Date: Tue, 22 Apr 2014 15:49:54 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44626 - head/en_US.ISO8859-1/books/handbook/boot Message-ID: <201404221549.s3MFnsjQ099449@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Tue Apr 22 15:49:54 2014 New Revision: 44626 URL: http://svnweb.freebsd.org/changeset/doc/44626 Log: Move init section into Boot Process as the Last Stage. Format boot options as a table. Expand on single-user mode section. More commits to come. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 05:23:35 2014 (r44625) +++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 15:49:54 2014 (r44626) @@ -345,7 +345,7 @@ boot:</screen> specified options or kernel name. Providing a kernel name on the command-line is only applicable after an <command>unload</command> has been issued. - Otherwise the previously-loaded kernel will be + Otherwise, the previously-loaded kernel will be used.</entry> </row> @@ -432,25 +432,16 @@ boot:</screen> </tbody> </tgroup> </table> - </sect2> - <sect2 xml:id="boot-loader-examples"> - <title>Loader Examples</title> - - <para>Here are some practical examples of loader usage:</para> - - <itemizedlist> - <listitem> - <para>To boot the usual kernel in single-user + <para>Here are some practical examples of + loader usage. To boot the usual kernel in single-user mode<indexterm><primary>single-user mode</primary></indexterm>:</para> <screen><userinput>boot -s</userinput></screen> - </listitem> - <listitem> - <para>To unload the usual kernel and modules, and then - load the previous or another kernel:</para> + <para>To unload the usual kernel and modules and then + load the previous or another, specified kernel:</para> <screen><userinput>unload</userinput> <userinput>load <replaceable>kernel.old</replaceable></userinput></screen> @@ -463,94 +454,183 @@ boot:</screen> system upgrade or before configuring a custom kernel.</para> - <note> <para>Use the following to load the usual modules with another kernel:</para> <screen><userinput>unload</userinput> <userinput>set kernel="<replaceable>kernel.old</replaceable>"</userinput> -<userinput>boot-conf</userinput></screen></note> - </listitem> +<userinput>boot-conf</userinput></screen> - <listitem> <para>To load an automated kernel configuration script:</para> <screen><userinput>load -t userconfig_script <replaceable>/boot/kernel.conf</replaceable></userinput></screen> - </listitem> - </itemizedlist> - </sect2> - - <sect2 xml:id="boot-kernel"> - <title>Kernel Interaction During Boot</title> <indexterm> <primary>kernel</primary> <secondary>boot interaction</secondary> </indexterm> + </sect2> - <para>Once the kernel is loaded by either the default loader or - by boot2, which bypasses the loader, it examines any boot - flags and adjusts its behavior as necessary.</para> + <sect2 xml:id="boot-init"> + <title>Last Stage</title> + + <indexterm> + <primary>&man.init.8;</primary> + </indexterm> + <para>Once the kernel is loaded by either <application>loader</application> or + by <application>boot2</application>, which bypasses + <application>loader</application>, it examines any boot + flags and adjusts its behavior as necessary. <xref + linkend="boot-kernel"/> lists the commonly used boot flags. + Refer to &man.boot.8; for more information on the other + boot flags.</para> <indexterm> <primary>kernel</primary> <secondary>bootflags</secondary> </indexterm> - <para>Here are the more common boot flags:</para> + <table xml:id="boot-kernel" frame="none" pgwide="1"> + <title>Kernel Interaction During Boot</title> - <variablelist xml:id="boot-kernel-bootflags-list"> - <varlistentry> - <term><option>-a</option></term> + <tgroup cols="2"> + <thead> + <row> + <entry>Option</entry> + <entry>Description</entry> + </row> + </thead> - <listitem> - <para>During kernel initialization, ask for the device - to mount as the root file system.</para> - </listitem> - </varlistentry> + <tbody> + <row> + <entry><option>-a</option></entry> + <entry>During kernel initialization, ask for the device + to mount as the root file system.</entry> + </row> - <varlistentry> - <term><option>-C</option></term> + <row> + <entry><option>-C</option></entry> + <entry>Boot the root file system from a <acronym>CDROM</acronym>.</entry> + </row> - <listitem> - <para>Boot from CDROM.</para> - </listitem> - </varlistentry> + <row> + <entry><option>-s</option></entry> + <entry>Boot into single-user mode.</entry> + </row> - <varlistentry> - <term><option>-c</option></term> + <row> + <entry><option>-v</option></entry> + <entry>Be more verbose during kernel startup.</entry> + </row> + </tbody> + </tgroup> + </table> - <listitem> - <para>Run UserConfig, the boot-time kernel - configurator.</para> - </listitem> - </varlistentry> + <para>Once the kernel has finished booting, it passes control to + the user process &man.init.8;, which is located at + <filename>/sbin/init</filename>, or the program path specified + in the <envar>init_path</envar> variable in + <command>loader</command>. This is the last stage of the boot + process.</para> - <varlistentry> - <term><option>-s</option></term> + <para>The boot sequence makes sure that the file systems available + on the system are consistent. If a <acronym>UFS</acronym> file + system is not, and <command>fsck</command> + cannot fix the inconsistencies, + <application>init</application> drops the system into single-user mode so that the + system administrator can resolve the problem directly. Otherwise, + the system boots into multi-user mode.</para> - <listitem> - <para>Boot into single-user mode.</para> - </listitem> - </varlistentry> + <sect3 xml:id="boot-singleuser"> + <title>Single-User Mode</title> - <varlistentry> - <term><option>-v</option></term> + <indexterm><primary>single-user mode</primary></indexterm> + <indexterm><primary>console</primary></indexterm> - <listitem> - <para>Be more verbose during kernel startup.</para> - </listitem> - </varlistentry> - </variablelist> + <para>A user can specify this mode by + booting with <option>-s</option>, or by + setting the <envar>boot_ single</envar> variable in + <application>loader</application>. It can also be reached by + running <command>shutdown now</command> from + multi-user mode. Single-user mode begins with this message:</para> + + <programlisting>Enter full pathname of shell or RETURN for /bin/sh:</programlisting> + + <para>If the user presses <keycap>Enter</keycap>, the system + will enter the default Bourne shell. To specify a different + shell, input the full path to the shell.</para> + + <para>Single-user mode is usually used to repair a system that will not + boot due to an inconsistent file system or an error in a boot + configuration file. It can also be used to reset the + <systemitem class="username">root</systemitem> password when + it is unknown. These actions are possible as the single-user + mode prompt gives full, local access to the system and its + configuration files. There is no networking in this mode.</para> + + <para>While single-user mode is useful for repairing a system, + it poses a security risk unless the system is in a physically + secure location. By default, any user who can gain physical + access to a system will have full control of that system after + booting into single-user mode.</para> - <note> - <para>Refer to &man.boot.8; for more information on the other - boot flags.</para> - </note> + <para>If the system <literal>console</literal> is changed to + <literal>insecure</literal> in <filename>/etc/ttys</filename>, + the system will first prompt for the <systemitem + class="username">root</systemitem> password before + initiating single-user mode. This adds a measure of security + while removing the ability to reset the <systemitem + class="username">root</systemitem> password when it is + unknown.</para> + + <example xml:id="boot-insecure-console"> + <title>Configuring an Insecure Console in + <filename>/etc/ttys</filename></title> + + <programlisting># name getty type status comments +# +# If console is marked "insecure", then init will ask for the root password +# when going to single-user mode. +console none unknown off <replaceable>insecure</replaceable></programlisting> + </example> + + <para>An <literal>insecure</literal> console means that + physical security to the console is considered to be + insecure, so only someone who knows the <systemitem + class="username">root</systemitem> password may use + single-user mode.</para> + </sect3> + + <sect3 xml:id="boot-multiuser"> + <title>Multi-User Mode</title> + + <indexterm><primary>multi-user mode</primary></indexterm> + + <para>If <application>init</application> finds the file systems to be in order, or + once the user has finished their commands in single-user mode + and has typed <command>exit</command> to leave single-user mode, + the system enters + multi-user mode, in which it starts the resource configuration + of the system.</para> + + <indexterm><primary>rc files</primary></indexterm> + + <para>The resource configuration system reads in configuration + defaults from <filename>/etc/defaults/rc.conf</filename> and + system-specific details from + <filename>/etc/rc.conf</filename>. It then proceeds to mount + the system file systems listed in + <filename>/etc/fstab</filename>. It starts up networking + services, miscellaneous system daemons, then the startup + scripts of locally installed packages.</para> + + <para>To learn more about the resource configuration system, + refer to &man.rc.8; and examine the scripts located in + <filename>/etc/rc.d</filename>.</para> + </sect3> </sect2> </sect1> - <!-- <sect2 id="boot-kernel-userconfig"> <title>UserConfig: the Boot-time Kernel Configurator</title> @@ -809,95 +889,6 @@ bitmap_name="<replaceable>/boot/splash.b &man.kenv.1;, &man.loader.conf.5;, and &man.loader.8;.</para> </sect1> - <sect1 xml:id="boot-init"> - <title>Init: Process Control Initialization</title> - - <indexterm> - <primary>&man.init.8;</primary> - </indexterm> - - <para>Once the kernel has finished booting, it passes control to - the user process &man.init.8;, which is located at - <filename>/sbin/init</filename>, or the program path specified - in the <envar>init_path</envar> variable in - <command>loader</command>.</para> - - <para>The boot sequence makes sure that the file systems available - on the system are consistent. If they are not, and &man.fsck.8; - cannot fix the inconsistencies of a UFS file system, - &man.init.8; drops the system into single-user mode so that the - system administrator can resolve the problem directly.</para> - - <sect2 xml:id="boot-singleuser"> - <title>Single-User Mode</title> - - <indexterm><primary>single-user mode</primary></indexterm> - <indexterm><primary>console</primary></indexterm> - - <para>This mode can be reached through the automatic reboot - sequence, the user booting with <option>-s</option>, or by - setting the <envar>boot_ single</envar> variable in - &man.loader.8;.</para> - - <para>It can also be reached by calling &man.shutdown.8; from - multi-user mode (<xref linkend="boot-multiuser"/>) without - including <option>-r</option> or <option>-h</option>.</para> - - <para>If the system <literal>console</literal> is set to - <literal>insecure</literal> in <filename>/etc/ttys</filename>, - the system will prompt for the <systemitem - class="username">root</systemitem> password before - initiating single-user mode.</para> - - <example xml:id="boot-insecure-console"> - <title>An Insecure Console in - <filename>/etc/ttys</filename></title> - - <programlisting># name getty type status comments -# -# If console is marked "insecure", then init will ask for the root password -# when going to single-user mode. -console none unknown off insecure</programlisting> - </example> - - <note> - <para>An <literal>insecure</literal> console means that - physical security to the console is considered to be - insecure, so only someone who knows the <systemitem - class="username">root</systemitem> password may use - single-user mode. Thus, to add this measure of security, - choose <literal>insecure</literal>, instead of the default - of <literal>secure</literal>.</para> - </note> - </sect2> - - <sect2 xml:id="boot-multiuser"> - <title>Multi-User Mode</title> - - <indexterm><primary>multi-user mode</primary></indexterm> - - <para>If &man.init.8; finds the file systems to be in order, or - once the user has finished their commands in single-user mode - (<xref linkend="boot-singleuser"/>), the system enters - multi-user mode, in which it starts the resource configuration - of the system.</para> - - <indexterm><primary>rc files</primary></indexterm> - - <para>The resource configuration system reads in configuration - defaults from <filename>/etc/defaults/rc.conf</filename>, and - system-specific details from - <filename>/etc/rc.conf</filename>, and then proceeds to mount - the system file systems listed in - <filename>/etc/fstab</filename>. It starts up networking - services, miscellaneous system daemons, then the startup - scripts of locally installed packages.</para> - - <para>To learn more about the resource configuration system, - refer to &man.rc.8; and examine the scripts themselves.</para> - </sect2> - </sect1> - <sect1 xml:id="boot-shutdown"> <title>Shutdown Sequence</title>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404221549.s3MFnsjQ099449>