1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
|
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Language" content="en" />
<title>s6-linux-init: the s6-linux-init-maker program</title>
<meta name="Description" content="s6-linux-init: the s6-linux-init-maker program" />
<meta name="Keywords" content="s6 linux administration root init maker" />
<!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
</head>
<body>
<p>
<a href="index.html">s6-linux-init</a><br />
<a href="//skarnet.org/software/">Software</a><br />
<a href="//skarnet.org/">skarnet.org</a>
</p>
<h1> The <tt>s6-linux-init-maker</tt> program </h1>
<p>
<tt>s6-linux-init-maker</tt> reads configuration options on
the command line, and outputs a directory to place in the
root filesystem. That directory contains
a script that is suitable as an <tt>/sbin/init</tt> program
as well as all the necessary files that this script needs
to properly boot and bring up a full
<a href="//skarnet.org/software/s6/">s6</a>
infrastructure.
</p>
<p>
s6-linux-init-maker only writes scripts. At boot time, these
scripts will call commands provided by other skarnet.org packages
such as
<a href="//skarnet.org/software/execline/">execline</a> and
<a href="//skarnet.org/software/s6/">s6</a>. It is the
responsibility of the administrator to make sure that all the
dependencies are properly installed at boot time, and that the
correct options have been given to <tt>s6-linux-init-maker</tt>
so that the programs are found <em>on the root filesystem of the
machine</em>. If it is not the case, the system will fail to boot.
</p>
<h2> Interface and usage </h2>
<pre>
s6-linux-init-maker \
[ -c <em>basedir</em> ] \
[ -u <em>log_user</em> ] \
[ -G <em>early_getty</em> ] \
[ -1 ] \
[ -L ] \
[ -p <em>initial_path</em> ] \
[ -m <em>initial_umask</em> ] \
[ -t <em>timestamp_style</em> ] \
[ -d <em>dev_style</em> ] \
[ -s <em>env_store</em> ] \
[ -e <em>initial_envvar</em> ] ... \
[ -q <em>finalsleeptime</em> ] \
[ -D <em>initdefault</em> ] \
[ -U <em>utmp_user</em> ] \
<em>dir</em>
</pre>
<ul>
<li> s6-linux-init-maker must be run as root, on the machine
that will boot an s6-based system. </li>
<li> s6-linux-init-maker parses options on its command line. </li>
<li> It writes data into a directory <em>dir</em>, which must not
exist beforehand. </li>
<li> It exits 0 if everything went well, 100 if a user error occurred,
and 111 if a problem occurred during the creation of the directory
or its contents. </li>
</ul>
<p>
Once the command has been run and <em>dir</em> has been created, there
are a few manual steps to take:
</p>
<ol>
<li> <tt>s6-linux-init-maker</tt> has copied some scripts from the
<tt>/etc/s6-linux-init/skel</tt> directory (or the directory you
gave as an argument to the <tt>--skeldir</tt> configure option at
build time) to the <em>dir</em><tt>/scripts</tt> directory. You
should <strong>edit these scripts</strong> and adapt them to your use case.
(Or you could edit the skeleton scripts before running
<tt>s6-linux-init-maker</tt>.) The scripts are:
<ul>
<li> <tt>rc.init</tt>: this script will be run as <em>stage 2
initialization</em>, i.e. the initialization that happens once
<a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
is running as process 1, and should contain all your normal
system bootup tasks. Typically, it should initialize the service
manager and then order it to bring the machine state to its
fully operational state. <em>rc.init</em> is given the default
<em>runlevel</em> as a first argument (i.e. the name of the state
the machine should be brought to, traditionally <tt>default</tt>
for OpenRC and <tt>2</tt> or <tt>5</tt> for sysv-rc), and the
rest of the command line is made of the kernel's command line
except for the kernel arguments of the <em>key=value</em> form,
which have been stored into <em>env_store</em>. </li>
<li> <tt>rc.shutdown</tt>: this script will be run as the
<em>shutdown sequence</em>, when the administrator runs the
<tt>shutdown</tt>, <tt>halt</tt>, <tt>poweroff</tt> or <tt>reboot</tt>
command. (As well as <tt>init 0</tt>, <tt>init 6</tt>,
<tt>telinit 0</tt> and <tt>telinit 6</tt> for compatibility
reasons.) It should ask the service manager to bring all the
services down, and exit when it's done (in other words: it should
not try to perform a hard halt/poweroff/reboot itself.)
No arguments are given to this script. </li>
<li> <tt>runlevel</tt>: this script will be invoked for every
<em>runlevel change</em>, i.e. change of machine states. It is
given one argument: the name of the runlevel to change to.
Typically, the <em>runlevel</em> script should just invoke the
service manager, asking it to bring the machine state to the
wanted runlevel. </li>
</ul> </li>
<li> Copy the <em>dir</em> directory to the place declared as
<em>basedir</em> (<tt>/etc/s6-linux-init/current</tt> by default).
Be careful: it contains fifos, files with
precise uid/gid permissions, and files with non-standard access rights,
so be sure to copy it verbatim. The
<a href="//skarnet.org/software/s6-portable-utils/s6-hiercopy.html">s6-hiercopy</a>
tool can do it, as well as the GNU or busybox <tt>cp -a</tt> or <tt>mv</tt> commands. </li>
<li> Back up your <tt>/sbin</tt>. Then copy, link or symlink all the scripts
and symlinks in the <em>basedir</em><tt>/bin</tt> directory into <tt>/sbin</tt>.
In particular, the <tt><em>basedir</em>/bin/init</tt> script should
be accessible as <tt>/sbin/init</tt>. </li>
</ol>
<h2> Boot sequence </h2>
<p>
When the kernel boots, it may run an initramfs first, but in any
case it then runs the <tt>/sbin/init</tt> script,
also known as <em>stage 1</em>. This script is just an execution
of the <a href="s6-linux-init.html">s6-linux-init</a> program with
some command-line options that are directly transferred from the
<tt>s6-linux-init-maker</tt> invocation. Refer to the
<a href="s6-linux-init.html">s6-linux-init</a> man page to know
exactly what it does.
</p>
<h2> s6-linux-init-maker options </h2>
<ul>
<li> <tt>-c</tt> <em>basedir</em> : at boot time, <em>stage 1</em>,
which should be accessible as <tt><em>basedir</em>/init</tt>,
will read its read-only data from <em>basedir</em>. After running
<tt>s6-linux-init-maker</tt>, you should make sure to copy the
created directory <em>dir</em> to <em>basedir</em>. <em>basedir</em>
must be absolute. Default is
<strong><tt>/etc/s6-linux-init/current</tt></strong>. </li> <p />
<li> <tt>-u</tt> <em>log_user</em> : the catch-all
logger will run as the <em>log_user</em> user. Default is <tt>root</tt>. </li> <p />
<li> <tt>-G</tt> <em>early_getty</em> : if this option
is set, <tt>s6-linux-init-maker</tt> will define an additional s6 service
that will be named <tt>s6-linux-init-early-getty</tt> and started
at the same time <em>rc.init</em> is executed. This early service
should be a getty, or equivalent, to allow logins even if <em>stage2</em> fails.
<em>early_getty</em> should be a simple command line: for instance,
<tt>"/sbin/getty 38400 tty1"</tt>. By default, no early service
is defined. </li> <p />
<li> <tt>-1</tt> : make it so that all the messages that are
sent to the catch-all logger (i.e. all the error messages that are not
caught by a dedicated logger, as well as the output from <em>rc.init</em>,
<em>runlevel</em> and <em>rc.shutdown</em>,
are also copied to <tt>/dev/console</tt>. (Timestamps are not
copied to <tt>/dev/console</tt>.) This is generally useful to
debug a system at a glance, but if a failing program keeps sending
error messages, it may interfere with comfortable usage of an early
getty. A common workaround is to make the early getty start on
<tt>tty2</tt> and leave tty1 for <tt>/dev/console</tt> to print on. </li> <p />
<li> <tt>-L</tt> : add an early <tt>s6-linux-init-logouthookd</tt>
service to clean up utmp records at user logout time. Check the
<a href="s6-linux-init-logouthookd">s6-linux-init-logouthookd</a> page
for details. </li> <p />
<li> <tt>-p</tt> <em>initial_path</em> : the initial value
for the PATH environment variable, that will be transmitted to all the
starting process unless it's overridden by a PATH declaration via the
<tt>-e</tt> option.
It is absolutely necessary for
<a href="//skarnet.org/software/execline/">execline</a> and
<a href="//skarnet.org/software/s6/">s6</a>
binaries to be accessible via <em>initial_path</em>, else the machine
will not boot. Default is
<strong><tt>/usr/bin:/bin</tt></strong>. </li> <p />
<li> <tt>-m</tt> <em>initial_umask</em> : the value of
the initial file umask for all the starting processes, in octal.
Default is <strong><tt>022</tt></strong>. </li> <p />
<li> <tt>-t</tt> <em>timestamp_style</em> : how
logs are timestamped by the catch-all logger. 0 means no
timestamp, 1 means
<a href="http://cr.yp.to/libtai/tai64.html">external TAI64N format</a>,
2 means
<a href="http://www.iso.org/iso/home/standards/iso8601.htm">ISO 8601 format</a>,
and 3 means both. Default is
<strong><tt>1</tt></strong>. </li> <p />
<li> <tt>-d</tt> <em>dev_style</em> : how <tt>/dev</tt> is
handled on this system. 0 means a static <tt>/dev</tt>, 1 means
devtmpfs but not automounted by the kernel at boot time, and 2 means
devtmpfs automounted by the kernel at boot time. Default is
<strong><tt>2</tt></strong>. </li> <p />
<li> <tt>-s</tt> <em>env_store</em> : stage 1 init sometimes
inherits a few environment variables from the kernel. (These variables
correspond to the arguments on the kernel command line that are of the
form <em>key=value</em>.) It empties its
environment before spawning <em>rc.init</em> and executing into s6-svscan, in
order to prevent those "kernel" environment variables from leaking
into the whole process tree. However, sometimes those variables are
needed at a later time; in that case, giving the <tt>-s</tt> option
to <tt>s6-linux-init-maker</tt> makes stage 1 init dump the "kernel" environment
variables into the <em>env_store</em> directory (under a format that is
later readable with
<a href="//skarnet.org/software/s6/s6-envdir.html">s6-envdir -fn</a>)
before erasing them. <em>env_store</em> should obviously be
a writable directory, so it should be located under <tt>/run</tt>
(or your chosen tmpfsdir)!
If this option is not given, the environment inherited from the kernel
isn't saved anywhere - which is the default. </li> <p />
<li> <tt>-e</tt> <em>initial_envvar</em> : this option
can be repeated. For every <em>initial_envvar</em>, <tt>s6-linux-init-maker</tt>
will adjust the global environment directory in <em>dir</em>/env.
<em>initial_envvar</em> must either be of the form <em>VAR</em>,
to make sure that <em>VAR</em> does not appear in the global
environment, or of the form <em>VAR=VALUE</em>, to add an
environment variable <em>VAR</em> with the value <em>VALUE</em>.
The global environment is the environment that every supervised
process (as well as the <em>rc.init</em> script) will run with,
so it will be inherited by default by every process running on
the system.
The TZ variable, for instance, is a good candidate to be set in
the global environment. </li> <p />
<li> <tt>-q</tt> <em>finalsleeptime</em> : when the machine
shuts down, all processes that have not already been killed during
<tt>shutdownscript</tt> will receive a SIGTERM or a SIGHUP to allow
them to exit gracefully; then, after <em>finalsleeptime</em>
milliseconds, they will receive a SIGKILL and the shutdown sequence
will go on. This option configures the amount of time that will
elapse between the SIGTERM/SIGHUP and the SIGKILL.
Default is <strong>2000</strong>, meaning a grace period of 2 seconds. </li> <p />
<li> <tt>-D</tt> <em>initdefault</em> : boot the system with
a runlevel set to <em>initdefault</em>, which can be an arbitrary
string, but is usually <tt>2</tt>, <tt>3</tt>, <tt>5</tt> (traditional
sysvinit behaviour) or <tt>default</tt> (OpenRC behaviour). Default is
<tt>default</tt>. Note that if a <tt>2</tt>, <tt>3</tt>, <tt>4</tt>,
<tt>5</tt>, or <tt>default</tt> argument is encountered in the kernel
command line, it will be interpreted as the runlevel to boot the system
on, and will override the default given here. </li> <p />
<li> <tt>-U</tt> <em>utmp_user</em> : this option is only
available when the s6-linux-init package has been built with the
<tt>--enable-utmps</tt> configure option, that enables support for the
<a href="//skarnet.org/software/utmps/">utmps</a> package. The option
defines the user that the <tt>utmpd</tt> and <tt>wtmpd</tt> services
will run as. Default is <tt>utmp</tt>. </li> <p />
</ul>
<h2> Organization of the created directory </h2>
<p>
If <tt>s6-linux-init-maker</tt> returns successfully, <em>dir</em>
contains data that will be used at boot time. (Actually,
<em>basedir</em> will be used at boot time, not <em>dir</em>. Do not
forget to copy <em>dir</em> to <em>basedir</em> once you have checked
you are happy with what <tt>s6-linux-init-maker</tt> has created.)
</p>
<p>
This boot-time data is made of several subdirectories:
</p>
<ul>
<li> <tt>bin</tt>: this subdirectory contains scripts and symlinks
that should be copied to <tt>/sbin</tt> or <tt>/bin</tt>. There is
an <tt>init</tt> program performing stage 1 init, a <tt>telinit</tt>
program to change runlevels, and utilities to order a machine shutdown. </li>
<li> <tt>env</tt>: this subdirectory is the envdir that is
used to store the global environment. It will be read at boot time
by stage 1 init, and transmitted to all spawned processes. </li>
<li> <tt>scripts</tt>: this subdirectory contains a copy of the
skeleton scripts that have been installed in <tt>/etc/s6-linux-init/skel</tt>
(or the argument to the <tt>--skeldir</tt> configure option at
build time). These scripts should be edited before booting. They are
described above. </li>
<li> <tt>run-image</tt>: this is a file hierarchy that will be
copied verbatim at boot time to the newly made and mounted
<tt>/run</tt> tmpfs (or whatever your <em>tmpfsdir</em> is). The
subdirectories it contains are the following:
<ul>
<li> <tt>uncaught-logs</tt>: this is the directory where the
catch-all logger will store and rotate the error messages produced
by the s6 supervision tree and the services that do not redirect
their own logs. </li>
<li> <tt>service</tt>: <tt>/run/service</tt> will be the scandir.
It initially contains a <tt>.s6-svscan</tt> subdirectory that
tells <a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
what to do if it receives a signal (typically via the ctrlaltdel
combination) and ensures a hard reboot if <tt>s6-svscan</tt> ever fails. It
also contains a list of early services, i.e. s6 services that will
be run at boot time as soon as <tt>s6-svscan</tt> is executed. These
services are:
<ul>
<li> <tt>s6-svscan-log</tt>: the catch-all logger. </li>
<li> <tt>s6-linux-init-shutdownd</tt>: a service that listens
to shutdown commands such as <tt>reboot</tt> and triggers the software
shutdown procedure. </li>
<li> <tt>s6-linux-init-runleveld</tt>: a service that listens
to runlevel change commands such as <tt>telinit</tt> and calls the
<em>runlevel</em> script in a reproducible environment to bring the
machine to the wanted state. </li>
<li> (If the <tt>-L</tt> option has been given to
<tt>s6-linux-init-maker</tt>) <tt>s6-linux-init-logouthookd</tt>:
the "clean up user utmp records at logout time" service. See the
<a href="s6-linux-init-logouthookd.html">s6-linux-init-logouthookd</a>
page for details. </li>
<li> (If the <tt>-G</tt> option has been given to
<tt>s6-linux-init-maker</tt>) <tt>s6-linux-init-early-getty</tt>:
the early getty service, that will allow a user to log in even if
<em>rc.init</em> fails to bring the machine to a state where logins
are possible. </li>
</ul> </li>
</ul> </li>
</ul>
<p>
If s6-linux-init has been built with
<a href="//skarnet.org/software/utmps/">utmps</a> support, some more
directories may exist:
</p>
<ul>
<li> A directory somewhere under <tt>run-image</tt>, by default <tt>utmps</tt>,
that is the location where the utmp and wtmp files will be created. </li>
<li> Two additional early services named <tt>utmpd</tt> and <tt>wtmpd</tt>,
that are the <a href="//skarnet.org/software/utmps/">utmps</a> way of
providing secure utmp functionality. </li>
</ul>
<h2> Notes </h2>
<p>
A directory created by <tt>s6-linux-init-maker</tt> is only valid on
the machine it has been created on. Pre-creating init directories for
other machines is not supported.
</p>
<p>
After booting, <em>basedir</em> should remain untouched during the
lifetime of the machine, because the machine state change and shutdown
procedures will look for data in <em>basedir</em>. New invocations of
<tt>s6-linux-init-maker</tt> should use a different <em>basedir</em>.
</p>
<p>
The difficult parts of
<a href="//skarnet.org/software/s6/s6-svscan-1.html">running
s6-svscan as process 1</a> are:
</p>
<ul>
<li> The fact that the supervision tree requires writable directories,
so in order to accommodate read-only root filesystems, there needs to
be a tmpfs mounted before s6-svscan is run. </li>
<li> The catch-22 coming from the need to redirect the supervision
tree's output away from <tt>/dev/console</tt> (which is fine for a
first process invocation but impractical for log management of a
whole process tree) and into a logger that is itself managed by the
supervision tree it's reading data from. </li>
<li> Keeping appearances of compatibility with another init system
is difficult: in particular, the mechanisms around the shutdown
procedure are fundamentally different from about any other init
system, so even a simple command such as <tt>reboot</tt> needs an
ad-hoc implementation. </li>
</ul>
<p>
The main benefit of <tt>s6-linux-init-maker</tt> is that it offers
transparent compatibility while automating the tricky technical part.
That means that <tt>s6-linux-init-maker</tt> has been designed for
<em>real hardware</em>, or at least full-fledged Linux systems,
where the above issues apply. If you are building an init system for a
container, or anything similar that does not
have the <tt>/dev/console</tt> issue, the read-only rootfs issue,
or the need for sysvinit compatibility,
you will probably not reap much benefit from using <tt>s6-linux-init-maker</tt>:
you could probably invoke
<a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
directly as your process 1, or build a script by hand, which
would result in a simpler init with less dependencies.
</p>
</body>
</html>
|
