1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" This code is derived from software contributed to Berkeley by 5.\" Donn Seeley at Berkeley Software Design, Inc. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. Neither the name of the University nor the names of its contributors 16.\" may be used to endorse or promote products derived from this software 17.\" without specific prior written permission. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" 31.\" @(#)init.8 8.3 (Berkeley) 4/18/94 32.\" $FreeBSD$ 33.\" 34.Dd July 22, 2021 35.Dt INIT 8 36.Os 37.Sh NAME 38.Nm init 39.Nd process control initialization 40.Sh SYNOPSIS 41.Nm 42.Nm 43.Oo 44.Cm 0 | 1 | 6 | 45.Cm c | q 46.Oc 47.Sh DESCRIPTION 48The 49.Nm 50utility 51is the last stage of the boot process. 52It normally runs the automatic reboot sequence as described in 53.Xr rc 8 , 54and if this succeeds, begins multi-user operation. 55If the reboot scripts fail, 56.Nm 57commences single-user operation by giving 58the super-user a shell on the console. 59The 60.Nm 61utility may be passed parameters 62from the boot program to 63prevent the system from going multi-user and to instead execute 64a single-user shell without starting the normal daemons. 65The system is then quiescent for maintenance work and may 66later be made to go to multi-user by exiting the 67single-user shell (with ^D). 68This 69causes 70.Nm 71to run the 72.Pa /etc/rc 73start up command file in fastboot mode (skipping disk checks). 74.Pp 75If the 76.Em console 77entry in the 78.Xr ttys 5 79file is marked 80.Dq insecure , 81then 82.Nm 83will require that the super-user password be 84entered before the system will start a single-user shell. 85The password check is skipped if the 86.Em console 87is marked as 88.Dq secure . 89Note that the password check does not protect from variables 90such as 91.Va init_script 92being set from the 93.Xr loader 8 94command line; see the 95.Sx SECURITY 96section of 97.Xr loader 8 . 98.Pp 99If the system security level (see 100.Xr security 7 ) 101is initially nonzero, then 102.Nm 103leaves it unchanged. 104Otherwise, 105.Nm 106raises the level to 1 before going multi-user for the first time. 107Since the level cannot be reduced, it will be at least 1 for 108subsequent operation, even on return to single-user. 109If a level higher than 1 is desired while running multi-user, 110it can be set before going multi-user, e.g., by the startup script 111.Xr rc 8 , 112using 113.Xr sysctl 8 114to set the 115.Va kern.securelevel 116variable to the required security level. 117.Pp 118If 119.Nm 120is run in a jail, the security level of the 121.Dq host system 122will not be affected. 123Part of the information set up in the kernel to support a jail 124is a per-jail security level. 125This allows running a higher security level inside of a jail 126than that of the host system. 127See 128.Xr jail 8 129for more information about jails. 130.Pp 131In multi-user operation, 132.Nm 133maintains 134processes for the terminal ports found in the file 135.Xr ttys 5 . 136The 137.Nm 138utility reads this file and executes the command found in the second field, 139unless the first field refers to a device in 140.Pa /dev 141which is not configured. 142The first field is supplied as the final argument to the command. 143This command is usually 144.Xr getty 8 ; 145.Nm getty 146opens and initializes the tty line 147and 148executes the 149.Xr login 1 150program. 151The 152.Nm login 153program, when a valid user logs in, 154executes a shell for that user. 155When this shell 156dies, either because the user logged out 157or an abnormal termination occurred (a signal), 158the cycle is restarted by 159executing a new 160.Nm getty 161for the line. 162.Pp 163The 164.Nm 165utility can also be used to keep arbitrary daemons running, 166automatically restarting them if they die. 167In this case, the first field in the 168.Xr ttys 5 169file must not reference the path to a configured device node 170and will be passed to the daemon 171as the final argument on its command line. 172This is similar to the facility offered in the 173.At V 174.Pa /etc/inittab . 175.Pp 176Line status (on, off, secure, getty, or window information) 177may be changed in the 178.Xr ttys 5 179file without a reboot by sending the signal 180.Dv SIGHUP 181to 182.Nm 183with the command 184.Dq Li "kill -HUP 1" . 185On receipt of this signal, 186.Nm 187re-reads the 188.Xr ttys 5 189file. 190When a line is turned off in 191.Xr ttys 5 , 192.Nm 193will send a SIGHUP signal to the controlling process 194for the session associated with the line. 195For any lines that were previously turned off in the 196.Xr ttys 5 197file and are now on, 198.Nm 199executes the command specified in the second field. 200If the command or window field for a line is changed, 201the change takes effect at the end of the current 202login session (e.g., the next time 203.Nm 204starts a process on the line). 205If a line is commented out or deleted from 206.Xr ttys 5 , 207.Nm 208will not do anything at all to that line. 209.Pp 210The 211.Nm 212utility will terminate multi-user operations and resume single-user mode 213if sent a terminate 214.Pq Dv TERM 215signal, for example, 216.Dq Li "kill \-TERM 1" . 217If there are processes outstanding that are deadlocked (because of 218hardware or software failure), 219.Nm 220will not wait for them all to die (which might take forever), but 221will time out after 30 seconds and print a warning message. 222.Pp 223The 224.Nm 225utility will cease creating new processes 226and allow the system to slowly die away, if it is sent a terminal stop 227.Pq Dv TSTP 228signal, i.e.\& 229.Dq Li "kill \-TSTP 1" . 230A later hangup will resume full 231multi-user operations, or a terminate will start a single-user shell. 232This hook is used by 233.Xr reboot 8 234and 235.Xr halt 8 . 236.Pp 237The 238.Nm 239utility will terminate all possible processes (again, it will not wait 240for deadlocked processes) and reboot the machine if sent the interrupt 241.Pq Dv INT 242signal, i.e.\& 243.Dq Li "kill \-INT 1". 244This is useful for shutting the machine down cleanly from inside the kernel 245or from X when the machine appears to be hung. 246.Pp 247The 248.Nm 249utility will do the same, except it will halt the machine if sent 250the user defined signal 1 251.Pq Dv USR1 , 252or will halt and turn the power off (if hardware permits) if sent 253the user defined signal 2 254.Pq Dv USR2 . 255.Pp 256When shutting down the machine, 257.Nm 258will try to run the 259.Pa /etc/rc.shutdown 260script. 261This script can be used to cleanly terminate specific programs such 262as 263.Nm innd 264(the InterNetNews server). 265If this script does not terminate within 120 seconds, 266.Nm 267will terminate it. 268The timeout can be configured via the 269.Xr sysctl 8 270variable 271.Va kern.init_shutdown_timeout . 272.Pp 273.Nm init 274passes 275.Dq Li single 276as the argument to the shutdown script if return to single-user mode 277is requested. 278Otherwise, 279.Dq Li reboot 280argument is used. 281.Pp 282After all user processes have been terminated, 283.Nm 284will try to run the 285.Pa /etc/rc.final 286script. 287This script can be used to finally prepare and unmount filesystems that may have 288been needed during shutdown, for instance. 289.Pp 290The role of 291.Nm 292is so critical that if it dies, the system will reboot itself 293automatically. 294If, at bootstrap time, the 295.Nm 296process cannot be located, the system will panic with the message 297.Dq "panic: init died (signal %d, exit %d)" . 298.Pp 299If run as a user process as shown in the second synopsis line, 300.Nm 301will emulate 302.At V 303behavior, i.e., super-user can specify the desired 304.Em run-level 305on a command line, and 306.Nm 307will signal the original 308(PID 1) 309.Nm 310as follows: 311.Bl -column Run-level SIGTERM 312.It Sy "Run-level Signal Action" 313.It Cm 0 Ta Dv SIGUSR1 Ta "Halt" 314.It Cm 0 Ta Dv SIGUSR2 Ta "Halt and turn the power off" 315.It Cm 0 Ta Dv SIGWINCH Ta "Halt and turn the power off and then back on" 316.It Cm 1 Ta Dv SIGTERM Ta "Go to single-user mode" 317.It Cm 6 Ta Dv SIGINT Ta "Reboot the machine" 318.It Cm c Ta Dv SIGTSTP Ta "Block further logins" 319.It Cm q Ta Dv SIGHUP Ta Rescan the 320.Xr ttys 5 321file 322.El 323.Sh KERNEL ENVIRONMENT VARIABLES 324The following 325.Xr kenv 2 326variables are available as 327.Xr loader 8 328tunables: 329.Bl -tag -width indent 330.It Va init_chroot 331If set to a valid directory in the root file system, it causes 332.Nm 333to perform a 334.Xr chroot 2 335operation on that directory, making it the new root directory. 336That happens before entering single-user mode or multi-user 337mode (but after executing the 338.Va init_script 339if enabled). 340This functionality has generally been eclipsed by rerooting. 341See 342.Xr reboot 8 343.Fl r 344for details. 345.It Va init_exec 346If set to a valid file name in the root file system, 347instructs 348.Nm 349to directly execute that file as the very first action, 350replacing 351.Nm 352as PID 1. 353.It Va init_script 354If set to a valid file name in the root file system, 355instructs 356.Nm 357to run that script as the very first action, 358before doing anything else. 359Signal handling and exit code interpretation is similar to 360running the 361.Pa /etc/rc 362script. 363In particular, single-user operation is enforced 364if the script terminates with a non-zero exit code, 365or if a SIGTERM is delivered to the 366.Nm 367process (PID 1). 368This functionality has generally been eclipsed by rerooting. 369See 370.Xr reboot 8 371.Fl r 372for details. 373.It Va init_shell 374Defines the shell binary to be used for executing the various shell scripts. 375The default is 376.Dq Li /bin/sh . 377It is used for running the 378.Va init_exec 379or 380.Va init_script 381if set, as well as for the 382.Pa /etc/rc , 383.Pa /etc/rc.shutdown , 384and 385.Pa /etc/rc.final 386scripts. 387The value of the corresponding 388.Xr kenv 2 389variable is evaluated every time 390.Nm 391calls a shell script, so it can be changed later on using the 392.Xr kenv 1 393utility. 394In particular, if a non-default shell is used for running an 395.Va init_script , 396it might be desirable to have that script reset the value of 397.Va init_shell 398back to the default, so that the 399.Pa /etc/rc 400script is executed with the standard shell 401.Pa /bin/sh . 402.Sh FILES 403.Bl -tag -width /var/log/init.log -compact 404.It Pa /dev/console 405system console device 406.It Pa /dev/tty* 407terminal ports found in 408.Xr ttys 5 409.It Pa /etc/ttys 410the terminal initialization information file 411.It Pa /etc/rc 412system startup commands 413.It Pa /etc/rc.shutdown 414system shutdown commands 415.It Pa /etc/rc.final 416system shutdown commands (after process termination) 417.It Pa /var/log/init.log 418log of 419.Xr rc 8 420output if the system console device is not available 421.El 422.Sh DIAGNOSTICS 423.Bl -diag 424.It "getty repeating too quickly on port %s, sleeping." 425A process being started to service a line is exiting quickly 426each time it is started. 427This is often caused by a ringing or noisy terminal line. 428.Bf -emphasis 429Init will sleep for 30 seconds, 430then continue trying to start the process. 431.Ef 432.It "some processes would not die; ps axl advised." 433A process 434is hung and could not be killed when the system was shutting down. 435This condition is usually caused by a process 436that is stuck in a device driver because of 437a persistent device error condition. 438.El 439.Sh SEE ALSO 440.Xr kill 1 , 441.Xr login 1 , 442.Xr sh 1 , 443.Xr ttys 5 , 444.Xr security 7 , 445.Xr getty 8 , 446.Xr halt 8 , 447.Xr jail 8 , 448.Xr rc 8 , 449.Xr reboot 8 , 450.Xr shutdown 8 , 451.Xr sysctl 8 452.Sh HISTORY 453An 454.Nm 455utility appeared in 456.At v1 . 457.Sh CAVEATS 458Systems without 459.Xr sysctl 8 460behave as though they have security level \-1. 461.Pp 462Setting the security level above 1 too early in the boot sequence can 463prevent 464.Xr fsck 8 465from repairing inconsistent file systems. 466The 467preferred location to set the security level is at the end of 468.Pa /etc/rc 469after all multi-user startup actions are complete. 470