Initial commit for s6-overlay v3.

Signed-off-by: Laurent Bercot <[email protected]>

.github/ISSUE_TEMPLATE/config.yml

@@ -1 +0,0 @@
-blank_issues_enabled: false

.github/ISSUE_TEMPLATE/new-issue.md

@@ -1,18 +0,0 @@
----
-name: New issue
-about: Default template for s6-overlay issues
-title: ''
-labels: ''
-assignees: ''
-
----
-
-# Please provide a small Dockerfile that demonstrates your issue.
-
-Being able to reproduce your issue helps greatly in troubleshooting, the
-best way to do that is to create a small Dockerfile that we can
-use to recreate the issue.
-
-# If you've identified a fix, please open a pull request.
-
-If you've found an issue and know the fix, please open a pull request with your fix.

.github/build

@@ -1,5 +0,0 @@
-#!/bin/bash
-set -e
-set -x
-
-cd builder && RELEASE_VERSION="${TRAVIS_TAG##*/:1}" ./build-latest

.github/release

@@ -1,53 +0,0 @@
-#!/bin/bash
-set -e
-
-# don't loop if files don't exist
-shopt -s nullglob
-
-mkdir -p tools/downloads
-mkdir -p tools/cross/bin
-
-if [[ ! -d builder/dist ]] ; then
-    printf "This needs to be run from the root of the repo\n"
-    exit 1
-fi
-
-# exit if TRAVIS_TAG is empty, no need to release anything
-if [ -z "${TRAVIS_TAG}" ]; then
-  exit 0
-fi
-
-if [[ ! -f "tools/downloads/linux-amd64-github-release.bz2" ]] ; then
-  printf "Downloading tools/downloads/linux-amd64-github-release.bz2\n"
-  curl -s -R -L -o "tools/downloads/linux-amd64-github-release.bz2" \
-    "https://github.com/github-release/github-release/releases/download/v0.8.1/linux-amd64-github-release.bz2"
-fi
-
-bunzip2 "tools/downloads/linux-amd64-github-release.bz2"
-mv "tools/downloads/linux-amd64-github-release" "tools/cross/bin/github-release"
-chmod +x "tools/cross/bin/github-release"
-
-export "PATH=$(pwd)/tools/cross/bin:$PATH"
-
-# get user and repo names
-USERNAME=$(echo ${TRAVIS_REPO_SLUG} | cut -d"/" -f1)
-REPONAME=$(echo ${TRAVIS_REPO_SLUG} | cut -d"/" -f2)
-
-# release
-github-release release --user "${USERNAME}" --repo "${REPONAME}" --tag "${TRAVIS_TAG##*/}" --name "${TRAVIS_TAG##*/}" --description "$(cat builder/dist/release.md)"
-
-# s6 overlay binaries
-for i in builder/dist/*.tar.gz; do
-  name=$(basename ${i})
-  gpg -u 0x3B2FD161 --output "${i}.sig" --detach-sig "${i}"
-  github-release upload --user "${USERNAME}" --repo "${REPONAME}" --tag "${TRAVIS_TAG##*/}" --name "${name}" --file "${i}"
-  github-release upload --user "${USERNAME}" --repo "${REPONAME}" --tag "${TRAVIS_TAG##*/}" --name "${name}.sig" --file "${i}.sig"
-done
-
-# s6 overlay installer
-for i in builder/dist/*-installer; do
-  name=$(basename ${i})
-  gpg -u 0x3B2FD161 --output "${i}.sig" --detach-sig "${i}"
-  github-release upload --user "${USERNAME}" --repo "${REPONAME}" --tag "${TRAVIS_TAG##*/}" --name "${name}" --file "${i}"
-  github-release upload --user "${USERNAME}" --repo "${REPONAME}" --tag "${TRAVIS_TAG##*/}" --name "${name}.sig" --file "${i}.sig"
-done

.github/workflows/all.yml

@@ -1,60 +0,0 @@
-on: [push, pull_request]
-
-jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    steps:
-      - name: checkout code
-        uses: actions/checkout@v2
-
-      - name: build
-        run: .github/build
-        env:
-          TRAVIS_TAG: ${{ github.ref }}
-
-      - name: upload artifacts
-        uses: actions/upload-artifact@v2
-        with:
-          name: dist
-          path: |
-            builder/dist/*.tar.gz
-            builder/dist/*.md
-            builder/dist/*-installer
-
-  release:
-    name: Release
-    runs-on: ubuntu-latest
-    needs: build
-    if: startsWith(github.ref, 'refs/tags/v')
-    steps:
-      - name: checkout code
-        uses: actions/checkout@v2
-
-      - name: download artifacts
-        uses: actions/download-artifact@v2
-        with:
-          name: dist
-          path: builder/dist
-
-      - name: decrypt signing keys
-        env:
-          OPENSSL_KEY: ${{ secrets.OPENSSL_KEY }}
-          OPENSSL_IV: ${{ secrets.OPENSSL_IV }}
-        run: openssl aes-256-cbc -K $OPENSSL_KEY -iv $OPENSSL_IV -in .github/keys.tar.xz.enc -out .github/keys.tar.xz -d
-
-      - name: extract signing keys
-        run: tar xf .github/keys.tar.xz -C .github
-
-      - name: import public key
-        run: gpg --import .github/keys/public.key
-
-      - name: import private key
-        run: gpg --allow-secret-key-import --import .github/keys/private.key
-
-      - name: create and upload release
-        run: .github/release
-        env:
-          TRAVIS_REPO_SLUG: just-containers/s6-overlay
-          TRAVIS_TAG: ${{ github.ref }}
-          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}

.gitignore

@@ -1,2 +1 @@
-dist/
-.DS_Store
+/output

AUTHORS.md

@@ -1,4 +1,3 @@
-Gorka Lerchundi Osa ([@glerchundi](https://github.com/glerchundi))  
-Laurent Bercot ([@skarnet](https://github.com/skarnet))  
-John Regan ([@jprjr](https://github.com/jprjr))  
-Dreamcat4 ([@dreamcat4](https://github.com/dreamcat4))  
+Laurent Bercot ([@skarnet](https://github.com/skarnet))
+
+John Regan ([@jprjr](https://github.com/jprjr))

CHANGELOG.md

@@ -1,40 +0,0 @@
-# CHANGELOG for s6-overlay
-
-## Note about minor changes
-
-Please view the git log to see all the minor changes made to the code. This document only tracks major/breaking changes.
-
-## Major changes
-
-### Version 2.1.0.2
-
-* Add a new self-extracting installer as an installation
-  option. It works correctly on all distros, whether or not `/bin` is a
-  symlink to `/usr/bin` or a directory.
-
-### Version 2.1.0.0
-
-* Add initial support for Docker's `USER` directive.
-* Add a new binary to the tarball (`s6-overlay-preinit`), and move creating
-  a specific folder from the build-time to runtime.
-
-### Version 2.0.0.1
-
-* Fix issues with shells overwriting the `cd`
-  binary [#278](https://github.com/just-containers/s6-overlay/issues/278)
-  and tarballs having too-loose permissions [#274](https://github.com/just-containers/s6-overlay/issues/274).
-
-### Version 2.0.0.0
-
-* Starting with version `2.0.0.0`, `with-contenv` no longer uses `s6-envdir`, instead it
-  uses [justc-envdir](https://github.com/just-containers/justc-envdir), a small fork that
-  uses the entire contents of the files in the envdir. A new script is introduced, `with-contenv-legacy`,
-  in case you rely on the old behavior.
-
-### Version 1.21.8.0
-
-* Up to and including version `1.21.8.0`, the init system would call `s6-sync` to sync disks when
-  the container exited. This actually syncs all block devices on the hosts, which is
-  likely not what you want to do. As of version `1.22.0.0`, this is disabled by default, see the
-  README on how to re-enable it.
-

CONTRIBUTING

@@ -0,0 +1,5 @@
+ Please add a Signed-Off-By: line at the end of your commit,
+which certifies that you have the right and authority to pass
+it on as an open-source patch, as explicited in the Developer's
+Certificate of Origin available in this project's DCO file,
+or at https://developercertificate.org/

CONTRIBUTORS.md

@@ -1,3 +0,0 @@
-Scott Mebberson ([@smebberson](https://github.com/smebberson))
-azhuang ([@azhuang](https://github.com/azhuang))
-frekele ([@frekele](https://github.com/frekele))

COPYING

@@ -0,0 +1,16 @@
+Internet Systems Consortium license
+===================================
+
+Copyright (c) 2021 Laurent Bercot <[email protected]>, John Regan <[email protected]>
+
+Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

DCO

@@ -0,0 +1,37 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+1 Letterman Drive
+Suite D4700
+San Francisco, CA, 94129
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.

Dockerfile

@@ -1,18 +0,0 @@
-FROM ubuntu:14.04
-MAINTAINER Gorka Lerchundi Osa <[email protected]>
-
-ENV LC_ALL C
-ENV DEBIAN_FRONTEND noninteractive
-
-RUN apt-get update && \
-    apt-get -y install curl xz-utils && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-COPY builder /builder
-RUN chown -R nobody:nogroup /builder
-
-USER nobody
-ENV HOME /builder
-WORKDIR /builder
-
-CMD [ "./build-wrapper" ]

LICENSE.md

@@ -1,16 +0,0 @@
-Internet Systems Consortium license
-===================================
-
-Copyright (c) `2016`, `Laurent Bercot <ska at skarnet.org>`, `John Regan <john at jrjrtech.com>`, `Gorka Lerchundi Osa <glertxundi at gmail.com>`
-
-Permission to use, copy, modify, and/or distribute this software for any purpose
-with or without fee is hereby granted, provided that the above copyright notice
-and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
-FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
-OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
-TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
-THIS SOFTWARE.

Makefile

@@ -0,0 +1,107 @@
+it: all
+
+include conf/defaults.mk
+
+ifeq ($(strip $(OUTPUT)),)
+OUTPUT := output
+endif
+OUTPUT := $(abspath $(OUTPUT))
+HW := $(firstword $(subst -, ,$(ARCH)))
+
+include conf/versions
+include mk/toolchain.mk
+include mk/bearssl.mk
+include mk/skaware.mk
+
+.PHONY: it distclean clean all
+
+distclean:
+	exec rm -rf $(OUTPUT)
+
+clean:
+	ls -1 $(OUTPUT) | grep -vF sources | while read a ; do rm -rf $(OUTPUT)/"$$a" & : ; done ; true
+
+all: rootfs-overlay-arch-tarball symlinks-overlay-arch-tarball rootfs-overlay-noarch-tarball symlinks-overlay-noarch-tarball syslogd-overlay-noarch-tarball
+
+
+.PHONY: rootfs-overlay-arch rootfs-overlay-arch-tarball
+rootfs-overlay-arch: $(OUTPUT)/rootfs-overlay-$(ARCH)/package/admin/execline/command/execlineb
+rootfs-overlay-arch-tarball: $(OUTPUT)/s6-overlay-$(HW)-$(VERSION).tar.xz
+
+$(OUTPUT)/rootfs-overlay-$(ARCH)/package/admin/execline/command/execlineb: skaware-install
+	exec rm -rf $(OUTPUT)/rootfs-overlay-$(ARCH)
+	exec mkdir -p $(OUTPUT)/rootfs-overlay-$(ARCH)
+	exec cp -a $(OUTPUT)/staging-$(ARCH)/package $(OUTPUT)/staging-$(ARCH)/command $(OUTPUT)/rootfs-overlay-$(ARCH)/
+	exec rm -rf $(OUTPUT)/rootfs-overlay-$(ARCH)/package/*/*/include $(OUTPUT)/rootfs-overlay-$(ARCH)/package/*/*/library
+
+$(OUTPUT)/s6-overlay-$(HW)-$(VERSION).tar.xz: rootfs-overlay-arch
+	exec rm -f [email protected]
+	cd $(OUTPUT)/rootfs-overlay-$(ARCH) && tar -Jcvf [email protected] --owner=0 --group=0 --numeric-owner .
+	exec mv -f [email protected] $@
+
+.PHONY: symlinks-overlay-arch symlinks-overlay-arch-tarball
+symlinks-overlay-arch: $(OUTPUT)/symlinks-overlay-arch/usr/bin/execlineb
+symlinks-overlay-arch-tarball: $(OUTPUT)/s6-overlay-symlinks-arch-$(VERSION).tar.xz
+
+$(OUTPUT)/symlinks-overlay-arch/usr/bin/execlineb: rootfs-overlay-arch
+	exec rm -rf $(OUTPUT)/symlinks-overlay-arch
+	exec mkdir -p $(OUTPUT)/symlinks-overlay-arch/usr/bin
+	for i in `ls -1 $(OUTPUT)/rootfs-overlay-$(ARCH)/command` ; do ln -s "../../command/$$i" $(OUTPUT)/symlinks-overlay-arch/usr/bin/ ; done
+
+$(OUTPUT)/s6-overlay-symlinks-arch-$(VERSION).tar.xz: symlinks-overlay-arch
+	exec rm -f [email protected]
+	cd $(OUTPUT)/symlinks-overlay-arch && tar -Jcvf [email protected] --owner=0 --group=0 --numeric-owner .
+	exec mv -f [email protected] $@
+
+.PHONY: rootfs-overlay-noarch rootfs-overlay-noarch-tarball
+rootfs-overlay-noarch: $(OUTPUT)/rootfs-overlay-noarch/init
+rootfs-overlay-noarch-tarball: $(OUTPUT)/s6-overlay-noarch-$(VERSION).tar.xz
+
+TMPDIR := $(OUTPUT)/rootfs-overlay-noarch.tmp
+
+$(OUTPUT)/rootfs-overlay-noarch/init: layout/rootfs-overlay/init
+	exec rm -rf $(TMPDIR)
+	exec cp -a layout/rootfs-overlay $(TMPDIR)
+	find $(TMPDIR) -type f -name .empty -print | xargs rm -f --
+	find $(TMPDIR) -name '*@VERSION@*' -print | while read name ; do mv -f "$$name" `echo "$$name" | sed -e 's/@VERSION@/$(VERSION)/'` ; done
+	find $(TMPDIR) -type f -size +0c -print | xargs sed -i -e 's|@SHEBANGDIR@|$(SHEBANGDIR)|g; s/@VERSION@/$(VERSION)/g;' --
+	exec ln -s s6-overlay-$(VERSION) $(TMPDIR)/package/admin/s6-overlay
+	exec mv -f $(TMPDIR) $(OUTPUT)/rootfs-overlay-noarch
+
+$(OUTPUT)/s6-overlay-noarch-$(VERSION).tar.xz: rootfs-overlay-noarch
+	exec rm -f [email protected]
+	cd $(OUTPUT)/rootfs-overlay-noarch && tar -Jcvf [email protected] --owner=0 --group=0 --numeric-owner .
+	exec mv -f [email protected] $@
+
+.PHONY: symlinks-overlay-noarch symlinks-overlay-noarch-tarball
+symlinks-overlay-noarch: $(OUTPUT)/symlinks-overlay-noarch/usr/bin/printcontenv
+symlinks-overlay-noarch-tarball: $(OUTPUT)/s6-overlay-symlinks-noarch-$(VERSION).tar.xz
+
+$(OUTPUT)/symlinks-overlay-noarch/usr/bin/printcontenv: rootfs-overlay-noarch
+	exec rm -rf $(OUTPUT)/symlinks-overlay-noarch
+	exec mkdir -p $(OUTPUT)/symlinks-overlay-noarch/usr/bin
+	for i in `ls -1 $(OUTPUT)/rootfs-overlay-noarch/command` ; do ln -s "../../command/$$i" $(OUTPUT)/symlinks-overlay-noarch/usr/bin/ ; done
+
+$(OUTPUT)/s6-overlay-symlinks-noarch-$(VERSION).tar.xz: symlinks-overlay-noarch
+	exec rm -f [email protected]
+	cd $(OUTPUT)/symlinks-overlay-noarch && tar -Jcvf [email protected] --owner=0 --group=0 --numeric-owner .
+	exec mv -f [email protected] $@
+
+.PHONY: syslogd-overlay-noarch syslogd-overlay-noarch-tarball
+syslogd-overlay-noarch: $(OUTPUT)/syslogd-overlay-noarch/etc/s6-overlay/s6-rc.d/syslogd/run
+syslogd-overlay-noarch-tarball: $(OUTPUT)/syslogd-overlay-noarch-$(VERSION).tar.xz
+
+TMPDIR := $(OUTPUT)/syslogd-overlay-noarch.tmp
+
+$(OUTPUT)/syslogd-overlay-noarch/etc/s6-overlay/s6-rc.d/syslogd/run: layout/syslogd-overlay/etc/s6-overlay/s6-rc.d/syslogd/run
+	exec rm -rf $(TMPDIR)
+	exec cp -a layout/syslogd-overlay $(TMPDIR)
+	find $(TMPDIR) -type f -name .empty -print | xargs rm -f --
+	find $(TMPDIR) -name '*@VERSION@*' -print | while read name ; do mv -f "$$name" `echo "$$name" | sed -e 's/@VERSION@/$(VERSION)/'` ; done
+	find $(TMPDIR) -type f -size +0c -print | xargs sed -i -e 's|@SHEBANGDIR@|$(SHEBANGDIR)|g; s/@VERSION@/$(VERSION)/g;' --
+	exec mv -f $(TMPDIR) $(OUTPUT)/syslogd-overlay-noarch
+
+$(OUTPUT)/syslogd-overlay-noarch-$(VERSION).tar.xz: syslogd-overlay-noarch
+	exec rm -f [email protected]
+	cd $(OUTPUT)/syslogd-overlay-noarch && tar -Jcvf [email protected] --owner=0 --group=0 --numeric-owner .
+	exec mv -f [email protected] $@

README.md

@@ -1,3 +1,6 @@
+(This document is not up-to-date for s6-overlay v3;
+it will be updated over time.)
+
 **Table of Contents**
 
 - [Quickstart](#quickstart)
@@ -444,7 +447,7 @@ And what about numbers? `s6-overlay` takes more or less **`904K`** compressed an
 The `s6-overlay` releases are signed using `gpg`, you can import our public key:
 
 ```bash
-$ gpg --keyserver pgp.surfnet.nl  --recv-keys 6101B2783B2FD161
+$ curl https://keybase.io/justcontainers/key.asc | gpg --import
 ```
 
 Then verify the downloaded files:

builder/build-latest

@@ -1,237 +0,0 @@
-#!/usr/bin/env bash 
-set -e
-set -x
-
-##
-## PARAMS
-##
-
-RELEASE_VERSION=${RELEASE_VERSION:-2.1.1.0}
-
-SKAWARE_VERSION="2.0.4"
-SKAWARE_RELEASE="${SKAWARE_VERSION}"
-SKAWARE_SOURCE=${SKAWARE_SOURCE:-https://github.com/just-containers/skaware/releases/download/v$SKAWARE_RELEASE}
-
-ENVDIR_VERSION="1.0.1"
-ENVDIR_RELEASE="${ENVDIR_VERSION}-1"
-ENVDIR_SOURCE=${ENVDIR_SOURCE:-https://github.com/just-containers/justc-envdir/releases/download/v$ENVDIR_RELEASE}
-
-PREINIT_VERSION="1.0.5"
-PREINIT_RELEASE="${PREINIT_VERSION}"
-PREINIT_SOURCE=${PREINIT_SOURCE:-https://github.com/just-containers/s6-overlay-preinit/releases/download/v$PREINIT_RELEASE}
-
-INSTALLER_VERSION="1.0.2"
-INSTALLER_RELEASE="${INSTALLER_VERSION}"
-INSTALLER_SOURCE=${INSTALLER_SOURCE:-https://github.com/just-containers/justc-installer/releases/download/v$INSTALLER_RELEASE}
-
-MUSL_CROSS_MAKE_RELEASE=15
-MUSL_CROSS_MAKE_SRC=${MUSL_CROSS_MAKE_SRC:-https://github.com/just-containers/musl-cross-make/releases/download/v$MUSL_CROSS_MAKE_RELEASE}
-
-PWD=$(pwd)
-TMP=${PWD}/tmp
-DIST=${PWD}/dist
-OVERLAY_SRC_PATH=${OVERLAY_SRC_PATH:-$PWD/overlay-rootfs}
-OVERLAY_DST_PATH=${OVERLAY_DST_PATH:-$PWD/overlay-rootfs}
-
-mkdir -p ${TMP}
-mkdir -p ${DIST}
-
-targets=( 'amd64' 'arm' 'armhf' 'x86' 'aarch64' 'ppc64le' )
-editions=( '' 'nobin' )
-gccs=(
-'x86_64-linux-musl'
-'arm-linux-musleabi'
-'arm-linux-musleabihf'
-'i486-linux-musl'
-'aarch64-linux-musl'
-'powerpc64le-linux-musl'
-)
-
-declare -A targets_gcc
-targets_gcc[arm]=arm-linux-musleabi
-targets_gcc[armhf]=arm-linux-musleabihf
-targets_gcc[aarch64]=aarch64-linux-musl
-targets_gcc[x86]=i486-linux-musl
-targets_gcc[amd64]=x86_64-linux-musl
-targets_gcc[ppc64le]=powerpc64le-linux-musl
-
-generate_release() {
-  printf "Binary releases include the following skaware packages:\n\n" > ${DIST}/release.md
-  printf "| Software | Version |\n" >> ${DIST}/release.md
-  printf "| -------- |:-------:|\n" >> ${DIST}/release.md
-
-  while read -r line
-  do
-      package=`echo "${line}" | cut -d"=" -f1`
-      version=`echo "${line}" | cut -d"=" -f2`
-      if [ -n "${version}" ] ; then
-        printf "| %s | %s |\n" "${package}" "${version}" >> ${DIST}/release.md
-      fi
-  done < ${DIST}/manifest.txt
-  printf "\n" >> $DIST/release.md
-
-  printf "Additionally, justc-envdir version %s\n" "${ENVDIR_VERSION}" >> ${DIST}/release.md
-}
-
-get_packages_with_versions_from_manifest() {
-  # manifest
-  manifest=$1
-
-  # skaware versions manifest
-  curl -R -L -o ${TMP}/manifest.txt ${SKAWARE_SOURCE}/$manifest
-
-  # parse manifest into s6 associative array
-  versions=()
-  while read -r line
-  do
-      key=`echo "${line}" | cut -d"=" -f1`
-      value=`echo "${line}" | cut -d"=" -f2`
-      if [[ ! -z "${key}" && ! -z "${value}" ]]; then
-          versions+=("${key}-${value}")
-      fi
-  done < ${TMP}/manifest.txt
-
-  mv ${TMP}/manifest.txt ${DIST}/manifest.txt
-
-  # output manifest as an array
-  echo ${versions[@]}
-}
-
-##
-## DOWNLOAD PACKAGES
-##
-
-# destination folder
-cd ${TMP}
-
-for gcc in "${gccs[@]}"; do
-  curl -R -L -O ${MUSL_CROSS_MAKE_SRC}/gcc-7.3.0-${gcc}.tar.xz
-  tar xf gcc-7.3.0-${gcc}.tar.xz
-done
-
-for target in "${targets[@]}"; do
-  curl -R -L -O ${ENVDIR_SOURCE}/justc-envdir-${ENVDIR_VERSION}-linux-${target}.tar.gz
-  curl -R -L -O ${PREINIT_SOURCE}/s6-overlay-preinit-${PREINIT_VERSION}-linux-${target}.tar.gz
-  curl -R -L -O ${INSTALLER_SOURCE}/justc-installer-${INSTALLER_VERSION}-linux-${target}-dev.tar.gz
-  tar xf justc-installer-${INSTALLER_VERSION}-linux-${target}-dev.tar.gz --strip-components=1 -C "${targets_gcc[$target]}"
-done
-
-packages=($(get_packages_with_versions_from_manifest "manifest-linux.txt"))
-for package in "${packages[@]}"; do
-  for target in "${targets[@]}"; do
-    file=${package}-linux-${target}-bin.tar.gz
-    curl -R -L -O ${SKAWARE_SOURCE}/$file
-    file=${package}-linux-${target}-dev.tar.gz
-    curl -R -L -O ${SKAWARE_SOURCE}/$file
-    tar xf ${package}-linux-${target}-dev.tar.gz --strip-components=1 -C "${targets_gcc[$target]}"
-  done
-done
-
-
-generate_release
-
-##
-## OVERLAYS
-##
-
-for edition in "${editions[@]}"; do
-  for target in "${targets[@]}"; do
-    # overlay path and dist file
-    if [ "${edition}" == "nobin" ]; then
-      overlaydstpath="$OVERLAY_DST_PATH-nobin"
-      overlaytarpath="${DIST}/s6-overlay-nobin.tar"
-    else
-      overlaydstpath="$OVERLAY_DST_PATH-raw"
-      overlaytarpath="${DIST}/s6-overlay-$target.tar"
-    fi
-
-    rm -rf $overlaydstpath
-    rm -f  $overlaytarpath
-    rm -f  $overlaytarpath.gz
-    rm -f  payload.tar
-    rm -f  payload.o
-  
-    # create overlay folder
-    mkdir -p $overlaydstpath
-    mkdir -p ${DIST}
-  
-    # copy overlay files
-    cp -a $OVERLAY_SRC_PATH/. $overlaydstpath/
-  
-    if [ "${edition}" != "nobin" ]; then
-      # skarnet versions manifest
-      packages=($(get_packages_with_versions_from_manifest "manifest-linux.txt"))
-  
-      # install required binaries for this concrete output
-      for package in "${packages[@]}"; do
-        tar xvfz ${TMP}/$package-linux-$target-bin.tar.gz -C $overlaydstpath
-      done
-      tar xvfz ${TMP}/justc-envdir-${ENVDIR_VERSION}-linux-$target.tar.gz -C $overlaydstpath
-      tar xvfz ${TMP}/s6-overlay-preinit-${PREINIT_VERSION}-linux-$target.tar.gz -C $overlaydstpath
-    fi
-
-    # create must exist directories
-    mkdir -p $overlaydstpath/etc/s6/init/env-stage2
-    mkdir -p $overlaydstpath/etc/{cont-init.d,cont-finish.d,fix-attrs.d,services.d}
-
-    # fix perms for utilities
-    chmod 0755 $overlaydstpath/usr/bin/fix-attrs
-    chmod 0755 $overlaydstpath/usr/bin/logutil-{newfifo,service,service-main}
-    chmod 0755 $overlaydstpath/usr/bin/printcontenv
-    chmod 0755 $overlaydstpath/usr/bin/with-{contenv,retries,contenv-legacy}
-
-    # fix init perms
-    chmod 0755 $overlaydstpath/init
-    chmod 0755 $overlaydstpath/etc/s6/init/init-*
-    chmod 0755 $overlaydstpath/etc/s6/init-catchall/init-*
-    chmod 0755 $overlaydstpath/etc/s6/init-no-catchall/init-*
-    chmod 0755 $overlaydstpath/etc/s6/services/.s6-svscan/{crash,finish}
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/run
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-svscan-log/run
-
-    # fix misc perms
-    chmod 0755 $overlaydstpath/etc
-    chmod 0755 $overlaydstpath/etc/{cont-init.d,cont-finish.d,fix-attrs.d,services.d}
-    chmod 0755 $overlaydstpath/etc/s6
-    chmod 0755 $overlaydstpath/etc/s6/{services,init-catchall,init-no-catchall,init}
-    chmod 0755 $overlaydstpath/etc/s6/{init-catchall,init-no-catchall,init,services}
-    chmod 0755 $overlaydstpath/etc/s6/init/{env,env-stage2}
-    chmod 0755 $overlaydstpath/etc/s6/services/{.s6-svscan,s6-fdholderd,s6-svscan-log}
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/rules
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/rules/uid
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/rules/uid/{0,default}
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/rules/uid/0/env
-    chmod 0755 $overlaydstpath/etc/s6/services/s6-fdholderd/rules/uid/default/env
-    chmod 0755 $overlaydstpath/usr/bin
-
-    if [ "${edition}" != "nobin" ]; then
-        chmod 0755 $overlaydstpath/bin
-        chmod 0755 $overlaydstpath/libexec
-
-        # setuid for preinit
-        chmod 4755 $overlaydstpath/bin/s6-overlay-preinit
-    fi
-
-    chmod 0644 $overlaydstpath/etc/s6/services/s6-fdholderd/notification-fd
-    chmod 0644 $overlaydstpath/etc/s6/init/env/*
-    chmod 0644 $overlaydstpath/etc/s6/init/init-stage2-fixattrs.txt
-
-    # dist!
-    tar --owner=root --group=root \
-        -cvf                     \
-        $overlaytarpath           \
-        -C $overlaydstpath        \
-        ./
-    gzip -k $overlaytarpath
-
-    # create installer
-    if [ "${edition}" != "nobin" ] ; then
-        mv $overlaytarpath payload.tar
-        ${TMP}/bin/${targets_gcc[$target]}-ld -r -b binary payload.tar -o payload.o
-        ${TMP}/bin/${targets_gcc[$target]}-gcc -static -o ${DIST}/s6-overlay-${target}-installer -ljustc_installer payload.o -lskarnet
-    fi
-
-  done
-done
-
-exit 0

builder/build-wrapper

@@ -1,7 +0,0 @@
-#!/usr/bin/env bash 
-set -e
-set -x
-
-rm -f $HOME/dist/*
-./build-latest 2>&1 | tee "$HOME/dist/build-latest-$(date +'%Y%m%d%H%M%S').log"
-exit 0

builder/overlay-rootfs/etc/s6/init-catchall/init-stage1

@@ -1,70 +0,0 @@
-#!/bin/execlineb -S0
-
-##
-## ensure our vital fifo exists
-##
-
-if { s6-rmrf /var/run/s6/uncaught-logs-fifo }
-if { s6-mkfifo -m 0600 -- /var/run/s6/uncaught-logs-fifo }
-
-
-##
-## ensure ownership & permissions for our vital files
-##
-
-if { s6-rmrf /var/log/s6-uncaught-logs }
-if { s6-mkdir -p /var/log/s6-uncaught-logs }
-if { s6-envuidgid -D 32768:32768 nobody s6-chown -U /var/log/s6-uncaught-logs }
-if { s6-chmod 2700 /var/log/s6-uncaught-logs }
-
-
-##
-## init the scandir with our base services
-##
-
-if { s6-rmrf /var/run/s6/services }
-if { s6-hiercopy /etc/s6/services /var/run/s6/services }
-
-##
-## ensure s6-fdholderd fifo exists
-##
-
-if { s6-rmrf /var/run/s6/services/s6-fdholderd/supervise }
-if { s6-mkdir -m 0700 /var/run/s6/services/s6-fdholderd/supervise }
-if { s6-rmrf /var/run/s6/services/s6-fdholderd/supervise/control }
-if { s6-mkfifo -m 0600 /var/run/s6/services/s6-fdholderd/supervise/control }
-
-
-##
-## fork the "init-stage2" script
-##
-
-background
-{
-  # block until the supervision tree is running
-  redirfd -w 3 /var/run/s6/uncaught-logs-fifo
-  fdclose 3
-
-  # add some environment
-  s6-envdir -- /etc/s6/init/env-stage2
-
-  # run the script
-  /etc/s6/init-catchall/init-stage2 $@
-}
-unexport !
-
-
-##
-## run the rest of stage 1 with sanitized descriptors
-##
-
-redirfd -r 0 /dev/null
-redirfd -wnb 1 /var/run/s6/uncaught-logs-fifo
-fdmove -c 2 1
-
-
-##
-## start the supervision tree
-##
-
-s6-svscan -t0 /var/run/s6/services

builder/overlay-rootfs/etc/s6/init-catchall/init-stage2

@@ -1,2 +0,0 @@
-#!/bin/execlineb -S0
-/etc/s6/init/init-stage2 $@

builder/overlay-rootfs/etc/s6/init-no-catchall/init-stage1

@@ -1,52 +0,0 @@
-#!/bin/execlineb -S0
-
-##
-## init the scandir with our base services
-##
-
-if { s6-rmrf /var/run/s6/services }
-if { s6-hiercopy /etc/s6/services /var/run/s6/services }
-if { s6-rmrf /var/run/s6/services/s6-svscan-log }
-
-
-##
-## ensure s6-fdholderd fifo exists
-##
-
-if { s6-rmrf /var/run/s6/services/s6-fdholderd/supervise }
-if { s6-mkdir -m 0700 /var/run/s6/services/s6-fdholderd/supervise }
-if { s6-rmrf /var/run/s6/services/s6-fdholderd/supervise/control }
-if { s6-mkfifo -m 0600 /var/run/s6/services/s6-fdholderd/supervise/control }
-
-
-##
-## fork the "init-stage2" script
-##
-
-background
-{
-  # block until the supervision tree is running
-  redirfd -w 3 /var/run/s6/services/s6-fdholderd/supervise/control
-  fdclose 3
-
-  # add some environment
-  s6-envdir -- /etc/s6/init/env-stage2
-
-  # run the script
-  /etc/s6/init-no-catchall/init-stage2 $@
-}
-unexport !
-
-
-##
-## run the rest of stage 1 with sanitized descriptors
-##
-
-redirfd -r 0 /dev/null
-
-
-##
-## start the supervision tree
-##
-
-s6-svscan -t0 /var/run/s6/services

builder/overlay-rootfs/etc/s6/init-no-catchall/init-stage2

@@ -1,2 +0,0 @@
-#!/bin/execlineb -S0
-/etc/s6/init/init-stage2 $@

builder/overlay-rootfs/etc/s6/init/env/PATH

@@ -1 +0,0 @@
-/usr/bin:/usr/sbin:/bin:/sbin

builder/overlay-rootfs/etc/s6/init/init-stage1

@@ -1,74 +0,0 @@
-#!/bin/execlineb -S0
-
-##
-## create the needed /var/run (and /var/run/s6) directories
-##
-
-if { /bin/s6-overlay-preinit }
-
-##
-## dump environment into an envdir if S6_KEEP_ENV is unset
-##
-
-getcwd CWD
-
-importas -D 0 S6_KEEP_ENV S6_KEEP_ENV
-define -s DO_NOT_KEEP_ENV "s6-test ${S6_KEEP_ENV} -eq 0"
-if
-{
-  ifelse { ${DO_NOT_KEEP_ENV} }
-  {
-    if { s6-rmrf /var/run/s6/container_environment }
-    if { s6-mkdir -pm 0755 -- /var/run/s6/container_environment }
-    s6-dumpenv -- /var/run/s6/container_environment
-  }
-  exit 0
-}
-
-##
-## create env folder for each init stage, although stage1 is always copied from
-## /etc/s6/init/env, it's made available in /var/run/s6/env-stage1 just for
-## consistency.
-##
-
-if
-{
-  elglob -0 -- envdirs /var/run/s6/env-*
-  forx -p -- envdir { ${envdirs} }
-  importas -u envdir envdir
-  s6-rmrf ${envdir}
-}
-if { s6-mkdir -pm 0755 -- /var/run/s6 }
-if { s6-hiercopy /etc/s6/init/env /var/run/s6/env-stage1 }
-if { s6-mkdir -pm 0755 -- /var/run/s6/env-stage2 }
-if { s6-mkdir -pm 0755 -- /var/run/s6/env-stage3 }
-
-
-##
-## run everything else with only the environment defined in
-## /var/run/s6/env-stage1 if we are not instructed to keep
-## docker env. Programs can get back the container
-## environment by using "with-contenv program".
-##
-
-ifthenelse -s { ${DO_NOT_KEEP_ENV} }
-{
-  exec -c --
-  s6-envdir /var/run/s6/env-stage1
-}
-{ }
-
-backtick -D "" -n S6_CMD_ARG0 { printcontenv S6_CMD_ARG0 }
-importas -d "\n" -s -u S6_CMD_ARG0 S6_CMD_ARG0
-
-##
-## route based on what was provided in S6_LOGGING
-##
-
-backtick -D 0 -n S6_LOGGING { printcontenv S6_LOGGING }
-importas -u S6_LOGGING S6_LOGGING
-ifelse { s6-test ${S6_LOGGING} -ne 0 }
-{
-  /etc/s6/init-catchall/init-stage1 ${S6_CMD_ARG0} $@
-}
-/etc/s6/init-no-catchall/init-stage1 ${S6_CMD_ARG0} $@

builder/overlay-rootfs/etc/s6/init/init-stage2

@@ -1,234 +0,0 @@
-#!/bin/execlineb -S0
-
-# This file is executed (not as process 1!) as soon as s6-svscan
-# starts, with the original stdin/out/err, but NOT the original
-# environment.
-# Purpose of this file: to perform all the one-time initialization tasks.
-
-# Merge environments from our custom stage into current context
-s6-envdir -I /var/run/s6/env-stage2
-
-# This env decides what to do if stage2 fails
-backtick -D 0 -n S6_BEHAVIOUR_IF_STAGE2_FAILS { printcontenv S6_BEHAVIOUR_IF_STAGE2_FAILS }
-importas -u S6_BEHAVIOUR_IF_STAGE2_FAILS S6_BEHAVIOUR_IF_STAGE2_FAILS
-
-# This env determines whether user provided files in /etc should be linked 
-# or copied into /var/run/s6
-backtick -D 0 -n S6_READ_ONLY_ROOT { printcontenv S6_READ_ONLY_ROOT }
-importas -u S6_READ_ONLY_ROOT S6_READ_ONLY_ROOT
-
-foreground
-{
-  if
-  {
-    /etc/s6/init/init-stage2-redirfd
-    foreground
-    {
-      ##
-      ## copy user provided files to /var/run/s6/etc, depending on S6_RUNTIME_PROFILE env,
-      ## /etc (if not defined) or /etc/cont-profile.d/${S6_RUNTIME_PROFILE} will be used
-      ## as copying source.
-      ##
-
-      if
-      {
-        if { s6-echo -n -- "[s6-init] making user provided files available at /var/run/s6/etc..." }
-        foreground
-        {
-          backtick -D "" -n S6_RUNTIME_PROFILE { printcontenv S6_RUNTIME_PROFILE }
-          importas -u S6_RUNTIME_PROFILE S6_RUNTIME_PROFILE
-          backtick -n S6_RUNTIME_PROFILE_SRC {
-            ifte { s6-echo "/etc/cont-profile.d/${S6_RUNTIME_PROFILE}" } { s6-echo "/etc" }
-            s6-test -n ${S6_RUNTIME_PROFILE}
-          }
-          importas -u S6_RUNTIME_PROFILE_SRC S6_RUNTIME_PROFILE_SRC
-          if { s6-rmrf /var/run/s6/etc }
-          if { s6-mkdir -pm 0755 /var/run/s6/etc }
-          forx i { "fix-attrs.d" "cont-init.d" "cont-finish.d" "services.d" }
-          importas -u i i
-          if { s6-test -d ${S6_RUNTIME_PROFILE_SRC}/${i} }
-          # although s6-hiercopy is prefered, and until it doesn't support 'follow symlinks'
-          # option, there is no clean way to allow symlinks between user provided runcoms.
-          ifelse { s6-test ${S6_READ_ONLY_ROOT} -eq 0 } { 
-            s6-ln -s ${S6_RUNTIME_PROFILE_SRC}/${i} /var/run/s6/etc/${i} 
-          }
-          if { s6-hiercopy ${S6_RUNTIME_PROFILE_SRC}/${i} /var/run/s6/etc/${i} }
-        }
-        importas -u ? ?
-        if { s6-echo -- "exited ${?}." }
-        ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
-        exit ${?}
-      }
-
-
-      ##
-      ## fix-attrs: ensure user-provided files have correct ownership & perms
-      ##
-      
-      if
-      {
-        if { s6-echo -n -- "[s6-init] ensuring user provided files have correct perms..." }
-        foreground { redirfd -r 0 /etc/s6/init/init-stage2-fixattrs.txt fix-attrs }
-        importas -u ? ?
-        if { s6-echo -- "exited ${?}." }
-        ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
-        exit ${?}
-      }
-      
-
-      ##
-      ## fix-attrs.d: apply user-provided ownership & permission fixes
-      ##
-
-      if
-      {
-        if -t { s6-test -d /var/run/s6/etc/fix-attrs.d }
-        if { s6-echo "[fix-attrs.d] applying ownership & permissions fixes..." }
-        if
-        {
-          elglob -s0 g "/var/run/s6/etc/fix-attrs.d/*"
-          forx d { $g }
-          importas -ui d d
-          backtick -n i {
-              s6-basename "$d"
-          }
-          importas -ui i i
-          if { s6-echo -- "[fix-attrs.d] ${i}: applying... " }
-          foreground { redirfd -r 0 /var/run/s6/etc/fix-attrs.d/${i} fix-attrs }
-          importas -u ? ?
-          if { s6-echo -- "[fix-attrs.d] ${i}: exited ${?}." }
-          ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
-          exit ${?}
-        }
-        if { s6-echo -- "[fix-attrs.d] done." }
-      }
-
-      ##
-      ## cont-init.d: one-time init scripts
-      ##
-
-      if
-      {
-        if -t { s6-test -d /var/run/s6/etc/cont-init.d }
-        if { s6-echo "[cont-init.d] executing container initialization scripts..." }
-        if
-        {
-          elglob -s0 g "/var/run/s6/etc/cont-init.d/*"
-          forx -o0 d { $g }
-          importas -ui d d
-          backtick -n i {
-              s6-basename "$d"
-          }
-          importas -ui i i
-          if { s6-echo -- "[cont-init.d] ${i}: executing... " }
-          foreground { /var/run/s6/etc/cont-init.d/${i} }
-          importas -u ? ?
-          if { s6-echo -- "[cont-init.d] ${i}: exited ${?}." }
-          ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
-          exit ${?}
-        }
-        if { s6-echo -- "[cont-init.d] done." }
-      }
-
-      ##
-      ## services.d: long-lived processes to be supervised
-      ##
-
-      if
-      {
-        if -t { s6-test -d /var/run/s6/etc/services.d }
-        if { s6-echo "[services.d] starting services" }
-        if
-        {
-          elglob -s0 g "/var/run/s6/etc/services.d/*"
-          forx -p d { $g }
-          importas -ui d d
-          backtick -n i {
-              s6-basename "$d"
-          }
-          importas -ui i i
-          if { s6-test -d /var/run/s6/etc/services.d/${i} }
-          s6-hiercopy /var/run/s6/etc/services.d/${i} /var/run/s6/services/${i}
-        }
-        if { s6-svscanctl -a /var/run/s6/services }
-        if
-        {
-          # This envs decide if CMD should wait until services are up
-          backtick -D 0 -n S6_CMD_WAIT_FOR_SERVICES { printcontenv S6_CMD_WAIT_FOR_SERVICES }
-          importas -u S6_CMD_WAIT_FOR_SERVICES S6_CMD_WAIT_FOR_SERVICES
-          backtick -D 5000 -n S6_CMD_WAIT_FOR_SERVICES_MAXTIME { printcontenv S6_CMD_WAIT_FOR_SERVICES_MAXTIME }
-          importas -u S6_CMD_WAIT_FOR_SERVICES_MAXTIME S6_CMD_WAIT_FOR_SERVICES_MAXTIME
-
-          if -t { if { s6-test ${S6_CMD_WAIT_FOR_SERVICES} -ne 0 } s6-test $# -ne 0 }
-          s6-maximumtime -t ${S6_CMD_WAIT_FOR_SERVICES_MAXTIME}
-          elglob -s0 g "/var/run/s6/etc/services.d/*"
-          forx -o 0 d { $g }
-          importas -ui d d
-          backtick -n i {
-              s6-basename "$d"
-          }
-          importas -ui i i
-          ifelse { s6-test -f /var/run/s6/services/${i}/down } { exit 0 }
-          ifelse { s6-test -f /var/run/s6/services/${i}/notification-fd }
-          {
-            s6-svwait -t ${S6_CMD_WAIT_FOR_SERVICES_MAXTIME} -U /var/run/s6/services/${i}
-          }
-          s6-svwait -t ${S6_CMD_WAIT_FOR_SERVICES_MAXTIME} -u /var/run/s6/services/${i}
-        }
-        if { s6-echo -- "[services.d] done." }
-      }
-    }
-    importas -u ? ?
-    ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -eq 0 } { exit 0 }
-
-    # Make stage2 exit code available in stage3
-    foreground { redirfd -w 1 /var/run/s6/env-stage3/S6_STAGE2_EXITED s6-echo -n -- "${?}" }
-    exit ${?}
-  }
-
-
-  ##
-  ## The init is complete, If the user has a given CMD, run it now, then
-  ## kill everything when it exits.
-  ##
-
-  if -t { s6-test $# -ne 0 }
-
-  foreground {
-      s6-setsid -gq -- with-contenv
-      backtick -D 0 -n S6_LOGGING { printcontenv S6_LOGGING }
-      importas S6_LOGGING S6_LOGGING
-      ifelse { s6-test ${S6_LOGGING} -eq 2 }
-      {
-          redirfd -w 1 /var/run/s6/uncaught-logs-fifo
-          fdmove -c 2 1
-          $@
-      }
-      $@
-  }
-
-  importas -u ? ?
-
-  foreground {
-      /etc/s6/init/init-stage2-redirfd
-      s6-echo -- "[cmd] ${1} exited ${?}"
-  }
-
-  # Make CMD exit code available in stage3
-  foreground { redirfd -w 1 /var/run/s6/env-stage3/S6_STAGE2_EXITED s6-echo -n -- "${?}" }
-
-  # Stop supervision tree
-  foreground { s6-svscanctl -tb /var/run/s6/services }
-
-  # Wait to be nuked
-  s6-pause -th
-
-}
-importas -u ? ?
-if { s6-test ${?} -ne 0 }
-if { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -ne 0 }
-ifelse { s6-test ${S6_BEHAVIOUR_IF_STAGE2_FAILS} -ne 1 }
-{
-  s6-svscanctl -t /var/run/s6/services
-}
-s6-echo -- "\n!!!!!\n init-stage2 failed.\n!!!!!"

builder/overlay-rootfs/etc/s6/init/init-stage2-fixattrs.txt

@@ -1,8 +0,0 @@
-/var/run/s6/etc/fix-attrs.d/* false root 0644 0755
-/var/run/s6/etc/cont-init.d/* false root 0755 0755
-/var/run/s6/etc/cont-finish.d/* false root 0755 0755
-/var/run/s6/etc/services.d/*/run false root 0755 0755
-/var/run/s6/etc/services.d/*/finish false root 0755 0755
-/var/run/s6/etc/services.d/*/log/run false root 0755 0755
-/var/run/s6/etc/services.d/*/log/finish false root 0755 0755
-/var/run/s6/etc/services.d/*/data/check false root 0755 0755

builder/overlay-rootfs/etc/s6/init/init-stage2-redirfd

@@ -1,11 +0,0 @@
-#!/bin/execlineb -S0
-
-backtick -D 0 -n S6_LOGGING { printcontenv S6_LOGGING }
-importas -u S6_LOGGING S6_LOGGING
-ifelse { s6-test ${S6_LOGGING} -ne 0 }
-{
-  redirfd -w 1 /var/run/s6/uncaught-logs-fifo
-  fdmove -c 2 1
-  $@
-}
-$@

builder/overlay-rootfs/etc/s6/init/init-stage3

@@ -1,102 +0,0 @@
-#!/bin/execlineb -S0
-
-# This is the shutdown script, running as process 1.
-execline-cd /
-
-# Merge environments from our custom stage into current context
-s6-envdir -I /var/run/s6/env-stage3
-
-# This env decides if we should call s6-sync or not (default no)
-backtick -D 0 -n S6_SYNC_DISKS { printcontenv S6_SYNC_DISKS }
-importas -u S6_SYNC_DISKS S6_SYNC_DISKS
-
-# cont-finish.d: one-time finish scripts
-
-foreground
-{
-  backtick -D 5000 -n S6_KILL_FINISH_MAXTIME { printcontenv S6_KILL_FINISH_MAXTIME }
-  importas -u S6_KILL_FINISH_MAXTIME S6_KILL_FINISH_MAXTIME
-  if
-  {
-    if -t { s6-test -d /var/run/s6/etc/cont-finish.d }
-    if { s6-echo "[cont-finish.d] executing container finish scripts..." }
-    if
-    {
-      elglob -s0 g "/var/run/s6/etc/cont-finish.d/*"
-      forx -o0 d { $g }
-      importas -ui d d
-      backtick -n i {
-          s6-basename "$d"
-      }
-      importas -ui i i
-      if { s6-echo -- "[cont-finish.d] ${i}: executing... " }
-      foreground
-      {
-        s6-maximumtime -k ${S6_KILL_FINISH_MAXTIME}
-        /var/run/s6/etc/cont-finish.d/${i}
-      }
-      importas -u ? ?
-      s6-echo -- "[cont-finish.d] ${i}: exited ${?}."
-    }
-    s6-echo -- "[cont-finish.d] done."
-  }
-}
-
-# Wait service down
-
-foreground { s6-echo "[s6-finish] waiting for services." }
-foreground
-{
-  backtick -D 3000 -n S6_SERVICES_GRACETIME { printcontenv S6_SERVICES_GRACETIME }
-  importas -u S6_SERVICES_GRACETIME S6_SERVICES_GRACETIME
-  elglob SERVICES /var/run/s6/services/*
-  foreground { s6-svwait -D -t ${S6_SERVICES_GRACETIME} ${SERVICES} }
-  s6-sleep -m 200
-}
-
-# Sync before TERM'n
-foreground
-{
-  if { s6-test ${S6_SYNC_DISKS} -eq 1 }
-    foreground { s6-echo "[s6-finish] syncing disks." }
-    foreground { s6-sync }
-}
-
-
-# Kill everything, gently.
-
-foreground { s6-echo "[s6-finish] sending all processes the TERM signal." }
-foreground { s6-nuke -th } # foreground is process 1: it survives
-foreground
-{
-
-  backtick -D 3000 -n S6_KILL_GRACETIME { printcontenv S6_KILL_GRACETIME }
-  importas -u S6_KILL_GRACETIME S6_KILL_GRACETIME
-  s6-sleep -m -- ${S6_KILL_GRACETIME}
-}
-
-# Last message, then close our pipes and give the logger some time.
-foreground { s6-echo "[s6-finish] sending all processes the KILL signal and exiting." }
-fdclose 1 fdclose 2
-s6-sleep -m 200
-
-
-# Kill everything, brutally.
-
-foreground { s6-nuke -k } # foreground is process 1: it survives again
-
-
-# Reap all the zombies then sync, and we're done.
-
-wait { }
-foreground
-{
-  if { s6-test ${S6_SYNC_DISKS} -eq 1 }
-    s6-sync
-}
-
-
-# Use CMD exit code defaulting to zero if not present.
-
-importas -u -D0 S6_STAGE2_EXITED S6_STAGE2_EXITED
-exit ${S6_STAGE2_EXITED}

builder/overlay-rootfs/etc/s6/services/.s6-svscan/crash

@@ -1,8 +0,0 @@
-#!/bin/execlineb -P
-
-# This file is run when an unrecoverable error happens
-# to s6-svscan. Edit it to suit your needs.
-
-fdmove -c 2 1
-foreground { s6-echo "s6-svscan panicked! Dropping to a root shell.\n" }
-/bin/sh -i

builder/overlay-rootfs/etc/s6/services/.s6-svscan/finish

@@ -1,2 +0,0 @@
-#!/bin/execlineb -S0
-/etc/s6/init/init-stage3 $@

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/down

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/notification-fd

@@ -1 +0,0 @@
-1

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/rules/uid/0/env/S6_FDHOLDER_GETDUMP

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/rules/uid/0/env/S6_FDHOLDER_LIST

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/rules/uid/0/env/S6_FDHOLDER_RETRIEVE_REGEX

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/rules/uid/0/env/S6_FDHOLDER_SETDUMP

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/rules/uid/0/env/S6_FDHOLDER_STORE_REGEX

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/rules/uid/default/env/S6_FDHOLDER_LIST

@@ -1 +0,0 @@
-

builder/overlay-rootfs/etc/s6/services/s6-fdholderd/run

@@ -1,3 +0,0 @@
-#!/bin/execlineb -P
-s6-envuidgid -D 32769:32769 daemon
-s6-fdholder-daemon -U -1 -i rules -- /var/run/s6/fdholderd-socket

builder/overlay-rootfs/etc/s6/services/s6-svscan-log/run

@@ -1,2 +0,0 @@
-#!/bin/execlineb -P
-logutil-service -f /var/run/s6/uncaught-logs-fifo /var/log/s6-uncaught-logs

builder/overlay-rootfs/init

@@ -1,13 +0,0 @@
-#!/bin/execlineb -S0
-
-##
-## load default PATH (the same that Docker includes if not provided) if it doesn't exist,
-## then go ahead with stage1.
-## this was motivated due to this issue:
-## - https://github.com/just-containers/s6-overlay/issues/108
-##
-
-
-/bin/importas -D /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH
-export PATH ${PATH}
-/etc/s6/init/init-stage1 $@

builder/overlay-rootfs/usr/bin/execlineb

@@ -1 +0,0 @@
-/bin/execlineb

builder/overlay-rootfs/usr/bin/fix-attrs

@@ -1,66 +0,0 @@
-#!/bin/execlineb -P
-
-/bin/export PATH /usr/bin:/bin
-/bin/export recfunction "\
-foreground { s6-chown -u ${3} -g ${4} -- ${1} }
-foreground
-{
-  ifelse { s6-test -d ${1} }
-  {
-    if -t { s6-test ! ${6} = "-" }
-    s6-chmod ${6} ${1}
-  }
-  if -t { s6-test ! ${5} = "-" }
-  s6-chmod ${5} ${1}
-}
-if -t { if { s6-${2} } s6-test -d ${1} }
-forbacktickx -0 subfile
-{
-  backtick -D 0 -n S6_FIX_ATTRS_HIDDEN { printcontenv S6_FIX_ATTRS_HIDDEN }
-  importas S6_FIX_ATTRS_HIDDEN S6_FIX_ATTRS_HIDDEN
-  ifelse { s6-test ${S6_FIX_ATTRS_HIDDEN} -eq 0 } { s6-ls -0 ${1} }
-  s6-ls -0 -a ${1}
-}
-multisubstitute
-{
-  importas -u subfile subfile
-  importas recfunction recfunction
-}
-execlineb -S6 -c ${recfunction} ${1}/${subfile} true ${3} ${4} ${5} ${6}"
-
-# process each line
-forstdin -d"\n" -- line
-importas -u line line
-if { s6-test -n ${line} }
-multidefine -0 -Cd" \t" -- ${line} { globex recurse userentry fmode dmode }
-# get 'uid' and 'gid'
-multidefine -Cd"," -- ${userentry} { account uidgid }
-backtick -n envuidgid_opts
-{
-  backtick -n opts
-  {
-    ifte { s6-echo -- -D${uidgid} } { s6-echo -- -i }
-    s6-test -n ${uidgid}
-  }
-  importas -u opts opts
-  ifte { s6-echo -- -nB ${opts} } { s6-echo -- ${opts} }
-  pipeline { s6-echo ${account} }
-  if
-  {
-    redirfd -w 1 /dev/null
-    fdmove -c 2 1
-    s6-grep -- ":"
-  }
-}
-importas -u -sCd" \t" envuidgid_opts envuidgid_opts
-s6-envuidgid ${envuidgid_opts} ${account}
-importas -u uid UID
-importas -u gid GID
-elglob -0 -- files ${globex}
-forx -p -- file { ${files} }
-multisubstitute
-{
-  importas -u file file
-  importas recfunction recfunction
-}
-execlineb -S6 -c ${recfunction} ${file} ${recurse} ${uid} ${gid} ${fmode} ${dmode}

builder/overlay-rootfs/usr/bin/logutil-service

@@ -1,20 +0,0 @@
-#!/bin/execlineb
-
-# test if arguments were given
-elgetopt "f:"
-multisubstitute
-{
-  importas -u -D "" fifo ELGETOPT_f
-}
-elgetpositionals -P0
-emptyenv -P
-if { s6-test ${#} -ge 1 }
-
-
-# switch between std{out,err} or fifo
-ifelse { s6-test -n ${fifo} }
-{
-  redirfd -rnb 0 ${fifo}
-  logutil-service-main ${1}
-}
-logutil-service-main ${1}

builder/overlay-rootfs/usr/bin/logutil-service-main

@@ -1,11 +0,0 @@
-#!/bin/execlineb -S1
-
-# this env decides what to log and how.
-backtick -D "n20 s1000000 T" -n S6_LOGGING_SCRIPT { printcontenv S6_LOGGING_SCRIPT }
-importas -u -sCd" \t" S6_LOGGING_SCRIPT S6_LOGGING_SCRIPT
-
-# execute s6-log and drop root rights in favor of nobody
-s6-envuidgid -D 32768:32768 nobody
-s6-applyuidgid -U
-exec -c
-s6-log -bp -- ${S6_LOGGING_SCRIPT} ${1}

builder/overlay-rootfs/usr/bin/printcontenv

@@ -1,27 +0,0 @@
-#!/bin/execlineb -S0
-
-# test if arguments were given
-if { s6-test ${#} -ge 1 }
-
-importas -D 0 S6_KEEP_ENV S6_KEEP_ENV
-# if S6_KEEP_ENV was passed, whole supervision tree should see
-# original docker environement
-ifelse  { s6-test ${S6_KEEP_ENV} -ne 0 }
-{
-  redirfd -w 2 /dev/null importas -i value ${1}
-  s6-echo -n -- ${value}
-}
-
-# else: original docker env was dumped into container_environment
-# retrieve it from there and print if it exists
-if { s6-test -f /var/run/s6/container_environment/${1} }
-if 
-{
-  backtick value
-  {
-    redirfd -r 0 /var/run/s6/container_environment/${1}
-    s6-cat
-  }
-  importas -u value value
-  s6-echo -- ${value}
-}

builder/overlay-rootfs/usr/bin/with-contenv

@@ -1,11 +0,0 @@
-#!/bin/execlineb -S0
-importas -D 0 S6_KEEP_ENV S6_KEEP_ENV
-ifelse { s6-test ${S6_KEEP_ENV} -eq 0 }
-{
-  /bin/exec -c --
-  /usr/bin/justc-envdir -- /var/run/s6/container_environment
-  /bin/exec --
-  $@
-}
-
-$@

builder/overlay-rootfs/usr/bin/with-contenv-legacy

@@ -1,11 +0,0 @@
-#!/bin/execlineb -S0
-importas -D 0 S6_KEEP_ENV S6_KEEP_ENV
-ifelse { s6-test ${S6_KEEP_ENV} -eq 0 }
-{
-  /bin/exec -c --
-  /bin/s6-envdir -fn -- /var/run/s6/container_environment
-  /bin/exec --
-  $@
-}
-
-$@

conf/defaults.mk

@@ -0,0 +1,28 @@
+# This file normally shouldn't be changed; the values can be
+# overridden by invoking make with arguments.
+# e.g.: make SHEBANGDIR=/usr/bin VERSION=3.0.0.1
+
+# The version of the software being built.
+VERSION := 3.0.0.0
+
+# Where stuff is going to be built. Change for out-of-tree builds.
+OUTPUT := output
+
+# Where to find the execlineb binary.
+# Change if building for a distro that provides its own skaware packages.
+SHEBANGDIR := /command
+
+# This is the target triplet for the toolchain.
+ARCH := x86_64-linux-musl
+
+# The path to the base toolchain.
+# Leave empty to fetch one from the web.
+TOOLCHAIN_PATH :=
+
+# When fetching one from the web, what version we want.
+# Only a few versions are available, don't change blindly.
+TOOLCHAIN_VERSION := 11.2.0
+
+# For fetching toolchains: the download command.
+# Change to curl -O if you don't have wget.
+DL_CMD := wget

conf/toolchains

@@ -0,0 +1,6 @@
+aarch64-linux-musl	pi4
+arm-linux-musleabi	genericv7a
+arm-linux-musleabihf	pi1
+i486-linux-musl		i486
+i686-linux-musl		i686
+x86_64-linux-musl	pc

conf/versions

@@ -0,0 +1,37 @@
+# This file should be readable from a Makefile *and* from a shell.
+
+# These version numbers are either git commit hashes or git tags.
+# Try to keep to the latest commits.
+
+BEARSSL_VERSION=79b1a9996c094ff593ae50bc4edc1f349f39dd6d
+# BEARSSL_VERSION=v0.6
+
+SKALIBS_VERSION=8bae2850e47c3a70dbc43d1e26a8e636b8a8d8ee
+# SKALIBS_VERSION=v2.11.1.0
+
+EXECLINE_VERSION=dcb9e554771a2cd1cebca6524ce729bd49fabc32
+# EXECLINE_VERSION=v2.8.1.0
+
+S6_VERSION=a167b8f88321e986bfe32afcc777fc9bb05f42fe
+# S6_VERSION=v2.11.0.1
+
+S6_RC_VERSION=58f93f6c710cc88acfa721a45efc1f64dfc557df
+# S6_RC_VERSION=v0.5.3.0
+
+S6_LINUX_INIT_VERSION=ebb967de7d94492a0473929a3ca0e441c3fac1b9
+# S6_LINUX_INIT_VERSION=v1.0.7.0
+
+S6_PORTABLE_UTILS_VERSION=ef4838c7d0007b3c43da5d10649bcf1b0b3557a7
+# S6_PORTABLE_UTILS_VERSION=v2.2.3.4
+
+S6_LINUX_UTILS_VERSION=d983a8fe0a8efce4fbbf5fc53fc64e796b794fcb
+# S6_LINUX_UTILS_VERSION=v2.5.1.7
+
+S6_DNS_VERSION=132f199d2e5561b5f9337201c2d991b513894c60
+# S6_DNS_VERSION=v2.3.5.3
+
+S6_NETWORKING_VERSION=e4a928d539281bb85305d4b23aef6c270f63f9fa
+# S6_NETWORKING_VERSION=v2.5.1.0
+
+S6_OVERLAY_HELPERS_VERSION=ec564e0f2eee88f31a4911a1754f41d9a61e584b
+# S6_OVERLAY_HELPERS_VERSION=v0.0.1.0

doc/howto.txt

@@ -0,0 +1,54 @@
+
+ How to build this version of s6-overlay:
+
+ - look at the variables in conf/defaults.mk. Do not
+modify defaults.mk itself, but those variables are the ones
+you can pass to make for configuration.
+
+ - look at the first column of conf/toolchains. These are
+the valid values for ARCH. More may be added later. The
+second column is an opaque tag for the downloaded toolchain
+giving the flavour of the arch. For instance, the
+aarch64-linux-musl toolchain is called "pi4" and will build
+binaries for a Raspberry Pi 4.
+
+ - invoke make with the OUTPUT, ARCH, DL_CMD etc. that you want.
+Do not hesitate to -j8 if you have a big machine. Or to -j128
+if you have a REALLY big machine.
+
+ - When it's done, there's a lot of stuff in the output directory. 
+The ultimate targets are:
+
+   * s6-overlay-${ARCH}-${VERSION}.tar.xz: the tarball containing
+all the skaware binaries for ${ARCH}, all nice and static. It
+should be used by everyone who does not use a distro that provides
+the same binaries.
+
+   * s6-overlay-symlinks-arch-${VERSION}.tar.xz: the tarball
+containing /usr/bin symlinks to those binaries. It should normally
+not be used. It MUST NOT be used by distros providing binaries in
+/usr/bin. The only people who want this are the ones who want to
+manually call skaware binaries without putting /command in their PATH.
+The tarball is called "arch" because the symlinks point to the
+programs in the arch-dependent package; but since they're only
+symlinks, this tarball itself is not arch-dependent.
+
+   * s6-overlay-noarch-${VERSION}.tar.xz: this tarball contains
+s6-overlay itself, i.e. the set of scripts and files that allow a
+container to run under s6. Everyone who wants to run s6-overlay
+must install this.
+
+   * s6-overlay-symlinks-noarch-${VERSION}.tar.xz: this tarball
+contains /usr/bin symlinks to the few scripts provided by s6-overlay.
+The overlay itself will run without it, but if users have stuff
+like "/usr/bin/printcontenv" hardcoded in their scripts, these
+symlinks will help them. Distros that provide skaware binaries
+themselves (and do not use slashpackage) will almost certainly
+want to install this.
+
+  * syslogd-overlay-noarch-${VERSION}.tar.xz: this tarball
+contains scripts to run a syslogd emulation at container boot
+time. It basically replaces socklog-overlay. (The socklog binary
+itself isn't needed anymore since s6 provides a similar utility.)
+Users who install this will have a syslogd service in their
+container, logging to subdirs of /var/log/syslogd.

doc/init.txt

@@ -0,0 +1,78 @@
+
+ How the init works:
+
+ - The entry point is /init.
+
+ - /init sets PATH according to the user-configurable
+/etc/s6-overlay/config/global_path but makes sure it can still access the
+required binaries no matter where they are.
+ - /init runs /package/admin/s6-overlay/libexec/preinit as root, even if
+the container is running with the USER directive.
+   * preinit ensures that /run exists and is writable and executable, and
+that /var/run is a symlink to it.
+   * preinit deletes and recreates /run/s6 and sets it to the real uid/gid
+of the process running the container.
+ - /init execs into /package/admin/s6-overlay/libexec/stage0
+
+ - stage0 invokes s6-linux-init-maker to create the stage 1 infrastructure
+depending on the S6_* environment variables given to the container.
+s6-l-i-m is normally intended to be run offline, but since we need a lot of
+runtime configurability, we run it online here; it works.
+ - stage0 execs into the "init" script created by s6-l-i-m, which is the
+real stage1 init that normal machines boot on. It's in /run/s6/basedir/bin/init
+(it had to be created at run-time by stage0, which is why it's under /run)
+but it's just an execution of the s6-linux-init binary with some options.
+
+ - stage1 sets up the supervision tree on /run/service, with (depending on
+the value of $S6_LOGGING) a catch-all logger logging to /run/uncaught-logs.
+   * There are two early services: the catch-all logger (if required), and
+a service named s6-linux-init-shutdownd, which you can ignore - it's only
+active when the container is going to shut down.
+ - stage1 execs into s6-svscan, which will remain pid 1 for the rest of
+the container's lifetime.
+ - When the supervision tree is operational, stage2 runs; this is the
+/run/s6/basedir/scripts/rc.init script, whose source you can read in
+/package/admin/s6-overlay/etc/s6-linux-init/skel/rc.init
+
+ - stage2 reads two s6-rc source directories: the system one in
+/package/admin/s6-overlay/etc/s6-rc/sources, and a user-provided one
+in /etc/s6-overlay/s6-rc.d which must provide a bundle named "user"
+(which can be empty). It compiles these source directories into a
+compiled s6-rc database in /run/s6/db. s6-rc-compile is normally intended
+to be run offline, but just like with s6-l-i-m, we don't care and we
+run it online here because we're going for flexibility and simplicity
+for users over a bootability guarantee and optimization of speed.
+ - stage2 runs the s6-rc engine on that compiled database. This brings
+up several services, in that order: (note that S6_RUNTIME_PROFILE is
+supported for legacy stuff)
+   * fix-attrs: reads the files in /etc/fix-attrs.d and fixes permissions
+accordingly. This is deprecated; please fix your file permissions from
+outside the container instead (or in your Dockerfile).
+   * legacy-cont-init: runs all the scripts in /etc/cont-init.d
+   * user: all the services defined in the user bundle, their source
+is in /etc/s6-overlay/s6-rc.d - that's where users should migrate
+their services in order to benefit from parallelism and dependency
+management. By default that user bundle is empty, unless the user has
+installed the syslogd-overlay tarball, in which case it contains the
+services that implement syslogd.
+   * legacy-services: all the service directories in /etc/services.d
+are copied to /run/s6/legacy-services and linked to the scandir in
+/run/service, then s6-svscan is notified. Note that all of this happens
+*after* the user bundle has completed: legacy services are the last
+ones started.
+ - That's it, the container is fully operational.
+
+ - If there is no CMD, stage2 exits, having started all its services,
+and the container will keep running until something or someone instructs
+it to exit.
+ - If there is a CMD, instead of exiting, stage2 spawns it, and waits
+for it to finish. Then it stops the container and returns the exit
+code of the CMD to the host.
+
+ To make the container stop with a given exitcode, run:
+ echo $exitcode > /run/s6-linux-init-container-results/exitcode && /run/s6/basedir/bin/halt
+
+ Signals to s6-svscan (typically triggered by an outside "docker stop" command),
+s6-svscanctl commands, or manually running /run/s6/basedir/bin/poweroff or
+/run/s6/basedir/bin/shutdown should work as well, but then you do not have
+control on the exit code.

doc/requirements.txt

@@ -0,0 +1,18 @@
+In order to build s6-overlay, you need:
+
+ Hardware:
+ - an x86_64 machine (we don't support crossing from other arches yet)
+ - more or less 350 MB of disk per arch
+   * ~ 250 MB for the toolchain
+   * up to 100 MB for all the build artifacts
+   * don't worry, the end results are super small
+ - a functional network connection to d/l via https and git
+
+ Software:
+ - regular POSIX utilities (grep, find, xargs)
+ - a "cp" that supports -a (GNU coreutils or busybox)
+ - a sed that supports -i (GNU sed or busybox)
+ - GNU make >= 3.81
+ - GNU tar with support for .xz archives. We need the --owner options from GNU.
+ - git
+ - wget or curl or similar fetching command line utility

layout/rootfs-overlay/command/logutil-newfifo

@@ -0,0 +1 @@
+../package/admin/s6-overlay/command/logutil-newfifo

layout/rootfs-overlay/command/logutil-service

@@ -0,0 +1 @@
+../package/admin/s6-overlay/command/logutil-service

layout/rootfs-overlay/command/printcontenv

@@ -0,0 +1 @@
+../package/admin/s6-overlay/command/printcontenv

layout/rootfs-overlay/command/with-contenv

@@ -0,0 +1 @@
+../package/admin/s6-overlay/command/with-contenv

layout/rootfs-overlay/command/with-retries

@@ -0,0 +1 @@
+../package/admin/s6-overlay/command/with-retries

layout/rootfs-overlay/etc/s6-overlay/config/global_path

@@ -0,0 +1 @@
+/command:/usr/bin:/bin

layout/rootfs-overlay/etc/s6-overlay/s6-rc.d/user/type

@@ -0,0 +1 @@
+bundle

layout/rootfs-overlay/init

@@ -0,0 +1,40 @@
+#!/bin/sh -e
+
+# This is the first program launched at container start.
+# We don't know where our binaries are and we cannot guarantee
+# that the default PATH can access them.
+# So this script needs to be entirely self-contained until it has
+# at least /command, /usr/bin and /bin in its PATH.
+
+addpath () {
+  x="$1"
+  IFS=:
+  set -- $PATH
+  IFS=
+  while test "$#" -gt 0 ; do
+    if test "$1" = "$x" ; then
+      PATH="${x}:$PATH"
+    fi
+    shift
+  done
+}
+
+if ! read PATH < /etc/s6-overlay/config/global_path ; then
+  PATH=
+fi
+
+addpath /bin
+addpath /usr/bin
+addpath /command
+export PATH
+
+# Now we're good: s6-overlay-suexec is accessible via PATH, as are
+# all our binaries.
+# Run preinit as root, then run stage0 as the container's user (can be
+# root, can be a normal user).
+
+exec s6-overlay-suexec \
+  ' /package/admin/s6-overlay-@VERSION@/libexec/preinit' \
+  '' \
+  /package/admin/s6-overlay-@VERSION@/libexec/stage0 \
+  "$@"

builder/overlay-rootfs/usr/bin/logutil-newfifo → layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/command/logutil-newfifo

@@ -1,15 +1,21 @@
-#!/bin/execlineb
+#!@SHEBANGDIR@/execlineb
 
 elgetopt "m:o:"
 multisubstitute
 {
   importas -u -D "0600" fmode ELGETOPT_m
   importas -u -D "root" owner ELGETOPT_o
+  elgetpositionals -P0
 }
-elgetpositionals -P0
 emptyenv -P
 if { s6-test ${#} -ge 1 }
-if { s6-svwait -t 5000 -U /var/run/s6/services/s6-fdholderd }
+
+if
+{
+  fdmove -c 1 2
+  s6-echo "logutil-newfifo: warning: this binary is deprecated, use s6-mkfifo and s6-chown instead"
+}
+
 if { s6-rmrf ${1} }
 if { s6-mkfifo -m ${fmode} -- ${1} }
 if
@@ -17,10 +23,3 @@ if
   s6-envuidgid -- ${owner}
   s6-chown -U -- ${1}
 }
-if
-{
-  backtick -n name { s6-uniquename ${1} }
-  importas -u name name
-  redirfd -rnb 0 ${1}
-  s6-fdholder-store /var/run/s6/fdholderd-socket ${name}
-}

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/command/logutil-service

@@ -0,0 +1,16 @@
+#!@SHEBANGDIR@/execlineb
+
+elgetopt "f:"
+multisubstitute
+{
+  importas -u -D "" fifo ELGETOPT_f
+  elgetpositionals -P0
+}
+emptyenv -P
+if { s6-test ${#} -ge 1 }
+ifelse { s6-test -n ${fifo} }
+{
+  redirfd -rnb 0 ${fifo}
+  /package/admin/s6-overlay-@VERSION@/libexec/logutil-service-main ${1}
+}
+/package/admin/s6-overlay-@VERSION@/libexec/logutil-service-main ${1}

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/command/printcontenv

@@ -0,0 +1,13 @@
+#!/bin/sh -e
+
+if test "$#" -eq 0 ; then
+  echo 'printcontenv: fatal: too few arguments' 1>&2
+  exit 100
+fi
+
+if test "0$S6_KEEP_ENV" -ne 0 ; then
+  eval s6-echo -- \$$1
+else
+  exec 2>/dev/null
+  exec s6-cat < "/run/s6/container_environment/$1"
+fi

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/command/with-contenv

@@ -0,0 +1,15 @@
+#!@SHEBANGDIR@/execlineb -S0
+
+ifelse
+{
+  importas -D 0 S6_KEEP_ENV S6_KEEP_ENV
+  s6-test 0${S6_KEEP_ENV} -eq 0
+}
+{
+  emptyenv -p
+  justc-envdir -- /run/s6/container_environment
+  exec
+  $@
+}
+
+$@

builder/overlay-rootfs/usr/bin/with-retries → layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/command/with-retries

@@ -1,4 +1,4 @@
-#!/bin/execlineb
+#!@SHEBANGDIR@/execlineb
 
 #
 # with-retries -n numretries -t millisecs prog...
@@ -9,16 +9,16 @@ multisubstitute
 {
   importas -u -D 3 nretries ELGETOPT_n
   importas -u -D 500 timeout ELGETOPT_t
+  elgetpositionals -P0
 }
-elgetpositionals -P0
 emptyenv -P
 forbacktickx -x 0,1 -d"\n" i { s6-seq 0 ${nretries} }
-importas -u i i
-if { s6-test ${i} -ne ${nretries} }
-foreground
-{
-  s6-maximumtime -t ${timeout}
-  $@
-}
-importas -u ? ?
-if -x 99 { s6-test ${?} -eq 0 }
+  importas -u i i
+  if { s6-test ${i} -ne ${nretries} }
+  foreground
+  {
+    s6-maximumtime -t ${timeout}
+    $@
+  }
+  importas -u ? ?
+  if -x 99 { s6-test ${?} -eq 0 }

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-linux-init/skel/rc.init

@@ -0,0 +1,39 @@
+#!/bin/sh -e
+
+top="$1" ; shift
+
+if profile=`printcontenv S6_RUNTIME_PROFILE` ; then
+  etc="/etc/cont-profile.d/$profile"
+else
+  etc=/etc
+fi
+
+s6-rc-compile -v1 /run/s6/db "$etc/s6-overlay/s6-rc.d" /package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources
+s6-rc-init -c /run/s6/db /run/service
+
+if timeout=`printcontenv S6_CMD_WAIT_FOR_SERVICES_MAXTIME` ; then : ; else
+  timeout=5000
+fi
+
+set +e
+s6-rc -v2 -u -t "$timeout" -- change "$top"
+r=$?
+set -e
+
+if test "$r" -ne 0 && b=`printcontenv S6_BEHAVIOUR_IF_STAGE2_FAILS` ; then
+  if test "$b" -eq 2 ; then
+    echo 1 > /run/s6-linux-init-container-results/exitcode
+    exec /run/s6/basedir/bin/halt
+  elif test "$b" -eq 1 ; then
+    echo '/run/s6/basedir/scripts/rc.init: warning: s6-rc failed to properly bring all the services up! Check your logs (in /run/uncaught-logs if you have in-container logging) for more information.' 1>&2
+  fi
+fi
+
+if test -n "$1" ; then
+  set +e
+  arg0=`printcontenv S6_CMD_ARG0`
+  $arg0 "$@"
+  echo "$?" > /run/s6-linux-init-container-results/exitcode
+  set -e
+  exec /run/s6/basedir/bin/halt
+fi

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-linux-init/skel/rc.shutdown

@@ -0,0 +1,3 @@
+#!@SHEBANGDIR@/execlineb -P
+
+s6-rc -v2 -bda change

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-linux-init/skel/rc.shutdown.final

@@ -0,0 +1 @@
+#!@SHEBANGDIR@/execlineb -P

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/cont-finish

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+if profile=`printcontenv S6_RUNTIME_PROFILE` ; then
+  etc="/etc/cont-profile.d/$profile"
+else
+  etc=/etc
+fi
+
+if ! kimeout=`printcontenv S6_KILL_FINISH_MAXTIME` ; then
+  kimeout=0
+fi
+
+for file in `s6-ls "$etc/cont-finish.d" 2>/dev/null | s6-sort` ; do
+  echo "[s6-overlay] cont-finish: running $etc/cont-finish.d/$file"
+  s6-maximumtime -k "$kimeout" "$etc/cont-finish.d/$file"
+done
+
+exit 0

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/cont-init

@@ -0,0 +1,25 @@
+#!/bin/sh -e
+
+r=0
+
+if profile=`printcontenv S6_RUNTIME_PROFILE` ; then
+  etc="/etc/cont-profile.d/$profile"
+else
+  etc=/etc
+fi
+
+for file in `s6-ls "$etc/cont-init.d" 2>/dev/null | s6-sort` ; do
+  echo "[s6-overlay] cont-init: running $etc/cont-init.d/$file"
+  set +e
+  "$etc/cont-init.d/$file"
+  b="$?"
+  set -e
+  echo "[s6-overlay] cont-init: $etc/cont-init.d/$file exited $b"
+  if test "$b" -ne 0 ; then
+    r=1
+  fi
+done
+
+if test "$r" -ne 0 && b=`printcontenv S6_BEHAVIOUR_IF_STAGE2_FAILS` && test "0$b" -eq 2 ; then
+  exit 1
+fi

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/fix-attrs

@@ -0,0 +1,29 @@
+#!/bin/sh -e
+
+got=0
+err=0
+
+if profile=`printcontenv S6_RUNTIME_PROFILE` ; then
+  etc="/etc/cont-profile.d/$profile"
+else
+  etc=/etc
+fi
+
+apply () {
+  echo "[s6-overlay] fix-attrs: applying $1"
+  got=1
+  if ! /package/admin/s6-overlay-@VERSION@/libexec/fix-attrs < "$1" ; then
+    err=1
+  fi
+}
+
+for file in `s6-ls "$etc/fix-attrs.d" 2>/dev/null | s6-sort` ; do
+  apply "$etc/fix-attrs.d/$file"
+done
+
+if test "$got" -ne 0 ; then
+  echo '[s6-overlay] fix-attrs: warning: fix-attrs is deprecated, please fix volume permissions in Dockerfile instead' 1>&2
+fi
+if test "$err" -ne 0 && b=`printcontenv S6_BEHAVIOUR_IF_STAGE2_FAILS` && test "$b" -eq 2 ; then
+  exit 1
+fi

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/services-down

@@ -0,0 +1,27 @@
+#!/bin/sh
+
+dir=/run/s6/legacy-services
+list=
+links=
+
+echo '[s6-overlay] legacy-services: bringing all services down...'
+
+for i in `s6-ls "$dir"` ; do
+  links="$links /run/service/$i"
+  list="$list $dir/$i"
+  if test -d "$dir/$i/log" ; then
+    list="$list $dir/$i/log"
+  fi
+done
+
+if test -n "$list" ; then
+  s6-rmrf "$links"
+  s6-svscanctl -an /run/service
+  if ! grace=`printcontenv S6_SERVICES_GRACETIME` ; then
+    grace=3000
+  fi
+  s6-svwait -D -t "$grace" -- $list
+fi
+
+s6-echo '[s6-overlay] legacy-services:   ... done'
+exit 0

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/services-up

@@ -0,0 +1,56 @@
+#!/bin/sh -e
+
+if profile=`printcontenv S6_RUNTIME_PROFILE` ; then
+  etc="/etc/cont-profile.d/$profile"
+else
+  etc=/etc
+fi
+
+dir=/run/s6/legacy-services
+echo "[s6-overlay] legacy-services: copying and starting services in $etc/services.d"
+
+s6-rmrf "$dir"
+s6-mkdir -p -m 0755 "$dir"
+list=
+notifno=
+notifyes=
+for i in `s6-ls "$etc/services.d" 2>/dev/null | s6-sort` ; do
+  if test -d "$etc/services.d/$i" ; then
+    list="$list $i"
+    if test -r "$dir/$i/notification-fd" ; then
+      notifyes="$notifyes $dir/$i"
+    else
+      notifno="$notifno $dir/$i"
+    fi
+    s6-hiercopy "$etc/services.d/$i" "$dir/$i"
+  fi
+done
+
+for file in $list ; do
+  s6-ln -nsf "$dir/$file" "/run/service/$file"
+done
+
+s6-svscanctl -a /run/service
+
+if test 0`printcontenv S6_CMD_WAIT_FOR_SERVICES` -ne 0 ; then
+  if ! maxtime=`printcontenv S6_CMD_WAIT_FOR_SERVICES_MAXTIME` ; then
+    maxtime=0
+  fi
+  echo "[s6-overlay] legacy-services: waiting for services to get ready..."
+
+  # Increase if necessary. Unavoidable race condition, use s6-rc instead!
+  s6-sleep -m 5
+
+  r=0
+  if test -n "$notifno" && ! s6-svwait -u -t "$maxtime" -- $notifno ; then
+    r=1
+  fi
+  if test -n "$notifyes" && ! s6-svwait -U -t "$maxtime" -- $notifyes ; then
+    r=1
+  fi
+  if test "$r" -ne 0 && b=`printcontenv S6_BEHAVIOUR_IF_STAGE2_FAILS` && test "$b" -eq 2 ; then
+    echo "[s6-overlay] legacy-services:   ... failed"
+    exit 1
+  fi
+  echo "[s6-overlay] legacy-services:   ... done"
+fi

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/base/type

@@ -0,0 +1 @@
+bundle

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/fix-attrs/type

@@ -0,0 +1 @@
+oneshot

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/fix-attrs/up

@@ -0,0 +1 @@
+/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/fix-attrs

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/legacy-cont-init/down

@@ -0,0 +1 @@
+/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/cont-finish

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/legacy-cont-init/type

@@ -0,0 +1 @@
+oneshot

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/legacy-cont-init/up

@@ -0,0 +1 @@
+/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/cont-init

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/legacy-services/down

@@ -0,0 +1 @@
+/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/services-down

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/legacy-services/type

@@ -0,0 +1 @@
+oneshot

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/legacy-services/up

@@ -0,0 +1 @@
+/package/admin/s6-overlay-@VERSION@/etc/s6-rc/scripts/services-up

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/etc/s6-rc/sources/top/type

@@ -0,0 +1 @@
+bundle

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/libexec/fix-attrs

@@ -0,0 +1,44 @@
+#!/bin/sh -e
+
+if test "0`printcontenv S6_FIX_ATTRS_HIDDEN`" -ne 0 ; then
+  lsopt='-a'
+else
+  lsopt=''
+fi
+
+applyrec () {
+  s6-chown -u "$3" -g "$4" -- "$1"
+  if test -d "$1" ; then
+    s6-chmod "$6" "$1"
+    if test "$2" = true ; then
+      for subfile in `s6-ls $lsopt "$1" ; do
+        applyrec "$subfile" "$2" "$3" "$4" "$5" "$6"
+      done
+    fi
+  else
+    s6-chmod "$5" "$1"
+  fi
+}
+
+while read globex recurse userentry fmode dmode ; do
+  if test -n "$globex" && test "$globex" != "#" ; then
+    account="${userentry%%,*}"
+    if test "$account" != "$userentry" ; then
+      default="-D${userentry#*,}"
+    else
+      default='-i'
+    fi
+    if test "${account%%:*}" != "$account" ; then
+      opts='-nB'
+    else
+      opts=""
+    fi
+    uidgid=`s6-envuidgid "$default" $opts -- "$account" multisubstitute importas UID UID importas GID GID '' s6-echo -- '${UID}:${GID}'`
+    uid=${uidgid%%:*}
+    gid=${uidgid#*:}
+
+    for file in $globex ; do
+      applyrec "$file" "$recurse" "$uid" "$gid" "$fmode" "$dmode"
+    done
+  fi
+done

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/libexec/logutil-service-main

@@ -0,0 +1,11 @@
+#!@SHEBANGDIR@/execlineb -S1
+
+backtick -D "n20 s1000000 T" -n S6_LOGGING_SCRIPT
+{
+  printcontenv S6_LOGGING_SCRIPT
+}
+importas -u -sCd" \t" S6_LOGGING_SCRIPT S6_LOGGING_SCRIPT
+s6-envuidgid -D 65534:65534 nobody
+s6-applyuidgid -U
+exec -c
+s6-log -b -- ${S6_LOGGING_SCRIPT} ${1}

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/libexec/preinit

@@ -0,0 +1,43 @@
+#!/bin/sh -e
+
+# This script is spawned by s6-overlay-suexec, as the
+# first thing in the userland boot process.
+# It is run as root even with a USER directive present.
+# If USER, then UID and GID hold the uid and gid of the user
+# (this is used by s6-chown -U).
+
+prog=/package/admin/s6-overlay/libexec/preinit
+
+# Ensure /run is writable and /var/run is a symlink to it.
+
+if test "0$S6_READ_ONLY_ROOT" -ne 0 ; then
+  echo "$prog: info: read-only root" 1>&2
+  if ! test -d /run ; then
+    echo "$prog: fatal: /run is missing or not a directory" 1>&2
+    exit 100
+  fi
+  if : > '/run/test of writability' 2>/dev/null ; then
+    echo "$prog: info: writable /run. Remounting exec just in case." 1>&2
+    s6-rmrf '/run/test of writability'
+    s6-mount -o remount,rw,exec tmpfs /run || :
+  else
+    echo "$prog: info: creating a tmpfs on /run" 1>&2
+    s6-mount -wt tmpfs -o exec,mode=0755 tmpfs /run
+  fi
+else
+  s6-mkdir -p -m 0755 /run
+fi
+
+if test -L /var/run && test "`/command/s6-linkname -f /var/run`" = /run ; then : ; else
+  echo "$prog: notice: /var/run is not a symlink to /run, fixing it" 1>&2
+  s6-rmrf /var/run
+  s6-ln -s /run /var/run
+fi
+
+# /run/s6 is recreated every time and belongs to the USER.
+
+s6-rmrf /run/s6
+s6-mkdir -m 0755 /run/s6
+if test "0$UID" -ne 0 ; then
+  s6-chown -U -- /run/s6
+fi

layout/rootfs-overlay/package/admin/s6-overlay-@VERSION@/libexec/stage0

@@ -0,0 +1,47 @@
+#!/bin/sh -e
+
+# This script is run as pid 1 after preinit has exited.
+# It doesn't need privileges: it will run with or without USER.
+# It invokes s6-linux-init-maker with options depending on run-time
+# control variables, then execs into the init script created by
+# s6-linux-init-maker, which is stage 1.
+
+basedir=/run/s6/basedir
+
+if test "0$S6_KEEP_ENV" -ne 0 ; then
+  dumpopt=''
+else
+  dumpopt='-s /run/s6/container_environment'
+fi
+
+if test "0$S6_LOGGING" -eq 2 ; then
+  logopt=''
+elif test "0$S6_LOGGING" -eq 1 ; then
+  logopt='-1'
+else
+  logopt='-B'
+fi
+
+if test "0$S6_KILL_GRACETIME" -ne 0 ; then
+  graceopt="-q $S6_KILL_GRACETIME"
+else
+  graceopt=''
+fi
+
+if test "0$S6_SYNC_DISKS" -ne 0 ; then
+  syncopt='-S'
+else
+  syncopt=''
+fi
+
+s6-linux-init-maker -D top -c "$basedir" -NCt2 -p "$PATH" -f /package/admin/s6-overlay-@VERSION@/etc/s6-linux-init/skel $dumpopt $logopt $graceopt $syncopt
+
+if test "0$S6_KEEP_ENV" -ne 0 ; then
+  s6-rename "$basedir/env" "$basedir/env.orig"
+  s6-dumpenv "$basedir/env"
+  for file in `s6-ls "$basedir/env.orig"` ; do
+    s6-hiercopy "$basedir/env.orig/$file" "$basedir/env/$file"
+  done
+fi
+
+exec "$basedir/bin/init" "$@"