This chapter builds on the material supplied in the ChorusOS 5.0 Installation Guide and describes the ChorusOS operating system in terms of the system image and the basic and extended profiles.
The ChorusOS operating system is supplied with two standard images:
kernonly
, which contains the microkernel
only and provides a minimal base for porting.
chorus
, which contains a full system
image allowing configuration of the whole feature set.
For information about system image components, see "System Image Components"
Refer to the ChorusOS 5.0 Installation Guide for information about
downloading and building the kernonly
and chorus
system images from the distribution. For a definition
of the system image, see "the ChorusOS System Image" in ChorusOS
5.0 Application Developer's Guide.
Follow the boot instructions specific to your target, as described in the ChorusOS 5.0 Installation Guide. Further booting information can be found in "The ChorusOS Boot Program" in ChorusOS 5.0 Board Support Package Developer's Guide.
An actor is the unit of encapsulation of resources with regard to the ChorusOS
microkernel. The special actor called C_INIT
is dedicated
to administrative commands. The commands contained within C_INIT
can be accessed either locally in console mode or remotely from
the host, using a remote shell as rsh. See "C_INIT Actor".
For more information on rsh, see "Communicating with the Target Using rsh"
.
Application actors can either be loaded at boot time, as described in
the "ChorusOS Actors" in ChorusOS 5.0 Application Developer's
Guide, or dynamically using the C_INIT
loading facility. Dynamic loading of actors is also described in further detail
in "Execution Environment of Actors and Processes" in ChorusOS
5.0 Application Developer's Guide.
The conf/sysadm.ini file, which is
embedded in the system image, is used to specify system initialization commands.
The file is read from the /image/sys_bank directory.
Each entry of this file is a command to be executed by C_INIT
during the microkernel boot. Typical operations in sysadm.ini are network configuration, device initialization and
file system mount.
The sysadm.ini file is not accessed remotely at boot time but is included in the system image. Further information on how sysadm.ini is used at start-up is described in "System Start-up".
See also sysadm.ini(4CC) for more information.
The C_INIT
actor
provides administrative commands for the following:
file system management, such as partitioning a disk and mounting a file system. This is described in Chapter 3, Introduction to ChorusOS File System Administration.
network configuration, such as defining IP addresses and initializing network interfaces. This is described in Part III.
device management, such as binding a high level service (file
system, networking, tty
management) to an actual
device driver. This is described in "Special Device Driver Files".
Here are the most frequently used C_INIT
commands:
mknod: defines special device files.
mkdev: binds high level services to an instance of a device driver.
mount, umount: mounts and unmounts file systems.
arun: launches executables.
ifconfig: defines IP addresses.
route, rarp, netstat, ppp, ping: miscellaneous networking commands.
memstat, chorusStat: prints system statistics.
setenv, unsetenv, echo, help, sleep, reboot, shutdown: miscellaneous system commands.
rshd, console, source: specifies the device from which commands can be accepted:
rshd: from a host through rsh.
console: from system console.
source: from a file.
See C_INIT(1M) for a complete description.
These commands are invoked at system start-up, described in the following
section, and later during the life of the system. During the life of the system,
the C_INIT
actor executes commands from the system
console, or from a remote host through rsh.
For the ChorusOS operating system, commands that would in conventional
UNIX systems be run through a shell are in fact run through rsh.
The rsh command executes a command on a remote host, passing
its input and receiving its output. When the ChorusOS 5.0 operating system
image including the rsh feature is booted on the target
machine, the C_INIT
actor interprets the commands
sent from the host through rsh. (See the rshd man page on your host). To see the list of the options available,
type:
% rsh target help |
where target is the target name or IP address.
The following information is displayed by the C_INIT
actor:
C_INIT ChorusOS 5.0.0- valid commands that deal with: File Systems: mount [[-t nfs|ufs|msdosfs|pdevfs] host:pathname|special_file [mount_point]] umount [-v|-F|-f|-a|-t nfs|ufs|msdosfs|pdevfs] [special_file] swapon [mount_point] Actors: arun [-g rgid] [-S | -U] [-k] [-T] [-d] [-q] [-D] [-Z] [-xip] path [args] akill [-s site] {-g rgid | [-c] pid } aps umask [mode] ulimit [-HSafn] [limit] Environment variables: setenv var value unsetenv var env Networks: route netstat ping host ifconfig ifwait ifname [timeout, default infinite] rarp ethernet_interface_name pppd pppclose device pppstop ethIpcStackAttach [dtreepath] ftpd tftpd Devices: mknod name [b | c] major minor dtree mkdev name unit [dtreepath] This Target: reboot restart memstat This shell: echo string source filename sleep [time in seconds, default=1s] help console rshd chorusStat shutdown -i 0|1|2|3 |
For details of these commands, see C_INIT(1M).
At system start-up,
the C_INIT
actor executes these steps:
Sets up an initial virtual file system.
Executes commands from the configuration file sysadm.ini.
Executes commands from /etc/rc.chorus when a root file system is mounted (see C_INIT(1M)).
If the target has a valid IPv4 address, the file /etc/rc.chorus.<ip_address> is selected, if it exists, instead of /etc/rc.chorus. This must be written in the usual dot notation, for example: 192.82.231.1 for IPv4 addresses. IPv6 addresses will be selected arbitrarily by the system; see IPv6 (7P) for further details.
The initial virtual file system in step 1 contains only two directories, /dev and /image/sys_bank. The /dev directory, initially empty, is used for the definition of special devices, like /dev/tty01. The /image/sys_bank directory contains all the components in the boot image:
system actors such as C_INIT
and
drivers.
system configuration files (sysadm.ini).
user-defined configuration files and executables.
All of these components can be accessed like the files in an ordinary file system, using their path, for example: /image/sys_bank/sysadm.ini.
The relationship between the conf/sysadmin.ini in the build directory and the /image/sys_bank in the target pseduo filesystem is that conf/sysadmin.ini is used to specify system initialization commands. This file is embedded in the system image during the build and stored in the /image/sys_bank directory.
To access /dev and /image directories on the virtual file system, dev and image directories must be present on your root file system, and this root file system must be mounted.
In step 2, the C_INIT
actor executes commands
from the configuration file called sysadm.ini. This file
contains all the commands needed for the initial administration of the system,
including networking, file system management and device management.
The sysadm.ini file can be customized. On the host, it is located in the conf subdirectory of the ChorusOS build directory. This file is automatically embedded in the boot image, in the /image/sys_bank/sysadm.ini file of the initial file system. This allows you to configure embedded targets that do not have access to a local or remote file system.
The C_INIT
actor authenticates
users issuing commands from the host.
The ChorusOS operating system can be configured in secure mode, where
remote host access is checked through the /etc/security
administration file, located on the target root file system (see security(4CC)). In addition,
users' credentials may be specified in this file, overriding default C_INIT
configuration values.
If an /etc/security file exists, it must have read
permissions for everybody to allow C_INIT
to read
it with the default credentials (user identifier 0 and group identifier 0).
Secure mode is then activated. In this mode, C_INIT
authenticates every command it receives from the host. Authentication can
fail for two reasons:
The user name of the remote user which issued the rsh command is not found in the security file.
The remote host, from which the rsh command came, is not in the remote host's list of users.
In this case, a permission denied message is sent back to the host and the command is aborted.
If the authentication procedure succeeds, the user's privilege credentials
(user identifier or uid, group identifier or gid and additional groups) are read from the security file. Trusted
users have access to the full set of C_INIT
commands.
The ChorusOS operating system also features the ability to manage users' passwords through its password management feature. Related files are located in /etc/master.passwd and /etc/group. The introduction of these files to the ChorusOS operating system enables more flexible security management, in addition to the standard /etc/security file. You can choose to enable the password management feature by running pwd_mkdb.
The C_INIT
daemon can run in non-secure
mode, in secure mode or in password mode. If C_INIT
is running in password mode the login name of the user is first identified
in /etc/spwd.db, and then in /etc/security for additional information, such as remote host access permission.
If the latter file does not exist, default values apply. If C_INIT
is running in secure mode, the login name of the user is identified
only in /etc/security.
If C_INIT
is runing in non-secure mode, every
user is treated as a trusted user and inherits the C_INIT
default credentials , uid 0 and gid 0. These are by default zero.
In this case, if the host machine has exported the file system to be
mounted with the default mapping of root to nobody
,
it is necessary that read and execute permissions for the target executable
files be given to everybody. Otherwise C_INIT
will
not have the right to execute the application binaries.
To override the default credentials uid 0 and gid 0, you can use environment variables; these enable you to modify the system dynamically. To modify the deafult credentials:
$ rsh target setenv |
Another way to circumvent the problem of C_INIT
not having the right to execute the application binaries is by inhibiting
the mapping of root to nobody
on the host.
The /etc/ldap.conf file contains information about the location of the LDAP server for password management. Information about this file is contained in ldap.conf(4CC).
Further information on password management and how it affects various secure operations in this version of the ChorusOS operating system can be found in these man pages: getpwnam(3STDC), getgrent(3STDC), ,passwd(1M), pwd_mkdb(1M). group(4CC), rshd(1M), ftpd(1M), telnetd(1M).
SYSTEM_DUMP
UtilityThis feature requires to you to have the HOT_RESTART
and BLACKBOX
features
set to true. You must also have a TFTP daemon running on the host server.
If a microkernel crash occurs in the ChorusOS operating system, the SYSTEM_DUMP
feature enables you to read blackbox
information. If the microkernel raises an exception, the SYSTEM_DUMP
panic handler saves specific information. This is
dumped into a persistent memory area, allocated at boot time. The feature
then forces a hot reboot to reset the microkernel to a stable state. After
reboot, a special actor called the system dump actor
uses TFTP to dump an ASCII file on your predetermined host.
This ASCII file contains the information contained in the BLACKBOX
facility.
The iom.wdt.sysdump
tunable is common to both system dump
and watchdog timer. The value of iom.wdt.sysdump
is set to 0 by default.
If the value of this tunable is set to 1, SYSTEM_DUMP
is true and the watchdog
timer feature, (feature name: WDT
) is true, a system
dump is triggered on the host server when the watchdog timer expires.
For more information, consult SYSTEM_DUMP(5FEA).
The essential management utilities offered by the ChorusOS operating system include:
Netboot: Boots the ChorusOS operating system remotely using TFTP, when the target does not provide an embedded boot facility.
Default Console: Directs all console I/O to a local display or to a remote host via a serial line.
Remote Shell: Executes commands remotely on the target from the host. In particular, this feature allows applications to be loaded dynamically.
Resource Status: Lists the current status of all operating system resources, for example, actors, threads and memory.
Logging (Feature name:LOG
): Logs operating system
events as they occur on the target.
Monitoring (Feature name:MON
). Monitors operating system objects, so that user defined
routines are called when certain operations are performed on specified objects.
Watchdog Timer: Monitors the ChorusOS operating system and, should a crash
occur, the timer expires. Diagnostic information is then collected, if possible,
as described in the "System Crash
and the SYSTEM_DUMP
Utility". This implementation of the WDT
API supports a maximum of one watchdog
timer.
Black Box: Comprises a set of microkernel ring buffers to provide real time collection and storage of historical event information leading up to a system failure.
When actors use the ChorusOS Console Input/Output Application Programming Interface, (API), all I/O operations (such as printf() and scanf()) are directed to the system console of the target. Other APIs available include the Microkernel API, the Private Data API and the Standard-C API. These are described in "ChorusOS APIs" in ChorusOS 5.0 Application Developer's Guide.
If an application uses the ChorusOS POSIX Input/Output API and is spawned from the host with rsh, the standard input and output of the application will be inherited from the rsh program and sent to the terminal emulator on the host on which the rsh command was issued.