#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.

depend()
{
	need localmount
	before logger
	after clock root sysctl
	keyword -prefix -timeout
}

: ${wipe_tmp:=${WIPE_TMP:-yes}}
: ${log_dmesg:=${LOG_DMESG:-yes}}

cleanup_tmp_dir()
{
	local dir="$1"

	if ! [ -d "$dir" ]; then
		mkdir -p "$dir" || return $?
	fi
	checkpath -W "$dir" || return 1
	chmod a+rwt "$dir" 2> /dev/null
	cd "$dir" || return 1
	if yesno $wipe_tmp; then
		ebegin "Wiping $dir directory"

		# Faster than raw find
		if ! rm -rf -- [!ajlq\.]* 2>/dev/null ; then
			# Blah, too many files
			find . -maxdepth 1 -name '[!ajlq\.]*' -exec rm -rf -- {} +
		fi

		# pam_mktemp creates a .private directory within which
		# each user gets a private directory with immutable
		# bit set; remove the immutable bit before trying to
		# remove it.
		[ -d /tmp/.private ] && chattr -R -a /tmp/.private 2> /dev/null

		# Prune the paths that are left
		find . -maxdepth 1 \
			! -name . \
			! -name lost+found \
			! -name quota.user \
			! -name aquota.user \
			! -name quota.group \
			! -name aquota.group \
			! -name journal \
			-exec rm -rf -- {} +
		eend 0
	else
		ebegin "Cleaning $dir directory"
		rm -rf -- .X*-lock esrv* kio* \
			jpsock.* .fam* .esd* \
			orbit-* ssh-* ksocket-* \
			.*-unix
		eend 0
	fi
}

cleanup_var_run_dir()
{
	ebegin "Cleaning /var/run"
	for x in $(find /var/run ! -type d ! -name utmp \
		! -name random-seed ! -name dev.db \
		! -name ld-elf.so.hints ! -name ld.so.hints);
	do
		# Clean stale sockets
		if [ -S "$x" ]; then
			if command -v fuser >/dev/null 2>&1; then
				fuser "$x" >/dev/null 2>&1 || rm -- "$x"
			else
				rm -- "$x"
			fi
		fi
		[ ! -f "$x" ] && continue
		# Do not remove pidfiles of already running daemons
		case "$x" in
			*.pid)
				start-stop-daemon --test --quiet \
				--stop --pidfile "$x" && continue
			;;
		esac
		rm -f -- "$x"
	done
	eend 0
}

mkutmp()
{
	: >"$1"
	# Not all systems have the utmp group
	chgrp utmp "$1" 2>/dev/null
	chmod 0664 "$1"
}

migrate_to_run()
{
	src="$1"
	dst="$2"
 	if [ -L $src -a "$(readlink -f $src)" != $dst ]; then
 		ewarn "$src does not point to $dst."
 		ewarn "Setting $src to point to $dst."
 		rm $src
 	elif [ ! -L $src -a -d $src ]; then
 		ebegin "Migrating $src to $dst"
 		cp -a $src/* $dst/
 		rm -rf $src
 		eend $?
 	fi
 	# If $src doesn't exist at all, just run this
 	if [ ! -e $src ]; then
 		ln -s $dst $src
 	fi
}

clean_run()
{
	[ "$RC_SYS" = VSERVER -o "$RC_SYS" = LXC ] && return 0
	local dir
	# If / is still read-only due to a problem, this will fail!
	if ! checkpath -W /; then
		eerror "/ is not writable; unable to clean up underlying /run"
		return 1
	fi
	if ! checkpath -W /tmp; then
		eerror "/tmp is not writable; unable to clean up underlying /run"
		return 1
	fi
	# Now we know that we can modify /tmp and /
	# if mktemp -d fails, it returns an EMPTY string
	# STDERR: mktemp: failed to create directory via template ‘/tmp/tmp.XXXXXXXXXX’: Read-only file system
	# STDOUT: ''
	rc=0
	dir=$(mktemp -d)
	if [ -n "$dir" -a -d $dir -a -w $dir ]; then
		mount --bind / $dir && rm -rf $dir/run/* || rc=1
		umount $dir
		rm -rf $dir
	else
		rc=1
	fi
	if [ $rc -ne 0 ]; then
		eerror "Could not clean up underlying /run on /"
		return 1
	fi
}

start()
{
	# Remove any added console dirs
	if checkpath -W "$RC_LIBEXECDIR"; then
		rm -rf "$RC_LIBEXECDIR"/console/*
	fi

	local logw=false runw=false extra=
	# Ensure that our basic dirs exist
	if [ "$RC_UNAME" = Linux ]; then
		# Satisfy Linux FHS
		extra=/var/lib/misc
		if [ ! -d /run ]; then
			extra="/var/run $extra"
		fi
	else
		extra=/var/run
	fi
	for x in /var/log /tmp $extra; do
		if ! [ -d $x ]; then
			if ! mkdir -p $x; then
				eend 1 "failed to create needed directory $x"
				return 1
			fi
		fi
	done

	if [ "$RC_UNAME" = Linux -a -d /run ]; then
		migrate_to_run	/var/lock /run/lock
		migrate_to_run	/var/run /run
		clean_run
	fi

	if checkpath -W /var/run; then
		ebegin "Creating user login records"
		local xtra=
		[ "$RC_UNAME" = NetBSD ] && xtra=x
		for x in "" $xtra; do
			mkutmp /var/run/utmp$x
		done
		[ -e /var/log/wtmp ] || mkutmp /var/log/wtmp
		eend 0

		mountinfo -q -f tmpfs /var/run || cleanup_var_run_dir
	fi

	# Clean up /tmp directories
	local tmp=
	for tmp in ${clean_tmp_dirs:-${wipe_tmp_dirs-/tmp}}; do
		mountinfo -q -f tmpfs "$tmp" || cleanup_tmp_dir "$tmp"
	done

	if checkpath -W /tmp; then
		# Make sure our X11 stuff have the correct permissions
		# Omit the chown as bootmisc is run before network is up
		# and users may be using lame LDAP auth #139411
		rm -rf /tmp/.ICE-unix /tmp/.X11-unix
		mkdir -p /tmp/.ICE-unix /tmp/.X11-unix
		chmod 1777 /tmp/.ICE-unix /tmp/.X11-unix
		if [ -x /sbin/restorecon ]; then
			restorecon /tmp/.ICE-unix /tmp/.X11-unix
		fi
	fi

	if yesno $log_dmesg; then
		if $logw || checkpath -W /var/log; then
			# Create an 'after-boot' dmesg log
			case "$RC_SYS" in
				VSERVER|OPENVZ|LXC|SYSTEMD-NSPAWN) ;;
				*)
					dmesg > /var/log/dmesg
					chmod 640 /var/log/dmesg
					;;
			esac
		fi
	fi

	return 0
}

stop()
{
	# Write a halt record if we're shutting down
	if [ "$RC_RUNLEVEL" = shutdown ]; then
		[ "$RC_UNAME" = Linux ] && halt -w
		if [ "$RC_SYS" = OPENVZ ]; then
			yesno $RC_REBOOT && printf "" >/reboot
		fi
	fi

	return 0
}

# vim: ft=sh