Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
INIT(8)			FreeBSD	System Manager's Manual		       INIT(8)

     init -- process control initialization

     init [0 | 1 | 6 | c | q]

     The init program is the last stage	of the boot process.  It normally runs
     the automatic reboot sequence as described	in rc(8), and if this suc-
     ceeds, begins multi-user operation.  If the reboot	scripts	fail, init
     commences single-user operation by	giving the super-user a	shell on the
     console.  The init	program	may be passed parameters from the boot program
     to	prevent	the system from	going multi-user and to	instead	execute	a sin-
     gle-user shell without starting the normal	daemons.  The system is	then
     quiescent for maintenance work and	may later be made to go	to multi-user
     by	exiting	the single-user	shell (with ^D).  This causes init to run the
     /etc/rc start up command file in fastboot mode (skipping disk checks).

     If	the console entry in the ttys(5) file is marked	``insecure'', then
     init will require that the	super-user password be entered before the sys-
     tem will start a single-user shell.  The password check is	skipped	if the
     console is	marked as ``secure''.

     The kernel	runs with four different levels	of security.  Any super-user
     process can raise the security level, but no process can lower it.	 The
     security levels are:

     -1	   Permanently insecure	mode - always run the system in	level 0	mode.
	   This	is the default initial value.

     0	   Insecure mode - immutable and append-only flags may be turned off.
	   All devices may be read or written subject to their permissions.

     1	   Secure mode - the system immutable and system append-only flags may
	   not be turned off; disks for	mounted	filesystems, /dev/mem, and
	   /dev/kmem may not be	opened for writing; kernel modules (see
	   kld(4)) may not be loaded or	unloaded.

     2	   Highly secure mode -	same as	secure mode, plus disks	may not	be
	   opened for writing (except by mount(2)) whether mounted or not.
	   This	level precludes	tampering with filesystems by unmounting them,
	   but also inhibits running newfs(8) while the	system is multi-user.

	   In addition,	kernel time changes are	restricted to less than	or
	   equal to one	second.	 Attempts to change the	time by	more than this
	   will	log the	message	``Time adjustment clamped to +1	second''.

     3	   Network secure mode - same as highly	secure mode, plus IP packet
	   filter rules	(see ipfw(8) and ipfirewall(4))	cannot be changed and
	   dummynet(4) configuration cannot be adjusted.

     If	the security level is initially	nonzero, then init leaves it
     unchanged.	 Otherwise, init raises	the level to 1 before going multi-user
     for the first time.  Since	the level can not be reduced, it will be at
     least 1 for subsequent operation, even on return to single-user.  If a
     level higher than 1 is desired while running multi-user, it can be	set
     before going multi-user, e.g., by the startup script rc(8), using
     sysctl(8) to set the ``kern.securelevel'' variable	to the required	secu-
     rity level.

     In	multi-user operation, init maintains processes for the terminal	ports
     found in the file ttys(5).	 Init reads this file and executes the command
     found in the second field,	unless the first field refers to a device in
     /dev which	is not configured.  The	first field is supplied	as the final
     argument to the command.  This command is usually getty(8); getty opens
     and initializes the tty line and executes the login(1) program.  The
     login program, when a valid user logs in, executes	a shell	for that user.
     When this shell dies, either because the user logged out or an abnormal
     termination occurred (a signal), the init program wakes up, deletes the
     user from the utmp(5) file	of current users and records the logout	in the
     wtmp(5) file.  The	cycle is then restarted	by init	executing a new	getty
     for the line.

     Init can also be used to keep arbitrary daemons running, automatically
     restarting	them if	they die.  In this case, the first field in the
     ttys(5) file must not reference the path to a configured device node and
     will be passed to the daemon as the final argument	on its command line.
     This is similar to	the facility offered in	the AT&T System	V UNIX

     Line status (on, off, secure, getty, or window information) may be
     changed in	the ttys(5) file without a reboot by sending the signal	SIGHUP
     to	init with the command ``kill -HUP 1''.	On receipt of this signal,
     init re-reads the ttys(5) file.  When a line is turned off	in ttys(5),
     init will send a SIGHUP signal to the controlling process for the session
     associated	with the line.	For any	lines that were	previously turned off
     in	the ttys(5) file and are now on, init executes the command specified
     in	the second field.  If the command or window field for a	line is
     changed, the change takes effect at the end of the	current	login session
     (e.g., the	next time init starts a	process	on the line).  If a line is
     commented out or deleted from ttys(5), init will not do anything at all
     to	that line.  However, it	will complain that the relationship between
     lines in the ttys(5) file and records in the utmp(5) file is out of sync,
     so	this practice is not recommended.

     Init will terminate multi-user operations and resume single-user mode if
     sent a terminate (TERM) signal, for example, ``kill -TERM 1''.  If	there
     are processes outstanding that are	deadlocked (because of hardware	or
     software failure),	init will not wait for them all	to die (which might
     take forever), but	will time out after 30 seconds and print a warning

     Init will cease creating new processes and	allow the system to slowly die
     away, if it is sent a terminal stop (TSTP)	signal,	i.e. ``kill -TSTP 1''.
     A later hangup will resume	full multi-user	operations, or a terminate
     will start	a single-user shell.  This hook	is used	by reboot(8) and

     Init will terminate all possible processes	(again,	it will	not wait for
     deadlocked	processes) and reboot the machine if sent the interrupt	(INT)
     signal, i.e. ``kill -INT 1''.  This is useful for shutting	the machine
     down cleanly from inside the kernel or from X when	the machine appears to
     be	hung.

     Init will do the same, except it will halt	the machine if sent the	user
     defined signal 1 (USR1), or will halt and turn the	power off (if hardware
     permits) if sent the user defined signal 2	(USR2).

     When shutting down	the machine, init will try to run the /etc/rc.shutdown
     script.  This script can be used to cleanly terminate specific programs
     such as innd (the InterNetNews server).

     The role of init is so critical that if it	dies, the system will reboot
     itself automatically.  If,	at bootstrap time, the init process cannot be
     located, the system will panic with the message ``panic: init died
     (signal %d, exit %d)''.

     If	run as a user process as shown in the second synopsis line, init will
     emulate AT&T System V UNIX	behavior, i.e. super-user can specify the
     desired run-level on a command line, and init will	signal the original
     (PID 1) init as follows:

     Run-level	  Signal     Action
     0		  SIGUSR2    Halt and turn the power off
     1		  SIGTERM    Go	to single-user mode
     6		  SIGINT     Reboot the	machine
     c		  SIGTSTP    Block further logins
     q		  SIGHUP     Rescan the	ttys(5)	file

     getty repeating too quickly on port %s, sleeping.	A process being
     started to	service	a line is exiting quickly each time it is started.
     This is often caused by a ringing or noisy	terminal line.	Init will
     sleep for 30 seconds, then	continue trying	to start the process.

     some processes would not die; ps axl advised.  A process is hung and
     could not be killed when the system was shutting down.  This condition is
     usually caused by a process that is stuck in a device driver because of a
     persistent	device error condition.

     /dev/console      system console device
     /dev/tty*	       terminal	ports found in ttys(5)
     /var/run/utmp     record of current users on the system
     /var/log/wtmp     record of all logins and	logouts
     /etc/ttys	       the terminal initialization information file
     /etc/rc	       system startup commands
     /etc/rc.shutdown  system shutdown commands

     kill(1), login(1),	sh(1), dummynet(4), ipfirewall(4), kld(4), ttys(5),
     crash(8), getty(8), halt(8), ipfw(8), rc(8), reboot(8), shutdown(8),

     An	init command appeared in Version 6 AT&T	UNIX.

     Systems without sysctl behave as though they have security	level -1.

     Setting the security level	above 1	too early in the boot sequence can
     prevent fsck(8) from repairing inconsistent filesystems.  The preferred
     location to set the security level	is at the end of /etc/rc after all
     multi-user	startup	actions	are complete.

FreeBSD	10.3			April 18, 1994			  FreeBSD 10.3


Want to link to this manual page? Use this URL:

home | help