[1/1] package/restorecond: Fix restorecond init script.
diff mbox series

Message ID 20200204100942.421804-1-aduskett@gmail.com
State Changes Requested
Headers show
Series
  • [1/1] package/restorecond: Fix restorecond init script.
Related show

Commit Message

Adam Duskett Feb. 4, 2020, 10:09 a.m. UTC
The current restorecond init script has several issues which prevent
it from starting:

  - Busybox ash will error at "test $EUID = 0  || exit 4" with the error
    "sh: 0: unknown operand"

  - start-stop-daemon is not used
  - Failures happen silently.

Add our own S20restorecond to the package file and use that instead.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/restorecond/S20restorecond | 45 ++++++++++++++++++++++++++++++
 package/restorecond/restorecond.mk |  2 +-
 2 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 package/restorecond/S20restorecond

Comments

Thomas Petazzoni Feb. 20, 2020, 6:15 p.m. UTC | #1
Hello,

On Tue,  4 Feb 2020 02:09:42 -0800
Adam Duskett <aduskett@gmail.com> wrote:

> diff --git a/package/restorecond/S20restorecond b/package/restorecond/S20restorecond
> new file mode 100644
> index 0000000000..1abf678177
> --- /dev/null
> +++ b/package/restorecond/S20restorecond

This script needs to be rewritten to follow the coding style / best
practices of package/busybox/S01syslogd, which is our reference init
script.

> @@ -0,0 +1,45 @@
> +#!/bin/sh
> +RESTORECOND=/usr/sbin/restorecond
> +PIDFILE=/run/restorecond.pid
> +if [ -x /usr/sbin/selinuxenabled ]; then

Do we need to check if it's available ? Isn't selinuxenabled one of the
dependencies of this package anyway ?

> +  if ! /usr/sbin/selinuxenabled; then
> +    echo "Selinux is not enabled!"
> +    exit 7

Why 7 ?

> +  fi
> +fi
> +
> +# Check that we are root ... so non-root users stop here
> +if [ $EUID != 0 ]; then
> +  echo "Restorecond must be ran as root!"

Useless, init scripts in Buildroot are executed as root.

> +  exit 4
> +fi
> +
> +test -x /usr/sbin/restorecond  || exit 5
> +test -f /etc/selinux/restorecond.conf  || exit 6

Please drop these checks as well.

> +
> +case "$1" in
> +  start)
> +    echo "Starting restorecond..."
> +    unset HOME MAIL USER USERNAME
> +    start-stop-daemon -S -x "${RESTORECOND}" -p "${PIDFILE}"
> +  ;;
> +  stop)
> +  echo "Stopping restorecond..."
> +  start-stop-daemon -K -x "${RESTORECOND}" -p "${PIDFILE}" -o
> +  ;;
> +  reload|force-reload)
> +  echo "Reloading restorecond..."
> +  restart
> +  ;;
> +  restart)
> +  stop
> +  start

Follow the coding style of package/busybox/S01syslogd here.

> +  condrestart)
> +  [ -e /var/lock/subsys/restorecond ] && restart

We don't have any condrestart target in any other script.

Best regards,

Thomas

Patch
diff mbox series

diff --git a/package/restorecond/S20restorecond b/package/restorecond/S20restorecond
new file mode 100644
index 0000000000..1abf678177
--- /dev/null
+++ b/package/restorecond/S20restorecond
@@ -0,0 +1,45 @@ 
+#!/bin/sh
+RESTORECOND=/usr/sbin/restorecond
+PIDFILE=/run/restorecond.pid
+if [ -x /usr/sbin/selinuxenabled ]; then
+  if ! /usr/sbin/selinuxenabled; then
+    echo "Selinux is not enabled!"
+    exit 7
+  fi
+fi
+
+# Check that we are root ... so non-root users stop here
+if [ $EUID != 0 ]; then
+  echo "Restorecond must be ran as root!"
+  exit 4
+fi
+
+test -x /usr/sbin/restorecond  || exit 5
+test -f /etc/selinux/restorecond.conf  || exit 6
+
+case "$1" in
+  start)
+    echo "Starting restorecond..."
+    unset HOME MAIL USER USERNAME
+    start-stop-daemon -S -x "${RESTORECOND}" -p "${PIDFILE}"
+  ;;
+  stop)
+  echo "Stopping restorecond..."
+  start-stop-daemon -K -x "${RESTORECOND}" -p "${PIDFILE}" -o
+  ;;
+  reload|force-reload)
+  echo "Reloading restorecond..."
+  restart
+  ;;
+  restart)
+  stop
+  start
+  ;;
+  condrestart)
+  [ -e /var/lock/subsys/restorecond ] && restart
+  ;;
+  *)
+  echo "Usage: $0 {start|stop|restart|reload|force-reload|condrestart}"
+  exit 3
+  ;;
+esac
diff --git a/package/restorecond/restorecond.mk b/package/restorecond/restorecond.mk
index c519b5de2b..cb4859c2d0 100644
--- a/package/restorecond/restorecond.mk
+++ b/package/restorecond/restorecond.mk
@@ -27,7 +27,7 @@  define RESTORECOND_BUILD_CMDS
 endef
 
 define RESTORECOND_INSTALL_INIT_SYSV
-	$(INSTALL) -m 0755 -D $(@D)/restorecond.init \
+	$(INSTALL) -m 0755 -D $(RESTORECOND_PKGDIR)/S20restorecond \
 		$(TARGET_DIR)/etc/init.d/S20restorecond
 endef