NOTES revision 1.1
1 1.1 pk POSIX and init: 2 1.1 pk -------------- 3 1.1 pk 4 1.1 pk POSIX.1 does not define 'init' but it mentions it in a few places. 5 1.1 pk 6 1.1 pk B.2.2.2, p205 line 873: 7 1.1 pk 8 1.1 pk This is part of the extensive 'job control' glossary entry. 9 1.1 pk This specific reference says that 'init' must by default provide 10 1.1 pk protection from job control signals to jobs it starts -- 11 1.1 pk it sets SIGTSTP, SIGTTIN and SIGTTOU to SIG_IGN. 12 1.1 pk 13 1.1 pk B.2.2.2, p206 line 889: 14 1.1 pk 15 1.1 pk Here is a reference to 'vhangup'. It says, 'POSIX.1 does 16 1.1 pk not specify how controlling terminal access is affected by 17 1.1 pk a user logging out (that is, by a controlling process 18 1.1 pk terminating).' vhangup() is recognized as one way to handle 19 1.1 pk the problem. I'm not clear what happens in Reno; I have 20 1.1 pk the impression that when the controlling process terminates, 21 1.1 pk references to the controlling terminal are converted to 22 1.1 pk references to a 'dead' vnode. I don't know whether vhangup() 23 1.1 pk is required. 24 1.1 pk 25 1.1 pk B.2.2.2, p206 line 921: 26 1.1 pk 27 1.1 pk Orphaned process groups bear indirectly on this issue. A 28 1.1 pk session leader's process group is considered to be orphaned; 29 1.1 pk that is, it's immune to job control signals from the terminal. 30 1.1 pk 31 1.1 pk B.2.2.2, p233 line 2055: 32 1.1 pk 33 1.1 pk 'Historically, the implementation-dependent process that 34 1.1 pk inherits children whose parents have terminated without 35 1.1 pk waiting on them is called "init" and has a process ID of 1.' 36 1.1 pk 37 1.1 pk It goes on to note that it used to be the case that 'init' 38 1.1 pk was responsible for sending SIGHUP to the foreground process 39 1.1 pk group of a tty whose controlling process has exited, using 40 1.1 pk vhangup(). It is now the responsibility of the kernel to 41 1.1 pk do this when the controlling process calls _exit(). The 42 1.1 pk kernel is also responsible for sending SIGCONT to stopped 43 1.1 pk process groups that become orphaned. This is like old BSD 44 1.1 pk but entire process groups are signaled instead of individual 45 1.1 pk processes. 46 1.1 pk 47 1.1 pk In general it appears that the kernel now automatically 48 1.1 pk takes care of orphans, relieving 'init' of any responsibility. 49 1.1 pk Specifics are listed on the _exit() page (p50). 50 1.1 pk 51 1.1 pk On setsid(): 52 1.1 pk ----------- 53 1.1 pk 54 1.1 pk It appears that neither getty nor login call setsid(), so init must 55 1.1 pk do this -- seems reasonable. B.4.3.2 p 248 implies that this is the 56 1.1 pk way that 'init' should work; it says that setsid() should be called 57 1.1 pk after forking. 58 1.1 pk 59 1.1 pk Process group leaders cannot call setsid() -- another reason to 60 1.1 pk fork! Of course setsid() causes the current process to become a 61 1.1 pk process group leader, so we can only call setsid() once. Note that 62 1.1 pk the controlling terminal acquires the session leader's process 63 1.1 pk group when opened. 64 1.1 pk 65 1.1 pk Controlling terminals: 66 1.1 pk --------------------- 67 1.1 pk 68 1.1 pk B.7.1.1.3 p276: 'POSIX.1 does not specify a mechanism by which to 69 1.1 pk allocate a controlling terminal. This is normally done by a system 70 1.1 pk utility (such as 'getty') and is considered ... outside the scope 71 1.1 pk of POSIX.1.' It goes on to say that historically the first open() 72 1.1 pk of a tty in a session sets the controlling terminal. P130 has the 73 1.1 pk full details; nothing particularly surprising. 74 1.1 pk 75 1.1 pk The glossary p12 describes a 'controlling process' as the first 76 1.1 pk process in a session that acquires a controlling terminal. Access 77 1.1 pk to the terminal from the session is revoked if the controlling 78 1.1 pk process exits (see p50, in the discussion of process termination). 79 1.1 pk 80 1.1 pk Design notes: 81 1.1 pk ------------ 82 1.1 pk 83 1.1 pk your generic finite state machine 84 1.1 pk we are fascist about which signals we elect to receive, 85 1.1 pk even signals purportedly generated by hardware 86 1.1 pk handle fatal errors gracefully if possible (we reboot if we goof!!) 87 1.1 pk if we get a segmentation fault etc., print a message on the console 88 1.1 pk and spin for a while before rebooting 89 1.1 pk (this at least decreases the amount of paper consumed :-) 90 1.1 pk apply hysteresis to rapidly exiting gettys 91 1.1 pk check wait status of children we reap 92 1.1 pk don't wait for stopped children 93 1.1 pk don't use SIGCHILD, it's too expensive 94 1.1 pk but it may close windows and avoid races, sigh 95 1.1 pk look for EINTR in case we need to change state 96 1.1 pk init is responsible for utmp and wtmp maintenance (ick) 97 1.1 pk maybe now we can consider replacements? maintain them in parallel 98 1.1 pk init only removes utmp and closes out wtmp entries... 99 1.1 pk 100 1.1 pk necessary states and state transitions (gleaned from the man page): 101 1.1 pk 1: single user shell (with password checking?); on exit, go to 2 102 1.1 pk 2: rc script: on exit 0, go to 3; on exit N (error), go to 1 103 1.1 pk 3: read ttys file: on completion, go to 4 104 1.1 pk 4: multi-user operation: on SIGTERM, go to 7; on SIGHUP, go to 5; 105 1.1 pk on SIGTSTP, go to 6 106 1.1 pk 5: clean up mode (re-read ttys file, killing off controlling processes 107 1.1 pk on lines that are now 'off', starting them on lines newly 'on') 108 1.1 pk on completion, go to 4 109 1.1 pk 6: boring mode (no new sessions); signals as in 4 110 1.1 pk 7: death: send SIGHUP to all controlling processes, reap for 30 seconds, 111 1.1 pk then go to 1 (warn if not all processes died, i.e. wait blocks) 112 1.1 pk Given the -s flag, we start at state 1; otherwise state 2 113
Indexes created Fri Sep 26 20:09:58 GMT 2025