procd: actually wire-up netns support

package/system/procd/Makefile

@@ -12,9 +12,9 @@ PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git
-PKG_SOURCE_DATE:=2019-05-30
-PKG_SOURCE_VERSION:=ade00ca585a49c8478bf60eb24ce385676be37a4
-PKG_MIRROR_HASH:=1417727ae6fcda01017e1bec3ec66e3e78116f9343cfe0256e40af54c52f2acc
+PKG_SOURCE_DATE:=2020-03-13
+PKG_SOURCE_VERSION:=77a6782d6e4eba2c49e642672de134aff443ef72
+PKG_MIRROR_HASH:=bb7e98a6b6f997a4fa2fb924be248febe5a7633601df2e97e7a7513c57b63870
 CMAKE_INSTALL:=1
 
 PKG_LICENSE:=GPL-2.0
@@ -22,6 +22,7 @@ PKG_LICENSE_FILES:=
 
 PKG_MAINTAINER:=John Crispin <john@phrozen.org>
 
+PKG_ASLR_PIE_REGULAR:=1
 PKG_CONFIG_DEPENDS:= \
 	CONFIG_TARGET_INIT_PATH CONFIG_KERNEL_SECCOMP \
 	CONFIG_PROCD_SHOW_BOOT CONFIG_PROCD_ZRAM_TMPFS \
@@ -43,7 +44,7 @@ TARGET_LDFLAGS += -flto
 define Package/procd
   SECTION:=base
   CATEGORY:=Base system
-  DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox +libubus
+  DEPENDS:=+ubusd +ubus +libjson-script +ubox +USE_GLIBC:librt +libubox +libubus +libblobmsg-json +libjson-c
   TITLE:=OpenWrt system process manager
   USERID:=:dialout=20 :audio=29
 endef
@@ -51,7 +52,7 @@ endef
 define Package/procd-ujail
   SECTION:=base
   CATEGORY:=Base system
-  DEPENDS:=@KERNEL_NAMESPACES +@KERNEL_UTS_NS +@KERNEL_IPC_NS +@KERNEL_PID_NS +libubox +libblobmsg-json
+  DEPENDS:=@KERNEL_NAMESPACES +@KERNEL_UTS_NS +@KERNEL_IPC_NS +@KERNEL_PID_NS +libubox +libubus +libblobmsg-json
   TITLE:=OpenWrt process jail helper
 endef
 

package/system/procd/files/hotplug.json

@@ -37,6 +37,10 @@
 					[ "load-firmware", "/lib/firmware" ],
 					[ "return" ]
 				]
+			],
+			[ "if",
+				[ "regex", "DEVNAME", "^ttyGS" ],
+				[ "start-console", "%DEVNAME%" ]
 			]
 		],
 		"remove" : [

package/system/procd/files/procd.sh

@@ -49,6 +49,14 @@ procd_lock() {
 	local basescript=$(readlink "$initscript")
 	local service_name="$(basename ${basescript:-$initscript})"
 
+	flock -n 1000 &> /dev/null
+	if [ "$?" != "0" ]; then
+		exec 1000>"$IPKG_INSTROOT/var/lock/procd_${service_name}.lock"
+		flock 1000
+		if [ "$?" != "0" ]; then
+			logger "warning: procd flock for $service_name failed"
+		fi
+	fi
 }
 
 _procd_call() {
@@ -186,6 +194,8 @@ _procd_add_jail() {
 		procfs)	json_add_boolean "procfs" "1";;
 		sysfs)	json_add_boolean "sysfs" "1";;
 		ronly)	json_add_boolean "ronly" "1";;
+		requirejail)	json_add_boolean "requirejail" "1";;
+		netns)	json_add_boolean "netns" "1";;
 		esac
 	done
 	json_add_object "mount"
@@ -399,12 +409,12 @@ _procd_add_instance() {
 
 procd_running() {
 	local service="$1"
-	local instance="${2:-instance1}"
-	local running
+	local instance="${2:-*}"
+	[ "$instance" = "*" ] || instance="'$instance'"
 
 	json_init
 	json_add_string name "$service"
-	running=$(_procd_ubus_call list | jsonfilter -e "@.$service.instances.${instance}.running")
+	local running=$(_procd_ubus_call list | jsonfilter -l 1 -e "@['$service'].instances[$instance].running")
 
 	[ "$running" = "true" ]
 }
@@ -435,6 +445,31 @@ _procd_send_signal() {
 	_procd_ubus_call signal
 }
 
+_procd_status() {
+	local service="$1"
+	local instance="$2"
+	local data
+
+	json_init
+	[ -n "$service" ] && json_add_string name "$service"
+
+	data=$(_procd_ubus_call list | jsonfilter -e '@["'"$service"'"]')
+	[ -z "$data" ] && { echo "inactive"; return 3; }
+
+	data=$(echo "$data" | jsonfilter -e '$.instances')
+	if [ -z "$data" ]; then
+		[ -z "$instance" ] && { echo "active with no instances"; return 0; }
+		data="[]"
+	fi
+
+	[ -n "$instance" ] && instance="\"$instance\"" || instance='*'
+	if [ -z "$(echo "$data" | jsonfilter -e '$['"$instance"']')" ]; then
+		echo "unknown instance $instance"; return 4
+	else
+		echo "running"; return 0
+	fi
+}
+
 procd_open_data() {
 	local name="$1"
 	json_set_namespace procd __procd_old_cb