rc revision 67113
1#!/bin/sh 2# 3# Copyright (c) 2000 The FreeBSD Project 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# 27# $FreeBSD: head/etc/rc 67113 2000-10-14 12:56:08Z markm $ 28# From: @(#)rc 5.27 (Berkeley) 6/5/91 29# 30 31# System startup script run by init on autoboot 32# or after single-user. 33# Output and error are redirected to console by init, 34# and the console is the controlling terminal. 35 36# Note that almost all of the user-configurable behavior is no longer in 37# this file, but rather in /etc/defaults/rc.conf. Please check that file 38# first before contemplating any changes here. If you do need to change 39# this file for some reason, we would like to know about it. 40 41stty status '^T' 42 43# Set shell to ignore SIGINT (2), but not children; 44# shell catches SIGQUIT (3) and returns to single user after fsck. 45# 46trap : 2 47trap : 3 # shouldn't be needed 48 49HOME=/ 50PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin 51export HOME PATH 52 53# BOOTP diskless boot. We have to run the rc file early in order to 54# retarget various config files. 55# 56if [ -r /etc/rc.diskless1 ]; then 57 dlv=`/sbin/sysctl -n vfs.nfs.diskless_valid 2> /dev/null` 58 if [ ${dlv:=0} != 0 ]; then 59 . /etc/rc.diskless1 60 fi 61fi 62 63# If there is a global system configuration file, suck it in. 64# 65if [ -r /etc/defaults/rc.conf ]; then 66 . /etc/defaults/rc.conf 67 source_rc_confs 68elif [ -r /etc/rc.conf ]; then 69 . /etc/rc.conf 70fi 71 72# Recover some entropy so the rebooting /dev/random can reseed 73# 74case ${entropy_file} in 75[Nn][Oo] | '') 76 ;; 77*) 78 if [ -w /dev/random ]; then 79 if [ -f ${entropy_file} -a -r ${entropy_file} ]; then 80 echo "Reading entropy file" 81 cat ${entropy_file} > /dev/random 2> /dev/random 82 rm -f ${entropy_file} 83 else 84 echo "No entropy file, trying other sources" 85 # XXX temporary until we can get the entropy 86 # harvesting rate up 87 # Entropy below is not great, but better than nothing. 88 (ps -gauxwww; iostat; vmstat; dmesg) > /dev/random 2> /dev/random 89 ( for i in /etc /var/run ; do 90 cd $i ; ls -al ; cat * 91 done ) > /dev/random 2> /dev/random 92 fi 93 fi 94 ;; 95esac 96 97# Configure ccd devices. 98# 99if [ -r /etc/ccd.conf ]; then 100 ccdconfig -C 101fi 102 103case ${start_vinum} in 104[Yy][Ee][Ss]) 105 vinum start 106 ;; 107esac 108 109swapon -a 110 111case $1 in 112autoboot) 113 echo Automatic boot in progress... 114 fsck -p 115 case $? in 116 0) 117 ;; 118 2) 119 exit 1 120 ;; 121 4) 122 reboot 123 echo "reboot failed... help!" 124 exit 1 125 ;; 126 8) 127 echo "Automatic file system check failed... help!" 128 exit 1 129 ;; 130 12) 131 echo "Reboot interrupted" 132 exit 1 133 ;; 134 130) 135 # interrupt before catcher installed 136 exit 1 137 ;; 138 *) 139 echo "Unknown error in reboot" 140 exit 1 141 ;; 142 esac 143 ;; 144*) 145 echo Skipping disk checks ... 146 ;; 147esac 148 149set -T 150trap "echo 'Reboot interrupted'; exit 1" 3 151 152# root normally must be read/write, but if this is a BOOTP NFS 153# diskless boot it does not have to be. 154# 155case ${root_rw_mount} in 156[Nn][Oo] | '') 157 ;; 158*) 159 if ! mount -u -o rw / ; then 160 echo "Mounting root filesystem rw failed, startup aborted" 161 exit 1 162 fi 163 ;; 164esac 165 166umount -a >/dev/null 2>&1 167 168# Mount everything except nfs filesystems. 169mount -a -t nonfs 170 171case $? in 1720) 173 ;; 174*) 175 echo "Mounting /etc/fstab filesystems failed, startup aborted" 176 exit 1 177 ;; 178esac 179 180# Run custom disk mounting function here 181# 182if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then 183 sh ${diskless_mount} 184fi 185 186adjkerntz -i 187 188purgedir() { 189 local dir file 190 191 if [ $# -eq 0 ]; then 192 purgedir . 193 else 194 for dir 195 do 196 ( 197 cd "$dir" && for file in .* * 198 do 199 [ ."$file" = .. -o ."$file" = ... ] && continue 200 [ -d "$file" -a ! -L "$file" ] && 201 purgedir "$file" 202 [ -f "$file" ] && rm -f -- "$file" 203 done 204 ) 205 done 206 fi 207} 208 209clean_var() { 210 if [ ! -f /var/run/clean_var ]; then 211 rm -rf /var/run/* 212 purgedir /var/spool/lock 213 rm -rf /var/spool/uucp/.Temp/* 214 # Keep a copy of the boot messages around 215 dmesg >/var/run/dmesg.boot 216 # And an initial utmp file 217 (cd /var/run && cp /dev/null utmp && chmod 644 utmp;) 218 >/var/run/clean_var 219 fi 220} 221 222if [ -d /var/run -a -d /var/spool/lock -a -d /var/spool/uucp/.Temp ]; then 223 # network_pass1() *may* end up writing stuff to /var - we don't want to 224 # remove it immediately afterwards - *nor* to we want to fail to clean 225 # an nfs-mounted /var. 226 clean_var 227fi 228 229# Add additional swapfile, if configured. 230# 231case ${swapfile} in 232[Nn][Oo] | '') 233 ;; 234*) 235 if [ -w "${swapfile}" -a -c /dev/vn0b ]; then 236 echo "Adding ${swapfile} as additional swap." 237 vnconfig /dev/vn0b ${swapfile} && swapon /dev/vn0b 238 fi 239 ;; 240esac 241 242# Set sysctl variables as early as we can 243# 244if [ -r /etc/rc.sysctl ]; then 245 . /etc/rc.sysctl 246fi 247 248# Configure serial devices 249# 250if [ -r /etc/rc.serial ]; then 251 . /etc/rc.serial 252fi 253 254# Start up PC-card configuration 255# 256if [ -r /etc/rc.pccard ]; then 257 . /etc/rc.pccard 258fi 259 260# Start up the initial network configuration. 261# 262if [ -r /etc/rc.network ]; then 263 . /etc/rc.network # We only need to do this once. 264 network_pass1 265fi 266 267case ${ipv6_enable} in 268[Yy][Ee][Ss]) 269 if [ -r /etc/rc.network6 ]; then 270 . /etc/rc.network6 # We only need to do this once also. 271 network6_pass1 272 fi 273 ;; 274esac 275 276# Mount NFS filesystems if present in /etc/fstab 277case "`mount -d -a -t nfs`" in 278*mount_nfs*) 279 echo -n "Mounting NFS file systems" 280 mount -a -t nfs 281 echo . 282 ;; 283esac 284 285# Whack the pty perms back into shape. 286# 287if ls /dev/tty[pqrsPQRS]* > /dev/null 2>&1; then 288 chflags 0 /dev/tty[pqrsPQRS]* 289 chmod 666 /dev/tty[pqrsPQRS]* 290 chown root:wheel /dev/tty[pqrsPQRS]* 291fi 292 293# Clean up left-over files 294# 295clean_var # If it hasn't already been done 296rm /var/run/clean_var 297 298# Clearing /tmp at boot-time seems to have a long tradition. It doesn't 299# help in any way for long-living systems, and it might accidentally 300# clobber files you would rather like to have preserved after a crash 301# (if not using mfs /tmp anyway). 302# 303# See also the example of another cleanup policy in /etc/periodic/daily. 304# 305case ${clear_tmp_enable} in 306[Yy][Ee][Ss]) 307 echo clearing /tmp 308 # prune quickly with one rm, then use find to clean up /tmp/[lq]* 309 # (not needed with mfs /tmp, but doesn't hurt there...) 310 (cd /tmp && rm -rf [a-km-pr-zA-Z]* && 311 find -d . ! -name . ! -name lost+found ! -name quota.user \ 312 ! -name quota.group -exec rm -rf -- {} \;) 313 ;; 314esac 315 316# Remove X lock files, since they will prevent you from restarting X11 317# after a system crash. 318# 319rm -f /tmp/.X*-lock /tmp/.X11-unix/* 320 321# Snapshot any kernel -c changes back to disk here <someday>. 322# This has changed with ELF and /kernel.config. 323 324echo -n 'additional daemons:' 325 326# Start system logging and name service. Named needs to start before syslogd 327# if you don't have a /etc/resolv.conf. 328# 329case ${syslogd_enable} in 330[Yy][Ee][Ss]) 331 # Transitional symlink (for the next couple of years :) until all 332 # binaries have had a chance to move towards /var/run/log. 333 if [ ! -h /dev/log ]; then 334 # might complain for r/o root f/s 335 ln -sf /var/run/log /dev/log 336 fi 337 338 rm -f /var/run/log 339 echo -n ' syslogd'; syslogd ${syslogd_flags} 340 ;; 341esac 342 343echo '.' 344 345# Build devices database 346# 347dev_mkdb 348 349# Enable dumpdev so that savecore can see it. 350# /var/crash should be a directory or a symbolic link 351# to the crash directory if core dumps are to be saved. 352# 353case ${dumpdev} in 354[Nn][Oo] | '') 355 ;; 356*) 357 if [ -e "${dumpdev}" -a -d /var/crash ]; then 358 dumpon -v ${dumpdev} 359 echo -n checking for core dump... 360 savecore /var/crash 361 fi 362 ;; 363esac 364 365if [ -n "${network_pass1_done}" ]; then 366 network_pass2 367fi 368 369# Enable/Check the quotas (must be after ypbind if using NIS) 370# 371case ${enable_quotas} in 372[Yy][Ee][Ss]) 373 case ${check_quotas} in 374 [Yy][Ee][Ss]) 375 echo -n 'checking quotas:' 376 quotacheck -a 377 echo ' done.' 378 ;; 379 esac 380 381 echo -n 'enabling quotas:' 382 quotaon -a 383 echo ' done.' 384 ;; 385esac 386 387if [ -n "${network_pass2_done}" ]; then 388 network_pass3 389fi 390 391# Check the password temp/lock file 392# 393if [ -e /etc/ptmp ]; then 394 logger -s -p auth.err \ 395 "password file may be incorrect -- /etc/ptmp exists" 396fi 397 398case ${accounting_enable} in 399[Yy][Ee][Ss]) 400 if [ -d /var/account ]; then 401 echo 'turning on accounting' 402 if [ ! -e /var/account/acct ]; then 403 touch /var/account/acct 404 fi 405 accton /var/account/acct 406 fi 407 ;; 408esac 409 410# Make shared lib searching a little faster. Leave /usr/lib first if you 411# add your own entries or you may come to grief. 412# 413ldconfig="/sbin/ldconfig" 414case ${ldconfig_insecure} in 415[Yy][Ee][Ss]) 416 ldconfig="${ldconfig} -i" 417 ;; 418esac 419if [ -x /sbin/ldconfig ]; then 420 case `/usr/bin/objformat` in 421 elf) 422 _LDC=/usr/lib 423 for i in ${ldconfig_paths}; do 424 if [ -d "${i}" ]; then 425 _LDC="${_LDC} ${i}" 426 fi 427 done 428 echo 'setting ELF ldconfig path:' ${_LDC} 429 ${ldconfig} -elf ${_LDC} 430 ;; 431 esac 432 433 # Legacy aout support for i386 only 434 case `sysctl -n hw.machine` in 435 i386) 436 # Default the a.out ldconfig path. 437 : ${ldconfig_paths_aout=${ldconfig_paths}} 438 _LDC=/usr/lib/aout 439 for i in ${ldconfig_paths_aout}; do 440 if [ -d "${i}" ]; then 441 _LDC="${_LDC} ${i}" 442 fi 443 done 444 echo 'setting a.out ldconfig path:' ${_LDC} 445 ${ldconfig} -aout ${_LDC} 446 ;; 447 esac 448fi 449 450# Now start up miscellaneous daemons that don't belong anywhere else 451# 452echo -n starting standard daemons: 453case ${inetd_enable} in 454[Nn][Oo]) 455 ;; 456*) 457 echo -n ' inetd'; inetd ${inetd_flags} 458 ;; 459esac 460 461case ${cron_enable} in 462[Nn][Oo]) 463 ;; 464*) 465 echo -n ' cron'; cron 466 ;; 467esac 468 469case ${lpd_enable} in 470[Yy][Ee][Ss]) 471 echo -n ' printer'; ${lpd_program:-/usr/sbin/lpd} ${lpd_flags} 472 ;; 473esac 474 475case ${sendmail_enable} in 476[Yy][Ee][Ss]) 477 if [ -r /etc/mail/sendmail.cf ]; then 478 echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags} 479 fi 480 ;; 481esac 482 483case ${sshd_enable} in 484[Yy][Ee][Ss]) 485 if [ -x ${sshd_program:-/usr/sbin/sshd} ]; then 486 echo -n ' sshd'; 487 ${sshd_program:-/usr/sbin/sshd} ${sshd_flags} 488 fi 489 ;; 490esac 491 492case ${usbd_enable} in 493[Yy][Ee][Ss]) 494 echo -n ' usbd'; /usr/sbin/usbd ${usbd_flags} 495 ;; 496esac 497 498echo '.' 499 500# Recover vi editor files. 501find /var/tmp/vi.recover ! -type f -a ! -type d -delete 502vibackup=`echo /var/tmp/vi.recover/vi.*` 503if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then 504 echo 'Recovering vi editor sessions' 505 for i in /var/tmp/vi.recover/vi.*; do 506 # Only test files that are readable. 507 if [ ! -r "${i}" ]; then 508 continue 509 fi 510 511 # Unmodified nvi editor backup files either have the 512 # execute bit set or are zero length. Delete them. 513 if [ -x "${i}" -o ! -s "${i}" ]; then 514 rm -f "${i}" 515 fi 516 done 517 518 # It is possible to get incomplete recovery files, if the editor 519 # crashes at the right time. 520 virecovery=`echo /var/tmp/vi.recover/recover.*` 521 if [ "${virecovery}" != "/var/tmp/vi.recover/recover.*" ]; then 522 for i in /var/tmp/vi.recover/recover.*; do 523 # Only test files that are readable. 524 if [ ! -r "${i}" ]; then 525 continue 526 fi 527 528 # Delete any recovery files that are zero length, 529 # corrupted, or that have no corresponding backup file. 530 # Else send mail to the user. 531 recfile=`awk '/^X-vi-recover-path:/{print $2}' < "${i}"` 532 if [ -n "${recfile}" -a -s "${recfile}" ]; then 533 sendmail -t < "${i}" 534 else 535 rm -f "${i}" 536 fi 537 done 538 fi 539fi 540 541# Make a bounds file for msgs(1) if there isn't one already 542# "Delete important files with symlink" security hole? 543# 544if [ -d /var/msgs -a ! -f /var/msgs/bounds ]; then 545 echo 0 > /var/msgs/bounds 546fi 547 548case ${update_motd} in 549[Nn][Oo] | '') 550 ;; 551*) 552 if T=`mktemp /tmp/_motd.XXXXXX`; then 553 uname -v | sed -e 's,^\([^#]*\) #\(.* [1-2][0-9][0-9][0-9]\).*/\([^\]*\) $,\1 (\3) #\2,' > ${T} 554 awk '{if (NR == 1) {if ($1 == "FreeBSD") {next} else {print "\n"$0}} else {print}}' < /etc/motd >> ${T} 555 cmp -s ${T} /etc/motd || { 556 cp ${T} /etc/motd 557 chmod 644 /etc/motd 558 } 559 rm -f ${T} 560 fi 561 ;; 562esac 563 564# Configure implementation specific stuff 565# 566arch=`uname -m` 567if [ -r /etc/rc.${arch} ]; then 568 . /etc/rc.${arch} 569fi 570 571# Run rc.devfs if readable to customize devfs 572# 573if [ -r /etc/rc.devfs ]; then 574 sh /etc/rc.devfs 575fi 576 577echo -n additional ABI support: 578 579# Start the Linux binary compatibility if requested. 580# 581case ${linux_enable} in 582[Yy][Ee][Ss]) 583 echo -n ' linux' 584 if ! kldstat -v | grep -E 'linux(aout|elf)' > /dev/null; then 585 kldload linux > /dev/null 2>&1 586 fi 587 if [ -x /compat/linux/sbin/ldconfig ]; then 588 /compat/linux/sbin/ldconfig 589 fi 590 ;; 591esac 592 593# Start the SysVR4 binary emulation if requested. 594# 595case ${svr4_enable} in 596[Yy][Ee][Ss]) 597 echo -n ' svr4'; kldload svr4 > /dev/null 2>&1 598 ;; 599esac 600 601echo . 602 603# Do traditional (but rather obsolete) rc.local file if it exists. If you 604# use this file and want to make it programmatic, source /etc/defaults/rc.conf 605# in /etc/rc.local and add your custom variables to /etc/rc.conf, as 606# shown below. Please do not put local extensions into /etc/rc itself. 607# Use /etc/rc.local 608# 609# ---- rc.local ---- 610# if [ -r /etc/defaults/rc.conf ]; then 611# . /etc/defaults/rc.conf 612# source_rc_confs 613# elif [ -r /etc/rc.conf ]; then 614# . /etc/rc.conf 615# fi 616# 617# ... additional startup conditionals ... 618# ---- rc.local ---- 619# 620if [ -r /etc/rc.local ]; then 621 echo -n 'starting local daemons:' 622 sh /etc/rc.local 623 echo '.' 624fi 625 626# For each valid dir in $local_startup, search for init scripts matching *.sh 627# 628case ${local_startup} in 629[Nn][Oo] | '') 630 ;; 631*) 632 echo -n 'Local package initialization:' 633 for dir in ${local_startup}; do 634 if [ -d "${dir}" ]; then 635 for script in ${dir}/*.sh; do 636 if [ -x "${script}" ]; then 637 (set -T 638 trap 'exit 1' 2 639 ${script} start) 640 fi 641 done 642 fi 643 done 644 echo . 645 ;; 646esac 647 648if [ -n "${network_pass3_done}" ]; then 649 network_pass4 650fi 651 652# Raise kernel security level. This should be done only after `fsck' has 653# repaired local file systems if you want the securelevel to be greater than 1. 654# 655case ${kern_securelevel_enable} in 656[Yy][Ee][Ss]) 657 if [ "${kern_securelevel}" -ge 0 ]; then 658 echo 'Raising kernel security level' 659 sysctl -w kern.securelevel=${kern_securelevel} 660 fi 661 ;; 662esac 663 664date 665exit 0 666