1 /*- 2 * Copyright (c) 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Donn Seeley at Berkeley Software Design, Inc. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #ifndef lint 38 static const char copyright[] = 39 "@(#) Copyright (c) 1991, 1993\n\ 40 The Regents of the University of California. All rights reserved.\n"; 41 #endif /* not lint */ 42 43 #ifndef lint 44 #if 0 45 static char sccsid[] = "@(#)init.c 8.1 (Berkeley) 7/15/93"; 46 #endif 47 static const char rcsid[] = 48 "$FreeBSD$"; 49 #endif /* not lint */ 50 51 #include <sys/param.h> 52 #include <sys/ioctl.h> 53 #include <sys/mount.h> 54 #include <sys/sysctl.h> 55 #include <sys/wait.h> 56 #include <sys/stat.h> 57 58 #include <db.h> 59 #include <errno.h> 60 #include <fcntl.h> 61 #include <libutil.h> 62 #include <paths.h> 63 #include <signal.h> 64 #include <stdio.h> 65 #include <stdlib.h> 66 #include <string.h> 67 #include <syslog.h> 68 #include <time.h> 69 #include <ttyent.h> 70 #include <unistd.h> 71 #include <sys/reboot.h> 72 #include <err.h> 73 74 #ifdef __STDC__ 75 #include <stdarg.h> 76 #else 77 #include <varargs.h> 78 #endif 79 80 #ifdef SECURE 81 #include <pwd.h> 82 #endif 83 84 #ifdef LOGIN_CAP 85 #include <login_cap.h> 86 #endif 87 88 #include "pathnames.h" 89 90 /* 91 * Sleep times; used to prevent thrashing. 92 */ 93 #define GETTY_SPACING 5 /* N secs minimum getty spacing */ 94 #define GETTY_SLEEP 30 /* sleep N secs after spacing problem */ 95 #define GETTY_NSPACE 3 /* max. spacing count to bring reaction */ 96 #define WINDOW_WAIT 3 /* wait N secs after starting window */ 97 #define STALL_TIMEOUT 30 /* wait N secs after warning */ 98 #define DEATH_WATCH 10 /* wait N secs for procs to die */ 99 #define DEATH_SCRIPT 120 /* wait for 2min for /etc/rc.shutdown */ 100 #define RESOURCE_RC "daemon" 101 #define RESOURCE_WINDOW "default" 102 #define RESOURCE_GETTY "default" 103 104 void handle __P((sig_t, ...)); 105 void delset __P((sigset_t *, ...)); 106 107 void stall __P((const char *, ...)) __printflike(1, 2); 108 void warning __P((const char *, ...)) __printflike(1, 2); 109 void emergency __P((const char *, ...)) __printflike(1, 2); 110 void disaster __P((int)); 111 void badsys __P((int)); 112 int runshutdown __P((void)); 113 114 /* 115 * We really need a recursive typedef... 116 * The following at least guarantees that the return type of (*state_t)() 117 * is sufficiently wide to hold a function pointer. 118 */ 119 typedef long (*state_func_t) __P((void)); 120 typedef state_func_t (*state_t) __P((void)); 121 122 state_func_t single_user __P((void)); 123 state_func_t runcom __P((void)); 124 state_func_t read_ttys __P((void)); 125 state_func_t multi_user __P((void)); 126 state_func_t clean_ttys __P((void)); 127 state_func_t catatonia __P((void)); 128 state_func_t death __P((void)); 129 130 enum { AUTOBOOT, FASTBOOT } runcom_mode = AUTOBOOT; 131 #define FALSE 0 132 #define TRUE 1 133 134 int Reboot = FALSE; 135 int howto = RB_AUTOBOOT; 136 137 int devfs; 138 139 void transition __P((state_t)); 140 state_t requested_transition = runcom; 141 142 void setctty __P((char *)); 143 144 typedef struct init_session { 145 int se_index; /* index of entry in ttys file */ 146 pid_t se_process; /* controlling process */ 147 time_t se_started; /* used to avoid thrashing */ 148 int se_flags; /* status of session */ 149 #define SE_SHUTDOWN 0x1 /* session won't be restarted */ 150 #define SE_PRESENT 0x2 /* session is in /etc/ttys */ 151 int se_nspace; /* spacing count */ 152 char *se_device; /* filename of port */ 153 char *se_getty; /* what to run on that port */ 154 char *se_getty_argv_space; /* pre-parsed argument array space */ 155 char **se_getty_argv; /* pre-parsed argument array */ 156 char *se_window; /* window system (started only once) */ 157 char *se_window_argv_space; /* pre-parsed argument array space */ 158 char **se_window_argv; /* pre-parsed argument array */ 159 char *se_type; /* default terminal type */ 160 struct init_session *se_prev; 161 struct init_session *se_next; 162 } session_t; 163 164 void free_session __P((session_t *)); 165 session_t *new_session __P((session_t *, int, struct ttyent *)); 166 session_t *sessions; 167 168 char **construct_argv __P((char *)); 169 void start_window_system __P((session_t *)); 170 void collect_child __P((pid_t)); 171 pid_t start_getty __P((session_t *)); 172 void transition_handler __P((int)); 173 void alrm_handler __P((int)); 174 void setsecuritylevel __P((int)); 175 int getsecuritylevel __P((void)); 176 int setupargv __P((session_t *, struct ttyent *)); 177 #ifdef LOGIN_CAP 178 void setprocresources __P((const char *)); 179 #endif 180 int clang; 181 182 void clear_session_logs __P((session_t *)); 183 184 int start_session_db __P((void)); 185 void add_session __P((session_t *)); 186 void del_session __P((session_t *)); 187 session_t *find_session __P((pid_t)); 188 DB *session_db; 189 190 /* 191 * The mother of all processes. 192 */ 193 int 194 main(argc, argv) 195 int argc; 196 char **argv; 197 { 198 int c; 199 struct sigaction sa; 200 sigset_t mask; 201 202 203 /* Dispose of random users. */ 204 if (getuid() != 0) 205 errx(1, "%s", strerror(EPERM)); 206 207 /* System V users like to reexec init. */ 208 if (getpid() != 1) { 209 #ifdef COMPAT_SYSV_INIT 210 /* So give them what they want */ 211 if (argc > 1) { 212 if (strlen(argv[1]) == 1) { 213 register char runlevel = *argv[1]; 214 register int sig; 215 216 switch (runlevel) { 217 case '0': /* halt + poweroff */ 218 sig = SIGUSR2; 219 break; 220 case '1': /* single-user */ 221 sig = SIGTERM; 222 break; 223 case '6': /* reboot */ 224 sig = SIGINT; 225 break; 226 case 'c': /* block further logins */ 227 sig = SIGTSTP; 228 break; 229 case 'q': /* rescan /etc/ttys */ 230 sig = SIGHUP; 231 break; 232 default: 233 goto invalid; 234 } 235 kill(1, sig); 236 _exit(0); 237 } else 238 invalid: 239 errx(1, "invalid run-level ``%s''", argv[1]); 240 } else 241 #endif 242 errx(1, "already running"); 243 } 244 /* 245 * Note that this does NOT open a file... 246 * Does 'init' deserve its own facility number? 247 */ 248 openlog("init", LOG_CONS|LOG_ODELAY, LOG_AUTH); 249 250 /* 251 * Create an initial session. 252 */ 253 if (setsid() < 0) 254 warning("initial setsid() failed: %m"); 255 256 /* 257 * Establish an initial user so that programs running 258 * single user do not freak out and die (like passwd). 259 */ 260 if (setlogin("root") < 0) 261 warning("setlogin() failed: %m"); 262 263 /* 264 * This code assumes that we always get arguments through flags, 265 * never through bits set in some random machine register. 266 */ 267 while ((c = getopt(argc, argv, "dsf")) != -1) 268 switch (c) { 269 case 'd': 270 devfs = 1; 271 break; 272 case 's': 273 requested_transition = single_user; 274 break; 275 case 'f': 276 runcom_mode = FASTBOOT; 277 break; 278 default: 279 warning("unrecognized flag '-%c'", c); 280 break; 281 } 282 283 if (optind != argc) 284 warning("ignoring excess arguments"); 285 286 if (devfs) { 287 char *s; 288 int i; 289 290 /* 291 * Try to avoid the trailing slash in _PATH_DEV. 292 * Be *very* defensive. 293 */ 294 s = strdup(_PATH_DEV); 295 if (s != NULL) { 296 i = strlen(s); 297 if (i > 0 && s[i - 1] == '/') 298 s[i - 1] = '\0'; 299 mount("devfs", s, 0, 0); 300 free(s); 301 } else { 302 mount("devfs", _PATH_DEV, 0, 0); 303 } 304 } 305 306 /* 307 * We catch or block signals rather than ignore them, 308 * so that they get reset on exec. 309 */ 310 handle(badsys, SIGSYS, 0); 311 handle(disaster, SIGABRT, SIGFPE, SIGILL, SIGSEGV, 312 SIGBUS, SIGXCPU, SIGXFSZ, 0); 313 handle(transition_handler, SIGHUP, SIGINT, SIGTERM, SIGTSTP, 314 SIGUSR1, SIGUSR2, 0); 315 handle(alrm_handler, SIGALRM, 0); 316 sigfillset(&mask); 317 delset(&mask, SIGABRT, SIGFPE, SIGILL, SIGSEGV, SIGBUS, SIGSYS, 318 SIGXCPU, SIGXFSZ, SIGHUP, SIGINT, SIGTERM, SIGTSTP, SIGALRM, 319 SIGUSR1, SIGUSR2, 0); 320 sigprocmask(SIG_SETMASK, &mask, (sigset_t *) 0); 321 sigemptyset(&sa.sa_mask); 322 sa.sa_flags = 0; 323 sa.sa_handler = SIG_IGN; 324 (void) sigaction(SIGTTIN, &sa, (struct sigaction *)0); 325 (void) sigaction(SIGTTOU, &sa, (struct sigaction *)0); 326 327 /* 328 * Paranoia. 329 */ 330 close(0); 331 close(1); 332 close(2); 333 334 /* 335 * Start the state machine. 336 */ 337 transition(requested_transition); 338 339 /* 340 * Should never reach here. 341 */ 342 return 1; 343 } 344 345 /* 346 * Associate a function with a signal handler. 347 */ 348 void 349 #ifdef __STDC__ 350 handle(sig_t handler, ...) 351 #else 352 handle(va_alist) 353 va_dcl 354 #endif 355 { 356 int sig; 357 struct sigaction sa; 358 sigset_t mask_everything; 359 va_list ap; 360 #ifndef __STDC__ 361 sig_t handler; 362 363 va_start(ap); 364 handler = va_arg(ap, sig_t); 365 #else 366 va_start(ap, handler); 367 #endif 368 369 sa.sa_handler = handler; 370 sigfillset(&mask_everything); 371 372 while ((sig = va_arg(ap, int)) != NULL) { 373 sa.sa_mask = mask_everything; 374 /* XXX SA_RESTART? */ 375 sa.sa_flags = sig == SIGCHLD ? SA_NOCLDSTOP : 0; 376 sigaction(sig, &sa, (struct sigaction *) 0); 377 } 378 va_end(ap); 379 } 380 381 /* 382 * Delete a set of signals from a mask. 383 */ 384 void 385 #ifdef __STDC__ 386 delset(sigset_t *maskp, ...) 387 #else 388 delset(va_alist) 389 va_dcl 390 #endif 391 { 392 int sig; 393 va_list ap; 394 #ifndef __STDC__ 395 sigset_t *maskp; 396 397 va_start(ap); 398 maskp = va_arg(ap, sigset_t *); 399 #else 400 va_start(ap, maskp); 401 #endif 402 403 while ((sig = va_arg(ap, int)) != NULL) 404 sigdelset(maskp, sig); 405 va_end(ap); 406 } 407 408 /* 409 * Log a message and sleep for a while (to give someone an opportunity 410 * to read it and to save log or hardcopy output if the problem is chronic). 411 * NB: should send a message to the session logger to avoid blocking. 412 */ 413 void 414 #ifdef __STDC__ 415 stall(const char *message, ...) 416 #else 417 stall(va_alist) 418 va_dcl 419 #endif 420 { 421 va_list ap; 422 #ifndef __STDC__ 423 const char *message; 424 425 va_start(ap); 426 message = va_arg(ap, char *); 427 #else 428 va_start(ap, message); 429 #endif 430 431 vsyslog(LOG_ALERT, message, ap); 432 va_end(ap); 433 sleep(STALL_TIMEOUT); 434 } 435 436 /* 437 * Like stall(), but doesn't sleep. 438 * If cpp had variadic macros, the two functions could be #defines for another. 439 * NB: should send a message to the session logger to avoid blocking. 440 */ 441 void 442 #ifdef __STDC__ 443 warning(const char *message, ...) 444 #else 445 warning(va_alist) 446 va_dcl 447 #endif 448 { 449 va_list ap; 450 #ifndef __STDC__ 451 const char *message; 452 453 va_start(ap); 454 message = va_arg(ap, char *); 455 #else 456 va_start(ap, message); 457 #endif 458 459 vsyslog(LOG_ALERT, message, ap); 460 va_end(ap); 461 } 462 463 /* 464 * Log an emergency message. 465 * NB: should send a message to the session logger to avoid blocking. 466 */ 467 void 468 #ifdef __STDC__ 469 emergency(const char *message, ...) 470 #else 471 emergency(va_alist) 472 va_dcl 473 #endif 474 { 475 va_list ap; 476 #ifndef __STDC__ 477 const char *message; 478 479 va_start(ap); 480 message = va_arg(ap, char *); 481 #else 482 va_start(ap, message); 483 #endif 484 485 vsyslog(LOG_EMERG, message, ap); 486 va_end(ap); 487 } 488 489 /* 490 * Catch a SIGSYS signal. 491 * 492 * These may arise if a system does not support sysctl. 493 * We tolerate up to 25 of these, then throw in the towel. 494 */ 495 void 496 badsys(sig) 497 int sig; 498 { 499 static int badcount = 0; 500 501 if (badcount++ < 25) 502 return; 503 disaster(sig); 504 } 505 506 /* 507 * Catch an unexpected signal. 508 */ 509 void 510 disaster(sig) 511 int sig; 512 { 513 emergency("fatal signal: %s", 514 (unsigned)sig < NSIG ? sys_siglist[sig] : "unknown signal"); 515 516 sleep(STALL_TIMEOUT); 517 _exit(sig); /* reboot */ 518 } 519 520 /* 521 * Get the security level of the kernel. 522 */ 523 int 524 getsecuritylevel() 525 { 526 #ifdef KERN_SECURELVL 527 int name[2], curlevel; 528 size_t len; 529 530 name[0] = CTL_KERN; 531 name[1] = KERN_SECURELVL; 532 len = sizeof curlevel; 533 if (sysctl(name, 2, &curlevel, &len, NULL, 0) == -1) { 534 emergency("cannot get kernel security level: %s", 535 strerror(errno)); 536 return (-1); 537 } 538 return (curlevel); 539 #else 540 return (-1); 541 #endif 542 } 543 544 /* 545 * Set the security level of the kernel. 546 */ 547 void 548 setsecuritylevel(newlevel) 549 int newlevel; 550 { 551 #ifdef KERN_SECURELVL 552 int name[2], curlevel; 553 554 curlevel = getsecuritylevel(); 555 if (newlevel == curlevel) 556 return; 557 name[0] = CTL_KERN; 558 name[1] = KERN_SECURELVL; 559 if (sysctl(name, 2, NULL, NULL, &newlevel, sizeof newlevel) == -1) { 560 emergency( 561 "cannot change kernel security level from %d to %d: %s", 562 curlevel, newlevel, strerror(errno)); 563 return; 564 } 565 #ifdef SECURE 566 warning("kernel security level changed from %d to %d", 567 curlevel, newlevel); 568 #endif 569 #endif 570 } 571 572 /* 573 * Change states in the finite state machine. 574 * The initial state is passed as an argument. 575 */ 576 void 577 transition(s) 578 state_t s; 579 { 580 for (;;) 581 s = (state_t) (*s)(); 582 } 583 584 /* 585 * Close out the accounting files for a login session. 586 * NB: should send a message to the session logger to avoid blocking. 587 */ 588 void 589 clear_session_logs(sp) 590 session_t *sp; 591 { 592 char *line = sp->se_device + sizeof(_PATH_DEV) - 1; 593 594 if (logout(line)) 595 logwtmp(line, "", ""); 596 } 597 598 /* 599 * Start a session and allocate a controlling terminal. 600 * Only called by children of init after forking. 601 */ 602 void 603 setctty(name) 604 char *name; 605 { 606 int fd; 607 608 (void) revoke(name); 609 if ((fd = open(name, O_RDWR)) == -1) { 610 stall("can't open %s: %m", name); 611 _exit(1); 612 } 613 if (login_tty(fd) == -1) { 614 stall("can't get %s for controlling terminal: %m", name); 615 _exit(1); 616 } 617 } 618 619 /* 620 * Bring the system up single user. 621 */ 622 state_func_t 623 single_user() 624 { 625 pid_t pid, wpid; 626 int status; 627 sigset_t mask; 628 char *shell = _PATH_BSHELL; 629 char *argv[2]; 630 #ifdef SECURE 631 struct ttyent *typ; 632 struct passwd *pp; 633 static const char banner[] = 634 "Enter root password, or ^D to go multi-user\n"; 635 char *clear, *password; 636 #endif 637 #ifdef DEBUGSHELL 638 char altshell[128]; 639 #endif 640 641 if (Reboot) { 642 /* Instead of going single user, let's reboot the machine */ 643 sync(); 644 alarm(2); 645 pause(); 646 reboot(howto); 647 _exit(0); 648 } 649 650 if ((pid = fork()) == 0) { 651 /* 652 * Start the single user session. 653 */ 654 setctty(_PATH_CONSOLE); 655 656 #ifdef SECURE 657 /* 658 * Check the root password. 659 * We don't care if the console is 'on' by default; 660 * it's the only tty that can be 'off' and 'secure'. 661 */ 662 typ = getttynam("console"); 663 pp = getpwnam("root"); 664 if (typ && (typ->ty_status & TTY_SECURE) == 0 && 665 pp && *pp->pw_passwd) { 666 write(STDERR_FILENO, banner, sizeof banner - 1); 667 for (;;) { 668 clear = getpass("Password:"); 669 if (clear == 0 || *clear == '\0') 670 _exit(0); 671 password = crypt(clear, pp->pw_passwd); 672 bzero(clear, _PASSWORD_LEN); 673 if (strcmp(password, pp->pw_passwd) == 0) 674 break; 675 warning("single-user login failed\n"); 676 } 677 } 678 endttyent(); 679 endpwent(); 680 #endif /* SECURE */ 681 682 #ifdef DEBUGSHELL 683 { 684 char *cp = altshell; 685 int num; 686 687 #define SHREQUEST \ 688 "Enter full pathname of shell or RETURN for " _PATH_BSHELL ": " 689 (void)write(STDERR_FILENO, 690 SHREQUEST, sizeof(SHREQUEST) - 1); 691 while ((num = read(STDIN_FILENO, cp, 1)) != -1 && 692 num != 0 && *cp != '\n' && cp < &altshell[127]) 693 cp++; 694 *cp = '\0'; 695 if (altshell[0] != '\0') 696 shell = altshell; 697 } 698 #endif /* DEBUGSHELL */ 699 700 /* 701 * Unblock signals. 702 * We catch all the interesting ones, 703 * and those are reset to SIG_DFL on exec. 704 */ 705 sigemptyset(&mask); 706 sigprocmask(SIG_SETMASK, &mask, (sigset_t *) 0); 707 708 /* 709 * Fire off a shell. 710 * If the default one doesn't work, try the Bourne shell. 711 */ 712 argv[0] = "-sh"; 713 argv[1] = 0; 714 execv(shell, argv); 715 emergency("can't exec %s for single user: %m", shell); 716 execv(_PATH_BSHELL, argv); 717 emergency("can't exec %s for single user: %m", _PATH_BSHELL); 718 sleep(STALL_TIMEOUT); 719 _exit(1); 720 } 721 722 if (pid == -1) { 723 /* 724 * We are seriously hosed. Do our best. 725 */ 726 emergency("can't fork single-user shell, trying again"); 727 while (waitpid(-1, (int *) 0, WNOHANG) > 0) 728 continue; 729 return (state_func_t) single_user; 730 } 731 732 requested_transition = 0; 733 do { 734 if ((wpid = waitpid(-1, &status, WUNTRACED)) != -1) 735 collect_child(wpid); 736 if (wpid == -1) { 737 if (errno == EINTR) 738 continue; 739 warning("wait for single-user shell failed: %m; restarting"); 740 return (state_func_t) single_user; 741 } 742 if (wpid == pid && WIFSTOPPED(status)) { 743 warning("init: shell stopped, restarting\n"); 744 kill(pid, SIGCONT); 745 wpid = -1; 746 } 747 } while (wpid != pid && !requested_transition); 748 749 if (requested_transition) 750 return (state_func_t) requested_transition; 751 752 if (!WIFEXITED(status)) { 753 if (WTERMSIG(status) == SIGKILL) { 754 /* 755 * reboot(8) killed shell? 756 */ 757 warning("single user shell terminated."); 758 sleep(STALL_TIMEOUT); 759 _exit(0); 760 } else { 761 warning("single user shell terminated, restarting"); 762 return (state_func_t) single_user; 763 } 764 } 765 766 runcom_mode = FASTBOOT; 767 return (state_func_t) runcom; 768 } 769 770 /* 771 * Run the system startup script. 772 */ 773 state_func_t 774 runcom() 775 { 776 pid_t pid, wpid; 777 int status; 778 char *argv[4]; 779 struct sigaction sa; 780 781 if ((pid = fork()) == 0) { 782 sigemptyset(&sa.sa_mask); 783 sa.sa_flags = 0; 784 sa.sa_handler = SIG_IGN; 785 (void) sigaction(SIGTSTP, &sa, (struct sigaction *)0); 786 (void) sigaction(SIGHUP, &sa, (struct sigaction *)0); 787 788 setctty(_PATH_CONSOLE); 789 790 argv[0] = "sh"; 791 argv[1] = _PATH_RUNCOM; 792 argv[2] = runcom_mode == AUTOBOOT ? "autoboot" : 0; 793 argv[3] = 0; 794 795 sigprocmask(SIG_SETMASK, &sa.sa_mask, (sigset_t *) 0); 796 797 #ifdef LOGIN_CAP 798 setprocresources(RESOURCE_RC); 799 #endif 800 execv(_PATH_BSHELL, argv); 801 stall("can't exec %s for %s: %m", _PATH_BSHELL, _PATH_RUNCOM); 802 _exit(1); /* force single user mode */ 803 } 804 805 if (pid == -1) { 806 emergency("can't fork for %s on %s: %m", 807 _PATH_BSHELL, _PATH_RUNCOM); 808 while (waitpid(-1, (int *) 0, WNOHANG) > 0) 809 continue; 810 sleep(STALL_TIMEOUT); 811 return (state_func_t) single_user; 812 } 813 814 /* 815 * Copied from single_user(). This is a bit paranoid. 816 */ 817 requested_transition = 0; 818 do { 819 if ((wpid = waitpid(-1, &status, WUNTRACED)) != -1) 820 collect_child(wpid); 821 if (wpid == -1) { 822 if (requested_transition == death) 823 return (state_func_t) death; 824 if (errno == EINTR) 825 continue; 826 warning("wait for %s on %s failed: %m; going to single user mode", 827 _PATH_BSHELL, _PATH_RUNCOM); 828 return (state_func_t) single_user; 829 } 830 if (wpid == pid && WIFSTOPPED(status)) { 831 warning("init: %s on %s stopped, restarting\n", 832 _PATH_BSHELL, _PATH_RUNCOM); 833 kill(pid, SIGCONT); 834 wpid = -1; 835 } 836 } while (wpid != pid); 837 838 if (WIFSIGNALED(status) && WTERMSIG(status) == SIGTERM && 839 requested_transition == catatonia) { 840 /* /etc/rc executed /sbin/reboot; wait for the end quietly */ 841 sigset_t s; 842 843 sigfillset(&s); 844 for (;;) 845 sigsuspend(&s); 846 } 847 848 if (!WIFEXITED(status)) { 849 warning("%s on %s terminated abnormally, going to single user mode", 850 _PATH_BSHELL, _PATH_RUNCOM); 851 return (state_func_t) single_user; 852 } 853 854 if (WEXITSTATUS(status)) 855 return (state_func_t) single_user; 856 857 runcom_mode = AUTOBOOT; /* the default */ 858 /* NB: should send a message to the session logger to avoid blocking. */ 859 logwtmp("~", "reboot", ""); 860 return (state_func_t) read_ttys; 861 } 862 863 /* 864 * Open the session database. 865 * 866 * NB: We could pass in the size here; is it necessary? 867 */ 868 int 869 start_session_db() 870 { 871 if (session_db && (*session_db->close)(session_db)) 872 emergency("session database close: %s", strerror(errno)); 873 if ((session_db = dbopen(NULL, O_RDWR, 0, DB_HASH, NULL)) == 0) { 874 emergency("session database open: %s", strerror(errno)); 875 return (1); 876 } 877 return (0); 878 879 } 880 881 /* 882 * Add a new login session. 883 */ 884 void 885 add_session(sp) 886 session_t *sp; 887 { 888 DBT key; 889 DBT data; 890 891 key.data = &sp->se_process; 892 key.size = sizeof sp->se_process; 893 data.data = &sp; 894 data.size = sizeof sp; 895 896 if ((*session_db->put)(session_db, &key, &data, 0)) 897 emergency("insert %d: %s", sp->se_process, strerror(errno)); 898 } 899 900 /* 901 * Delete an old login session. 902 */ 903 void 904 del_session(sp) 905 session_t *sp; 906 { 907 DBT key; 908 909 key.data = &sp->se_process; 910 key.size = sizeof sp->se_process; 911 912 if ((*session_db->del)(session_db, &key, 0)) 913 emergency("delete %d: %s", sp->se_process, strerror(errno)); 914 } 915 916 /* 917 * Look up a login session by pid. 918 */ 919 session_t * 920 #ifdef __STDC__ 921 find_session(pid_t pid) 922 #else 923 find_session(pid) 924 pid_t pid; 925 #endif 926 { 927 DBT key; 928 DBT data; 929 session_t *ret; 930 931 key.data = &pid; 932 key.size = sizeof pid; 933 if ((*session_db->get)(session_db, &key, &data, 0) != 0) 934 return 0; 935 bcopy(data.data, (char *)&ret, sizeof(ret)); 936 return ret; 937 } 938 939 /* 940 * Construct an argument vector from a command line. 941 */ 942 char ** 943 construct_argv(command) 944 char *command; 945 { 946 char *strk (char *); 947 register int argc = 0; 948 register char **argv = (char **) malloc(((strlen(command) + 1) / 2 + 1) 949 * sizeof (char *)); 950 951 if ((argv[argc++] = strk(command)) == 0) { 952 free(argv); 953 return (NULL); 954 } 955 while ((argv[argc++] = strk((char *) 0)) != NULL) 956 continue; 957 return argv; 958 } 959 960 /* 961 * Deallocate a session descriptor. 962 */ 963 void 964 free_session(sp) 965 register session_t *sp; 966 { 967 free(sp->se_device); 968 if (sp->se_getty) { 969 free(sp->se_getty); 970 free(sp->se_getty_argv_space); 971 free(sp->se_getty_argv); 972 } 973 if (sp->se_window) { 974 free(sp->se_window); 975 free(sp->se_window_argv_space); 976 free(sp->se_window_argv); 977 } 978 if (sp->se_type) 979 free(sp->se_type); 980 free(sp); 981 } 982 983 /* 984 * Allocate a new session descriptor. 985 * Mark it SE_PRESENT. 986 */ 987 session_t * 988 new_session(sprev, session_index, typ) 989 session_t *sprev; 990 int session_index; 991 register struct ttyent *typ; 992 { 993 register session_t *sp; 994 int fd; 995 996 if ((typ->ty_status & TTY_ON) == 0 || 997 typ->ty_name == 0 || 998 typ->ty_getty == 0) 999 return 0; 1000 1001 sp = (session_t *) calloc(1, sizeof (session_t)); 1002 1003 sp->se_index = session_index; 1004 sp->se_flags |= SE_PRESENT; 1005 1006 sp->se_device = malloc(sizeof(_PATH_DEV) + strlen(typ->ty_name)); 1007 (void) sprintf(sp->se_device, "%s%s", _PATH_DEV, typ->ty_name); 1008 1009 /* 1010 * Attempt to open the device, if we get "device not configured" 1011 * then don't add the device to the session list. 1012 */ 1013 if ((fd = open(sp->se_device, O_RDONLY | O_NONBLOCK, 0)) < 0) { 1014 if (errno == ENXIO) { 1015 free_session(sp); 1016 return (0); 1017 } 1018 } else 1019 close(fd); 1020 1021 if (setupargv(sp, typ) == 0) { 1022 free_session(sp); 1023 return (0); 1024 } 1025 1026 sp->se_next = 0; 1027 if (sprev == 0) { 1028 sessions = sp; 1029 sp->se_prev = 0; 1030 } else { 1031 sprev->se_next = sp; 1032 sp->se_prev = sprev; 1033 } 1034 1035 return sp; 1036 } 1037 1038 /* 1039 * Calculate getty and if useful window argv vectors. 1040 */ 1041 int 1042 setupargv(sp, typ) 1043 session_t *sp; 1044 struct ttyent *typ; 1045 { 1046 1047 if (sp->se_getty) { 1048 free(sp->se_getty); 1049 free(sp->se_getty_argv_space); 1050 free(sp->se_getty_argv); 1051 } 1052 sp->se_getty = malloc(strlen(typ->ty_getty) + strlen(typ->ty_name) + 2); 1053 (void) sprintf(sp->se_getty, "%s %s", typ->ty_getty, typ->ty_name); 1054 sp->se_getty_argv_space = strdup(sp->se_getty); 1055 sp->se_getty_argv = construct_argv(sp->se_getty_argv_space); 1056 if (sp->se_getty_argv == 0) { 1057 warning("can't parse getty for port %s", sp->se_device); 1058 free(sp->se_getty); 1059 free(sp->se_getty_argv_space); 1060 sp->se_getty = sp->se_getty_argv_space = 0; 1061 return (0); 1062 } 1063 if (sp->se_window) { 1064 free(sp->se_window); 1065 free(sp->se_window_argv_space); 1066 free(sp->se_window_argv); 1067 } 1068 sp->se_window = sp->se_window_argv_space = 0; 1069 sp->se_window_argv = 0; 1070 if (typ->ty_window) { 1071 sp->se_window = strdup(typ->ty_window); 1072 sp->se_window_argv_space = strdup(sp->se_window); 1073 sp->se_window_argv = construct_argv(sp->se_window_argv_space); 1074 if (sp->se_window_argv == 0) { 1075 warning("can't parse window for port %s", 1076 sp->se_device); 1077 free(sp->se_window_argv_space); 1078 free(sp->se_window); 1079 sp->se_window = sp->se_window_argv_space = 0; 1080 return (0); 1081 } 1082 } 1083 if (sp->se_type) 1084 free(sp->se_type); 1085 sp->se_type = typ->ty_type ? strdup(typ->ty_type) : 0; 1086 return (1); 1087 } 1088 1089 /* 1090 * Walk the list of ttys and create sessions for each active line. 1091 */ 1092 state_func_t 1093 read_ttys() 1094 { 1095 int session_index = 0; 1096 register session_t *sp, *snext; 1097 register struct ttyent *typ; 1098 1099 /* 1100 * Destroy any previous session state. 1101 * There shouldn't be any, but just in case... 1102 */ 1103 for (sp = sessions; sp; sp = snext) { 1104 if (sp->se_process) 1105 clear_session_logs(sp); 1106 snext = sp->se_next; 1107 free_session(sp); 1108 } 1109 sessions = 0; 1110 if (start_session_db()) 1111 return (state_func_t) single_user; 1112 1113 /* 1114 * Allocate a session entry for each active port. 1115 * Note that sp starts at 0. 1116 */ 1117 while ((typ = getttyent()) != NULL) 1118 if ((snext = new_session(sp, ++session_index, typ)) != NULL) 1119 sp = snext; 1120 1121 endttyent(); 1122 1123 return (state_func_t) multi_user; 1124 } 1125 1126 /* 1127 * Start a window system running. 1128 */ 1129 void 1130 start_window_system(sp) 1131 session_t *sp; 1132 { 1133 pid_t pid; 1134 sigset_t mask; 1135 char term[64], *env[2]; 1136 1137 if ((pid = fork()) == -1) { 1138 emergency("can't fork for window system on port %s: %m", 1139 sp->se_device); 1140 /* hope that getty fails and we can try again */ 1141 return; 1142 } 1143 1144 if (pid) 1145 return; 1146 1147 sigemptyset(&mask); 1148 sigprocmask(SIG_SETMASK, &mask, (sigset_t *) 0); 1149 1150 if (setsid() < 0) 1151 emergency("setsid failed (window) %m"); 1152 1153 #ifdef LOGIN_CAP 1154 setprocresources(RESOURCE_WINDOW); 1155 #endif 1156 if (sp->se_type) { 1157 /* Don't use malloc after fork */ 1158 strcpy(term, "TERM="); 1159 strncat(term, sp->se_type, sizeof(term) - 6); 1160 env[0] = term; 1161 env[1] = 0; 1162 } 1163 else 1164 env[0] = 0; 1165 execve(sp->se_window_argv[0], sp->se_window_argv, env); 1166 stall("can't exec window system '%s' for port %s: %m", 1167 sp->se_window_argv[0], sp->se_device); 1168 _exit(1); 1169 } 1170 1171 /* 1172 * Start a login session running. 1173 */ 1174 pid_t 1175 start_getty(sp) 1176 session_t *sp; 1177 { 1178 pid_t pid; 1179 sigset_t mask; 1180 time_t current_time = time((time_t *) 0); 1181 int too_quick = 0; 1182 char term[64], *env[2]; 1183 1184 if (current_time >= sp->se_started && 1185 current_time - sp->se_started < GETTY_SPACING) { 1186 if (++sp->se_nspace > GETTY_NSPACE) { 1187 sp->se_nspace = 0; 1188 too_quick = 1; 1189 } 1190 } else 1191 sp->se_nspace = 0; 1192 1193 /* 1194 * fork(), not vfork() -- we can't afford to block. 1195 */ 1196 if ((pid = fork()) == -1) { 1197 emergency("can't fork for getty on port %s: %m", sp->se_device); 1198 return -1; 1199 } 1200 1201 if (pid) 1202 return pid; 1203 1204 if (too_quick) { 1205 warning("getty repeating too quickly on port %s, sleeping %d secs", 1206 sp->se_device, GETTY_SLEEP); 1207 sleep((unsigned) GETTY_SLEEP); 1208 } 1209 1210 if (sp->se_window) { 1211 start_window_system(sp); 1212 sleep(WINDOW_WAIT); 1213 } 1214 1215 sigemptyset(&mask); 1216 sigprocmask(SIG_SETMASK, &mask, (sigset_t *) 0); 1217 1218 #ifdef LOGIN_CAP 1219 setprocresources(RESOURCE_GETTY); 1220 #endif 1221 if (sp->se_type) { 1222 /* Don't use malloc after fork */ 1223 strcpy(term, "TERM="); 1224 strncat(term, sp->se_type, sizeof(term) - 6); 1225 env[0] = term; 1226 env[1] = 0; 1227 } 1228 else 1229 env[0] = 0; 1230 execve(sp->se_getty_argv[0], sp->se_getty_argv, env); 1231 stall("can't exec getty '%s' for port %s: %m", 1232 sp->se_getty_argv[0], sp->se_device); 1233 _exit(1); 1234 } 1235 1236 /* 1237 * Collect exit status for a child. 1238 * If an exiting login, start a new login running. 1239 */ 1240 void 1241 #ifdef __STDC__ 1242 collect_child(pid_t pid) 1243 #else 1244 collect_child(pid) 1245 pid_t pid; 1246 #endif 1247 { 1248 register session_t *sp, *sprev, *snext; 1249 1250 if (! sessions) 1251 return; 1252 1253 if (! (sp = find_session(pid))) 1254 return; 1255 1256 clear_session_logs(sp); 1257 del_session(sp); 1258 sp->se_process = 0; 1259 1260 if (sp->se_flags & SE_SHUTDOWN) { 1261 if ((sprev = sp->se_prev) != NULL) 1262 sprev->se_next = sp->se_next; 1263 else 1264 sessions = sp->se_next; 1265 if ((snext = sp->se_next) != NULL) 1266 snext->se_prev = sp->se_prev; 1267 free_session(sp); 1268 return; 1269 } 1270 1271 if ((pid = start_getty(sp)) == -1) { 1272 /* serious trouble */ 1273 requested_transition = clean_ttys; 1274 return; 1275 } 1276 1277 sp->se_process = pid; 1278 sp->se_started = time((time_t *) 0); 1279 add_session(sp); 1280 } 1281 1282 /* 1283 * Catch a signal and request a state transition. 1284 */ 1285 void 1286 transition_handler(sig) 1287 int sig; 1288 { 1289 1290 switch (sig) { 1291 case SIGHUP: 1292 requested_transition = clean_ttys; 1293 break; 1294 case SIGUSR2: 1295 howto = RB_POWEROFF; 1296 case SIGUSR1: 1297 howto |= RB_HALT; 1298 case SIGINT: 1299 Reboot = TRUE; 1300 case SIGTERM: 1301 requested_transition = death; 1302 break; 1303 case SIGTSTP: 1304 requested_transition = catatonia; 1305 break; 1306 default: 1307 requested_transition = 0; 1308 break; 1309 } 1310 } 1311 1312 /* 1313 * Take the system multiuser. 1314 */ 1315 state_func_t 1316 multi_user() 1317 { 1318 pid_t pid; 1319 register session_t *sp; 1320 1321 requested_transition = 0; 1322 1323 /* 1324 * If the administrator has not set the security level to -1 1325 * to indicate that the kernel should not run multiuser in secure 1326 * mode, and the run script has not set a higher level of security 1327 * than level 1, then put the kernel into secure mode. 1328 */ 1329 if (getsecuritylevel() == 0) 1330 setsecuritylevel(1); 1331 1332 for (sp = sessions; sp; sp = sp->se_next) { 1333 if (sp->se_process) 1334 continue; 1335 if ((pid = start_getty(sp)) == -1) { 1336 /* serious trouble */ 1337 requested_transition = clean_ttys; 1338 break; 1339 } 1340 sp->se_process = pid; 1341 sp->se_started = time((time_t *) 0); 1342 add_session(sp); 1343 } 1344 1345 while (!requested_transition) 1346 if ((pid = waitpid(-1, (int *) 0, 0)) != -1) 1347 collect_child(pid); 1348 1349 return (state_func_t) requested_transition; 1350 } 1351 1352 /* 1353 * This is an (n*2)+(n^2) algorithm. We hope it isn't run often... 1354 */ 1355 state_func_t 1356 clean_ttys() 1357 { 1358 register session_t *sp, *sprev; 1359 register struct ttyent *typ; 1360 register int session_index = 0; 1361 register int devlen; 1362 char *old_getty, *old_window, *old_type; 1363 1364 if (! sessions) 1365 return (state_func_t) multi_user; 1366 1367 /* 1368 * mark all sessions for death, (!SE_PRESENT) 1369 * as we find or create new ones they'll be marked as keepers, 1370 * we'll later nuke all the ones not found in /etc/ttys 1371 */ 1372 for (sp = sessions; sp != NULL; sp = sp->se_next) 1373 sp->se_flags &= ~SE_PRESENT; 1374 1375 devlen = sizeof(_PATH_DEV) - 1; 1376 while ((typ = getttyent()) != NULL) { 1377 ++session_index; 1378 1379 for (sprev = 0, sp = sessions; sp; sprev = sp, sp = sp->se_next) 1380 if (strcmp(typ->ty_name, sp->se_device + devlen) == 0) 1381 break; 1382 1383 if (sp) { 1384 /* we want this one to live */ 1385 sp->se_flags |= SE_PRESENT; 1386 if (sp->se_index != session_index) { 1387 warning("port %s changed utmp index from %d to %d", 1388 sp->se_device, sp->se_index, 1389 session_index); 1390 sp->se_index = session_index; 1391 } 1392 if ((typ->ty_status & TTY_ON) == 0 || 1393 typ->ty_getty == 0) { 1394 sp->se_flags |= SE_SHUTDOWN; 1395 kill(sp->se_process, SIGHUP); 1396 continue; 1397 } 1398 sp->se_flags &= ~SE_SHUTDOWN; 1399 old_getty = sp->se_getty ? strdup(sp->se_getty) : 0; 1400 old_window = sp->se_window ? strdup(sp->se_window) : 0; 1401 old_type = sp->se_type ? strdup(sp->se_type) : 0; 1402 if (setupargv(sp, typ) == 0) { 1403 warning("can't parse getty for port %s", 1404 sp->se_device); 1405 sp->se_flags |= SE_SHUTDOWN; 1406 kill(sp->se_process, SIGHUP); 1407 } 1408 else if ( !old_getty 1409 || (!old_type && sp->se_type) 1410 || (old_type && !sp->se_type) 1411 || (!old_window && sp->se_window) 1412 || (old_window && !sp->se_window) 1413 || (strcmp(old_getty, sp->se_getty) != 0) 1414 || (old_window && strcmp(old_window, sp->se_window) != 0) 1415 || (old_type && strcmp(old_type, sp->se_type) != 0) 1416 ) { 1417 /* Don't set SE_SHUTDOWN here */ 1418 sp->se_nspace = 0; 1419 sp->se_started = 0; 1420 kill(sp->se_process, SIGHUP); 1421 } 1422 if (old_getty) 1423 free(old_getty); 1424 if (old_window) 1425 free(old_window); 1426 if (old_type) 1427 free(old_type); 1428 continue; 1429 } 1430 1431 new_session(sprev, session_index, typ); 1432 } 1433 1434 endttyent(); 1435 1436 /* 1437 * sweep through and kill all deleted sessions 1438 * ones who's /etc/ttys line was deleted (SE_PRESENT unset) 1439 */ 1440 for (sp = sessions; sp != NULL; sp = sp->se_next) { 1441 if ((sp->se_flags & SE_PRESENT) == 0) { 1442 sp->se_flags |= SE_SHUTDOWN; 1443 kill(sp->se_process, SIGHUP); 1444 } 1445 } 1446 1447 return (state_func_t) multi_user; 1448 } 1449 1450 /* 1451 * Block further logins. 1452 */ 1453 state_func_t 1454 catatonia() 1455 { 1456 register session_t *sp; 1457 1458 for (sp = sessions; sp; sp = sp->se_next) 1459 sp->se_flags |= SE_SHUTDOWN; 1460 1461 return (state_func_t) multi_user; 1462 } 1463 1464 /* 1465 * Note SIGALRM. 1466 */ 1467 void 1468 alrm_handler(sig) 1469 int sig; 1470 { 1471 (void)sig; 1472 clang = 1; 1473 } 1474 1475 /* 1476 * Bring the system down to single user. 1477 */ 1478 state_func_t 1479 death() 1480 { 1481 register session_t *sp; 1482 register int i; 1483 pid_t pid; 1484 static const int death_sigs[2] = { SIGTERM, SIGKILL }; 1485 1486 /* NB: should send a message to the session logger to avoid blocking. */ 1487 logwtmp("~", "shutdown", ""); 1488 1489 for (sp = sessions; sp; sp = sp->se_next) { 1490 sp->se_flags |= SE_SHUTDOWN; 1491 kill(sp->se_process, SIGHUP); 1492 } 1493 1494 /* Try to run the rc.shutdown script within a period of time */ 1495 (void) runshutdown(); 1496 1497 for (i = 0; i < 2; ++i) { 1498 if (kill(-1, death_sigs[i]) == -1 && errno == ESRCH) 1499 return (state_func_t) single_user; 1500 1501 clang = 0; 1502 alarm(DEATH_WATCH); 1503 do 1504 if ((pid = waitpid(-1, (int *)0, 0)) != -1) 1505 collect_child(pid); 1506 while (clang == 0 && errno != ECHILD); 1507 1508 if (errno == ECHILD) 1509 return (state_func_t) single_user; 1510 } 1511 1512 warning("some processes would not die; ps axl advised"); 1513 1514 return (state_func_t) single_user; 1515 } 1516 1517 /* 1518 * Run the system shutdown script. 1519 * 1520 * Exit codes: XXX I should document more 1521 * -2 shutdown script terminated abnormally 1522 * -1 fatal error - can't run script 1523 * 0 good. 1524 * >0 some error (exit code) 1525 */ 1526 int 1527 runshutdown() 1528 { 1529 pid_t pid, wpid; 1530 int status; 1531 int shutdowntimeout; 1532 size_t len; 1533 char *argv[4]; 1534 struct sigaction sa; 1535 struct stat sb; 1536 1537 /* 1538 * rc.shutdown is optional, so to prevent any unnecessary 1539 * complaints from the shell we simply don't run it if the 1540 * file does not exist. If the stat() here fails for other 1541 * reasons, we'll let the shell complain. 1542 */ 1543 if (stat(_PATH_RUNDOWN, &sb) == -1 && errno == ENOENT) 1544 return 0; 1545 1546 if ((pid = fork()) == 0) { 1547 int fd; 1548 1549 /* Assume that init already grab console as ctty before */ 1550 1551 sigemptyset(&sa.sa_mask); 1552 sa.sa_flags = 0; 1553 sa.sa_handler = SIG_IGN; 1554 (void) sigaction(SIGTSTP, &sa, (struct sigaction *)0); 1555 (void) sigaction(SIGHUP, &sa, (struct sigaction *)0); 1556 1557 if ((fd = open(_PATH_CONSOLE, O_RDWR)) == -1) 1558 warning("can't open %s: %m", _PATH_CONSOLE); 1559 else { 1560 (void) dup2(fd, 0); 1561 (void) dup2(fd, 1); 1562 (void) dup2(fd, 2); 1563 if (fd > 2) 1564 close(fd); 1565 } 1566 1567 /* 1568 * Run the shutdown script. 1569 */ 1570 argv[0] = "sh"; 1571 argv[1] = _PATH_RUNDOWN; 1572 if (Reboot) 1573 argv[2] = "reboot"; 1574 else 1575 argv[2] = "single"; 1576 argv[3] = 0; 1577 1578 sigprocmask(SIG_SETMASK, &sa.sa_mask, (sigset_t *) 0); 1579 1580 #ifdef LOGIN_CAP 1581 setprocresources(RESOURCE_RC); 1582 #endif 1583 execv(_PATH_BSHELL, argv); 1584 warning("can't exec %s for %s: %m", _PATH_BSHELL, _PATH_RUNDOWN); 1585 _exit(1); /* force single user mode */ 1586 } 1587 1588 if (pid == -1) { 1589 emergency("can't fork for %s on %s: %m", 1590 _PATH_BSHELL, _PATH_RUNDOWN); 1591 while (waitpid(-1, (int *) 0, WNOHANG) > 0) 1592 continue; 1593 sleep(STALL_TIMEOUT); 1594 return -1; 1595 } 1596 1597 len = sizeof(shutdowntimeout); 1598 if (sysctlbyname("kern.shutdown_timeout", 1599 &shutdowntimeout, 1600 &len, NULL, 0) == -1 || shutdowntimeout < 2) 1601 shutdowntimeout = DEATH_SCRIPT; 1602 alarm(shutdowntimeout); 1603 clang = 0; 1604 /* 1605 * Copied from single_user(). This is a bit paranoid. 1606 * Use the same ALRM handler. 1607 */ 1608 do { 1609 if ((wpid = waitpid(-1, &status, WUNTRACED)) != -1) 1610 collect_child(wpid); 1611 if (clang == 1) { 1612 /* we were waiting for the sub-shell */ 1613 kill(wpid, SIGTERM); 1614 warning("timeout expired for %s on %s: %m; going to single user mode", 1615 _PATH_BSHELL, _PATH_RUNDOWN); 1616 return -1; 1617 } 1618 if (wpid == -1) { 1619 if (errno == EINTR) 1620 continue; 1621 warning("wait for %s on %s failed: %m; going to single user mode", 1622 _PATH_BSHELL, _PATH_RUNDOWN); 1623 return -1; 1624 } 1625 if (wpid == pid && WIFSTOPPED(status)) { 1626 warning("init: %s on %s stopped, restarting\n", 1627 _PATH_BSHELL, _PATH_RUNDOWN); 1628 kill(pid, SIGCONT); 1629 wpid = -1; 1630 } 1631 } while (wpid != pid && !clang); 1632 1633 /* Turn off the alarm */ 1634 alarm(0); 1635 1636 if (WIFSIGNALED(status) && WTERMSIG(status) == SIGTERM && 1637 requested_transition == catatonia) { 1638 /* 1639 * /etc/rc.shutdown executed /sbin/reboot; 1640 * wait for the end quietly 1641 */ 1642 sigset_t s; 1643 1644 sigfillset(&s); 1645 for (;;) 1646 sigsuspend(&s); 1647 } 1648 1649 if (!WIFEXITED(status)) { 1650 warning("%s on %s terminated abnormally, going to single user mode", 1651 _PATH_BSHELL, _PATH_RUNDOWN); 1652 return -2; 1653 } 1654 1655 if ((status = WEXITSTATUS(status)) != 0) 1656 warning("%s returned status %d", _PATH_RUNDOWN, status); 1657 1658 return status; 1659 } 1660 1661 char * 1662 strk (char *p) 1663 { 1664 static char *t; 1665 char *q; 1666 int c; 1667 1668 if (p) 1669 t = p; 1670 if (!t) 1671 return 0; 1672 1673 c = *t; 1674 while (c == ' ' || c == '\t' ) 1675 c = *++t; 1676 if (!c) { 1677 t = 0; 1678 return 0; 1679 } 1680 q = t; 1681 if (c == '\'') { 1682 c = *++t; 1683 q = t; 1684 while (c && c != '\'') 1685 c = *++t; 1686 if (!c) /* unterminated string */ 1687 q = t = 0; 1688 else 1689 *t++ = 0; 1690 } else { 1691 while (c && c != ' ' && c != '\t' ) 1692 c = *++t; 1693 *t++ = 0; 1694 if (!c) 1695 t = 0; 1696 } 1697 return q; 1698 } 1699 1700 #ifdef LOGIN_CAP 1701 void 1702 setprocresources(cname) 1703 const char *cname; 1704 { 1705 login_cap_t *lc; 1706 if ((lc = login_getclassbyname(cname, NULL)) != NULL) { 1707 setusercontext(lc, (struct passwd*)NULL, 0, LOGIN_SETPRIORITY|LOGIN_SETRESOURCES); 1708 login_close(lc); 1709 } 1710 } 1711 #endif 1712