ChorusOS man pages section 1M: System Management Utilities

C_INIT(1M)

NAME

C_INIT- initial ChorusOS actor and command interpreter

SYNOPSIS

C_INIT is not invoked by a user, but by the ChorusOS system

FEATURES:

RSH, LOCAL_CONSOLE

DESCRIPTION

C_INIT is a supervisor process loaded at system startup. It provides a command interpreter, enabling administration of the ChorusOS target system.

The command interpreter may be accessed in two ways, either from the host system using the rsh(1) protocol, or through a local console. C_INIT may be configured to support one or both of these methods. The RSH feature enables support for the rshd protocol within C_INIT. The LOCAL_CONSOLE feature enables support for the local console. Both can be set at the same time.

The C_INIT actor is also responsible for authentication of users who issue C_INIT commands

The ChorusOS system can be configured in passwd mode such that remote host access is checked against the administration files, spwd.db (see pwd_mkdb(1M) and group(4CC)) or in secure mode (if the passwd mode is not enabled) such that remote host access is checked against the administration file, security(4CC). User credentials specified in the spwd.db and group administration files override credentials specified in in the security administration file, which themselves override the default configuration values cited below.

C_INIT has two environment variables:

CINIT_DEFAULTGID, default credential: group ID given to the user at initialization time (see /etc/security).
CINIT_DEFAULTUID, default credential: user ID given to the user at initialization time (see /etc/security)..

SYSTEM INITIALIZATION

Once ChorusOS is launched, it automatically mounts a pseudo root file system. Once C_INIT is launched, it automaticallyand creates a /dev special files directory in which it creates a console node. The system also creates a /image directory into which it mounts the contents of the system image as a read-only, FAT 12 file system, in /image/sys_bank. This provides the C_INIT actor with access to the console and to the contents of the system image. Other memory banks, if they exist, are also mounted under /image.

Next, C_INIT executes the commands in the file /image/sys_bank/sysadm.ini. The commands in this file generally pertain to special device file creation and network initialization. See sysadm.ini(4CC) for details. Usually one of the commands in sysadm.ini mounts a new root file system for the target. For example:

mount host:/export/work/ChorusOS/root/

The new root file system supercedes the existing pseudo root file system. However, the contents of /dev and /image/sys_bank remain accessible if dev and image directories are created in the new root file system.

When mounting the root file system, you must ensure that the correct execution environment is available under the root mount point. If the root mount point is incorrect, there is no option other than to reboot the system.

C_INIT then attempts to execute /etc/rc.chorus.target.system.IP.address (rc.chorus(4CC)), or alternatively, /etc/rc.chorus if /etc/rc.chorus.target.system.IP.address is not available. Note therefore that C_INIT only finds the rc.chorus file if one of the commands in sysadm.ini mounts a complete root file system for the target.

Finally, C_INIT attempts to read /etc/security and to activate secure mode.

PASSWD

C_INIT relies on the information in the spwd.db and group files to authenticate users after it activates passwd mode.File spwd.db is generated from pwd_mkdb(1M). As explained above, passwd mode is activated as the last step of system initialization. As a result, C_INIT normally performs authentication for all commands issued after it executes the sysadm.ini and rc.chorus files.

In passwd mode, authentication fails when a user issues a > command through rsh from a remote host if:

The user name of the remote user is not listed in the spwd.db file.
The remote host does not appear in the list of remote hosts in the security file entry for the user.
The user is not TRUSTED, and the command may only be executed by a TRUSTED user.

When authentication fails, a permission denied message is sent back to the host and the command is aborted. If authentication succeeds, the user's credentials (uid, gid and additional groups) are read from the spwd.db and group files. Rest of authentification is then similar to authentification for the secure mode (see below)).

SECURITY

C_INIT relies on the information in the security(4CC) file to authenticate users after it activates secure mode. As explained above, secure mode is activated as the last step of system initialization. As a result, C_INIT normally performs authentication for all commands issued after it executes the sysadm.ini and rc.chorus files.

In secure mode, authentication fails when a user issues a command through rsh from a remote host if:

The user name of the remote user is not listed in the security file.
The remote host does not appear in the list of remote hosts in the security file entry for the user.
The user is not TRUSTED, and the command may only be executed by a TRUSTED user.

When authentication fails, a permission denied message is sent back to the host and the command is aborted. If authentication succeeds, the user's privilege (TRUSTED or not) and credentials (uid, gid and additional groups) are read from the security file. TRUSTED users have access to all C_INIT commands, including many system administration commands.

The local console user is TRUSTED and has default credentials.

If C_INIT cannot read /etc/security, it does not activate secure mode. All users are TRUSTED and have default credentials (root, uid=gid=0). From the host server, the credentials appear as "nobody".

C_INIT BUILT-IN COMMANDS

Remote hosts communicate with C_INIT through the rsh command on the host. Commands therefore take the form:

rsh target_name C_INIT_command

C_INIT processes commands synchronously, in the order in which they are received. When using C_INIT to run actors that should not terminate (daemons), an ampersand, &, must be added to the end of the command.

The following operators allow redirection in C_INIT commands:

<: Redirects standard input.
>: Redirects standard output to a file. If the file exists, its contents are overwritten. If the file does not exist, it is created.
>&: Redirects standard output and standard error to a file. If the file exists, its contents are overwritten. If the file does not exist, it is created.
>>: Appends standard output. Similar to >, except that it places output at the end of the file rather than overwriting the content of the file.
>>&: Appends standard output and standard error. Similar to >&, except that it places output at the end of the file rather than overwriting the content of the file.

The following C_INIT built-in commands are available. A number of these are also available as dynamically loadable, standalone commands.

pdump: Dumps the core image of a process or process.
akill: Kills a process.
aps: Displays a list of all processes running on the target system.
arun: Runs actor_name on the target system and reports the actor ID of the new process.
cd: Change current directory.
console: If the LOCAL_CONSOLE feature is set to true, console starts a thread within the C_INIT actor that runs a command interpreter in an infinite loop to read input from the console of the target system.
dtree: Displays all connected devices in the target device tree.
echo: Echoes arguments to standard output.
env: Displays the current environment.
ethIpcStackAttach: If the IOM_IPC feature is set to true, the C_OS actor includes an IPC stack. ethIpcStackAttach attaches the IPC stack to an Ethernet device handled by the C_OS.
help: Displays a brief message summarizing available commands.
ifconfig: Configures a network interface or network interface parameters.
ifwait: Waits for an interface to be set up.
memstat: Displays information about current memory usage, including total memory size, current free memory and current locked memory, in bytes.
mkdev: Creates an interface in the C_OS actor.
mknod: Creates a device in the /dev directory.
mount: Adds a file system to the existing directory hierarchy. Such use of the command is restricted to TRUSTED users. The command may also be used without arguments or with the -v option only, in which case it displays a list of currently mounted filesystems.
netstat: Displays the state of network interfaces.
pdump: Dumps the core image of a process.
ping: Requests an ICMP ECHO_RESPONSE from the specified host.
pppclose: Requests that the pppstart daemon close a PPP line previously opened using pppd on device.
pppd: Requests that the pppstart daemon start a thread to open a PPP line on device.
pppstop: Disables PPP services on the target system by killing the pppstart daemon.
rarp: Sets the IP address of the Ethernet interface ifname.
reboot: Kills all processes on the target system, including C_INIT, as if akill had been used for each process. It synchronizes and unmounts all mounted file systems, and then reboots the target system.
restart: Equivalent to shutdown -i 1 command.
route: Can be used as a C_INIT command that makes it possible to operate directly on the target system routing table.
rshd: If the RSH feature is set to true, rshd starts a thread within the C_INIT actor that runs a command interpreter in an infinite loop to read input from remote systems using the remote shell protocol.
setenv: Sets the environment variable envar to value and adds the variable to the environment.
shutdown: Brings the system to the state specified (0, 1, 2 or 3) as an argument to the -i.
sleep: Suspends execution of the current thread for a number of seconds, or one second if the number of seconds is not specified.
source: Reads and executes commands in filename. This command may not be nested; do not include source filename from a file that is read using the source command.
swapon: If the FS_MAPPER, ON_DEMAND_PAGING and VIRTUAL_ADDRESS_SPACE features are set to true, swapon can be used to specify an additional local device on which paging and swapping are to take place.
ulimit: Sets or displays resource limits.
umask: Displays or sets the file creation mask for C_INIT.
umount: Unmounts the currently mounted file system specified either by mount_point or special_file, regardless of the type of file system that is currently mounted.
unsetenv: Deletes the instance of variable envar from the environment.

WARNINGS

These built-in commands can become unreachable if:

An invalid root (or a root which does not contain the image directory) is mounted.
A valid root is mounted with NFS and the Ethernet device driver is shut down (using mngt(9DDI)). The Ethernet interface cannot then be turned on; the ifconfig(1M) command cannot be executed by a local actor.
A valid root is mounted but built-in commands are hidden by binaries of the same name.

When mounting the root file system, it is the user's responsibility to ensure that a correct executing environment is available under the root mount point. If not, the system will have to be rebooted.

EXAMPLES

The following example creates several device interfaces and device nodes required for PPP:

mkdev tty 0 /pci/pci-isa/ns16550-2
mkdev tty 1 /pci/pci-isa/ns16550-3
mknod /dev/tty01 c 0 0
mknod /dev/tty01 c 0 1
mkdev bpf 0
mkdev bpf 1
mknod /dev/bpf0 c 23 0
mknod /dev/bpf1 c 23 1

First, two tty interfaces are bound to serial ports and their nodes created. PPP binds to these nodes at runtime. Next, two BSD packet filter interfaces are created with their corresponding nodes. Note that the bpf interfaces are not bound to hardware devices.

The following example uses ifwait while initializing a PPP line, and may be used in the system initialization file, sysadm.ini:

arun /image/sys_bank/pppstart &
pppd /dev/tty01
ifwait ppp0

First, the pppstart actor, which has been built into the system image, is started to enable PPP. Next, the pppd command opens a PPP line on tty01. Finally, the ifwait causes the system to wait until ppp0 is configured (UP).

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE	ATTRIBUTE VALUE
Interface Stability	Evolving