1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" This code is derived from software contributed to Berkeley by 5.\" Donn Seeley at Berkeley Software Design, Inc. 6.\" 7.\" %sccs.include.redist.roff% 8.\" 9.\" @(#)init.8 8.5 (Berkeley) 04/28/95 10.\" 11.Dd 12.Dt INIT 8 13.Os BSD 4 14.Sh NAME 15.Nm init 16.Nd process control initialization 17.Sh SYNOPSIS 18.Nm init 19.Sh DESCRIPTION 20The 21.Nm init 22program 23is the last stage of the boot process. 24It normally runs the automatic reboot sequence as described in 25.Xr reboot 8 , 26and if this succeeds, begins multi-user operation. 27If the reboot scripts fail, 28.Nm init 29commences single user operation by giving 30the super-user a shell on the console. 31The 32.Nm init 33program may be passed parameters 34from the boot program to 35prevent the system from going multi-user and to instead execute 36a single user shell without starting the normal daemons. 37The system is then quiescent for maintenance work and may 38later be made to go to multi-user by exiting the 39single-user shell (with ^D). 40This 41causes 42.Nm init 43to run the 44.Pa /etc/rc 45start up command file in fastboot mode (skipping disk checks). 46.Pp 47If the 48.Nm console 49entry in the 50.Xr ttys 5 51file is marked ``insecure'', 52then 53.Nm init 54will require that the superuser password be 55entered before the system will start a single-user shell. 56The password check is skipped if the 57.Nm console 58is marked as ``secure''. 59.Pp 60The kernel runs with four different levels of security. 61Any superuser process can raise the security level, but only 62.Nm init 63can lower it. 64Security levels are defined as follows: 65.Bl -tag -width flag 66.It Ic -1 67Permanently insecure mode \- always run system in level 0 mode. 68.It Ic 0 69Insecure mode \- immutable and append-only flags may be turned off. 70All devices may be read or written subject to their permissions. 71.It Ic 1 72Secure mode \- immutable and append-only flags may not be changed; 73disks for mounted filesystems, 74.Pa /dev/mem , 75and 76.Pa /dev/kmem 77are read-only. 78.It Ic 2 79Highly secure mode \- same as secure mode, plus disks are always 80read-only whether mounted or not. 81This level precludes tampering with filesystems by unmounting them, 82but also inhibits running 83.Xr newfs 8 84while the system is multi-user. 85.El 86.Pp 87Normally, the system runs in level 0 mode while single user 88and in level 1 mode while multiuser. 89If the level 2 mode is desired while running multiuser, 90it can be set in the startup script 91.Pa /etc/rc 92using 93.Xr sysctl 8 . 94If it is desired to run the system in level 0 mode while multiuser, 95the administrator must build a kernel with the variable 96.Nm securelevel 97defined in the file 98.Pa /sys/compile/MACHINE/param.c 99and initialize it to -1. 100.Pp 101In multi-user operation, 102.Nm init 103maintains 104processes for the terminal ports found in the file 105.Xr ttys 5 . 106.Nm Init 107reads this file, and executes the command found in the second field. 108This command is usually 109.Xr getty 8 ; 110.Xr getty 111opens and initializes the tty line 112and 113executes the 114.Xr login 115program. 116The 117.Xr login 118program, when a valid user logs in, 119executes a shell for that user. When this shell 120dies, either because the user logged out 121or an abnormal termination occurred (a signal), 122the 123.Nm init 124program wakes up, deletes the user 125from the 126.Xr utmp 5 127file of current users and records the logout in the 128.Xr wtmp 129file. 130The cycle is 131then restarted by 132.Nm init 133executing a new 134.Xr getty 135for the line. 136.pl +1 137.Pp 138Line status (on, off, secure, getty, or window information) 139may be changed in the 140.Xr ttys 141file without a reboot by sending the signal 142.Dv SIGHUP 143to 144.Nm init 145with the command 146.Dq Li "kill \-s HUP 1" . 147On receipt of this signal, 148.Nm init 149re-reads the 150.Xr ttys 151file. 152When a line is turned off in 153.Xr ttys , 154.Nm init 155will send a SIGHUP signal to the controlling process 156for the session associated with the line. 157For any lines that were previously turned off in the 158.Xr ttys 159file and are now on, 160.Nm init 161executes a new 162.Xr getty 163to enable a new login. 164If the getty or window field for a line is changed, 165the change takes effect at the end of the current 166login session (e.g., the next time 167.Nm init 168starts a process on the line). 169If a line is commented out or deleted from 170.Xr ttys , 171.Nm init 172will not do anything at all to that line. 173However, it will complain that the relationship between lines 174in the 175.Xr ttys 176file and records in the 177.Xr utmp 178file is out of sync, 179so this practice is not recommended. 180.Pp 181.Nm Init 182will terminate multi-user operations and resume single-user mode 183if sent a terminate 184.Pq Dv TERM 185signal, for example, 186.Dq Li "kill \-s TERM 1" . 187If there are processes outstanding that are deadlocked (because of 188hardware or software failure), 189.Xr init 190will not wait for them all to die (which might take forever), but 191will time out after 30 seconds and print a warning message. 192.Pp 193.Nm Init 194will cease creating new 195.Xr getty Ns 's 196and allow the system to slowly die away, if it is sent a terminal stop 197.Pq Dv TSTP 198signal, i.e. 199.Dq Li "kill \-s TSTP 1" . 200A later hangup will resume full 201multi-user operations, or a terminate will start a single user shell. 202This hook is used by 203.Xr reboot 8 204and 205.Xr halt 8 . 206.Pp 207The role of 208.Nm init 209is so critical that if it dies, the system will reboot itself 210automatically. 211If, at bootstrap time, the 212.Xr init 213process cannot be located, the system will panic with the message 214``panic: "init died (signal %d, exit %d)''. 215.Sh DIAGNOSTICS 216.Bl -diag 217.It "getty repeating too quickly on port %s, sleeping" 218A process being started to service a line is exiting quickly 219each time it is started. 220This is often caused by a ringing or noisy terminal line. 221.Em "Init will sleep for 10 seconds" , 222.Em "then continue trying to start the process" . 223.Pp 224.It "some processes would not die; ps axl advised." 225A process 226is hung and could not be killed when the system was shutting down. 227This condition is usually caused by a process 228that is stuck in a device driver because of 229a persistent device error condition. 230.El 231.Sh FILES 232.Bl -tag -width /var/log/wtmp -compact 233.It Pa /dev/console 234System console device. 235.It Pa /dev/tty* 236Terminal ports found in 237.Xr ttys . 238.It Pa /var/run/utmp 239Record of Current users on the system. 240.It Pa /var/log/wtmp 241Record of all logins and logouts. 242.It Pa /etc/ttys 243The terminal initialization information file. 244.It Pa /etc/rc 245System startup commands. 246.El 247.Sh SEE ALSO 248.Xr login 1 , 249.Xr kill 1 , 250.Xr sh 1 , 251.Xr ttys 5 , 252.Xr crash 8 , 253.Xr getty 8 , 254.Xr rc 8 , 255.Xr reboot 8 , 256.Xr halt 8 , 257.Xr shutdown 8 258.Sh HISTORY 259A 260.Nm 261command appeared in 262.At v6 . 263.Sh BUGS 264Systems without 265.Xr sysctl 266behave as though they have security level \-1. 267