1.\" $NetBSD: init.8,v 1.57 2009/05/18 14:17:31 wiz Exp $ 2.\" 3.\" Copyright (c) 1980, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" This code is derived from software contributed to Berkeley by 7.\" Donn Seeley at Berkeley Software Design, Inc. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. Neither the name of the University nor the names of its contributors 18.\" may be used to endorse or promote products derived from this software 19.\" without specific prior written permission. 20.\" 21.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31.\" SUCH DAMAGE. 32.\" 33.\" @(#)init.8 8.6 (Berkeley) 5/26/95 34.\" 35.Dd November 10, 2008 36.Dt INIT 8 37.Os 38.Sh NAME 39.Nm init 40.Nd process control initialization 41.Sh SYNOPSIS 42.Nm 43.Sh DESCRIPTION 44The 45.Nm 46program is the last stage of the boot process (after the kernel loads 47and initializes all the devices). 48It normally begins multi-user operation. 49.Pp 50The following table describes the state machine used by 51.Nm : 52.Bl -enum 53.It 54Single user shell. 55.Nm 56may be passed 57.Fl s 58from the boot program to prevent the system from going multi-user and 59to instead execute a single user shell without starting the normal 60daemons. 61If the kernel is in a secure mode, 62.Nm 63will downgrade it to securelevel 0 (insecure mode). 64The system is then quiescent for maintenance work and may 65later be made to go to state 2 (multi-user) by exiting the single-user 66shell (with ^D). 67.It 68Multi-user boot (default operation). 69Executes 70.Pa /etc/rc 71(see 72.Xr rc 8 ) . 73If this was the first state entered (as opposed to entering here after 74state 1), then 75.Pa /etc/rc 76will be invoked with its first argument being 77.Sq autoboot . 78If 79.Pa /etc/rc 80exits with a non-zero (error) exit code, commence single user 81operation by giving the super-user a shell on the console by going 82to state 1 (single user). 83Otherwise, proceed to state 3. 84.Pp 85If value of the 86.Dq init.root 87sysctl node is not equal to 88.Pa / 89at this point, the 90.Pa /etc/rc 91process will be run inside a 92.Xr chroot 2 93indicated by sysctl with the same error handling as above. 94.Pp 95If the administrator has not set the security level to \-1 96to indicate that the kernel should not run multiuser in secure 97mode, and the 98.Pa /etc/rc 99script has not set a higher level of security 100than level 1, then 101.Nm 102will put the kernel into securelevel mode 1. 103See 104.Xr rc.conf 5 105and 106.Xr secmodel_securelevel 9 107for more information. 108.It 109Set up ttys as specified in 110.Xr ttys 5 . 111See below for more information. 112On completion, continue to state 4. 113If we did chroot in state 2, each 114.Xr getty 8 115process will be run in the same 116.Xr chroot 2 117path as in 2 (that is, the value of 118.Dq init.root 119sysctl is not re-read). 120.It 121Multi-user operation. 122Depending upon the signal received, change state appropriately; 123on 124.Dv SIGTERM , 125go to state 7; 126on 127.Dv SIGHUP , 128go to state 5; 129on 130.Dv SIGTSTP , 131go to state 6. 132.It 133Clean-up mode; re-read 134.Xr ttys 5 , 135killing off the controlling processes on lines that are now 136.Sq off , 137and starting processes that are newly 138.Sq on . 139On completion, go to state 4. 140.It 141.Sq Boring 142mode; no new sessions. 143Signals as per state 4. 144.It 145Shutdown mode. 146Send 147.Dv SIGHUP 148to all controlling processes, reap the processes for 30 seconds, 149and then go to state 1 (single user); warning if not all the processes died. 150.El 151.Pp 152If the 153.Sq console 154entry in the 155.Xr ttys 5 156file is marked 157.Dq insecure , 158then 159.Nm 160will require that the superuser password be 161entered before the system will start a single-user shell. 162The password check is skipped if the 163.Sq console 164is marked as 165.Dq secure . 166.Pp 167It should be noted that while 168.Nm 169has the ability to start multi-user operation inside a 170.Xr chroot 2 171environment, the 172.Nm 173process itself will always run in the 174.Dq original root directory . 175This also implies that single-user mode is always started in the original 176root, giving the possibility to create multi-user sessions in different 177root directories over time. 178The 179.Dq init.root 180sysctl node is fabricated by 181.Nm 182at startup and re-created any time it's found to be missing. 183Type of the node is string capable of holding full pathname, and 184is only accessible by the superuser (unless explicitly destroyed 185and re-created with different specification). 186.Pp 187In multi-user operation, 188.Nm 189maintains 190processes for the terminal ports found in the file 191.Xr ttys 5 . 192.Nm 193reads this file, and executes the command found in the second field. 194This command is usually 195.Xr getty 8 ; 196it opens and initializes the tty line and executes the 197.Xr login 1 198program. 199The 200.Xr login 1 201program, when a valid user logs in, executes a shell for that user. 202When this shell dies, either because the user logged out or an 203abnormal termination occurred (a signal), the 204.Nm 205program wakes up, deletes the user from the 206.Xr utmp 5 207and 208.Xr utmpx 5 209files of current users and records the logout in the 210.Xr wtmp 5 211and 212.Xr wtmpx 5 213files. 214The cycle is 215then restarted by 216.Nm 217executing a new 218.Xr getty 8 219for the line. 220.Pp 221Line status (on, off, secure, getty, or window information) 222may be changed in the 223.Xr ttys 5 224file without a reboot by sending the signal 225.Dv SIGHUP 226to 227.Nm 228with the command 229.Dq Li "kill \-s HUP 1" . 230This is referenced in the table above as state 5. 231On receipt of this signal, 232.Nm 233re-reads the 234.Xr ttys 5 235file. 236When a line is turned off in 237.Xr ttys 5 , 238.Nm 239will send a 240.Dv SIGHUP 241signal to the controlling process 242for the session associated with the line. 243For any lines that were previously turned off in the 244.Xr ttys 5 245file and are now on, 246.Nm 247executes a new 248.Xr getty 8 249to enable a new login. 250If the getty or window field for a line is changed, 251the change takes effect at the end of the current 252login session (e.g., the next time 253.Nm 254starts a process on the line). 255If a line is commented out or deleted from 256.Xr ttys 5 , 257.Nm 258will not do anything at all to that line. 259However, it will complain that the relationship between lines 260in the 261.Xr ttys 5 262file and records in the 263.Xr utmp 5 264file is out of sync, 265so this practice is not recommended. 266.Pp 267.Nm 268will terminate multi-user operations and resume single-user mode 269if sent a terminate 270.Pq Dv TERM 271signal, for example, 272.Dq Li "kill \-s TERM 1" . 273If there are processes outstanding that are deadlocked (because of 274hardware or software failure), 275.Nm 276will not wait for them all to die (which might take forever), but 277will time out after 30 seconds and print a warning message. 278.Pp 279.Nm 280will cease creating new 281.Xr getty 8 Ns 's 282and allow the system to slowly die away, if it is sent a terminal stop 283.Pq Dv TSTP 284signal, i.e. 285.Dq Li "kill \-s TSTP 1" . 286A later hangup will resume full 287multi-user operations, or a terminate will start a single user shell. 288This hook is used by 289.Xr reboot 8 290and 291.Xr halt 8 . 292.Pp 293The role of 294.Nm 295is so critical that if it dies, the system will reboot itself 296automatically. 297If, at bootstrap time, the 298.Nm 299process cannot be located, or exits during its initialisation, 300the system will panic with the message 301.Dq panic: init died (signal %d, exit %d) . 302.Pp 303If 304.Pa /dev/console 305does not exist, 306.Nm 307will cd to 308.Pa /dev 309and run 310.Dq Li "MAKEDEV -MM init" . 311.Xr MAKEDEV 8 312will use 313.Xr mount_tmpfs 8 314or 315.Xr mount_mfs 8 316to create a memory file system mounted over 317.Pa /dev 318that contains the standard devices considered necessary to boot the system. 319.Sh FILES 320.Bl -tag -width /var/log/wtmp{,x} -compact 321.It Pa /dev/console 322System console device. 323.It Pa /dev/tty* 324Terminal ports found in 325.Xr ttys 5 . 326.It Pa /var/run/utmp{,x} 327Record of current users on the system. 328.It Pa /var/log/wtmp{,x} 329Record of all logins and logouts. 330.It Pa /etc/ttys 331The terminal initialization information file. 332.It Pa /etc/rc 333System startup commands. 334.El 335.Sh DIAGNOSTICS 336.Bl -diag 337.It "getty repeating too quickly on port %s, sleeping" 338A process being started to service a line is exiting quickly 339each time it is started. 340This is often caused by a ringing or noisy terminal line. 341.Em "Init will sleep for 10 seconds" , 342.Em "then continue trying to start the process" . 343.Pp 344.It "some processes would not die; ps axl advised." 345A process is hung and could not be killed when the system was 346shutting down. 347This condition is usually caused by a process that is stuck in a 348device driver because of a persistent device error condition. 349.El 350.Sh SEE ALSO 351.Xr config 1 , 352.Xr kill 1 , 353.Xr login 1 , 354.Xr sh 1 , 355.Xr options 4 , 356.Xr ttys 5 , 357.Xr getty 8 , 358.Xr halt 8 , 359.Xr MAKEDEV 8 , 360.Xr MAKEDEV.local 8 , 361.Xr mount_mfs 8 , 362.Xr mount_tmpfs 8 , 363.Xr rc 8 , 364.Xr reboot 8 , 365.Xr rescue 8 , 366.Xr shutdown 8 , 367.Xr sysctl 8 , 368.Xr secmodel_bsd44 9 , 369.Xr secmodel_securelevel 9 370.Sh HISTORY 371A 372.Nm 373command appeared in 374.At v6 . 375