The extended environment is provided in the ChorusOS 4.0 release and comes with a special actor called C_INIT
which is dedicated to administrative commands.
Within the extended environment, application actors can either be loaded at boot time, as described in the previous section, or dynamically using the C_INIT
loading facility. Dynamic loading of actors is described in "Running the "Hello World" Example".
The conf/sysadm.ini file is used to specify system initialization commands. Each entry of this file is a command to be executed by C_INIT
during the kernel boot. Typical operations in sysadm.ini are network configuration, device initialization, file system mount. See "System Administration in the Extended Environment" for details.
The sysadm.ini file is not accessed remotely at boot time but is included in the system image.
When the ChorusOS operating system image including the RSH
feature is booted on the target machine, the C_INIT
daemon interprets the commands sent from the host through rsh (see the rshd manpage on your host). For example, to list the options available, type:
% rsh target help |
The following information is displayed by the C_INIT
actor:
C_INIT ChorusOS 4.0.0- valid commands that deal with: File Systems: mount [[-t nfs|ufs|msdosfs|pdevfs] host:pathname|special_file [mount_point]] umount [-v|-F|-f|-a|-t nfs|ufs|msdosfs|pdevfs] [special_file] swapon [mount_point] Actors: arun [-g rgid] [-S | -U] [-k] [-T] [-d] [-q] [-D] [-Z] [-xip] path [args] akill [-s site] {-g rgid | [-c] aid } aps umask [mode] ulimit [-HSafn] [limit] Environment variables: setenv var value unsetenv var env Networks: route netstat ping host ifconfig ifwait ifname [timeout, default infinite] rarp ethernet_interface_name pppd pppclose device pppstop ethIpcStackAttach [dtreepath] Devices: mknod name [b | c] major minor dtree mkdev name unit [dtreepath] This Target: reboot restart memstat This shell: echo string source filename sleep [time in seconds, default=1s] help console rshd chorusStat shutdown -i 0|1|2|3 |
For details of these commands, see C_INIT(1M).
The NFS root file system to be mounted on the target is generated in the ChorusOS operating system build directory by the command:
% make root |
This command populates the build directory with the root directory that contains binary and configuration files to be accessed by the target system.
At start-up, the C_INIT
daemon reads the sysadm.ini configuration file and executes all the commands. See sysadm.ini(4CC) for more information. This configuration file may contain instructions to mount the root file system. For example:
% mount hostaddr:chorus_root_directory / |
If there are no root file system mount instructions in your sysadm.ini file, you must mount the root file system explicitly from the shell:
% rsh target mount hostaddr:chorus_root_directory / |
where target is the name of the target, or its IP address, hostaddr is the IP address of the NFS host in decimal form (for example 192.82.231.1), and chorus_root_directory is the path of the target root directory on the NFS host (for example /home/chorus/root).
When the mount of the root file system is successful, the C_INIT
daemon displays, for example, the following message:
C_INIT: 192.82.231.1:/home/chorus/root mounted as root file system
The next message from C_INIT
depends on whether the /etc/security file exists in the target root directory /home/chorus/root. If /etc/security exists, C_INIT
displays:
C_INIT: system in secured mode
If /etc/security does not exist, C_INIT
displays:
C_INIT: notice - system not in secured mode
You can check that the root file system is mounted using:
% rsh target mount |
Make sure that the file system containing the /home/chorus/root directory can be accessed by NFS from the remote ChorusOS target.
The C_INIT
daemon authenticates users issuing commands from the host.
The ChorusOS operating system can be configured in secure mode, where remote host access is checked through the /etc/security administration file, located on the target root file system (see security(4CC)). In addition, users' credentials may be specified in this file, overriding default C_INIT
configuration values.
If an /etc/security file exists, it must have read permissions for everybody to allow C_INIT
to read it with the default credentials (user identifier 0 and group identifier 0). Secure mode will then be activated. In this mode, C_INIT
authenticates every command it receives from the host. Authentication will fail for two reasons:
The user name of the remote user which issued the rsh command is not found in the security file.
The remote host from which the rsh command came is not in the remote host's list of users.
In this case, a permission denied message is sent back to the host and the command is aborted.
If the authentication procedure succeeds, the user's privilege credentials (user identifier or uid, group identifier or gid and additional groups) are read from the security file. Trusted users have access to the full set of C_INIT
commands.
In non-secured mode, every user is treated as a trusted user and inherits the C_INIT
default credentials (uid 0 and gid 0). In this case, if the host machine has exported the file system to be mounted with the default mapping of root to nobody
, it is necessary that read and execute permissions for the target executable files be given to everybody. Otherwise C_INIT
will not have the right to execute the application binaries.
Another way to circumvent this problem is by inhibiting that mapping of root to nobody
on the host. Please consult your system administrator about this.