diff options
-rw-r--r-- | lib/src/rdsvc.c | 40 | ||||
-rw-r--r-- | services/loopback.in | 6 | ||||
-rw-r--r-- | services/procfs.in | 6 | ||||
-rw-r--r-- | services/sigterm.in | 7 | ||||
-rw-r--r-- | services/sysfs.in | 12 | ||||
-rw-r--r-- | services/tmpfsrun.in | 10 | ||||
-rw-r--r-- | services/tmpfsvar.in | 14 |
7 files changed, 66 insertions, 29 deletions
diff --git a/lib/src/rdsvc.c b/lib/src/rdsvc.c index 2b09c3f..1f859b7 100644 --- a/lib/src/rdsvc.c +++ b/lib/src/rdsvc.c @@ -202,15 +202,17 @@ static int svc_target(service_t *svc, char *arg, rdline_t *rd) static const struct svc_param { const char *key; + unsigned int allow_block : 1; + int (*handle)(service_t *svc, char *arg, rdline_t *rd); } svc_params[] = { - { "description", svc_desc }, - { "exec", svc_exec }, - { "type", svc_type }, - { "target", svc_target }, - { "tty", svc_tty }, - { "before", svc_before }, - { "after", svc_after }, + { "description", 0, svc_desc }, + { "exec", 1, svc_exec }, + { "type", 0, svc_type }, + { "target", 0, svc_target }, + { "tty", 0, svc_tty }, + { "before", 0, svc_before }, + { "after", 0, svc_after }, }; static int splitkv(rdline_t *rd, char **k, char **v) @@ -297,8 +299,27 @@ service_t *rdsvc(int dirfd, const char *filename) if (p == NULL) goto fail; - if (p->handle(svc, value, &rd)) + if (p->allow_block && *value == '{') { + for (++value; *value == ' '; ++value) + ; + if (*value != '\0' && p->handle(svc, value, &rd)) + goto fail; + + while ((ret = rdline(&rd)) == 0) { + if (strcmp(rd.buffer, "}") == 0) + break; + + if (p->handle(svc, rd.buffer, &rd)) + goto fail; + } + + if (ret < 0) + goto fail; + if (ret > 0) + goto fail_bra; + } else if (p->handle(svc, value, &rd)) { goto fail; + } } if (ret < 0) @@ -306,6 +327,9 @@ service_t *rdsvc(int dirfd, const char *filename) close(fd); return svc; +fail_bra: + fprintf(stderr, "%s: missing '}' before end-of-file\n", filename); + goto fail; fail_oom: fputs("out of memory\n", stderr); fail: diff --git a/services/loopback.in b/services/loopback.in index f76bd42..9e41ae1 100644 --- a/services/loopback.in +++ b/services/loopback.in @@ -4,5 +4,7 @@ target boot before sysinit after hwclock hostname vfs -exec "@SBINPATH@/ip" addr add 127.0.0.1/8 dev lo brd + -exec "@SBINPATH@/ip" link set lo up +exec { + "@SBINPATH@/ip" addr add 127.0.0.1/8 dev lo brd + + "@SBINPATH@/ip" link set lo up +} diff --git a/services/procfs.in b/services/procfs.in index 76d479f..9124792 100644 --- a/services/procfs.in +++ b/services/procfs.in @@ -3,5 +3,7 @@ type wait target boot before vfs -exec "@SBINPATH@/mount" -t proc proc /proc -exec "@SCRIPTDIR@/trymount.sh" "/proc/sys/fs/binfmt_misc" "binfmt_misc" "nodev,noexec,nosuid" +exec { + "@SBINPATH@/mount" -t proc proc /proc + "@SCRIPTDIR@/trymount.sh" /proc/sys/fs/binfmt_misc binfmt_misc nodev,noexec,nosuid +} diff --git a/services/sigterm.in b/services/sigterm.in index 45dda0e..cb408f2 100644 --- a/services/sigterm.in +++ b/services/sigterm.in @@ -1,6 +1,9 @@ description send SIGTERM to all processes -exec "@SCRIPTDIR@/killall5" 15 -exec "@BINPATH@/sleep" 5 type wait target %0 before sigkill sync reboot shutdown + +exec { + "@SCRIPTDIR@/killall5" 15 + "@BINPATH@/sleep" 5 +} diff --git a/services/sysfs.in b/services/sysfs.in index 4c0f6ce..21938fb 100644 --- a/services/sysfs.in +++ b/services/sysfs.in @@ -4,8 +4,10 @@ target boot after procfs before vfs -exec "@SBINPATH@/mount" -t sysfs sysfs /sys -exec "@SCRIPTDIR@/trymount.sh" "/sys/kernel/security" "securityfs" "nodev,noexec,nosuid" -exec "@SCRIPTDIR@/trymount.sh" "/sys/kernel/config" "configfs" "nodev,noexec,nosuid" -exec "@SCRIPTDIR@/trymount.sh" "/sys/fs/fuse/connections" "fusectl" "nodev,noexec,nosuid" -exec "@SCRIPTDIR@/trymount.sh" "/sys/firmware/efi/efivars" "efivarfs" "ro" +exec { + "@SBINPATH@/mount" -t sysfs sysfs /sys + "@SCRIPTDIR@/trymount.sh" /sys/kernel/security securityfs nodev,noexec,nosuid + "@SCRIPTDIR@/trymount.sh" /sys/kernel/config configfs nodev,noexec,nosuid + "@SCRIPTDIR@/trymount.sh" /sys/fs/fuse/connections fusectl nodev,noexec,nosuid + "@SCRIPTDIR@/trymount.sh" /sys/firmware/efi/efivars efivarfs ro +} diff --git a/services/tmpfsrun.in b/services/tmpfsrun.in index c34eccb..c88a914 100644 --- a/services/tmpfsrun.in +++ b/services/tmpfsrun.in @@ -3,7 +3,9 @@ type wait target boot before vfs after tmpfsvar -exec "@SBINPATH@/mount" -t tmpfs none /run -exec "@BINPATH@/mkdir" /run/lock -m 0755 -exec "@BINPATH@/ln" -s /run /var/run -exec "@BINPATH@/ln" -s /run/lock /var/lock +exec { + "@SBINPATH@/mount" -t tmpfs none /run + "@BINPATH@/mkdir" /run/lock -m 0755 + "@BINPATH@/ln" -s /run /var/run + "@BINPATH@/ln" -s /run/lock /var/lock +} diff --git a/services/tmpfsvar.in b/services/tmpfsvar.in index 7942286..be7e563 100644 --- a/services/tmpfsvar.in +++ b/services/tmpfsvar.in @@ -2,9 +2,11 @@ description "mount /var" type wait target boot before vfs -exec "@SBINPATH@/mount" -t tmpfs none /var -exec "@BINPATH@/mkdir" /var/log -m 0755 -exec "@BINPATH@/mkdir" /var/spool -m 0755 -exec "@BINPATH@/mkdir" /var/lib -m 0755 -exec "@BINPATH@/mkdir" /var/tmp -m 0755 -exec "@SCRIPTDIR@/overlay.sh" var_lib /var/lib +exec { + "@SBINPATH@/mount" -t tmpfs none /var + "@BINPATH@/mkdir" /var/log -m 0755 + "@BINPATH@/mkdir" /var/spool -m 0755 + "@BINPATH@/mkdir" /var/lib -m 0755 + "@BINPATH@/mkdir" /var/tmp -m 0755 + "@SCRIPTDIR@/overlay.sh" var_lib /var/lib +} |