Re: [Buildroot] [PATCH] package/restorecond: Add new init script

[Thomas Petazzoni <thomas.petazzoni@bootlin.com>]

Hello José,

On Mon,  9 Aug 2021 08:55:57 +0300
José Pekkarinen <jose.pekkarinen@unikie.com> wrote:

> The current restorecond upstream init script is no
> good fit for the user space generated by buildroot,
> this script is an extension of the original, that
> brings some changes from the debian init script to
> use start-stop-daemon instead of daemon, while
> removing dependencies on /etc/rc.d/init.d/functions
> and /lib/lsb/init-functions.
> 
> Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>

Thanks a lot, but unfortunately your proposed script still doesn't
follow the model/template of package/busybox/S01syslogd. Could you try
to follow the template as closely as possible ?

> diff --git a/package/restorecond/S02restorecond b/package/restorecond/S02restorecond
> new file mode 100644
> index 0000000000..24ee30853f
> --- /dev/null
> +++ b/package/restorecond/S02restorecond
> @@ -0,0 +1,113 @@
> +#!/bin/sh
> +#
> +# restorecond:		Daemon used to maintain path file context
> +#
> +# chkconfig:	- 12 87
> +# description:	restorecond uses inotify to look for creation of new files \
> +# listed in the /etc/selinux/restorecond.conf file, and restores the \
> +# correct security context.
> +#
> +# processname: /usr/sbin/restorecond
> +# config: /etc/selinux/restorecond.conf
> +# pidfile: /run/restorecond.pid
> +#
> +# Return values according to LSB for all commands but status:
> +# 0 - success
> +# 1 - generic or unspecified error
> +# 2 - invalid or excess argument(s)
> +# 3 - unimplemented feature (e.g. "reload")
> +# 4 - insufficient privilege
> +# 5 - program is not installed
> +# 6 - program is not configured
> +# 7 - program is not running

We don't care about all those comments.

> +PATH=/sbin:/bin:/usr/bin:/usr/sbin
> +DESC="SELinux file context maintaining daemon"

These variables are not needed.

> +NAME=restorecond
> +DAEMON=/usr/sbin/$NAME
> +DAEMON_ARGS=""
> +PIDFILE=/var/run/$NAME.pid
> +LOCKFILE=/var/run/$NAME.pid
> +SCRIPTNAME=/etc/init.d/$NAME
> +
> +[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7

We don't care about this either.

> +# Check that we are root ... so non-root users stop here
> +test $EUID = 0  || exit 4

Same.

> +test -x /usr/sbin/restorecond  || exit 5
> +test -f /etc/selinux/restorecond.conf  || exit 6

Same.

> +
> +RETVAL=0
> +
> +start()
> +{
> +	# Return
> +	#   0 if daemon has been started
> +	#   1 if daemon was already running
> +	#   2 if daemon could not be started
> +	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
> +		|| return 1

Don't test.

> +	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
> +		$DAEMON_ARGS \
> +		|| return 2

Please see S01syslogd on how to do this.

> +stop()
> +{
> +	# Return
> +	#   0 if daemon has been stopped
> +	#   1 if daemon was already stopped
> +	#   2 if daemon could not be stopped
> +	#   other if a failure occurred
> +	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
> +	RETVAL="$?"
> +	[ "$RETVAL" = 2 ] && return 2
> +
> +	rm -f $PIDFILE
> +	rm -f $LOCKFILE
> +	return "$RETVAL"

Please do like S01syslogd.

Thanks a lot!

Thomas
-- 
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot