'\" te .\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved. .\" Copyright 2019 Joyent, Inc. .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] .TH SVC.STARTD 8 "Dec 11, 2019" .SH NAME svc.startd \- Service Management Facility master restarter .SH SYNOPSIS .nf \fB/lib/svc/bin/svc.startd\fR .fi .LP .nf \fBsvc:/system/svc/restarter:default\fR .fi .SH DESCRIPTION \fBsvc.startd\fR is the master restarter daemon for Service Management Facility (SMF) and the default restarter for all services. \fBsvc.startd\fR starts, stops, and restarts services based on administrative requests, system failures, or application failures. .sp .LP \fBsvc.startd\fR maintains service state, as well as being responsible for managing faults in accordance with the dependencies of each service. .sp .LP \fBsvc.startd\fR is invoked automatically during system startup. It is restarted if any failures occur. \fBsvc.startd\fR should never be invoked directly. .sp .LP See \fBsmf_restarter\fR(7) for information on configuration and behavior common to all restarters. .sp .LP \fBsvcs\fR(1) reports status for all services managed by the Service Configuration Facility. \fBsvcadm\fR(8) allows manipulation of service instances with respect to the service's restarter. .SS "Environment Variables" Environment variables with the "SMF_" prefix are reserved and may be overwritten. .sp .LP \fBsvc.startd\fR supplies the "SMF_" environment variables specified in \fBsmf_method\fR(7) to the method. PATH is set to "\fB/usr/sbin:/usr/bin\fR" by default. By default, all other environment variables supplied to \fBsvc.startd\fR are those inherited from \fBinit\fR(8). .sp .LP Duplicate entries are reduced to a single entry. The value used is undefined. Environment entries that are not prefixed with "<\fIname\fR>=" are ignored. .SS "Restarter Options" \fBsvc.startd\fR is not configured by command line options. Instead, configuration is read from the service configuration repository. You can use \fBsvccfg\fR(8) to set all options and properties. .sp .LP The following configuration variables in the \fBoptions\fR property group are available to developers and administrators: .sp .ne 2 .na \fB\fBboot_messages\fR\fR .ad .sp .6 .RS 4n An \fIastring\fR (as defined in \fBscf_value_is_type\fR; see \fBscf_value_is_type\fR(3SCF)) that describes the default level of messages to print to the console during boot. The supported message options include \fBquiet\fR and \fBverbose\fR. The \fBquiet\fR option prints minimal messages to console during boot. The \fBverbose\fR option prints a single message per service started to indicate success or failure. You can use the \fBboot\fR \fB-m\fR option to override the \fBboot_messages\fR setting at boot time. See \fBkernel\fR(8). .RE .sp .ne 2 .na \fB\fBlogging\fR\fR .ad .sp .6 .RS 4n Control the level of global service logging for \fBsvc.startd\fR. An \fIastring\fR (as defined in \fBscf_value_is_type\fR; see \fBscf_value_is_type\fR(3SCF)) that describes the default level of messages to log to \fBsyslog\fR (see \fBsyslog\fR(3C) and \fBsvc.startd\fR's global logfile, \fB/var/svc/log/svc.startd.log\fR. The supported message options include \fBquiet\fR, \fBverbose\fR, and \fBdebug\fR. The \fBquiet\fR option sends error messages requiring administrative intervention to the console, \fBsyslog\fR and \fBsvc.startd\fR's global logfile. The \fBverbose\fR option sends error messages requiring administrative intervention to the console, \fBsyslog\fR and \fBsvc.startd\fR's global logfile, and information about errors which do not require administrative intervention to \fBsvc.startd\fR's global logfile. A single message per service started is also sent to the console. The \fBdebug\fR option sends \fBsvc.startd\fR debug messages to \fBsvc.startd\fR's global logfile, error messages requiring administrative intervention to the console, \fBsyslog\fR and \fBsvc.startd\fR's global logfile, and a single message per service started to the console. .RE .sp .ne 2 .na \fB\fBmilestone\fR\fR .ad .sp .6 .RS 4n An FMRI which determines the milestone used as the default boot level. Acceptable options include only the major milestones: .sp .in +2 .nf svc:/milestone/single-user:default svc:/milestone/multi-user:default svc:/milestone/multi-user-server:default .fi .in -2 .sp or the special values \fBall\fR or \fBnone\fR. \fBall\fR represents an idealized milestone that depends on every service. \fBnone\fR is a special milestone where no services are running apart from the master \fBsvc:/system/svc/restarter:default\fR. By default, \fBsvc.startd\fR uses \fBall\fR, a synthetic milestone that depends on every service. If this property is specified, it overrides any \fBinitdefault\fR setting in \fBinittab\fR(5). .RE .sp .ne 2 .na \fB\fBsystem/reconfigure\fR\fR .ad .sp .6 .RS 4n Indicates that a reconfiguration reboot has been requested. Services with actions that must key off of a reconfiguration reboot may check that this property exists and is set to 1 to confirm a reconfiguration boot has been requested. .sp This property is managed by \fBsvc.startd\fR and should not be modified by the administrator. .RE .sp .LP Configuration errors, such as disabling \fBsvc.startd\fR are logged by \fBsyslog\fR, but ignored. .SS "SERVICE STATES" Services managed by \fBsvc.startd\fR can appear in any of the states described in \fBsmf\fR(7). The state definitions are unmodified by this restarter. .SS "SERVICE REPORTING" In addition to any logging done by the managed service, \fBsvc.startd\fR provides a common set of service reporting and logging mechanisms. .sp .LP Reporting properties \fBsvc.startd\fR updates a common set of properties on all services it manages. These properties are a common interface that can be used to take action based on service instance health. The \fBsvcs\fR(1) command can be used to easily display these properties. .sp .ne 2 .na \fB\fBrestarter/state\fR\fR .ad .br .na \fB\fBrestarter/next_state\fR\fR .ad .sp .6 .RS 4n The current and next (if currently in transition) state for an instance. .RE .sp .ne 2 .na \fB\fBrestarter/auxiliary_state\fR\fR .ad .sp .6 .RS 4n A caption detailing additional information about the current instance state. The auxiliary state available for services managed by \fBsvc.startd\fR is: .sp .ne 2 .na \fBmaintenance\fR .ad .RS 15n .sp .in +2 .nf fault_threshold_reached stop_method_failed administrative_request .fi .in -2 .sp .RE .RE .sp .ne 2 .na \fB\fBrestarter/state_timestamp\fR\fR .ad .sp .6 .RS 4n The time when the current state was reached. .RE .sp .ne 2 .na \fB\fBrestarter/contract\fR\fR .ad .sp .6 .RS 4n The primary process contract ID, if any, that under which the service instance is executing. .RE .sp .LP \fBLogs\fR .sp .LP By default, \fBsvc.startd\fR provides logging of significant restarter actions for the service as well as method standard output and standard error file descriptors to \fB/var/svc/log/\fIservice\fR:\fIinstance\fR.log\fR. The level of logging to system global locations like \fB/var/svc/log/svc.startd.log\fR and \fBsyslog\fR is controlled by the \fBoptions/logging\fR property. .SS "SERVICE DEFINITION" When developing or configuring a service managed by \fBsvc.startd\fR, a common set of properties are used to affect the interaction between the service instance and the restarter. .sp .LP \fBMethods\fR .sp .LP The general form of methods for the fork/exec model provided by \fBsvc.startd\fR are presented in \fBsmf_method\fR(7). The following methods are supported as required or optional by services managed by \fBsvc.startd\fR. .sp .ne 2 .na \fB\fBrefresh\fR\fR .ad .RS 11n Reload any appropriate configuration parameters from the repository or \fBconfig\fR file, without interrupting service. This is often implemented using \fBSIGHUP\fR for system daemons. If the service is unable to recognize configuration changes without a restart, no refresh method is provided. .sp This method is optional. .RE .sp .ne 2 .na \fB\fBstart\fR\fR .ad .RS 11n Start the service. Return success only after the application is available to consumers. Fail if a conflicting instance is already running, or if the service is unable to start. .sp This method is required. .RE .sp .ne 2 .na \fB\fBstop\fR\fR .ad .RS 11n Stop the service. In some cases, the stop method can be invoked when some or all of the service has already been stopped. Only return an error if the service is not entirely stopped on method return. .sp This method is required. .RE .sp .LP If the service does not need to take any action in a required method, it must specify the \fB:true\fR token for that method. .sp .LP \fBsvc.startd\fR honors any method context specified for the service or any specific method. The method expansion tokens described in \fBsmf_method\fR(7) are available for use in all methods invoked by \fBsvc.startd\fR. .sp .LP \fBProperties\fR .sp .LP An overview of the general properties is available in \fBsmf\fR(7). The specific way in which these general properties interacts with \fBsvc.startd\fR follows: .sp .ne 2 .na \fB\fBgeneral/enabled\fR\fR .ad .sp .6 .RS 4n If enabled is set to true, the restarter attempts to start the service once all its dependencies are satisfied. If set to false, the service remains in the disabled state, not running. .RE .sp .ne 2 .na \fB\fBgeneral/restarter\fR\fR .ad .sp .6 .RS 4n If this FMRI property is empty or set to \fBsvc:/system/svc/restarter:default\fR, the service is managed by \fBsvc.startd\fR. Otherwise, the restarter specified is responsible (once it is available) for managing the service. .RE .sp .ne 2 .na \fB\fBgeneral/single_instance\fR\fR .ad .sp .6 .RS 4n This was originally supposed to ensure that only one service instance could be in online or degraded state at once; however, it was never implemented, and is often incorrectly specified in multi-instance manifests. As such, it should be considered obsolete and not specified in new manifests. .RE .sp .LP Additionally, \fBsvc.startd\fR managed services can define the optional properties listed below in the \fBstartd\fR property group. .sp .ne 2 .na \fB\fBstartd/critical_failure_count\fR .ad .br .na \fBstartd/critical_failure_period\fR\fR .ad .sp .6 .RS 4n The \fBcritical_failure_count\fR and \fBcritical_failure_period\fR properties together specify the maximum number of service failures allowed in a given time interval before \fBsvc.startd\fR transitions the service to maintenance. If the number of failures exceeds \fBcritical_failure_count\fR in any period of \fBcritical_failure_period\fR seconds, \fBsvc.startd\fR will transition the service to maintenance. .RE .sp .ne 2 .na \fB\fBstartd/duration\fR\fR .ad .sp .6 .RS 4n The \fBduration\fR property defines the service's model. It can be set to \fBtransient\fR, \fBchild\fR also known as "\fBwait\fR" model services, or \fBcontract\fR (the default). .RE .sp .ne 2 .na \fB\fBstartd/ignore_error\fR\fR .ad .sp .6 .RS 4n The \fBignore_error\fR property, if set, specifies a comma-separated list of ignored events. Legitimate string values in that list are \fBcore\fR and \fBsignal\fR. The default is to restart on all errors. .RE .sp .ne 2 .na \fB\fBstartd/need_session\fR\fR .ad .sp .6 .RS 4n The \fBneed_session\fR property, if set to true, indicates that the instance should be launched in its own session. The default is not to do so. .RE .sp .ne 2 .na \fB\fBstartd/utmpx_prefix\fR\fR .ad .sp .6 .RS 4n The \fButmpx_prefix\fR string property defines that the instance requires a valid \fButmpx\fR entry prior to start method execution. The default is not to create a \fButmpx\fR entry. .RE .SS "SERVICE FAILURE" \fBsvc.startd\fR assumes that a method has failed if it returns a non-zero exit code or if fails to complete before the timeout specified expires. If \fB$SMF_EXIT_ERR_CONFIG\fR or \fB$SMF_EXIT_ERR_FATAL\fR is returned, \fBsvc.startd\fR immediately places the service in the maintenance state. For all other failures, \fBsvc.startd\fR places the service in the offline state. If a service is offline and its dependencies are satisfied, \fBsvc.startd\fR tries again to start the service (see \fBsmf\fR(7)). .sp .LP If a contract or transient service does not return from its start method before its defined timeout elapses, \fBsvc.startd\fR sends a \fBSIGKILL\fR to the method, and returns the service to the offline state. .sp .LP If three failures happen in a row, or if the service is restarting more than once a second, \fBsvc.startd\fR places the service in the maintenance state. .sp .LP The conditions of service failure are defined by a combination of the service model (defined by the \fBstartd/duration\fR property) and the value of the \fBstartd/ignore_error\fR property. .sp .LP A contract model service fails if any of the following conditions occur: .RS +4 .TP .ie t \(bu .el o all processes in the service exit .RE .RS +4 .TP .ie t \(bu .el o any processes in the service produce a core dump .RE .RS +4 .TP .ie t \(bu .el o a process outside the service sends a service process a fatal signal (for example, an administrator terminates a service process with the \fBpkill\fR command) .RE .sp .LP The last two conditions may be ignored by the service by specifying core and/or signal in \fBstartd/ignore_error\fR. .sp .LP Defining a service as transient means that \fBsvc.startd\fR does not track processes for that service. Thus, the potential faults described for contract model services are not considered failures for transient services. A transient service only enters the maintenance state if one of the method failure conditions occurs. .sp .LP "\fBWait\fR" model services are restarted whenever the child process associated with the service exits. A child process that exits is not considered an error for "\fBwait\fR" model services, and repeated failures do not lead to a transition to maintenance state. However, a wait service which is repeatedly exiting with an error that exceeds the default rate (5 failures/second) will be throttled back so that the service only restarts once per second. .SS "LEGACY SERVICES" \fBsvc.startd\fR continues to provide support for services invoked during the startup run level transitions. Each \fB/etc/rc?.d\fR directory is processed after all managed services which constitute the equivalent run level milestone have transitioned to the online state. Standard \fBinit\fR scripts placed in the \fB/etc/rc?.d\fR directories are run in the order of their sequence numbers. .sp .LP The milestone to run-level mapping is: .sp .ne 2 .na \fB\fBmilestone/single-user\fR\fR .ad .sp .6 .RS 4n Single-user (\fBS\fR) .RE .sp .ne 2 .na \fB\fBmilestone/multi-user\fR\fR .ad .sp .6 .RS 4n Multi-user (\fB2\fR) .RE .sp .ne 2 .na \fB\fBmilestone/multi-user-server\fR\fR .ad .sp .6 .RS 4n Multi-user with network services (\fB3\fR) .RE .sp .LP Additionally, \fBsvc.startd\fR gives these legacy services visibility in SMF by inserting an instance per script into the repository. These legacy instances are visible using standard SMF interfaces such as \fBsvcs\fR(1), always appear in the \fBLEGACY-RUN\fR state, cannot be modified, and can not be specified as dependencies of other services. The initial start time of the legacy service is captured as a convenience for the administrator. .SH FILES .ne 2 .na \fB\fB/var/svc/log\fR\fR .ad .RS 21n Directory where \fBsvc.startd\fR stores log files. .RE .sp .ne 2 .na \fB\fB/etc/svc/volatile\fR\fR .ad .RS 21n Directory where \fBsvc.startd\fR stores log files in early stages of boot, before \fB/var\fR is mounted read-write. .RE .SH EXAMPLE \fBExample 1 \fRTurning on Verbose Logging .sp .LP To turn on verbose logging, type the following: .sp .in +2 .nf # /usr/sbin/svccfg -s system/svc/restarter:default svc:/system/svc/restarter:default> addpg options application svc:/system/svc/restarter:default> setprop options/logging = \e astring: verbose svc:/system/svc/restarter:default> exit .fi .in -2 .sp .sp .LP This request will take effect on the next restart of \fBsvc.startd\fR. .SH SEE ALSO .BR svcprop (1), .BR svcs (1), .BR setsid (2), .BR syslog (3C), .BR libscf (3LIB), .BR scf_value_is_type (3SCF), .BR contract (5), .BR init.d (5), .BR inittab (5), .BR process (5), .BR attributes (7), .BR smf (7), .BR smf_method (7), .BR init (8), .BR kernel (8), .BR svc.configd (8), .BR svcadm (8), .BR svccfg (8)