add openrc from aports

author: V.Krishn <vkrishn@insteps.net> 2025-01-14 15:42:15 +0000
committer: V.Krishn <vkrishn@insteps.net> 2025-01-14 15:42:15 +0000
commit: 326ab867bbf3d94e3009cd90a26ebe0f78a4f41a (patch)
tree: 3e6018cf369751549b92737808ca2a46523b0f42 /openrc
parent: 8e449f7d39010614785a9f7dd45cc657e532a0ed (diff)
download: aportsbag-326ab867bbf3d94e3009cd90a26ebe0f78a4f41a.tar.bz2
27 files changed, 1596 insertions, 0 deletions
diff --git a/openrc/0001-call-sbin-mkmntdirs-in-localmount-OpenRC-service.patch b/openrc/0001-call-sbin-mkmntdirs-in-localmount-OpenRC-service.patch
new file mode 100644
index 0000000..c2b4f02
--- /dev/null
+++ b/openrc/0001-call-sbin-mkmntdirs-in-localmount-OpenRC-service.patch
@@ -0,0 +1,126 @@
+From 908f77d4f1930c1ac0be036d3d2e10ff15f84fbf Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Wed, 1 Feb 2017 04:04:52 +0000
+Subject: [PATCH] call /sbin/mkmntdirs in localmount OpenRC service
+
+---
+ init.d/localmount.in      |  2 ++
+ src/meson.build           |  1 +
+ src/mkmntdirs/meson.build |  5 +++
+ src/mkmntdirs/mkmntdirs.c | 67 +++++++++++++++++++++++++++++++++++++++
+ 4 files changed, 75 insertions(+)
+ create mode 100644 src/mkmntdirs/meson.build
+ create mode 100644 src/mkmntdirs/mkmntdirs.c
+
+diff --git a/init.d/localmount.in b/init.d/localmount.in
+index 8a66eb8d..19693b6b 100644
+--- a/init.d/localmount.in
++++ b/init.d/localmount.in
+@@ -21,6 +21,8 @@ depend()
+ 
+ start()
+ {
++	[ -x /sbin/mkmntdirs ] && mkmntdirs
++
+ 	# Mount local filesystems in /etc/fstab.
+ 	# The types variable must start with no, and must be a type
+ 	local critical= types="noproc" x= no_netdev= rc=
+diff --git a/src/meson.build b/src/meson.build
+index 76f6d8a1..0f640eec 100644
+--- a/src/meson.build
++++ b/src/meson.build
+@@ -12,6 +12,7 @@ subdir('is_newer_than')
+ subdir('is_older_than')
+ subdir('kill_all')
+ subdir('mark_service')
++subdir('mkmntdirs')
+ subdir('mountinfo')
+ subdir('on_ac_power')
+ subdir('openrc')
+diff --git a/src/mkmntdirs/meson.build b/src/mkmntdirs/meson.build
+new file mode 100644
+index 00000000..20f9762d
+--- /dev/null
++++ b/src/mkmntdirs/meson.build
+@@ -0,0 +1,5 @@
++executable('mkmntdirs',
++  ['mkmntdirs.c'],
++  c_args : cc_branding_flags,
++  install: true,
++  install_dir: sbindir)
+diff --git a/src/mkmntdirs/mkmntdirs.c b/src/mkmntdirs/mkmntdirs.c
+new file mode 100644
+index 00000000..eaeae732
+--- /dev/null
++++ b/src/mkmntdirs/mkmntdirs.c
+@@ -0,0 +1,67 @@
++/*
++ * Create mount directories in fstab
++ *
++ * Copyright(c) 2008 Natanael Copa <natanael.copa@gmail.com>
++ * May be distributed under the terms of GPL-2
++ *
++ * usage: mkmntdirs [fstab]
++ *
++ */
++
++#include <sys/stat.h>
++#include <sys/types.h>
++
++#include <err.h>
++#include <mntent.h>
++#include <stdio.h>
++#include <string.h>
++
++
++#ifdef DEBUG
++#define mkdir_recursive(p)	puts((p))
++#else
++static void mkdir_recursive(char *path)
++{
++	char *s = path;
++	while (1) {
++		int c = '\0';
++		while (*s) {
++			if (*s == '/') {
++				do {
++					++s;
++				} while (*s == '/');
++				c = *s; /* Save the current char */
++				*s = '\0'; /* and replace it with nul. */
++				break;
++			}
++			++s;
++		}
++		mkdir(path, 0755);
++		if (c == '\0')
++			return;
++		*s = c;
++	}
++}
++#endif
++
++int main(int argc, const char *argv[])
++{
++	const char *filename = "/etc/fstab";
++	FILE *f;
++	struct mntent *ent;
++	if (argc == 2)
++		filename = argv[1];
++
++	f = setmntent(filename, "r");
++	if (f == NULL)
++		err(1, "%s", filename);
++
++	while ((ent = getmntent(f)) != NULL) {
++		if (strcmp(ent->mnt_dir, "none") != 0)
++			mkdir_recursive(ent->mnt_dir);
++	}
++
++	endmntent(f);
++	return 0;
++}
++
+-- 
+2.37.1
+
diff --git a/openrc/0002-fsck-don-t-add-C0-to-busybox-fsck.patch b/openrc/0002-fsck-don-t-add-C0-to-busybox-fsck.patch
new file mode 100644
index 0000000..1d79818
--- /dev/null
+++ b/openrc/0002-fsck-don-t-add-C0-to-busybox-fsck.patch
@@ -0,0 +1,35 @@
+From b143f35a45d59708365a52e329fd8caa6475a9bb Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Tue, 28 Nov 2017 13:35:10 +0100
+Subject: [PATCH] fsck: don't add -C0 to busybox fsck
+
+---
+ init.d/fsck.in | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/init.d/fsck.in b/init.d/fsck.in
+index 7052d808..99a9ae4f 100644
+--- a/init.d/fsck.in
++++ b/init.d/fsck.in
+@@ -82,7 +82,7 @@ start()
+ 		local skiptypes
+ 		skiptypes=$(printf 'no%s,' ${net_fs_list} ${extra_net_fs_list})
+ 		[ "${skiptypes}" = "no," ] && skiptypes=""
+-		fsck_opts="$fsck_opts -C0 -T -t ${skiptypes}noopts=_netdev"
++		fsck_opts="$fsck_opts -T -t ${skiptypes}noopts=_netdev"
+ 		if [ -z "$fsck_passno" -a -z "$fsck_mnt" ]; then
+ 			fsck_args=${fsck_args:--A -p}
+ 			if echo 2>/dev/null >/.test.$$; then
+@@ -90,6 +90,9 @@ start()
+ 				fsck_opts="$fsck_opts -R"
+ 			fi
+ 		fi
++		if [ "$(readlink -f $(which fsck))" != "/bin/busybox" ]; then
++			fsck_opts="$fsck_opts -C0"
++		fi
+ 	fi
+ 
+ 	trap : INT QUIT
+-- 
+2.33.1
+
diff --git a/openrc/0003-rc-pull-in-sysinit-and-boot-as-stacked-levels-when-n.patch b/openrc/0003-rc-pull-in-sysinit-and-boot-as-stacked-levels-when-n.patch
new file mode 100644
index 0000000..3bbc430
--- /dev/null
+++ b/openrc/0003-rc-pull-in-sysinit-and-boot-as-stacked-levels-when-n.patch
@@ -0,0 +1,67 @@
+From 17f33c1968a51484eefdafbfb5b8fef5ac13d215 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Wed, 1 Feb 2017 04:17:14 +0000
+Subject: [PATCH] rc: pull in sysinit and boot as stacked levels when needed
+
+We need start services from sysinit and boot runlevel, even if the new
+runlevel is empty.
+
+This fixes problem introduced with commit 7716bf31 (Fix stacked runlevel
+support), at which the start_services list are no longer used to start
+the services.
+
+This also make sure that all services in sysinit and boot runlevels are
+started before switching to next. This was not guaranteed when switching
+to a non-empty runlevel.
+
+Fixes issue #54.
+---
+ src/rc/rc.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/rc/rc.c b/src/rc/rc.c
+index ef46925d..82786074 100644
+--- a/src/openrc/rc.c
++++ b/src/openrc/rc.c
+@@ -751,6 +751,7 @@ int main(int argc, char **argv)
+ 	const char *bootlevel = NULL;
+ 	char *newlevel = NULL;
+ 	const char *systype = NULL;
++	RC_STRINGLIST *runlevel_chain;
+ 	RC_STRINGLIST *deporder = NULL;
+ 	RC_STRINGLIST *tmplist;
+ 	RC_STRING *service;
+@@ -1007,6 +1008,7 @@ int main(int argc, char **argv)
+ 	main_hotplugged_services = rc_services_in_state(RC_SERVICE_HOTPLUGGED);
+ 	main_start_services = rc_services_in_runlevel_stacked(newlevel ?
+ 	    newlevel : runlevel);
++	runlevel_chain = rc_runlevel_stacks(newlevel ? newlevel : runlevel);
+ 	if (strcmp(newlevel ? newlevel : runlevel, RC_LEVEL_SHUTDOWN) != 0 &&
+ 	    strcmp(newlevel ? newlevel : runlevel, RC_LEVEL_SYSINIT) != 0)
+ 	{
+@@ -1024,6 +1026,7 @@ int main(int argc, char **argv)
+ 				tmplist = rc_services_in_runlevel(bootlevel);
+ 				TAILQ_CONCAT(main_start_services, tmplist, entries);
+ 				free(tmplist);
++				rc_stringlist_add(runlevel_chain, bootlevel);
+ 			}
+ 			if (main_hotplugged_services) {
+ 				TAILQ_FOREACH(service, main_hotplugged_services,
+@@ -1032,6 +1035,7 @@ int main(int argc, char **argv)
+ 					service->value);
+ 			}
+ 		}
++		rc_stringlist_add(runlevel_chain, RC_LEVEL_SYSINIT);
+ 	}
+ 
+ 	parallel = rc_conf_yesno("rc_parallel");
+@@ -1088,9 +1092,6 @@ int main(int argc, char **argv)
+ 
+ 	/* If we have a list of services to start then... */
+ 	if (main_start_services) {
+-		/* Get a list of the chained runlevels which compose the target runlevel */
+-		RC_STRINGLIST *runlevel_chain = rc_runlevel_stacks(runlevel);
+-
+ 		/* Loop through them in reverse order. */
+ 		RC_STRING *rlevel;
+ 		TAILQ_FOREACH_REVERSE(rlevel, runlevel_chain, rc_stringlist, entries)
diff --git a/openrc/0004-make-consolefont-service-compatible-with-busyboxs-se.patch b/openrc/0004-make-consolefont-service-compatible-with-busyboxs-se.patch
new file mode 100644
index 0000000..b92b5ac
--- /dev/null
+++ b/openrc/0004-make-consolefont-service-compatible-with-busyboxs-se.patch
@@ -0,0 +1,70 @@
+From 613fb7f437c42e0ed01b2366b597598235e64a2d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net>
+Date: Wed, 17 Aug 2016 17:52:58 +0200
+Subject: [PATCH] make consolefont service compatible with busyboxs setfont
+ applet
+
+Compared to kdbs setfont program it doesn't support -O and -m.
+---
+ conf.d/consolefont    | 11 ++---------
+ init.d/consolefont.in |  7 ++-----
+ 2 files changed, 4 insertions(+), 14 deletions(-)
+
+diff --git a/conf.d/consolefont b/conf.d/consolefont
+index e01ae842..75544b2f 100644
+--- a/conf.d/consolefont
++++ b/conf.d/consolefont
+@@ -3,16 +3,9 @@
+ #
+ # consolefont specifies the default font that you'd like Linux to use on the
+ # console.  You can find a good selection of fonts in /usr/share/consolefonts;
+-# you shouldn't specify the trailing ".psf.gz", just the font name below.
+-# To use the default console font, comment out the CONSOLEFONT setting below.
+-consolefont="default8x16"
++consolefont="default8x16.psf.gz"
+ 
+ # consoletranslation is the charset map file to use.  Leave commented to use
+ # the default one.  Have a look in /usr/share/consoletrans for a selection of
+ # map files you can use.
+-#consoletranslation="8859-1_to_uni"
+-
+-# unicodemap is the unicode map file to use. Leave commented to use the
+-# default one. Have a look in /usr/share/unimaps for a selection of map files
+-# you can use.
+-#unicodemap="iso01"
++#consoletranslation="8859-1_to_uni.trans"
+diff --git a/init.d/consolefont.in b/init.d/consolefont.in
+index d65dd14c..ccb6ee87 100644
+--- a/init.d/consolefont.in
++++ b/init.d/consolefont.in
+@@ -22,7 +22,6 @@ start()
+ {
+ 	ttyn=${rc_tty_number:-${RC_TTY_NUMBER:-12}}
+ 	consolefont=${consolefont:-${CONSOLEFONT}}
+-	unicodemap=${unicodemap:-${UNICODEMAP}}
+ 	consoletranslation=${consoletranslation:-${CONSOLETRANSLATION}}
+ 
+ 	if [ -z "$consolefont" ]; then
+@@ -43,9 +42,6 @@ start()
+ 	if [ -n "$consoletranslation" ]; then
+ 		param="$param -m $consoletranslation"
+ 	fi
+-	if [ -n "${unicodemap}" ]; then
+-		param="$param -u $unicodemap"
+-	fi
+ 
+ 	# Set the console font
+ 	ebegin "Setting console font [$consolefont]"
+@@ -63,7 +59,8 @@ start()
+ 	# Store the font so we can use it ASAP on boot
+ 	if [ $retval -eq 0 ] && checkpath -W "$RC_LIBEXECDIR"; then
+ 		mkdir -p "$RC_LIBEXECDIR"/console
+-		setfont -O "$RC_LIBEXECDIR"/console/font
++		zcat "/usr/share/consolefonts/$consolefont" \
++			> "$RC_LIBEXECDIR"/console/font
+ 	fi
+ 
+ 	return $retval
+-- 
+2.33.1
+
diff --git a/openrc/0005-Support-early-loading-of-keymap-if-kbd-is-installed.patch b/openrc/0005-Support-early-loading-of-keymap-if-kbd-is-installed.patch
new file mode 100644
index 0000000..f25d984
--- /dev/null
+++ b/openrc/0005-Support-early-loading-of-keymap-if-kbd-is-installed.patch
@@ -0,0 +1,31 @@
+From a07970bf087c089f467eefa30c2476f17f6e9536 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net>
+Date: Thu, 7 Mar 2019 16:55:53 +0100
+Subject: [PATCH] Support early loading of keymap if kbd is installed
+
+Early loading of the keymap with busybox was never supported and would
+require modifying the save-keymaps services as well. Since no one
+complained that it doesn't work with busybox so far just make it work
+with kbd for now.
+---
+ sh/init-early.sh.Linux.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/sh/init-early.sh.Linux.in b/sh/init-early.sh.Linux.in
+index f304e924..7571ff3d 100644
+--- a/sh/init-early.sh.Linux.in
++++ b/sh/init-early.sh.Linux.in
+@@ -48,8 +48,8 @@ if service_present "$RC_DEFAULTLEVEL" consolefont ||
+ fi
+ 
+ # Try and set a keyboard map as early as possible
+-if service_present "$RC_DEFAULTLEVEL" keymaps ||
+-   service_present "$RC_BOOTLEVEL" keymaps; then
++if service_present "$RC_DEFAULTLEVEL" loadkeys ||
++   service_present "$RC_BOOTLEVEL" loadkeys; then
+ 	kbd_mode $kmode -C "$CONSOLE" 2>/dev/null
+ 	if [ -r "$RC_LIBEXECDIR"/console/keymap ]; then
+ 		loadkeys -q "$RC_LIBEXECDIR"/console/keymap 2>/dev/null
+-- 
+2.33.1
+
diff --git a/openrc/0006-Add-support-for-starting-services-in-a-specified-VRF.patch b/openrc/0006-Add-support-for-starting-services-in-a-specified-VRF.patch
new file mode 100644
index 0000000..d5a40c0
--- /dev/null
+++ b/openrc/0006-Add-support-for-starting-services-in-a-specified-VRF.patch
@@ -0,0 +1,100 @@
+From c250503412b061e69a99cfe12514e47fc06b5885 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Fri, 14 Feb 2020 16:02:43 +0000
+Subject: [PATCH] Add support for starting services in a specified VRF.
+
+The venerable iproute2 utility has recently introduced support
+for executing programs in specific VRFs which are virtualized
+routing tables.  These are typically used to isolate different
+networking planes from each other, for security or flexibility
+reasons.
+
+Services which use the normal supervisor/start-stop-daemon
+pattern can be configured by setting the vrf variable in the
+/etc/conf.d tree for the service.
+
+This allows for things like configuring the sshd service to
+run in a management VRF, which is useful for high assurance
+environments where the management plane is intended to be
+isolated.
+
+Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
+---
+ sh/openrc-run.sh.in     | 6 ++++++
+ sh/runit.sh             | 2 +-
+ sh/s6.sh                | 2 +-
+ sh/start-stop-daemon.sh | 2 +-
+ sh/supervise-daemon.sh  | 2 +-
+ 5 files changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/sh/openrc-run.sh.in b/sh/openrc-run.sh.in
+index 5c84af45..a1f374b0 100644
+--- a/sh/openrc-run.sh.in
++++ b/sh/openrc-run.sh.in
+@@ -236,6 +236,12 @@ if ! sourcex -e "$_conf_d/$RC_SVCNAME.$RC_RUNLEVEL"; then
+ fi
+ unset _conf_d
+ 
++# If we are configured to run in a VRF, provide a hint for that
++RC_VRF_EXEC=""
++if [ -n "$vrf" ]; then
++	RC_VRF_EXEC="/sbin/ip vrf exec $vrf"
++fi
++
+ # load service supervisor functions
+ sourcex "@LIBEXECDIR@/sh/runit.sh"
+ sourcex "@LIBEXECDIR@/sh/s6.sh"
+diff --git a/sh/runit.sh b/sh/runit.sh
+index 5d82c9f6..c0186a43 100644
+--- a/sh/runit.sh
++++ b/sh/runit.sh
+@@ -23,7 +23,7 @@ runit_start()
+ 	local i=0 retval=1
+ 	# it can take upto 5 seconds for runsv to start
+ 	while [ $i -lt 6 ] ; do
+-		if sv start "${service_link}" > /dev/null 2>&1; then
++		if ${RC_VRF_EXEC} sv start "${service_link}" > /dev/null 2>&1; then
+ 			retval=0
+ 			break
+ 		fi
+diff --git a/sh/s6.sh b/sh/s6.sh
+index acbe965b..1f339703 100644
+--- a/sh/s6.sh
++++ b/sh/s6.sh
+@@ -37,7 +37,7 @@ s6_start()
+ 	ln -sf "${s6_service_path}" "${s6_service_link}"
+ 	s6-svscanctl -na "${RC_SVCDIR}"/s6-scan
+ 	sleep 1.5
+-	s6-svc -u "${s6_service_link}"
++	${RC_VRF_EXEC} s6-svc -u "${s6_service_link}"
+ 	if [ -n "$s6_svwait_options_start" ]; then
+ 		s6-svwait ${s6_svwait_options_start} "${s6_service_link}"
+ 	fi
+diff --git a/sh/start-stop-daemon.sh b/sh/start-stop-daemon.sh
+--- a/sh/start-stop-daemon.sh
++++ b/sh/start-stop-daemon.sh
+@@ -41,7 +41,7 @@ ssd_start()
+ 	#the eval call is necessary for cases like:
+ 	# command_args="this \"is a\" test"
+ 	# to work properly.
+-	eval start-stop-daemon --start \
++	eval ${RC_VRF_EXEC} start-stop-daemon --start \
+ 		--exec $command \
+ 		${chroot:+--chroot} $chroot \
+ 		${directory:+--chdir} $directory \
+diff --git a/sh/supervise-daemon.sh b/sh/supervise-daemon.sh
+index e403a789..259b8166 100644
+--- a/sh/supervise-daemon.sh
++++ b/sh/supervise-daemon.sh
+@@ -24,7 +24,7 @@ supervise_start()
+ 	# The eval call is necessary for cases like:
+ 	# command_args="this \"is a\" test"
+ 	# to work properly.
+-	eval supervise-daemon "${RC_SVCNAME}" --start \
++	eval ${RC_VRF_EXEC} supervise-daemon "${RC_SVCNAME}" --start \
+ 		${retry:+--retry} $retry \
+ 		${directory:+--chdir} $directory  \
+ 		${chroot:+--chroot} $chroot \
+-- 
+2.33.1
+
diff --git a/openrc/0007-Clean-up-staticroute-config-remove-irrelevant-parts-.patch b/openrc/0007-Clean-up-staticroute-config-remove-irrelevant-parts-.patch
new file mode 100644
index 0000000..34100ef
--- /dev/null
+++ b/openrc/0007-Clean-up-staticroute-config-remove-irrelevant-parts-.patch
@@ -0,0 +1,47 @@
+From f406231dc9a49b67ca558983de80513f95078309 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Wed, 8 Sep 2021 23:51:11 -0600
+Subject: [PATCH] Clean up staticroute config - remove irrelevant parts (for
+ BSD, Hurd) and suggest that route(8) is legacy.
+
+---
+ conf.d/staticroute | 23 +++--------------------
+ 1 file changed, 3 insertions(+), 20 deletions(-)
+
+diff --git a/conf.d/staticroute b/conf.d/staticroute
+index 19d0961f..49d0e0bb 100644
+--- a/conf.d/staticroute
++++ b/conf.d/staticroute
+@@ -1,26 +1,9 @@
+-# Static routes are defined differently depending on your operating
+-# system, so please be sure to use the correct syntax.
+ # Do not use this file to define the default route.
+ # In all settings, multiple routes should be separated using ; or new lines.
+ 
+-# Define static routes on Linux using route. See route(8) for syntax.
+-#staticroute="net 192.168.0.0 netmask 255.255.255.0 gw 10.73.1.1
+-#net 192.168.1.0 netmask 255.255.255.0 gw 10.73.1.1"
+-
+ # Define static routes on Linux using iproute2. See ip(8) for syntax.
+ #staticiproute="192.168.0.0/24 via 10.73.1.1; 192.168.1.0/24 via 10.73.1.1"
+ 
+-# Define static routes on GNU/Hurd. See route(8) for syntax.
+-# /etc/route.conf(5) takes precedence over this configuration.
+-# FIXME: "net ..." not supported
+-#staticroute="net 192.168.0.0 -netmask 255.255.255.0 --address 10.73.1.1
+-#net 192.168.1.0 -netmask 255.255.255.0 --address 10.73.1.1"
+-
+-# Define static routes on GNU/KFreeBSD. See route(8) for syntax.
+-#staticroute="net 192.168.0.0 10.73.1.1 netmask 255.255.255.0
+-#net 192.168.1.0 10.73.1.1 netmask 255.255.255.0"
+-
+-# Define static routes on other BSD systems. See route(8) for syntax.
+-# /etc/route.conf(5) takes precedence over this configuration.
+-#staticroute="net 192.168.0.0 -netmask 255.255.255.0 10.73.1.1
+-#net 192.168.1.0 -netmask 255.255.255.0 10.73.1.1"
++# Or define static routes on Linux using route (legacy). See route(8) for syntax.
++#staticroute="net 192.168.0.0 netmask 255.255.255.0 gw 10.73.1.1
++#net 192.168.1.0 netmask 255.255.255.0 gw 10.73.1.1"
+-- 
+2.33.1
+
diff --git a/openrc/0008-bootmisc-switch-wipe_tmp-setting-to-no-by-default.patch b/openrc/0008-bootmisc-switch-wipe_tmp-setting-to-no-by-default.patch
new file mode 100644
index 0000000..f498d05
--- /dev/null
+++ b/openrc/0008-bootmisc-switch-wipe_tmp-setting-to-no-by-default.patch
@@ -0,0 +1,44 @@
+From a756576ae62e4f24a2ea36e87053187cdfc1be63 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Wed, 13 Oct 2021 21:12:10 -0600
+Subject: [PATCH] bootmisc: switch wipe_tmp setting to no by default
+
+When wipe_tmp=yes, an insufficiently bounded rm -rf occurs that,
+under specific unknown circumstances, can escape into other filesystems
+resulting in data loss.
+
+See alpine/aports#13070.
+---
+ conf.d/bootmisc    | 2 +-
+ init.d/bootmisc.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/conf.d/bootmisc b/conf.d/bootmisc
+index dd5b08e0..5cf18d33 100644
+--- a/conf.d/bootmisc
++++ b/conf.d/bootmisc
+@@ -3,7 +3,7 @@ clean_tmp_dirs="/tmp"
+ 
+ # Should we wipe the tmp paths completely or just selectively remove known
+ # locks / files / etc... ?
+-wipe_tmp="YES"
++wipe_tmp="NO"
+ 
+ # Write the initial dmesg log into /var/log/dmesg after boot
+ # This may be useful if you need the kernel boot log afterwards
+diff --git a/init.d/bootmisc.in b/init.d/bootmisc.in
+index b1a849a3..8485110a 100644
+--- a/init.d/bootmisc.in
++++ b/init.d/bootmisc.in
+@@ -17,7 +17,7 @@ depend()
+ 	keyword -prefix -timeout
+ }
+ 
+-: ${wipe_tmp:=${WIPE_TMP:-yes}}
++: ${wipe_tmp:=${WIPE_TMP:-no}}
+ : ${log_dmesg:=${LOG_DMESG:-yes}}
+ 
+ cleanup_tmp_dir()
+-- 
+2.33.1
+
diff --git a/openrc/0009-Based-on-the-vrf-patch-it-adds-support-to-run-servic.patch b/openrc/0009-Based-on-the-vrf-patch-it-adds-support-to-run-servic.patch
new file mode 100644
index 0000000..bd149d9
--- /dev/null
+++ b/openrc/0009-Based-on-the-vrf-patch-it-adds-support-to-run-servic.patch
@@ -0,0 +1,30 @@
+From 2f7405254f16cbb33ddb7c57eb20606a92b6c84a Mon Sep 17 00:00:00 2001
+From: Thomas Liske <thomas@fiasko-nw.net>
+Date: Sat, 16 Sep 2023 18:25:42 +0200
+Subject: [PATCH] Based on the vrf patch it adds support to run services in
+ netns namespaces. It is even possible to stack both options and run services
+ in a VRF inside a netns namespace.
+
+---
+ sh/openrc-run.sh.in | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/sh/openrc-run.sh.in b/sh/openrc-run.sh.in
+index 5eb4224c..2a6605db 100644
+--- a/sh/openrc-run.sh.in
++++ b/sh/openrc-run.sh.in
+@@ -242,6 +242,11 @@ if [ -n "$vrf" ]; then
+ 	RC_VRF_EXEC="/sbin/ip vrf exec $vrf"
+ fi
+ 
++# Add ip netns if configured to run in a netns (netns+vrf may stack)
++if [ -n "$netns" ]; then
++	RC_VRF_EXEC="/sbin/ip netns exec $netns $RC_VRF_EXEC"
++fi
++
+ # load service supervisor functions
+ sourcex "@LIBEXECDIR@/sh/runit.sh"
+ sourcex "@LIBEXECDIR@/sh/s6.sh"
+-- 
+2.39.2
+
diff --git a/openrc/APKBUILD b/openrc/APKBUILD
new file mode 100644
index 0000000..5902840
--- /dev/null
+++ b/openrc/APKBUILD
@@ -0,0 +1,203 @@
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+pkgname=openrc
+pkgver=0.56
+_ver=${pkgver/_git*/}
+pkgrel=0
+pkgdesc="OpenRC manages the services, startup and shutdown of a host"
+url="https://github.com/OpenRC/openrc"
+arch="all"
+license="BSD-2-Clause"
+depends="ifupdown-any"
+makedepends_host="bsd-compat-headers libcap-dev linux-headers"
+makedepends_build="meson scdoc"
+checkdepends="sed"
+subpackages="
+	$pkgname-dbg
+	$pkgname-doc
+	$pkgname-tools::noarch
+	$pkgname-static
+	$pkgname-dev
+	$pkgname-init:openrc_init
+	agetty-openrc:_agetty_openrc:noarch
+	$pkgname-bash-completion
+	$pkgname-zsh-completion
+	"
+install="$pkgname.post-install $pkgname.post-upgrade"
+source="$pkgname-$pkgver.tar.gz::https://github.com/OpenRC/openrc/archive/$pkgver.tar.gz
+	0001-call-sbin-mkmntdirs-in-localmount-OpenRC-service.patch
+	0002-fsck-don-t-add-C0-to-busybox-fsck.patch
+	0003-rc-pull-in-sysinit-and-boot-as-stacked-levels-when-n.patch
+	0004-make-consolefont-service-compatible-with-busyboxs-se.patch
+	0005-Support-early-loading-of-keymap-if-kbd-is-installed.patch
+	0006-Add-support-for-starting-services-in-a-specified-VRF.patch
+	0007-Clean-up-staticroute-config-remove-irrelevant-parts-.patch
+	0008-bootmisc-switch-wipe_tmp-setting-to-no-by-default.patch
+	0009-Based-on-the-vrf-patch-it-adds-support-to-run-servic.patch
+
+	supervise-daemon-defaults.patch
+	sysctl-readme.patch
+
+	openrc.logrotate
+	hostname.initd
+	hwdrivers.initd
+	modules.initd
+	modloop.initd
+	networking.initd
+	modloop.confd
+	sysfsconf.initd
+	firstboot.initd
+	sysctl.initd
+	machine-id.initd
+	test-networking.sh
+
+	modules.7.scd
+	"
+options="!check" # not updated to meson build system, require makefile build
+provides="ifupdown-ng-openrc=0.12.1-r4"
+replaces="alpine-baselayout" # due to move of mkmntdirs
+
+# secfixes:
+#   0.44.6-r1:
+#     - CVE-2021-42341
+
+prepare() {
+	default_prepare
+	# meson overrides this with the aports tag,
+	# we get there first :)
+	sed -i -e "s|@VCS_TAG@|$pkgver|" \
+		src/shared/version.h.in \
+		src/shared/version.in
+}
+
+build() {
+	if [ -z "$BOOTSTRAP" ]; then
+		local lto="-Db_lto=true"
+	fi
+	abuild-meson \
+		$lto \
+		-Dos=Linux \
+		-Dzsh-completions=true \
+		-Dbash-completions=true \
+		-Dpam=false \
+		-Dpkgconfig=true \
+		--default-library=both \
+		--prefix=/ \
+		--bindir=/bin \
+		--sbindir=/sbin \
+		. output
+	meson compile -C output
+}
+
+check() {
+	make check
+
+	# run unit tests for networking.initd
+	#cd "$srcdir"
+	#( set -e; sh test-networking.sh )
+}
+
+package() {
+	local i j
+
+	DESTDIR="$pkgdir" meson install --no-rebuild -C output
+
+	# we cannot have anything turned on by default
+	rm -f "$pkgdir"/etc/runlevels/*/*
+
+	# we still use our ifup/ifdown based net config
+	rm -f "$pkgdir"/etc/conf.d/network "$pkgdir"/etc/init.d/network
+
+	# our hostname init script reads hostname from /etc/hostname
+	rm -f "$pkgdir"/etc/conf.d/hostname
+
+	# we override some of the scripts
+	for i in "$srcdir"/*.initd; do
+		j=${i##*/}
+		install -Dm755 $i "$pkgdir"/etc/init.d/${j%.initd}
+	done
+
+	# we override some of the conf.d files
+	for i in "$srcdir"/*.confd; do
+		j=${i##*/}
+		install -Dm644 $i "$pkgdir"/etc/conf.d/${j%.confd}
+	done
+
+	# additional documentation considered useful
+	mkdir -p "$pkgdir"/usr/share/doc/$pkgname/
+	install -m644 ./*.md "$pkgdir"/usr/share/doc/$pkgname/
+
+	scdoc < "$srcdir/modules.7.scd" > modules.7
+	install -Dm644 modules.7 -t "$pkgdir/usr/share/man/man7/"
+	ln -s modules.7 "$pkgdir/usr/share/man/man7/modules-load.7"
+
+	# we use a virtual keymaps services to allow users to set their
+	# keymaps either with the OpenRC loadkeys service provided by
+	# the kbd aport or with the loadkmap service provided by the
+	# busybox-openrc aport.
+	rm -f "$pkgdir/etc/init.d/keymaps" \
+		"$pkgdir/etc/conf.d/keymaps"
+
+	install -Dm644 "$srcdir/$pkgname.logrotate" "$pkgdir/etc/logrotate.d/$pkgname"
+	install -d "$pkgdir"/etc/local.d
+
+	# openrc upstream removed service(8) for whatever reason, put it back
+	ln -s rc-service "$pkgdir"/sbin/service
+
+	install -Dm755 "$pkgdir"/usr/share/openrc/support/deptree2dot/deptree2dot \
+		-t "$pkgdir"/usr/bin/
+	rm -r "$pkgdir"/usr/share/openrc/support/deptree2dot/deptree2dot
+}
+
+doc() {
+	default_doc
+	amove usr/share/openrc/support
+}
+
+tools() {
+	depends="perl"
+	amove usr/bin/deptree2dot
+}
+
+_agetty_openrc() {
+	pkgdesc="agetty program from util-linux (OpenRC init scripts)"
+	install_if="agetty openrc=$pkgver-r$pkgrel"
+
+	amove etc/init.d/agetty
+	amove etc/conf.d/agetty
+}
+
+openrc_init() {
+	pkgdesc="OpenRC init process"
+
+	# Alpine does not use openrc as its init by default
+	amove sbin/openrc-init
+	amove sbin/openrc-shutdown
+}
+
+sha512sums="
+d3533a12b1f54494492a54f20ddf943c669bc7c8e35e16cd5496d9d1819393ddd47af6ed0ae25f9e70b9980ca0f0a3d58ec057caa26f0f02df282ac00929997b  openrc-0.56.tar.gz
+257861f5f0562e9b9a9fccebae474bd75c4bb51f005a2b8132fd551f061f65863de46c5bc4437f137b4a9d3ca741f9de9274bfa7b418eda70497ed4b5fd3056d  0001-call-sbin-mkmntdirs-in-localmount-OpenRC-service.patch
+3f47b4f7e6c5b7fb53ff8a13470fbada67f7470e5eba71a683e6c022162c3905f560d561c3d61698e3fde367d6ae715edf76e99949f52a22a3bbf79debc33f64  0002-fsck-don-t-add-C0-to-busybox-fsck.patch
+77b058a70cab37ad662a57fa69411b6275853ac41423e0a799ba980578d8e18d3d2ae2c2a6f5a3ba5779aeec273d7c4c2a14e8fdb31d0a6b383f2e8a64a4ed2f  0003-rc-pull-in-sysinit-and-boot-as-stacked-levels-when-n.patch
+71a743bf969110a27259405ef4b4dc4fad608b8e49039fd6afb1b1486d0f1dfccc3ef5275410fa3d6d1554ccee59c5a3424be4f2919e14453ebb709282c588a7  0004-make-consolefont-service-compatible-with-busyboxs-se.patch
+9e2ae6c8e189ceae0f3f2662d9504f796e9a6a987a26ee2e10add85746b6596eb04cc256dc532a39f711b4e1aa07f1d12a384ef45d23cab49878b887bf0a878c  0005-Support-early-loading-of-keymap-if-kbd-is-installed.patch
+aa44e62392c47c5f20a66072574ae452be0c1b0c4914bb58fa35b6ecc3e2a75c7a2d6245198e30a8ad5fb96db30644425637f64effcf60559c16a978bb29b2cb  0006-Add-support-for-starting-services-in-a-specified-VRF.patch
+431ac28808e684bea5511386bf5f06efe7f509f1dbe7e15ae6309563d813deae8f3edd872a0943ef8088e3cf778d7bc5ebd15a893dc4a08f4022b7a56bbafc63  0007-Clean-up-staticroute-config-remove-irrelevant-parts-.patch
+475f4ea63b9b5d7eb9c623e96b6cc3d3072abcb7194d0045b84e0688836c8514fccfc68b0eae0b4bee60878cdea8042c3ce7e48406ee7a2f0e4a3e128a153468  0008-bootmisc-switch-wipe_tmp-setting-to-no-by-default.patch
+d7b8b1facd7fb9a6a8350912644cce3956947bcaa8bcb645f9c26a2bb0d062970efaa14bd66a7987f0748daff7b5a8e701b45b3fcca7c7c7e393ac262728f1a6  0009-Based-on-the-vrf-patch-it-adds-support-to-run-servic.patch
+86a2fb1564b8537f5dd7e06587a572ebefd110bf8bea049bc2254d4008ed3fed2296b4e9fde793ddbed7a66f70335b6c228f0b10fc0a6e7d106d3ad226fc0ba4  supervise-daemon-defaults.patch
+903ff555275a67ff08da91badb55d9fa6c6a2901e8ef09ca8366bd74d69757491c8336347f04551268ecf053c8ae974f50decd869926894dd94e382008e3e925  sysctl-readme.patch
+12bb6354e808fbf47bbab963de55ee7901738b4a912659982c57ef2777fff9a670e867fcb8ec316a76b151032c92dc89a950d7d1d835ef53f753a8f3b41d2cec  openrc.logrotate
+afbb4cb4f2d6c2a5cf81ee2b5da8dfcd1f573e8168f1f3586681222ccfc59d6dda65eca3f2cb97c94ce7af4da60db0c4c6c643c014358dcecf94a6152466c89c  hostname.initd
+594d0b8c8a8eafdcbf6f566ec43797cbe98debfa5d9ee8b2e78344d8031184c23cf1a22588fbb4b0aaf2769458bef233332b4f8da71337db4df6a431c4bafa8f  hwdrivers.initd
+bc152c2b5eb37a08035f289b21e85d41461914e8b1f3c6a6a87ba0dd0cfeb20c9a5e6d7dab132e345339245a7ae1ffcb741f5bfde76fb8e0c87e4de5e0b1faf0  modules.initd
+47bea7e48444fc15f30b1da168e3d33b124c7f3480e08adcf93c5d301504cc6e73d96b254833fe20e906e353053eba8e8f410f238a3d4cd65743718a800939e5  modloop.initd
+aa1dd3d31872d7ec308b534044e490136de47a3e72575a96522f60c5740ee3b953a17e05013359d27985ac16b048ff8fff76e8ac1103802a4fb75a31d2185d45  networking.initd
+80e43ded522e2d48b876131c7c9997debd43f3790e0985801a8c1dd60bc6e09f625b35a127bf225eb45a65eec7808a50d1c08a5e8abceafc61726211e061e0a2  modloop.confd
+d76c75c58e6f4b0801edac4e081b725ef3d50a9a8c9bbb5692bf4d0f804af7d383bf71a73d5d03ed348a89741ef0b2427eb6a7cbf5a9b9ff60a240639fa6ec88  sysfsconf.initd
+990855f875513a85c2b737685ac5bfdfa86f8dadacf00c1826a456547f99b69d4ecf1b9a09c0ce002f1df618b44b1febabe53f95a2c0cd02b504d565bccb50c8  firstboot.initd
+2d5f9f6d41b7c0a8643cfdee1ce3c399bfe4ebff54421f33ab1e74c1c4c1b96a49e54b5cd69f0339a060342e4e5a11067bbff68c39fa487919259d73e8e46ed1  sysctl.initd
+a60129f4bed134a27773c61994d114b3a5d1ab9f20097b096956f5bb696c056f4a608577cabb34c32b51899c69dce3bd0d8ffa61f5b66fd00fc5085d1ebba54f  machine-id.initd
+af17947aa3954e317dc06580da829200e0b0f2ddc37ce842c3fc7fc0d8ca2f40220e4f4665f61b4b5ec47c96416db0127e2ed979b9421bf21df89d4c4f998b7f  test-networking.sh
+edf23bbec3c67457f3039d193cd3a756a079ab080e5e3d87e724a1a0d9be86b82797bf2bf5280fbf33d1c60b98e3859d9d9c265f8119a84ccdcaa9937ab72296  modules.7.scd
+"
diff --git a/openrc/firstboot.initd b/openrc/firstboot.initd
new file mode 100644
index 0000000..eac4ef8
--- /dev/null
+++ b/openrc/firstboot.initd
@@ -0,0 +1,34 @@
+#!/sbin/openrc-run
+
+# The first boot init service
+
+# read kernel options
+init_KOPT() {
+	eval "set -- $(cat /proc/cmdline 2>/dev/null)"
+	for opt; do
+		case "$opt" in
+			ssh_*=*)
+				eval "KOPT_${opt%%=*}='${opt#*=}'" ;;
+		esac
+	done
+}
+
+start() {
+	rm -f /etc/runlevels/*/$RC_SVCNAME
+	init_KOPT
+	local rc=0
+	ebegin "Starting ${RC_SVCNAME}"
+	if [ -n "$KOPT_ssh_key" ] && [ ! -f "/root/.ssh/authorized_keys" ]; then
+		einfo "Fetching ssh keys"
+		mkdir -pm 700 /root/.ssh
+		checkpath -fm 0600 /root/.ssh/authorized_keys
+		case "$KOPT_ssh_key" in
+			https://*|ftps://*|http://*)
+				wget -q "$KOPT_ssh_key" -O /root/.ssh/authorized_keys
+				rc=$?;;
+			*) echo "$KOPT_ssh_key" > /root/.ssh/authorized_keys;;
+		esac
+	fi
+	eend $rc
+}
+
diff --git a/openrc/hostname.initd b/openrc/hostname.initd
new file mode 100644
index 0000000..cf4c5ce
--- /dev/null
+++ b/openrc/hostname.initd
@@ -0,0 +1,21 @@
+#!/sbin/openrc-run
+
+# Copyright (c) Natanael Copa
+# This code is licensed under BSD-2-Clause
+
+description="Sets the hostname of the machine."
+
+depend() {
+	keyword -prefix -lxc -docker
+}
+
+start() {
+	if [ -s /etc/hostname ] ; then
+		opts="-F /etc/hostname"
+	else
+		opts="${hostname:-localhost}"
+	fi
+	ebegin "Setting hostname"
+	hostname $opts
+	eend $?
+}
diff --git a/openrc/hwdrivers.initd b/openrc/hwdrivers.initd
new file mode 100644
index 0000000..9bc5278
--- /dev/null
+++ b/openrc/hwdrivers.initd
@@ -0,0 +1,35 @@
+#!/sbin/openrc-run
+
+# Copyright (c) Natanael Copa
+# This code is licensed under BSD-2-Clause
+
+depend() {
+	need sysfs dev
+	before checkfs fsck
+	after modloop
+	keyword -vserver -lxc
+}
+
+# Load hardware drivers
+start() {
+	# check for boot option "nocoldplug"
+	if get_bootparam noautodetect; then
+		ewarn "Autodetection of hardware disabled from boot cmdline"
+		return 0
+	fi
+
+	ebegin "Loading hardware drivers"
+	find /sys -name modalias -type f -print0 2> /dev/null | xargs -0 sort -u \
+		| xargs modprobe -b -a 2> /dev/null
+	# we run it twice so we detect all devices
+	find /sys -name modalias -type f -print0 2> /dev/null | xargs -0 sort -u \
+		| xargs modprobe -b -a 2> /dev/null
+
+	# check if framebuffer drivers got pulled in
+	if [ -e /dev/fb0 ] && ! [ -e /sys/module/fbcon ]; then
+		modprobe -b -q fbcon
+	fi
+
+	eend 0
+}
+
diff --git a/openrc/machine-id.initd b/openrc/machine-id.initd
new file mode 100644
index 0000000..60e1821
--- /dev/null
+++ b/openrc/machine-id.initd
@@ -0,0 +1,20 @@
+#!/sbin/openrc-run
+
+# Copyright (c) Natanael Copa
+# This code is licensed under BSD-2-Clause
+
+description="Generate machine-id if needed"
+
+depend() {
+	need root dev
+}
+
+start() {
+	if [ -s /etc/machine-id ] ; then
+		return 0
+	fi
+	ebegin "Generating machine-id"
+	dd if=/dev/urandom status=none bs=16 count=1 \
+		| md5sum | cut -d' ' -f1 > /etc/machine-id
+	eend $?
+}
diff --git a/openrc/modloop.confd b/openrc/modloop.confd
new file mode 100644
index 0000000..6966429
--- /dev/null
+++ b/openrc/modloop.confd
@@ -0,0 +1,6 @@
+# Enable loadable module support when running from RAM
+# when OverlayFS support is available in the kernel.
+# 0 means default tmpfs size (50% of physical RAM).
+# for more information please see kernel documention at:
+# https://www.kernel.org/doc/Documentation/filesystems/tmpfs.txt
+overlay_size=0
diff --git a/openrc/modloop.initd b/openrc/modloop.initd
new file mode 100755
index 0000000..41f8462
--- /dev/null
+++ b/openrc/modloop.initd
@@ -0,0 +1,156 @@
+#!/sbin/openrc-run
+
+# Copyright (c) Natanael Copa
+# This code is licensed under BSD-2-Clause
+
+# script that will mount image with modules
+
+depend() {
+	after dev-mount
+	before checkfs fsck hwdrivers modules hwclock dev sysfs
+	keyword -vserver -lxc
+}
+
+# read kernel options
+init_KOPT() {
+	for opt in $(cat /proc/cmdline 2>/dev/null); do
+	        case "$opt" in
+			modloop=*|modloop_verify=*)
+				eval "KOPT_${opt%%=*}='${opt#*=}'" ;;
+		esac
+	done
+}
+
+mountdirs() {
+	awk '$2 !~ /^\/(sys|proc|dev|run)/ && $2 != "/" {print $2}' /proc/mounts
+}
+
+find_modloop() {
+	local dir="$1"
+	local kver=$(uname -r)
+	local oifs="$IFS"
+	IFS=$'\n'
+	set -- $(blkid "$dir"/boot/* "$dir"/*)
+	IFS="$oifs"
+	for line; do
+		img=${line%%:*}
+		verify_modloop "$img" || eerror "Failed to verify signature of $img!"
+		mount "$img" -o loop,ro /.modloop || continue
+		if [ -d /.modloop/modules/$kver ]; then
+			return 0
+		fi
+		umount /.modloop
+	done
+	return 1
+}
+
+verify_modloop() {
+	local modloop=$1 key=
+	if ! yesno "${KOPT_modloop_verify:=yes}"; then
+		return 0
+	fi
+	for key in /etc/apk/keys/*.pub; do
+		local sig=/var/cache/misc/${modloop##*/}.SIGN.RSA.${key##*/}
+		if [ -f "$sig" ]; then
+			if ! command -v openssl > /dev/null; then
+				ewarn "Missing openssl. Modloop verification disabled!"
+				return 0
+			fi
+			einfo "Verifying modloop"
+			openssl dgst -sha1 -verify "$key" -signature "$sig" "$modloop" \
+				>/dev/null 2>&1 || return 1
+		fi
+	done
+}
+
+find_backing_file() {
+	local dir="$1"
+	local dev=$(df -P "$dir" | tail -1 | awk '{print $1}')
+	cat /sys/block/${dev#/dev/}/loop/backing_file 2>/dev/null
+}
+
+start() {
+	local modloop= mount_opts= modloop_dldir="/lib"
+	init_KOPT
+
+	case "$KOPT_modloop" in
+		none) return 0;;
+		http://*|https://*|ftp://*)
+			modloop=$modloop_dldir/${KOPT_modloop##*/}
+			if [ ! -f "$modloop" ]; then
+				mkdir -p "$modloop_dldir"
+				wget -P "$modloop_dldir" "$KOPT_modloop" || eend 1
+			fi
+			;;
+		*)
+			for dir in $(mountdirs); do
+				if [ -f "$dir"/$KOPT_modloop ]; then
+					modloop="$dir/${KOPT_modloop##/}"
+					alpine_mnt="$dir"
+					break
+				fi
+			done
+			;;
+	esac
+
+	ebegin "Mounting modloop $modloop"
+	mkdir -p /.modloop
+	if [ -n "$modloop" ]; then
+		verify_modloop "$modloop" || eerror "Failed to verify signature of $img!"
+		mount -o loop,ro $modloop /.modloop
+		eend $? || return 1
+	else
+		for dir in $(mountdirs); do
+			if find_modloop "$dir"; then
+				alpine_mnt="$dir"
+				break
+			fi
+		done
+		if [ -d /.modloop/modules/$(uname -r) ]; then
+			eend 0
+		else
+			eend 1 || return 1
+		fi
+	fi
+
+	#use overlayfs if available and configured
+	if grep -q -w "overlay$" /proc/filesystems && [ ! -z ${unionfs_size+x} ]; then
+		ewarn "Use of unionfs_size is deprecated use overlay_size instead"
+		overlay_size="$unionfs_size"
+	fi
+	if grep -q -w "overlay$" /proc/filesystems && [ -n "$overlay_size" ]; then
+		ebegin "OverlayFS detected, mounting modloop rw"
+		[ "$overlay_size" != 0 ] && mount_ops="-o size=$overlay_size"
+		mkdir -p /.modoverlayfs /lib/modules
+		mount -t tmpfs $mount_ops tmpfs /.modoverlayfs
+		mkdir -p /.modoverlayfs/modules /.modoverlayfs/work
+		mount -t overlay -o upperdir=/.modoverlayfs/modules,lowerdir=/lib/modules:/.modloop/modules,workdir=/.modoverlayfs/work overlay /lib/modules
+		depmod -A
+		eend $? || return 1
+	else
+		rm -rf /lib/modules && ln -sf /.modloop/modules /lib/
+	fi
+
+	# copy firmware if there are any
+	if [ -d $alpine_mnt/firmware ]; then
+	        ebegin "Copying firmware from $alpine_mnt/firmware"
+	        cp -R -a $alpine_mnt/firmware /lib/
+	        eend $?
+	elif  [ -d /lib/modules/firmware ]; then
+		rmdir /lib/firmware 2>/dev/null \
+			&& ln -s /lib/modules/firmware /lib/
+	fi
+	return 0
+}
+
+stop() {
+	local ret=0
+	local mnt; for mnt in /lib/modules /.modoverlayfs /.modloop; do
+		if mountinfo --quiet "$mnt"; then
+			ebegin "Unmounting $mnt"
+			umount -d "$mnt" || ret=1
+		fi
+	done
+	eend $ret || return 1
+}
+
diff --git a/openrc/modules.7.scd b/openrc/modules.7.scd
new file mode 100644
index 0000000..dba656b
--- /dev/null
+++ b/openrc/modules.7.scd
@@ -0,0 +1,31 @@
+modules(7)
+
+# NAME
+
+modules - Loads explicitly defined kernel modules
+
+# DESCRIPTION
+
+The *modules* service loads explicitly defined kernel modules during early
+startup. This service is enabled by default.
+
+The modules service will read configuration files matching the following
+patterns:
+
+- _/lib/modules-load.d/\*.conf_
+- _/usr/lib/modules-load\.d/\*.conf_
+- _/etc/modules_
+- _/etc/modules-load.d/\*.conf_
+- _/run/modules-load.d/\*.conf_
+
+If multiple files with the same name are found in different locations, only the
+one in the latter location is processed.
+
+# FILE FORMAT
+
+Files must contain exactly one module name per line. Empty lines and lines
+starting with # are ignored.
+
+# SEE ALSO
+
+modprobe(8)
diff --git a/openrc/modules.initd b/openrc/modules.initd
new file mode 100644
index 0000000..d702d58
--- /dev/null
+++ b/openrc/modules.initd
@@ -0,0 +1,83 @@
+#!/sbin/openrc-run
+
+# Copyright (c) Natanael Copa
+# This code is licensed under BSD-2-Clause
+
+description="Loads a user defined list of kernel modules."
+
+depend()
+{
+	before hwclock hwdrivers
+	keyword -openvz -prefix -vserver -lxc
+}
+
+start() {
+	yesno $rc_verbose && verbose=yes
+
+	ebegin "Loading modules"
+	eindent
+	for f in /lib/modules-load.d/*.conf \
+		/usr/lib/modules-load.d/*.conf; do
+
+		if ! [ -f "$f" ]; then
+			continue
+		fi
+
+		if  [ -f /etc/modules-load.d/"${f##*/}" ]; then
+			veinfo "Ignoring $f due to /etc/modules-load.d/${f##*/}"
+			continue
+		fi
+
+		if [ -f /run/modules-load.d/"${f##*/}" ]; then
+			veinfo "Ignoring $f due to /run/modules-load.d/${f##*/}"
+			continue
+		fi
+
+		veinfo "Processing $f"
+		sed -e 's/\#.*//g' -e '/^[[:space:]]*$/d' < "$f" \
+			| while read module args; do
+			modprobe -q $module $args
+		done
+	done
+	
+	if [ -f /etc/modules ]; then
+		veinfo "Processing /etc/modules"
+		sed -e 's/\#.*//g' -e '/^[[:space:]]*$/d' < /etc/modules \
+			| while read module args; do
+			modprobe -q $module $args
+		done
+	fi
+
+	for f in /etc/modules-load.d/*.conf; do
+		if [ ! -f "$f" ]; then
+			continue
+		fi
+
+		if [ -f /run/modules-load.d/"${f##*/}" ]; then
+			veinfo "Ignoring $f due to /run/modules-load.d/${f##*/}"
+			continue
+		fi
+
+		veinfo "Processing $f"
+		sed -e 's/\#.*//g' -e '/^[[:space:]]*$/d' < "$f" \
+			| while read module args; do
+			modprobe -q $module $args
+		done
+	done
+
+	for f in /run/modules-load.d/*.conf; do
+		if [ ! -f "$f" ]; then
+			continue
+		fi
+
+		veinfo "Processing $f"
+		sed -e 's/\#.*//g' -e '/^[[:space:]]*$/d' < "$f" \
+			| while read module args; do
+			modprobe -q $module $args
+		done
+	done
+	eoutdent
+
+	eend $?
+}
+
diff --git a/openrc/networking.initd b/openrc/networking.initd
new file mode 100644
index 0000000..adae1b6
--- /dev/null
+++ b/openrc/networking.initd
@@ -0,0 +1,91 @@
+#!/sbin/openrc-run
+
+# Copyright (c) Natanael Copa
+# This code is licensed under BSD-2-Clause
+#
+# note that the spoofprotect, syncoockies and ip_forward options are set in 
+# /etc/sysctl.conf
+
+: ${cfgfile:="/etc/network/interfaces"}
+: ${ifquery:="ifquery"}
+: ${ifstate:="/run/ifstate"}
+
+single_iface="${RC_SVCNAME#*.}"
+if [ "$single_iface" = "$RC_SVCNAME" ]; then
+	single_iface=
+fi
+
+depend() {
+	need localmount hostname
+	want dev-settle
+	after bootmisc hwdrivers modules
+	provide net
+	keyword -jail -prefix -vserver -docker
+}
+
+# find interfaces we want to start
+find_ifaces() {
+	if [ -n "$single_iface" ]; then
+		echo $single_iface
+		return 0
+	fi
+
+	if command -v "$ifquery" >/dev/null; then
+		$ifquery -i "$cfgfile" --list -a
+		return
+	fi
+
+	# fallback in case ifquery does not exist
+	awk '$1 == "auto" {for (i = 2; i <= NF; i = i + 1) printf("%s ", $i)}' "$cfgfile"
+}
+
+# return the list of interfaces we should try stop
+find_running_ifaces() {
+	if [ -n "$single_iface" ]; then
+		echo $single_iface
+		return 0
+	fi
+
+	if command -v "$ifquery" >/dev/null; then
+		$ifquery --state-file $ifstate -i "$cfgfile" --running
+		return
+	fi
+
+	# fallback
+	awk -F= '{print $2}' $ifstate
+}
+
+start() {
+	local iface= ret=1
+	ebegin "Starting networking"
+	eindent
+	for iface in $(find_ifaces); do
+		local r=0
+		ebegin "$iface"
+		if ! ifup -i "$cfgfile" $iface >/dev/null; then
+			ifdown -i "$cfgfile" $iface >/dev/null 2>&1
+			r=1
+		fi
+		# atleast one interface needs to be started for action
+		# to be success
+		eend $r && ret=0
+	done
+	eoutdent
+	return $ret
+}
+
+stop() {
+	local iface=
+	# Don't stop the network at shutdown.
+	yesno ${keep_network:-YES} && yesno $RC_GOINGDOWN && return 0
+
+	ebegin "Stopping networking"
+	eindent
+	for iface in $(find_running_ifaces); do
+		ebegin "$iface"
+		ifdown -i "$cfgfile" -f $iface >/dev/null
+		eend $?
+	done
+	eoutdent
+	return 0
+}
diff --git a/openrc/openrc.logrotate b/openrc/openrc.logrotate
new file mode 100644
index 0000000..5e5e64b
--- /dev/null
+++ b/openrc/openrc.logrotate
@@ -0,0 +1,4 @@
+/var/log/rc.log {
+	missingok
+	notifempty
+}
diff --git a/openrc/openrc.post-install b/openrc/openrc.post-install
new file mode 100644
index 0000000..6bcdbbf
--- /dev/null
+++ b/openrc/openrc.post-install
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+rc_update() {
+	local svc="$1"
+	local level="$2"
+	mkdir -p etc/runlevels/$level
+	ln -sf /etc/init.d/$svc etc/runlevels/$level
+}
+
+if [ ! -d etc/rcS.d ] && [ ! -d etc/rcL.d ]; then
+	exit 0
+fi
+
+for i in etc/rc[SL].d/*; do
+	[ -L "$i" ] || continue
+	oldsvc=${i##*/S[0-9][0-9]}
+	# some services are renamed
+	case "$oldsvc" in
+		modutils)	svc=modules;;
+		procps)		svc=sysctl;;
+		bootmisc.sh) 	svc=bootmisc;;
+		keymap)		svc=keymaps;;
+		rc.local)	svc=local;;
+		*)		svc=$oldsvc;;
+	esac
+
+	# add the service to correct "runlevel"
+	case "$svc" in
+		syslog|klogd)
+			rc_update $svc sysinit;;
+		hwclock|modules|sysctl|hostname|keymaps|bootmisc)
+			rc_update $svc boot;;
+		*)	rc_update $svc default;;
+	esac
+
+	rm $i
+done
diff --git a/openrc/openrc.post-upgrade b/openrc/openrc.post-upgrade
new file mode 100644
index 0000000..9b487c8
--- /dev/null
+++ b/openrc/openrc.post-upgrade
@@ -0,0 +1,65 @@
+#!/bin/sh
+
+ver_old=$2
+
+# in 0.8.0-r1 the state dir moved from /libexec/rc/init.d to /lib/rc/init.d
+# and with 0.10 it moved to /run/openrc
+
+mkdir -p run/openrc
+for dir in libexec lib; do
+	[ -d $dir/rc/init.d ] || continue
+
+	for i in $dir/rc/init.d/* ; do
+		[ -e "$i" ] || continue
+		if [ -e run/openrc/${i##*/} ]; then
+			rm -r $i
+		else
+			mv $i run/openrc/
+		fi
+	done
+
+	rmdir $dir/rc/init.d $dir/rc /libexec 2>/dev/null
+done
+
+# create rc.local compat
+if [ -f etc/rc.local ]; then
+	cat >etc/local.d/rc.local-compat.start<<__EOF__
+#!/bin/sh
+
+# this is only here for compatibility reasons
+if [ -f /etc/rc.local ]; then
+	. /etc/rc.local
+fi
+__EOF__
+	chmod +x etc/local.d/rc.local-compat.start
+fi
+
+rename_service() {
+	oldname="$1"
+	newname="$2"
+
+	ret=1
+	for link in run/openrc/*/${oldname} etc/runlevels/*/${oldname}; do
+		newlink="${link%/*}/${newname}"
+		if [ -L "$link" ] && ! [ -L "$newlink" ]; then
+			target="$(readlink $link)"
+			ln -s "${target%/*}/$newname" "$newlink"
+			rm "$link"
+			ret=0
+			continue
+		fi
+		if [ -d "$link" ] && ! [ -d "$newlink" ]; then
+			mv "$link" "$newlink"
+			ret=0
+		fi
+	done
+
+	return $ret
+}
+
+if [ "$(apk version -t "$ver_old" '0.45-r0')" = '<' ]; then
+	# in 0.45 urandom was renamed to seedrng
+	rename_service urandom seedrng
+fi
+
+exit 0
diff --git a/openrc/supervise-daemon-defaults.patch b/openrc/supervise-daemon-defaults.patch
new file mode 100644
index 0000000..7ebc4d2
--- /dev/null
+++ b/openrc/supervise-daemon-defaults.patch
@@ -0,0 +1,31 @@
+From: Jakub Jirutka <jakub@jirutka.cz>
+Date: Wed, 16 Nov 2022 01:47:34 +0100
+Subject: [PATCH] Provide more reasonable defaults for supervise-daemon
+
+The vendor's default parameters for the supervise-daemon are unreasonable
+or even unusable for most of the services (empirically found), especially
+respawn_delay=0 (i.e. respawn crashed service immediately).
+
+--- a/etc/rc.conf
++++ b/etc/rc.conf
+@@ -317,3 +317,20 @@ rc_tty_number=12
+ # If this is set to no, we do not send sigkill to all processes in the
+ # cgroup.
+ #rc_send_sigkill="YES"
++
++##############################################################################
++# SUPERVISE DAEMON CONFIGURATION VARIABLES
++# These variables sets more reasonable defaults for supervise-daemon(8).
++# They may be overriden on a per service basis.
++
++# Wait this number of seconds before restarting a daemon after it crashes.
++respawn_delay=2
++
++# Sets the maximum number of times a daemon will be respawned during a respawn
++# period. If a daemon dies more than this number of times during a respawn
++# period, supervise-daemon(8) will give up trying to respawn it and exit.
++# 0 means unlimited.
++respawn_max=5
++
++# Sets the length in seconds of a respawn period.
++respawn_period=1800
diff --git a/openrc/sysctl-readme.patch b/openrc/sysctl-readme.patch
new file mode 100644
index 0000000..df61aa1
--- /dev/null
+++ b/openrc/sysctl-readme.patch
@@ -0,0 +1,11 @@
+diff --git a/sysctl.d/README b/sysctl.d/README
+index ca3e030..1b056a7 100644
+--- a/sysctl.d/README
++++ b/sysctl.d/README
+@@ -10,4 +10,5 @@ with .conf, or it will not be read.
+ 
+ The recommended location for local system settings is /etc/sysctl.d/local.conf
+ but as long as you follow the rules for the name of the file, anything will
+-work. see the sysctl.conf(5) man page for details of the format.
++work. see the sysctl.conf(5) man page for details of the format. This manpage
++can be found in the `procps-doc` package.
diff --git a/openrc/sysctl.initd b/openrc/sysctl.initd
new file mode 100644
index 0000000..befdb91
--- /dev/null
+++ b/openrc/sysctl.initd
@@ -0,0 +1,87 @@
+#!/sbin/openrc-run
+
+depend()
+{
+	after clock
+	before bootmisc logger
+	keyword -prefix -systemd-nspawn -vserver
+}
+
+start()
+{
+	local quiet retval=0 status
+	ebegin "Configuring kernel parameters"
+
+	yesno $rc_verbose || quiet=-q
+
+	eindent
+
+	for f in /lib/sysctl.d/*.conf \
+		/usr/lib/sysctl.d/*.conf; do
+
+		if  [ -f /etc/sysctl.d/"${f##*/}" ]; then
+			veinfo "Ignoring $f due to /etc/sysctl.d/${f##*/}"
+			continue
+		fi
+
+		if [ -f /run/sysctl.d/"${f##*/}" ]; then
+			veinfo "Ignoring $f due to /run/sysctl.d/${f##*/}"
+			continue
+		fi
+	
+		if [ -f "$f" ]; then
+			vebegin "applying $f"
+			sysctl $quiet -p "$f"
+			status=$?
+			if [ $status -gt 0 ]; then
+				# Don't change retval= since we expect some package/distro provided
+				# sysctl configurations to break, so just warn when the user wants
+				# verbose messages
+				vewarn "Unable to configure kernel parameters from $f"
+			fi
+		fi
+	done
+
+	for f in /etc/sysctl.d/*.conf; do
+
+		if [ -f /run/sysctl.d/"${f##*/}" ]; then
+			veinfo "Ignoring $f due to /run/sysctl.d/${f##*/}"
+			continue
+		fi
+
+		if [ -f "$f" ]; then
+			vebegin "applying $f"
+			sysctl $quiet -p "$f"
+			status=$?
+			if [ $status -gt 0 ]; then
+				retval=$(( $retval + $status ))
+				eerror "Unable to configure kernel parameters from $f"
+			fi
+		fi
+	done
+
+	if [ -f /etc/sysctl.conf ]; then
+		vebegin "applying /etc/sysctl.conf"
+		sysctl $quiet -p /etc/sysctl.conf
+		status=$?
+		if [ $status -gt 0 ]; then
+			retval=$(( $retval + $status ))
+			eerror "Unable to configure kernel parameters from /etc/sysctl.conf"
+		fi
+	fi
+
+	for f in /run/sysctl.d/*.conf; do
+		if [ -f "$f" ]; then
+			vebegin "applying $f"
+			sysctl $quiet -p "$f"
+			status=$?
+			if [ $status -gt 0 ]; then
+				retval=$(( $retval + $status ))
+				eerror "Unable to configure kernel parameters from $f"
+			fi
+		fi
+	done
+	eoutdent
+
+	eend $retval
+}
diff --git a/openrc/sysfsconf.initd b/openrc/sysfsconf.initd
new file mode 100644
index 0000000..433e51d
--- /dev/null
+++ b/openrc/sysfsconf.initd
@@ -0,0 +1,66 @@
+#!/sbin/openrc-run
+
+description="Set sysfs variables from /etc/sysfs.conf and /etc/sysfs.d/*.conf"
+conffile=/etc/sysfs.conf
+confdir=/etc/sysfs.d
+
+depend() {
+	need sysfs
+}
+
+setval() {
+	local value="$1" attrib="$2"
+	# Some fields need a terminating newline, others
+	# need the terminating newline to be absent :-(
+	echo -n "$value" > "$attrib" 2>/dev/null \
+		|| echo "$value" > "$attrib"
+}
+
+load_conffile() {
+	local file="$1"
+	while read line; do
+		local line=${line%%#*}
+		local cmd= attrib= value=
+		set -- $line
+		if [ $# -eq 0 ]; then
+			continue
+		fi
+		case "$1$3" in
+			mode=)	cmd=chmod
+				attrib="$2"
+				value="$4"
+				;;
+			owner=) cmd=chown
+				attrib="$2"
+				value="$4"
+				;;
+			*)	if [ "$2" = "=" ]; then
+					cmd=setval
+					attrib="$1"
+					value="$3"
+				fi
+				;; 
+		esac
+		if ! [ -e "/sys/$attrib" ]; then
+			eerror "$attrib: unknown attribute"
+			continue
+		fi
+		if [ -z "$attrib" ] || [ -z "$value" ]; then
+			eerror "syntax error in $file: '$line'"
+			continue
+		fi
+		$cmd "$value" "/sys/$attrib"
+	done < "$file"
+}
+
+start() {
+	[ -r "$conffile" -o -d "$confdir" ] || return 0
+	ebegin "Setting sysfs variables"
+	for file in $confdir/*.conf $conffile; do
+		[ -r "$file" ] || continue
+		load_conffile "$file" || return 1
+	done
+	eend 0
+
+}
+
diff --git a/openrc/test-networking.sh b/openrc/test-networking.sh
new file mode 100644
index 0000000..5e5f70b
--- /dev/null
+++ b/openrc/test-networking.sh
@@ -0,0 +1,65 @@
+#!/bin/sh
+
+# unit tests for find_ifaces and find_running_ifaces in networking.initd
+
+cfgfile=/tmp/openrc-test-network.$$
+sourcefile=$cfgfile.source
+sourcedir=$cfgfile.d
+ifstate=$cfgfile.state
+
+cat >$cfgfile<<EOF
+auto eth0
+iface eth0 inet dhcp
+
+source $sourcefile
+
+source-directory $sourcedir
+EOF
+
+cat >$sourcefile<<EOF
+auto eth1
+iface eth1 inet dhcp
+EOF
+
+mkdir -p $sourcedir
+cat >$sourcedir/a<<EOF
+auto eth2
+iface eth2 inet dhcp
+EOF
+
+cat >$ifstate<<EOF
+eth4=eth4 1
+EOF
+
+errors=0
+fail() {
+	echo "$@"
+	errors=$(( $errors + 1))
+}
+
+# test fallback, when ifquery does not exist
+ifquery=does-not-exist
+. ./networking.initd
+
+find_ifaces | grep -q -w eth0 || fail "Did not find eth0"
+find_ifaces | grep -q -E '(eth1|eth2)' && fail "Unexpectedly found eth1 or eth2"
+
+# test that ifquery finds source and source-directory
+unset ifquery
+. ./networking.initd
+for i in eth0 eth1 eth2; do
+	find_ifaces | grep -q -w "$i" || fail "Did not find $i"
+done
+
+# test that ifquery picks up the running state file
+find_running_ifaces | grep -q -w "eth4" || fail "Did not detect eth4 running"
+
+
+# test /etc/init.d/net.eth5
+RC_SVCNAME=net.eth5
+. ./networking.initd
+find_ifaces | grep -q -w "eth5" || fail "Did not detect eth5"
+find_running_ifaces | grep -q -w "eth5" || fail "Did not detect eth5 running"
+
+rm -rf $cfgfile $sourcefile $sourcedir $ifstate
+exit $errors
author	V.Krishn <vkrishn@insteps.net>	2025-01-14 15:42:15 +0000
committer	V.Krishn <vkrishn@insteps.net>	2025-01-14 15:42:15 +0000
commit	326ab867bbf3d94e3009cd90a26ebe0f78a4f41a (patch)
tree	3e6018cf369751549b92737808ca2a46523b0f42 /openrc
parent	8e449f7d39010614785a9f7dd45cc657e532a0ed (diff)
download	aportsbag-326ab867bbf3d94e3009cd90a26ebe0f78a4f41a.tar.bz2