finit

Changes

• Add hook point for fstab mount failure
• Set hostname on dynamic reload
• Upgrade to libite v1.1.1

Fixes

• Fix service callback coredump checks and simplify callback exit
• Do not use -Os use -O2 as default optimization level. Many cross
  compiler toolchains are known to have problems with -Os
• Do not allow build VERSION to be overloaded by an environment variable
• Fix too small MAX arguments and too few argments in svc_t for
  reading currently running services with initctl show
• Unblock blocked signals after forking off a child

Support for multiple instances and event based services, as well as the
introduction of an initctl tool.

Note: Incompatible change to syntax for custom inetd services, c.f. Finit v1.12.

Changes

• The most notable change is the support for multiple instances. A must
  have when running multiple DHCP clients, OpenVPN tunnels, or anything
  that means using the same command only with different arguments. Now
  simply add a :ID after the service keyword, where ID is a unique
  instance number for that service.

    service #1 [2345] /sbin/httpd -f -h /http -p 80   -- Web server
    service #2 [2345] /sbin/httpd -f -h /http -p 8080 -- Old web server
  

• Another noteworthy new feature is support for starting/stopping
  services on Netlink events:

    service :1 [2345] <!IFUP:eth0,GW> /sbin/dropbear -R -F -p 22 -- SSH daemon
  

  Here the first instance :1 of the SSH daemon is declared to run in
  runlevels 2-5, but only if eth0 IFUP:eth0 is up and a gateway GW
  is set. When the configuration changes, a new gateway is set, or if
  somehow a new IFUP event for eth0 is received, then dropbear is not
  SIGHUP'ed, but instead stop-started <!>. The latter trick applies
  to all services, even those that do not define any events.

• Support for reloading *.conf files in /etc/finit.d/ on SIGHUP.
  All task, service and run statements can be used in these .conf
  files. Use the telinit q command, initctl reload or simply send
  SIGHUP to PID 1 to reload them. Finit automatically does reload of
  these *.conf files when changing runlevel.

• Support for a modern initctl tool which can stop/start/reload and
  list status of all system services. Also, the old client tool used
  to change runlevel is now also available as a symlink: telinit.

    initctl [-v] <status|stop|start|reload|restart> [JOB]
  

• Add concept of "jobs". This is a unique identifier, composed of a
  service and instance number, SVC:ID

    initctl <stop|start|reload|restart> JOB
  

• Support for deny filters in inetd services.

  inetd service/proto[@iface,!iface,...] </path/to/cmd | internal[.service]>
  

  Internal services on a custom port must use the internal.service
  syntax so Finit can properly bind the inetd service to the correct
  plugin. Here follows a few examples:

    inetd time/udp                    wait [2345] internal                -- UNIX rdate service
    inetd time/tcp                  nowait [2345] internal                -- UNIX rdate service
    inetd 3737/tcp                  nowait [2345] internal.time           -- UNIX rdate service
    inetd telnet/tcp@*,!eth1,!eth0, nowait [2345] /sbin/telnetd -i -F     -- Telnet service
    inetd 2323/tcp@eth1,eth2,eth0   nowait [2345] /sbin/telnetd -i -F     -- Telnet service
    inetd 222/tcp@eth0              nowait [2345] /sbin/dropbear -i -R -F -- SSH service
    inetd ssh/tcp@*,!eth0           nowait [2345] /sbin/dropbear -i -R -F -- SSH service
  

  Access to telnet on port 2323 is only possible from interfaces
  eth0, eth1 and eth2. The standard telnet port (23) is
  available from all other interfaces, but also eth2. The *
  notation used in the ssh stanza means any interface, however, here
  eth0 is not allowed.

  NOTE: This change breaks syntax compatibility with Finit v1.12.

• Support for a more user-friendly configure script rather than editing
  the top Makefile, or setting environment variables at build time.

• Support for building Finit statically, no external libraries. This
  unfortunately means that some plugins cannot be built, at all.
  Big thanks goes to James Mills for all help testing this out!

• Support for disabling the built-in inetd server with configure.

• Support for two new hook points: HOOK_SVC_RECONF and
  HOOK_RUNLEVEL_CHANGE. See the source for the exact location.

• The include <FILE> option now needs an absolute path to FILE.

Fixes

• Rename patches/ to contrib/ to simplify integration in 3rd party
  build systems.
• Fix for unwanted zombies ... when receiving SIGCHLD we must reap all
  children. We only receive one signal, but multiple processes may have
  exited and need to be collected.

The inetd release.

Changes

• Add support for built-in inetd super server -- launch services on
  demand. Supports filtering per interface and custom Inet ports.
• Upgrade to libuEv v1.1.0 to better handle error conditions.
• Allow mixed case config directives in finit.conf
• Add support for RFC 868 (rdate) time plugin, start as inetd service.
• Load plugins before parsing finit.conf, this makes it possible to
  extend finit even with configuration commands. E.g., the time.so
  plugin must be loaded for the inetd time/tcp internal service to be
  accepted when parsing finit.conf.
• Slight change in TTY fallback behavior, if no TTY is listed in the
  system finit.conf first inspect the console setting and only if
  that too is unset fall back to /bin/sh
• When falling back to the console TTY or /bin/sh, finit now marks
  this fallback as console. Should improve usability in some use cases.

Fixes

• Revert "Use vfork() instead of fork() before exec()" from v1.11. It
  turned out to not work so well after all. For instance, launching
  TTYs in a background process completely blocked inetd services from
  even starting up listening sockets ... proper fork seems to work fine
  though. This is the casue for yanking the [1.11] release, below.
• Trap segfaults caused by external plugins/callbacks in a sub-process.
  This prevents a single programming mistake in by a 3rd party developer
  from taking down the entire system.
• Fix Coverity CID 56281: dlopen() resource leak by storing the pointer.
  For the time being we do not support unloading plugins.
• Set hostname early, so bootstrap processes like syslog can use it.
• Only restart lost daemons when recovering from a SIGSTOP/norespawn.

The libuEv release.

Note: This release has been yanked from distribution due to a regression in launching background processes and TTY's. Fixed in Finit v1.12.

Changes

• Now using the asynchronous libuEv library for handling all events:
  signals, timers and listening to sockets or file descriptors.
• Rename NEWS.md --> CHANGELOG.md, with symlinks for make install
• Attempt to align with http://keepachangelog.com for the ChangeLog
• Travis CI now only invokes Coverity Scan from the 'dev' branch. This
  means that all development, except documentation updates, must go into
  that branch.

Fixes

• Fix bug with finit dying when no tty is defined in finit.conf, now
  even the fallback shell has control over its TTY, see fix in GIT
  commit dea3ae8 for this.

Major bug fix release, courtesy of Coverity Scan.

• Project now relies on static code analysis from Coverity, so this
  release contains many serious bug fixes.
• Fix serious file descriptor and memory leaks in the following
  functions. In particular the leaks in run_interactive() are very
  serious since that function is called every time a service is
  started and/or restarted! For details, see the GIT log:
  • helpers.c:run()
  • helpers.c:run_interactive()
  • helpers.c:set_hostname()
  • helpers.c:procname_kill()
• svc.c:svc_start(): Fix swapped arguments to dup2() and add
  close(fd) to prevent descriptor leak.
• svc.c:svc_start(): Fix out of bounds write to local stack
  variable, wrote off-by-one outside array.
• Several added checks for return values to mknod(), mkdir(),
  remove(), etc.
• Convert to use Markdown for README, NEWS and TODO.
• Serious update to README and slight pruning of finished TODO items.