
||||
char *argv[4];
|
||||
const char *shell;
|
||||
struct sigaction sa;
|
||||
|
||||
shell = get_shell();
|
||||
|
||||
if ((pid = fork()) == 0) {
|
||||
sigemptyset(&sa.sa_mask);
|
||||
sa.sa_flags = 0;
|
||||
@ -733,11 +812,10 @@ runcom(void)
|
||||
setctty(_PATH_CONSOLE);
|
||||
|
||||
char _sh[] = "sh";
|
||||
char _path_runcom[] = _PATH_RUNCOM;
|
||||
char _autoboot[] = "autoboot";
|
||||
|
||||
argv[0] = _sh;
|
||||
argv[1] = _path_runcom;
|
||||
argv[1] = __DECONST(char *, script);
|
||||
argv[2] = runcom_mode == AUTOBOOT ? _autoboot : 0;
|
||||
argv[3] = 0;
|
||||
|
||||
@ -746,14 +824,13 @@ runcom(void)
|
||||
#ifdef LOGIN_CAP
|
||||
setprocresources(RESOURCE_RC);
|
||||
#endif
|
||||
execv(_PATH_BSHELL, argv);
|
||||
stall("can't exec %s for %s: %m", _PATH_BSHELL, _PATH_RUNCOM);
|
||||
execv(shell, argv);
|
||||
stall("can't exec %s for %s: %m", shell, script);
|
||||
_exit(1); /* force single user mode */
|
||||
}
|
||||
|
||||
if (pid == -1) {
|
||||
emergency("can't fork for %s on %s: %m",
|
||||
_PATH_BSHELL, _PATH_RUNCOM);
|
||||
emergency("can't fork for %s on %s: %m", shell, script);
|
||||
while (waitpid(-1, (int *) 0, WNOHANG) > 0)
|
||||
continue;
|
||||
sleep(STALL_TIMEOUT);
|
||||
@ -772,13 +849,13 @@ runcom(void)
|
||||
return (state_func_t) death;
|
||||
if (errno == EINTR)
|
||||
continue;
|
||||
warning("wait for %s on %s failed: %m; going to single user mode",
|
||||
_PATH_BSHELL, _PATH_RUNCOM);
|
||||
warning("wait for %s on %s failed: %m; going to "
|
||||
"single user mode", shell, script);
|
||||
return (state_func_t) single_user;
|
||||
}
|
||||
if (wpid == pid && WIFSTOPPED(status)) {
|
||||
warning("init: %s on %s stopped, restarting\n",
|
||||
_PATH_BSHELL, _PATH_RUNCOM);
|
||||
shell, script);
|
||||
kill(pid, SIGCONT);
|
||||
wpid = -1;
|
||||
}
|
||||
@ -795,18 +872,15 @@ runcom(void)
|
||||
}
|
||||
|
||||
if (!WIFEXITED(status)) {
|
||||
warning("%s on %s terminated abnormally, going to single user mode",
|
||||
_PATH_BSHELL, _PATH_RUNCOM);
|
||||
warning("%s on %s terminated abnormally, going to single "
|
||||
"user mode", shell, script);
|
||||
return (state_func_t) single_user;
|
||||
}
|
||||
|
||||
if (WEXITSTATUS(status))
|
||||
return (state_func_t) single_user;
|
||||
|
||||
runcom_mode = AUTOBOOT; /* the default */
|
||||
/* NB: should send a message to the session logger to avoid blocking. */
|
||||
logwtmp("~", "reboot", "");
|
||||
return (state_func_t) read_ttys;
|
||||
return (state_func_t) 0;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1465,6 +1539,7 @@ runshutdown(void)
|
||||
int shutdowntimeout;
|
||||
size_t len;
|
||||
char *argv[4];
|
||||
const char *shell;
|
||||
struct sigaction sa;
|
||||
struct stat sb;
|
||||
|
||||
@ -1477,6 +1552,8 @@ runshutdown(void)
|
||||
if (stat(_PATH_RUNDOWN, &sb) == -1 && errno == ENOENT)
|
||||
return 0;
|
||||
|
||||
shell = get_shell();
|
||||
|
||||
if ((pid = fork()) == 0) {
|
||||
int fd;
|
||||
|
||||
@ -1517,14 +1594,13 @@ runshutdown(void)
|
||||
#ifdef LOGIN_CAP
|
||||
setprocresources(RESOURCE_RC);
|
||||
#endif
|
||||
execv(_PATH_BSHELL, argv);
|
||||
warning("can't exec %s for %s: %m", _PATH_BSHELL, _PATH_RUNDOWN);
|
||||
execv(shell, argv);
|
||||
warning("can't exec %s for %s: %m", shell, _PATH_RUNDOWN);
|
||||
_exit(1); /* force single user mode */
|
||||
}
|
||||
|
||||
if (pid == -1) {
|
||||
emergency("can't fork for %s on %s: %m",
|
||||
_PATH_BSHELL, _PATH_RUNDOWN);
|
||||
emergency("can't fork for %s on %s: %m", shell, _PATH_RUNDOWN);
|
||||
while (waitpid(-1, (int *) 0, WNOHANG) > 0)
|
||||
continue;
|
||||
sleep(STALL_TIMEOUT);
|
||||
@ -1548,20 +1624,20 @@ runshutdown(void)
|
||||
if (clang == 1) {
|
||||
/* we were waiting for the sub-shell */
|
||||
kill(wpid, SIGTERM);
|
||||
warning("timeout expired for %s on %s: %m; going to single user mode",
|
||||
_PATH_BSHELL, _PATH_RUNDOWN);
|
||||
warning("timeout expired for %s on %s: %m; going to "
|
||||
"single user mode", shell, _PATH_RUNDOWN);
|
||||
return -1;
|
||||
}
|
||||
if (wpid == -1) {
|
||||
if (errno == EINTR)
|
||||
continue;
|
||||
warning("wait for %s on %s failed: %m; going to single user mode",
|
||||
_PATH_BSHELL, _PATH_RUNDOWN);
|
||||
warning("wait for %s on %s failed: %m; going to "
|
||||
"single user mode", shell, _PATH_RUNDOWN);
|
||||
return -1;
|
||||
}
|
||||
if (wpid == pid && WIFSTOPPED(status)) {
|
||||
warning("init: %s on %s stopped, restarting\n",
|
||||
_PATH_BSHELL, _PATH_RUNDOWN);
|
||||
shell, _PATH_RUNDOWN);
|
||||
kill(pid, SIGCONT);
|
||||
wpid = -1;
|
||||
}
|
||||
@ -1584,8 +1660,8 @@ runshutdown(void)
|
||||
}
|
||||
|
||||
if (!WIFEXITED(status)) {
|
||||
warning("%s on %s terminated abnormally, going to single user mode",
|
||||
_PATH_BSHELL, _PATH_RUNDOWN);
|
||||
warning("%s on %s terminated abnormally, going to "
|
||||
"single user mode", shell, _PATH_RUNDOWN);
|
||||
return -2;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user