mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-25 18:12:57 +01:00
401516dbc5
MFC after: 2 weeks Approved by: christos
2788 lines
63 KiB
Plaintext
2788 lines
63 KiB
Plaintext
# $NetBSD: rc.subr,v 1.67 2006/10/07 11:25:15 elad Exp $
|
|
#
|
|
# Copyright (c) 1997-2004 The NetBSD Foundation, Inc.
|
|
# All rights reserved.
|
|
#
|
|
# This code is derived from software contributed to The NetBSD Foundation
|
|
# by Luke Mewburn.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions
|
|
# are met:
|
|
# 1. Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# 2. Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
# POSSIBILITY OF SUCH DAMAGE.
|
|
#
|
|
# rc.subr
|
|
# functions used by various rc scripts
|
|
#
|
|
|
|
: ${RC_PID:=$$}; export RC_PID
|
|
|
|
#
|
|
# Operating System dependent/independent variables
|
|
#
|
|
|
|
if [ -n "${_rc_subr_loaded}" ]; then
|
|
return
|
|
fi
|
|
|
|
_rc_subr_loaded="YES"
|
|
|
|
SYSCTL="/sbin/sysctl"
|
|
SYSCTL_N="${SYSCTL} -n"
|
|
SYSCTL_W="${SYSCTL}"
|
|
PROTECT="/usr/bin/protect"
|
|
ID="/usr/bin/id"
|
|
IDCMD="if [ -x $ID ]; then $ID -un; fi"
|
|
PS="/bin/ps -ww"
|
|
SERVICE=/usr/sbin/service
|
|
JAIL_CMD=/usr/sbin/jail
|
|
_svcj_generic_params="path=/ mount.nodevfs host=inherit"
|
|
JID=0
|
|
CPUSET="/bin/cpuset"
|
|
|
|
# rc_service provides the path to the service script that we are executing.
|
|
# This is not being set here in an execution context, necessarily, so it's
|
|
# really just a reasonable guess, and it will get overwritten later if
|
|
# we are executing from some other means than direct execution by service(8)
|
|
# or manual invocation of the service script. The prime example of this is
|
|
# during system startup, all rc scripts will be invoked via /etc/rc, so
|
|
# run_rc_script will overwrite rc_service with the file being sourced.
|
|
rc_service="$0"
|
|
|
|
#
|
|
# functions
|
|
# ---------
|
|
|
|
# is_verified file
|
|
# if VERIEXEC is active check that $file is verified
|
|
#
|
|
VERIEXEC="/sbin/veriexec"
|
|
if test -x $VERIEXEC && $VERIEXEC -i active > /dev/null 2>&1; then
|
|
is_verified() { $VERIEXEC -x $1; }
|
|
else
|
|
is_verified() { return 0; }
|
|
fi
|
|
|
|
# indicate that we have vdot
|
|
_VDOT_SH=:
|
|
|
|
# current state of O_VERIFY
|
|
o_verify()
|
|
{
|
|
case $(echo $(set -o)) in
|
|
*verify" "off*) echo off;;
|
|
*verify" "on*) echo on;;
|
|
esac
|
|
}
|
|
|
|
##
|
|
# o_verify_set want [save]
|
|
#
|
|
# record current state of verify in $save
|
|
# and set it to $want if different
|
|
#
|
|
o_verify_set() {
|
|
local x=$(o_verify)
|
|
|
|
[ -z "$x" ] && return 0
|
|
[ -z "$2" ] || eval $2=$x
|
|
[ "$x" = "$1" ] && return 0
|
|
case "$1" in
|
|
on)
|
|
set -o verify
|
|
;;
|
|
off)
|
|
set +o verify
|
|
;;
|
|
esac
|
|
}
|
|
|
|
# for unverified files
|
|
dotted=
|
|
dot()
|
|
{
|
|
local f verify
|
|
|
|
o_verify_set off verify
|
|
for f in "$@"; do
|
|
if [ -f $f -a -s $f ]; then
|
|
dotted="$dotted $f"
|
|
. $f
|
|
fi
|
|
done
|
|
o_verify_set $verify
|
|
}
|
|
|
|
# try for verified, fallback to safe
|
|
sdot()
|
|
{
|
|
local f
|
|
|
|
for f in "$@"; do
|
|
[ -f $f -a -s $f ] || continue
|
|
vdot $f || safe_dot $f
|
|
done
|
|
}
|
|
|
|
# convenience function - skip if not verified
|
|
vdot()
|
|
{
|
|
local f rc=0 verify
|
|
|
|
o_verify_set on verify
|
|
for f in "$@"; do
|
|
[ -f $f -a -s $f ] || continue
|
|
if is_verified $f 2> /dev/null; then
|
|
dotted="$dotted $f"
|
|
. $f
|
|
else
|
|
rc=80 # EAUTH
|
|
fi
|
|
done
|
|
o_verify_set $verify
|
|
return $rc
|
|
}
|
|
|
|
# Exists [test] file ...
|
|
# report the first "file" that passes "test" (default -s).
|
|
Exists()
|
|
{
|
|
local f _t=-s
|
|
|
|
while :; do
|
|
: 1=$1
|
|
case "$1" in
|
|
-?)
|
|
_t=$1
|
|
shift
|
|
;;
|
|
*)
|
|
break
|
|
;;
|
|
esac
|
|
done
|
|
|
|
for f in "$@"; do
|
|
[ $_t $f ] || continue
|
|
echo $f
|
|
return 0
|
|
done
|
|
return 1
|
|
}
|
|
|
|
# do we have $1 (could be a function)
|
|
have()
|
|
{
|
|
type "$1" > /dev/null 2>&1
|
|
}
|
|
|
|
# provide consistent means of logging progress
|
|
rc_log()
|
|
{
|
|
date "+@ %s [%Y-%m-%d %H:%M:%S %Z] $*"
|
|
}
|
|
|
|
# only rc_log if tracing enabled
|
|
# and $level >= $RC_LEVEL
|
|
rc_trace()
|
|
{
|
|
local level=$1; shift
|
|
local cf=/etc/rc.conf.d/rc_trace
|
|
|
|
if [ -z "$RC_LEVEL" ]; then
|
|
[ -f $cf ] || return
|
|
if [ -s $cf ]; then
|
|
# don't try to set RC_LEVEL without sed
|
|
if [ -n "$SED" ]; then
|
|
RC_LEVEL=$($SED -n '/^RC_LEVEL=/ { s/.*=//p;q; }' $cf)
|
|
RC_LEVEL=${RC_LEVEL:-0}
|
|
fi
|
|
else
|
|
RC_LEVEL=0
|
|
fi
|
|
fi
|
|
[ ${RC_LEVEL:-0} -ge ${level:-0} ] || return
|
|
rc_log "$@"
|
|
}
|
|
|
|
# list_vars pattern
|
|
# List variables matching glob pattern.
|
|
#
|
|
list_vars()
|
|
{
|
|
# Localize 'set' option below.
|
|
local -
|
|
local IFS=$'\n' line varname
|
|
|
|
# Disable path expansion in unquoted 'for' parameters below.
|
|
set -o noglob
|
|
|
|
for line in $(set); do
|
|
varname="${line%%=*}"
|
|
|
|
case "$varname" in
|
|
"$line"|*[!a-zA-Z0-9_]*)
|
|
continue
|
|
;;
|
|
$1)
|
|
echo $varname
|
|
;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
# set_rcvar [var] [defval] [desc]
|
|
#
|
|
# Echo or define a rc.conf(5) variable name. Global variable
|
|
# $rcvars is used.
|
|
#
|
|
# If no argument is specified, echo "${name}_enable".
|
|
#
|
|
# If only a var is specified, echo "${var}_enable".
|
|
#
|
|
# If var and defval are specified, the ${var} is defined as
|
|
# rc.conf(5) variable and the default value is ${defvar}. An
|
|
# optional argument $desc can also be specified to add a
|
|
# description for that.
|
|
#
|
|
set_rcvar()
|
|
{
|
|
local _var
|
|
|
|
case $# in
|
|
0) echo ${name}_enable ;;
|
|
1) echo ${1}_enable ;;
|
|
*)
|
|
debug "set_rcvar: \$$1=$2 is added" \
|
|
" as a rc.conf(5) variable."
|
|
_var=$1
|
|
rcvars="${rcvars# } $_var"
|
|
eval ${_var}_defval=\"$2\"
|
|
shift 2
|
|
eval ${_var}_desc=\"$*\"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
# set_rcvar_obsolete oldvar [newvar] [msg]
|
|
# Define obsolete variable.
|
|
# Global variable $rcvars_obsolete is used.
|
|
#
|
|
set_rcvar_obsolete()
|
|
{
|
|
local _var
|
|
_var=$1
|
|
debug "set_rcvar_obsolete: \$$1(old) -> \$$2(new) is defined"
|
|
|
|
rcvars_obsolete="${rcvars_obsolete# } $1"
|
|
eval ${1}_newvar=\"$2\"
|
|
shift 2
|
|
eval ${_var}_obsolete_msg=\"$*\"
|
|
}
|
|
|
|
#
|
|
# force_depend script [rcvar]
|
|
# Force a service to start. Intended for use by services
|
|
# to resolve dependency issues.
|
|
# $1 - filename of script, in /etc/rc.d, to run
|
|
# $2 - name of the script's rcvar (minus the _enable)
|
|
#
|
|
force_depend()
|
|
{
|
|
local _depend _dep_rcvar
|
|
|
|
_depend="$1"
|
|
_dep_rcvar="${2:-$1}_enable"
|
|
|
|
[ -n "$rc_fast" ] && ! checkyesno always_force_depends &&
|
|
checkyesno $_dep_rcvar && return 0
|
|
|
|
/etc/rc.d/${_depend} forcestatus >/dev/null 2>&1 && return 0
|
|
|
|
info "${name} depends on ${_depend}, which will be forced to start."
|
|
if ! /etc/rc.d/${_depend} forcestart; then
|
|
warn "Unable to force ${_depend}. It may already be running."
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
#
|
|
# checkyesno var
|
|
# Test $1 variable, and warn if not set to YES or NO.
|
|
# Return 0 if it's "yes" (et al), nonzero otherwise.
|
|
#
|
|
checkyesno()
|
|
{
|
|
eval _value=\$${1}
|
|
debug "checkyesno: $1 is set to $_value."
|
|
case $_value in
|
|
|
|
# "yes", "true", "on", or "1"
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
return 0
|
|
;;
|
|
|
|
# "no", "false", "off", or "0"
|
|
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
|
|
return 1
|
|
;;
|
|
*)
|
|
warn "\$${1} is not set properly - see rc.conf(5)."
|
|
return 1
|
|
;;
|
|
esac
|
|
}
|
|
|
|
#
|
|
# reverse_list list
|
|
# print the list in reverse order
|
|
#
|
|
reverse_list()
|
|
{
|
|
_revlist=
|
|
for _revfile; do
|
|
_revlist="$_revfile $_revlist"
|
|
done
|
|
echo $_revlist
|
|
}
|
|
|
|
# stop_boot always
|
|
# If booting directly to multiuser or $always is enabled,
|
|
# send SIGTERM to the parent (/etc/rc) to abort the boot.
|
|
# Otherwise just exit.
|
|
#
|
|
stop_boot()
|
|
{
|
|
local always
|
|
|
|
case $1 in
|
|
# "yes", "true", "on", or "1"
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
always=true
|
|
;;
|
|
*)
|
|
always=false
|
|
;;
|
|
esac
|
|
if [ "$autoboot" = yes -o "$always" = true ]; then
|
|
echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!"
|
|
kill -TERM ${RC_PID}
|
|
fi
|
|
exit 1
|
|
}
|
|
|
|
#
|
|
# mount_critical_filesystems type
|
|
# Go through the list of critical filesystems as provided in
|
|
# the rc.conf(5) variable $critical_filesystems_${type}, checking
|
|
# each one to see if it is mounted, and if it is not, mounting it.
|
|
#
|
|
mount_critical_filesystems()
|
|
{
|
|
eval _fslist=\$critical_filesystems_${1}
|
|
for _fs in $_fslist; do
|
|
mount | (
|
|
_ismounted=false
|
|
while read what _on on _type type; do
|
|
if [ $on = $_fs ]; then
|
|
_ismounted=true
|
|
fi
|
|
done
|
|
if $_ismounted; then
|
|
:
|
|
else
|
|
mount $_fs >/dev/null 2>&1
|
|
fi
|
|
)
|
|
done
|
|
}
|
|
|
|
#
|
|
# check_pidfile pidfile procname [interpreter]
|
|
# Parses the first line of pidfile for a PID, and ensures
|
|
# that the process is running and matches procname.
|
|
# Prints the matching PID upon success, nothing otherwise.
|
|
# interpreter is optional; see _find_processes() for details.
|
|
#
|
|
check_pidfile()
|
|
{
|
|
_pidfile=$1
|
|
_procname=$2
|
|
_interpreter=$3
|
|
if [ -z "$_pidfile" -o -z "$_procname" ]; then
|
|
err 3 'USAGE: check_pidfile pidfile procname [interpreter]'
|
|
fi
|
|
if [ ! -f $_pidfile ]; then
|
|
debug "pid file ($_pidfile): not readable."
|
|
return
|
|
fi
|
|
read _pid _junk < $_pidfile
|
|
if [ -z "$_pid" ]; then
|
|
debug "pid file ($_pidfile): no pid in file."
|
|
return
|
|
fi
|
|
_find_processes $_procname ${_interpreter:-.} '-p '"$_pid"
|
|
}
|
|
|
|
#
|
|
# check_process procname [interpreter]
|
|
# Ensures that a process (or processes) named procname is running.
|
|
# Prints a list of matching PIDs.
|
|
# interpreter is optional; see _find_processes() for details.
|
|
#
|
|
check_process()
|
|
{
|
|
_procname=$1
|
|
_interpreter=$2
|
|
if [ -z "$_procname" ]; then
|
|
err 3 'USAGE: check_process procname [interpreter]'
|
|
fi
|
|
_find_processes $_procname ${_interpreter:-.} '-ax'
|
|
}
|
|
|
|
#
|
|
# _find_processes procname interpreter psargs
|
|
# Search for procname in the output of ps generated by psargs.
|
|
# Prints the PIDs of any matching processes, space separated.
|
|
#
|
|
# If interpreter == ".", check the following variations of procname
|
|
# against the first word of each command:
|
|
# procname
|
|
# `basename procname`
|
|
# `basename procname` + ":"
|
|
# "(" + `basename procname` + ")"
|
|
# "[" + `basename procname` + "]"
|
|
#
|
|
# If interpreter != ".", read the first line of procname, remove the
|
|
# leading #!, normalise whitespace, append procname, and attempt to
|
|
# match that against each command, either as is, or with extra words
|
|
# at the end. As an alternative, to deal with interpreted daemons
|
|
# using perl, the basename of the interpreter plus a colon is also
|
|
# tried as the prefix to procname.
|
|
#
|
|
_find_processes()
|
|
{
|
|
if [ $# -ne 3 ]; then
|
|
err 3 'USAGE: _find_processes procname interpreter psargs'
|
|
fi
|
|
_procname=$1
|
|
_interpreter=$2
|
|
_psargs=$3
|
|
|
|
_pref=
|
|
if [ $_interpreter != "." ]; then # an interpreted script
|
|
_script="${_chroot}${_chroot:+/}$_procname"
|
|
if [ -r "$_script" ]; then
|
|
read _interp < $_script # read interpreter name
|
|
case "$_interp" in
|
|
\#!*)
|
|
_interp=${_interp#\#!} # strip #!
|
|
set -- $_interp
|
|
case $1 in
|
|
*/bin/env)
|
|
shift # drop env to get real name
|
|
;;
|
|
esac
|
|
if [ $_interpreter != $1 ]; then
|
|
warn "\$command_interpreter $_interpreter != $1"
|
|
fi
|
|
;;
|
|
*)
|
|
warn "no shebang line in $_script"
|
|
set -- $_interpreter
|
|
;;
|
|
esac
|
|
else
|
|
warn "cannot read shebang line from $_script"
|
|
set -- $_interpreter
|
|
fi
|
|
_interp="$* $_procname" # cleanup spaces, add _procname
|
|
_interpbn=${1##*/}
|
|
_fp_args='_argv'
|
|
_fp_match='case "$_argv" in
|
|
${_interp}|"${_interp} "*|"[${_interpbn}]"|"${_interpbn}: ${_procname}"*)'
|
|
else # a normal daemon
|
|
_procnamebn=${_procname##*/}
|
|
_fp_args='_arg0 _argv'
|
|
_fp_match='case "$_arg0" in
|
|
$_procname|$_procnamebn|${_procnamebn}:|"(${_procnamebn})"|"[${_procnamebn}]")'
|
|
fi
|
|
|
|
if checkyesno ${name}_svcj && [ "${_rc_svcj}" != jailing ]; then
|
|
JID=$(/usr/sbin/jls -j svcj-${name} jid 2>/dev/null)
|
|
|
|
case ${JID} in
|
|
''|*[!0-9]*)
|
|
# svcj-jail doesn't exist, fallback to host-check
|
|
JID=0
|
|
;;
|
|
esac
|
|
fi
|
|
_proccheck="\
|
|
$PS 2>/dev/null -o pid= -o jid= -o command= $_psargs"' |
|
|
while read _npid _jid '"$_fp_args"'; do
|
|
'"$_fp_match"'
|
|
if [ "$JID" -eq "$_jid" ];
|
|
then echo -n "$_pref$_npid";
|
|
_pref=" ";
|
|
fi
|
|
;;
|
|
esac
|
|
done'
|
|
|
|
# debug "in _find_processes: proccheck is ($_proccheck)."
|
|
eval $_proccheck
|
|
}
|
|
|
|
# sort_lite [-b] [-n] [-k POS] [-t SEP]
|
|
# A lite version of sort(1) (supporting a few options) that can be used
|
|
# before the real sort(1) is available (e.g., in scripts that run prior
|
|
# to mountcritremote). Requires only shell built-in functionality.
|
|
#
|
|
sort_lite()
|
|
{
|
|
local funcname=sort_lite
|
|
local sort_sep="$IFS" sort_ignore_leading_space=
|
|
local sort_field=0 sort_strict_fields= sort_numeric=
|
|
local nitems=0 skip_leading=0 trim=
|
|
|
|
local OPTIND flag
|
|
while getopts bnk:t: flag; do
|
|
case "$flag" in
|
|
b) sort_ignore_leading_space=1 ;;
|
|
n) sort_numeric=1 sort_ignore_leading_space=1 ;;
|
|
k) sort_field="${OPTARG%%,*}" ;; # only up to first comma
|
|
# NB: Unlike sort(1) only one POS allowed
|
|
t) sort_sep="$OPTARG"
|
|
if [ ${#sort_sep} -gt 1 ]; then
|
|
echo "$funcname: multi-character tab \`$sort_sep'" >&2
|
|
return 1
|
|
fi
|
|
sort_strict_fields=1
|
|
;;
|
|
\?) return 1 ;;
|
|
esac
|
|
done
|
|
shift $(( $OPTIND - 1 ))
|
|
|
|
# Create transformation pattern to trim leading text if desired
|
|
case "$sort_field" in
|
|
""|[!0-9]*|*[!0-9.]*)
|
|
echo "$funcname: invalid sort field \`$sort_field'" >&2
|
|
return 1
|
|
;;
|
|
*.*)
|
|
skip_leading=${sort_field#*.} sort_field=${sort_field%%.*}
|
|
while [ ${skip_leading:-0} -gt 1 ] 2> /dev/null; do
|
|
trim="$trim?" skip_leading=$(( $skip_leading - 1 ))
|
|
done
|
|
esac
|
|
|
|
# Copy input to series of local numbered variables
|
|
# NB: IFS of NULL preserves leading whitespace
|
|
local LINE
|
|
while IFS= read -r LINE || [ "$LINE" ]; do
|
|
nitems=$(( $nitems + 1 ))
|
|
local src_$nitems="$LINE"
|
|
done
|
|
|
|
#
|
|
# Sort numbered locals using insertion sort
|
|
#
|
|
local curitem curitem_orig curitem_mod curitem_haskey
|
|
local dest dest_orig dest_mod dest_haskey
|
|
local d gt n
|
|
local i=1
|
|
while [ $i -le $nitems ]; do
|
|
curitem_haskey=1 # Assume sort field (-k POS) exists
|
|
eval curitem=\"\$src_$i\"
|
|
curitem_mod="$curitem" # for modified comparison
|
|
curitem_orig="$curitem" # for original comparison
|
|
|
|
# Trim leading whitespace if desired
|
|
if [ "$sort_ignore_leading_space" ]; then
|
|
while case "$curitem_orig" in
|
|
[$IFS]*) : ;; *) false; esac
|
|
do
|
|
curitem_orig="${curitem_orig#?}"
|
|
done
|
|
curitem_mod="$curitem_orig"
|
|
fi
|
|
|
|
# Shift modified comparison value if sort field (-k POS) is > 1
|
|
n=$sort_field
|
|
while [ $n -gt 1 ]; do
|
|
case "$curitem_mod" in
|
|
*[$sort_sep]*)
|
|
# Cut text up-to (and incl.) first separator
|
|
curitem_mod="${curitem_mod#*[$sort_sep]}"
|
|
|
|
# Skip NULLs unless strict field splitting
|
|
[ "$sort_strict_fields" ] ||
|
|
[ "${curitem_mod%%[$sort_sep]*}" ] ||
|
|
[ $n -eq 2 ] ||
|
|
continue
|
|
;;
|
|
*)
|
|
# Asked for a field that doesn't exist
|
|
curitem_haskey= break
|
|
esac
|
|
n=$(( $n - 1 ))
|
|
done
|
|
|
|
# Trim trailing words if sort field >= 1
|
|
[ $sort_field -ge 1 -a "$sort_numeric" ] &&
|
|
curitem_mod="${curitem_mod%%[$sort_sep]*}"
|
|
|
|
# Apply optional trim (-k POS.TRIM) to cut leading characters
|
|
curitem_mod="${curitem_mod#$trim}"
|
|
|
|
# Determine the type of modified comparison to use initially
|
|
# NB: Prefer numerical if requested but fallback to standard
|
|
case "$curitem_mod" in
|
|
""|[!0-9]*) # NULL or begins with non-number
|
|
gt=">"
|
|
[ "$sort_numeric" ] && curitem_mod=0
|
|
;;
|
|
*)
|
|
if [ "$sort_numeric" ]; then
|
|
gt="-gt"
|
|
curitem_mod="${curitem_mod%%[!0-9]*}"
|
|
# NB: trailing non-digits removed
|
|
# otherwise numeric comparison fails
|
|
else
|
|
gt=">"
|
|
fi
|
|
esac
|
|
|
|
# If first time through, short-circuit below position-search
|
|
if [ $i -le 1 ]; then
|
|
d=0
|
|
else
|
|
d=1
|
|
fi
|
|
|
|
#
|
|
# Find appropriate element position
|
|
#
|
|
while [ $d -gt 0 ]
|
|
do
|
|
dest_haskey=$curitem_haskey
|
|
eval dest=\"\$dest_$d\"
|
|
dest_mod="$dest" # for modified comparison
|
|
dest_orig="$dest" # for original comparison
|
|
|
|
# Trim leading whitespace if desired
|
|
if [ "$sort_ignore_leading_space" ]; then
|
|
while case "$dest_orig" in
|
|
[$IFS]*) : ;; *) false; esac
|
|
do
|
|
dest_orig="${dest_orig#?}"
|
|
done
|
|
dest_mod="$dest_orig"
|
|
fi
|
|
|
|
# Shift modified value if sort field (-k POS) is > 1
|
|
n=$sort_field
|
|
while [ $n -gt 1 ]; do
|
|
case "$dest_mod" in
|
|
*[$sort_sep]*)
|
|
# Cut text up-to (and incl.) 1st sep
|
|
dest_mod="${dest_mod#*[$sort_sep]}"
|
|
|
|
# Skip NULLs unless strict fields
|
|
[ "$sort_strict_fields" ] ||
|
|
[ "${dest_mod%%[$sort_sep]*}" ] ||
|
|
[ $n -eq 2 ] ||
|
|
continue
|
|
;;
|
|
*)
|
|
# Asked for a field that doesn't exist
|
|
dest_haskey= break
|
|
esac
|
|
n=$(( $n - 1 ))
|
|
done
|
|
|
|
# Trim trailing words if sort field >= 1
|
|
[ $sort_field -ge 1 -a "$sort_numeric" ] &&
|
|
dest_mod="${dest_mod%%[$sort_sep]*}"
|
|
|
|
# Apply optional trim (-k POS.TRIM), cut leading chars
|
|
dest_mod="${dest_mod#$trim}"
|
|
|
|
# Determine type of modified comparison to use
|
|
# NB: Prefer numerical if requested, fallback to std
|
|
case "$dest_mod" in
|
|
""|[!0-9]*) # NULL or begins with non-number
|
|
gt=">"
|
|
[ "$sort_numeric" ] && dest_mod=0
|
|
;;
|
|
*)
|
|
if [ "$sort_numeric" ]; then
|
|
gt="-gt"
|
|
dest_mod="${dest_mod%%[!0-9]*}"
|
|
# NB: kill trailing non-digits
|
|
# for numeric comparison safety
|
|
else
|
|
gt=">"
|
|
fi
|
|
esac
|
|
|
|
# Break if we've found the proper element position
|
|
if [ "$curitem_haskey" -a "$dest_haskey" ]; then
|
|
if [ "$dest_mod" = "$curitem_mod" ]; then
|
|
[ "$dest_orig" ">" "$curitem_orig" ] &&
|
|
break
|
|
elif [ "$dest_mod" $gt "$curitem_mod" ] \
|
|
2> /dev/null
|
|
then
|
|
break
|
|
fi
|
|
else
|
|
[ "$dest_orig" ">" "$curitem_orig" ] && break
|
|
fi
|
|
|
|
# Break if we've hit the end
|
|
[ $d -ge $i ] && break
|
|
|
|
d=$(( $d + 1 ))
|
|
done
|
|
|
|
# Shift remaining positions forward, making room for new item
|
|
n=$i
|
|
while [ $n -ge $d ]; do
|
|
# Shift destination item forward one placement
|
|
eval dest_$(( $n + 1 ))=\"\$dest_$n\"
|
|
n=$(( $n - 1 ))
|
|
done
|
|
|
|
# Place the element
|
|
if [ $i -eq 1 ]; then
|
|
local dest_1="$curitem"
|
|
else
|
|
local dest_$d="$curitem"
|
|
fi
|
|
|
|
i=$(( $i + 1 ))
|
|
done
|
|
|
|
# Print sorted results
|
|
d=1
|
|
while [ $d -le $nitems ]; do
|
|
eval echo \"\$dest_$d\"
|
|
d=$(( $d + 1 ))
|
|
done
|
|
}
|
|
|
|
#
|
|
# wait_for_pids pid [pid ...]
|
|
# spins until none of the pids exist
|
|
#
|
|
wait_for_pids()
|
|
{
|
|
local _list _prefix _nlist _j
|
|
|
|
_list="$@"
|
|
if [ -z "$_list" ]; then
|
|
return
|
|
fi
|
|
_prefix=
|
|
while true; do
|
|
_nlist="";
|
|
for _j in $_list; do
|
|
if kill -0 $_j 2>/dev/null; then
|
|
_nlist="${_nlist}${_nlist:+ }$_j"
|
|
[ -n "$_prefix" ] && sleep 1
|
|
fi
|
|
done
|
|
if [ -z "$_nlist" ]; then
|
|
break
|
|
fi
|
|
_list=$_nlist
|
|
echo -n ${_prefix:-"Waiting for PIDS: "}$_list
|
|
_prefix=", "
|
|
pwait $_list 2>/dev/null
|
|
done
|
|
if [ -n "$_prefix" ]; then
|
|
echo "."
|
|
fi
|
|
}
|
|
|
|
#
|
|
# get_pidfile_from_conf string file
|
|
#
|
|
# Takes a string to search for in the specified file.
|
|
# Ignores lines with traditional comment characters.
|
|
#
|
|
# Example:
|
|
#
|
|
# if get_pidfile_from_conf string file; then
|
|
# pidfile="$_pidfile_from_conf"
|
|
# else
|
|
# pidfile='appropriate default'
|
|
# fi
|
|
#
|
|
get_pidfile_from_conf()
|
|
{
|
|
if [ -z "$1" -o -z "$2" ]; then
|
|
err 3 "USAGE: get_pidfile_from_conf string file ($name)"
|
|
fi
|
|
|
|
local string file line
|
|
|
|
string="$1" ; file="$2"
|
|
|
|
if [ ! -s "$file" ]; then
|
|
err 3 "get_pidfile_from_conf: $file does not exist ($name)"
|
|
fi
|
|
|
|
while read line; do
|
|
case "$line" in
|
|
*[#\;]*${string}*) continue ;;
|
|
*${string}*) break ;;
|
|
esac
|
|
done < $file
|
|
|
|
if [ -n "$line" ]; then
|
|
line=${line#*/}
|
|
_pidfile_from_conf="/${line%%[\"\;]*}"
|
|
else
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
#
|
|
# check_startmsgs
|
|
# If rc_quiet is set (usually as a result of using faststart at
|
|
# boot time) check if rc_startmsgs is enabled.
|
|
#
|
|
check_startmsgs()
|
|
{
|
|
if [ -n "$rc_quiet" ]; then
|
|
checkyesno rc_startmsgs
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
#
|
|
# startmsg
|
|
# Preferred method to use when displaying start messages in lieu of echo.
|
|
#
|
|
startmsg()
|
|
{
|
|
check_startmsgs && echo "$@"
|
|
}
|
|
|
|
#
|
|
# run_rc_command argument
|
|
# Search for argument in the list of supported commands, which is:
|
|
# "start stop restart rcvar status poll ${extra_commands}"
|
|
# If there's a match, run ${argument}_cmd or the default method
|
|
# (see below).
|
|
#
|
|
# If argument has a given prefix, then change the operation as follows:
|
|
# Prefix Operation
|
|
# ------ ---------
|
|
# fast Skip the pid check, and set rc_fast=yes, rc_quiet=yes
|
|
# force Set ${rcvar} to YES, and set rc_force=yes
|
|
# one Set ${rcvar} to YES
|
|
# quiet Don't output some diagnostics, and set rc_quiet=yes
|
|
#
|
|
# The following globals are used:
|
|
#
|
|
# Name Needed Purpose
|
|
# ---- ------ -------
|
|
# name y Name of script.
|
|
#
|
|
# command n Full path to command.
|
|
# Not needed if ${rc_arg}_cmd is set for
|
|
# each keyword.
|
|
#
|
|
# command_args n Optional args/shell directives for command.
|
|
#
|
|
# command_interpreter n If not empty, command is interpreted, so
|
|
# call check_{pidfile,process}() appropriately.
|
|
#
|
|
# desc n Description of script.
|
|
#
|
|
# extra_commands n List of extra commands supported.
|
|
#
|
|
# pidfile n If set, use check_pidfile $pidfile $command,
|
|
# otherwise use check_process $command.
|
|
# In either case, only check if $command is set.
|
|
#
|
|
# procname n Process name to check for instead of $command.
|
|
#
|
|
# rcvar n This is checked with checkyesno to determine
|
|
# if the action should be run.
|
|
#
|
|
# ${name}_program n Full path to command.
|
|
# Meant to be used in /etc/rc.conf to override
|
|
# ${command}.
|
|
#
|
|
# ${name}_chroot n Directory to chroot to before running ${command}
|
|
# Requires /usr to be mounted.
|
|
#
|
|
# ${name}_chdir n Directory to cd to before running ${command}
|
|
# (if not using ${name}_chroot).
|
|
#
|
|
# ${name}_cpuset n A list of CPUs to run ${command} on.
|
|
# Requires /usr to be mounted.
|
|
#
|
|
# ${name}_flags n Arguments to call ${command} with.
|
|
# NOTE: $flags from the parent environment
|
|
# can be used to override this.
|
|
#
|
|
# ${name}_env n Environment variables to run ${command} with.
|
|
#
|
|
# ${name}_env_file n File to source variables to run ${command} with.
|
|
#
|
|
# ${name}_fib n Routing table number to run ${command} with.
|
|
#
|
|
# ${name}_nice n Nice level to run ${command} at.
|
|
#
|
|
# ${name}_oomprotect n Don't kill ${command} when swap space is exhausted.
|
|
#
|
|
# ${name}_umask n The file creation mask to run ${command} with.
|
|
#
|
|
# ${name}_user n User to run ${command} as, using su(1) if not
|
|
# using ${name}_chroot.
|
|
# Requires /usr to be mounted.
|
|
#
|
|
# ${name}_group n Group to run chrooted ${command} as.
|
|
# Requires /usr to be mounted.
|
|
#
|
|
# ${name}_groups n Comma separated list of supplementary groups
|
|
# to run the chrooted ${command} with.
|
|
# Requires /usr to be mounted.
|
|
#
|
|
# ${name}_prepend n Command added before ${command}.
|
|
#
|
|
# ${name}_setup n Command executed during start, restart and
|
|
# reload before ${rc_arg}_precmd is run.
|
|
#
|
|
# ${name}_login_class n Login class to use, else "daemon".
|
|
#
|
|
# ${name}_limits n limits(1) to apply to ${command}.
|
|
#
|
|
# ${name}_offcmd n If set, run during start
|
|
# if a service is not enabled.
|
|
#
|
|
# ${rc_arg}_cmd n If set, use this as the method when invoked;
|
|
# Otherwise, use default command (see below)
|
|
#
|
|
# ${rc_arg}_precmd n If set, run just before performing the
|
|
# ${rc_arg}_cmd method in the default
|
|
# operation (i.e, after checking for required
|
|
# bits and process (non)existence).
|
|
# If this completes with a non-zero exit code,
|
|
# don't run ${rc_arg}_cmd.
|
|
#
|
|
# ${rc_arg}_postcmd n If set, run just after performing the
|
|
# ${rc_arg}_cmd method, if that method
|
|
# returned a zero exit code.
|
|
#
|
|
# required_dirs n If set, check for the existence of the given
|
|
# directories before running a (re)start command.
|
|
#
|
|
# required_files n If set, check for the readability of the given
|
|
# files before running a (re)start command.
|
|
#
|
|
# required_modules n If set, ensure the given kernel modules are
|
|
# loaded before running a (re)start command.
|
|
# The check and possible loads are actually
|
|
# done after start_precmd so that the modules
|
|
# aren't loaded in vain, should the precmd
|
|
# return a non-zero status to indicate a error.
|
|
# If a word in the list looks like "foo:bar",
|
|
# "foo" is the KLD file name and "bar" is the
|
|
# module name. If a word looks like "foo~bar",
|
|
# "foo" is the KLD file name and "bar" is a
|
|
# egrep(1) pattern matching the module name.
|
|
# Otherwise the module name is assumed to be
|
|
# the same as the KLD file name, which is most
|
|
# common. See load_kld().
|
|
#
|
|
# required_vars n If set, perform checkyesno on each of the
|
|
# listed variables before running the default
|
|
# (re)start command.
|
|
#
|
|
# Default behaviour for a given argument, if no override method is
|
|
# provided:
|
|
#
|
|
# Argument Default behaviour
|
|
# -------- -----------------
|
|
# start if !running && checkyesno ${rcvar}
|
|
# ${command}
|
|
#
|
|
# stop if ${pidfile}
|
|
# rc_pid=$(check_pidfile $pidfile $command)
|
|
# else
|
|
# rc_pid=$(check_process $command)
|
|
# kill $sig_stop $rc_pid
|
|
# wait_for_pids $rc_pid
|
|
# ($sig_stop defaults to TERM.)
|
|
#
|
|
# reload Similar to stop, except use $sig_reload instead,
|
|
# and don't wait_for_pids.
|
|
# $sig_reload defaults to HUP.
|
|
# Note that `reload' isn't provided by default,
|
|
# it should be enabled via $extra_commands.
|
|
#
|
|
# restart Run `stop' then `start'.
|
|
#
|
|
# status Show if ${command} is running, etc.
|
|
#
|
|
# poll Wait for ${command} to exit.
|
|
#
|
|
# rcvar Display what rc.conf variable is used (if any).
|
|
#
|
|
# enabled Return true if the service is enabled.
|
|
#
|
|
# describe Show the service's description
|
|
#
|
|
# extracommands Show the service's extra commands
|
|
#
|
|
# Variables available to methods, and after run_rc_command() has
|
|
# completed:
|
|
#
|
|
# Variable Purpose
|
|
# -------- -------
|
|
# rc_arg Argument to command, after fast/force/one processing
|
|
# performed
|
|
#
|
|
# rc_flags Flags to start the default command with.
|
|
# Defaults to ${name}_flags, unless overridden
|
|
# by $flags from the environment.
|
|
# This variable may be changed by the precmd method.
|
|
#
|
|
# rc_service Path to the service being executed, in case the service
|
|
# needs to re-invoke itself.
|
|
#
|
|
# rc_pid PID of command (if appropriate)
|
|
#
|
|
# rc_fast Not empty if "fast" was provided (q.v.)
|
|
#
|
|
# rc_force Not empty if "force" was provided (q.v.)
|
|
#
|
|
# rc_quiet Not empty if "quiet" was provided
|
|
#
|
|
#
|
|
run_rc_command()
|
|
{
|
|
_return=0
|
|
rc_arg=$1
|
|
if [ -z "$name" ]; then
|
|
err 3 'run_rc_command: $name is not set.'
|
|
fi
|
|
|
|
DebugOn rc:all rc:all:$rc_arg rc:$name rc:$name:$rc_arg $name:$rc_arg
|
|
|
|
# Don't repeat the first argument when passing additional command-
|
|
# line arguments to the command subroutines.
|
|
#
|
|
shift 1
|
|
rc_extra_args="$*"
|
|
|
|
_rc_prefix=
|
|
case "$rc_arg" in
|
|
fast*) # "fast" prefix; don't check pid
|
|
rc_arg=${rc_arg#fast}
|
|
rc_fast=yes
|
|
rc_quiet=yes
|
|
;;
|
|
force*) # "force" prefix; always run
|
|
rc_force=yes
|
|
_rc_prefix=force
|
|
rc_arg=${rc_arg#${_rc_prefix}}
|
|
if [ -n "${rcvar}" ]; then
|
|
eval ${rcvar}=YES
|
|
fi
|
|
;;
|
|
one*) # "one" prefix; set ${rcvar}=yes
|
|
_rc_prefix=one
|
|
rc_arg=${rc_arg#${_rc_prefix}}
|
|
if [ -n "${rcvar}" ]; then
|
|
eval ${rcvar}=YES
|
|
fi
|
|
;;
|
|
quiet*) # "quiet" prefix; omit some messages
|
|
_rc_prefix=quiet
|
|
rc_arg=${rc_arg#${_rc_prefix}}
|
|
rc_quiet=yes
|
|
;;
|
|
esac
|
|
|
|
eval _override_command=\$${name}_program
|
|
command=${_override_command:-$command}
|
|
|
|
_keywords="start stop restart rcvar enable disable delete enabled describe extracommands $extra_commands"
|
|
rc_pid=
|
|
_pidcmd=
|
|
_procname=${procname:-${command}}
|
|
|
|
eval _cpuset=\$${name}_cpuset
|
|
|
|
# Loose validation of the configured cpuset; just make sure it starts
|
|
# with a number. There have also been cases in the past where a hyphen
|
|
# in a service name has caused eval errors, which trickle down into
|
|
# various variables; don't let a situation like that break a bunch of
|
|
# services just because of cpuset(1).
|
|
case "$_cpuset" in
|
|
[0-9]*) ;;
|
|
*) _cpuset="" ;;
|
|
esac
|
|
|
|
_cpusetcmd=
|
|
if [ -n "$_cpuset" ]; then
|
|
_cpusetcmd="$CPUSET -l $_cpuset"
|
|
fi
|
|
|
|
# If a specific jail has a specific svcj request, honor it (YES/NO).
|
|
# If not (variable empty), evaluate the global svcj catch-all.
|
|
# A global YES can be overriden by a specific NO, and a global NO is overriden
|
|
# by a specific YES.
|
|
eval _svcj=\$${name}_svcj
|
|
if [ -z "$_svcj" ]; then
|
|
_svcj=${svcj_all_enable}
|
|
if [ -z "$_svcj" ]; then
|
|
eval ${name}_svcj=NO
|
|
fi
|
|
fi
|
|
|
|
# setup pid check command
|
|
if [ -n "$_procname" ]; then
|
|
if [ -n "$pidfile" ]; then
|
|
_pidcmd='rc_pid=$(check_pidfile '"$pidfile $_procname $command_interpreter"')'
|
|
else
|
|
_pidcmd='rc_pid=$(check_process '"$_procname $command_interpreter"')'
|
|
fi
|
|
_keywords="${_keywords} status poll"
|
|
else
|
|
if [ ! -z "${status_cmd}" ]
|
|
then
|
|
_keywords="${_keywords} status"
|
|
fi
|
|
fi
|
|
|
|
if [ -z "$rc_arg" ]; then
|
|
rc_usage $_keywords
|
|
fi
|
|
|
|
if [ "$rc_arg" = "enabled" ] ; then
|
|
checkyesno ${rcvar}
|
|
return $?
|
|
fi
|
|
|
|
if [ -n "$flags" ]; then # allow override from environment
|
|
rc_flags=$flags
|
|
else
|
|
eval rc_flags=\$${name}_flags
|
|
fi
|
|
eval _chdir=\$${name}_chdir _chroot=\$${name}_chroot \
|
|
_nice=\$${name}_nice _user=\$${name}_user \
|
|
_group=\$${name}_group _groups=\$${name}_groups \
|
|
_fib=\$${name}_fib _env=\$${name}_env \
|
|
_prepend=\$${name}_prepend _login_class=\${${name}_login_class:-daemon} \
|
|
_limits=\$${name}_limits _oomprotect=\$${name}_oomprotect \
|
|
_setup=\$${name}_setup _env_file=\$${name}_env_file \
|
|
_umask=\$${name}_umask _svcj_options=\$${name}_svcj_options
|
|
|
|
if [ -n "$_env_file" ] && [ -r "${_env_file}" ]; then # load env from file
|
|
set -a
|
|
. $_env_file
|
|
set +a
|
|
fi
|
|
|
|
if [ -n "$_user" ]; then # unset $_user if running as that user
|
|
if [ "$_user" = "$(eval $IDCMD)" ]; then
|
|
unset _user
|
|
fi
|
|
fi
|
|
|
|
if [ -n "$_svcj_options" ]; then # translate service jail options
|
|
_svcj_cmd_options=""
|
|
|
|
_svcj_sysvipc_x=0
|
|
for _svcj_option in $_svcj_options; do
|
|
case "$_svcj_option" in
|
|
mlock)
|
|
_svcj_cmd_options="allow.mlock ${_svcj_cmd_options}"
|
|
;;
|
|
netv4)
|
|
_svcj_cmd_options="ip4=inherit allow.reserved_ports ${_svcj_cmd_options}"
|
|
;;
|
|
netv6)
|
|
_svcj_cmd_options="ip6=inherit allow.reserved_ports ${_svcj_cmd_options}"
|
|
;;
|
|
net_basic)
|
|
_svcj_cmd_options="ip4=inherit ip6=inherit allow.reserved_ports ${_svcj_cmd_options}"
|
|
;;
|
|
net_raw)
|
|
_svcj_cmd_options="allow.raw_sockets ${_svcj_cmd_options}"
|
|
;;
|
|
net_all)
|
|
_svcj_cmd_options="allow.socket_af allow.raw_sockets allow.reserved_ports ip4=inherit ip6=inherit ${_svcj_cmd_options}"
|
|
;;
|
|
nfsd)
|
|
_svcj_cmd_options="allow.nfsd enforce_statfs=1 ${_svcj_cmd_options}"
|
|
;;
|
|
sysvipc)
|
|
_svcj_sysvipc_x=$((${_svcj_sysvipc_x} + 1))
|
|
_svcj_cmd_options="sysvmsg=inherit sysvsem=inherit sysvshm=inherit ${_svcj_cmd_options}"
|
|
;;
|
|
sysvipcnew)
|
|
_svcj_sysvipc_x=$((${_svcj_sysvipc_x} + 1))
|
|
_svcj_cmd_options="sysvmsg=new sysvsem=new sysvshm=new ${_svcj_cmd_options}"
|
|
;;
|
|
vmm)
|
|
_svcj_cmd_options="allow.vmm ${_svcj_cmd_options}"
|
|
;;
|
|
*)
|
|
echo ${name}: unknown service jail option: $_svcj_option
|
|
;;
|
|
esac
|
|
done
|
|
if [ ${_svcj_sysvipc_x} -gt 1 ]; then
|
|
echo -n "ERROR: more than one sysvipc option is "
|
|
echo "specified in ${name}_svcj_options: $_svcj_options"
|
|
return 1
|
|
fi
|
|
fi
|
|
|
|
[ -z "$autoboot" ] && eval $_pidcmd # determine the pid if necessary
|
|
|
|
for _elem in $_keywords; do
|
|
if [ "$_elem" != "$rc_arg" ]; then
|
|
continue
|
|
fi
|
|
# if ${rcvar} is set, $1 is not "rcvar", "describe",
|
|
# "enable", "delete" or "status", and ${rc_pid} is
|
|
# not set, run:
|
|
# checkyesno ${rcvar}
|
|
# and return if that failed
|
|
#
|
|
if [ -n "${rcvar}" -a "$rc_arg" != "rcvar" -a "$rc_arg" != "stop" \
|
|
-a "$rc_arg" != "delete" -a "$rc_arg" != "enable" \
|
|
-a "$rc_arg" != "describe" -a "$rc_arg" != "status" ] ||
|
|
[ -n "${rcvar}" -a "$rc_arg" = "stop" -a -z "${rc_pid}" ]; then
|
|
if ! checkyesno ${rcvar}; then
|
|
[ "$rc_arg" = "start" ] && _run_rc_offcmd
|
|
if [ -z "${rc_quiet}" ]; then
|
|
echo -n "Cannot '${rc_arg}' $name. Set ${rcvar} to "
|
|
echo -n "YES in /etc/rc.conf or use 'one${rc_arg}' "
|
|
echo "instead of '${rc_arg}'."
|
|
fi
|
|
return 0
|
|
fi
|
|
fi
|
|
|
|
if [ $rc_arg = "start" -a -z "$rc_fast" -a -n "$rc_pid" ]; then
|
|
if [ -z "$rc_quiet" ]; then
|
|
echo 1>&2 "${name} already running? " \
|
|
"(pid=$rc_pid)."
|
|
fi
|
|
return 1
|
|
fi
|
|
|
|
# if there's a custom ${XXX_cmd},
|
|
# run that instead of the default
|
|
#
|
|
eval _cmd=\$${rc_arg}_cmd \
|
|
_precmd=\$${rc_arg}_precmd \
|
|
_postcmd=\$${rc_arg}_postcmd
|
|
|
|
if [ -n "$_cmd" ]; then
|
|
rc_trace 1 "$_cmd"
|
|
if [ -n "$_env" ]; then
|
|
eval "export -- $_env"
|
|
fi
|
|
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
# service can redefine all so
|
|
# check for valid setup target
|
|
if [ "$rc_arg" = 'start' -o \
|
|
"$rc_arg" = 'restart' -o \
|
|
"$rc_arg" = 'reload' ]; then
|
|
_run_rc_setup || \
|
|
warn "failed to setup ${name}"
|
|
fi
|
|
_run_rc_precmd || return 1
|
|
fi
|
|
if ! checkyesno ${name}_svcj; then
|
|
_run_rc_doit "$_cpusetcmd $_cmd $rc_extra_args" || return 1
|
|
else
|
|
case "$rc_arg" in
|
|
start)
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
_return=1
|
|
_do_jailing=1
|
|
|
|
if check_jail jailed; then
|
|
if [ $(${SYSCTL_N} security.jail.children.max) -eq 0 ]; then
|
|
echo ERROR: jail parameter children.max is set to 0, can not create a new service jail.
|
|
_do_jailing=0
|
|
else
|
|
_free_jails=$(($(${SYSCTL_N} security.jail.children.max) - $(${SYSCTL_N} security.jail.children.cur)))
|
|
if [ ${_free_jails} -eq 0 ]; then
|
|
echo ERROR: max number of jail children reached, can not create a new service jail.
|
|
_do_jailing=0
|
|
|
|
fi
|
|
fi
|
|
fi
|
|
if [ ${_do_jailing} -eq 1 ]; then
|
|
$JAIL_CMD -c $_svcj_generic_params $_svcj_cmd_options \
|
|
exec.start="${SERVICE} -E _rc_svcj=jailing ${name} ${_rc_prefix}start $rc_extra_args" \
|
|
exec.stop="${SERVICE} -E _rc_svcj=jailing ${name} ${_rc_prefix}stop $rc_extra_args" \
|
|
exec.consolelog="/var/log/svcj_${name}_console.log" \
|
|
name=svcj-${name} && _return=0
|
|
fi
|
|
else
|
|
_run_rc_doit "$_cpusetcmd $_cmd $rc_extra_args" || _return=1
|
|
fi
|
|
;;
|
|
stop)
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
$SERVICE -E _rc_svcj=jailing -j svcj-${name} ${name} ${_rc_prefix}stop $rc_extra_args || _return=1
|
|
$JAIL_CMD -r svcj-${name} 2>/dev/null
|
|
else
|
|
_run_rc_doit "$_cpusetcmd $_cmd $rc_extra_args" || _return=1
|
|
fi
|
|
;;
|
|
restart|status) ;; # no special case needed for svcj or handled somewhere else
|
|
*)
|
|
eval _rc_svcj_extra_cmd=\$${name}_${rc_arg}_svcj_enable
|
|
: ${_rc_svcj_extra_cmd:=NO}
|
|
if checkyesno _rc_svcj_extra_cmd && [ "${_rc_svcj}" != jailing ]; then
|
|
$SERVICE -v -E _rc_svcj=jailing -j svcj-${name} ${name} ${_rc_prefix}${rc_arg} $rc_extra_args || _return=1
|
|
else
|
|
_run_rc_doit "$_cpusetcmd $_cmd $rc_extra_args" || _return=1
|
|
fi
|
|
;;
|
|
esac
|
|
fi
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
_run_rc_postcmd
|
|
fi
|
|
return $_return
|
|
fi
|
|
|
|
case "$rc_arg" in # default operations...
|
|
|
|
describe)
|
|
if [ -n "$desc" ]; then
|
|
echo "$desc"
|
|
fi
|
|
;;
|
|
|
|
extracommands)
|
|
echo "$extra_commands"
|
|
;;
|
|
|
|
enable)
|
|
_out=$(/usr/sbin/sysrc -vs "$name" "$rcvar=YES") &&
|
|
echo "$name enabled in ${_out%%:*}"
|
|
;;
|
|
|
|
disable)
|
|
_out=$(/usr/sbin/sysrc -vs "$name" "$rcvar=NO") &&
|
|
echo "$name disabled in ${_out%%:*}"
|
|
;;
|
|
|
|
delete)
|
|
_files=
|
|
for _file in $(/usr/sbin/sysrc -lEs "$name"); do
|
|
_out=$(/usr/sbin/sysrc -Fif $_file "$rcvar") && _files="$_files $_file"
|
|
done
|
|
/usr/sbin/sysrc -x "$rcvar" && echo "$rcvar deleted in ${_files# }"
|
|
# delete file in rc.conf.d if desired and empty.
|
|
checkyesno service_delete_empty || _files=
|
|
for _file in $_files; do
|
|
[ "$_file" = "${_file#*/rc.conf.d/}" ] && continue
|
|
[ $(/usr/bin/stat -f%z $_file) -gt 0 ] && continue
|
|
/bin/rm "$_file" && echo "Empty file $_file removed"
|
|
done
|
|
;;
|
|
|
|
status)
|
|
_run_rc_precmd || return 1
|
|
if [ -n "$rc_pid" ]; then
|
|
echo "${name} is running as pid $rc_pid."
|
|
else
|
|
echo "${name} is not running."
|
|
return 1
|
|
fi
|
|
_run_rc_postcmd
|
|
;;
|
|
|
|
start)
|
|
if [ ! -x "${_chroot}${_chroot:+/}${command}" ]; then
|
|
warn "run_rc_command: cannot run $command"
|
|
return 1
|
|
fi
|
|
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
_run_rc_setup || warn "failed to setup ${name}"
|
|
|
|
if ! _run_rc_precmd; then
|
|
warn "failed precmd routine for ${name}"
|
|
return 1
|
|
fi
|
|
fi
|
|
|
|
if checkyesno ${name}_svcj; then
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
if check_jail jailed; then
|
|
if [ $(${SYSCTL_N} security.jail.children.max) -eq 0 ]; then
|
|
echo ERROR: jail parameter children.max is set to 0, can not create a new service jail.
|
|
return 1
|
|
else
|
|
_free_jails=$(($(${SYSCTL_N} security.jail.children.max) - $(${SYSCTL_N} security.jail.children.cur)))
|
|
if [ ${_free_jails} -eq 0 ]; then
|
|
echo ERROR: max number of jail children reached, can not create a new service jail.
|
|
return 1
|
|
fi
|
|
fi
|
|
fi
|
|
$JAIL_CMD -c $_svcj_generic_params $_svcj_cmd_options\
|
|
exec.start="${SERVICE} -E _rc_svcj=jailing ${name} ${_rc_prefix}start $rc_extra_args" \
|
|
exec.stop="${SERVICE} -E _rc_svcj=jailing ${name} ${_rc_prefix}stop $rc_extra_args" \
|
|
exec.consolelog="/var/log/svcj_${name}_console.log" \
|
|
name=svcj-${name} || return 1
|
|
fi
|
|
fi
|
|
|
|
# setup the full command to run
|
|
#
|
|
startmsg "Starting ${name}."
|
|
if [ -n "$_chroot" ]; then
|
|
_cd=
|
|
_doit="\
|
|
${_nice:+nice -n $_nice }\
|
|
$_cpusetcmd \
|
|
${_fib:+setfib -F $_fib }\
|
|
${_env:+env $_env }\
|
|
chroot ${_user:+-u $_user }${_group:+-g $_group }${_groups:+-G $_groups }\
|
|
$_chroot $command $rc_flags $command_args"
|
|
else
|
|
_cd="${_chdir:+cd $_chdir && }"
|
|
_doit="\
|
|
${_fib:+setfib -F $_fib }\
|
|
${_env:+env $_env }\
|
|
$_cpusetcmd $command $rc_flags $command_args"
|
|
if [ -n "$_user" ]; then
|
|
_doit="su -m $_user -c 'sh -c \"$_doit\"'"
|
|
fi
|
|
if [ -n "$_nice" ]; then
|
|
if [ -z "$_user" ]; then
|
|
_doit="sh -c \"$_doit\""
|
|
fi
|
|
_doit="nice -n $_nice $_doit"
|
|
fi
|
|
if [ -n "$_prepend" ]; then
|
|
_doit="$_prepend $_doit"
|
|
fi
|
|
fi
|
|
|
|
# Prepend default limits
|
|
_doit="$_cd limits -C $_login_class $_limits $_doit"
|
|
|
|
local _really_run_it=true
|
|
if checkyesno ${name}_svcj; then
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
_really_run_it=false
|
|
fi
|
|
fi
|
|
|
|
if [ "$_really_run_it" = true ]; then
|
|
# run the full command
|
|
#
|
|
if ! _run_rc_doit "$_doit"; then
|
|
warn "failed to start ${name}"
|
|
return 1
|
|
fi
|
|
fi
|
|
|
|
if [ "${_rc_svcj}" != jailing ]; then
|
|
# finally, run postcmd
|
|
#
|
|
_run_rc_postcmd
|
|
fi
|
|
;;
|
|
|
|
stop)
|
|
if [ -z "$rc_pid" ]; then
|
|
[ -n "$rc_fast" ] && return 0
|
|
_run_rc_notrunning
|
|
return 1
|
|
fi
|
|
|
|
_run_rc_precmd || return 1
|
|
|
|
# send the signal to stop
|
|
#
|
|
echo "Stopping ${name}."
|
|
_doit=$(_run_rc_killcmd "${sig_stop:-TERM}")
|
|
_run_rc_doit "$_doit" || return 1
|
|
|
|
# wait for the command to exit,
|
|
# and run postcmd.
|
|
wait_for_pids $rc_pid
|
|
|
|
if checkyesno ${name}_svcj; then
|
|
# remove service jail
|
|
$JAIL_CMD -r svcj-${name} 2>/dev/null
|
|
fi
|
|
|
|
_run_rc_postcmd
|
|
;;
|
|
|
|
reload)
|
|
if [ -z "$rc_pid" ]; then
|
|
_run_rc_notrunning
|
|
return 1
|
|
fi
|
|
|
|
_run_rc_setup || warn "failed to setup ${name}"
|
|
|
|
_run_rc_precmd || return 1
|
|
|
|
_doit=$(_run_rc_killcmd "${sig_reload:-HUP}")
|
|
_run_rc_doit "$_doit" || return 1
|
|
|
|
_run_rc_postcmd
|
|
;;
|
|
|
|
restart)
|
|
_run_rc_setup || warn "failed to setup ${name}"
|
|
|
|
# prevent restart being called more
|
|
# than once by any given script
|
|
#
|
|
if ${_rc_restart_done:-false}; then
|
|
return 0
|
|
fi
|
|
_rc_restart_done=true
|
|
|
|
_run_rc_precmd || return 1
|
|
|
|
# run those in a subshell to keep global variables
|
|
( run_rc_command ${_rc_prefix}stop $rc_extra_args )
|
|
( run_rc_command ${_rc_prefix}start $rc_extra_args )
|
|
_return=$?
|
|
[ $_return -ne 0 ] && [ -z "$rc_force" ] && return 1
|
|
|
|
_run_rc_postcmd
|
|
;;
|
|
|
|
poll)
|
|
_run_rc_precmd || return 1
|
|
if [ -n "$rc_pid" ]; then
|
|
wait_for_pids $rc_pid
|
|
fi
|
|
_run_rc_postcmd
|
|
;;
|
|
|
|
rcvar)
|
|
echo -n "# $name"
|
|
if [ -n "$desc" ]; then
|
|
echo " : $desc"
|
|
else
|
|
echo ""
|
|
fi
|
|
echo "#"
|
|
# Get unique vars in $rcvar $rcvars
|
|
for _v in $rcvar $rcvars; do
|
|
case $v in
|
|
$_v\ *|\ *$_v|*\ $_v\ *) ;;
|
|
*) v="${v# } $_v" ;;
|
|
esac
|
|
done
|
|
|
|
# Display variables.
|
|
for _v in $v; do
|
|
if [ -z "$_v" ]; then
|
|
continue
|
|
fi
|
|
|
|
eval _desc=\$${_v}_desc
|
|
eval _defval=\$${_v}_defval
|
|
_h="-"
|
|
|
|
eval echo \"$_v=\\\"\$$_v\\\"\"
|
|
# decode multiple lines of _desc
|
|
while [ -n "$_desc" ]; do
|
|
case $_desc in
|
|
*^^*)
|
|
echo "# $_h ${_desc%%^^*}"
|
|
_desc=${_desc#*^^}
|
|
_h=" "
|
|
;;
|
|
*)
|
|
echo "# $_h ${_desc}"
|
|
break
|
|
;;
|
|
esac
|
|
done
|
|
echo "# (default: \"$_defval\")"
|
|
done
|
|
echo ""
|
|
;;
|
|
|
|
*)
|
|
rc_usage $_keywords
|
|
;;
|
|
|
|
esac
|
|
|
|
# Apply protect(1) to the PID if ${name}_oomprotect is set.
|
|
case "$rc_arg" in
|
|
start)
|
|
# We cannot use protect(1) inside jails.
|
|
if [ -n "$_oomprotect" ] && [ -f "${PROTECT}" ] &&
|
|
[ "$(sysctl -n security.jail.jailed)" -eq 0 ]; then
|
|
[ -z "${rc_pid}" ] && eval $_pidcmd
|
|
case $_oomprotect in
|
|
[Aa][Ll][Ll])
|
|
${PROTECT} -d -i -p ${rc_pid}
|
|
;;
|
|
[Yy][Ee][Ss])
|
|
${PROTECT} -p ${rc_pid}
|
|
;;
|
|
esac
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
return $_return
|
|
done
|
|
|
|
echo 1>&2 "$0: unknown directive '$rc_arg'."
|
|
rc_usage $_keywords
|
|
# not reached
|
|
}
|
|
|
|
#
|
|
# Helper functions for run_rc_command: common code.
|
|
# They use such global variables besides the exported rc_* ones:
|
|
#
|
|
# name R/W
|
|
# ------------------
|
|
# _offcmd R
|
|
# _precmd R
|
|
# _postcmd R
|
|
# _return W
|
|
# _setup R
|
|
#
|
|
_run_rc_offcmd()
|
|
{
|
|
eval _offcmd=\$${name}_offcmd
|
|
if [ -n "$_offcmd" ]; then
|
|
if [ -n "$_env" ]; then
|
|
eval "export -- $_env"
|
|
fi
|
|
debug "run_rc_command: ${name}_offcmd: $_offcmd $rc_extra_args"
|
|
eval "$_offcmd $rc_extra_args"
|
|
_return=$?
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
_run_rc_precmd()
|
|
{
|
|
check_required_before "$rc_arg" || return 1
|
|
|
|
if [ -n "$_precmd" ]; then
|
|
debug "run_rc_command: ${rc_arg}_precmd: $_precmd $rc_extra_args"
|
|
eval "$_precmd $rc_extra_args"
|
|
_return=$?
|
|
|
|
# If precmd failed and force isn't set, request exit.
|
|
if [ $_return -ne 0 ] && [ -z "$rc_force" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
|
|
check_required_after "$rc_arg" || return 1
|
|
|
|
return 0
|
|
}
|
|
|
|
_run_rc_postcmd()
|
|
{
|
|
if [ -n "$_postcmd" ]; then
|
|
debug "run_rc_command: ${rc_arg}_postcmd: $_postcmd $rc_extra_args"
|
|
eval "$_postcmd $rc_extra_args"
|
|
_return=$?
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
_run_rc_setup()
|
|
{
|
|
# prevent multiple execution on restart => stop/start split
|
|
if ! ${_rc_restart_done:-false} && [ -n "$_setup" ]; then
|
|
debug "run_rc_command: ${rc_arg}_setup: $_setup"
|
|
eval "$_setup"
|
|
_return=$?
|
|
if [ $_return -ne 0 ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
_run_rc_doit()
|
|
{
|
|
local _m
|
|
|
|
debug "run_rc_command: doit: $*"
|
|
_m=$(umask)
|
|
${_umask:+umask ${_umask}}
|
|
eval "$@"
|
|
_return=$?
|
|
umask ${_m}
|
|
|
|
# If command failed and force isn't set, request exit.
|
|
if [ $_return -ne 0 ] && [ -z "$rc_force" ]; then
|
|
return 1
|
|
fi
|
|
|
|
return 0
|
|
}
|
|
|
|
_run_rc_notrunning()
|
|
{
|
|
local _pidmsg
|
|
|
|
if [ -n "$pidfile" ]; then
|
|
_pidmsg=" (check $pidfile)."
|
|
else
|
|
_pidmsg=
|
|
fi
|
|
echo 1>&2 "${name} not running?${_pidmsg}"
|
|
}
|
|
|
|
_run_rc_killcmd()
|
|
{
|
|
local _cmd
|
|
|
|
_cmd="kill -$1 $rc_pid"
|
|
if [ -n "$_user" ]; then
|
|
_cmd="su -m ${_user} -c 'sh -c \"${_cmd}\"'"
|
|
fi
|
|
echo "$_cmd"
|
|
}
|
|
|
|
#
|
|
# run_rc_script file arg
|
|
# Start the script `file' with `arg', and correctly handle the
|
|
# return value from the script.
|
|
# If `file' ends with `.sh' and lives in /etc/rc.d, ignore it as it's
|
|
# an old-style startup file.
|
|
# If `file' ends with `.sh' and does not live in /etc/rc.d, it's sourced
|
|
# into the current environment if $rc_fast_and_loose is set; otherwise
|
|
# it is run as a child process.
|
|
# If `file' appears to be a backup or scratch file, ignore it.
|
|
# Otherwise if it is executable run as a child process.
|
|
#
|
|
run_rc_script()
|
|
{
|
|
_file=$1
|
|
_arg=$2
|
|
if [ -z "$_file" -o -z "$_arg" ]; then
|
|
err 3 'USAGE: run_rc_script file arg'
|
|
fi
|
|
|
|
unset name command command_args command_interpreter \
|
|
extra_commands pidfile procname \
|
|
rcvar rcvars rcvars_obsolete required_dirs required_files \
|
|
required_vars
|
|
eval unset ${_arg}_cmd ${_arg}_precmd ${_arg}_postcmd
|
|
|
|
rc_trace 0 "$_file $_arg"
|
|
# don't use it if we don't trust it
|
|
is_verified $_file || return
|
|
|
|
rc_service="$_file"
|
|
case "$_file" in
|
|
/etc/rc.d/*.sh) # no longer allowed in the base
|
|
warn "Ignoring old-style startup script $_file"
|
|
;;
|
|
*[~#]|*.OLD|*.bak|*.orig|*,v) # scratch file; skip
|
|
warn "Ignoring scratch file $_file"
|
|
;;
|
|
*) # run in subshell
|
|
if [ -x $_file ]; then
|
|
DebugOn $_file $_file:$_arg rc:${_file##*/} rc:${_file##*/}:$_arg ${_file##*/} ${_file##*/}:$_arg
|
|
|
|
if [ -n "$rc_boottrace" ]; then
|
|
boottrace_fn "$_file" "$_arg"
|
|
elif [ -n "$rc_fast_and_loose" ]; then
|
|
set $_arg; . $_file
|
|
else
|
|
( trap "echo Script $_file interrupted >&2 ; kill -QUIT $$" 3
|
|
trap "echo Script $_file interrupted >&2 ; exit 1" 2
|
|
trap "echo Script $_file running >&2" 29
|
|
set $_arg; . $_file )
|
|
fi
|
|
DebugOff rc=$? $_file $_file:$_arg rc:${_file##*/} rc:${_file##*/}:$_arg ${_file##*/} ${_file##*/}:$_arg
|
|
fi
|
|
;;
|
|
esac
|
|
}
|
|
|
|
#
|
|
# run_rc_scripts [options] file [...]
|
|
#
|
|
# Call `run_rc_script' for each "file" unless already listed in
|
|
# $_rc_elem_done.
|
|
#
|
|
# Options:
|
|
#
|
|
# --arg "arg"
|
|
# Pass "arg" to `run_rc_script' default is $_boot.
|
|
#
|
|
# --break "marker"
|
|
# If any "file" matches "marker" stop processing.
|
|
#
|
|
_rc_elem_done=
|
|
run_rc_scripts()
|
|
{
|
|
local _arg=${_boot}
|
|
local _rc_elem
|
|
local _rc_breaks=
|
|
|
|
while :; do
|
|
case "$1" in
|
|
--arg)
|
|
_arg="$2"
|
|
shift 2
|
|
;;
|
|
--break)
|
|
_rc_breaks="$_rc_breaks $2"
|
|
shift 2
|
|
;;
|
|
*)
|
|
break
|
|
;;
|
|
esac
|
|
done
|
|
for _rc_elem in "$@"; do
|
|
: _rc_elem=$_rc_elem
|
|
case " $_rc_elem_done " in
|
|
*" $_rc_elem "*)
|
|
continue
|
|
;;
|
|
esac
|
|
run_rc_script ${_rc_elem} ${_arg}
|
|
_rc_elem_done="$_rc_elem_done $_rc_elem"
|
|
case " $_rc_breaks " in
|
|
*" ${_rc_elem##*/} "*)
|
|
break
|
|
;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
boottrace_fn()
|
|
{
|
|
local _file _arg
|
|
_file=$1
|
|
_arg=$2
|
|
|
|
if [ -n "$rc_fast_and_loose" ]; then
|
|
boottrace_sysctl "$_file start"
|
|
set $_arg; . $_file
|
|
boottrace_sysctl "$_file done"
|
|
else
|
|
_boot="${_boot}" rc_fast="${rc_fast}" autoboot="${autoboot}" \
|
|
$boottrace_cmd "$_file" "$_arg"
|
|
fi
|
|
}
|
|
|
|
boottrace_sysctl()
|
|
{
|
|
${SYSCTL} kern.boottrace.boottrace="$1"
|
|
}
|
|
|
|
#
|
|
# load_rc_config [service]
|
|
# Source in the configuration file(s) for a given service.
|
|
# If no service is specified, only the global configuration
|
|
# file(s) will be loaded.
|
|
#
|
|
load_rc_config()
|
|
{
|
|
local _name _rcvar_val _var _defval _v _msg _new _d _dot
|
|
_name=$1
|
|
_dot=${load_rc_config_reader:-dot}
|
|
|
|
case "$_dot" in
|
|
dot|[sv]dot)
|
|
;;
|
|
*) warn "Ignoring invalid load_rc_config_reader"
|
|
_dot=dot
|
|
;;
|
|
esac
|
|
case "$1" in
|
|
-s|--safe)
|
|
_dot=sdot
|
|
_name=$2
|
|
shift
|
|
;;
|
|
-v|--verify)
|
|
_dot=vdot
|
|
_name=$2
|
|
shift
|
|
;;
|
|
esac
|
|
|
|
DebugOn rc:$_name $_name
|
|
|
|
if ${_rc_conf_loaded:-false}; then
|
|
:
|
|
else
|
|
if [ -r /etc/defaults/rc.conf ]; then
|
|
debug "Sourcing /etc/defaults/rc.conf"
|
|
$_dot /etc/defaults/rc.conf
|
|
source_rc_confs
|
|
elif [ -r /etc/rc.conf ]; then
|
|
debug "Sourcing /etc/rc.conf (/etc/defaults/rc.conf doesn't exist)."
|
|
$_dot /etc/rc.conf
|
|
fi
|
|
_rc_conf_loaded=true
|
|
fi
|
|
|
|
# If a service name was specified, attempt to load
|
|
# service-specific configuration
|
|
if [ -n "$_name" ] ; then
|
|
for _d in /etc ${local_startup}; do
|
|
_d=${_d%/rc.d}
|
|
if [ -f ${_d}/rc.conf.d/"$_name" ]; then
|
|
debug "Sourcing ${_d}/rc.conf.d/$_name"
|
|
$_dot ${_d}/rc.conf.d/"$_name"
|
|
elif [ -d ${_d}/rc.conf.d/"$_name" ] ; then
|
|
local _rc
|
|
for _rc in ${_d}/rc.conf.d/"$_name"/* ; do
|
|
if [ -f "$_rc" ] ; then
|
|
debug "Sourcing $_rc"
|
|
$_dot "$_rc"
|
|
fi
|
|
done
|
|
fi
|
|
done
|
|
fi
|
|
|
|
# Set defaults if defined.
|
|
for _var in $rcvar $rcvars; do
|
|
eval _defval=\$${_var}_defval
|
|
if [ -n "$_defval" ]; then
|
|
eval : \${$_var:=\$${_var}_defval}
|
|
fi
|
|
done
|
|
|
|
# check obsolete rc.conf variables
|
|
for _var in $rcvars_obsolete; do
|
|
eval _v=\$$_var
|
|
eval _msg=\$${_var}_obsolete_msg
|
|
eval _new=\$${_var}_newvar
|
|
case $_v in
|
|
"")
|
|
;;
|
|
*)
|
|
if [ -z "$_new" ]; then
|
|
_msg="Ignored."
|
|
else
|
|
eval $_new=\"\$$_var\"
|
|
if [ -z "$_msg" ]; then
|
|
_msg="Use \$$_new instead."
|
|
fi
|
|
fi
|
|
warn "\$$_var is obsolete. $_msg"
|
|
;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
#
|
|
# load_rc_config_var name var
|
|
# Read the rc.conf(5) var for name and set in the
|
|
# current shell, using load_rc_config in a subshell to prevent
|
|
# unwanted side effects from other variable assignments.
|
|
#
|
|
load_rc_config_var()
|
|
{
|
|
if [ $# -ne 2 ]; then
|
|
err 3 'USAGE: load_rc_config_var name var'
|
|
fi
|
|
eval $(eval '(
|
|
load_rc_config '$1' >/dev/null;
|
|
if [ -n "${'$2'}" -o "${'$2'-UNSET}" != "UNSET" ]; then
|
|
echo '$2'=\'\''${'$2'}\'\'';
|
|
fi
|
|
)' )
|
|
}
|
|
|
|
#
|
|
# rc_usage commands
|
|
# Print a usage string for $0, with `commands' being a list of
|
|
# valid commands.
|
|
#
|
|
rc_usage()
|
|
{
|
|
echo -n 1>&2 "Usage: $0 [fast|force|one|quiet]("
|
|
|
|
_sep=
|
|
for _elem; do
|
|
echo -n 1>&2 "$_sep$_elem"
|
|
_sep="|"
|
|
done
|
|
echo 1>&2 ")"
|
|
exit 1
|
|
}
|
|
|
|
#
|
|
# err exitval message
|
|
# Display message to stderr and log to the syslog, and exit with exitval.
|
|
#
|
|
err()
|
|
{
|
|
exitval=$1
|
|
shift
|
|
|
|
if [ -x /usr/bin/logger ]; then
|
|
logger "$0: ERROR: $*"
|
|
fi
|
|
echo 1>&2 "$0: ERROR: $*"
|
|
exit $exitval
|
|
}
|
|
|
|
#
|
|
# warn message
|
|
# Display message to stderr and log to the syslog.
|
|
#
|
|
warn()
|
|
{
|
|
if [ -x /usr/bin/logger ]; then
|
|
logger "$0: WARNING: $*"
|
|
fi
|
|
echo 1>&2 "$0: WARNING: $*"
|
|
}
|
|
|
|
#
|
|
# info message
|
|
# Display informational message to stdout and log to syslog.
|
|
#
|
|
info()
|
|
{
|
|
case ${rc_info} in
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
if [ -x /usr/bin/logger ]; then
|
|
logger "$0: INFO: $*"
|
|
fi
|
|
echo "$0: INFO: $*"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
#
|
|
# debug message
|
|
# If debugging is enabled in rc.conf output message to stderr.
|
|
# BEWARE that you don't call any subroutine that itself calls this
|
|
# function.
|
|
#
|
|
debug()
|
|
{
|
|
case ${rc_debug} in
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
if [ -x /usr/bin/logger ]; then
|
|
logger "$0: DEBUG: $*"
|
|
fi
|
|
echo 1>&2 "$0: DEBUG: $*"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
#
|
|
# backup_file action file cur backup
|
|
# Make a backup copy of `file' into `cur', and save the previous
|
|
# version of `cur' as `backup'.
|
|
#
|
|
# The `action' keyword can be one of the following:
|
|
#
|
|
# add `file' is now being backed up (and is possibly
|
|
# being reentered into the backups system). `cur'
|
|
# is created.
|
|
#
|
|
# update `file' has changed and needs to be backed up.
|
|
# If `cur' exists, it is copied to `back'
|
|
# and then `file' is copied to `cur'.
|
|
#
|
|
# remove `file' is no longer being tracked by the backups
|
|
# system. `cur' is moved `back'.
|
|
#
|
|
#
|
|
backup_file()
|
|
{
|
|
_action=$1
|
|
_file=$2
|
|
_cur=$3
|
|
_back=$4
|
|
|
|
case $_action in
|
|
add|update)
|
|
if [ -f $_cur ]; then
|
|
cp -p $_cur $_back
|
|
fi
|
|
cp -p $_file $_cur
|
|
chown root:wheel $_cur
|
|
;;
|
|
remove)
|
|
mv -f $_cur $_back
|
|
;;
|
|
esac
|
|
}
|
|
|
|
# make_symlink src link
|
|
# Make a symbolic link 'link' to src from basedir. If the
|
|
# directory in which link is to be created does not exist
|
|
# a warning will be displayed and an error will be returned.
|
|
# Returns 0 on success, 1 otherwise.
|
|
#
|
|
make_symlink()
|
|
{
|
|
local src link linkdir _me
|
|
src="$1"
|
|
link="$2"
|
|
linkdir="`dirname $link`"
|
|
_me="make_symlink()"
|
|
|
|
if [ -z "$src" -o -z "$link" ]; then
|
|
warn "$_me: requires two arguments."
|
|
return 1
|
|
fi
|
|
if [ ! -d "$linkdir" ]; then
|
|
warn "$_me: the directory $linkdir does not exist."
|
|
return 1
|
|
fi
|
|
if ! ln -sf $src $link; then
|
|
warn "$_me: unable to make a symbolic link from $link to $src"
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# devfs_rulesets_from_file file
|
|
# Reads a set of devfs commands from file, and creates
|
|
# the specified rulesets with their rules. Returns non-zero
|
|
# if there was an error.
|
|
#
|
|
devfs_rulesets_from_file()
|
|
{
|
|
local file _err _me _opts
|
|
file="$1"
|
|
_me="devfs_rulesets_from_file"
|
|
_err=0
|
|
|
|
if [ -z "$file" ]; then
|
|
warn "$_me: you must specify a file"
|
|
return 1
|
|
fi
|
|
if [ ! -e "$file" ]; then
|
|
debug "$_me: no such file ($file)"
|
|
return 0
|
|
fi
|
|
|
|
# Disable globbing so that the rule patterns are not expanded
|
|
# by accident with matching filesystem entries.
|
|
_opts=$-; set -f
|
|
|
|
debug "reading rulesets from file ($file)"
|
|
{ while read line
|
|
do
|
|
case $line in
|
|
\#*)
|
|
continue
|
|
;;
|
|
\[*\]*)
|
|
rulenum=`expr "$line" : "\[.*=\([0-9]*\)\]"`
|
|
if [ -z "$rulenum" ]; then
|
|
warn "$_me: cannot extract rule number ($line)"
|
|
_err=1
|
|
break
|
|
fi
|
|
rulename=`expr "$line" : "\[\(.*\)=[0-9]*\]"`
|
|
if [ -z "$rulename" ]; then
|
|
warn "$_me: cannot extract rule name ($line)"
|
|
_err=1
|
|
break;
|
|
fi
|
|
eval $rulename=\$rulenum
|
|
debug "found ruleset: $rulename=$rulenum"
|
|
if ! /sbin/devfs rule -s $rulenum delset; then
|
|
_err=1
|
|
break
|
|
fi
|
|
;;
|
|
*)
|
|
rulecmd="${line%%"\#*"}"
|
|
# evaluate the command incase it includes
|
|
# other rules
|
|
if [ -n "$rulecmd" ]; then
|
|
debug "adding rule ($rulecmd)"
|
|
if ! eval /sbin/devfs rule -s $rulenum $rulecmd
|
|
then
|
|
_err=1
|
|
break
|
|
fi
|
|
fi
|
|
;;
|
|
esac
|
|
if [ $_err -ne 0 ]; then
|
|
debug "error in $_me"
|
|
break
|
|
fi
|
|
done } < $file
|
|
case $_opts in *f*) ;; *) set +f ;; esac
|
|
return $_err
|
|
}
|
|
|
|
# devfs_init_rulesets
|
|
# Initializes rulesets from configuration files. Returns
|
|
# non-zero if there was an error.
|
|
#
|
|
devfs_init_rulesets()
|
|
{
|
|
local file _me
|
|
_me="devfs_init_rulesets"
|
|
|
|
# Go through this only once
|
|
if [ -n "$devfs_rulesets_init" ]; then
|
|
debug "$_me: devfs rulesets already initialized"
|
|
return
|
|
fi
|
|
for file in $devfs_rulesets; do
|
|
if ! devfs_rulesets_from_file $file; then
|
|
warn "$_me: could not read rules from $file"
|
|
return 1
|
|
fi
|
|
done
|
|
devfs_rulesets_init=1
|
|
debug "$_me: devfs rulesets initialized"
|
|
return 0
|
|
}
|
|
|
|
# devfs_set_ruleset ruleset [dir]
|
|
# Sets the default ruleset of dir to ruleset. The ruleset argument
|
|
# must be a ruleset name as specified in devfs.rules(5) file.
|
|
# Returns non-zero if it could not set it successfully.
|
|
#
|
|
devfs_set_ruleset()
|
|
{
|
|
local devdir rs _me
|
|
[ -n "$1" ] && eval rs=\$$1 || rs=
|
|
[ -n "$2" ] && devdir="-m "$2"" || devdir=
|
|
_me="devfs_set_ruleset"
|
|
|
|
if [ -z "$rs" ]; then
|
|
warn "$_me: you must specify a ruleset number"
|
|
return 1
|
|
fi
|
|
debug "$_me: setting ruleset ($rs) on mount-point (${devdir#-m })"
|
|
if ! /sbin/devfs $devdir ruleset $rs; then
|
|
warn "$_me: unable to set ruleset $rs to ${devdir#-m }"
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# devfs_apply_ruleset ruleset [dir]
|
|
# Apply ruleset number $ruleset to the devfs mountpoint $dir.
|
|
# The ruleset argument must be a ruleset name as specified
|
|
# in a devfs.rules(5) file. Returns 0 on success or non-zero
|
|
# if it could not apply the ruleset.
|
|
#
|
|
devfs_apply_ruleset()
|
|
{
|
|
local devdir rs _me
|
|
[ -n "$1" ] && eval rs=\$$1 || rs=
|
|
[ -n "$2" ] && devdir="-m "$2"" || devdir=
|
|
_me="devfs_apply_ruleset"
|
|
|
|
if [ -z "$rs" ]; then
|
|
warn "$_me: you must specify a ruleset"
|
|
return 1
|
|
fi
|
|
debug "$_me: applying ruleset ($rs) to mount-point (${devdir#-m })"
|
|
if ! /sbin/devfs $devdir rule -s $rs applyset; then
|
|
warn "$_me: unable to apply ruleset $rs to ${devdir#-m }"
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# devfs_domount dir [ruleset]
|
|
# Mount devfs on dir. If ruleset is specified it is set
|
|
# on the mount-point. It must also be a ruleset name as specified
|
|
# in a devfs.rules(5) file. Returns 0 on success.
|
|
#
|
|
devfs_domount()
|
|
{
|
|
local devdir rs _me
|
|
devdir="$1"
|
|
[ -n "$2" ] && rs=$2 || rs=
|
|
_me="devfs_domount()"
|
|
|
|
if [ -z "$devdir" ]; then
|
|
warn "$_me: you must specify a mount-point"
|
|
return 1
|
|
fi
|
|
debug "$_me: mount-point is ($devdir), ruleset is ($rs)"
|
|
if ! mount -t devfs dev "$devdir"; then
|
|
warn "$_me: Unable to mount devfs on $devdir"
|
|
return 1
|
|
fi
|
|
if [ -n "$rs" ]; then
|
|
devfs_init_rulesets
|
|
devfs_set_ruleset $rs $devdir
|
|
devfs -m $devdir rule applyset
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# Provide a function for normalizing the mounting of memory
|
|
# filesystems. This should allow the rest of the code here to remain
|
|
# as close as possible between 5-current and 4-stable.
|
|
# $1 = size
|
|
# $2 = mount point
|
|
# $3 = (optional) extra mdmfs flags
|
|
mount_md()
|
|
{
|
|
if [ -n "$3" ]; then
|
|
flags="$3"
|
|
fi
|
|
/sbin/mdmfs $flags -s $1 ${mfs_type} $2
|
|
}
|
|
|
|
# Code common to scripts that need to load a kernel module
|
|
# if it isn't in the kernel yet. Syntax:
|
|
# load_kld [-e regex] [-m module] file
|
|
# where -e or -m chooses the way to check if the module
|
|
# is already loaded:
|
|
# regex is egrep'd in the output from `kldstat -v',
|
|
# module is passed to `kldstat -m'.
|
|
# The default way is as though `-m file' were specified.
|
|
load_kld()
|
|
{
|
|
local _loaded _mod _opt _re
|
|
|
|
while getopts "e:m:" _opt; do
|
|
case "$_opt" in
|
|
e) _re="$OPTARG" ;;
|
|
m) _mod="$OPTARG" ;;
|
|
*) err 3 'USAGE: load_kld [-e regex] [-m module] file' ;;
|
|
esac
|
|
done
|
|
shift $(($OPTIND - 1))
|
|
if [ $# -ne 1 ]; then
|
|
err 3 'USAGE: load_kld [-e regex] [-m module] file'
|
|
fi
|
|
_mod=${_mod:-$1}
|
|
_loaded=false
|
|
if [ -n "$_re" ]; then
|
|
if kldstat -v | egrep -q -e "$_re"; then
|
|
_loaded=true
|
|
fi
|
|
else
|
|
if kldstat -q -m "$_mod"; then
|
|
_loaded=true
|
|
fi
|
|
fi
|
|
if ! $_loaded; then
|
|
if ! kldload "$1"; then
|
|
warn "Unable to load kernel module $1"
|
|
return 1
|
|
else
|
|
info "$1 kernel module loaded."
|
|
if [ -f "/etc/sysctl.kld.d/$1.conf" ]; then
|
|
sysctl -f "/etc/sysctl.kld.d/$1.conf"
|
|
fi
|
|
fi
|
|
else
|
|
debug "load_kld: $1 kernel module already loaded."
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# ltr str src dst [var]
|
|
# Change every $src in $str to $dst.
|
|
# Useful when /usr is not yet mounted and we cannot use tr(1), sed(1) nor
|
|
# awk(1). If var is non-NULL, set it to the result.
|
|
ltr()
|
|
{
|
|
local _str _src _dst _out _com _var
|
|
_str="$1"
|
|
_src="$2"
|
|
_dst="$3"
|
|
_var="$4"
|
|
_out=""
|
|
|
|
local IFS="${_src}"
|
|
for _com in ${_str}; do
|
|
if [ -z "${_out}" ]; then
|
|
_out="${_com}"
|
|
else
|
|
_out="${_out}${_dst}${_com}"
|
|
fi
|
|
done
|
|
if [ -n "${_var}" ]; then
|
|
setvar "${_var}" "${_out}"
|
|
else
|
|
echo "${_out}"
|
|
fi
|
|
}
|
|
|
|
# Creates a list of providers for GELI encryption.
|
|
geli_make_list()
|
|
{
|
|
local devices devices2
|
|
local provider mountpoint type options rest
|
|
|
|
# Create list of GELI providers from fstab.
|
|
while read provider mountpoint type options rest ; do
|
|
case ":${options}" in
|
|
:*noauto*)
|
|
noauto=yes
|
|
;;
|
|
*)
|
|
noauto=no
|
|
;;
|
|
esac
|
|
|
|
case ":${provider}" in
|
|
:#*)
|
|
continue
|
|
;;
|
|
*.eli)
|
|
# Skip swap devices.
|
|
if [ "${type}" = "swap" -o "${options}" = "sw" -o "${noauto}" = "yes" ]; then
|
|
continue
|
|
fi
|
|
devices="${devices} ${provider}"
|
|
;;
|
|
esac
|
|
done < /etc/fstab
|
|
|
|
# Append providers from geli_devices.
|
|
devices="${devices} ${geli_devices}"
|
|
|
|
for provider in ${devices}; do
|
|
provider=${provider%.eli}
|
|
provider=${provider#/dev/}
|
|
devices2="${devices2} ${provider}"
|
|
done
|
|
|
|
echo ${devices2}
|
|
}
|
|
|
|
# Originally, root mount hold had to be released before mounting
|
|
# the root filesystem. This delayed the boot, so it was changed
|
|
# to only wait if the root device isn't readily available. This
|
|
# can result in rc scripts executing before all the devices - such
|
|
# as graid(8), or USB disks - can be accessed. This function can
|
|
# be used to explicitly wait for root mount holds to be released.
|
|
root_hold_wait()
|
|
{
|
|
local wait waited holders
|
|
|
|
waited=0
|
|
while true; do
|
|
holders="$(sysctl -n vfs.root_mount_hold)"
|
|
if [ -z "${holders}" ]; then
|
|
break;
|
|
fi
|
|
if [ ${waited} -eq 0 ]; then
|
|
echo -n "Waiting ${root_hold_delay}s" \
|
|
"for the root mount holders: ${holders}"
|
|
else
|
|
echo -n .
|
|
fi
|
|
if [ ${waited} -ge ${root_hold_delay} ]; then
|
|
echo
|
|
break
|
|
fi
|
|
sleep 1
|
|
waited=$(($waited + 1))
|
|
done
|
|
}
|
|
|
|
# Find scripts in local_startup directories that use the old syntax
|
|
#
|
|
find_local_scripts_old() {
|
|
zlist=''
|
|
slist=''
|
|
for dir in ${local_startup}; do
|
|
if [ -d "${dir}" ]; then
|
|
for file in ${dir}/[0-9]*.sh; do
|
|
grep '^# PROVIDE:' $file >/dev/null 2>&1 &&
|
|
continue
|
|
zlist="$zlist $file"
|
|
done
|
|
for file in ${dir}/[!0-9]*.sh; do
|
|
grep '^# PROVIDE:' $file >/dev/null 2>&1 &&
|
|
continue
|
|
slist="$slist $file"
|
|
done
|
|
fi
|
|
done
|
|
}
|
|
|
|
find_local_scripts_new() {
|
|
local_rc=''
|
|
for dir in ${local_startup}; do
|
|
if [ -d "${dir}" ]; then
|
|
for file in `grep -l '^# PROVIDE:' ${dir}/* 2>/dev/null`; do
|
|
case "$file" in
|
|
*.sample|*.pkgsave) ;;
|
|
*) if [ -x "$file" ]; then
|
|
local_rc="${local_rc} ${file}"
|
|
fi
|
|
;;
|
|
esac
|
|
done
|
|
fi
|
|
done
|
|
}
|
|
|
|
find_system_scripts() {
|
|
system_rc=''
|
|
for file in /etc/rc.d/*; do
|
|
case "${file##*/}" in
|
|
*.pkgsave) ;;
|
|
*) if [ -x "$file" ]; then
|
|
system_rc="${system_rc} ${file}"
|
|
fi
|
|
;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
# check_required_{before|after} command
|
|
# Check for things required by the command before and after its precmd,
|
|
# respectively. The two separate functions are needed because some
|
|
# conditions should prevent precmd from being run while other things
|
|
# depend on precmd having already been run.
|
|
#
|
|
check_required_before()
|
|
{
|
|
local _f
|
|
|
|
case "$1" in
|
|
start)
|
|
for _f in $required_vars; do
|
|
if ! checkyesno $_f; then
|
|
warn "\$${_f} is not enabled."
|
|
if [ -z "$rc_force" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
|
|
for _f in $required_dirs; do
|
|
if [ ! -d "${_f}/." ]; then
|
|
warn "${_f} is not a directory."
|
|
if [ -z "$rc_force" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
|
|
for _f in $required_files; do
|
|
if [ ! -r "${_f}" ]; then
|
|
warn "${_f} is not readable."
|
|
if [ -z "$rc_force" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
;;
|
|
esac
|
|
|
|
return 0
|
|
}
|
|
|
|
check_required_after()
|
|
{
|
|
local _f _args
|
|
|
|
case "$1" in
|
|
start)
|
|
for _f in $required_modules; do
|
|
case "${_f}" in
|
|
*~*) _args="-e ${_f#*~} ${_f%%~*}" ;;
|
|
*:*) _args="-m ${_f#*:} ${_f%%:*}" ;;
|
|
*) _args="${_f}" ;;
|
|
esac
|
|
if ! load_kld ${_args}; then
|
|
if [ -z "$rc_force" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
;;
|
|
esac
|
|
|
|
return 0
|
|
}
|
|
|
|
# check_jail mib
|
|
# Return true if security.jail.$mib exists and set to 1.
|
|
|
|
check_jail()
|
|
{
|
|
local _mib _v
|
|
|
|
_mib=$1
|
|
if _v=$(${SYSCTL_N} "security.jail.$_mib" 2> /dev/null); then
|
|
case $_v in
|
|
1) return 0;;
|
|
esac
|
|
fi
|
|
return 1
|
|
}
|
|
|
|
# check_kern_features mib
|
|
# Return existence of kern.features.* sysctl MIB as true or
|
|
# false. The result will be cached in $_rc_cache_kern_features_
|
|
# namespace. "0" means the kern.features.X exists.
|
|
|
|
check_kern_features()
|
|
{
|
|
local _v
|
|
|
|
[ -n "$1" ] || return 1;
|
|
eval _v=\$_rc_cache_kern_features_$1
|
|
[ -n "$_v" ] && return "$_v";
|
|
|
|
if ${SYSCTL_N} kern.features.$1 > /dev/null 2>&1; then
|
|
eval _rc_cache_kern_features_$1=0
|
|
return 0
|
|
else
|
|
eval _rc_cache_kern_features_$1=1
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# check_namevarlist var
|
|
# Return "0" if ${name}_var is reserved in rc.subr.
|
|
|
|
_rc_namevarlist="program chroot chdir env flags fib nice user group groups prepend setup"
|
|
check_namevarlist()
|
|
{
|
|
local _v
|
|
|
|
for _v in $_rc_namevarlist; do
|
|
case $1 in
|
|
$_v) return 0 ;;
|
|
esac
|
|
done
|
|
|
|
return 1
|
|
}
|
|
|
|
# _echoonce var msg mode
|
|
# mode=0: Echo $msg if ${$var} is empty.
|
|
# After doing echo, a string is set to ${$var}.
|
|
#
|
|
# mode=1: Echo $msg if ${$var} is a string with non-zero length.
|
|
#
|
|
_echoonce()
|
|
{
|
|
local _var _msg _mode
|
|
eval _var=\$$1
|
|
_msg=$2
|
|
_mode=$3
|
|
|
|
case $_mode in
|
|
1) [ -n "$_var" ] && echo "$_msg" ;;
|
|
*) [ -z "$_var" ] && echo -n "$_msg" && eval "$1=finished" ;;
|
|
esac
|
|
}
|
|
|
|
# If the loader env variable rc.debug is set, turn on debugging. rc.conf will
|
|
# still override this, but /etc/defaults/rc.conf can't unconditionally set this
|
|
# since it would undo what we've done here.
|
|
if kenv -q rc.debug > /dev/null ; then
|
|
rc_debug=YES
|
|
fi
|
|
|
|
boottrace_cmd=`command -v boottrace`
|
|
if [ -n "$boottrace_cmd" ] && [ "`${SYSCTL_N} -q kern.boottrace.enabled`" = "1" ]; then
|
|
rc_boottrace=YES
|
|
fi
|
|
|
|
SED=${SED:-$(Exists -x /usr/bin/sed /rescue/sed)}
|
|
|
|
# Allow for local additions and overrides.
|
|
# Use vdot to ensure the file has not been tampered with.
|
|
vdot /etc/local.rc.subr
|
|
|
|
# Avoid noise - when we do not have /usr mounted,
|
|
# and we cannot use safe_dot without sed.
|
|
if ! have basename; then
|
|
basename()
|
|
{
|
|
local b=${1%$2}
|
|
echo ${b##*/}
|
|
}
|
|
tty()
|
|
{
|
|
return 0
|
|
}
|
|
# we cannot use safe_dot without sed
|
|
[ -z "$SED" ] && _SAFE_EVAL_SH=:
|
|
fi
|
|
# safe_eval.sh provides safe_dot - for untrusted files
|
|
$_SAFE_EVAL_SH vdot /libexec/safe_eval.sh
|
|
$_DEBUG_SH vdot /libexec/debug.sh
|
|
|
|
# Ensure we can still operate if debug.sh and
|
|
# safe_eval.sh are not found.
|
|
if ! have DebugOn; then
|
|
DebugOn() { return 0; }
|
|
DebugOff() {
|
|
local _rc=0
|
|
while :
|
|
do
|
|
case "$1" in
|
|
-[eo]) shift;; # ignore it
|
|
rc=*) eval "_$1"; shift;;
|
|
*) break;;
|
|
esac
|
|
done
|
|
return $_rc
|
|
}
|
|
fi
|
|
if ! have safe_dot; then
|
|
safe_dot() { dot "$@"; }
|
|
fi
|