NOTES revision 1.2
1 1.2 cgd $NetBSD: NOTES,v 1.2 1995/03/18 14:56:29 cgd Exp $ 2 1.2 cgd 3 1.1 pk POSIX and init: 4 1.1 pk -------------- 5 1.1 pk 6 1.1 pk POSIX.1 does not define 'init' but it mentions it in a few places. 7 1.1 pk 8 1.1 pk B.2.2.2, p205 line 873: 9 1.1 pk 10 1.1 pk This is part of the extensive 'job control' glossary entry. 11 1.1 pk This specific reference says that 'init' must by default provide 12 1.1 pk protection from job control signals to jobs it starts -- 13 1.1 pk it sets SIGTSTP, SIGTTIN and SIGTTOU to SIG_IGN. 14 1.1 pk 15 1.1 pk B.2.2.2, p206 line 889: 16 1.1 pk 17 1.1 pk Here is a reference to 'vhangup'. It says, 'POSIX.1 does 18 1.1 pk not specify how controlling terminal access is affected by 19 1.1 pk a user logging out (that is, by a controlling process 20 1.1 pk terminating).' vhangup() is recognized as one way to handle 21 1.1 pk the problem. I'm not clear what happens in Reno; I have 22 1.1 pk the impression that when the controlling process terminates, 23 1.1 pk references to the controlling terminal are converted to 24 1.1 pk references to a 'dead' vnode. I don't know whether vhangup() 25 1.1 pk is required. 26 1.1 pk 27 1.1 pk B.2.2.2, p206 line 921: 28 1.1 pk 29 1.1 pk Orphaned process groups bear indirectly on this issue. A 30 1.1 pk session leader's process group is considered to be orphaned; 31 1.1 pk that is, it's immune to job control signals from the terminal. 32 1.1 pk 33 1.1 pk B.2.2.2, p233 line 2055: 34 1.1 pk 35 1.1 pk 'Historically, the implementation-dependent process that 36 1.1 pk inherits children whose parents have terminated without 37 1.1 pk waiting on them is called "init" and has a process ID of 1.' 38 1.1 pk 39 1.1 pk It goes on to note that it used to be the case that 'init' 40 1.1 pk was responsible for sending SIGHUP to the foreground process 41 1.1 pk group of a tty whose controlling process has exited, using 42 1.1 pk vhangup(). It is now the responsibility of the kernel to 43 1.1 pk do this when the controlling process calls _exit(). The 44 1.1 pk kernel is also responsible for sending SIGCONT to stopped 45 1.1 pk process groups that become orphaned. This is like old BSD 46 1.1 pk but entire process groups are signaled instead of individual 47 1.1 pk processes. 48 1.1 pk 49 1.1 pk In general it appears that the kernel now automatically 50 1.1 pk takes care of orphans, relieving 'init' of any responsibility. 51 1.1 pk Specifics are listed on the _exit() page (p50). 52 1.1 pk 53 1.1 pk On setsid(): 54 1.1 pk ----------- 55 1.1 pk 56 1.1 pk It appears that neither getty nor login call setsid(), so init must 57 1.1 pk do this -- seems reasonable. B.4.3.2 p 248 implies that this is the 58 1.1 pk way that 'init' should work; it says that setsid() should be called 59 1.1 pk after forking. 60 1.1 pk 61 1.1 pk Process group leaders cannot call setsid() -- another reason to 62 1.1 pk fork! Of course setsid() causes the current process to become a 63 1.1 pk process group leader, so we can only call setsid() once. Note that 64 1.1 pk the controlling terminal acquires the session leader's process 65 1.1 pk group when opened. 66 1.1 pk 67 1.1 pk Controlling terminals: 68 1.1 pk --------------------- 69 1.1 pk 70 1.1 pk B.7.1.1.3 p276: 'POSIX.1 does not specify a mechanism by which to 71 1.1 pk allocate a controlling terminal. This is normally done by a system 72 1.1 pk utility (such as 'getty') and is considered ... outside the scope 73 1.1 pk of POSIX.1.' It goes on to say that historically the first open() 74 1.1 pk of a tty in a session sets the controlling terminal. P130 has the 75 1.1 pk full details; nothing particularly surprising. 76 1.1 pk 77 1.1 pk The glossary p12 describes a 'controlling process' as the first 78 1.1 pk process in a session that acquires a controlling terminal. Access 79 1.1 pk to the terminal from the session is revoked if the controlling 80 1.1 pk process exits (see p50, in the discussion of process termination). 81 1.1 pk 82 1.1 pk Design notes: 83 1.1 pk ------------ 84 1.1 pk 85 1.1 pk your generic finite state machine 86 1.1 pk we are fascist about which signals we elect to receive, 87 1.1 pk even signals purportedly generated by hardware 88 1.1 pk handle fatal errors gracefully if possible (we reboot if we goof!!) 89 1.1 pk if we get a segmentation fault etc., print a message on the console 90 1.1 pk and spin for a while before rebooting 91 1.1 pk (this at least decreases the amount of paper consumed :-) 92 1.1 pk apply hysteresis to rapidly exiting gettys 93 1.1 pk check wait status of children we reap 94 1.1 pk don't wait for stopped children 95 1.1 pk don't use SIGCHILD, it's too expensive 96 1.1 pk but it may close windows and avoid races, sigh 97 1.1 pk look for EINTR in case we need to change state 98 1.1 pk init is responsible for utmp and wtmp maintenance (ick) 99 1.1 pk maybe now we can consider replacements? maintain them in parallel 100 1.1 pk init only removes utmp and closes out wtmp entries... 101 1.1 pk 102 1.1 pk necessary states and state transitions (gleaned from the man page): 103 1.1 pk 1: single user shell (with password checking?); on exit, go to 2 104 1.1 pk 2: rc script: on exit 0, go to 3; on exit N (error), go to 1 105 1.1 pk 3: read ttys file: on completion, go to 4 106 1.1 pk 4: multi-user operation: on SIGTERM, go to 7; on SIGHUP, go to 5; 107 1.1 pk on SIGTSTP, go to 6 108 1.1 pk 5: clean up mode (re-read ttys file, killing off controlling processes 109 1.1 pk on lines that are now 'off', starting them on lines newly 'on') 110 1.1 pk on completion, go to 4 111 1.1 pk 6: boring mode (no new sessions); signals as in 4 112 1.1 pk 7: death: send SIGHUP to all controlling processes, reap for 30 seconds, 113 1.1 pk then go to 1 (warn if not all processes died, i.e. wait blocks) 114 1.1 pk Given the -s flag, we start at state 1; otherwise state 2 115
Indexes created Thu Sep 25 16:09:42 GMT 2025