commit d831fbc59756f75beea6217d210d6456ec71bfdd
parent e1bc62ec78acc46e723b0fb86d81f2ce69f4c0c5
Author: Jan Pobříslo <ccx@te2000.cz>
Date: Wed, 19 Oct 2022 19:53:16 +0200
Custom init generator for FreeBSD jails
Diffstat:
8 files changed, 102 insertions(+), 29 deletions(-)
diff --git a/install b/install
@@ -18,51 +18,84 @@ q_all=$(q "$sm_dst_all") || exit $?
q_package=$(q "$sm_dst_package") || exit $?
qc=$q_package/command
-# Generate init
-"$cmd/s6-linux-init-maker" \
- -p "/command:/usr/local/bzr/all/sbin:/usr/local/bzr/all/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" \
- -G "/usr/bin/env TERM=linux /sbin/getty 38400 tty9" \
- -t 1 \
- -f "$src/skel" \
- -c "$dst/init" \
- "$dst/init" || exit $?
-
-# Rewrite dynamically generated scripts
+mkdir -p "$dst/init/scripts" || exit $?
+
+# init {{{1
+"$cmd/s6-cat" >"$dst/init/init" <<EOF || exit $?
+#!$sm_dst_package/execlineb -P
+
+$qc/export PATH "/command:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+$qc/cd /
+$qc/s6-setsid -qb --
+$qc/umask 022
+$qc/if { $qc/s6-echo -n -- "\n* user container init: " }
+$qc/foreground { uname -n }
+$qc/redirfd -r 0 /dev/null
+# TODO: think whether we want jail envdir
+#$qc/s6-envdir -I -- $q_all/init/env
+$qc/if {
+ $q_all/init/scripts/populate-run
+}
+$qc/background
+{
+ $qc/s6-setsid --
+ $qc/fdmove -c 2 1
+ $q_all/init/scripts/rc.init
+}
+$qc/unexport !
+$qc/cd /run/service
+$qc/fdmove -c 2 1
+$qc/fdclose 3 # notification-fd
+$qc/emptyenv -c
+$qc/s6-svscan -t 0
+EOF
+"$cmd/s6-chmod" 755 "$dst/init/init"
+
+# populate-run {{{1
+"$cmd/s6-cat" >"$dst/init/scripts/populate-run" <<EOF || exit $?
+#!$sm_dst_package/command/execlineb -P
+$qc/fdmove -c 2 1
+if { elglob GLOB $(q "$src")/run-image/* cp -va \$GLOB /run }
+EOF
+"$cmd/s6-chmod" 755 "$dst/init/scripts/populate-run" || exit $?
+
+# rc.init {{{1
"$cmd/s6-cat" >"$dst/init/scripts/rc.init" <<EOF || exit $?
#!$sm_dst_package/command/execlineb -S1
-$qc/export TERM "linux"
+$qc/export TERM "screen"
$qc/foreground { $qc/s6-echo "* Starting s6-rc from "$q_all/s6-rc-db }
$qc/if { $qc/s6-rc-init -d -c $q_all/s6-rc-db /run/service }
$q_all/init/scripts/runlevel \$1
EOF
+"$cmd/s6-chmod" 755 "$dst/init/scripts/rc.init" || exit $?
+
+# rc.shutdown {{{1
+"$cmd/s6-cat" >"$dst/init/scripts/rc.shutdown" <<EOF || exit $?
+#!$sm_dst_package/command/execlineb -S1
+$qc/foreground
+{
+ $qc/s6-echo "rc.shutdown called"
+}
+
+# Shut down all services
+if -n { $qc/s6-rc -da change }
+$qc/foreground { $qc/s6-echo "\`s6-rc -da change\` failed" }
+$qc/foreground { sleep 0.5s }
+EOF
+"$cmd/s6-chmod" 755 "$dst/init/scripts/rc.shutdown" || exit $?
+# runlevel {{{1
"$cmd/s6-cat" >"$dst/init/scripts/runlevel" <<EOF || exit $?
#!$sm_dst_package/command/execlineb -S1
export TERM "linux"
# The requested runlevel is in "\$1" but currently ignored.
-# Run the service manager.
-# Call it twice because the first time may spuriously "timeout"
-# due to the clock jumping forward.
-
-$qc/ifelse -X {
- $qc/s6-rc -v 2 -t 600000 -- change ok-all-but-tty
-} {
- # no timeout, start ttys properly
- $qc/foreground { $qc/s6-echo "* System started normally (bundle ok-all-but-tty)" }
- $qc/foreground { sleep 0.3 }
- $qc/foreground { $qc/s6-svc -d /run/service/console-log-tail }
- $qc/s6-rc -v 2 -t 600000 -- change ok-all
-}
-$qc/s6-echo "* System startup failure: retry"
-# try again without tty and then with
-$qc/foreground { $qc/s6-rc -v 2 -t 600000 -- change ok-all-but-tty }
-$qc/foreground { sleep 0.1 }
-$qc/foreground { $qc/s6-svc -d /run/service/console-log-tail }
$qc/s6-rc -v 2 -t 600000 -- change ok-all
EOF
+"$cmd/s6-chmod" 755 "$dst/init/scripts/runlevel" || exit $?
+# run-image {{{1
"$cmd/s6-mkdir" "$dst/init/run-image/service/console-log-tail" || exit $?
"$cmd/s6-cat" >"$dst/init/run-image/service/console-log-tail/run" <<EOF || exit $?
#!$sm_dst_package/command/execlineb -P
diff --git a/run-image/service/.s6-svscan/SIGHUP b/run-image/service/.s6-svscan/SIGHUP
@@ -0,0 +1,4 @@
+#!/bin/execlineb -P
+
+foreground { redirfd -w 1 "/run"/file\ created\ by\ s6-linux-init,\ storing\ a\ container's\ exit\ code s6-echo -- 0 }
+s6-svscanctl -b "/run"/service
diff --git a/run-image/service/.s6-svscan/SIGINT b/run-image/service/.s6-svscan/SIGINT
@@ -0,0 +1,4 @@
+#!/bin/execlineb -P
+
+foreground { redirfd -w 1 "/run"/file\ created\ by\ s6-linux-init,\ storing\ a\ container's\ exit\ code s6-echo -- 1 }
+s6-svscanctl -b "/run"/service
diff --git a/run-image/service/.s6-svscan/SIGQUIT b/run-image/service/.s6-svscan/SIGQUIT
@@ -0,0 +1,4 @@
+#!/bin/execlineb -P
+
+foreground { "/current/init/scripts/rc.shutdown" }
+s6-svscanctl -q -- "/run"/service
diff --git a/run-image/service/.s6-svscan/SIGTERM b/run-image/service/.s6-svscan/SIGTERM
@@ -0,0 +1,4 @@
+#!/bin/execlineb -P
+
+foreground { "/current/init/scripts/rc.shutdown" }
+s6-svscanctl -t -- "/run"/service
diff --git a/run-image/service/.s6-svscan/SIGUSR1 b/run-image/service/.s6-svscan/SIGUSR1
@@ -0,0 +1,4 @@
+#!/bin/execlineb -P
+
+foreground { "/current/init/scripts/rc.shutdown" }
+s6-svscanctl -7 -- "/run"/service
diff --git a/run-image/service/.s6-svscan/SIGUSR2 b/run-image/service/.s6-svscan/SIGUSR2
@@ -0,0 +1,4 @@
+#!/bin/execlineb -P
+
+foreground { "/current/init/scripts/rc.shutdown" }
+s6-svscanctl -0 -- "/run"/service
diff --git a/run-image/service/.s6-svscan/finish b/run-image/service/.s6-svscan/finish
@@ -0,0 +1,16 @@
+#!/bin/execlineb -S0
+
+ifelse { redirfd -w 2 /dev/null redirfd -r 0 "/run"/file\ created\ by\ s6-linux-init,\ storing\ a\ container's\ exit\ code exit 0 }
+{ redirfd -r 0 "/run"/file\ created\ by\ s6-linux-init,\ storing\ a\ container's\ exit\ code withstdinas -in CODE foreground { s6-rmrf "/run"/file\ created\ by\ s6-linux-init,\ storing\ a\ container's\ exit\ code } importas -ui CODE CODE exit ${CODE} }
+cd /
+#redirfd -w 2 /dev/console
+#fdmove -c 1 2
+foreground { s6-svc -X -- "/run"/service/s6-svscan-log }
+unexport ?
+wait -r -- { }
+foreground { s6-echo "Sending all processes the TERM signal." }
+foreground { s6-nuke -th }
+s6-sleep -m -- 2000
+foreground { s6-echo "Sending all processes the KILL signal." }
+foreground { s6-nuke -k }
+wait -t 2000 { }
