1 /* $NetBSD: init.c,v 1.105 2012/11/09 06:27:17 msaitoh Exp $ */
4 * Copyright (c) 1991, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * Donn Seeley at Berkeley Software Design, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include <sys/cdefs.h>
37 __COPYRIGHT("@(#) Copyright (c) 1991, 1993\
38 The Regents of the University of California. All rights reserved.");
43 static char sccsid
[] = "@(#)init.c 8.2 (Berkeley) 4/28/95";
45 __RCSID("$NetBSD: init.c,v 1.105 2012/11/09 06:27:17 msaitoh Exp $");
49 #include <sys/param.h>
50 #include <sys/sysctl.h>
54 #include <sys/mount.h>
55 #include <machine/cpu.h>
84 #include "pathnames.h"
87 #define STR(x) XSTR(x)
90 * Sleep times; used to prevent thrashing.
92 #define GETTY_SPACING 5 /* N secs minimum getty spacing */
93 #define GETTY_SLEEP 30 /* sleep N secs after spacing problem */
94 #define WINDOW_WAIT 3 /* wait N secs after starting window */
95 #define STALL_TIMEOUT 30 /* wait N secs after warning */
96 #define DEATH_WATCH 10 /* wait N secs for procs to die */
98 static const struct timespec dtrtime
= {.tv_sec
= 0, .tv_nsec
= 250000};
100 #if defined(RESCUEDIR)
101 #define INIT_BSHELL RESCUEDIR "/sh"
102 #define INIT_MOUNT_MFS RESCUEDIR "/mount_mfs"
103 #define INIT_PATH RESCUEDIR ":" _PATH_STDPATH
105 #define INIT_BSHELL _PATH_BSHELL
106 #define INIT_MOUNT_MFS "/sbin/mount_mfs"
107 #define INIT_PATH _PATH_STDPATH
110 static void handle(sig_t
, ...);
111 static void delset(sigset_t
*, ...);
113 static void stall(const char *, ...) __printflike(1, 2);
114 static void warning(const char *, ...) __printflike(1, 2);
115 static void emergency(const char *, ...) __printflike(1, 2);
116 __dead
static void disaster(int);
119 static void minixreboot(int);
120 static void minixpowerdown(int);
122 static void badsys(int);
123 #endif /* defined(__minix) */
126 * We really need a recursive typedef...
127 * The following at least guarantees that the return type of (*state_t)()
128 * is sufficiently wide to hold a function pointer.
130 typedef long (*state_func_t
)(void);
131 typedef state_func_t (*state_t
)(void);
134 #define SINGLE_USER 's'
136 #define READ_TTYS 't'
137 #define MULTI_USER 'm'
138 #define CLEAN_TTYS 'T'
139 #define CATATONIA 'c'
141 static state_func_t
single_user(void);
142 #ifndef LETS_GET_SMALL
143 static state_func_t
runcom(void);
144 static state_func_t
read_ttys(void);
145 static state_func_t
multi_user(void);
146 static state_func_t
clean_ttys(void);
147 static state_func_t
catatonia(void);
148 static state_func_t
death(void);
151 static enum { AUTOBOOT
, FASTBOOT
} runcom_mode
= AUTOBOOT
;
153 static void transition(state_t
);
154 static void setctty(const char *);
156 typedef struct init_session
{
157 int se_index
; /* index of entry in ttys file */
158 pid_t se_process
; /* controlling process */
159 struct timeval se_started
; /* used to avoid thrashing */
160 int se_flags
; /* status of session */
161 #define SE_SHUTDOWN 0x1 /* session won't be restarted */
162 #define SE_PRESENT 0x2 /* session is in /etc/ttys */
163 char *se_device
; /* filename of port */
164 char *se_getty
; /* what to run on that port */
165 char **se_getty_argv
; /* pre-parsed argument array */
166 char *se_window
; /* window system (started only once) */
167 char **se_window_argv
; /* pre-parsed argument array */
168 struct init_session
*se_prev
;
169 struct init_session
*se_next
;
172 static void collect_child(pid_t
, int);
174 static void transition_handler(int);
175 static void alrm_handler(int);
176 static int has_securelevel(void);
177 static int securelevel_present
;
179 #ifndef LETS_GET_SMALL
180 static int do_setttyent(void);
181 static void start_window_system(session_t
*);
182 static char **construct_argv(char *);
183 static int setupargv(session_t
*, struct ttyent
*);
184 static pid_t
start_getty(session_t
*);
185 static void free_session(session_t
*);
186 static session_t
*new_session(session_t
*, int, struct ttyent
*);
187 static session_t
*sessions
;
188 static void setsecuritylevel(int);
189 static int getsecuritylevel(void);
190 static int start_session_db(void);
191 static void add_session(session_t
*);
192 static void del_session(session_t
*);
193 static session_t
*find_session(pid_t
);
194 static DB
*session_db
;
195 static state_t requested_transition
= runcom
;
197 static void clear_session_logs(session_t
*, int);
198 static state_func_t
runetcrc(int);
200 static struct timeval boot_time
;
201 static state_t current_state
= death
;
202 static void session_utmpx(const session_t
*, int);
203 static void make_utmpx(const char *, const char *, int, pid_t
,
204 const struct timeval
*, int);
205 static char get_runlevel(const state_t
);
206 static void utmpx_set_runlevel(char, char);
210 static int did_multiuser_chroot
= 0;
211 static char rootdir
[PATH_MAX
];
212 static int shouldchroot(void);
213 static int createsysctlnode(void);
216 #else /* LETS_GET_SMALL */
217 static state_t requested_transition
= single_user
;
218 #endif /* !LETS_GET_SMALL */
220 #ifdef MFS_DEV_IF_NO_CONSOLE
222 static int mfs_dev(void);
227 * The mother of all processes.
230 main(int argc
, char **argv
)
234 #ifndef LETS_GET_SMALL
238 (void)gettimeofday(&boot_time
, NULL
);
239 #endif /* SUPPORT_UTMPX */
241 /* Dispose of random users. */
247 /* System V users like to reexec init. */
249 errx(1, "already running");
253 * Create an initial session.
256 warn("initial setsid() failed");
259 * Establish an initial user so that programs running
260 * single user do not freak out and die (like passwd).
262 #if !defined(__minix)
263 if (setlogin("root") < 0)
264 warn("setlogin() failed");
265 #endif /* !defined(__minix) */
268 #ifdef MFS_DEV_IF_NO_CONSOLE
270 requested_transition
= single_user
;
273 #ifndef LETS_GET_SMALL
275 * Note that this does NOT open a file...
276 * Does 'init' deserve its own facility number?
278 openlog("init", LOG_CONS
, LOG_AUTH
);
279 #endif /* LETS_GET_SMALL */
282 #ifndef LETS_GET_SMALL
284 * This code assumes that we always get arguments through flags,
285 * never through bits set in some random machine register.
287 while ((c
= getopt(argc
, argv
, "sf")) != -1)
290 requested_transition
= single_user
;
293 runcom_mode
= FASTBOOT
;
296 warning("unrecognized flag `%c'", c
);
301 warning("ignoring excess arguments");
302 #else /* LETS_GET_SMALL */
303 requested_transition
= single_user
;
304 #endif /* LETS_GET_SMALL */
307 * We catch or block signals rather than ignore them,
308 * so that they get reset on exec.
310 #if !defined(__minix)
311 handle(badsys
, SIGSYS
, 0);
312 handle(disaster
, SIGABRT
, SIGFPE
, SIGILL
, SIGSEGV
,
313 SIGBUS
, SIGXCPU
, SIGXFSZ
, 0);
315 handle(minixreboot
, SIGABRT
, 0);
316 handle(minixpowerdown
, SIGUSR1
, 0);
317 handle(disaster
, SIGFPE
, SIGILL
, SIGSEGV
, SIGBUS
, 0);
318 #endif /* !defined(__minix) */
319 handle(transition_handler
, SIGHUP
, SIGTERM
, SIGTSTP
, 0);
320 handle(alrm_handler
, SIGALRM
, 0);
321 (void)sigfillset(&mask
);
322 #if !defined(__minix)
323 delset(&mask
, SIGABRT
, SIGFPE
, SIGILL
, SIGSEGV
, SIGBUS
, SIGSYS
,
324 SIGXCPU
, SIGXFSZ
, SIGHUP
, SIGTERM
, SIGTSTP
, SIGALRM
, 0);
326 delset(&mask
, SIGABRT
, SIGFPE
, SIGILL
, SIGSEGV
, SIGBUS
,
327 SIGHUP
, SIGTERM
, SIGTSTP
, SIGALRM
, 0);
328 #endif /* !defined(__minix) */
329 (void)sigprocmask(SIG_SETMASK
, &mask
, NULL
);
330 (void)sigemptyset(&sa
.sa_mask
);
332 sa
.sa_handler
= SIG_IGN
;
333 (void)sigaction(SIGTTIN
, &sa
, NULL
);
334 (void)sigaction(SIGTTOU
, &sa
, NULL
);
343 #if !defined(LETS_GET_SMALL) && defined(CHROOT)
344 /* Create "init.root" sysctl node. */
345 (void)createsysctlnode();
346 #endif /* !LETS_GET_SMALL && CHROOT*/
349 * Securelevel might not be supported by the kernel. Query for it, and
350 * set a variable indicating whether we should attempt anything with it
353 securelevel_present
= has_securelevel();
356 * Start the state machine.
358 transition(requested_transition
);
361 * Should never reach here.
367 * Associate a function with a signal handler.
370 handle(sig_t handler
, ...)
374 sigset_t mask_everything
;
377 va_start(ap
, handler
);
379 sa
.sa_handler
= handler
;
380 (void)sigfillset(&mask_everything
);
382 while ((sig
= va_arg(ap
, int)) != 0) {
383 sa
.sa_mask
= mask_everything
;
384 /* XXX SA_RESTART? */
385 sa
.sa_flags
= sig
== SIGCHLD
? SA_NOCLDSTOP
: 0;
386 (void)sigaction(sig
, &sa
, NULL
);
392 * Delete a set of signals from a mask.
395 delset(sigset_t
*maskp
, ...)
402 while ((sig
= va_arg(ap
, int)) != 0)
403 (void)sigdelset(maskp
, sig
);
407 #if 0 /* Enable to get error messages from init ! */
408 #define vsyslog(level, fmt, ap) print_console(level, fmt, ap)
412 print_console(int level
, const char *message
, va_list ap
)
415 * XXX: syslog seems to just plain not work in console-only
416 * XXX: situation... that should be fixed. Let's leave this
417 * XXX: note + code here in case someone gets in trouble and
418 * XXX: wants to debug. -- Jachym Holecek <freza@liberouter.org>
423 /* We can't do anything on errors, anyway... */
424 fd
= open(_PATH_CONSOLE
, O_WRONLY
);
428 /* %m will get lost... */
429 len
= vsnprintf(errbuf
, sizeof(errbuf
), message
, ap
);
430 (void)write(fd
, (void *)errbuf
, len
);
436 * Log a message and sleep for a while (to give someone an opportunity
437 * to read it and to save log or hardcopy output if the problem is chronic).
438 * NB: should send a message to the session logger to avoid blocking.
441 stall(const char *message
, ...)
445 va_start(ap
, message
);
446 vsyslog(LOG_ALERT
, message
, ap
);
449 (void)sleep(STALL_TIMEOUT
);
453 * Like stall(), but doesn't sleep.
454 * If cpp had variadic macros, the two functions could be #defines for another.
455 * NB: should send a message to the session logger to avoid blocking.
458 warning(const char *message
, ...)
462 va_start(ap
, message
);
463 vsyslog(LOG_ALERT
, message
, ap
);
469 * Log an emergency message.
470 * NB: should send a message to the session logger to avoid blocking.
473 emergency(const char *message
, ...)
477 va_start(ap
, message
);
478 vsyslog(LOG_EMERG
, message
, ap
);
483 #if !defined(__minix)
485 * Catch a SIGSYS signal.
487 * These may arise if a system does not support sysctl.
488 * We tolerate up to 25 of these, then throw in the towel.
493 static int badcount
= 0;
499 #endif /* !defined(__minix) */
502 * Catch an unexpected signal.
508 emergency("fatal signal: %s", strsignal(sig
));
509 (void)sleep(STALL_TIMEOUT
);
510 _exit(sig
); /* reboot */
515 * controlled reboot - minix tradition, SIGABRT by tty
521 (void)execl("/sbin/shutdown",
522 "shutdown", "-r", "now", "CTRL-ALT_DEL", NULL
);
528 * controlled powerdown
531 minixpowerdown(int sig
)
534 (void)execl("/sbin/shutdown",
535 "shutdown", "-p", "now", "CTRL-ALT_DEL", NULL
);
539 #endif /* defined(__minix) */
542 * Check if securelevel is present.
545 has_securelevel(void)
550 #ifdef KERN_SECURELVL
551 int name
[2], curlevel
;
555 name
[1] = KERN_SECURELVL
;
556 len
= sizeof curlevel
;
557 if (sysctl(name
, 2, &curlevel
, &len
, NULL
, 0) == -1) {
558 /* If it doesn't exist, it's okay. */
566 #endif /* defined(__minix) */
570 * Get the security level of the kernel.
573 getsecuritylevel(void)
575 #ifdef KERN_SECURELVL
576 int name
[2], curlevel
;
579 if (!securelevel_present
)
583 name
[1] = KERN_SECURELVL
;
584 len
= sizeof curlevel
;
585 if (sysctl(name
, 2, &curlevel
, &len
, NULL
, 0) == -1) {
586 emergency("cannot get kernel security level: %m");
596 * Set the security level of the kernel.
599 setsecuritylevel(int newlevel
)
601 #ifdef KERN_SECURELVL
602 int name
[2], curlevel
;
604 if (!securelevel_present
)
607 curlevel
= getsecuritylevel();
608 if (newlevel
== curlevel
)
611 name
[1] = KERN_SECURELVL
;
612 if (sysctl(name
, 2, NULL
, NULL
, &newlevel
, sizeof newlevel
) == -1) {
613 emergency("cannot change kernel security level from"
614 " %d to %d: %m", curlevel
, newlevel
);
618 warning("kernel security level changed from %d to %d",
625 * Change states in the finite state machine.
626 * The initial state is passed as an argument.
629 transition(state_t s
)
636 #ifndef LETS_GET_SMALL
637 utmpx_set_runlevel(get_runlevel(current_state
),
646 #ifndef LETS_GET_SMALL
648 * Close out the accounting files for a login session.
649 * NB: should send a message to the session logger to avoid blocking.
652 clear_session_logs(session_t
*sp
, int status
)
654 #if defined(SUPPORT_UTMP) || defined(SUPPORT_UTMPX)
655 char *line
= sp
->se_device
+ sizeof(_PATH_DEV
) - 1;
659 if (logoutx(line
, status
, DEAD_PROCESS
))
660 logwtmpx(line
, "", "", status
, DEAD_PROCESS
);
664 logwtmp(line
, "", "");
670 * Start a session and allocate a controlling terminal.
671 * Only called by children of init after forking.
674 setctty(const char *name
)
678 #if !defined(__minix)
682 warn("child setsid() failed");
683 #endif /* !defined(__minix) */
684 (void)nanosleep(&dtrtime
, NULL
); /* leave DTR low for a bit */
685 if ((fd
= open(name
, O_RDWR
)) == -1) {
686 stall("can't open %s: %m", name
);
689 if (login_tty(fd
) == -1) {
690 stall("can't get %s for controlling terminal: %m", name
);
696 * Bring the system up single user.
703 int from_securitylevel
;
705 struct sigaction sa
, satstp
, sahup
;
707 const char *shell
= INIT_BSHELL
;
713 char *clear
, *password
;
717 #endif /* ALTSHELL */
719 #if !defined(LETS_GET_SMALL) && defined(CHROOT)
720 /* Clear previous idea, just in case. */
721 did_multiuser_chroot
= 0;
722 #endif /* !LETS_GET_SMALL && CHROOT */
725 * If the kernel is in secure mode, downgrade it to insecure mode.
727 from_securitylevel
= getsecuritylevel();
728 if (from_securitylevel
> 0)
731 (void)sigemptyset(&sa
.sa_mask
);
733 sa
.sa_handler
= SIG_IGN
;
734 (void)sigaction(SIGTSTP
, &sa
, &satstp
);
735 (void)sigaction(SIGHUP
, &sa
, &sahup
);
736 if ((pid
= fork()) == 0) {
738 * Start the single user session.
740 if (access(_PATH_CONSTTY
, F_OK
) == 0)
741 setctty(_PATH_CONSTTY
);
743 setctty(_PATH_CONSOLE
);
747 * Check the root password.
748 * We don't care if the console is 'on' by default;
749 * it's the only tty that can be 'off' and 'secure'.
751 typ
= getttynam("console");
752 pp
= getpwnam("root");
753 if (typ
&& (from_securitylevel
>=2 || (typ
->ty_status
754 & TTY_SECURE
) == 0) && pp
&& *pp
->pw_passwd
!= '\0') {
755 (void)fprintf(stderr
,
756 "Enter root password, or ^D to go multi-user\n");
758 clear
= getpass("Password:");
759 if (clear
== 0 || *clear
== '\0')
761 password
= crypt(clear
, pp
->pw_passwd
);
762 (void)memset(clear
, 0, _PASSWORD_LEN
);
763 if (strcmp(password
, pp
->pw_passwd
) == 0)
765 warning("single-user login failed");
773 (void)fprintf(stderr
,
774 "Enter pathname of shell or RETURN for %s: ", shell
);
775 if (fgets(altshell
, sizeof(altshell
), stdin
) == NULL
) {
781 if ((p
= strchr(altshell
, '\n')) != NULL
)
787 #endif /* ALTSHELL */
791 * We catch all the interesting ones,
792 * and those are reset to SIG_DFL on exec.
794 (void)sigemptyset(&mask
);
795 (void)sigprocmask(SIG_SETMASK
, &mask
, NULL
);
799 * If the default one doesn't work, try the Bourne shell.
803 (void)setenv("PATH", INIT_PATH
, 1);
807 (void)execv(shell
, __UNCONST(argv
));
808 emergency("can't exec `%s' for single user: %m", shell
);
810 #endif /* ALTSHELL */
811 (void)execv(INIT_BSHELL
, __UNCONST(argv
));
812 emergency("can't exec `%s' for single user: %m", INIT_BSHELL
);
813 (void)sleep(STALL_TIMEOUT
);
819 * We are seriously hosed. Do our best.
821 emergency("can't fork single-user shell: %m, trying again");
822 while (waitpid(-1, NULL
, WNOHANG
) > 0)
824 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
825 (void)sigaction(SIGHUP
, &sahup
, NULL
);
826 return (state_func_t
)single_user
;
829 requested_transition
= 0;
831 if ((wpid
= waitpid(-1, &status
, WUNTRACED
)) != -1)
832 collect_child(wpid
, status
);
836 warning("wait for single-user shell failed: %m; "
838 return (state_func_t
)single_user
;
840 if (wpid
== pid
&& WIFSTOPPED(status
)) {
841 warning("shell stopped, restarting");
842 (void)kill(pid
, SIGCONT
);
845 } while (wpid
!= pid
&& !requested_transition
);
847 if (requested_transition
) {
848 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
849 (void)sigaction(SIGHUP
, &sahup
, NULL
);
850 return (state_func_t
)requested_transition
;
853 if (WIFSIGNALED(status
)) {
854 if (WTERMSIG(status
) == SIGKILL
) {
855 /* executed /sbin/reboot; wait for the end quietly */
858 (void)sigfillset(&s
);
860 (void)sigsuspend(&s
);
862 warning("single user shell terminated (%x), restarting",
864 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
865 (void)sigaction(SIGHUP
, &sahup
, NULL
);
866 return (state_func_t
)single_user
;
870 runcom_mode
= FASTBOOT
;
871 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
872 (void)sigaction(SIGHUP
, &sahup
, NULL
);
873 #ifndef LETS_GET_SMALL
874 return (state_func_t
)runcom
;
875 #else /* LETS_GET_SMALL */
876 return (state_func_t
)single_user
;
877 #endif /* LETS_GET_SMALL */
880 #ifndef LETS_GET_SMALL
884 runetcrc(int trychroot
)
891 switch ((pid
= fork())) {
893 (void)sigemptyset(&sa
.sa_mask
);
895 sa
.sa_handler
= SIG_IGN
;
896 (void)sigaction(SIGTSTP
, &sa
, NULL
);
897 (void)sigaction(SIGHUP
, &sa
, NULL
);
899 setctty(_PATH_CONSOLE
);
902 argv
[1] = _PATH_RUNCOM
;
903 argv
[2] = (runcom_mode
== AUTOBOOT
? "autoboot" : 0);
906 (void)sigprocmask(SIG_SETMASK
, &sa
.sa_mask
, NULL
);
910 if (chroot(rootdir
) != 0) {
911 warning("failed to chroot to `%s': %m",
913 _exit(4); /* force single user mode */
917 (void)execv(INIT_BSHELL
, __UNCONST(argv
));
918 stall("can't exec `%s' for `%s': %m", INIT_BSHELL
, _PATH_RUNCOM
);
919 _exit(5); /* force single user mode */
922 emergency("can't fork for `%s' on `%s': %m", INIT_BSHELL
,
924 while (waitpid(-1, NULL
, WNOHANG
) > 0)
926 (void)sleep(STALL_TIMEOUT
);
927 return (state_func_t
)single_user
;
933 * Copied from single_user(). This is a bit paranoid.
936 if ((wpid
= waitpid(-1, &status
, WUNTRACED
)) != -1)
937 collect_child(wpid
, status
);
941 warning("wait for `%s' on `%s' failed: %m; going to "
942 "single user mode", INIT_BSHELL
, _PATH_RUNCOM
);
943 return (state_func_t
)single_user
;
945 if (wpid
== pid
&& WIFSTOPPED(status
)) {
946 warning("`%s' on `%s' stopped, restarting",
947 INIT_BSHELL
, _PATH_RUNCOM
);
948 (void)kill(pid
, SIGCONT
);
951 } while (wpid
!= pid
);
953 if (WIFSIGNALED(status
) && WTERMSIG(status
) == SIGTERM
&&
954 requested_transition
== catatonia
) {
955 /* /etc/rc executed /sbin/reboot; wait for the end quietly */
958 (void)sigfillset(&s
);
960 (void)sigsuspend(&s
);
963 if (!WIFEXITED(status
)) {
964 warning("`%s' on `%s' terminated abnormally, going to "
965 "single user mode", INIT_BSHELL
, _PATH_RUNCOM
);
966 return (state_func_t
)single_user
;
969 if (WEXITSTATUS(status
))
970 return (state_func_t
)single_user
;
972 return (state_func_t
)read_ttys
;
976 * Run the system startup script.
981 state_func_t next_step
;
983 /* Run /etc/rc and choose next state depending on the result. */
984 next_step
= runetcrc(0);
985 if (next_step
!= (state_func_t
)read_ttys
)
986 return (state_func_t
)next_step
;
990 * If init.root sysctl does not point to "/", we'll chroot and run
991 * The Real(tm) /etc/rc now. Global variable rootdir will tell us
994 if (shouldchroot()) {
995 next_step
= runetcrc(1);
996 if (next_step
!= (state_func_t
)read_ttys
)
997 return (state_func_t
)next_step
;
999 did_multiuser_chroot
= 1;
1001 did_multiuser_chroot
= 0;
1006 * Regardless of whether in chroot or not, we booted successfuly.
1007 * It's time to spawn gettys (ie. next_step's value at this point).
1009 runcom_mode
= AUTOBOOT
; /* the default */
1010 /* NB: should send a message to the session logger to avoid blocking. */
1011 #ifdef SUPPORT_UTMPX
1012 logwtmpx("~", "reboot", "", 0, INIT_PROCESS
);
1015 logwtmp("~", "reboot", "");
1017 return (state_func_t
)read_ttys
;
1021 * Open the session database.
1023 * NB: We could pass in the size here; is it necessary?
1026 start_session_db(void)
1029 if (session_db
&& (*session_db
->close
)(session_db
))
1030 emergency("session database close: %m");
1031 if ((session_db
= dbopen(NULL
, O_RDWR
, 0, DB_HASH
, NULL
)) == 0) {
1032 emergency("session database open: %m");
1040 * Add a new login session.
1043 add_session(session_t
*sp
)
1048 if (session_db
== NULL
)
1051 key
.data
= &sp
->se_process
;
1052 key
.size
= sizeof sp
->se_process
;
1054 data
.size
= sizeof sp
;
1056 if ((*session_db
->put
)(session_db
, &key
, &data
, 0))
1057 emergency("insert %d: %m", sp
->se_process
);
1058 #ifdef SUPPORT_UTMPX
1059 session_utmpx(sp
, 1);
1064 * Delete an old login session.
1067 del_session(session_t
*sp
)
1071 key
.data
= &sp
->se_process
;
1072 key
.size
= sizeof sp
->se_process
;
1074 if ((*session_db
->del
)(session_db
, &key
, 0))
1075 emergency("delete %d: %m", sp
->se_process
);
1076 #ifdef SUPPORT_UTMPX
1077 session_utmpx(sp
, 0);
1082 * Look up a login session by pid.
1085 find_session(pid_t pid
)
1091 if (session_db
== NULL
)
1095 key
.size
= sizeof pid
;
1096 if ((*session_db
->get
)(session_db
, &key
, &data
, 0) != 0)
1098 (void)memmove(&ret
, data
.data
, sizeof(ret
));
1103 * Construct an argument vector from a command line.
1106 construct_argv(char *command
)
1109 char **argv
= malloc(((strlen(command
) + 1) / 2 + 1) * sizeof (char *));
1110 static const char separators
[] = " \t";
1115 if ((argv
[argc
++] = strtok(command
, separators
)) == 0) {
1119 while ((argv
[argc
++] = strtok(NULL
, separators
)) != NULL
)
1125 * Deallocate a session descriptor.
1128 free_session(session_t
*sp
)
1131 free(sp
->se_device
);
1134 free(sp
->se_getty_argv
);
1136 if (sp
->se_window
) {
1137 free(sp
->se_window
);
1138 free(sp
->se_window_argv
);
1144 * Allocate a new session descriptor.
1147 new_session(session_t
*sprev
, int session_index
, struct ttyent
*typ
)
1151 if ((typ
->ty_status
& TTY_ON
) == 0 || typ
->ty_name
== NULL
||
1152 typ
->ty_getty
== NULL
)
1155 sp
= malloc(sizeof (session_t
));
1158 (void)memset(sp
, 0, sizeof *sp
);
1160 sp
->se_flags
= SE_PRESENT
;
1161 sp
->se_index
= session_index
;
1163 (void)asprintf(&sp
->se_device
, "%s%s", _PATH_DEV
, typ
->ty_name
);
1164 if (!sp
->se_device
) {
1169 if (setupargv(sp
, typ
) == 0) {
1175 if (sprev
== NULL
) {
1179 sprev
->se_next
= sp
;
1180 sp
->se_prev
= sprev
;
1187 * Calculate getty and if useful window argv vectors.
1190 setupargv(session_t
*sp
, struct ttyent
*typ
)
1195 free(sp
->se_getty_argv
);
1197 (void)asprintf(&sp
->se_getty
, "%s %s", typ
->ty_getty
, typ
->ty_name
);
1200 sp
->se_getty_argv
= construct_argv(sp
->se_getty
);
1201 if (sp
->se_getty_argv
== NULL
) {
1202 warning("can't parse getty for port `%s'", sp
->se_device
);
1204 sp
->se_getty
= NULL
;
1207 if (typ
->ty_window
) {
1209 free(sp
->se_window
);
1210 sp
->se_window
= strdup(typ
->ty_window
);
1211 sp
->se_window_argv
= construct_argv(sp
->se_window
);
1212 if (sp
->se_window_argv
== NULL
) {
1213 warning("can't parse window for port `%s'",
1215 free(sp
->se_window
);
1216 sp
->se_window
= NULL
;
1224 * Walk the list of ttys and create sessions for each active line.
1229 int session_index
= 0;
1230 session_t
*sp
, *snext
;
1233 #ifdef SUPPORT_UTMPX
1234 if (sessions
== NULL
) {
1237 make_utmpx("", BOOT_MSG
, BOOT_TIME
, 0, &boot_time
, 0);
1240 * If wtmpx is not empty, pick the down time from there
1242 if (stat(_PATH_WTMPX
, &st
) != -1 && st
.st_size
!= 0) {
1243 struct timeval down_time
;
1245 TIMESPEC_TO_TIMEVAL(&down_time
,
1246 st
.st_atime
> st
.st_mtime
?
1247 &st
.st_atimespec
: &st
.st_mtimespec
);
1248 make_utmpx("", DOWN_MSG
, DOWN_TIME
, 0, &down_time
, 0);
1253 * Destroy any previous session state.
1254 * There shouldn't be any, but just in case...
1256 for (sp
= sessions
; sp
; sp
= snext
) {
1257 #ifndef LETS_GET_SMALL
1259 clear_session_logs(sp
, 0);
1261 snext
= sp
->se_next
;
1266 if (start_session_db()) {
1267 warning("start_session_db failed, death");
1269 /* If /etc/rc ran in chroot, we want to kill any survivors. */
1270 if (did_multiuser_chroot
)
1271 return (state_func_t
)death
;
1274 return (state_func_t
)single_user
;
1277 (void)do_setttyent();
1280 * Allocate a session entry for each active port.
1281 * Note that sp starts at 0.
1283 while ((typ
= getttyent()) != NULL
)
1284 if ((snext
= new_session(sp
, ++session_index
, typ
)) != NULL
)
1288 return (state_func_t
)multi_user
;
1292 * Start a window system running.
1295 start_window_system(session_t
*sp
)
1300 if ((pid
= fork()) == -1) {
1301 emergency("can't fork for window system on port `%s': %m",
1303 /* hope that getty fails and we can try again */
1310 (void)sigemptyset(&mask
);
1311 (void)sigprocmask(SIG_SETMASK
, &mask
, NULL
);
1314 emergency("setsid failed (window): %m");
1316 (void)execv(sp
->se_window_argv
[0], sp
->se_window_argv
);
1317 stall("can't exec window system `%s' for port `%s': %m",
1318 sp
->se_window_argv
[0], sp
->se_device
);
1323 * Start a login session running.
1326 start_getty(session_t
*sp
)
1330 time_t current_time
= time(NULL
);
1333 * fork(), not vfork() -- we can't afford to block.
1335 if ((pid
= fork()) == -1) {
1336 emergency("can't fork for getty on port `%s': %m",
1345 /* If /etc/rc did proceed inside chroot, we have to try as well. */
1346 if (did_multiuser_chroot
)
1347 if (chroot(rootdir
) != 0) {
1348 stall("can't chroot getty `%s' inside `%s': %m",
1349 sp
->se_getty_argv
[0], rootdir
);
1354 if (current_time
> sp
->se_started
.tv_sec
&&
1355 current_time
- sp
->se_started
.tv_sec
< GETTY_SPACING
) {
1356 warning("getty repeating too quickly on port `%s', sleeping",
1358 (void)sleep(GETTY_SLEEP
);
1361 if (sp
->se_window
) {
1362 start_window_system(sp
);
1363 (void)sleep(WINDOW_WAIT
);
1366 (void)sigemptyset(&mask
);
1367 (void)sigprocmask(SIG_SETMASK
, &mask
, (sigset_t
*) 0);
1369 (void)execv(sp
->se_getty_argv
[0], sp
->se_getty_argv
);
1370 stall("can't exec getty `%s' for port `%s': %m",
1371 sp
->se_getty_argv
[0], sp
->se_device
);
1375 #ifdef SUPPORT_UTMPX
1377 session_utmpx(const session_t
*sp
, int add
)
1379 const char *name
= sp
->se_getty
? sp
->se_getty
:
1380 (sp
->se_window
? sp
->se_window
: "");
1381 const char *line
= sp
->se_device
+ sizeof(_PATH_DEV
) - 1;
1383 make_utmpx(name
, line
, add
? LOGIN_PROCESS
: DEAD_PROCESS
,
1384 sp
->se_process
, &sp
->se_started
, sp
->se_index
);
1388 make_utmpx(const char *name
, const char *line
, int type
, pid_t pid
,
1389 const struct timeval
*tv
, int session
)
1394 (void)memset(&ut
, 0, sizeof(ut
));
1395 (void)strlcpy(ut
.ut_name
, name
, sizeof(ut
.ut_name
));
1397 (void)strlcpy(ut
.ut_line
, line
, sizeof(ut
.ut_line
));
1402 (void)gettimeofday(&ut
.ut_tv
, NULL
);
1403 ut
.ut_session
= session
;
1405 eline
= line
+ strlen(line
);
1406 if ((size_t)(eline
- line
) >= sizeof(ut
.ut_id
))
1407 line
= eline
- sizeof(ut
.ut_id
);
1408 (void)strncpy(ut
.ut_id
, line
, sizeof(ut
.ut_id
));
1410 if (pututxline(&ut
) == NULL
)
1411 warning("can't add utmpx record for `%s': %m", ut
.ut_line
);
1416 get_runlevel(const state_t s
)
1418 if (s
== (state_t
)single_user
)
1420 if (s
== (state_t
)runcom
)
1422 if (s
== (state_t
)read_ttys
)
1424 if (s
== (state_t
)multi_user
)
1426 if (s
== (state_t
)clean_ttys
)
1428 if (s
== (state_t
)catatonia
)
1434 utmpx_set_runlevel(char old
, char new)
1439 * Don't record any transitions until we did the first transition
1440 * to read ttys, which is when we are guaranteed to have a read-write
1441 * /var. Perhaps use a different variable for this?
1443 if (sessions
== NULL
)
1446 (void)memset(&ut
, 0, sizeof(ut
));
1447 (void)snprintf(ut
.ut_line
, sizeof(ut
.ut_line
), RUNLVL_MSG
, new);
1448 ut
.ut_type
= RUN_LVL
;
1449 (void)gettimeofday(&ut
.ut_tv
, NULL
);
1450 ut
.ut_exit
.e_exit
= old
;
1451 ut
.ut_exit
.e_termination
= new;
1452 if (pututxline(&ut
) == NULL
)
1453 warning("can't add utmpx record for `runlevel': %m");
1456 #endif /* SUPPORT_UTMPX */
1458 #endif /* LETS_GET_SMALL */
1461 * Collect exit status for a child.
1462 * If an exiting login, start a new login running.
1465 collect_child(pid_t pid
, int status
)
1467 #ifndef LETS_GET_SMALL
1468 session_t
*sp
, *sprev
, *snext
;
1473 if ((sp
= find_session(pid
)) == NULL
)
1476 clear_session_logs(sp
, status
);
1480 if (sp
->se_flags
& SE_SHUTDOWN
) {
1481 if ((sprev
= sp
->se_prev
) != NULL
)
1482 sprev
->se_next
= sp
->se_next
;
1484 sessions
= sp
->se_next
;
1485 if ((snext
= sp
->se_next
) != NULL
)
1486 snext
->se_prev
= sp
->se_prev
;
1491 if ((pid
= start_getty(sp
)) == -1) {
1492 /* serious trouble */
1493 requested_transition
= clean_ttys
;
1497 sp
->se_process
= pid
;
1498 (void)gettimeofday(&sp
->se_started
, NULL
);
1500 #endif /* LETS_GET_SMALL */
1504 * Catch a signal and request a state transition.
1507 transition_handler(int sig
)
1511 #ifndef LETS_GET_SMALL
1513 requested_transition
= clean_ttys
;
1516 requested_transition
= death
;
1519 requested_transition
= catatonia
;
1521 #endif /* LETS_GET_SMALL */
1523 requested_transition
= 0;
1528 #ifndef LETS_GET_SMALL
1530 * Take the system multiuser.
1539 requested_transition
= 0;
1542 * If the administrator has not set the security level to -1
1543 * to indicate that the kernel should not run multiuser in secure
1544 * mode, and the run script has not set a higher level of security
1545 * than level 1, then put the kernel into secure mode.
1547 if (getsecuritylevel() == 0)
1548 setsecuritylevel(1);
1550 for (sp
= sessions
; sp
; sp
= sp
->se_next
) {
1553 if ((pid
= start_getty(sp
)) == -1) {
1554 /* serious trouble */
1555 requested_transition
= clean_ttys
;
1558 sp
->se_process
= pid
;
1559 (void)gettimeofday(&sp
->se_started
, NULL
);
1563 while (!requested_transition
)
1564 if ((pid
= waitpid(-1, &status
, 0)) != -1)
1565 collect_child(pid
, status
);
1567 return (state_func_t
)requested_transition
;
1571 * This is an n-squared algorithm. We hope it isn't run often...
1576 session_t
*sp
, *sprev
;
1578 int session_index
= 0;
1581 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1582 sp
->se_flags
&= ~SE_PRESENT
;
1584 (void)do_setttyent();
1586 devlen
= sizeof(_PATH_DEV
) - 1;
1587 while ((typ
= getttyent()) != NULL
) {
1590 for (sprev
= 0, sp
= sessions
; sp
; sprev
= sp
, sp
= sp
->se_next
)
1591 if (strcmp(typ
->ty_name
, sp
->se_device
+ devlen
) == 0)
1595 sp
->se_flags
|= SE_PRESENT
;
1596 if (sp
->se_index
!= session_index
) {
1597 warning("port `%s' changed utmp index from "
1598 "%d to %d", sp
->se_device
, sp
->se_index
,
1600 sp
->se_index
= session_index
;
1602 if ((typ
->ty_status
& TTY_ON
) == 0 ||
1603 typ
->ty_getty
== 0) {
1604 sp
->se_flags
|= SE_SHUTDOWN
;
1605 if (sp
->se_process
!= 0)
1606 (void)kill(sp
->se_process
, SIGHUP
);
1609 sp
->se_flags
&= ~SE_SHUTDOWN
;
1610 if (setupargv(sp
, typ
) == 0) {
1611 warning("can't parse getty for port `%s'",
1613 sp
->se_flags
|= SE_SHUTDOWN
;
1614 if (sp
->se_process
!= 0)
1615 (void)kill(sp
->se_process
, SIGHUP
);
1620 (void)new_session(sprev
, session_index
, typ
);
1625 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1626 if ((sp
->se_flags
& SE_PRESENT
) == 0) {
1627 sp
->se_flags
|= SE_SHUTDOWN
;
1628 if (sp
->se_process
!= 0)
1629 (void)kill(sp
->se_process
, SIGHUP
);
1632 return (state_func_t
)multi_user
;
1636 * Block further logins.
1643 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1644 sp
->se_flags
|= SE_SHUTDOWN
;
1646 return (state_func_t
)multi_user
;
1648 #endif /* LETS_GET_SMALL */
1655 alrm_handler(int sig
)
1661 #ifndef LETS_GET_SMALL
1663 * Bring the system down to single user.
1671 static const int death_sigs
[3] = { SIGHUP
, SIGTERM
, SIGKILL
};
1673 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1674 sp
->se_flags
|= SE_SHUTDOWN
;
1676 /* NB: should send a message to the session logger to avoid blocking. */
1677 #ifdef SUPPORT_UTMPX
1678 logwtmpx("~", "shutdown", "", 0, INIT_PROCESS
);
1681 logwtmp("~", "shutdown", "");
1684 for (i
= 0; i
< 3; ++i
) {
1685 if (kill(-1, death_sigs
[i
]) == -1 && errno
== ESRCH
)
1686 return (state_func_t
)single_user
;
1689 (void)alarm(DEATH_WATCH
);
1691 if ((pid
= waitpid(-1, &status
, 0)) != -1)
1692 collect_child(pid
, status
);
1693 while (clang
== 0 && errno
!= ECHILD
);
1695 if (errno
== ECHILD
)
1696 return (state_func_t
)single_user
;
1699 warning("some processes would not die; ps axl advised");
1701 return (state_func_t
)single_user
;
1703 #endif /* LETS_GET_SMALL */
1705 #ifdef MFS_DEV_IF_NO_CONSOLE
1711 * We cannot print errors so we bail out silently...
1716 /* If we have /dev/console, assume all is OK */
1717 if (access(_PATH_CONSOLE
, F_OK
) == 0)
1720 #if 0 /* Useful for testing MAKEDEV */
1721 /* Mount an mfs over /mnt so we can create a console entry */
1722 switch ((pid
= fork())) {
1724 (void)execl(INIT_MOUNT_MFS
, "mount_mfs",
1725 "-b", "4096", "-f", "512",
1728 "swap", "/mnt", NULL
);
1736 if (waitpid(pid
, &status
, 0) == -1)
1746 static int name
[2] = { CTL_MACHDEP
, CPU_CONSDEV
};
1749 if (sysctl(name
, sizeof(name
) / sizeof(name
[0]), &dev
, &olen
,
1752 dev
= makedev(0, 0);
1754 /* Make a console for us, so we can see things happening */
1755 if (mknod("/mnt/console", 0666 | S_IFCHR
, dev
) == -1)
1757 (void)freopen("/mnt/console", "a", stderr
);
1762 /* Run the makedev script to create devices */
1763 switch ((pid
= fork())) {
1765 (void)dup2(2, 1); /* Give the script stdout */
1766 if (chdir("/dev") == 0)
1767 (void)execl(INIT_BSHELL
, "sh",
1768 access("./MAKEDEV", X_OK
) == 0
1769 ? "./MAKEDEV" : "/etc/MAKEDEV",
1770 "-MM", "init", NULL
);
1778 if (waitpid(pid
, &status
, 0) == -1)
1781 warn("MAKEDEV exit status %d\n", status
);
1783 * If /dev/console got created, then return 0
1784 * regardless of MAKEDEV exit status.
1786 if (access(_PATH_CONSOLE
, F_OK
) == 0)
1790 warn("Unable to run MAKEDEV");
1795 #ifndef LETS_GET_SMALL
1801 if (did_multiuser_chroot
) {
1802 char path
[PATH_MAX
];
1804 (void)snprintf(path
, sizeof(path
), "%s/%s", rootdir
, _PATH_TTYS
);
1806 return setttyentpath(path
);
1813 #if !defined(LETS_GET_SMALL) && defined(CHROOT)
1816 createsysctlnode(void)
1818 #if !defined(__minix)
1819 struct sysctlnode node
;
1824 * Create top-level dynamic sysctl node. Its child nodes will only
1825 * be readable by the superuser, since regular mortals should not
1826 * care ("Sssh, it's a secret!").
1828 len
= sizeof(struct sysctlnode
);
1829 mib
[0] = CTL_CREATE
;
1831 (void)memset(&node
, 0, len
);
1832 node
.sysctl_flags
= SYSCTL_VERSION
| CTLFLAG_READWRITE
|
1833 CTLFLAG_PRIVATE
| CTLTYPE_NODE
;
1834 node
.sysctl_num
= CTL_CREATE
;
1835 (void)snprintf(node
.sysctl_name
, SYSCTL_NAMELEN
, "init");
1836 if (sysctl(&mib
[0], 1, &node
, &len
, &node
, len
) == -1) {
1837 warning("could not create init node: %m");
1842 * Create second level dynamic node capable of holding pathname.
1843 * Provide "/" as the default value.
1845 len
= sizeof(struct sysctlnode
);
1846 mib
[0] = node
.sysctl_num
;
1847 mib
[1] = CTL_CREATE
;
1849 (void)memset(&node
, 0, len
);
1850 node
.sysctl_flags
= SYSCTL_VERSION
| CTLFLAG_READWRITE
|
1851 CTLTYPE_STRING
| CTLFLAG_OWNDATA
;
1852 node
.sysctl_size
= _POSIX_PATH_MAX
;
1853 node
.sysctl_data
= __UNCONST("/");
1854 node
.sysctl_num
= CTL_CREATE
;
1855 (void)snprintf(node
.sysctl_name
, SYSCTL_NAMELEN
, "root");
1856 if (sysctl(&mib
[0], 2, NULL
, NULL
, &node
, len
) == -1) {
1857 warning("could not create init.root node: %m");
1860 #endif /* !defined(__minix) */
1868 #if !defined(__minix)
1869 struct sysctlnode node
;
1873 len
= sizeof(struct sysctlnode
);
1875 if (sysctlbyname("init.root", rootdir
, &len
, NULL
, 0) == -1) {
1876 warning("could not read init.root: %m");
1878 /* Child killed our node. Recreate it. */
1879 if (errno
== ENOENT
) {
1880 /* Destroy whatever is left, recreate from scratch. */
1881 if (sysctlnametomib("init", &mib
, &cnt
) != -1) {
1882 (void)memset(&node
, 0, sizeof(node
));
1883 node
.sysctl_flags
= SYSCTL_VERSION
;
1884 node
.sysctl_num
= mib
;
1887 (void)sysctl(&mib
, 1, NULL
, NULL
, &node
,
1891 (void)createsysctlnode();
1894 /* We certainly won't chroot. */
1898 if (rootdir
[len
] != '\0' || strlen(rootdir
) != len
- 1) {
1899 warning("init.root is not a string");
1903 if (strcmp(rootdir
, "/") == 0)
1909 #endif /* !defined(__minix) */
1912 #endif /* !LETS_GET_SMALL && CHROOT */