svn commit: r44626 - head/en_US.ISO8859-1/books/handbook/boot
Dru Lavigne
dru at FreeBSD.org
Tue Apr 22 15:49:55 UTC 2014
Author: dru
Date: Tue Apr 22 15:49:54 2014
New Revision: 44626
URL: http://svnweb.freebsd.org/changeset/doc/44626
Log:
Move init section into Boot Process as the Last Stage.
Format boot options as a table.
Expand on single-user mode section.
More commits to come.
Sponsored by: iXsystems
Modified:
head/en_US.ISO8859-1/books/handbook/boot/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/boot/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 05:23:35 2014 (r44625)
+++ head/en_US.ISO8859-1/books/handbook/boot/chapter.xml Tue Apr 22 15:49:54 2014 (r44626)
@@ -345,7 +345,7 @@ boot:</screen>
specified options or kernel name. Providing a kernel
name on the command-line is only applicable after an
<command>unload</command> has been issued.
- Otherwise the previously-loaded kernel will be
+ Otherwise, the previously-loaded kernel will be
used.</entry>
</row>
@@ -432,25 +432,16 @@ boot:</screen>
</tbody>
</tgroup>
</table>
- </sect2>
- <sect2 xml:id="boot-loader-examples">
- <title>Loader Examples</title>
-
- <para>Here are some practical examples of loader usage:</para>
-
- <itemizedlist>
- <listitem>
- <para>To boot the usual kernel in single-user
+ <para>Here are some practical examples of
+ loader usage. To boot the usual kernel in single-user
mode<indexterm><primary>single-user
mode</primary></indexterm>:</para>
<screen><userinput>boot -s</userinput></screen>
- </listitem>
- <listitem>
- <para>To unload the usual kernel and modules, and then
- load the previous or another kernel:</para>
+ <para>To unload the usual kernel and modules and then
+ load the previous or another, specified kernel:</para>
<screen><userinput>unload</userinput>
<userinput>load <replaceable>kernel.old</replaceable></userinput></screen>
@@ -463,94 +454,183 @@ boot:</screen>
system upgrade or before configuring a custom
kernel.</para>
- <note>
<para>Use the following to load the usual modules with
another kernel:</para>
<screen><userinput>unload</userinput>
<userinput>set kernel="<replaceable>kernel.old</replaceable>"</userinput>
-<userinput>boot-conf</userinput></screen></note>
- </listitem>
+<userinput>boot-conf</userinput></screen>
- <listitem>
<para>To load an automated kernel configuration
script:</para>
<screen><userinput>load -t userconfig_script <replaceable>/boot/kernel.conf</replaceable></userinput></screen>
- </listitem>
- </itemizedlist>
- </sect2>
-
- <sect2 xml:id="boot-kernel">
- <title>Kernel Interaction During Boot</title>
<indexterm>
<primary>kernel</primary>
<secondary>boot interaction</secondary>
</indexterm>
+ </sect2>
- <para>Once the kernel is loaded by either the default loader or
- by boot2, which bypasses the loader, it examines any boot
- flags and adjusts its behavior as necessary.</para>
+ <sect2 xml:id="boot-init">
+ <title>Last Stage</title>
+
+ <indexterm>
+ <primary>&man.init.8;</primary>
+ </indexterm>
+ <para>Once the kernel is loaded by either <application>loader</application> or
+ by <application>boot2</application>, which bypasses
+ <application>loader</application>, it examines any boot
+ flags and adjusts its behavior as necessary. <xref
+ linkend="boot-kernel"/> lists the commonly used boot flags.
+ Refer to &man.boot.8; for more information on the other
+ boot flags.</para>
<indexterm>
<primary>kernel</primary>
<secondary>bootflags</secondary>
</indexterm>
- <para>Here are the more common boot flags:</para>
+ <table xml:id="boot-kernel" frame="none" pgwide="1">
+ <title>Kernel Interaction During Boot</title>
- <variablelist xml:id="boot-kernel-bootflags-list">
- <varlistentry>
- <term><option>-a</option></term>
+ <tgroup cols="2">
+ <thead>
+ <row>
+ <entry>Option</entry>
+ <entry>Description</entry>
+ </row>
+ </thead>
- <listitem>
- <para>During kernel initialization, ask for the device
- to mount as the root file system.</para>
- </listitem>
- </varlistentry>
+ <tbody>
+ <row>
+ <entry><option>-a</option></entry>
+ <entry>During kernel initialization, ask for the device
+ to mount as the root file system.</entry>
+ </row>
- <varlistentry>
- <term><option>-C</option></term>
+ <row>
+ <entry><option>-C</option></entry>
+ <entry>Boot the root file system from a <acronym>CDROM</acronym>.</entry>
+ </row>
- <listitem>
- <para>Boot from CDROM.</para>
- </listitem>
- </varlistentry>
+ <row>
+ <entry><option>-s</option></entry>
+ <entry>Boot into single-user mode.</entry>
+ </row>
- <varlistentry>
- <term><option>-c</option></term>
+ <row>
+ <entry><option>-v</option></entry>
+ <entry>Be more verbose during kernel startup.</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
- <listitem>
- <para>Run UserConfig, the boot-time kernel
- configurator.</para>
- </listitem>
- </varlistentry>
+ <para>Once the kernel has finished booting, it passes control to
+ the user process &man.init.8;, which is located at
+ <filename>/sbin/init</filename>, or the program path specified
+ in the <envar>init_path</envar> variable in
+ <command>loader</command>. This is the last stage of the boot
+ process.</para>
- <varlistentry>
- <term><option>-s</option></term>
+ <para>The boot sequence makes sure that the file systems available
+ on the system are consistent. If a <acronym>UFS</acronym> file
+ system is not, and <command>fsck</command>
+ cannot fix the inconsistencies,
+ <application>init</application> drops the system into single-user mode so that the
+ system administrator can resolve the problem directly. Otherwise,
+ the system boots into multi-user mode.</para>
- <listitem>
- <para>Boot into single-user mode.</para>
- </listitem>
- </varlistentry>
+ <sect3 xml:id="boot-singleuser">
+ <title>Single-User Mode</title>
- <varlistentry>
- <term><option>-v</option></term>
+ <indexterm><primary>single-user mode</primary></indexterm>
+ <indexterm><primary>console</primary></indexterm>
- <listitem>
- <para>Be more verbose during kernel startup.</para>
- </listitem>
- </varlistentry>
- </variablelist>
+ <para>A user can specify this mode by
+ booting with <option>-s</option>, or by
+ setting the <envar>boot_ single</envar> variable in
+ <application>loader</application>. It can also be reached by
+ running <command>shutdown now</command> from
+ multi-user mode. Single-user mode begins with this message:</para>
+
+ <programlisting>Enter full pathname of shell or RETURN for /bin/sh:</programlisting>
+
+ <para>If the user presses <keycap>Enter</keycap>, the system
+ will enter the default Bourne shell. To specify a different
+ shell, input the full path to the shell.</para>
+
+ <para>Single-user mode is usually used to repair a system that will not
+ boot due to an inconsistent file system or an error in a boot
+ configuration file. It can also be used to reset the
+ <systemitem class="username">root</systemitem> password when
+ it is unknown. These actions are possible as the single-user
+ mode prompt gives full, local access to the system and its
+ configuration files. There is no networking in this mode.</para>
+
+ <para>While single-user mode is useful for repairing a system,
+ it poses a security risk unless the system is in a physically
+ secure location. By default, any user who can gain physical
+ access to a system will have full control of that system after
+ booting into single-user mode.</para>
- <note>
- <para>Refer to &man.boot.8; for more information on the other
- boot flags.</para>
- </note>
+ <para>If the system <literal>console</literal> is changed to
+ <literal>insecure</literal> in <filename>/etc/ttys</filename>,
+ the system will first prompt for the <systemitem
+ class="username">root</systemitem> password before
+ initiating single-user mode. This adds a measure of security
+ while removing the ability to reset the <systemitem
+ class="username">root</systemitem> password when it is
+ unknown.</para>
+
+ <example xml:id="boot-insecure-console">
+ <title>Configuring an Insecure Console in
+ <filename>/etc/ttys</filename></title>
+
+ <programlisting># name getty type status comments
+#
+# If console is marked "insecure", then init will ask for the root password
+# when going to single-user mode.
+console none unknown off <replaceable>insecure</replaceable></programlisting>
+ </example>
+
+ <para>An <literal>insecure</literal> console means that
+ physical security to the console is considered to be
+ insecure, so only someone who knows the <systemitem
+ class="username">root</systemitem> password may use
+ single-user mode.</para>
+ </sect3>
+
+ <sect3 xml:id="boot-multiuser">
+ <title>Multi-User Mode</title>
+
+ <indexterm><primary>multi-user mode</primary></indexterm>
+
+ <para>If <application>init</application> finds the file systems to be in order, or
+ once the user has finished their commands in single-user mode
+ and has typed <command>exit</command> to leave single-user mode,
+ the system enters
+ multi-user mode, in which it starts the resource configuration
+ of the system.</para>
+
+ <indexterm><primary>rc files</primary></indexterm>
+
+ <para>The resource configuration system reads in configuration
+ defaults from <filename>/etc/defaults/rc.conf</filename> and
+ system-specific details from
+ <filename>/etc/rc.conf</filename>. It then proceeds to mount
+ the system file systems listed in
+ <filename>/etc/fstab</filename>. It starts up networking
+ services, miscellaneous system daemons, then the startup
+ scripts of locally installed packages.</para>
+
+ <para>To learn more about the resource configuration system,
+ refer to &man.rc.8; and examine the scripts located in
+ <filename>/etc/rc.d</filename>.</para>
+ </sect3>
</sect2>
</sect1>
-
<!--
<sect2 id="boot-kernel-userconfig">
<title>UserConfig: the Boot-time Kernel Configurator</title>
@@ -809,95 +889,6 @@ bitmap_name="<replaceable>/boot/splash.b
&man.kenv.1;, &man.loader.conf.5;, and &man.loader.8;.</para>
</sect1>
- <sect1 xml:id="boot-init">
- <title>Init: Process Control Initialization</title>
-
- <indexterm>
- <primary>&man.init.8;</primary>
- </indexterm>
-
- <para>Once the kernel has finished booting, it passes control to
- the user process &man.init.8;, which is located at
- <filename>/sbin/init</filename>, or the program path specified
- in the <envar>init_path</envar> variable in
- <command>loader</command>.</para>
-
- <para>The boot sequence makes sure that the file systems available
- on the system are consistent. If they are not, and &man.fsck.8;
- cannot fix the inconsistencies of a UFS file system,
- &man.init.8; drops the system into single-user mode so that the
- system administrator can resolve the problem directly.</para>
-
- <sect2 xml:id="boot-singleuser">
- <title>Single-User Mode</title>
-
- <indexterm><primary>single-user mode</primary></indexterm>
- <indexterm><primary>console</primary></indexterm>
-
- <para>This mode can be reached through the automatic reboot
- sequence, the user booting with <option>-s</option>, or by
- setting the <envar>boot_ single</envar> variable in
- &man.loader.8;.</para>
-
- <para>It can also be reached by calling &man.shutdown.8; from
- multi-user mode (<xref linkend="boot-multiuser"/>) without
- including <option>-r</option> or <option>-h</option>.</para>
-
- <para>If the system <literal>console</literal> is set to
- <literal>insecure</literal> in <filename>/etc/ttys</filename>,
- the system will prompt for the <systemitem
- class="username">root</systemitem> password before
- initiating single-user mode.</para>
-
- <example xml:id="boot-insecure-console">
- <title>An Insecure Console in
- <filename>/etc/ttys</filename></title>
-
- <programlisting># name getty type status comments
-#
-# If console is marked "insecure", then init will ask for the root password
-# when going to single-user mode.
-console none unknown off insecure</programlisting>
- </example>
-
- <note>
- <para>An <literal>insecure</literal> console means that
- physical security to the console is considered to be
- insecure, so only someone who knows the <systemitem
- class="username">root</systemitem> password may use
- single-user mode. Thus, to add this measure of security,
- choose <literal>insecure</literal>, instead of the default
- of <literal>secure</literal>.</para>
- </note>
- </sect2>
-
- <sect2 xml:id="boot-multiuser">
- <title>Multi-User Mode</title>
-
- <indexterm><primary>multi-user mode</primary></indexterm>
-
- <para>If &man.init.8; finds the file systems to be in order, or
- once the user has finished their commands in single-user mode
- (<xref linkend="boot-singleuser"/>), the system enters
- multi-user mode, in which it starts the resource configuration
- of the system.</para>
-
- <indexterm><primary>rc files</primary></indexterm>
-
- <para>The resource configuration system reads in configuration
- defaults from <filename>/etc/defaults/rc.conf</filename>, and
- system-specific details from
- <filename>/etc/rc.conf</filename>, and then proceeds to mount
- the system file systems listed in
- <filename>/etc/fstab</filename>. It starts up networking
- services, miscellaneous system daemons, then the startup
- scripts of locally installed packages.</para>
-
- <para>To learn more about the resource configuration system,
- refer to &man.rc.8; and examine the scripts themselves.</para>
- </sect2>
- </sect1>
-
<sect1 xml:id="boot-shutdown">
<title>Shutdown Sequence</title>
More information about the svn-doc-all
mailing list