The reaping test assumes that all the `sleep` processes on the system
are created by us, which is an incorrect assumption, and creates
problems now that we run in a more "complete" system in CI (i.e. not in
a minimal container).
This solves the issue by not assuming that random sleep processes are
related to us: instead, we look at whether these processes are in our
process group.
This also includes a little clean up of the reaping stage 1.
Right now, the packages are hard-coded to report the amd64 architecture.
I'm not sure they'll be used or needed, so for now let's ignore and skip
them.
This adds 1k of weight to the resulting binary, which is reasonable
(it's less than 5% for the smaller non-static binary), but alleviates
legitimate user concern that the license requires being included when
Tini is redistributed.
The GPG signing subkey and passphrase are respectively provided through
a Travis encrypted file and a Travis encrypted environment variable.
Signing is only done if there is a signing key present when the build is
complete (so as to not fail when e.g. building a PR that doesn't have
encrypted files available).
If Tini is built without its own .git directory, but within another
git directory (i.e. the tarball was extracted in a directory
that happens to be a git tree), then we end up with the wrong
git version in `tini -h`.
This actually happens in the Alpine builds (e.g. Tini 0.8.3 in
Alpine has git hash d89e144, which is a Aports commit hash, not
a Tini commit hash:
https://github.com/alpinelinux/aports/commit/d89e144
This patch forces git to use the current git directory, or to not
use one at all (which is fine, since in that case Tini is
presumably being built from a release tarball).
Some platforms (Alpine Linux being one) define _FORTIFY_SOURCE
as a built-in. Redefining it causes a compilation error since we
treat warnings as errors.
Fixes: #22
Tini ignores certain signals, and blocks others, but in both cases
we restore them before executing the child process.
Add tests to ensure that we actually do that!
Since we're ignoring SIGTTOU (for good reason), our log messages
could show in another program's output. To make the life of users
easier, let's clarify that the messages are owned by Tini.
In the rare scenario where Tini is not running as PID 1 and its
child (or something else) sets TOSTOP on the tty, then Tini would
hang when if it tries to write debug messages. This commit fixes
this problem by ignoring SIGTTOU.
In the also rare scenario where two Tini instances are running, the
tty-passing could end up being done improperly (if the parent Tini
instance passes the tty to the child before the grandparent Tini
instance passes it to the parent Tini instance), and result in the
parent Tini instance running in the foreground. This commit fixes
this problem by passing the tty in the child (which we can do
because we are ignoring SIGTTOU).
Thomas Orozco
Jorge Marin
Romain
Danilo Bürger