1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" This code is derived from software contributed to Berkeley by 5.\" Donn Seeley at Berkeley Software Design, Inc. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. All advertising materials mentioning features or use of this software 16.\" must display the following acknowledgement: 17.\" This product includes software developed by the University of 18.\" California, Berkeley and its contributors. 19.\" 4. Neither the name of the University nor the names of its contributors 20.\" may be used to endorse or promote products derived from this software 21.\" without specific prior written permission. 22.\" 23.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33.\" SUCH DAMAGE. 34.\" 35.\" @(#)init.8 8.3 (Berkeley) 4/18/94 36.\" 37.Dd April 18, 1994 38.Dt INIT 8 39.Os BSD 4 40.Sh NAME 41.Nm init 42.Nd process control initialization 43.Sh SYNOPSIS 44.Nm init 45.Sh DESCRIPTION 46The 47.Nm init 48program 49is the last stage of the boot process. 50It normally runs the automatic reboot sequence as described in 51.Xr reboot 8 , 52and if this succeeds, begins multi-user operation. 53If the reboot scripts fail, 54.Nm init 55commences single user operation by giving 56the super-user a shell on the console. 57The 58.Nm init 59program may be passed parameters 60from the boot program to 61prevent the system from going multi-user and to instead execute 62a single user shell without starting the normal daemons. 63The system is then quiescent for maintenance work and may 64later be made to go to multi-user by exiting the 65single-user shell (with ^D). 66This 67causes 68.Nm init 69to run the 70.Pa /etc/rc 71start up command file in fastboot mode (skipping disk checks). 72.Pp 73If the 74.Nm console 75entry in the 76.Xr ttys 5 77file is marked ``insecure'', 78then 79.Nm init 80will require that the superuser password be 81entered before the system will start a single-user shell. 82The password check is skipped if the 83.Nm console 84is marked as ``secure''. 85.Pp 86The kernel runs with four different levels of security. 87Any superuser process can raise the security level, but only 88.Nm init 89can lower it. 90Security levels are defined as follows: 91.Bl -tag -width flag 92.It Ic -1 93Permanently insecure mode \- always run system in level 0 mode. 94.It Ic 0 95Insecure mode \- immutable and append-only flags may be turned off. 96All devices may be read or written subject to their permissions. 97.It Ic 1 98Secure mode \- immutable and append-only flags may not be changed; 99disks for mounted filesystems, 100.Pa /dev/mem , 101and 102.Pa /dev/kmem 103are read-only. 104.It Ic 2 105Highly secure mode \- same as secure mode, plus disks are always 106read-only whether mounted or not. 107This level precludes tampering with filesystems by unmounting them, 108but also inhibits running 109.Xr newfs 8 110while the system is multi-user. 111.El 112.Pp 113Normally, the system runs in level 0 mode while single user 114and in level 1 mode while multiuser. 115If the level 2 mode is desired while running multiuser, 116it can be set in the startup script 117.Pa /etc/rc 118using 119.Xr sysctl 8 . 120If it is desired to run the system in level 0 mode while multiuser, 121the administrator must build a kernel with the variable 122.Nm securelevel 123defined in the file 124.Pa /sys/compile/MACHINE/param.c 125and initialize it to -1. 126.Pp 127In multi-user operation, 128.Nm init 129maintains 130processes for the terminal ports found in the file 131.Xr ttys 5 . 132.Nm Init 133reads this file, and executes the command found in the second field. 134This command is usually 135.Xr getty 8 ; 136.Nm getty 137opens and initializes the tty line 138and 139executes the 140.Xr login 1 141program. 142The 143.Nm login 144program, when a valid user logs in, 145executes a shell for that user. When this shell 146dies, either because the user logged out 147or an abnormal termination occurred (a signal), 148the 149.Nm init 150program wakes up, deletes the user 151from the 152.Xr utmp 5 153file of current users and records the logout in the 154.Xr wtmp 5 155file. 156The cycle is 157then restarted by 158.Nm init 159executing a new 160.Nm getty 161for the line. 162.Pp 163Line status (on, off, secure, getty, or window information) 164may be changed in the 165.Xr ttys 5 166file without a reboot by sending the signal 167.Dv SIGHUP 168to 169.Nm init 170with the command 171.Dq Li "kill -HUP 1" . 172On receipt of this signal, 173.Nm init 174re-reads the 175.Xr ttys 5 176file. 177When a line is turned off in 178.Xr ttys 5 , 179.Nm init 180will send a SIGHUP signal to the controlling process 181for the session associated with the line. 182For any lines that were previously turned off in the 183.Xr ttys 5 184file and are now on, 185.Nm init 186executes a new 187.Nm getty 188to enable a new login. 189If the getty or window field for a line is changed, 190the change takes effect at the end of the current 191login session (e.g., the next time 192.Nm init 193starts a process on the line). 194If a line is commented out or deleted from 195.Xr ttys 5 , 196.Nm init 197will not do anything at all to that line. 198However, it will complain that the relationship between lines 199in the 200.Xr ttys 5 201file and records in the 202.Xr utmp 5 203file is out of sync, 204so this practice is not recommended. 205.Pp 206.Nm Init 207will terminate multi-user operations and resume single-user mode 208if sent a terminate 209.Pq Dv TERM 210signal, for example, 211.Dq Li "kill \-TERM 1" . 212If there are processes outstanding that are deadlocked (because of 213hardware or software failure), 214.Nm init 215will not wait for them all to die (which might take forever), but 216will time out after 30 seconds and print a warning message. 217.Pp 218.Nm Init 219will cease creating new 220.Nm getty Ns 's 221and allow the system to slowly die away, if it is sent a terminal stop 222.Pq Dv TSTP 223signal, i.e. 224.Dq Li "kill \-TSTP 1" . 225A later hangup will resume full 226multi-user operations, or a terminate will start a single user shell. 227This hook is used by 228.Xr reboot 8 229and 230.Xr halt 8 . 231.Pp 232.Nm Init 233will terminate all possible processes (again, it will not wait 234for deadlocked processes) and reboot the machine if sent the interrupt 235.Pq Dv INT 236signal, i.e. 237.Dq Li "kill \-INT 1". 238This is useful for shutting the machine down cleanly from inside the kernel 239or from X when the machines appears to be hung. 240.Pp 241The role of 242.Nm init 243is so critical that if it dies, the system will reboot itself 244automatically. 245If, at bootstrap time, the 246.Nm init 247process cannot be located, the system will panic with the message 248``panic: "init died (signal %d, exit %d)''. 249.Sh DIAGNOSTICS 250.Bl -diag 251.It "getty repeating too quickly on port %s, sleeping" 252A process being started to service a line is exiting quickly 253each time it is started. 254This is often caused by a ringing or noisy terminal line. 255.Em "Init will sleep for 10 seconds" , 256.Em "then continue trying to start the process" . 257.Pp 258.It "some processes would not die; ps axl advised." 259A process 260is hung and could not be killed when the system was shutting down. 261This condition is usually caused by a process 262that is stuck in a device driver because of 263a persistent device error condition. 264.El 265.Sh FILES 266.Bl -tag -width /var/log/wtmp -compact 267.It Pa /dev/console 268System console device. 269.It Pa /dev/tty* 270Terminal ports found in 271.Xr ttys 5 . 272.It Pa /var/run/utmp 273Record of Current users on the system. 274.It Pa /var/log/wtmp 275Record of all logins and logouts. 276.It Pa /etc/ttys 277The terminal initialization information file. 278.It Pa /etc/rc 279System startup commands. 280.El 281.Sh SEE ALSO 282.Xr login 1 , 283.Xr kill 1 , 284.Xr sh 1 , 285.Xr ttys 5 , 286.Xr crash 8 , 287.Xr getty 8 , 288.Xr rc 8 , 289.Xr reboot 8 , 290.Xr halt 8 , 291.Xr shutdown 8 292.Sh HISTORY 293A 294.Nm 295command appeared in 296.At v6 . 297.Sh BUGS 298Systems without 299.Xr sysctl 300behave as though they have security level \-1. 301