search for: run_init

Displaying 20 results from an estimated 24 matches for "run_init".

2016 Jan 17
1
[PATCH klibc] run-init: Add dry-run mode
...39;c') { console = optarg; } else if (o == 'd') { drop_caps = optarg; + } else if (o == 'n') { + dry_run = true; } else { usage(); } @@ -89,9 +93,13 @@ int main(int argc, char *argv[]) init = argv[optind + 1]; initargs = argv + optind + 1; - error = run_init(realroot, console, drop_caps, init, initargs); + error = run_init(realroot, console, drop_caps, dry_run, init, initargs); - /* If run_init returns, something went wrong */ - fprintf(stderr, "%s: %s: %s\n", program, error, strerror(errno)); - return 1; + if (error) { + fprintf(stderr, &...
2012 May 04
2
[PATCH] run-init: add drop_capabilities support
...; do_mounts(cmdc, cmdv); - drop_capabilities(get_arg(cmdc, cmdv, "drop_capabilities=")); - if (mnt_procfs) { umount2("/proc", 0); mnt_procfs = 0; @@ -305,7 +303,9 @@ int main(int argc, char *argv[]) init_argv[0] = strrchr(init_path, '/') + 1; - errmsg = run_init("/root", "/dev/console", init_path, init_argv); + errmsg = run_init("/root", "/dev/console", + get_arg(cmdc, cmdv, "drop_capabilities="), + init_path, init_argv); /* If run_init returned, something went bad */ fprintf(stderr, "%s:...
2019 Apr 18
1
[PATCH] Allow the initramfs to be persisted across root changes
....8ee76734 --- /dev/null +++ b/debian/patches/run-init-allow-initramfs-persist @@ -0,0 +1,131 @@ +diff --git a/usr/kinit/kinit.c b/usr/kinit/kinit.c +index de03c2d3..28d29534 100644 +--- a/usr/kinit/kinit.c ++++ b/usr/kinit/kinit.c +@@ -305,7 +305,7 @@ int main(int argc, char *argv[]) + + errmsg = run_init("/root", "/dev/console", + get_arg(cmdc, cmdv, "drop_capabilities="), false, +- init_path, init_argv); ++ false, init_path, init_argv); + + /* If run_init returned, something went bad */ + fprintf(stderr, "%s: %s: %s\n", progname, errmsg, stre...
2019 Apr 18
0
[PATCH] Allow the initramfs to be persisted across root changes
...r/kinit/run-init/runinitlib.c | 14 ++++++++------ 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/usr/kinit/kinit.c b/usr/kinit/kinit.c index de03c2d3..28d29534 100644 --- a/usr/kinit/kinit.c +++ b/usr/kinit/kinit.c @@ -305,7 +305,7 @@ int main(int argc, char *argv[]) errmsg = run_init("/root", "/dev/console", get_arg(cmdc, cmdv, "drop_capabilities="), false, - init_path, init_argv); + false, init_path, init_argv); /* If run_init returned, something went bad */ fprintf(stderr, "%s: %s: %s\n", progname, errmsg, strerror(e...
2019 Apr 28
0
[klibc:master] run-init: Allow the initramfs to be persisted across root changes
...r/kinit/run-init/runinitlib.c | 14 ++++++++------ 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/usr/kinit/kinit.c b/usr/kinit/kinit.c index de03c2d3..28d29534 100644 --- a/usr/kinit/kinit.c +++ b/usr/kinit/kinit.c @@ -305,7 +305,7 @@ int main(int argc, char *argv[]) errmsg = run_init("/root", "/dev/console", get_arg(cmdc, cmdv, "drop_capabilities="), false, - init_path, init_argv); + false, init_path, init_argv); /* If run_init returned, something went bad */ fprintf(stderr, "%s: %s: %s\n", progname, errmsg, strerror(e...
2019 Jan 18
0
[klibc:master] run-init: Add dry-run mode
...files changed, 57 insertions(+), 29 deletions(-) diff --git a/usr/kinit/kinit.c b/usr/kinit/kinit.c index 523c92b..de03c2d 100644 --- a/usr/kinit/kinit.c +++ b/usr/kinit/kinit.c @@ -304,7 +304,7 @@ int main(int argc, char *argv[]) init_argv[0] = strrchr(init_path, '/') + 1; errmsg = run_init("/root", "/dev/console", - get_arg(cmdc, cmdv, "drop_capabilities="), + get_arg(cmdc, cmdv, "drop_capabilities="), false, init_path, init_argv); /* If run_init returned, something went bad */ diff --git a/usr/kinit/run-init/run-init.c b/usr/...
2011 Jul 19
4
[PATCH v1 0/2] Support dropping of capabilities from early userspace.
This patchset applies to klibc mainline. As is it will probably collide with Maximilian's recent patch to rename run-init to switch_root posted last week. To boot an untrusted environment with certain capabilities locked out, we'd like to be able to drop the capabilities up front from early userspace, before we actually transition onto the root volume. This patchset implements this by
2017 Dec 31
4
[PATCH klibc 0/4] Fixes from Debian and Ubuntu
The following patches come from Debian and/or Ubuntu packages of klibc. Ben. Ben Hutchings (1): [klibc] run-init: Add dry-run mode Jay Vosburgh (1): [klibc] ipconfig: Use separate sockets for DHCP from multiple interfaces Mathieu Trudel-Lapierre (1): [klibc] ipconfig: Set broadcast when sending DHCPREQUEST and DHCPDISCOVER YunQiang Su (1): [klibc] mips: setjmp.S: don't
2015 Nov 08
2
After reboot of web-server accessing website shows "Forbidden", restarting httpd all is fine
...6:30 PM, Jobst Schmalenbach wrote: > >What troubles me that a simple restart of the daemon fixes everything but it does not come up on reboot. > > Running the service script manually may not give you the same > selinux context as on boot. Services should be started using > "run_init" to ensure they get the correct context. How long has this been the case? I have never heard of this before, it seems a very well-kept secret! > > I think this is legitimately the most confusing aspect of SELinux, > and it's one of the things that systemd fixed properly. -- -...
2015 Nov 09
0
After reboot of web-server accessing website shows "Forbidden", restarting httpd all is fine
...hmalenbach wrote: >>>What troubles me that a simple restart of the daemon fixes everything but it does not come up on reboot. >> >>Running the service script manually may not give you the same >>selinux context as on boot. Services should be started using >>"run_init" to ensure they get the correct context. Yet it isn't really documented anywhere that you can or should use it, certainly not in the RHEL Administration or SELinux documentation, not even as a footnote. Only in a few bug reports and errata notices can you even find mention of the comm...
2005 Aug 09
6
initramfs howto
...try to start /init. This is the only file the initramfs actually _needs_. Everything else is optional, depending on what you want the initramfs to do. Typically you would want /init to be a shellscript which mounts the root and other filesystems, loads modules and then starts the regular init via run_init; all of which can be done with programs included in the klibc package. However it is also possible to run an installation program or a firewall from an initramfs and never mount any disk filesystems. If you want more functionality in your initramfs than the utilities that come with klibc provide,...
2015 Nov 07
5
After reboot of web-server accessing website shows "Forbidden", restarting httpd all is fine
Hi. I am stuck with this one and I do not know where and how to search for this problem nor do I know how to fix it. When I reboot one of our servers (CentOS 6.7, selinux target, yum fully updated) the http server loads fine (no erros) but when accessing one of the server's websites it displays "Forbidden", restarting the httpd server (command line) will give full access and all is
2011 Jul 13
9
[PATCH 0/8] switch_root() enhancements
On a train ride to Bruxelles, brought out my axe and directly attacked run_init(8). run_init(8) is dead, long live switch_root(8). The next run on switch_root(8) involves fdopendir, so another push for the upcoming stdio 1.6 branch. The following is boot tested with initramfs-tools, kinit(8) tests would very much be appreciated!? Michal Suchanek (1): [klibc] switch_root:...
2015 Nov 07
0
After reboot of web-server accessing website shows "Forbidden", restarting httpd all is fine
On 11/06/2015 06:30 PM, Jobst Schmalenbach wrote: > What troubles me that a simple restart of the daemon fixes everything but it does not come up on reboot. Running the service script manually may not give you the same selinux context as on boot. Services should be started using "run_init" to ensure they get the correct context. I think this is legitimately the most confusing aspect of SELinux, and it's one of the things that systemd fixed properly.
2004 Jun 08
2
klibc-0.130: s390, run-init
OK, I have just pushed out klibc-0.130; it significantly updates the run-init program (again... PLEASE TEST IN A SAFE ENVIRONMENT) based on, but not identical to, Alexander's suggestions; it also adds s390/x patches from Arnd Bergmann. -hpa
2011 Jul 29
3
[PATCH 1/3] klibc: Add scandir() and alphasort() support.
Add support for scandir() and alphasort() as defined in POSIX.1-2008. Signed-off-by: Mike Waychison <mikew at google.com> --- usr/include/dirent.h | 7 +++++ usr/klibc/Kbuild | 2 + usr/klibc/scandir.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 1 deletions(-) create mode 100644 usr/klibc/scandir.c diff --git
2014 Jun 07
0
Multitenancy with Rails and rspec
...s/2.0.0/gems/railties-4.0.5/lib/rails/initializable.rb:30:in `instance_exec' from C:/Ruby200/lib/ruby/gems/2.0.0/gems/railties-4.0.5/lib/rails/initializable.rb:30:in `run' from C:/Ruby200/lib/ruby/gems/2.0.0/gems/railties-4.0.5/lib/rails/initializable.rb:55:in `block in run_init ializers' from C:/Ruby200/lib/ruby/2.0.0/tsort.rb:150:in `block in tsort_each' from C:/Ruby200/lib/ruby/2.0.0/tsort.rb:183:in `block (2 levels) in each_strongly_connected_component' from C:/Ruby200/lib/ruby/2.0.0/tsort.rb:210:in `block (2 levels) in each_strong...
2012 Oct 09
8
Service Resources and Selinux
Hi list, I''ve got an issue at the moment, which isn''t really a big problem, but an untidy annoyance really, and I''d just like to understand what the best practice might be when dealing with the issue. As a really quick summary, the issue is that Puppet is starting up the mysqld service for the first time as unconfined_u, and then when MySQL goes and creates a load
2011 Aug 03
2
[PATCH v3 0/2] Support drop directories directly from kinit
...take any flags). This patchset then introduces two different drop directories, though this is of course subject to change and these are only presented in an effort to put an example forward. I currently only have a requirement to run stuff between the time we call do_mounts() and the time we call run_init(). These are the directories: /scripts/after-network: ipconfig is completed, but the root filesystem isn't yet mounted. /scripts/after-mount: the root filesystem has just been mounted at /root. I believe this would help both our use-case (where we'd like t...
2010 Aug 25
0
[patch] ipconfig fixes + run-init nit
...iacaerospace.com> Signed-off-by: maximilian attems <max at stro.at> diff --git a/usr/kinit/run-init/runinitlib.c b/usr/kinit/run-init/runinitlib.c index 423637e..50baa3d 100644 --- a/usr/kinit/run-init/runinitlib.c +++ b/usr/kinit/run-init/runinitlib.c @@ -176,10 +176,6 @@ const char *run_init(const char *realroot, const char *console, if (rst.st_dev == cst.st_dev) return "current directory on the same filesystem as the root"; - /* The initramfs should have /init */ - if (stat("/init", &ist) || !S_ISREG(ist.st_mode)) - return "can't find /init on...