1*ff3da558Sitojun# $OpenBSD: rc,v 1.258 2004/10/22 00:59:09 itojun Exp $ 2df930be7Sderaadt 3df930be7Sderaadt# System startup script run by init on autoboot 4df930be7Sderaadt# or after single-user. 5df930be7Sderaadt# Output and error are redirected to console by init, 6df930be7Sderaadt# and the console is the controlling terminal. 7df930be7Sderaadt 85420764bSmillert# Subroutines (have to come first). 95420764bSmillert 105420764bSmillert# Strip comments (and leading/trailing whitespace if IFS is set) 115420764bSmillert# from a file and spew to stdout 125420764bSmillertstripcom() { 135420764bSmillert local _file="$1" 145420764bSmillert local _line 155420764bSmillert 165420764bSmillert { 175420764bSmillert while read _line ; do 185420764bSmillert _line=${_line%%#*} # strip comments 195420764bSmillert test -z "$_line" && continue 205420764bSmillert echo $_line 215420764bSmillert done 225420764bSmillert } < $_file 235420764bSmillert} 245420764bSmillert 255420764bSmillert# End subroutines 265420764bSmillert 27df930be7Sderaadtstty status '^T' 28df930be7Sderaadt 29df930be7Sderaadt# Set shell to ignore SIGINT (2), but not children; 30df930be7Sderaadt# shell catches SIGQUIT (3) and returns to single user after fsck. 31df930be7Sderaadttrap : 2 32df930be7Sderaadttrap : 3 # shouldn't be needed 33df930be7Sderaadt 34df930be7SderaadtHOME=/; export HOME 35df930be7SderaadtPATH=/sbin:/bin:/usr/sbin:/usr/bin 36df930be7Sderaadtexport PATH 37df930be7Sderaadt 3875a54d2eSderaadtif [ $1x = shutdownx ]; then 3975a54d2eSderaadt dd if=/dev/urandom of=/var/db/host.random bs=1024 count=64 >/dev/null 2>&1 4075a54d2eSderaadt chmod 600 /var/db/host.random >/dev/null 2>&1 4175a54d2eSderaadt if [ $? -eq 0 -a -f /etc/rc.shutdown ]; then 4275a54d2eSderaadt echo /etc/rc.shutdown in progress... 4375a54d2eSderaadt . /etc/rc.shutdown 4475a54d2eSderaadt echo /etc/rc.shutdown complete. 459e07bef9Smcbride 469e07bef9Smcbride # bring carp interfaces down gracefully 479e07bef9Smcbride for hn in /etc/hostname.carp[0-9]*; do 489e07bef9Smcbride # Strip off /etc/hostname. prefix 499e07bef9Smcbride if=${hn#/etc/hostname.} 509efb36b9Scedric test "$if" = "carp[0-9]*" && continue 519e07bef9Smcbride 521f22cd84Sderaadt ifconfig $if > /dev/null 2>&1 531f22cd84Sderaadt if [ "$?" != "0" ]; then 549e07bef9Smcbride ifconfig $if down 551f22cd84Sderaadt fi 569e07bef9Smcbride done 572ee46d13Smcbride 582ee46d13Smcbride if [ "X${powerdown}" = X"YES" ]; then 592ee46d13Smcbride exit 2 602ee46d13Smcbride fi 612ee46d13Smcbride 6275a54d2eSderaadt else 6375a54d2eSderaadt echo single user: not running /etc/rc.shutdown 6475a54d2eSderaadt fi 6575a54d2eSderaadt exit 0 6675a54d2eSderaadtfi 6775a54d2eSderaadt 68df930be7Sderaadt# Configure ccd devices. 698b7444a6Sderaadtif [ -f /etc/ccd.conf ]; then 70df930be7Sderaadt ccdconfig -C 71df930be7Sderaadtfi 72df930be7Sderaadt 73c5858a2aSjakob# Configure raid devices. 74c5858a2aSjakobfor dev in 0 1 2 3; do 75c5858a2aSjakob if [ -f /etc/raid$dev.conf ]; then 76c5858a2aSjakob raidctl -c /etc/raid$dev.conf raid$dev 77c5858a2aSjakob fi 78c5858a2aSjakobdone 79c5858a2aSjakob 805a87f599Stdeval# Check parity on raid devices. 814d6c2f1bSderaadtraidctl -P all 825a87f599Stdeval 83638be0f1Smiodswapctl -A -t blk 84920abb1bSderaadt 858b7444a6Sderaadtif [ -e /fastboot ]; then 86df930be7Sderaadt echo "Fast boot: skipping disk checks." 878b7444a6Sderaadtelif [ $1x = autobootx ]; then 88df930be7Sderaadt echo "Automatic boot in progress: starting file system checks." 89b39bbe87Smillert fsck -p 90df930be7Sderaadt case $? in 91df930be7Sderaadt 0) 92df930be7Sderaadt ;; 93df930be7Sderaadt 2) 94df930be7Sderaadt exit 1 95df930be7Sderaadt ;; 96df930be7Sderaadt 4) 97df930be7Sderaadt echo "Rebooting..." 98df930be7Sderaadt reboot 99df930be7Sderaadt echo "Reboot failed; help!" 100df930be7Sderaadt exit 1 101df930be7Sderaadt ;; 102df930be7Sderaadt 8) 103df930be7Sderaadt echo "Automatic file system check failed; help!" 104df930be7Sderaadt exit 1 105df930be7Sderaadt ;; 106df930be7Sderaadt 12) 107df930be7Sderaadt echo "Boot interrupted." 108df930be7Sderaadt exit 1 109df930be7Sderaadt ;; 110df930be7Sderaadt 130) 111df930be7Sderaadt # interrupt before catcher installed 112df930be7Sderaadt exit 1 113df930be7Sderaadt ;; 114df930be7Sderaadt *) 115df930be7Sderaadt echo "Unknown error; help!" 116df930be7Sderaadt exit 1 117df930be7Sderaadt ;; 118df930be7Sderaadt esac 119df930be7Sderaadtfi 120df930be7Sderaadt 121df930be7Sderaadttrap "echo 'Boot interrupted.'; exit 1" 3 122df930be7Sderaadt 123df930be7Sderaadtumount -a >/dev/null 2>&1 124df930be7Sderaadtmount -a -t nonfs 1254515901dSniklasmount -uw / # root on nfs requires this, others aren't hurt 126df930be7Sderaadtrm -f /fastboot # XXX (root now writeable) 127df930be7Sderaadt 128d3ae8907Sderaadt# pick up option configuration 129d3ae8907Sderaadt. /etc/rc.conf 130d3ae8907Sderaadt 131df930be7Sderaadt# set flags on ttys. (do early, in case they use tty for SLIP in netstart) 132df930be7Sderaadtecho 'setting tty flags' 133df930be7Sderaadtttyflags -a 134df930be7Sderaadt 13548390b59Smcbrideif [ -f /sbin/kbd -a -f /etc/kbdtype ]; then 13648390b59Smcbride kbd `cat /etc/kbdtype` 13748390b59Smcbridefi 13848390b59Smcbride 139f4029872Sderaadtif [ "X${pf}" != X"NO" ]; then 1407b24ca9eSmcbride RULES="block all" 1414dd40d42Shenning RULES="$RULES\npass on lo0" 1427637f7daSdhartmei RULES="$RULES\npass in proto tcp from any to any port 22 keep state" 143ae072502Scamield RULES="$RULES\npass out proto { tcp, udp } from any to any port 53 keep state" 1443dadfb84Scamield RULES="$RULES\npass out inet proto icmp all icmp-type echoreq keep state" 145e24e98b3Sgrange if ifconfig lo0 inet6 >/dev/null 2>&1; then 146*ff3da558Sitojun RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type neighbrsol" 147*ff3da558Sitojun RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type neighbradv" 14863c4fe5eSderaadt RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type routersol" 14963c4fe5eSderaadt RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type routeradv" 150e24e98b3Sgrange fi 1519e07bef9Smcbride RULES="$RULES\npass proto { pfsync, carp }" 1523dda96c1Sderaadt case `sysctl vfs.mounts.nfs 2>/dev/null` in 15318db1430Sderaadt *[1-9]*) 15418db1430Sderaadt # don't kill NFS 155086485f4Scedric RULES="scrub in all no-df\n$RULES" 15618db1430Sderaadt RULES="$RULES\npass in proto udp from any port { 111, 2049 } to any" 15718db1430Sderaadt RULES="$RULES\npass out proto udp from any to any port { 111, 2049 }" 15818db1430Sderaadt ;; 15918db1430Sderaadt esac 160616367a9Sdhartmei echo $RULES | pfctl -f - -e 1611097c023Skjellfi 1621097c023Skjell 163f753b29fSderaadtif [ -f /etc/sysctl.conf ]; then 164f753b29fSderaadt( 165f753b29fSderaadt # delete comments and blank lines 1665420764bSmillert set -- `stripcom /etc/sysctl.conf` 167f753b29fSderaadt while [ $# -ge 1 ] ; do 1686a337e36Sjmc sysctl $1 169c6fe6b90Smillert shift 170f753b29fSderaadt done 171f753b29fSderaadt) 172f753b29fSderaadtfi 173f753b29fSderaadt 174df930be7Sderaadt# set hostname, turn on network 175df930be7Sderaadtecho 'starting network' 176df930be7Sderaadt. /etc/netstart 177df930be7Sderaadt 178f4029872Sderaadtif [ "X${pf}" != X"NO" ]; then 1791097c023Skjell if [ -f ${pf_rules} ]; then 180616367a9Sdhartmei pfctl -f ${pf_rules} 1811097c023Skjell fi 1821097c023Skjellfi 1831097c023Skjell 184df930be7Sderaadtmount /usr >/dev/null 2>&1 185df930be7Sderaadtmount /var >/dev/null 2>&1 186df930be7Sderaadt 187f26db62bSderaadt# if there's no /var/db/host.random, make one through /dev/urandom 188f26db62bSderaadtif [ ! -f /var/db/host.random ]; then 189f26db62bSderaadt dd if=/dev/urandom of=/var/db/host.random bs=1024 count=64 \ 190f26db62bSderaadt >/dev/null 2>&1 191f26db62bSderaadt chmod 600 /var/db/host.random >/dev/null 2>&1 192f26db62bSderaadtelse 193f26db62bSderaadt dd if=/var/db/host.random of=/dev/urandom bs=1024 count=64 \ 194f26db62bSderaadt > /dev/null 2>&1 195f26db62bSderaadt dd if=/var/db/host.random of=/dev/arandom bs=1024 count=64 \ 196f26db62bSderaadt > /dev/null 2>&1 197f26db62bSderaadtfi 198f26db62bSderaadt 19974af54b4Sderaadt# reset seed file, so that if a shutdown-less reboot occurs, 20074af54b4Sderaadt# the next seed is not a repeat 20174af54b4Sderaadtdd if=/dev/urandom of=/var/db/host.random bs=1024 count=64 \ 20274af54b4Sderaadt > /dev/null 2>&1 20374af54b4Sderaadt 204f0550eb3Sderaadt# clean up left-over files 205f0550eb3Sderaadtrm -f /etc/nologin 206f0550eb3Sderaadtrm -f /var/spool/lock/LCK.* 207f0550eb3Sderaadtrm -f /var/spool/uucp/STST/* 2082402d49fShenning(cd /var/run && { rm -rf -- *; install -c -m 664 -g utmp /dev/null utmp; }) 20923d49488Sbeck(cd /var/authpf && rm -rf -- *) 21023d49488Sbeck 2116c0a0b4aSalex# save a copy of the boot messages 2126c0a0b4aSalexdmesg >/var/run/dmesg.boot 2136c0a0b4aSalex 2143ca632e7Sderaadtecho 'starting system logger' 2153ca632e7Sderaadtrm -f /dev/log 2167078508dSjakobif [ "X${named_flags}" != X"NO" ]; then 2177078508dSjakob rm -f /var/named/dev/log 2187078508dSjakob syslogd_flags="${syslogd_flags} -a /var/named/dev/log" 219b025dbf1Smillertfi 220f65d7fb6Smillertif [ -d /var/empty ]; then 221f65d7fb6Smillert rm -f /var/empty/dev/log 222f65d7fb6Smillert mkdir -p -m 0555 /var/empty/dev 223f65d7fb6Smillert syslogd_flags="${syslogd_flags} -a /var/empty/dev/log" 224f65d7fb6Smillertfi 2251dabce80Smarcsyslogd ${syslogd_flags} 2263ca632e7Sderaadt 227f4029872Sderaadtif [ X"${pf}" != X"NO" -a X"${pflogd_flags}" != X"NO" ]; then 22818db1430Sderaadt ifconfig pflog0 up 22918db1430Sderaadt pflogd ${pflogd_flags} 23018db1430Sderaadtfi 23118db1430Sderaadt 23266ccf3e0Stodd# $named_flags is imported from /etc/rc.conf; 233d8a0d55aSjakob# if $named_flags != NO, named is run. 234d8a0d55aSjakobif [ "X${named_flags}" != X"NO" ]; then 2350abe9ed7Sdanh if ! cmp -s /etc/rndc.key /var/named/etc/rndc.key ; then 2363a98a453Sjakob echo -n "rndc-confgen: generating new shared secret... " 2370abe9ed7Sdanh if /usr/sbin/rndc-confgen -a -t /var/named >/dev/null 2>&1; then 2380abe9ed7Sdanh chmod 0640 /var/named/etc/rndc.key >/dev/null 2>&1 2393a98a453Sjakob echo done. 2403a98a453Sjakob else 2413a98a453Sjakob echo failed. 2423a98a453Sjakob fi 2433a98a453Sjakob fi 2443a98a453Sjakob 2453ca632e7Sderaadt echo 'starting named'; named $named_flags 246759e03b2Sderaadtfi 247759e03b2Sderaadt 248096ed560Sderaadt# $isakmpd_flags is imported from /etc/rc.conf; 249763d5844Shshoexer# If $isakmpd_flags == NO, isakmpd isn't run. 250763d5844Shshoexerif [ "X${isakmpd_flags}" != X"NO" ]; then 251096ed560Sderaadt echo 'starting isakmpd'; isakmpd ${isakmpd_flags} 252096ed560Sderaadtfi 253096ed560Sderaadt 254df930be7Sderaadtecho -n 'starting rpc daemons:' 2558e74b1f0Smillert 256edae963cSderaadt# $portmap is imported from /etc/rc.conf; 2578e74b1f0Smillert# if $portmap == YES, the portmapper is started. 2588e74b1f0Smillertif [ X"${portmap}" = X"YES" ]; then 259df930be7Sderaadt echo -n ' portmap'; portmap 260423a3640Sderaadtfi 261df930be7Sderaadt 262408c7b16Sderaadtif [ -d /var/yp/binding -a X`domainname` != X ]; then 2632d5ee5bcSderaadt if [ -d /var/yp/`domainname` ]; then 264b25099beSderaadt # yp server capabilities needed... 265d6518a3fSniklas echo -n ' ypserv'; ypserv ${ypserv_flags} 266d52cd61fSderaadt #echo -n ' ypxfrd'; ypxfrd 2677f2d1b00Sderaadt fi 268b25099beSderaadt 2697f2d1b00Sderaadt echo -n ' ypbind'; ypbind 2707f2d1b00Sderaadt 271621a5fbaSderaadt if [ X"${yppasswdd_flags}" != X"NO" -a -d /var/yp/`domainname` ]; then 272b25099beSderaadt # if we are the master server, run rpc.yppasswdd 273b25099beSderaadt _host1=`ypwhich -m passwd 2> /dev/null` 274b25099beSderaadt _host2=`hostname` 275fd917f6eSderaadt if [ `grep '^lookup' /etc/resolv.conf | grep yp | wc -c` -ne 0 ]; then 276b25099beSderaadt _host1=`ypmatch $_host1 hosts | cut -d' ' -f2` 277b25099beSderaadt _host2=`ypmatch $_host2 hosts | cut -d' ' -f2 | head -1` 278b25099beSderaadt else 279b25099beSderaadt _host1=`nslookup $_host1 | grep '^Name: ' | \ 280b25099beSderaadt sed -e 's/^Name: //'` 281b25099beSderaadt _host2=`nslookup $_host2 | grep '^Name: ' | \ 282b25099beSderaadt sed -e 's/^Name: //'` 283b25099beSderaadt fi 284234efc0eSderaadt if [ "$_host2" = "$_host1" ]; then 28513f82310Sniklas echo -n ' rpc.yppasswdd' 28613f82310Sniklas rpc.yppasswdd ${yppasswdd_flags} 2872d5ee5bcSderaadt fi 2882d5ee5bcSderaadt fi 289df930be7Sderaadtfi 290df930be7Sderaadt 291edae963cSderaadt# $nfs_server is imported from /etc/rc.conf; 292df930be7Sderaadt# if $nfs_server == YES, the machine is setup for being an nfs server 293a975dbe5Smillertif [ X${nfs_server} = X"YES" -a -s /etc/exports -a \ 294d54d80fbSderaadt `sed -e '/^#/d' < /etc/exports | wc -l` -ne 0 ]; then 295df930be7Sderaadt rm -f /var/db/mountdtab 296df930be7Sderaadt echo -n > /var/db/mountdtab 297df930be7Sderaadt echo -n ' mountd'; mountd 298e6d41a0aSniklas echo -n ' nfsd'; nfsd ${nfsd_flags} 299e6d41a0aSniklas if [ X${lockd} = X"YES" ]; then 300e6d41a0aSniklas echo -n ' rpc.lockd'; rpc.lockd 301e6d41a0aSniklas fi 302df930be7Sderaadtfi 303df930be7Sderaadt 3045bf306d4Sderaadtif [ X${amd} = X"YES" -a -e ${amd_master} ]; then 305df930be7Sderaadt echo -n ' amd' 306d988480bSderaadt (cd /etc/amd; amd -l syslog -x error,noinfo,nostats -p \ 307d988480bSderaadt -a ${amd_dir} `cat ${amd_master}` > /var/run/amd.pid ) 308df930be7Sderaadtfi 309df930be7Sderaadt 310cb033641Shenning# run rdate before timed/ntpd 311cb033641Shenningif [ X"${rdate_flags}" != X"NO" ]; then 312cb033641Shenning echo -n ' rdate'; rdate -s ${rdate_flags} 313cb033641Shenningfi 314cb033641Shenning 315cb033641Shenning# $timed_flags is imported from /etc/rc.conf; 316cb033641Shenning# if $timed_flags == NO, timed isn't run. 317cb033641Shenningif [ "X${timed_flags}" != X"NO" ]; then 318cb033641Shenning echo -n ' timed'; timed $timed_flags 319cb033641Shenningfi 320cb033641Shenning 321cb033641Shenningif [ "X${ntpd_flags}" != X"NO" ]; then 322cb033641Shenning # since this is system startup, use -s 323cb033641Shenning echo -n ' ntpd'; ntpd -s $ntpd_flags 324cb033641Shenningfi 325df930be7Sderaadtecho '.' 326df930be7Sderaadt 3273ca632e7Sderaadtmount -a -t nfs 3283ca632e7Sderaadt 329638be0f1Smiodswapctl -A -t noblk 330638be0f1Smiod 331df930be7Sderaadt# /var/crash should be a directory or a symbolic link 332df930be7Sderaadt# to the crash directory if core dumps are to be saved. 333df930be7Sderaadtif [ -d /var/crash ]; then 3349d112a13Stholo savecore ${savecore_flags} /var/crash 335df930be7Sderaadtfi 336df930be7Sderaadt 337dd435269Sbeckif [ "X${afs}" = X"YES" -a -c /dev/xfs0 ]; then 3388b757a89Sart echo -n 'mounting afs:' 339dd435269Sbeck mkdir -p -m 0755 /afs 340dd435269Sbeck mount -t xfs /dev/xfs0 /afs 341dd435269Sbeck /usr/libexec/afsd ${afsd_flags} 3428b757a89Sart echo ' done.' 3438b757a89Sartfi 3448b757a89Sart 34536a647e7Sdownsjif [ "X${check_quotas}" = X"YES" ]; then 346df930be7Sderaadt echo -n 'checking quotas:' 347df930be7Sderaadt quotacheck -a 348df930be7Sderaadt echo ' done.' 349df930be7Sderaadt quotaon -a 35036a647e7Sdownsjfi 351df930be7Sderaadt 352df930be7Sderaadt# build ps databases 353fb69824dSderaadtecho -n 'building ps databases:' 354fb69824dSderaadtecho -n " kvm" 355004fa836Smillertkvm_mkdb 356fb69824dSderaadtecho -n " dev" 357df930be7Sderaadtdev_mkdb 358fb69824dSderaadtecho "." 359df930be7Sderaadt 360e860cdbaSderaadtchmod 666 /dev/tty[pqrstuvwxyzPQRST]* 361a293d798Smillertchown root:wheel /dev/tty[pqrstuvwxyzPQRST]* 362df930be7Sderaadt 363df930be7Sderaadt# check the password temp/lock file 3648b7444a6Sderaadtif [ -f /etc/ptmp ]; then 365df930be7Sderaadt logger -s -p auth.err \ 366df930be7Sderaadt 'password file may be incorrect -- /etc/ptmp exists' 367df930be7Sderaadtfi 368df930be7Sderaadt 369e65724e6Smillertecho clearing /tmp 370e65724e6Smillert 371e65724e6Smillert# prune quickly with one rm, then use find to clean up /tmp/[lq]* 372e65724e6Smillert# (not needed with mfs /tmp, but doesn't hurt there...) 373e65724e6Smillert(cd /tmp && rm -rf [a-km-pr-zA-Z]* && 374e65724e6Smillert find . ! -name . ! -name lost+found ! -name quota.user \ 3758b0a8653Smillert ! -name quota.group -execdir rm -rf -- {} \; -type d -prune) 376e65724e6Smillert 377f8310bdcShugh# create Unix sockets directories for X if needed and make sure they have 378f8310bdcShugh# correct permissions 379f8310bdcShughif [ -d /usr/X11R6/lib ]; then 380f8310bdcShugh for d in /tmp/.X11-unix /tmp/.ICE-unix ; do 381f8310bdcShugh if [ -d $d ]; then 382f8310bdcShugh if [ `ls -ld $d | cut -d' ' -f4` != root ]; then 383f8310bdcShugh chown root $d 384f8310bdcShugh fi 385f8310bdcShugh if [ `ls -ld $d | cut -d' ' -f1` != drwxrwxrwt ]; then 386f8310bdcShugh chmod 1777 $d 387f8310bdcShugh fi 388f8310bdcShugh elif [ -e $d ]; then 389f8310bdcShugh echo "Error: $d exists and isn't a directory." 390f8310bdcShugh else 391f8310bdcShugh mkdir -m 1777 $d 392f8310bdcShugh fi 393f8310bdcShugh done 394f8310bdcShughfi 395f8310bdcShugh 3962f33850bSderaadt[ -f /etc/rc.securelevel ] && . /etc/rc.securelevel 39741406ee4Sderaadtif [ X${securelevel} != X"" ]; then 398e31a5b5aSmillert echo -n 'setting kernel security level: ' 3996a337e36Sjmc sysctl kern.securelevel=${securelevel} 40041406ee4Sderaadtfi 40141406ee4Sderaadt 402dc279d04Sderaadt# patch /etc/motd 403dc279d04Sderaadtif [ ! -f /etc/motd ]; then 404dc279d04Sderaadt install -c -o root -g wheel -m 664 /dev/null /etc/motd 405dc279d04Sderaadtfi 406d243dabcSmillertT=`mktemp /tmp/_motd.XXXXXXXXXX` 407499eb670Smillertif [ $? -eq 0 ]; then 408dc279d04Sderaadt sysctl -n kern.version | sed 1q > $T 409dc279d04Sderaadt echo "" >> $T 410dc279d04Sderaadt sed '1,/^$/d' < /etc/motd >> $T 411dc279d04Sderaadt cmp -s $T /etc/motd || cp $T /etc/motd 412dc279d04Sderaadt rm -f $T 4135b45527eSmillertfi 414dc279d04Sderaadt 415df930be7Sderaadtif [ -f /var/account/acct ]; then 416df930be7Sderaadt echo 'turning on accounting'; accton /var/account/acct 417df930be7Sderaadtfi 418df930be7Sderaadt 4197e42516dSderaadtif [ -f /sbin/ldconfig ]; then 4207e42516dSderaadt echo 'creating runtime link editor directory cache.' 4217e42516dSderaadt if [ -d /usr/local/lib ]; then 4225881fc76Stodd shlib_dirs="/usr/local/lib $shlib_dirs" 4237e42516dSderaadt fi 4247e42516dSderaadt if [ -d /usr/X11R6/lib ]; then 4255881fc76Stodd shlib_dirs="/usr/X11R6/lib $shlib_dirs" 4267e42516dSderaadt fi 4277e42516dSderaadt ldconfig $shlib_dirs 4287e42516dSderaadtfi 4297e42516dSderaadt 430f57929bcSmillertif [ -x /usr/libexec/vi.recover ]; then 431f57929bcSmillert echo 'preserving editor files'; /usr/libexec/vi.recover 432f57929bcSmillertfi 433f57929bcSmillert 4340662dc2cSderaadtif [ ! -f /etc/ssh/ssh_host_dsa_key ]; then 43534c0b73eSderaadt echo -n "ssh-keygen: generating new DSA host key... " 4360662dc2cSderaadt if /usr/bin/ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''; then 437b05748d5Sderaadt echo done. 438b05748d5Sderaadt else 439b05748d5Sderaadt echo failed. 440b05748d5Sderaadt fi 441b05748d5Sderaadtfi 4420662dc2cSderaadtif [ ! -f /etc/ssh/ssh_host_rsa_key ]; then 443b05748d5Sderaadt echo -n "ssh-keygen: generating new RSA host key... " 4440662dc2cSderaadt if /usr/bin/ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''; then 44534c0b73eSderaadt echo done. 44634c0b73eSderaadt else 44734c0b73eSderaadt echo failed. 44834c0b73eSderaadt fi 44934c0b73eSderaadtfi 4500662dc2cSderaadtif [ ! -f /etc/ssh/ssh_host_key ]; then 451d5166b8fSmarkus echo -n "ssh-keygen: generating new RSA1 host key... " 4520662dc2cSderaadt if /usr/bin/ssh-keygen -q -t rsa1 -f /etc/ssh/ssh_host_key -N ''; then 4536d6e0cf6Sderaadt echo done. 4546d6e0cf6Sderaadt else 4556d6e0cf6Sderaadt echo failed. 4566d6e0cf6Sderaadt fi 4576d6e0cf6Sderaadtfi 4586d6e0cf6Sderaadt 459c0a201cfSmarkusif [ ! -f /etc/isakmpd/private/local.key ]; then 460c0a201cfSmarkus echo -n "openssl: generating new isakmpd RSA key... " 461c0a201cfSmarkus if /usr/sbin/openssl genrsa -out /etc/isakmpd/private/local.key 1024 \ 462c0a201cfSmarkus > /dev/null 2>&1; then 463c0a201cfSmarkus chmod 600 /etc/isakmpd/private/local.key 464c0a201cfSmarkus openssl rsa -out /etc/isakmpd/private/local.pub \ 465c0a201cfSmarkus -in /etc/isakmpd/private/local.key -pubout > /dev/null 2>&1 466c0a201cfSmarkus echo done. 467c0a201cfSmarkus else 468c0a201cfSmarkus echo failed. 469c0a201cfSmarkus fi 470c0a201cfSmarkusfi 471c0a201cfSmarkus 472df930be7Sderaadtecho -n starting network daemons: 473df930be7Sderaadt 47469f602d6Sian# $routed_flags are imported from /etc/rc.conf. 475df930be7Sderaadt# If $routed_flags == NO, routed isn't run. 47669f602d6Sianif [ "X${routed_flags}" != X"NO" ]; then 477df930be7Sderaadt echo -n ' routed'; routed $routed_flags 478df930be7Sderaadtfi 479df930be7Sderaadt 480edae963cSderaadt# $mrouted_flags is imported from /etc/rc.conf; 48169b30726Sderaadt# If $mrouted_flags == NO, then mrouted isn't run. 48269b30726Sderaadtif [ "X${mrouted_flags}" != X"NO" ]; then 48369b30726Sderaadt echo -n ' mrouted'; mrouted $mrouted_flags 48469b30726Sderaadtfi 48569b30726Sderaadt 486220f3b8dShenningif [ "X${bgpd_flags}" != X"NO" ]; then 487220f3b8dShenning echo -n ' bgpd'; /usr/sbin/bgpd $bgpd_flags 488220f3b8dShenningfi 489220f3b8dShenning 49030a2245dSform# $dhcpd_flags is imported from /etc/rc.conf 49130a2245dSform# If $dhcpd_flags == NO or /etc/dhcpd.conf doesn't exist, then dhcpd isn't run. 49230a2245dSformif [ "X${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then 49330a2245dSform touch /var/db/dhcpd.leases 49430a2245dSform if [ -f /etc/dhcpd.interfaces ]; then 49578a6b8a8Smpech dhcpd_ifs=`stripcom /etc/dhcpd.interfaces` 49630a2245dSform fi 49730a2245dSform echo -n ' dhcpd'; /usr/sbin/dhcpd ${dhcpd_flags} ${dhcpd_ifs} 49830a2245dSformfi 49930a2245dSform 50033a0f254Sitojunif ifconfig lo0 inet6 >/dev/null 2>&1; then 50133a0f254Sitojun fw=`sysctl -n net.inet6.ip6.forwarding` 50233a0f254Sitojun if [ "X${fw}" == X"0" ]; then 50333a0f254Sitojun # $rtsold_flags is imported from /etc/rc.conf; 50433a0f254Sitojun # If $rtsold_flags == NO, then rtsold isn't run. 50533a0f254Sitojun if [ "X${rtsold_flags}" != X"NO" ]; then 50633a0f254Sitojun echo -n ' rtsold' 50733a0f254Sitojun /usr/sbin/rtsold ${rtsold_flags} 50833a0f254Sitojun fi 50933a0f254Sitojun else 51033a0f254Sitojun # $route6d_flags is imported from /etc/rc.conf; 51133a0f254Sitojun # If $route6d_flags == NO, then route6d isn't run. 51233a0f254Sitojun if [ "X${route6d_flags}" != X"NO" ]; then 51333a0f254Sitojun echo -n ' route6d' 51433a0f254Sitojun /usr/sbin/route6d ${route6d_flags} 51533a0f254Sitojun fi 51633a0f254Sitojun # $rtadvd_flags is imported from /etc/rc.conf; 51706347140Sitojun # If $rtadvd_flags == NO, then rtadvd isn't run. 51806347140Sitojun if [ "X${rtadvd_flags}" != X"NO" ]; then 51933a0f254Sitojun echo -n ' rtadvd' 52033a0f254Sitojun /usr/sbin/rtadvd ${rtadvd_flags} 52133a0f254Sitojun fi 52233a0f254Sitojun fi 52333a0f254Sitojunfi 52433a0f254Sitojun 525edae963cSderaadt# $rwhod is imported from /etc/rc.conf; 526df930be7Sderaadt# if $rwhod == YES, rwhod is run. 527df930be7Sderaadtif [ X${rwhod} = X"YES" ]; then 528df930be7Sderaadt echo -n ' rwhod'; rwhod 529df930be7Sderaadtfi 530df930be7Sderaadt 531423a3640Sderaadt 532f6e50579Ssturmif [ "X${lpd_flags}" != X"NO" ]; then 533a5ff35f6Sfgsch echo -n ' printer'; lpd ${lpd_flags} 534423a3640Sderaadtfi 535df930be7Sderaadt 536edae963cSderaadt# $sendmail_flags is imported from /etc/rc.conf; 5370e208981Smillert# If $sendmail_flags == NO or /etc/mailer.conf doesn't exist, then 5384844ae79Sderaadt# sendmail isn't run. We call sendmail with a full path so that 5390e208981Smillert# SIGHUP works. Note that /usr/sbin/sendmail may actually call a 5400e208981Smillert# mailer other than sendmail, depending on /etc/mailer.conf. 5410e208981Smillertif [ "X${sendmail_flags}" != X"NO" -a -s /etc/mailer.conf ]; then 542e18bddb2Smillert echo -n ' sendmail'; ( /usr/sbin/sendmail ${sendmail_flags} >/dev/null 2>&1 & ) 543df930be7Sderaadtfi 544df930be7Sderaadt 54552e6779cSderaadtif [ "X${httpd_flags}" != X"NO" ]; then 546205e112eSespie # Clean up left-over httpd locks 547205e112eSespie rm -f /var/www/logs/{ssl_mutex,httpd.lock,accept.lock}.* 548f3079313Sangelos echo -n ' httpd'; /usr/sbin/httpd ${httpd_flags} 54952e6779cSderaadtfi 55052e6779cSderaadt 551b6330bccSdownsjif [ "X${ftpd_flags}" != X"NO" ]; then 552b6330bccSdownsj echo -n ' ftpd'; /usr/libexec/ftpd ${ftpd_flags} 553b6330bccSdownsjfi 554b6330bccSdownsj 5554265ef72Sfgschif [ "X${identd_flags}" != X"NO" ]; then 5564265ef72Sfgsch echo -n ' identd'; /usr/libexec/identd ${identd_flags} 5574265ef72Sfgschfi 5584265ef72Sfgsch 5596a5aa348Sangelosif [ X${inetd} = X"YES" -a -e /etc/inetd.conf ]; then 560df930be7Sderaadt echo -n ' inetd'; inetd 561423a3640Sderaadtfi 562df930be7Sderaadt 56336fdfb26Sderaadtif [ X"${sshd_flags}" != X"NO" ]; then 56436fdfb26Sderaadt echo -n ' sshd'; /usr/sbin/sshd ${sshd_flags}; 56536fdfb26Sderaadtfi 56636fdfb26Sderaadt 567116d9528Sderaadtif [ "X${spamd_flags}" != X"NO" ]; then 568116d9528Sderaadt if [ "X${spamd_grey}" != X"NO" ]; then 569116d9528Sderaadt spamd_flags="${spamd_flags} -g" 570116d9528Sderaadt fi 5716856ca63Sotto echo -n ' spamd'; eval /usr/libexec/spamd ${spamd_flags} 572116d9528Sderaadt /usr/libexec/spamd-setup 573116d9528Sderaadt if [ "X${spamd_grey}" != X"NO" ]; then 574116d9528Sderaadt echo -n ' spamlogd' 575116d9528Sderaadt /usr/libexec/spamlogd 576116d9528Sderaadt fi 577116d9528Sderaadtfi 578116d9528Sderaadt 579edae963cSderaadt# $rarpd_flags is imported from /etc/rc.conf; 580df930be7Sderaadt# If $rarpd_flags == NO or /etc/ethers doesn't exist, then 581df930be7Sderaadt# rarpd isn't run. 582a975dbe5Smillertif [ "X${rarpd_flags}" != X"NO" -a -s /etc/ethers ]; then 583df930be7Sderaadt echo -n ' rarpd'; rarpd ${rarpd_flags} 584df930be7Sderaadtfi 585df930be7Sderaadt 586edae963cSderaadt# $bootparamd_flags is imported from /etc/rc.conf; 587df930be7Sderaadt# If $bootparamd_flags == NO or /etc/bootparams doesn't exist, then 588df930be7Sderaadt# bootparamd isn't run. 589a975dbe5Smillertif [ "X${bootparamd_flags}" != X"NO" -a -s /etc/bootparams ]; then 590df930be7Sderaadt echo -n ' rpc.bootparamd'; rpc.bootparamd ${bootparamd_flags} 591df930be7Sderaadtfi 592df930be7Sderaadt 593edae963cSderaadt# $rbootd_flags is imported from /etc/rc.conf; 594df930be7Sderaadt# If $rbootd_flags == NO or /etc/rbootd.conf doesn't exist, then 595df930be7Sderaadt# rbootd isn't run. 596a975dbe5Smillertif [ "X${rbootd_flags}" != X"NO" -a -s /etc/rbootd.conf ]; then 597df930be7Sderaadt echo -n ' rbootd'; rbootd ${rbootd_flags} 598df930be7Sderaadtfi 599df930be7Sderaadt 600df4692e3Smaja# $mopd_flags is imported from /etc/rc.conf; 601df4692e3Smaja# If $mopd_flags == NO or /tftpboot/mop doesn't exist, then 602df4692e3Smaja# mopd isn't run. 603df4692e3Smajaif [ "X${mopd_flags}" != X"NO" -a -d /tftpboot/mop ]; then 604df4692e3Smaja echo -n ' mopd'; mopd ${mopd_flags} 605df4692e3Smajafi 606df4692e3Smaja 607df930be7Sderaadtecho '.' 608df930be7Sderaadt 609f8b59d35Smarcif [ -x /sbin/wsconsctl -a -f /etc/wsconsctl.conf ]; then 61089092446Smickey( 61189092446Smickey # delete comments and blank lines 612bf4c0b31Smarc save_IFS="$IFS" 613f8b59d35Smarc IFS=" 614f8b59d35Smarc" 61589092446Smickey set -- `stripcom /etc/wsconsctl.conf` 616bf4c0b31Smarc IFS="$save_IFS" 61789092446Smickey while [ $# -ge 1 ] ; do 618f8b59d35Smarc eval /sbin/wsconsctl -w $1 61989092446Smickey shift 62089092446Smickey done 62189092446Smickey) 62289092446Smickeyfi 62389092446Smickey 624fde3f312Shin# KerberosV master KDC 625fde3f312Shinif [ X${krb5_master_kdc} = X"YES" ]; then 626fde3f312Shin echo 'KerberosV master KDC' 627fde3f312Shin /usr/libexec/kdc & 628fde3f312Shin /usr/libexec/kadmind & 629fde3f312Shin /usr/libexec/kpasswdd & 630fde3f312Shinfi 631fde3f312Shin 632fde3f312Shin# KerberosV slave KDC 633fde3f312Shinif [ X${krb5_slave_kdc} = X"YES" ]; then 634fde3f312Shin echo 'KerberosV slave KDC' 635fde3f312Shin /usr/libexec/kdc & 636fde3f312Shin # Remember to enable hpropd in inetd.conf 637fde3f312Shinfi 638fde3f312Shin 6392f33850bSderaadt[ -f /etc/rc.local ] && . /etc/rc.local 6408b7444a6Sderaadt 64174491808Smillertecho -n standard daemons: 642f026f8beSmarc 643f026f8beSmarc# $apmd_flags is imported from /etc/rc.conf; 644f026f8beSmarc# don't run daemon if $apmd_flags == NO or /usr/sbin/apmd doesn't exist 645f026f8beSmarcif [ "X${apmd_flags}" != X"NO" -a -x /usr/sbin/apmd ]; then 646f026f8beSmarc echo -n ' apmd'; /usr/sbin/apmd ${apmd_flags} 647f026f8beSmarcfi 648f026f8beSmarc 649793d0ae6Shenningif [ X"${sensorsd_flags}" != X"NO" ]; then 650793d0ae6Shenning echo -n ' sensorsd'; /usr/sbin/sensorsd ${sensorsd_flags} 651793d0ae6Shenningfi 652793d0ae6Shenning 653f255c293Sgrangeif [ X"${hotplugd_flags}" != X"NO" -a -x /usr/sbin/hotplugd ]; then 654f255c293Sgrange echo -n ' hotplugd'; /usr/sbin/hotplugd ${hotplugd_flags} 655f255c293Sgrangefi 656f255c293Sgrange 65774491808Smillertecho -n ' cron'; cron 658f026f8beSmarc 65974491808Smillertecho '.' 66074491808Smillert 661df930be7Sderaadtdate 6628569782fSderaadt 6634ce81c70Sderaadtif [ "X${wsmoused_flags}" != X"NO" -a -x /usr/sbin/wsmoused ]; then 6644a4c21d8Sderaadt echo 'starting wsmoused...'; /usr/sbin/wsmoused ${wsmoused_flags} 66596ac2838Saaronfi 666f8810935Saaron 667f8810935Saaron# Alternatively, on some architectures, xdm may be started in /etc/ttys. 668f8810935Saaronif [ "X${xdm_flags}" != X"NO" ]; then 669f8810935Saaron echo 'starting xdm...'; /usr/X11R6/bin/xdm ${xdm_flags} 6708569782fSderaadtfi 6718569782fSderaadt 672df930be7Sderaadtexit 0 6738b757a89Sart 674