Merge pull request #21 from glerchundi/master

fixes/implements #13

.gitignore

@@ -0,0 +1,2 @@
+dist/
+.DS_Store

builder/build-latest

@@ -95,15 +95,22 @@ for output in "${outputs[@]}"; do
     mkdir -p $overlaydstpath/etc/{cont-init.d,fix-attrs.d,services.d}
     mkdir -p $overlaydstpath/var/log/s6-uncaught-logs
 
+    # create event directory in fdholder, its needed for no-catchall
+    # stage2 wake up
+    mkdir -p $overlaydstpath/etc/s6/services/s6-fdholderd/event
+    chmod 3730 $overlaydstpath/etc/s6/services/s6-fdholderd/event
+
     # fix fix-attrs perms
     chmod 0755 $overlaydstpath/usr/bin/fix-attrs
 
     # fix init perms
     chmod 0755 $overlaydstpath/init
-    chmod 0755 $overlaydstpath/etc/s6/init/init-stage*
-    chmod 0755 $overlaydstpath/etc/s6/service/.s6-svscan/{crash,finish}
-    chmod 0755 $overlaydstpath/etc/s6/service/s6-fdholderd/run
-    chmod 0755 $overlaydstpath/etc/s6/service/s6-svscan-log/run
+    chmod 0755 $overlaydstpath/etc/s6/init/init-*
+    chmod 0755 $overlaydstpath/etc/s6/init-catchall/init-*
+    chmod 0755 $overlaydstpath/etc/s6/init-no-catchall/init-*
+    chmod 0755 $overlaydstpath/etc/s6/services/.s6-svscan/{crash,finish}
+    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/run
+    chmod 0755 $overlaydstpath/etc/s6/services/s6-svscan-log/run
 
     # copy debugging tools & fix perms
     if [ "${edition}" == "debug" ]; then
@@ -112,7 +119,11 @@ for output in "${outputs[@]}"; do
     fi
 
     # dist!
-    tar -zcvf $overlaytarpath -C $overlaydstpath ./
+    tar --owner=root --group=root \
+        -zcvf                     \
+        $overlaytarpath           \
+        -C $overlaydstpath        \
+        ./
   done
 done
 

builder/overlay-rootfs/etc/s6/init-catchall/init-stage1

@@ -0,0 +1,59 @@
+#!/usr/bin/execlineb -S0
+
+##
+## ensure our vital fifo exists
+##
+
+if { s6-mkfifo -m 0600 -- /var/run/s6/uncaught-logs-fifo }
+
+##
+## ensure ownership & permissions for our vital files
+##
+
+if { s6-rmrf /var/log/s6-uncaught-logs }
+if { s6-mkdir -p /var/log/s6-uncaught-logs }
+if { s6-envuidgid -D 32768:32768 nobody s6-chown -U /var/log/s6-uncaught-logs }
+if { s6-chmod 2700 /var/log/s6-uncaught-logs }
+
+
+##
+## init the scandir with our base services
+##
+
+if { s6-rmrf /var/run/s6/services }
+if { s6-hiercopy /etc/s6/services /var/run/s6/services }
+
+
+##
+## fork the "init-stage2" script
+##
+
+background
+{
+  # block until the supervision tree is running
+  redirfd -w 3 /var/run/s6/uncaught-logs-fifo
+  fdclose 3
+
+  # add some environment
+  s6-envdir -- /etc/s6/init/env-stage2
+
+  # run the script
+  /etc/s6/init-catchall/init-stage2 $@
+}
+unexport !
+
+
+##
+## run the rest of stage 1 with sanitized descriptors
+##
+
+redirfd -r 0 /dev/null
+redirfd -wnb 1 /var/run/s6/uncaught-logs-fifo
+fdmove -c 2 1
+
+
+##
+## start the supervision tree
+##
+
+s6-svscan -t0 /var/run/s6/services

builder/overlay-rootfs/etc/s6/init-catchall/init-stage2

@@ -0,0 +1,24 @@
+#!/usr/bin/execlineb -S0
+
+# This file is executed (not as process 1!) as soon as s6-svscan
+# starts, with the original stdin/out/err, but NOT the original
+# environment.
+# Purpose of this file: to perform all the one-time initialization tasks.
+
+if -nt
+{
+  if
+  {
+    redirfd -w 1 /var/run/s6/uncaught-logs-fifo
+    fdmove -c 2 1
+
+    /etc/s6/init/init-stage2-fix-attrs
+    /etc/s6/init/init-stage2-cont-inits
+    /etc/s6/init/init-stage2-services
+  }
+
+  /etc/s6/init/init-stage2-cmd $@
+}
+
+# if anything in the if -nt { } block fails, control jumps here.
+s6-echo -- "\n!!!!!\n init-stage2 failed.\n Logs are in /var/log/s6-uncaught-logs\n!!!!!"

builder/overlay-rootfs/etc/s6/init-no-catchall/init-stage1

@@ -0,0 +1,48 @@
+#!/usr/bin/execlineb -S0
+
+##
+## init the scandir with our base services
+##
+
+if { s6-rmrf /var/run/s6/services }
+if { s6-hiercopy /etc/s6/services /var/run/s6/services }
+if { s6-rmrf /var/run/s6/services/s6-svscan-log }
+
+
+##
+## fork the "init-stage2" script
+##
+
+background
+{
+  # block until the supervision tree is running
+  # NOTE: start waiting as soon as possible because we can get
+  # into a race condition if "s" was already sent before we
+  # started listening to the fifodir.
+  if
+  {
+    # keep stderr open, but avoid "s" printing to the outside
+    redirfd -w 1 /dev/null
+    s6-ftrig-wait /var/run/s6/services/s6-fdholderd/event "s"
+  }
+
+  # add some environment
+  s6-envdir -- /etc/s6/init/env-stage2
+
+  # run the script
+  /etc/s6/init-no-catchall/init-stage2 $@
+}
+unexport !
+
+##
+## run the rest of stage 1 with sanitized descriptors
+##
+
+redirfd -r 0 /dev/null
+
+
+##
+## start the supervision tree
+##
+
+s6-svscan -t0 /var/run/s6/services

builder/overlay-rootfs/etc/s6/init-no-catchall/init-stage2

@@ -0,0 +1,21 @@
+#!/usr/bin/execlineb -S0
+
+# This file is executed (not as process 1!) as soon as s6-svscan
+# starts, with the original stdin/out/err, but NOT the original
+# environment.
+# Purpose of this file: to perform all the one-time initialization tasks.
+
+if -nt
+{
+  if
+  {
+    /etc/s6/init/init-stage2-fix-attrs
+    /etc/s6/init/init-stage2-cont-inits
+    /etc/s6/init/init-stage2-services
+  }
+
+  /etc/s6/init/init-stage2-cmd $@
+}
+
+# if anything in the if -nt { } block fails, control jumps here.
+s6-echo -- "\n!!!!!\n init-stage2 failed.\n!!!!!"

builder/overlay-rootfs/etc/s6/init/init-stage1

@@ -18,61 +18,19 @@
 /usr/bin/s6-envdir /etc/s6/init/env
 /usr/bin/exec --
 
-
-##
-## ensure our vital fifo exists
-##
-
-if { s6-mkfifo -m 0600 -- /var/run/s6/uncaught-logs-fifo }
-
-##
-## ensure ownership & permissions for our vital files
-##
-
-if { s6-rmrf /var/log/s6-uncaught-logs }
-if { s6-mkdir -p /var/log/s6-uncaught-logs }
-if { s6-envuidgid -D 32768:32768 nobody s6-chown -U /var/log/s6-uncaught-logs }
-if { s6-chmod 2700 /var/log/s6-uncaught-logs }
-
-
-##
-## init the scandir with our base services
-##
-
-if { s6-rmrf /var/run/s6/service }
-if { s6-hiercopy /etc/s6/service /var/run/s6/service }
-
-
 ##
-## fork the "init-stage2" script
+## route based on what was provided in S6_USE_CATCHALL_LOGGER
 ##
 
-background
+backtick -n -D 0 S6_USE_CATCHALL_LOGGER
 {
-  # add some environment
-  s6-envdir -- /etc/s6/init/env-stage2
-
-  # block until the supervision tree is running
-  redirfd -w 3 /var/run/s6/uncaught-logs-fifo
-  fdclose 3
-
-  # run the script
-  /etc/s6/init/init-stage2 $@
+  if { s6-test -f /var/run/s6/container_environment/S6_USE_CATCHALL_LOGGER }
+  redirfd -r 0 /var/run/s6/container_environment/S6_USE_CATCHALL_LOGGER
+  s6-cat
 }
-unexport !
-
-
-##
-## run the rest of stage 1 with sanitized descriptors
-##
-
-redirfd -r 0 /dev/null
-redirfd -wnb 1 /var/run/s6/uncaught-logs-fifo
-fdmove -c 2 1
-
-
-##
-## start the supervision tree
-##
-
-s6-svscan -t0 /var/run/s6/service
+import -u S6_USE_CATCHALL_LOGGER
+ifelse { s6-test ${S6_USE_CATCHALL_LOGGER} -eq 1 }
+{
+  /etc/s6/init-catchall/init-stage1 $@
+}
+/etc/s6/init-no-catchall/init-stage1 $@

builder/overlay-rootfs/etc/s6/init/init-stage2-cmd

@@ -0,0 +1,17 @@
+#!/usr/bin/execlineb -S0
+
+##
+## The init is complete. If the user has given a CMD, run it now, then
+## kill everything when it exits.
+##
+
+if -t { s6-test $# -ne 0 }
+foreground { s6-setsid -gq -- with-contenv $@ }
+foreground { import -u ? s6-echo "${1} exited ${?}. Stopping the supervision tree." }
+foreground { s6-svscanctl -t /var/run/s6/services }
+
+# Race condition here, but it's ok: the sync in stage 3 takes ages,
+# and if we get killed by the SIGTERM instead of the SIGKILL, meh, who cares.
+
+# Wait to be nuked
+s6-pause -th

builder/overlay-rootfs/etc/s6/init/init-stage2-cont-inits

@@ -0,0 +1,19 @@
+#!/usr/bin/execlineb -S0
+
+##
+## cont-init.d: one-time init scripts
+##
+
+if { s6-echo "[cont-init.d] executing container initialization scripts..." }
+if
+{
+  pipeline { s6-ls -0 -- /etc/cont-init.d }
+  pipeline { s6-sort -0 -- }
+  forstdin -0 -- i
+  import -u i
+  if { s6-echo -n -- "[cont-init.d] executing ${i}... " }
+  foreground { with-contenv /etc/cont-init.d/${i} }
+  import -u ? s6-echo -- " ... exited ${?}"
+}
+if { s6-echo -- "[cont-init.d] done." }
+$@