1 /* $NetBSD: init.c,v 1.106 2015/06/16 23:18:55 christos Exp $ */
4 * Copyright (c) 1991, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * Donn Seeley at Berkeley Software Design, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include <sys/cdefs.h>
37 __COPYRIGHT("@(#) Copyright (c) 1991, 1993\
38 The Regents of the University of California. All rights reserved.");
43 static char sccsid
[] = "@(#)init.c 8.2 (Berkeley) 4/28/95";
45 __RCSID("$NetBSD: init.c,v 1.106 2015/06/16 23:18:55 christos Exp $");
49 #include <sys/param.h>
50 #include <sys/sysctl.h>
54 #include <sys/mount.h>
55 #include <machine/cpu.h>
84 #include "pathnames.h"
87 #define STR(x) XSTR(x)
90 * Sleep times; used to prevent thrashing.
92 #define GETTY_SPACING 5 /* N secs minimum getty spacing */
93 #define GETTY_SLEEP 30 /* sleep N secs after spacing problem */
94 #define WINDOW_WAIT 3 /* wait N secs after starting window */
95 #define STALL_TIMEOUT 30 /* wait N secs after warning */
96 #define DEATH_WATCH 10 /* wait N secs for procs to die */
98 static const struct timespec dtrtime
= {.tv_sec
= 0, .tv_nsec
= 250000};
100 #if defined(RESCUEDIR)
101 #define INIT_BSHELL RESCUEDIR "/sh"
102 #define INIT_MOUNT_MFS RESCUEDIR "/mount_mfs"
103 #define INIT_PATH RESCUEDIR ":" _PATH_STDPATH
105 #define INIT_BSHELL _PATH_BSHELL
106 #define INIT_MOUNT_MFS "/sbin/mount_mfs"
107 #define INIT_PATH _PATH_STDPATH
110 static void handle(sig_t
, ...);
111 static void delset(sigset_t
*, ...);
113 static void stall(const char *, ...) __printflike(1, 2);
114 static void warning(const char *, ...) __printflike(1, 2);
115 static void emergency(const char *, ...) __printflike(1, 2);
116 __dead
static void disaster(int);
119 static void minixreboot(int);
120 static void minixpowerdown(int);
122 static void badsys(int);
123 #endif /* defined(__minix) */
126 * We really need a recursive typedef...
127 * The following at least guarantees that the return type of (*state_t)()
128 * is sufficiently wide to hold a function pointer.
130 typedef long (*state_func_t
)(void);
131 typedef state_func_t (*state_t
)(void);
134 #define SINGLE_USER 's'
136 #define READ_TTYS 't'
137 #define MULTI_USER 'm'
138 #define CLEAN_TTYS 'T'
139 #define CATATONIA 'c'
141 static state_func_t
single_user(void);
142 #ifndef LETS_GET_SMALL
143 static state_func_t
runcom(void);
144 static state_func_t
read_ttys(void);
145 static state_func_t
multi_user(void);
146 static state_func_t
clean_ttys(void);
147 static state_func_t
catatonia(void);
148 static state_func_t
death(void);
151 static enum { AUTOBOOT
, FASTBOOT
} runcom_mode
= AUTOBOOT
;
153 static void transition(state_t
);
154 static void setctty(const char *);
156 typedef struct init_session
{
157 int se_index
; /* index of entry in ttys file */
158 pid_t se_process
; /* controlling process */
159 struct timeval se_started
; /* used to avoid thrashing */
160 int se_flags
; /* status of session */
161 #define SE_SHUTDOWN 0x1 /* session won't be restarted */
162 #define SE_PRESENT 0x2 /* session is in /etc/ttys */
163 char *se_device
; /* filename of port */
164 char *se_getty
; /* what to run on that port */
165 char **se_getty_argv
; /* pre-parsed argument array */
166 char *se_window
; /* window system (started only once) */
167 char **se_window_argv
; /* pre-parsed argument array */
168 struct init_session
*se_prev
;
169 struct init_session
*se_next
;
172 static void collect_child(pid_t
, int);
174 static void transition_handler(int);
175 static void alrm_handler(int);
176 static int has_securelevel(void);
177 static int securelevel_present
;
179 #ifndef LETS_GET_SMALL
180 static int do_setttyent(void);
181 static void start_window_system(session_t
*);
182 static char **construct_argv(char *);
183 static int setupargv(session_t
*, struct ttyent
*);
184 static pid_t
start_getty(session_t
*);
185 static void free_session(session_t
*);
186 static session_t
*new_session(session_t
*, int, struct ttyent
*);
187 static session_t
*sessions
;
188 static void setsecuritylevel(int);
189 static int getsecuritylevel(void);
190 static int start_session_db(void);
191 static void add_session(session_t
*);
192 static void del_session(session_t
*);
193 static session_t
*find_session(pid_t
);
194 static DB
*session_db
;
195 static state_t requested_transition
= runcom
;
197 static void clear_session_logs(session_t
*, int);
198 static state_func_t
runetcrc(int);
200 static struct timeval boot_time
;
201 static state_t current_state
= death
;
202 static void session_utmpx(const session_t
*, int);
203 static void make_utmpx(const char *, const char *, int, pid_t
,
204 const struct timeval
*, int);
205 static char get_runlevel(const state_t
);
206 static void utmpx_set_runlevel(char, char);
210 static int did_multiuser_chroot
= 0;
211 static char rootdir
[PATH_MAX
];
212 static int shouldchroot(void);
213 static int createsysctlnode(void);
216 #else /* LETS_GET_SMALL */
217 static state_t requested_transition
= single_user
;
218 #endif /* !LETS_GET_SMALL */
220 #ifdef MFS_DEV_IF_NO_CONSOLE
222 static int mfs_dev(void);
227 * The mother of all processes.
230 main(int argc
, char **argv
)
234 #ifndef LETS_GET_SMALL
238 (void)gettimeofday(&boot_time
, NULL
);
239 #endif /* SUPPORT_UTMPX */
241 /* Dispose of random users. */
247 /* System V users like to reexec init. */
249 errx(1, "already running");
253 * Create an initial session.
256 warn("initial setsid() failed");
259 * Establish an initial user so that programs running
260 * single user do not freak out and die (like passwd).
262 #if !defined(__minix)
263 if (setlogin("root") < 0)
264 warn("setlogin() failed");
265 #endif /* !defined(__minix) */
268 #ifdef MFS_DEV_IF_NO_CONSOLE
270 requested_transition
= single_user
;
273 #ifndef LETS_GET_SMALL
275 * Note that this does NOT open a file...
276 * Does 'init' deserve its own facility number?
278 openlog("init", LOG_CONS
, LOG_AUTH
);
279 #endif /* LETS_GET_SMALL */
282 #ifndef LETS_GET_SMALL
284 * This code assumes that we always get arguments through flags,
285 * never through bits set in some random machine register.
287 while ((c
= getopt(argc
, argv
, "sf")) != -1)
290 requested_transition
= single_user
;
293 runcom_mode
= FASTBOOT
;
296 warning("unrecognized flag `%c'", c
);
301 warning("ignoring excess arguments");
302 #else /* LETS_GET_SMALL */
303 requested_transition
= single_user
;
304 #endif /* LETS_GET_SMALL */
307 * We catch or block signals rather than ignore them,
308 * so that they get reset on exec.
310 #if !defined(__minix)
311 handle(badsys
, SIGSYS
, 0);
312 handle(disaster
, SIGABRT
, SIGFPE
, SIGILL
, SIGSEGV
,
313 SIGBUS
, SIGXCPU
, SIGXFSZ
, 0);
315 handle(minixreboot
, SIGABRT
, 0);
316 handle(minixpowerdown
, SIGUSR1
, 0);
317 handle(disaster
, SIGFPE
, SIGILL
, SIGSEGV
, SIGBUS
, 0);
318 #endif /* !defined(__minix) */
319 handle(transition_handler
, SIGHUP
, SIGTERM
, SIGTSTP
, 0);
320 handle(alrm_handler
, SIGALRM
, 0);
321 (void)sigfillset(&mask
);
322 #if !defined(__minix)
323 delset(&mask
, SIGABRT
, SIGFPE
, SIGILL
, SIGSEGV
, SIGBUS
, SIGSYS
,
324 SIGXCPU
, SIGXFSZ
, SIGHUP
, SIGTERM
, SIGTSTP
, SIGALRM
, 0);
326 delset(&mask
, SIGABRT
, SIGFPE
, SIGILL
, SIGSEGV
, SIGBUS
,
327 SIGHUP
, SIGTERM
, SIGTSTP
, SIGALRM
, 0);
328 #endif /* !defined(__minix) */
329 (void)sigprocmask(SIG_SETMASK
, &mask
, NULL
);
330 (void)sigemptyset(&sa
.sa_mask
);
332 sa
.sa_handler
= SIG_IGN
;
333 (void)sigaction(SIGTTIN
, &sa
, NULL
);
334 (void)sigaction(SIGTTOU
, &sa
, NULL
);
343 #if !defined(LETS_GET_SMALL) && defined(CHROOT)
344 /* Create "init.root" sysctl node. */
345 (void)createsysctlnode();
346 #endif /* !LETS_GET_SMALL && CHROOT*/
349 * Securelevel might not be supported by the kernel. Query for it, and
350 * set a variable indicating whether we should attempt anything with it
353 securelevel_present
= has_securelevel();
356 * Start the state machine.
358 transition(requested_transition
);
361 * Should never reach here.
367 * Associate a function with a signal handler.
370 handle(sig_t handler
, ...)
374 sigset_t mask_everything
;
377 va_start(ap
, handler
);
379 sa
.sa_handler
= handler
;
380 (void)sigfillset(&mask_everything
);
382 while ((sig
= va_arg(ap
, int)) != 0) {
383 sa
.sa_mask
= mask_everything
;
384 /* XXX SA_RESTART? */
385 sa
.sa_flags
= sig
== SIGCHLD
? SA_NOCLDSTOP
: 0;
386 (void)sigaction(sig
, &sa
, NULL
);
392 * Delete a set of signals from a mask.
395 delset(sigset_t
*maskp
, ...)
402 while ((sig
= va_arg(ap
, int)) != 0)
403 (void)sigdelset(maskp
, sig
);
407 #if 0 /* Enable to get error messages from init ! */
408 #define vsyslog(level, fmt, ap) print_console(level, fmt, ap)
412 print_console(int level
, const char *message
, va_list ap
)
415 * XXX: syslog seems to just plain not work in console-only
416 * XXX: situation... that should be fixed. Let's leave this
417 * XXX: note + code here in case someone gets in trouble and
418 * XXX: wants to debug. -- Jachym Holecek <freza@liberouter.org>
423 /* We can't do anything on errors, anyway... */
424 fd
= open(_PATH_CONSOLE
, O_WRONLY
);
428 /* %m will get lost... */
429 len
= vsnprintf(errbuf
, sizeof(errbuf
), message
, ap
);
430 (void)write(fd
, (void *)errbuf
, len
);
436 * Log a message and sleep for a while (to give someone an opportunity
437 * to read it and to save log or hardcopy output if the problem is chronic).
438 * NB: should send a message to the session logger to avoid blocking.
441 stall(const char *message
, ...)
445 va_start(ap
, message
);
446 vsyslog(LOG_ALERT
, message
, ap
);
449 (void)sleep(STALL_TIMEOUT
);
453 * Like stall(), but doesn't sleep.
454 * If cpp had variadic macros, the two functions could be #defines for another.
455 * NB: should send a message to the session logger to avoid blocking.
458 warning(const char *message
, ...)
462 va_start(ap
, message
);
463 vsyslog(LOG_ALERT
, message
, ap
);
469 * Log an emergency message.
470 * NB: should send a message to the session logger to avoid blocking.
473 emergency(const char *message
, ...)
477 va_start(ap
, message
);
478 vsyslog(LOG_EMERG
, message
, ap
);
483 #if !defined(__minix)
485 * Catch a SIGSYS signal.
487 * These may arise if a system does not support sysctl.
488 * We tolerate up to 25 of these, then throw in the towel.
493 static int badcount
= 0;
499 #endif /* !defined(__minix) */
502 * Catch an unexpected signal.
508 emergency("fatal signal: %s", strsignal(sig
));
509 (void)sleep(STALL_TIMEOUT
);
510 _exit(sig
); /* reboot */
515 * controlled reboot - minix tradition, SIGABRT by tty
521 (void)execl("/sbin/shutdown",
522 "shutdown", "-r", "now", "CTRL-ALT_DEL", NULL
);
528 * controlled powerdown
531 minixpowerdown(int sig
)
534 (void)execl("/sbin/shutdown",
535 "shutdown", "-p", "now", "CTRL-ALT_DEL", NULL
);
539 #endif /* defined(__minix) */
542 * Check if securelevel is present.
545 has_securelevel(void)
547 #ifdef KERN_SECURELVL
548 int name
[2], curlevel
;
552 name
[1] = KERN_SECURELVL
;
553 len
= sizeof curlevel
;
554 if (sysctl(name
, 2, &curlevel
, &len
, NULL
, 0) == -1) {
555 /* If it doesn't exist, it's okay. */
566 * Get the security level of the kernel.
569 getsecuritylevel(void)
571 #ifdef KERN_SECURELVL
572 int name
[2], curlevel
;
575 if (!securelevel_present
)
579 name
[1] = KERN_SECURELVL
;
580 len
= sizeof curlevel
;
581 if (sysctl(name
, 2, &curlevel
, &len
, NULL
, 0) == -1) {
582 emergency("cannot get kernel security level: %m");
592 * Set the security level of the kernel.
595 setsecuritylevel(int newlevel
)
597 #ifdef KERN_SECURELVL
598 int name
[2], curlevel
;
600 if (!securelevel_present
)
603 curlevel
= getsecuritylevel();
604 if (newlevel
== curlevel
)
607 name
[1] = KERN_SECURELVL
;
608 if (sysctl(name
, 2, NULL
, NULL
, &newlevel
, sizeof newlevel
) == -1) {
609 emergency("cannot change kernel security level from"
610 " %d to %d: %m", curlevel
, newlevel
);
614 warning("kernel security level changed from %d to %d",
621 * Change states in the finite state machine.
622 * The initial state is passed as an argument.
625 transition(state_t s
)
632 #ifndef LETS_GET_SMALL
633 utmpx_set_runlevel(get_runlevel(current_state
),
642 #ifndef LETS_GET_SMALL
644 * Close out the accounting files for a login session.
645 * NB: should send a message to the session logger to avoid blocking.
648 clear_session_logs(session_t
*sp
, int status
)
650 #if defined(SUPPORT_UTMP) || defined(SUPPORT_UTMPX)
651 char *line
= sp
->se_device
+ sizeof(_PATH_DEV
) - 1;
655 if (logoutx(line
, status
, DEAD_PROCESS
))
656 logwtmpx(line
, "", "", status
, DEAD_PROCESS
);
660 logwtmp(line
, "", "");
666 * Start a session and allocate a controlling terminal.
667 * Only called by children of init after forking.
670 setctty(const char *name
)
674 #if !defined(__minix)
678 warn("child setsid() failed");
679 #endif /* !defined(__minix) */
680 (void)nanosleep(&dtrtime
, NULL
); /* leave DTR low for a bit */
681 if ((fd
= open(name
, O_RDWR
)) == -1) {
682 stall("can't open %s: %m", name
);
685 if (login_tty(fd
) == -1) {
686 stall("can't get %s for controlling terminal: %m", name
);
692 * Bring the system up single user.
699 int from_securitylevel
;
701 struct sigaction sa
, satstp
, sahup
;
703 const char *shell
= INIT_BSHELL
;
709 char *clear
, *password
;
713 #endif /* ALTSHELL */
715 #if !defined(LETS_GET_SMALL) && defined(CHROOT)
716 /* Clear previous idea, just in case. */
717 did_multiuser_chroot
= 0;
718 #endif /* !LETS_GET_SMALL && CHROOT */
721 * If the kernel is in secure mode, downgrade it to insecure mode.
723 from_securitylevel
= getsecuritylevel();
724 if (from_securitylevel
> 0)
727 (void)sigemptyset(&sa
.sa_mask
);
729 sa
.sa_handler
= SIG_IGN
;
730 (void)sigaction(SIGTSTP
, &sa
, &satstp
);
731 (void)sigaction(SIGHUP
, &sa
, &sahup
);
732 if ((pid
= fork()) == 0) {
734 * Start the single user session.
736 if (access(_PATH_CONSTTY
, F_OK
) == 0)
737 setctty(_PATH_CONSTTY
);
739 setctty(_PATH_CONSOLE
);
743 * Check the root password.
744 * We don't care if the console is 'on' by default;
745 * it's the only tty that can be 'off' and 'secure'.
747 typ
= getttynam("console");
748 pp
= getpwnam("root");
749 if (typ
&& (from_securitylevel
>=2 || (typ
->ty_status
750 & TTY_SECURE
) == 0) && pp
&& *pp
->pw_passwd
!= '\0') {
751 (void)fprintf(stderr
,
752 "Enter root password, or ^D to go multi-user\n");
754 clear
= getpass("Password:");
755 if (clear
== 0 || *clear
== '\0')
757 password
= crypt(clear
, pp
->pw_passwd
);
758 (void)memset(clear
, 0, _PASSWORD_LEN
);
759 if (strcmp(password
, pp
->pw_passwd
) == 0)
761 warning("single-user login failed");
769 (void)fprintf(stderr
,
770 "Enter pathname of shell or RETURN for %s: ", shell
);
771 if (fgets(altshell
, sizeof(altshell
), stdin
) == NULL
) {
777 if ((p
= strchr(altshell
, '\n')) != NULL
)
783 #endif /* ALTSHELL */
787 * We catch all the interesting ones,
788 * and those are reset to SIG_DFL on exec.
790 (void)sigemptyset(&mask
);
791 (void)sigprocmask(SIG_SETMASK
, &mask
, NULL
);
795 * If the default one doesn't work, try the Bourne shell.
799 (void)setenv("PATH", INIT_PATH
, 1);
803 (void)execv(shell
, __UNCONST(argv
));
804 emergency("can't exec `%s' for single user: %m", shell
);
806 #endif /* ALTSHELL */
807 (void)execv(INIT_BSHELL
, __UNCONST(argv
));
808 emergency("can't exec `%s' for single user: %m", INIT_BSHELL
);
809 (void)sleep(STALL_TIMEOUT
);
815 * We are seriously hosed. Do our best.
817 emergency("can't fork single-user shell: %m, trying again");
818 while (waitpid(-1, NULL
, WNOHANG
) > 0)
820 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
821 (void)sigaction(SIGHUP
, &sahup
, NULL
);
822 return (state_func_t
)single_user
;
825 requested_transition
= 0;
827 if ((wpid
= waitpid(-1, &status
, WUNTRACED
)) != -1)
828 collect_child(wpid
, status
);
832 warning("wait for single-user shell failed: %m; "
834 return (state_func_t
)single_user
;
836 if (wpid
== pid
&& WIFSTOPPED(status
)) {
837 warning("shell stopped, restarting");
838 (void)kill(pid
, SIGCONT
);
841 } while (wpid
!= pid
&& !requested_transition
);
843 if (requested_transition
) {
844 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
845 (void)sigaction(SIGHUP
, &sahup
, NULL
);
846 return (state_func_t
)requested_transition
;
849 if (WIFSIGNALED(status
)) {
850 if (WTERMSIG(status
) == SIGKILL
) {
851 /* executed /sbin/reboot; wait for the end quietly */
854 (void)sigfillset(&s
);
856 (void)sigsuspend(&s
);
858 warning("single user shell terminated (%x), restarting",
860 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
861 (void)sigaction(SIGHUP
, &sahup
, NULL
);
862 return (state_func_t
)single_user
;
866 runcom_mode
= FASTBOOT
;
867 (void)sigaction(SIGTSTP
, &satstp
, NULL
);
868 (void)sigaction(SIGHUP
, &sahup
, NULL
);
869 #ifndef LETS_GET_SMALL
870 return (state_func_t
)runcom
;
871 #else /* LETS_GET_SMALL */
872 return (state_func_t
)single_user
;
873 #endif /* LETS_GET_SMALL */
876 #ifndef LETS_GET_SMALL
880 runetcrc(int trychroot
)
887 switch ((pid
= fork())) {
889 (void)sigemptyset(&sa
.sa_mask
);
891 sa
.sa_handler
= SIG_IGN
;
892 (void)sigaction(SIGTSTP
, &sa
, NULL
);
893 (void)sigaction(SIGHUP
, &sa
, NULL
);
895 setctty(_PATH_CONSOLE
);
898 argv
[1] = _PATH_RUNCOM
;
899 argv
[2] = (runcom_mode
== AUTOBOOT
? "autoboot" : 0);
902 (void)sigprocmask(SIG_SETMASK
, &sa
.sa_mask
, NULL
);
906 if (chroot(rootdir
) != 0) {
907 warning("failed to chroot to `%s': %m",
909 _exit(4); /* force single user mode */
913 (void)execv(INIT_BSHELL
, __UNCONST(argv
));
914 stall("can't exec `%s' for `%s': %m", INIT_BSHELL
, _PATH_RUNCOM
);
915 _exit(5); /* force single user mode */
918 emergency("can't fork for `%s' on `%s': %m", INIT_BSHELL
,
920 while (waitpid(-1, NULL
, WNOHANG
) > 0)
922 (void)sleep(STALL_TIMEOUT
);
923 return (state_func_t
)single_user
;
929 * Copied from single_user(). This is a bit paranoid.
932 if ((wpid
= waitpid(-1, &status
, WUNTRACED
)) != -1)
933 collect_child(wpid
, status
);
937 warning("wait for `%s' on `%s' failed: %m; going to "
938 "single user mode", INIT_BSHELL
, _PATH_RUNCOM
);
939 return (state_func_t
)single_user
;
941 if (wpid
== pid
&& WIFSTOPPED(status
)) {
942 warning("`%s' on `%s' stopped, restarting",
943 INIT_BSHELL
, _PATH_RUNCOM
);
944 (void)kill(pid
, SIGCONT
);
947 } while (wpid
!= pid
);
949 if (WIFSIGNALED(status
) && WTERMSIG(status
) == SIGTERM
&&
950 requested_transition
== catatonia
) {
951 /* /etc/rc executed /sbin/reboot; wait for the end quietly */
954 (void)sigfillset(&s
);
956 (void)sigsuspend(&s
);
959 if (!WIFEXITED(status
)) {
960 warning("`%s' on `%s' terminated abnormally, going to "
961 "single user mode", INIT_BSHELL
, _PATH_RUNCOM
);
962 return (state_func_t
)single_user
;
965 if (WEXITSTATUS(status
))
966 return (state_func_t
)single_user
;
968 return (state_func_t
)read_ttys
;
972 * Run the system startup script.
977 state_func_t next_step
;
979 /* Run /etc/rc and choose next state depending on the result. */
980 next_step
= runetcrc(0);
981 if (next_step
!= (state_func_t
)read_ttys
)
982 return (state_func_t
)next_step
;
986 * If init.root sysctl does not point to "/", we'll chroot and run
987 * The Real(tm) /etc/rc now. Global variable rootdir will tell us
990 if (shouldchroot()) {
991 next_step
= runetcrc(1);
992 if (next_step
!= (state_func_t
)read_ttys
)
993 return (state_func_t
)next_step
;
995 did_multiuser_chroot
= 1;
997 did_multiuser_chroot
= 0;
1002 * Regardless of whether in chroot or not, we booted successfuly.
1003 * It's time to spawn gettys (ie. next_step's value at this point).
1005 runcom_mode
= AUTOBOOT
; /* the default */
1006 /* NB: should send a message to the session logger to avoid blocking. */
1007 #ifdef SUPPORT_UTMPX
1008 logwtmpx("~", "reboot", "", 0, INIT_PROCESS
);
1011 logwtmp("~", "reboot", "");
1013 return (state_func_t
)read_ttys
;
1017 * Open the session database.
1019 * NB: We could pass in the size here; is it necessary?
1022 start_session_db(void)
1025 if (session_db
&& (*session_db
->close
)(session_db
))
1026 emergency("session database close: %m");
1027 if ((session_db
= dbopen(NULL
, O_RDWR
, 0, DB_HASH
, NULL
)) == 0) {
1028 emergency("session database open: %m");
1036 * Add a new login session.
1039 add_session(session_t
*sp
)
1044 if (session_db
== NULL
)
1047 key
.data
= &sp
->se_process
;
1048 key
.size
= sizeof sp
->se_process
;
1050 data
.size
= sizeof sp
;
1052 if ((*session_db
->put
)(session_db
, &key
, &data
, 0))
1053 emergency("insert %d: %m", sp
->se_process
);
1054 #ifdef SUPPORT_UTMPX
1055 session_utmpx(sp
, 1);
1060 * Delete an old login session.
1063 del_session(session_t
*sp
)
1067 key
.data
= &sp
->se_process
;
1068 key
.size
= sizeof sp
->se_process
;
1070 if ((*session_db
->del
)(session_db
, &key
, 0))
1071 emergency("delete %d: %m", sp
->se_process
);
1072 #ifdef SUPPORT_UTMPX
1073 session_utmpx(sp
, 0);
1078 * Look up a login session by pid.
1081 find_session(pid_t pid
)
1087 if (session_db
== NULL
)
1091 key
.size
= sizeof pid
;
1092 if ((*session_db
->get
)(session_db
, &key
, &data
, 0) != 0)
1094 (void)memmove(&ret
, data
.data
, sizeof(ret
));
1099 * Construct an argument vector from a command line.
1102 construct_argv(char *command
)
1105 char **argv
= malloc(((strlen(command
) + 1) / 2 + 1) * sizeof (char *));
1106 static const char separators
[] = " \t";
1111 if ((argv
[argc
++] = strtok(command
, separators
)) == 0) {
1115 while ((argv
[argc
++] = strtok(NULL
, separators
)) != NULL
)
1121 * Deallocate a session descriptor.
1124 free_session(session_t
*sp
)
1127 free(sp
->se_device
);
1130 free(sp
->se_getty_argv
);
1132 if (sp
->se_window
) {
1133 free(sp
->se_window
);
1134 free(sp
->se_window_argv
);
1140 * Allocate a new session descriptor.
1143 new_session(session_t
*sprev
, int session_index
, struct ttyent
*typ
)
1147 if ((typ
->ty_status
& TTY_ON
) == 0 || typ
->ty_name
== NULL
||
1148 typ
->ty_getty
== NULL
)
1151 sp
= malloc(sizeof (session_t
));
1154 (void)memset(sp
, 0, sizeof *sp
);
1156 sp
->se_flags
= SE_PRESENT
;
1157 sp
->se_index
= session_index
;
1159 (void)asprintf(&sp
->se_device
, "%s%s", _PATH_DEV
, typ
->ty_name
);
1160 if (!sp
->se_device
) {
1165 if (setupargv(sp
, typ
) == 0) {
1171 if (sprev
== NULL
) {
1175 sprev
->se_next
= sp
;
1176 sp
->se_prev
= sprev
;
1183 * Calculate getty and if useful window argv vectors.
1186 setupargv(session_t
*sp
, struct ttyent
*typ
)
1191 free(sp
->se_getty_argv
);
1193 (void)asprintf(&sp
->se_getty
, "%s %s", typ
->ty_getty
, typ
->ty_name
);
1196 sp
->se_getty_argv
= construct_argv(sp
->se_getty
);
1197 if (sp
->se_getty_argv
== NULL
) {
1198 warning("can't parse getty for port `%s'", sp
->se_device
);
1200 sp
->se_getty
= NULL
;
1203 if (typ
->ty_window
) {
1205 free(sp
->se_window
);
1206 sp
->se_window
= strdup(typ
->ty_window
);
1207 sp
->se_window_argv
= construct_argv(sp
->se_window
);
1208 if (sp
->se_window_argv
== NULL
) {
1209 warning("can't parse window for port `%s'",
1211 free(sp
->se_window
);
1212 sp
->se_window
= NULL
;
1220 * Walk the list of ttys and create sessions for each active line.
1225 int session_index
= 0;
1226 session_t
*sp
, *snext
;
1229 #ifdef SUPPORT_UTMPX
1230 if (sessions
== NULL
) {
1233 make_utmpx("", BOOT_MSG
, BOOT_TIME
, 0, &boot_time
, 0);
1236 * If wtmpx is not empty, pick the down time from there
1238 if (stat(_PATH_WTMPX
, &st
) != -1 && st
.st_size
!= 0) {
1239 struct timeval down_time
;
1241 TIMESPEC_TO_TIMEVAL(&down_time
,
1242 st
.st_atime
> st
.st_mtime
?
1243 &st
.st_atimespec
: &st
.st_mtimespec
);
1244 make_utmpx("", DOWN_MSG
, DOWN_TIME
, 0, &down_time
, 0);
1249 * Destroy any previous session state.
1250 * There shouldn't be any, but just in case...
1252 for (sp
= sessions
; sp
; sp
= snext
) {
1253 #ifndef LETS_GET_SMALL
1255 clear_session_logs(sp
, 0);
1257 snext
= sp
->se_next
;
1262 if (start_session_db()) {
1263 warning("start_session_db failed, death");
1265 /* If /etc/rc ran in chroot, we want to kill any survivors. */
1266 if (did_multiuser_chroot
)
1267 return (state_func_t
)death
;
1270 return (state_func_t
)single_user
;
1273 (void)do_setttyent();
1276 * Allocate a session entry for each active port.
1277 * Note that sp starts at 0.
1279 while ((typ
= getttyent()) != NULL
)
1280 if ((snext
= new_session(sp
, ++session_index
, typ
)) != NULL
)
1284 return (state_func_t
)multi_user
;
1288 * Start a window system running.
1291 start_window_system(session_t
*sp
)
1296 if ((pid
= fork()) == -1) {
1297 emergency("can't fork for window system on port `%s': %m",
1299 /* hope that getty fails and we can try again */
1306 (void)sigemptyset(&mask
);
1307 (void)sigprocmask(SIG_SETMASK
, &mask
, NULL
);
1310 emergency("setsid failed (window): %m");
1312 (void)execv(sp
->se_window_argv
[0], sp
->se_window_argv
);
1313 stall("can't exec window system `%s' for port `%s': %m",
1314 sp
->se_window_argv
[0], sp
->se_device
);
1319 * Start a login session running.
1322 start_getty(session_t
*sp
)
1326 time_t current_time
= time(NULL
);
1329 * fork(), not vfork() -- we can't afford to block.
1331 if ((pid
= fork()) == -1) {
1332 emergency("can't fork for getty on port `%s': %m",
1341 /* If /etc/rc did proceed inside chroot, we have to try as well. */
1342 if (did_multiuser_chroot
)
1343 if (chroot(rootdir
) != 0) {
1344 stall("can't chroot getty `%s' inside `%s': %m",
1345 sp
->se_getty_argv
[0], rootdir
);
1350 if (current_time
> sp
->se_started
.tv_sec
&&
1351 current_time
- sp
->se_started
.tv_sec
< GETTY_SPACING
) {
1352 warning("getty repeating too quickly on port `%s', sleeping",
1354 (void)sleep(GETTY_SLEEP
);
1357 if (sp
->se_window
) {
1358 start_window_system(sp
);
1359 (void)sleep(WINDOW_WAIT
);
1362 (void)sigemptyset(&mask
);
1363 (void)sigprocmask(SIG_SETMASK
, &mask
, (sigset_t
*) 0);
1365 (void)execv(sp
->se_getty_argv
[0], sp
->se_getty_argv
);
1366 stall("can't exec getty `%s' for port `%s': %m",
1367 sp
->se_getty_argv
[0], sp
->se_device
);
1371 #ifdef SUPPORT_UTMPX
1373 session_utmpx(const session_t
*sp
, int add
)
1375 const char *name
= sp
->se_getty
? sp
->se_getty
:
1376 (sp
->se_window
? sp
->se_window
: "");
1377 const char *line
= sp
->se_device
+ sizeof(_PATH_DEV
) - 1;
1379 make_utmpx(name
, line
, add
? LOGIN_PROCESS
: DEAD_PROCESS
,
1380 sp
->se_process
, &sp
->se_started
, sp
->se_index
);
1384 make_utmpx(const char *name
, const char *line
, int type
, pid_t pid
,
1385 const struct timeval
*tv
, int session
)
1390 (void)memset(&ut
, 0, sizeof(ut
));
1391 (void)strlcpy(ut
.ut_name
, name
, sizeof(ut
.ut_name
));
1393 (void)strlcpy(ut
.ut_line
, line
, sizeof(ut
.ut_line
));
1398 (void)gettimeofday(&ut
.ut_tv
, NULL
);
1399 ut
.ut_session
= session
;
1401 eline
= line
+ strlen(line
);
1402 if ((size_t)(eline
- line
) >= sizeof(ut
.ut_id
))
1403 line
= eline
- sizeof(ut
.ut_id
);
1404 (void)strncpy(ut
.ut_id
, line
, sizeof(ut
.ut_id
));
1406 if (pututxline(&ut
) == NULL
)
1407 warning("can't add utmpx record for `%s': %m", ut
.ut_line
);
1412 get_runlevel(const state_t s
)
1414 if (s
== (state_t
)single_user
)
1416 if (s
== (state_t
)runcom
)
1418 if (s
== (state_t
)read_ttys
)
1420 if (s
== (state_t
)multi_user
)
1422 if (s
== (state_t
)clean_ttys
)
1424 if (s
== (state_t
)catatonia
)
1430 utmpx_set_runlevel(char old
, char new)
1435 * Don't record any transitions until we did the first transition
1436 * to read ttys, which is when we are guaranteed to have a read-write
1437 * /var. Perhaps use a different variable for this?
1439 if (sessions
== NULL
)
1442 (void)memset(&ut
, 0, sizeof(ut
));
1443 (void)snprintf(ut
.ut_line
, sizeof(ut
.ut_line
), RUNLVL_MSG
, new);
1444 ut
.ut_type
= RUN_LVL
;
1445 (void)gettimeofday(&ut
.ut_tv
, NULL
);
1446 ut
.ut_exit
.e_exit
= old
;
1447 ut
.ut_exit
.e_termination
= new;
1448 if (pututxline(&ut
) == NULL
)
1449 warning("can't add utmpx record for `runlevel': %m");
1452 #endif /* SUPPORT_UTMPX */
1454 #endif /* LETS_GET_SMALL */
1457 * Collect exit status for a child.
1458 * If an exiting login, start a new login running.
1461 collect_child(pid_t pid
, int status
)
1463 #ifndef LETS_GET_SMALL
1464 session_t
*sp
, *sprev
, *snext
;
1469 if ((sp
= find_session(pid
)) == NULL
)
1472 clear_session_logs(sp
, status
);
1476 if (sp
->se_flags
& SE_SHUTDOWN
) {
1477 if ((sprev
= sp
->se_prev
) != NULL
)
1478 sprev
->se_next
= sp
->se_next
;
1480 sessions
= sp
->se_next
;
1481 if ((snext
= sp
->se_next
) != NULL
)
1482 snext
->se_prev
= sp
->se_prev
;
1487 if ((pid
= start_getty(sp
)) == -1) {
1488 /* serious trouble */
1489 requested_transition
= clean_ttys
;
1493 sp
->se_process
= pid
;
1494 (void)gettimeofday(&sp
->se_started
, NULL
);
1496 #endif /* LETS_GET_SMALL */
1500 * Catch a signal and request a state transition.
1503 transition_handler(int sig
)
1507 #ifndef LETS_GET_SMALL
1509 requested_transition
= clean_ttys
;
1512 requested_transition
= death
;
1515 requested_transition
= catatonia
;
1517 #endif /* LETS_GET_SMALL */
1519 requested_transition
= 0;
1524 #ifndef LETS_GET_SMALL
1526 * Take the system multiuser.
1535 requested_transition
= 0;
1538 * If the administrator has not set the security level to -1
1539 * to indicate that the kernel should not run multiuser in secure
1540 * mode, and the run script has not set a higher level of security
1541 * than level 1, then put the kernel into secure mode.
1543 if (getsecuritylevel() == 0)
1544 setsecuritylevel(1);
1546 for (sp
= sessions
; sp
; sp
= sp
->se_next
) {
1549 if ((pid
= start_getty(sp
)) == -1) {
1550 /* serious trouble */
1551 requested_transition
= clean_ttys
;
1554 sp
->se_process
= pid
;
1555 (void)gettimeofday(&sp
->se_started
, NULL
);
1559 while (!requested_transition
)
1560 if ((pid
= waitpid(-1, &status
, 0)) != -1)
1561 collect_child(pid
, status
);
1563 return (state_func_t
)requested_transition
;
1567 * This is an n-squared algorithm. We hope it isn't run often...
1572 session_t
*sp
, *sprev
;
1574 int session_index
= 0;
1577 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1578 sp
->se_flags
&= ~SE_PRESENT
;
1580 (void)do_setttyent();
1582 devlen
= sizeof(_PATH_DEV
) - 1;
1583 while ((typ
= getttyent()) != NULL
) {
1586 for (sprev
= 0, sp
= sessions
; sp
; sprev
= sp
, sp
= sp
->se_next
)
1587 if (strcmp(typ
->ty_name
, sp
->se_device
+ devlen
) == 0)
1591 sp
->se_flags
|= SE_PRESENT
;
1592 if (sp
->se_index
!= session_index
) {
1593 warning("port `%s' changed utmp index from "
1594 "%d to %d", sp
->se_device
, sp
->se_index
,
1596 sp
->se_index
= session_index
;
1598 if ((typ
->ty_status
& TTY_ON
) == 0 ||
1599 typ
->ty_getty
== 0) {
1600 sp
->se_flags
|= SE_SHUTDOWN
;
1601 if (sp
->se_process
!= 0)
1602 (void)kill(sp
->se_process
, SIGHUP
);
1605 sp
->se_flags
&= ~SE_SHUTDOWN
;
1606 if (setupargv(sp
, typ
) == 0) {
1607 warning("can't parse getty for port `%s'",
1609 sp
->se_flags
|= SE_SHUTDOWN
;
1610 if (sp
->se_process
!= 0)
1611 (void)kill(sp
->se_process
, SIGHUP
);
1616 (void)new_session(sprev
, session_index
, typ
);
1621 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1622 if ((sp
->se_flags
& SE_PRESENT
) == 0) {
1623 sp
->se_flags
|= SE_SHUTDOWN
;
1624 if (sp
->se_process
!= 0)
1625 (void)kill(sp
->se_process
, SIGHUP
);
1628 return (state_func_t
)multi_user
;
1632 * Block further logins.
1639 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1640 sp
->se_flags
|= SE_SHUTDOWN
;
1642 return (state_func_t
)multi_user
;
1644 #endif /* LETS_GET_SMALL */
1651 alrm_handler(int sig
)
1657 #ifndef LETS_GET_SMALL
1659 * Bring the system down to single user.
1667 static const int death_sigs
[3] = { SIGHUP
, SIGTERM
, SIGKILL
};
1669 for (sp
= sessions
; sp
; sp
= sp
->se_next
)
1670 sp
->se_flags
|= SE_SHUTDOWN
;
1672 /* NB: should send a message to the session logger to avoid blocking. */
1673 #ifdef SUPPORT_UTMPX
1674 logwtmpx("~", "shutdown", "", 0, INIT_PROCESS
);
1677 logwtmp("~", "shutdown", "");
1680 for (i
= 0; i
< 3; ++i
) {
1681 if (kill(-1, death_sigs
[i
]) == -1 && errno
== ESRCH
)
1682 return (state_func_t
)single_user
;
1685 (void)alarm(DEATH_WATCH
);
1687 if ((pid
= waitpid(-1, &status
, 0)) != -1)
1688 collect_child(pid
, status
);
1689 while (clang
== 0 && errno
!= ECHILD
);
1691 if (errno
== ECHILD
)
1692 return (state_func_t
)single_user
;
1695 warning("some processes would not die; ps axl advised");
1697 return (state_func_t
)single_user
;
1699 #endif /* LETS_GET_SMALL */
1701 #ifdef MFS_DEV_IF_NO_CONSOLE
1707 * We cannot print errors so we bail out silently...
1712 /* If we have /dev/console, assume all is OK */
1713 if (access(_PATH_CONSOLE
, F_OK
) == 0)
1716 #if 0 /* Useful for testing MAKEDEV */
1717 /* Mount an mfs over /mnt so we can create a console entry */
1718 switch ((pid
= fork())) {
1720 (void)execl(INIT_MOUNT_MFS
, "mount_mfs",
1721 "-b", "4096", "-f", "512",
1724 "swap", "/mnt", NULL
);
1732 if (waitpid(pid
, &status
, 0) == -1)
1742 static int name
[2] = { CTL_MACHDEP
, CPU_CONSDEV
};
1745 if (sysctl(name
, sizeof(name
) / sizeof(name
[0]), &dev
, &olen
,
1748 dev
= makedev(0, 0);
1750 /* Make a console for us, so we can see things happening */
1751 if (mknod("/mnt/console", 0666 | S_IFCHR
, dev
) == -1)
1753 (void)freopen("/mnt/console", "a", stderr
);
1758 /* Run the makedev script to create devices */
1759 switch ((pid
= fork())) {
1761 (void)dup2(2, 1); /* Give the script stdout */
1762 if (chdir("/dev") == 0)
1763 (void)execl(INIT_BSHELL
, "sh",
1764 access("./MAKEDEV", X_OK
) == 0
1765 ? "./MAKEDEV" : "/etc/MAKEDEV",
1766 "-MM", "init", NULL
);
1774 if (waitpid(pid
, &status
, 0) == -1)
1777 warn("MAKEDEV exit status %d", status
);
1779 * If /dev/console got created, then return 0
1780 * regardless of MAKEDEV exit status.
1782 if (access(_PATH_CONSOLE
, F_OK
) == 0)
1786 warn("Unable to run MAKEDEV");
1791 #ifndef LETS_GET_SMALL
1797 if (did_multiuser_chroot
) {
1798 char path
[PATH_MAX
];
1800 (void)snprintf(path
, sizeof(path
), "%s/%s", rootdir
, _PATH_TTYS
);
1802 return setttyentpath(path
);
1809 #if !defined(LETS_GET_SMALL) && defined(CHROOT)
1812 createsysctlnode(void)
1814 struct sysctlnode node
;
1819 * Create top-level dynamic sysctl node. Its child nodes will only
1820 * be readable by the superuser, since regular mortals should not
1821 * care ("Sssh, it's a secret!").
1823 len
= sizeof(struct sysctlnode
);
1824 mib
[0] = CTL_CREATE
;
1826 (void)memset(&node
, 0, len
);
1827 node
.sysctl_flags
= SYSCTL_VERSION
| CTLFLAG_READWRITE
|
1828 CTLFLAG_PRIVATE
| CTLTYPE_NODE
;
1829 node
.sysctl_num
= CTL_CREATE
;
1830 (void)snprintf(node
.sysctl_name
, SYSCTL_NAMELEN
, "init");
1831 if (sysctl(&mib
[0], 1, &node
, &len
, &node
, len
) == -1) {
1832 warning("could not create init node: %m");
1837 * Create second level dynamic node capable of holding pathname.
1838 * Provide "/" as the default value.
1840 len
= sizeof(struct sysctlnode
);
1841 mib
[0] = node
.sysctl_num
;
1842 mib
[1] = CTL_CREATE
;
1844 (void)memset(&node
, 0, len
);
1845 node
.sysctl_flags
= SYSCTL_VERSION
| CTLFLAG_READWRITE
|
1846 CTLTYPE_STRING
| CTLFLAG_OWNDATA
;
1847 node
.sysctl_size
= _POSIX_PATH_MAX
;
1848 node
.sysctl_data
= __UNCONST("/");
1849 node
.sysctl_num
= CTL_CREATE
;
1850 (void)snprintf(node
.sysctl_name
, SYSCTL_NAMELEN
, "root");
1851 if (sysctl(&mib
[0], 2, NULL
, NULL
, &node
, len
) == -1) {
1852 warning("could not create init.root node: %m");
1862 struct sysctlnode node
;
1866 len
= sizeof(struct sysctlnode
);
1868 if (sysctlbyname("init.root", rootdir
, &len
, NULL
, 0) == -1) {
1869 warning("could not read init.root: %m");
1871 /* Child killed our node. Recreate it. */
1872 if (errno
== ENOENT
) {
1873 /* Destroy whatever is left, recreate from scratch. */
1874 if (sysctlnametomib("init", &mib
, &cnt
) != -1) {
1875 (void)memset(&node
, 0, sizeof(node
));
1876 node
.sysctl_flags
= SYSCTL_VERSION
;
1877 node
.sysctl_num
= mib
;
1880 (void)sysctl(&mib
, 1, NULL
, NULL
, &node
,
1884 (void)createsysctlnode();
1887 /* We certainly won't chroot. */
1891 if (rootdir
[len
] != '\0' || strlen(rootdir
) != len
- 1) {
1892 warning("init.root is not a string");
1896 if (strcmp(rootdir
, "/") == 0)
1902 #endif /* !LETS_GET_SMALL && CHROOT */