xref: /freebsd/share/man/man8/rc.subr.8 (revision 0cade55660917ecb3aff7a904759e1eb46772dab)
1.\" 	$NetBSD: rc.subr.8,v 1.12 2004/01/06 00:52:24 lukem Exp $
2.\"
3.\" Copyright (c) 2002-2004 The NetBSD Foundation, Inc.
4.\" All rights reserved.
5.\"
6.\" This code is derived from software contributed to The NetBSD Foundation
7.\" by Luke Mewburn.
8.\"
9.\" Redistribution and use in source and binary forms, with or without
10.\" modification, are permitted provided that the following conditions
11.\" are met:
12.\" 1. Redistributions of source code must retain the above copyright
13.\"    notice, this list of conditions and the following disclaimer.
14.\" 2. Redistributions in binary form must reproduce the above copyright
15.\"    notice, this list of conditions and the following disclaimer in the
16.\"    documentation and/or other materials provided with the distribution.
17.\"
18.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
19.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
20.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
21.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
22.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28.\" POSSIBILITY OF SUCH DAMAGE.
29.\"
30.Dd February 10, 2024
31.Dt RC.SUBR 8
32.Os
33.Sh NAME
34.Nm rc.subr
35.Nd functions used by system shell scripts
36.Sh SYNOPSIS
37.Bl -item -compact
38.It
39.Ic .\& Pa /etc/rc.subr
40.Pp
41.It
42.Ic backup_file Ar action Ar file Ar current Ar backup
43.It
44.Ic checkyesno Ar var
45.It
46.Ic check_pidfile Ar pidfile Ar procname Op Ar interpreter
47.It
48.Ic check_process Ar procname Op Ar interpreter
49.It
50.Ic DebugOn Ar tag ...
51.It
52.Ic DebugOff Ar tag ...
53.It
54.Ic debug Ar message
55.It
56.Ic dot Ar file ...
57.It
58.Ic err Ar exitval Ar message
59.It
60.Ic force_depend Ar name
61.It
62.Ic info Ar message
63.It
64.Ic is_verified Ar file
65.It
66.Ic load_kld Oo Fl e Ar regex Oc Oo Fl m Ar module Oc Ar file
67.It
68.Ic load_rc_config Oo Ar flag Oc Op Ar service
69.It
70.Ic load_rc_config_var Ar name Ar var
71.It
72.Ic mount_critical_filesystems Ar type
73.It
74.Ic rc_log Ar message
75.It
76.It rc_trace Ar level Ar message
77.It
78.Ic rc_usage Ar command ...
79.It
80.Ic reverse_list Ar item ...
81.It
82.Ic run_rc_command Ar argument
83.It
84.Ic run_rc_script Ar file Ar argument
85.It
86.Ic run_rc_scripts Oo options Oc Ar file ...
87.It
88.Ic safe_dot Ar file ...
89.It
90.Ic sdot Ar file ...
91.It
92.Ic startmsg Oo Fl n Oc Ar message
93.It
94.Ic vdot Ar file ...
95.It
96.Ic wait_for_pids Op Ar pid ...
97.It
98.Ic warn Ar message
99.El
100.Sh DESCRIPTION
101The
102.Nm
103script
104contains commonly used shell script functions and variable
105definitions which are used by various scripts such as
106.Xr rc 8 .
107Scripts required by ports in
108.Pa /usr/local/etc/rc.d
109will also eventually
110be rewritten to make use of it.
111.Pp
112The
113.Nm
114functions were mostly imported from
115.Nx .
116.Pp
117They are accessed by sourcing
118.Pa /etc/rc.subr
119into the current shell.
120.Pp
121The following shell functions are available:
122.Bl -tag -width 4n
123.It Ic backup_file Ar action file current backup
124Make a backup copy of
125.Ar file
126into
127.Ar current .
128Save the previous version of
129.Ar current
130as
131.Ar backup .
132.Pp
133The
134.Ar action
135argument
136may be one of the following:
137.Bl -tag -width ".Cm remove"
138.It Cm add
139.Ar file
140is now being backed up by or possibly re-entered into this backup mechanism.
141.Ar current
142is created.
143.It Cm update
144.Ar file
145has changed and needs to be backed up.
146If
147.Ar current
148exists, it is copied to
149.Ar backup
150and then
151.Ar file
152is copied to
153.Ar current .
154.It Cm remove
155.Ar file
156is no longer being tracked by this backup mechanism.
157.Ar current
158is moved to
159.Ar backup .
160.El
161.It Ic checkyesno Ar var
162Return 0 if
163.Ar var
164is defined to
165.Dq Li YES ,
166.Dq Li TRUE ,
167.Dq Li ON ,
168or
169.Ql 1 .
170Return 1 if
171.Ar var
172is defined to
173.Dq Li NO ,
174.Dq Li FALSE ,
175.Dq Li OFF ,
176or
177.Ql 0 .
178Otherwise, warn that
179.Ar var
180is not set correctly.
181The values are case insensitive.
182.Em Note :
183.Ar var
184should be a variable name, not its value;
185.Ic checkyesno
186will expand the variable by itself.
187.It Ic check_pidfile Ar pidfile procname Op Ar interpreter
188Parses the first word of the first line of
189.Ar pidfile
190for a PID, and ensures that the process with that PID
191is running and its first argument matches
192.Ar procname .
193Prints the matching PID if successful, otherwise nothing.
194If
195.Ar interpreter
196is provided, parse the first line of
197.Ar procname ,
198ensure that the line is of the form:
199.Pp
200.Dl "#! interpreter [...]"
201.Pp
202and use
203.Ar interpreter
204with its optional arguments and
205.Ar procname
206appended as the process string to search for.
207.It Ic check_process Ar procname Op Ar interpreter
208Prints the PIDs of any processes that are running with a first
209argument that matches
210.Ar procname .
211.Ar interpreter
212is handled as per
213.Ic check_pidfile .
214.It Ic DebugOn Ar tag ...
215Enable tracing if not already enabled,
216and any
217.Ar tag
218is found in
219.Va DEBUG_SH
220(a comma separated list of tags).
221.Pp
222Record the
223.Ar tag
224that caused it to be enabled in
225.Va DEBUG_ON ,
226set
227.Va DEBUG_DO
228empty and
229.Va DEBUG_SKIP
230to
231.Ql \&: .
232.Pp
233See
234.Xr debug.sh 8
235for more details.
236.It Ic DebugOff Ar tag ...
237Disable tracing if enabled and any
238.Ar tag
239matches
240.Va DEBUG_ON ,
241which means it was the reason tracing was enabled.
242.Pp
243Set
244.Va DEBUG_DO
245to
246.Ql \&: ,
247and
248.Va DEBUG_ON ,
249.Va DEBUG_SKIP
250empty.
251.It Ic debug Ar message
252Display a debugging message to
253.Va stderr ,
254log it to the system log using
255.Xr logger 1 ,
256and
257return to the caller.
258The error message consists of the script name
259(from
260.Va $0 ) ,
261followed by
262.Dq Li ": DEBUG: " ,
263and then
264.Ar message .
265This function is intended to be used by developers
266as an aid to debugging scripts.
267It can be turned on or off
268by the
269.Xr rc.conf 5
270variable
271.Va rc_debug .
272.It Ic dot Ar file ...
273For reading in unverified files.
274.Pp
275Ensure shell
276.Li verify
277option is off.
278This option is only meaningful when
279.Xr mac_veriexec 4
280is active.
281.Pp
282Read each
283.Ar file
284if it exists.
285.Pp
286Restore previous state of the
287.Li verify
288option.
289.It Ic err Ar exitval message
290Display an error message to
291.Va stderr ,
292log it to the system log
293using
294.Xr logger 1 ,
295and
296.Ic exit
297with an exit value of
298.Ar exitval .
299The error message consists of the script name
300(from
301.Va $0 ) ,
302followed by
303.Dq Li ": ERROR: " ,
304and then
305.Ar message .
306.It Ic force_depend Ar name
307Output an advisory message and force the
308.Ar name
309service to start.
310The
311.Ar name
312argument is the
313.Xr basename 1
314component of the path to the script located at
315.Pa /etc/rc.d
316(scripts stored in other locations such as
317.Pa /usr/local/etc/rc.d
318cannot be controlled with
319.Ic force_depend
320currently).
321If the script fails for any reason it will output a warning
322and return with a return value of 1.
323If it was successful
324it will return 0.
325.It Ic is_verified Ar file
326If
327.Xr veriexec 8
328does not exist, or
329.Xr mac_veriexec 4
330is not active, just return success.
331Otherwise use
332.Xr veriexec 8
333to check if
334.Ar file
335is verified.
336If not verified the return code will be 80 (EAUTH).
337.It Ic info Ar message
338Display an informational message to
339.Va stdout ,
340and log it to the system log using
341.Xr logger 1 .
342The message consists of the script name
343(from
344.Va $0 ) ,
345followed by
346.Dq Li ": INFO: " ,
347and then
348.Ar message .
349The display of this informational output can be
350turned on or off by the
351.Xr rc.conf 5
352variable
353.Va rc_info .
354.It Ic load_kld Oo Fl e Ar regex Oc Oo Fl m Ar module Oc Ar file
355Load
356.Ar file
357as a kernel module unless it is already loaded.
358For the purpose of checking the module status,
359either the exact module name can be specified using
360.Fl m ,
361or an
362.Xr egrep 1
363regular expression matching the module name can be supplied via
364.Fl e .
365By default, the module is assumed to have the same name as
366.Ar file ,
367which is not always the case.
368.It Ic load_rc_config Oo Ar flag Oc Op Ar service
369Source in the configuration file(s) for
370.Ar service .
371If no
372.Ar service
373is specified,
374only the global configuration file(s) will be loaded.
375First,
376.Pa /etc/rc.conf
377is sourced if it has not yet been read in.
378Then,
379.Pa /etc/rc.conf.d/ Ns Ar service
380is sourced if it is an existing file.
381The latter may also contain other variable assignments to override
382.Ic run_rc_command
383arguments defined by the calling script, to provide an easy
384mechanism for an administrator to override the behaviour of a given
385.Xr rc.d 8
386script without requiring the editing of that script.
387.Pp
388The function named by
389.Va load_rc_config_reader
390(default is
391.Ic dot )
392is used to read configuration unless
393.Ar flag
394is:
395.Bl -tag -width Ds
396.It Fl s
397use
398.Ic sdot
399to read configuration,
400because we want verified configuration or
401to use
402.Ic safe_dot
403to read an unverified configuration.
404.It Fl v
405use
406.Ic vdot
407to read in configuration only if it is verified.
408.El
409.Pp
410.Ic DebugOn
411will be called with tags derived from
412.Ar name
413to enable tracing if any appear in
414.Va DEBUG_SH .
415.It Ic load_rc_config_var Ar name Ar var
416Read the
417.Xr rc.conf 5
418variable
419.Ar var
420for
421.Ar name
422and set in the current shell, using
423.Ic load_rc_config
424in a sub-shell to prevent unwanted side effects from other variable
425assignments.
426.It Ic mount_critical_filesystems Ar type
427Go through a list of critical file systems,
428as found in the
429.Xr rc.conf 5
430variable
431.Va critical_filesystems_ Ns Ar type ,
432mounting each one that
433is not currently mounted.
434.It Ic rc_log Ar message
435Output
436.Ar message
437with a timestamp, which is both human readable and
438easily parsed for post processing, using:
439.Bd -literal -offset indent
440date "+@ %s [%Y-%m-%d %H:%M:%S %Z] $*"
441.Ed
442.It Ic rc_trace Ar level Ar message
443If the file
444.Pa /etc/rc.conf.d/rc_trace
445exists and is not empty attempt to set
446.Va RC_LEVEL
447based on its content.
448If the file is empty or does not contain
449a value for
450.Va RC_LEVEL ,
451set it to
452.Li 0 .
453.Pp
454If
455.Ar level
456is greater than or equal to
457.Va RC_LEVEL
458pass
459.Ar message
460to
461.Ic rc_log .
462.It Ic rc_usage Ar command ...
463Print a usage message for
464.Va $0 ,
465with
466.Ar commands
467being the list of valid arguments
468prefixed by
469.Sm off
470.Dq Bq Li fast | force | one | quiet .
471.Sm on
472.It Ic reverse_list Ar item ...
473Print the list of
474.Ar items
475in reverse order.
476.It Ic run_rc_command Ar argument
477Run the
478.Ar argument
479method for the current
480.Xr rc.d 8
481script, based on the settings of various shell variables.
482.Ic run_rc_command
483is extremely flexible, and allows fully functional
484.Xr rc.d 8
485scripts to be implemented in a small amount of shell code.
486.Pp
487.Ar argument
488is searched for in the list of supported commands, which may be one
489of:
490.Bl -tag -width ".Cm restart" -offset indent
491.It Cm start
492Start the service.
493This should check that the service is to be started as specified by
494.Xr rc.conf 5 .
495Also checks if the service is already running and refuses to start if
496it is.
497This latter check is not performed by standard
498.Fx
499scripts if the system is starting directly to multi-user mode, to
500speed up the boot process.
501.It Cm stop
502If the service is to be started as specified by
503.Xr rc.conf 5 ,
504stop the service.
505This should check that the service is running and complain if it is not.
506.It Cm restart
507Perform a
508.Cm stop
509then a
510.Cm start .
511Defaults to displaying the process ID of the program (if running).
512.It Cm enabled
513Return 0 if the service is enabled and 1 if it is not.
514This command does not print anything.
515.It Cm rcvar
516Display which
517.Xr rc.conf 5
518variables are used to control the startup of the service (if any).
519.El
520.Pp
521If
522.Va pidfile
523or
524.Va procname
525is set, also support:
526.Bl -tag -width ".Cm restart" -offset indent
527.It Cm poll
528Wait for the command to exit.
529.It Cm status
530Show the status of the process.
531.El
532.Pp
533Other supported commands are listed in the optional variable
534.Va extra_commands .
535.Pp
536.Ar argument
537may have one of the following prefixes which alters its operation:
538.Bl -tag -width ".Li force" -offset indent
539.It Li fast
540Skip the check for an existing running process,
541and sets
542.Va rc_fast Ns = Ns Li YES .
543.It Li force
544Skip the checks for
545.Va rcvar
546being set to
547.Dq Li YES ,
548and sets
549.Va rc_force Ns = Ns Li YES .
550This ignores
551.Ar argument Ns Va _precmd
552returning non-zero, and ignores any of the
553.Va required_*
554tests failing, and always returns a zero exit status.
555.It Li one
556Skip the checks for
557.Va rcvar
558being set to
559.Dq Li YES ,
560but performs all the other prerequisite tests.
561.It Li quiet
562Inhibits some verbose diagnostics.
563Currently, this includes messages
564.Qq Starting ${name}
565(as checked by
566.Ic check_startmsgs
567inside
568.Nm )
569and errors about usage of services that are not enabled in
570.Xr rc.conf 5 .
571This prefix also sets
572.Va rc_quiet Ns = Ns Li YES .
573.Em Note :
574.Va rc_quiet
575is not intended to completely mask all debug and warning messages,
576but only certain small classes of them.
577.El
578.Pp
579.Ic run_rc_command
580uses the following shell variables to control its behaviour.
581Unless otherwise stated, these are optional.
582.Bl -tag -width ".Va procname" -offset indent
583.It Va name
584The name of this script.
585This is not optional.
586.It Va rcvar
587The value of
588.Va rcvar
589is checked with
590.Ic checkyesno
591to determine if this method should be run.
592.It Va command
593Full path to the command.
594Not required if
595.Ar argument Ns Va _cmd
596is defined for each supported keyword.
597Can be overridden by
598.Va ${name}_program .
599.It Va command_args
600Optional arguments and/or shell directives for
601.Va command .
602.It Va command_interpreter
603.Va command
604is started with:
605.Pp
606.Dl "#! command_interpreter [...]"
607.Pp
608which results in its
609.Xr ps 1
610command being:
611.Pp
612.Dl "command_interpreter [...] command"
613.Pp
614so use that string to find the PID(s) of the running command
615rather than
616.Va command .
617.It Va extra_commands
618Extra commands/keywords/arguments supported.
619.It Va pidfile
620Path to PID file.
621Used to determine the PID(s) of the running command.
622If
623.Va pidfile
624is set, use:
625.Pp
626.Dl "check_pidfile $pidfile $procname"
627.Pp
628to find the PID.
629Otherwise, if
630.Va command
631is set, use:
632.Pp
633.Dl "check_process $procname"
634.Pp
635to find the PID.
636.It Va procname
637Process name to check for.
638Defaults to the value of
639.Va command .
640.It Va required_dirs
641Check for the existence of the listed directories
642before running the
643.Cm start
644method.
645The list is checked before running
646.Va start_precmd .
647.It Va required_files
648Check for the readability of the listed files
649before running the
650.Cm start
651method.
652The list is checked before running
653.Va start_precmd .
654.It Va required_modules
655Ensure that the listed kernel modules are loaded
656before running the
657.Cm start
658method.
659The list is checked after running
660.Va start_precmd .
661This is done after invoking the commands from
662.Va start_precmd
663so that the missing modules are not loaded in vain
664if the preliminary commands indicate a error condition.
665A word in the list can have an optional
666.Dq Li \&: Ns Ar modname
667or
668.Dq Li ~ Ns Ar pattern
669suffix.
670The
671.Ar modname
672or
673.Ar pattern
674parameter is passed to
675.Ic load_kld
676through a
677.Fl m
678or
679.Fl e
680option, respectively.
681See the description of
682.Ic load_kld
683in this document for details.
684.It Va required_vars
685Perform
686.Ic checkyesno
687on each of the list variables
688before running the
689.Cm start
690method.
691The list is checked after running
692.Va start_precmd .
693.It Va ${name}_chdir
694Directory to
695.Ic cd
696to before running
697.Va command ,
698if
699.Va ${name}_chroot
700is not provided.
701.It Va ${name}_chroot
702Directory to
703.Xr chroot 8
704to before running
705.Va command .
706Only supported after
707.Pa /usr
708is mounted.
709.It Va ${name}_env
710A list of environment variables to run
711.Va command
712with.
713Those variables will be passed as arguments to the
714.Xr env 1
715utility unless
716.Ar argument Ns Va _cmd
717is defined.
718In that case the contents of
719.Va ${name}_env
720will be exported via the
721.Xr export 1
722builtin of
723.Xr sh 1 ,
724which puts some limitations on the names of variables
725(e.g., a variable name may not start with a digit).
726.It Va ${name}_env_file
727A file to source for environmental variables to run
728.Va command
729with.
730.Em Note :
731all the variables which are being assigned in this file are going
732to be exported into the environment of
733.Va command .
734.It Va ${name}_fib
735FIB
736.Pa Routing Table
737number to run
738.Va command
739with.
740See
741.Xr setfib 1
742for more details.
743.It Va ${name}_flags
744Arguments to call
745.Va command
746with.
747This is usually set in
748.Xr rc.conf 5 ,
749and not in the
750.Xr rc.d 8
751script.
752The environment variable
753.Sq Ev flags
754can be used to override this.
755.It Va ${name}_nice
756.Xr nice 1
757level to run
758.Va command
759as.
760Only supported after
761.Pa /usr
762is mounted.
763.It Va ${name}_limits
764Resource limits to apply to
765.Va command .
766This will be passed as arguments to the
767.Xr limits 1
768utility.
769By default, the resource limits are based on the login class defined in
770.Va ${name}_login_class .
771.It Va ${name}_login_class
772Login class to use with
773.Va ${name}_limits .
774Defaults to
775.Dq Li daemon .
776.It Va ${name}_oomprotect
777.Xr protect 1
778.Va command
779from being killed when swap space is exhausted.
780If
781.Dq Li YES
782is used, no child processes are protected.
783If
784.Dq Li ALL ,
785protect all child processes.
786.It Va ${name}_program
787Full path to the command.
788Overrides
789.Va command
790if both are set, but has no effect if
791.Va command
792is unset.
793As a rule,
794.Va command
795should be set in the script while
796.Va ${name}_program
797should be set in
798.Xr rc.conf 5 .
799.It Va ${name}_user
800User to run
801.Va command
802as, using
803.Xr chroot 8
804if
805.Va ${name}_chroot
806is set, otherwise
807uses
808.Xr su 1 .
809Only supported after
810.Pa /usr
811is mounted.
812.It Va ${name}_group
813Group to run the chrooted
814.Va command
815as.
816.It Va ${name}_groups
817Comma separated list of supplementary groups to run the chrooted
818.Va command
819with.
820.It Va ${name}_prepend
821Commands to be prepended to
822.Va command .
823This is a generic version of
824.Va ${name}_env ,
825.Va ${name}_fib ,
826or
827.Va ${name}_nice .
828.It Va ${name}_setup
829Command to be run prior to
830.Va command .
831.It Ar argument Ns Va _cmd
832Shell commands which override the default method for
833.Ar argument .
834.It Ar argument Ns Va _precmd
835Shell commands to run just before running
836.Ar argument Ns Va _cmd
837or the default method for
838.Ar argument .
839If this returns a non-zero exit code, the main method is not performed.
840If the default method is being executed, this check is performed after
841the
842.Va required_*
843checks and process (non-)existence checks.
844.It Ar argument Ns Va _postcmd
845Shell commands to run if running
846.Ar argument Ns Va _cmd
847or the default method for
848.Ar argument
849returned a zero exit code.
850.It Va sig_stop
851Signal to send the processes to stop in the default
852.Cm stop
853method.
854Defaults to
855.Dv SIGTERM .
856.It Va sig_reload
857Signal to send the processes to reload in the default
858.Cm reload
859method.
860Defaults to
861.Dv SIGHUP .
862.El
863.Pp
864For a given method
865.Ar argument ,
866if
867.Ar argument Ns Va _cmd
868is not defined, then a default method is provided by
869.Ic run_rc_command :
870.Bl -tag -width ".Sy Argument" -offset indent
871.It Sy Argument
872.Sy Default method
873.It Cm start
874If
875.Va command
876is not running and
877.Ic checkyesno Va rcvar
878succeeds, start
879.Va command .
880.It Cm stop
881Determine the PIDs of
882.Va command
883with
884.Ic check_pidfile
885or
886.Ic check_process
887(as appropriate),
888.Ic kill Va sig_stop
889those PIDs, and run
890.Ic wait_for_pids
891on those PIDs.
892.It Cm reload
893Similar to
894.Cm stop ,
895except that it uses
896.Va sig_reload
897instead, and does not run
898.Ic wait_for_pids .
899Another difference from
900.Cm stop
901is that
902.Cm reload
903is not provided by default.
904It can be enabled via
905.Va extra_commands
906if appropriate:
907.Pp
908.Dl "extra_commands=reload"
909.It Cm restart
910Runs the
911.Cm stop
912method, then the
913.Cm start
914method.
915.It Cm status
916Show the PID of
917.Va command ,
918or some other script specific status operation.
919.It Cm poll
920Wait for
921.Va command
922to exit.
923.It Cm rcvar
924Display which
925.Xr rc.conf 5
926variable is used (if any).
927This method always works, even if the appropriate
928.Xr rc.conf 5
929variable is set to
930.Dq Li NO .
931.El
932.Pp
933The following variables are available to the methods
934(such as
935.Ar argument Ns Va _cmd )
936as well as after
937.Ic run_rc_command
938has completed:
939.Bl -tag -width ".Va rc_service" -offset indent
940.It Va rc_arg
941Argument provided to
942.Ic run_rc_command ,
943after fast and force processing has been performed.
944.It Va rc_flags
945Flags to start the default command with.
946Defaults to
947.Va ${name}_flags ,
948unless overridden by the environment variable
949.Sq Ev flags .
950This variable may be changed by the
951.Ar argument Ns Va _precmd
952method.
953.It Va rc_service
954Path to the service script being executed, in case it needs to re-invoke itself.
955.It Va rc_pid
956PID of
957.Va command
958(if appropriate).
959.It Va rc_fast
960Not empty if
961.Dq Li fast
962prefix was used.
963.It Va rc_force
964Not empty if
965.Dq Li force
966prefix was used.
967.El
968.It Ic run_rc_script Ar file argument
969Start the script
970.Ar file
971with an argument of
972.Ar argument ,
973and handle the return value from the script.
974.Pp
975Various shell variables are unset before
976.Ar file
977is started:
978.Bd -ragged -offset indent
979.Va name ,
980.Va command ,
981.Va command_args ,
982.Va command_interpreter ,
983.Va extra_commands ,
984.Va pidfile ,
985.Va rcvar ,
986.Va required_dirs ,
987.Va required_files ,
988.Va required_vars ,
989.Ar argument Ns Va _cmd ,
990.Ar argument Ns Va _precmd .
991.Ar argument Ns Va _postcmd .
992.Ed
993.Pp
994Call
995.Ic rc_trace
996to indicate that
997.Ar file
998is to be run.
999.Pp
1000However, if
1001.Ic is_verified Ar file
1002fails, just return.
1003.Pp
1004.Ic DebugOn
1005will be called with tags derrived from
1006.Va name
1007and
1008.Va rc_arg
1009to enable tracing if any of those tags appear in
1010.Va DEBUG_SH .
1011.Pp
1012The startup behaviour of
1013.Ar file
1014depends upon the following checks:
1015.Bl -enum
1016.It
1017If
1018.Ar file
1019ends in
1020.Pa .sh ,
1021it is sourced into the current shell.
1022.It
1023If
1024.Ar file
1025appears to be a backup or scratch file
1026(e.g., with a suffix of
1027.Pa ~ , # , .OLD ,
1028or
1029.Pa .orig ) ,
1030ignore it.
1031.It
1032If
1033.Ar file
1034is not executable, ignore it.
1035.It
1036If the
1037.Xr rc.conf 5
1038variable
1039.Va rc_fast_and_loose
1040is empty,
1041source
1042.Ar file
1043in a sub shell,
1044otherwise source
1045.Ar file
1046into the current shell.
1047.El
1048.It Ic run_rc_scripts Oo options Oc file ...
1049Call
1050.Ic run_rc_script
1051for each
1052.Ar file ,
1053unless it is already recorded as having been run.
1054.Pp
1055The
1056.Ar options
1057are:
1058.Bl -tag -width "--break break"
1059.It Ic --arg Ar arg
1060Pass
1061.Ar arg
1062to
1063.Ic run_rc_script ,
1064default is
1065.Ar _boot
1066set by
1067.Xr rc 8 .
1068.It Ic --break Ar break
1069Stop processing if any
1070.Ar file
1071matches any
1072.Ar break
1073.El
1074.It Ic safe_dot Ar file ...
1075Used by
1076.Ic sdot
1077when
1078.Xr mac_veriexec 4
1079is active and
1080.Ar file
1081is not verified.
1082.Pp
1083This function limits the input from
1084.Ar file
1085to simple variable assignments with any
1086non-alphanumeric characters replaced with
1087.Ql _ .
1088.It Ic sdot Ar file ...
1089For reading in configuration files.
1090Skip files that do not exist or are empty.
1091Try using
1092.Ic vdot
1093and if that fails (the file is unverified)
1094fall back to using
1095.Ic safe_dot .
1096.It Ic startmsg Oo Fl n Oc Ar message
1097Display a start message to
1098.Va stdout .
1099It should be used instead of
1100.Xr echo 1 .
1101The display of this output can be turned off if the
1102.Xr rc.conf 5
1103variable
1104.Va rc_startmsgs
1105is set to
1106.Dq Li NO .
1107.It Ic stop_boot Op Ar always
1108Prevent booting to multiuser mode.
1109If the
1110.Va autoboot
1111variable is set to
1112.Ql yes
1113(see
1114.Xr rc 8
1115to learn more about
1116.Va autoboot ) ,
1117or
1118.Ic checkyesno Ar always
1119indicates a truth value, then a
1120.Dv SIGTERM
1121signal is sent to the parent
1122process, which is assumed to be
1123.Xr rc 8 .
1124Otherwise, the shell exits with a non-zero status.
1125.It Ic vdot Ar file ...
1126For reading in only verified files.
1127.Pp
1128Ensure shell
1129.Li verify
1130option is on.
1131This option is only meaningful when
1132.Xr mac_veriexec 4
1133is active,
1134otherwise this function is effectively the same as
1135.Ic dot .
1136.Pp
1137Read in each
1138.Ar file
1139if it exists and
1140.Ic is_verfied Ar file
1141is successful, otherwise set return code to 80 (EAUTH).
1142.Pp
1143Restore previous state of the
1144.Li verify
1145option.
1146.It Ic wait_for_pids Op Ar pid ...
1147Wait until all of the provided
1148.Ar pids
1149do not exist any more, printing the list of outstanding
1150.Ar pids
1151every two seconds.
1152.It Ic warn Ar message
1153Display a warning message to
1154.Va stderr
1155and log it to the system log
1156using
1157.Xr logger 1 .
1158The warning message consists of the script name
1159(from
1160.Va $0 ) ,
1161followed by
1162.Dq Li ": WARNING: " ,
1163and then
1164.Ar message .
1165.El
1166.Sh FILES
1167.Bl -tag -width ".Pa /etc/rc.subr" -compact
1168.It Pa /etc/rc.subr
1169The
1170.Nm
1171file resides in
1172.Pa /etc .
1173.El
1174.Sh SEE ALSO
1175.Xr debug.sh 8 ,
1176.Xr rc.conf 5 ,
1177.Xr rc 8
1178.Sh HISTORY
1179The
1180.Nm
1181script
1182appeared in
1183.Nx 1.3 .
1184The
1185.Xr rc.d 8
1186support functions appeared in
1187.Nx 1.5 .
1188The
1189.Nm
1190script
1191first appeared in
1192.Fx 5.0 .
1193