Commit Graph

352 Commits

Author SHA1 Message Date
Mark Felder
1ce07411fa Fix firstboot fs mount logic
The firstboot logic has an error which causes the filesystem to be
mounted readonly even though root_rw_mount=YES. This fixes the error to
ensure that the root filesystem is mounted rw as expected after the run
of the firstboot scripts.

Reviewed by:	imp
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D14226
2018-02-06 20:12:05 +00:00
Warner Losh
40adda8665 Use checkyesno instead of rolling my own.. 2016-10-23 18:00:09 +00:00
Warner Losh
2cf098b8fc Allow root_rw_mount to be both lower and upper case. Before, if it was
upper case, you'd wind up with a read-only filesystem when you should
sometimes.

PR: 213549
2016-10-17 04:07:13 +00:00
Warner Losh
3e972f4409 Try a little harder to remove firstboot and firstboot-reboot files in
case they accidentally get created as directories or with flags that
prevent their removal. While I wouldn't normally go the extra mile
here and let the normal unix rules prevail, the effects of failure are
large enough that extra care is warranted.
2016-01-06 17:13:40 +00:00
Warner Losh
71b902050d Use the more proper -f. Leave /bin/rm in place since that's what
other rc scripts have, though it isn't strictly necessary.
2016-01-05 21:20:47 +00:00
Warner Losh
d3e4bc1271 Use /bin/rm to remove /firstboot*. Otherwise rm -i alias is picked
up and can cause issues on boot with the prompts. Fix the read-only
root case with horrible kludge of mounting rw removing the files, then
mounting ro. But since that's no more horrible than the kludge of
using marker files in /. With this change, NanoBSD configs can safely
use /firstboot + growfs to produce minimal images that grow to the
size of the card.
2016-01-03 19:18:48 +00:00
Dag-Erling Smørgrav
cd06771f0c The early-late divider was originally set to mountcritlocal. Since that
service does not run in jails, it was necessary to change it to something
else when jailed, and NETWORKING was arbitrarily chosen.  The divider was
later moved to FILESYSTEMS when it was introduced, but the logic to change
it to NETWORKING when jailed remained.  Remove it, as it no longer serves
any purpose.

PR:		194975
MFC after:	1 week
2014-12-01 12:29:59 +00:00
Colin Percival
b6ae696fc9 The rc system aggressively caches the contents of /etc/rc.conf in order to
improve boot performance; this produces arguably astonishing (non-)results
if /etc/rc.conf is modified during the boot process.

Since performance considerations make it infeasible to automatically detect
if the cached /etc/rc.conf parameters should be invalidated, provide a
mechanism for explicitly requesting that /etc/rc.conf be reloaded: Catch
SIGALRM and reload /etc/rc.conf if it is received.

Discussed on:	freebsd-rc
MFC after:	3 days
2013-12-03 21:55:57 +00:00
Colin Percival
cabad26453 Add support for "first boot" rc.d scripts. [1]
These scripts, containing
# KEYWORD: firstboot
will only be run if a sentinel file (default: /firstboot, configurable
via the rc.conf ${firstboot_sentinel} variable) exists; this sentinel
file will be deleted at the end of the boot process.

Scripts can request that the system reboot after the first boot by
creating the file ${firstboot_sentinel}-reboot.

This functionality is expected to be useful for embedded systems and
virtual machine images, where it may be desirable to
(a) download and install updates which became available between when
the image was created and when it was "turned on";
(b) download and install packages which may be newer than those
which were available when the image was created;
(c) install packages which run binaries during their install process,
bypassing the problem of cross-architecture installs;
(d) resize filesystems to match the disk onto which a VM image was
installed;
(e) perform initialization tasks relevant to cloud systems (e.g.,
Amazon's Elastic Compute Cloud);
and likely to perform many other one-time initialization functions.

Document this new functionality in rc.conf(5) and rc(8). [2]

Reviewed by:	freebsd-current, freebsd-rc [1]
Reviewed by:	Warren Block [2]
MFC after:	3 days
2013-10-19 21:37:06 +00:00
Jamie Gritton
761d2bb5b9 Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't
apply to most jails but do apply to vnet jails.  This includes adding
a new sysctl "security.jail.vnet" to identify vnet jails.

PR:		conf/149050
Submitted by:	mdodd
MFC after:	3 days
2013-05-19 04:10:34 +00:00
Ed Schouten
93bd0cdedd Hide stty(1) errors.
If rc(8) is executed without using a TTY, this error appears at the
beginning:

	stty: stdin isn't a terminal

Because this is to be expected and of course not harmful, it is better
to simply hide the error message.

MFC after:	1 week
2012-03-14 16:10:39 +00:00
Doug Barton
1d29baf81e Rather than trusting that nothing is going to sneak in before the
early_late_divider in the second run (and thus be skipped altogether),
keep a list of the scripts run early, and use that list to skip things
in the second run.

This has the primary benefit of not skipping a local script that gets
ordered too early in the second run. It also gives an opportunity to
clean up/simplify the code a bit.

Use a space-separated list rather than the more traditional colon for
maximum insurance against creativity in local naming conventions.

Reviewed by:	brooks
2011-04-29 21:10:41 +00:00
Mike Makonnen
40c3350ab9 Remove pointless informational message. 2008-06-23 04:18:22 +00:00
Mike Makonnen
a850398f3b Re-implement: do not silently fail when a command is not carried
out because the rc.conf(5) variable was not enabled. Display a
message that the command wasn't run and offer suggestions on
what the user can do.

Implement a quiet prefix, which will disable some diagnostics. The
fast prefix also implies quiet. During boot we use either fast or
quiet. For shutdown we already use 'faststop'. So, this informational
message should only appear during interactive use.

An additional benefit of having a quiet prefix is that we can start
putting some of our diagnostic messages behind this knob and start
"de-cluttering" the console during boot and shutdown.
2008-01-26 11:22:12 +00:00
Dag-Erling Smørgrav
7bd5b79de4 Add a dummy script, FILESYSTEMS, which depends on root and mountcritlocal
and takes over mountcritlocal's role as the early / late divider.  This
makes it far easier to add rc scripts which need to run early, such as a
startup script for zfs, which is right around the corner.

This change should be a no-op; I have verified that the only change in
rcorder's output is the insertion of FILESYSTEMS immediately after
mountcritlocal.

MFC after:	3 weeks
2007-04-02 22:53:07 +00:00
Doug Barton
2a723c89f8 Attempt to make running the new rc in a jail more automatic by
resetting of early_late_divider to a more appropriate value if
the admin has not modified the default.

Reviewed by:	brooks
2006-02-20 21:54:30 +00:00
Doug Barton
57e561c083 Remove rcconf.sh from /etc/rc.d, and instead load the configuration
as part of rc. Doing this, and the sourcing of rc.subr after we have
determined if we are booting diskless (and correspondingly run
rc.initdiskless if necessary) are safe, and actually allow fewer files
to be needed on the diskless box. This also allows variables from
the configuration to be available to rc itself, such as ...

Add a variable to rc.conf, early_late_divider, which designates the
script which separates the early and late stages of the boot process.
Default this to mountcritlocal, and add text to etc/defaults/rc.conf,
rc.conf(5) and diskless(8) which describes how and why one might want
to change this.

Reviewed by:	brooks
2005-12-10 20:21:46 +00:00
Doug Barton
0f3ce2b32c Introduce startup scripts from the local_startup directories to
the base rcorder. This is accomplished by running rcorder twice,
first to get all the disks mounted (through mountcritremote),
then again to include the local_startup directories.

This dramatically changes the behavior of rc.d/localpkg, as
all "local" scripts that have the new rc.d semantics are now
run in the base rcorder, so only scripts that have not been
converted yet will run in rc.d/localpkg.

Make a similar change in rc.shutdown, and add some functions in
rc.subr to support these changes.

Bump __FreeBSD_version to reflect this change.
2005-12-02 20:06:07 +00:00
Brooks Davis
2af94c5d1d To allow /etc to be as minimal as possible in a diskless setup, we need
to run initdiskless before we run rcorder on /etc/rc.d.  To allow this,
move /etc/rc.d/initdiskless to /etc/rc.initdiskless and run it directly
from /etc/rc.

Remove /etc/rc.d/preseedrandom as it is no longer necessicary (we start
with entropy unblocked) and was only used by initdiskless when it
was needed.

Discussed on:	freebsd-rc
Repocopy by:	peter
2005-04-29 23:02:56 +00:00
Mike Makonnen
d7052481cd Remove an unused variable.
Submitted by: Pawel Worach <pawel.worach@telia.com>
2004-10-08 14:23:49 +00:00
Mike Makonnen
337338ee00 Remove the requirement for the FreeBSD keyword as it no longer
makes any sense.

Discussed with: dougb, brooks
MFC after: 3 days
2004-10-07 13:55:26 +00:00
Mike Makonnen
8f5490f5fe Correct typo.
Submitted by: eik (and probably many others)
2004-07-24 16:30:31 +00:00
Mike Makonnen
30e2462c71 Restore pre-rcNG behaviour:
SIGINT (Ctrl-c) kills the current script
SIGQUIT (Ctrl-\) kills /etc/rc (dropping you into single-user)

Prodded by:	harti
2004-06-06 18:06:09 +00:00
Pawel Jakub Dawidek
01b373bed7 Fix skipping scripts with given keywords.
Proper syntax is '-s keyword1 -s keyword2', not '-s keyword1 keyword2'.
2004-03-08 12:02:07 +00:00
Mike Makonnen
e0aca24352 o Add support for detecting a jailed environment. If a script
cannot or does not want to be executed in a jail the
  KEYWORDS line should contain the nojail keyword.
o Update Copyright

# I suggest people who use jails more extensively than I do
# make commits to the appropriate files.
2004-02-27 10:44:33 +00:00
Doug Barton
4b065e2ce1 Per previous announcement, remove the old version of the rc system.
All functionality from the previous system has been preserved, and
users should still customize their system boot with the familiar
methods, rc.conf, rc.conf.local, rc.firewall, sysctl.conf, etc.

Users who have customized versions of scripts that have been removed
should take great care when upgrading, since the compatibility code
that used those old scripts has also been removed.
2003-05-02 05:27:35 +00:00
Doug Barton
4bc6a70cad Add a dire warning about the impending demise of the old rc system.
Suggested by:	scottl
2003-04-27 07:08:07 +00:00
Makoto Matsushita
7172e3d4bf Set appropriate tag "fsck" to logger(1) for background fsck messages.
PR:		51174
Submitted by:	Alex Popa <razor@ldc.ro>
2003-04-23 15:38:02 +00:00
Matthew Dillon
cc1dfa653e Redo the initial rc_ng check to avoid rc.conf pollution occuring too early,
initdiskless may retarget /etc and various rc.conf files.  The initial check
is now done in a subshell.
Reviewed by:	Mike Makonnen <mtm@identd.net>
2002-12-23 07:09:44 +00:00
Matthew Dillon
eb7bf00306 Do not unconditionally load the configuration files for the RCNG case.
Instead, load them as part of the rc.d system.  This allows us to prioritize
the initidiskless script so it runs before the configuration files are loaded
and allows us to get rid of the exit 2 hack in /etc/rc.  The exit 2 never
worked anyway since it did not unset the prior configuration, causing the
diskless code to not operate properly.

Do a major cleanup and revamping of the diskless code for RCNG.  This will
be backported to the non-RCNG scripts as well as -stable.

With suggestions from: Mike Makonnen <mtm@identd.net>
MFC after:	7 days
2002-12-22 22:18:41 +00:00
Kirk McKusick
123a5dff98 Delay an optional amount of time after booting before starting a
background fsck. The delay defaults to sixty seconds to allow
large applications such as the X server to start before disk I/O
bandwidth is monopolized by fsck.

Submitted by:	Brooks Davis <brooks@one-eyed-alien.net>
Sponsored by:   DARPA & NAI Labs.
2002-12-18 07:21:31 +00:00
Robert Watson
881a0ee9b5 Update rc scripts to load mac_lomac instead of lomac.
Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-26 17:51:03 +00:00
Dima Dorfman
605cf4c8a3 Aesthetics: Most (all?) other messages output at boot time have
trailing periods, so why shouldn't this one?
2002-10-12 07:21:18 +00:00
Jens Schweikhardt
d539c53b01 Fix all whitespace style bugs where spaces have been used
where tabs should have been. Cut & paste disease?

Spotted by:	vi(1) tabstop=4
MFC after:	2 weeks
2002-10-03 20:39:29 +00:00
Dima Dorfman
2ca85e3d5e In a diskless setup, rc.d/initdiskless may overwrite parts of /etc on
a per-machine or per-cluster (with different ways of expressing what's
part of a cluster) basis.  In order for this to be effective, rc.conf
has to be reread after initdiskless is finished.  Implement this by
adding a hook to etc/rc which rereads rc.conf by request.  This can
also be implemented by renaming initdiskless to initdiskless.sh and
sourcing rc.conf there manually, but it was decided that, that would
be uglier than a hook in etc/rc.

Developed in concert with:	gordon
2002-10-02 00:59:14 +00:00
Peter Wemm
66422f5b7a Initiate deorbit burn for the i386-only a.out related support. Moves are
under way to move the remnants of the a.out toolchain to ports.  As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL.  It has already lasted WAY beyond
that.

Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.

Tested on: i386 (extensively), alpha
2002-09-17 01:49:00 +00:00
Gordon Tetlow
8e05457085 Quiet warnings about non-existent scripts. My own fault for not testing my
own patches as well as I should.
2002-09-11 01:00:57 +00:00
Gordon Tetlow
5b572aec21 Remove an accidental double chkdepend that snuck in during the last commit.
Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-15 03:24:47 +00:00
Gordon Tetlow
8987faac82 Don't export variables from /etc/rc when doing rc_ng because the scripts
are sourced in a subshell.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-14 05:58:44 +00:00
Gordon Tetlow
2ee93c5780 Clean up some variables that should have been done before:
xntpd_* -> ntpd_*
portmap_* -> rpcbind_*

Also change single_mountd_enable to mountd_enable.

We also include shims for all the old variable names.

Submitted by:	Mike Makonnen <makonnen@pacbell.net>
2002-08-14 05:37:15 +00:00
Gordon Tetlow
825bb04125 Add the final bits that allow the use of rc.d. Note that you can toggle
between rc.d and the classic boot scripts based on the rcng variable in
your rc.conf. Defaults to classic boot scripts.

Submitted by:	Mike Makonnen
2002-06-13 22:30:02 +00:00
Tom Rhodes
db4f576472 Consistancy, file system > filesystem 2002-05-16 02:10:03 +00:00
Jacques Vidrine
dfc4c48df7 It is dangerous to use globbing like so in startup scripts:
rm -f /tmp/.X11-unix/*

If /tmp/.X11-unix didn't already exist, a user could symlink it to a directory
with files that he wants to wipe out, and wait for next reboot.

Reported by:	lumpy <lumpy@the.whole.net>
2002-05-08 14:47:44 +00:00
Wes Peters
8373917257 Rename the file used to specify the nextboot to make it clear that this
is a loader configuration file and can be used for more than just a
kernel name.

Submitted by:	Gordon Tetlow <gordont@gnf.org>
2002-04-26 22:32:15 +00:00
Wes Peters
1de372dcd4 Add a -k option to reboot to specify the kernel to boot next time
around.  If the kernel boots successfully, the record of this kernel
is erased, it is intended to be a one-shot option for testing
kernels.

This could be improved by having the loader remove the record of
the next kernel to boot, it is currently removed in /etc/rc immediately
after disks are mounted r/w.

I'd like to MFC this before the 4.6 freeze unless there is violent
objection.

Reviewed by:	Several on IRC
MFC after:	4 days
2002-04-26 07:31:04 +00:00
David E. O'Brien
8a57f7e245 Do not use 'ps -e' for entropy gathering. It uses /proc/*/mem to rummage
around *user* memory to extract the environment variable strings.  This
is problematic for us.

Submitted by:	peter
2002-04-23 00:05:48 +00:00
Gregory Neil Shapiro
619b80c4e6 Quoting Peter Wemm, "At great personal risk, touch the sendmail startup
again."

As an alternative to sendmail_enable=NONE, solve the boot time problem
for non-sendmail users completely by moving all of the sendmail startup
code from /etc/rc to /etc/rc.sendmail.  The source for that script will
be kept in src/etc/sendmail/rc.sendmail so make.conf's NO_SENDMAIL will
prevent it from being installed.  A new rc.conf variable,
mta_start_script specifies the script to run to start the user's
preferred MTA.  For backward compatibility, it will default to
/etc/rc.sendmail.  The specified script is called out of /etc/rc after
checking to make sure it exists.  A new rc.sendmail.8 man page has also
been added which now houses the sendmail_* variable descriptions
formerly in rc.conf.5.

Use /etc/rc.sendmail in /etc/mail/Makefile to reduce code duplication.

Reviewed by:	-current, -stable, obrien, peter, ru
MFC after:	1 week
2002-04-05 02:30:49 +00:00
Gregory Neil Shapiro
4bfef13db0 Provide a way for users to completely prevent sendmail from trying to start
at boot time.

Instead of rc.conf's sendmail_enable only accepting YES or NO, it can now
also accept NONE.  If set to NONE, none of the other sendmail related
startup items will be done.

Remove an extra queue running daemon might be started that wasn't necessary
(it didn't hurt anything but it wasn't needed).

The new logic is:

# MTA
if ${sendmail_enable} == NONE
        # Do nothing
else if ${sendmail_enable} == YES
        start sendmail with ${sendmail_flags}
else if ${sendmail_submit_enable} == YES
        start sendmail with ${sendmail_submit_flags}
else if ${sendmail_outbound_enable} == YES
        start sendmail with ${sendmail_outbound_flags}
endif
# MSP Queue Runner
if ${sendmail_enable} != NONE &&
   [ -r /etc/mail/submit.cf] && ${sendmail_msp_queue_enable} == YES
        start sendmail with ${sendmail_msp_queue_flags}
endif

Discussed with: Thomas Quinot <Thomas.Quinot@Cuivre.FR.EU.ORG>,
		Christopher Schulte <schulte+freebsd@nospam.schulte.org>
MFC after:	1 week
2002-03-28 03:29:22 +00:00
David E. O'Brien
1004420008 Don't start any sendmail process in the back ground.
Requested by:	gshapiro
2002-03-26 02:38:08 +00:00
David E. O'Brien
0ef30ec620 Don't background the sendmail-clientmqueue process -- can give:
sm-queue[181]: NOQUEUE: SYSERR(root): fill_fd: before readcf: fd 1 not open: Bad file descriptor
2002-03-25 20:53:48 +00:00