1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" This code is derived from software contributed to Berkeley by 5.\" Donn Seeley at Berkeley Software Design, Inc. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. All advertising materials mentioning features or use of this software 16.\" must display the following acknowledgement: 17.\" This product includes software developed by the University of 18.\" California, Berkeley and its contributors. 19.\" 4. Neither the name of the University nor the names of its contributors 20.\" may be used to endorse or promote products derived from this software 21.\" without specific prior written permission. 22.\" 23.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33.\" SUCH DAMAGE. 34.\" 35.\" @(#)init.8 8.3 (Berkeley) 4/18/94 36.\" $Id$ 37.\" 38.Dd April 18, 1994 39.Dt INIT 8 40.Os BSD 4 41.Sh NAME 42.Nm init 43.Nd process control initialization 44.Sh SYNOPSIS 45.Nm init 46.Sh DESCRIPTION 47The 48.Nm init 49program 50is the last stage of the boot process. 51It normally runs the automatic reboot sequence as described in 52.Xr reboot 8 , 53and if this succeeds, begins multi-user operation. 54If the reboot scripts fail, 55.Nm init 56commences single user operation by giving 57the super-user a shell on the console. 58The 59.Nm init 60program may be passed parameters 61from the boot program to 62prevent the system from going multi-user and to instead execute 63a single user shell without starting the normal daemons. 64The system is then quiescent for maintenance work and may 65later be made to go to multi-user by exiting the 66single-user shell (with ^D). 67This 68causes 69.Nm init 70to run the 71.Pa /etc/rc 72start up command file in fastboot mode (skipping disk checks). 73.Pp 74If the 75.Nm console 76entry in the 77.Xr ttys 5 78file is marked ``insecure'', 79then 80.Nm init 81will require that the superuser password be 82entered before the system will start a single-user shell. 83The password check is skipped if the 84.Nm console 85is marked as ``secure''. 86.Pp 87The kernel runs with four different levels of security. 88Any superuser process can raise the security level, but only 89.Nm init 90can lower it. 91The security levels are: 92.Bl -tag -width flag 93.It Ic -1 94Permanently insecure mode \- always run the system in level 0 mode. 95.It Ic 0 96Insecure mode \- immutable and append-only flags may be turned off. 97All devices may be read or written subject to their permissions. 98.It Ic 1 99Secure mode \- immutable and append-only flags may not be changed; 100disks for mounted filesystems, 101.Pa /dev/mem , 102and 103.Pa /dev/kmem 104may not be opened for writing. 105.It Ic 2 106Highly secure mode \- same as secure mode, plus disks may not be 107opened for writing (except by 108.Xr mount 2 ) 109whether mounted or not. 110This level precludes tampering with filesystems by unmounting them, 111but also inhibits running 112.Xr newfs 8 113while the system is multi-user. 114.El 115.Pp 116If the security level is initially -1, then 117.Nm init 118leaves it unchanged. 119Otherwise, 120.Nm init 121arranges to run the system in level 0 mode while single user 122and in level 1 mode while multiuser. 123If level 2 mode is desired while running multiuser, 124it can be set while single user, e.g., in the startup script 125.Pa /etc/rc , 126using 127.Xr sysctl 8 . 128.Pp 129In multi-user operation, 130.Nm init 131maintains 132processes for the terminal ports found in the file 133.Xr ttys 5 . 134.Nm Init 135reads this file, and executes the command found in the second field. 136This command is usually 137.Xr getty 8 ; 138.Nm getty 139opens and initializes the tty line 140and 141executes the 142.Xr login 1 143program. 144The 145.Nm login 146program, when a valid user logs in, 147executes a shell for that user. When this shell 148dies, either because the user logged out 149or an abnormal termination occurred (a signal), 150the 151.Nm init 152program wakes up, deletes the user 153from the 154.Xr utmp 5 155file of current users and records the logout in the 156.Xr wtmp 5 157file. 158The cycle is 159then restarted by 160.Nm init 161executing a new 162.Nm getty 163for the line. 164.Pp 165Line status (on, off, secure, getty, or window information) 166may be changed in the 167.Xr ttys 5 168file without a reboot by sending the signal 169.Dv SIGHUP 170to 171.Nm init 172with the command 173.Dq Li "kill -HUP 1" . 174On receipt of this signal, 175.Nm init 176re-reads the 177.Xr ttys 5 178file. 179When a line is turned off in 180.Xr ttys 5 , 181.Nm init 182will send a SIGHUP signal to the controlling process 183for the session associated with the line. 184For any lines that were previously turned off in the 185.Xr ttys 5 186file and are now on, 187.Nm init 188executes a new 189.Nm getty 190to enable a new login. 191If the getty or window field for a line is changed, 192the change takes effect at the end of the current 193login session (e.g., the next time 194.Nm init 195starts a process on the line). 196If a line is commented out or deleted from 197.Xr ttys 5 , 198.Nm init 199will not do anything at all to that line. 200However, it will complain that the relationship between lines 201in the 202.Xr ttys 5 203file and records in the 204.Xr utmp 5 205file is out of sync, 206so this practice is not recommended. 207.Pp 208.Nm Init 209will terminate multi-user operations and resume single-user mode 210if sent a terminate 211.Pq Dv TERM 212signal, for example, 213.Dq Li "kill \-TERM 1" . 214If there are processes outstanding that are deadlocked (because of 215hardware or software failure), 216.Nm init 217will not wait for them all to die (which might take forever), but 218will time out after 30 seconds and print a warning message. 219.Pp 220.Nm Init 221will cease creating new 222.Nm getty Ns 's 223and allow the system to slowly die away, if it is sent a terminal stop 224.Pq Dv TSTP 225signal, i.e. 226.Dq Li "kill \-TSTP 1" . 227A later hangup will resume full 228multi-user operations, or a terminate will start a single user shell. 229This hook is used by 230.Xr reboot 8 231and 232.Xr halt 8 . 233.Pp 234.Nm Init 235will terminate all possible processes (again, it will not wait 236for deadlocked processes) and reboot the machine if sent the interrupt 237.Pq Dv INT 238signal, i.e. 239.Dq Li "kill \-INT 1". 240This is useful for shutting the machine down cleanly from inside the kernel 241or from X when the machine appears to be hung. 242.Pp 243The role of 244.Nm init 245is so critical that if it dies, the system will reboot itself 246automatically. 247If, at bootstrap time, the 248.Nm init 249process cannot be located, the system will panic with the message 250``panic: "init died (signal %d, exit %d)''. 251.Sh DIAGNOSTICS 252.Bl -diag 253.It "getty repeating too quickly on port %s, sleeping" 254A process being started to service a line is exiting quickly 255each time it is started. 256This is often caused by a ringing or noisy terminal line. 257.Em "Init will sleep for 10 seconds" , 258.Em "then continue trying to start the process" . 259.Pp 260.It "some processes would not die; ps axl advised." 261A process 262is hung and could not be killed when the system was shutting down. 263This condition is usually caused by a process 264that is stuck in a device driver because of 265a persistent device error condition. 266.El 267.Sh FILES 268.Bl -tag -width /var/log/wtmp -compact 269.It Pa /dev/console 270System console device. 271.It Pa /dev/tty* 272Terminal ports found in 273.Xr ttys 5 . 274.It Pa /var/run/utmp 275Record of Current users on the system. 276.It Pa /var/log/wtmp 277Record of all logins and logouts. 278.It Pa /etc/ttys 279The terminal initialization information file. 280.It Pa /etc/rc 281System startup commands. 282.El 283.Sh SEE ALSO 284.Xr kill 1 , 285.Xr login 1 , 286.Xr sh 1 , 287.Xr ttys 5 , 288.Xr crash 8 , 289.Xr getty 8 , 290.Xr halt 8 , 291.Xr rc 8 , 292.Xr reboot 8 , 293.Xr shutdown 8 294.Sh HISTORY 295A 296.Nm 297command appeared in 298.At v6 . 299.Sh BUGS 300Systems without 301.Xr sysctl 302behave as though they have security level \-1. 303