Rev 8 | Rev 37 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
#!/bin/bash## /etc/rc.d/rc.sysinit - run once at boot time## Taken in part from Miquel van Smoorenburg's bcheckrc.#HOSTNAME=$(/bin/hostname)set -mif [ -f /etc/sysconfig/network ]; then. /etc/sysconfig/networkfiif [ -z "$HOSTNAME" -o "$HOSTNAME" = "(none)" ]; thenHOSTNAME=localhostfiif [ ! -e /proc/mounts ]; thenmount -n -t proc /proc /procmount -n -t sysfs /sys /sys >/dev/null 2>&1fiif [ ! -d /proc/bus/usb ]; thenmodprobe usbcore >/dev/null 2>&1 && mount -n -t usbfs /proc/bus/usb /proc/bus/usbelsemount -n -t usbfs /proc/bus/usb /proc/bus/usbfi#remount /dev/shm to set attributes from fstab #669700mount -n -o remount /dev/shm >/dev/null 2>&1#remount /proc to set attributes from fstab #984003mount -n -o remount /proc >/dev/null 2>&1. /etc/init.d/functionsPLYMOUTH=[ -x /bin/plymouth ] && PLYMOUTH=yes# Check SELinux statusSELINUX_STATE=if [ -e "/selinux/enforce" ] && [ "$(cat /proc/self/attr/current)" != "kernel" ]; thenif [ -r "/selinux/enforce" ] ; thenSELINUX_STATE=$(cat "/selinux/enforce")else# assume enforcing if you can't read itSELINUX_STATE=1fifiif [ -n "$SELINUX_STATE" -a -x /sbin/restorecon ] && __fgrep " /dev " /proc/mounts >/dev/null 2>&1 ; then/sbin/restorecon -R -F /dev 2>/dev/nullfidisable_selinux() {echo $"*** Warning -- SELinux is active"echo $"*** Disabling security enforcement for system recovery."echo $"*** Run 'setenforce 1' to reenable."echo "0" > "/selinux/enforce"}relabel_selinux() {# if /sbin/init is not labeled correctly this process is running in the# wrong context, so a reboot will be required after relabelAUTORELABEL=. /etc/selinux/configecho "0" > /selinux/enforce[ -n "$PLYMOUTH" ] && plymouth --hide-splashif [ "$AUTORELABEL" = "0" ]; thenechoecho $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required. "echo $"*** /etc/selinux/config indicates you want to manually fix labeling"echo $"*** problems. Dropping you to a shell; the system will reboot"echo $"*** when you leave the shell."start rcS-emergencyelseechoecho $"*** Warning -- SELinux ${SELINUXTYPE} policy relabel is required."echo $"*** Relabeling could take a very long time, depending on file"echo $"*** system size and speed of hard drives."/sbin/fixfiles -F restore > /dev/null 2>&1firm -f /.autorelabelecho $"Unmounting file systems"umount -amount -n -o remount,ro /echo $"Automatic reboot in progress."reboot -f}# Print a text banner.echo -en $"\t\tWelcome to "read -r system_release < /etc/system-releaseif [[ "$system_release" == *"Red Hat"* ]]; then[ "$BOOTUP" = "color" ] && echo -en "\\033[0;31m"echo -en "Red Hat"[ "$BOOTUP" = "color" ] && echo -en "\\033[0;39m"PRODUCT=$(sed "s/Red Hat \(.*\) release.*/\1/" /etc/system-release)echo " $PRODUCT"elif [[ "$system_release" == *Fedora* ]]; then[ "$BOOTUP" = "color" ] && echo -en "\\033[0;34m"echo -en "Fedora"[ "$BOOTUP" = "color" ] && echo -en "\\033[0;39m"PRODUCT=$(sed "s/Fedora \(.*\) \?release.*/\1/" /etc/system-release)echo " $PRODUCT"elif [[ "$system_release" =~ "CentOS" ]]; then[ "$BOOTUP" = "color" ] && echo -en "\\033[0;36m"echo -en "CentOS"[ "$BOOTUP" = "color" ] && echo -en "\\033[0;39m"PRODUCT=$(sed "s/CentOS \(.*\) \?release.*/\1/" /etc/system-release)echo " $PRODUCT"elsePRODUCT=$(sed "s/ release.*//g" /etc/system-release)echo "$PRODUCT"fi# Only read this once.cmdline=$(cat /proc/cmdline)# Initialize hardwareif [ -f /proc/sys/kernel/modprobe ]; thenif ! strstr "$cmdline" nomodules && [ -f /proc/modules ] ; thensysctl -w kernel.modprobe="/sbin/modprobe" >/dev/null 2>&1else# We used to set this to NULL, but that causes 'failed to exec' messages"sysctl -w kernel.modprobe="/bin/true" >/dev/null 2>&1fifitouch /dev/.in_sysinit >/dev/null 2>&1# Set default affinityif [ -x /bin/taskset ]; thenif strstr "$cmdline" default_affinity= ; thenfor arg in $cmdline ; doif [ "${arg##default_affinity=}" != "${arg}" ]; then/bin/taskset -p ${arg##default_affinity=} 1/bin/taskset -p ${arg##default_affinity=} $$fidonefifinashpid=$(pidof nash 2>/dev/null)[ -n "$nashpid" ] && kill $nashpid >/dev/null 2>&1unset nashpidapply_sysctl/sbin/start_udev# Load other user-defined modulesfor file in /etc/sysconfig/modules/*.modules ; do[ -x $file ] && $filedone# Load modules (for backward compatibility with VARs)if [ -f /etc/rc.modules ]; then/etc/rc.modulesfimount -n /dev/pts >/dev/null 2>&1[ -n "$SELINUX_STATE" ] && restorecon -F /dev/pts >/dev/null 2>&1# Configure kernel parametersupdate_boot_stage RCkernelparamapply_sysctl# Set the hostname.update_boot_stage RChostnameaction $"Setting hostname ${HOSTNAME}: " hostname ${HOSTNAME}[ -n "${NISDOMAIN}" ] && domainname ${NISDOMAIN}# Sync waiting for storage.{ rmmod scsi_wait_scan ; modprobe scsi_wait_scan ; rmmod scsi_wait_scan ; } >/dev/null 2>&1# Device mapper & related initializationif ! __fgrep "device-mapper" /proc/devices >/dev/null 2>&1 ; thenmodprobe dm-mod >/dev/null 2>&1fiif [ -f /etc/crypttab ]; theninit_crypto 0fiif ! strstr "$cmdline" nompath && [ -f /etc/multipath.conf -a \-x /sbin/multipath ]; thenmodprobe dm-multipath > /dev/null 2>&1/sbin/multipath -v 0if [ -x /sbin/kpartx ]; thenaction_silent $"Add partition mappings: " /sbin/dmsetup ls --target multipath --exec "/sbin/kpartx -a -p p"fifiif ! strstr "$cmdline" nodmraid && [ -x /sbin/dmraid ]; thenmodprobe dm-mirror >/dev/null 2>&1dmraidsets=$(LC_ALL=C /sbin/dmraid -s -c -i)if [ "$?" = "0" ]; thenfor dmname in $dmraidsets; doif [[ "$dmname" == isw_* ]] && \! strstr "$cmdline" noiswmd; thencontinuefiaction_silent $"Activate software (ATA)RAID: " /sbin/dmraid -ay -i --rm_partitions -p "$dmname"/sbin/kpartx -a -p p "/dev/mapper/$dmname"donefifi# Start any MD RAID arrays that haven't been started yet[ -r /proc/mdstat -a -r /dev/md/md-device-map ] && action $"Run MD devices: " /sbin/mdadm -IRsif [ -x /sbin/lvm ]; thenif [ ! -f /.nolvm ] && ! strstr "$cmdline" nolvm ; thenaction $"Setting up Logical Volume Management:" /sbin/lvm vgchange -a ay --sysinit --ignoreskippedclusterelseecho $"Logical Volume Management disabled at boot."fifiif [ -f /etc/crypttab ]; theninit_crypto 0fiif [ -f /fastboot ] || strstr "$cmdline" fastboot ; thenfastboot=yesfiif [ -f /fsckoptions ]; thenfsckoptions=$(cat /fsckoptions)fiif [ -f /forcefsck ] || strstr "$cmdline" forcefsck ; thenfsckoptions="-f $fsckoptions"elif [ -f /.autofsck ]; then[ -f /etc/sysconfig/autofsck ] && . /etc/sysconfig/autofsckif [ "$AUTOFSCK_DEF_CHECK" = "yes" ]; thenAUTOFSCK_OPT="$AUTOFSCK_OPT -f"fiif [ -n "$AUTOFSCK_SINGLEUSER" ]; then[ -n "$PLYMOUTH" ] && plymouth --hide-splashechoecho $"*** Warning -- the system did not shut down cleanly. "echo $"*** Dropping you to a shell; the system will continue"echo $"*** when you leave the shell."[ -n "$SELINUX_STATE" ] && echo "0" > /selinux/enforcestart rcS-emergency[ -n "$SELINUX_STATE" ] && echo "1" > /selinux/enforce[ -n "$PLYMOUTH" ] && plymouth --show-splashfifsckoptions="$AUTOFSCK_OPT $fsckoptions"fiif [ "$BOOTUP" = "color" ]; thenfsckoptions="-C $fsckoptions"elsefsckoptions="-V $fsckoptions"fiREADONLY=if [ -f /etc/sysconfig/readonly-root ]; then. /etc/sysconfig/readonly-rootfiif strstr "$cmdline" readonlyroot ; thenREADONLY=yes[ -z "$RW_MOUNT" ] && RW_MOUNT=/var/lib/stateless/writable[ -z "$STATE_MOUNT" ] && STATE_MOUNT=/var/lib/stateless/statefiif strstr "$cmdline" noreadonlyroot ; thenREADONLY=nofiif [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; thenmount_empty() {if [ -e "$1" ]; thenecho "$1" | cpio -p -vd "$RW_MOUNT" &>/dev/nullmount -n --bind "$RW_MOUNT$1" "$1"fi}mount_dirs() {if [ -e "$1" ]; thenmkdir -p "$RW_MOUNT$1"find "$1" -type d -print0 | cpio -p -0vd "$RW_MOUNT" &>/dev/nullmount -n --bind "$RW_MOUNT$1" "$1"fi}mount_files() {if [ -e "$1" ]; thencp -a --parents "$1" "$RW_MOUNT"mount -n --bind "$RW_MOUNT$1" "$1"fi}# Common mount options for scratch space regardless of# type of backing storemountopts=# Scan partitions for local scratch storagerw_mount_dev=$(blkid -t LABEL="$RW_LABEL" -l -o device)# First try to mount scratch storage from /etc/fstab, then any# partition with the proper label. If either succeeds, be sure# to wipe the scratch storage clean. If both fail, then mount# scratch storage via tmpfs.if mount $mountopts "$RW_MOUNT" > /dev/null 2>&1 ; thenrm -rf "$RW_MOUNT" > /dev/null 2>&1elif [ x$rw_mount_dev != x ] && mount $rw_mount_dev $mountopts "$RW_MOUNT" > /dev/null 2>&1; thenrm -rf "$RW_MOUNT" > /dev/null 2>&1elsemount -n -t tmpfs $RW_OPTIONS $mountopts none "$RW_MOUNT"fifor file in /etc/rwtab /etc/rwtab.d/* /dev/.initramfs/rwtab ; dois_ignored_file "$file" && continue[ -f $file ] && cat $file | while read type path ; docase "$type" inempty)mount_empty $path;;files)mount_files $path;;dirs)mount_dirs $path;;*);;esac[ -n "$SELINUX_STATE" -a -e "$path" ] && restorecon -R "$path"donedone# Use any state passed by initramfs[ -d /dev/.initramfs/state ] && cp -a /dev/.initramfs/state/* $RW_MOUNT# In theory there should be no more than one network interface active# this early in the boot process -- the one we're booting from.# Use the network address to set the hostname of the client. This# must be done even if we have local storage.ipaddr=if [ "$HOSTNAME" = "localhost" -o "$HOSTNAME" = "localhost.localdomain" ]; thenipaddr=$(ip addr show to 0.0.0.0/0 scope global | awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }')for ip in $ipaddr ; doHOSTNAME=eval $(ipcalc -h $ip 2>/dev/null)[ -n "$HOSTNAME" ] && { hostname ${HOSTNAME} ; break; }donefi# Clients with read-only root filesystems may be provided with a# place where they can place minimal amounts of persistent# state. SSH keys or puppet certificates for example.## Ideally we'll use puppet to manage the state directory and to# create the bind mounts. However, until that's all ready this# is sufficient to build a working system.# First try to mount persistent data from /etc/fstab, then any# partition with the proper label, then fallback to NFSstate_mount_dev=$(blkid -t LABEL="$STATE_LABEL" -l -o device)if mount $mountopts $STATE_OPTIONS "$STATE_MOUNT" > /dev/null 2>&1 ; then/bin/trueelif [ x$state_mount_dev != x ] && mount $state_mount_dev $mountopts "$STATE_MOUNT" > /dev/null 2>&1; then/bin/trueelif [ ! -z "$CLIENTSTATE" ]; then# No local storage was found. Make a final attempt to find# state on an NFS server.mount -t nfs $CLIENTSTATE/$HOSTNAME $STATE_MOUNT -o rw,nolockfiif [ -w "$STATE_MOUNT" ]; thenmount_state() {if [ -e "$1" ]; then[ ! -e "$STATE_MOUNT$1" ] && cp -a --parents "$1" "$STATE_MOUNT"mount -n --bind "$STATE_MOUNT$1" "$1"fi}for file in /etc/statetab /etc/statetab.d/* ; dois_ignored_file "$file" && continue[ ! -f "$file" ] && continueif [ -f "$STATE_MOUNT/$file" ] ; thenmount -n --bind "$STATE_MOUNT/$file" "$file"fifor path in $(grep -v "^#" "$file" 2>/dev/null); domount_state "$path"[ -n "$SELINUX_STATE" -a -e "$path" ] && restorecon -R "$path"donedoneif [ -f "$STATE_MOUNT/files" ] ; thenfor path in $(grep -v "^#" "$STATE_MOUNT/files" 2>/dev/null); domount_state "$path"[ -n "$SELINUX_STATE" -a -e "$path" ] && restorecon -R "$path"donefifiif mount | grep -q /var/lib/nfs/rpc_pipefs ; thenmount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs && service rpcidmapd restartfifiif [[ " $fsckoptions" != *" -y"* ]]; thenfsckoptions="-a $fsckoptions"fi_RUN_QUOTACHECK=0if [ -f /forcequotacheck ] || strstr "$cmdline" forcequotacheck ; then_RUN_QUOTACHECK=1fiif [ -z "$fastboot" -a "$READONLY" != "yes" ]; thenSTRING=$"Checking filesystems"echo $STRINGfsck -T -t noopts=_netdev -A $fsckoptionsrc=$?if [ "$rc" -eq "0" ]; thensuccess "$STRING"echoelif [ "$rc" -eq "1" ]; thenpassed "$STRING"echoelif [ "$rc" -eq "2" -o "$rc" -eq "3" ]; thenecho $"Unmounting file systems"umount -amount -n -o remount,ro /echo $"Automatic reboot in progress."reboot -ffi# A return of 4 or higher means there were serious problems.if [ $rc -gt 1 ]; then[ -n "$PLYMOUTH" ] && plymouth --hide-splashfailure "$STRING"echoechoecho $"*** An error occurred during the file system check."echo $"*** Dropping you to a shell; the system will reboot"echo $"*** when you leave the shell."str=$"(Repair filesystem)"PS1="$str \# # "; export PS1[ "$SELINUX_STATE" = "1" ] && disable_selinuxstart rcS-emergencyecho $"Unmounting file systems"umount -amount -n -o remount,ro /echo $"Automatic reboot in progress."reboot -felif [ "$rc" -eq "1" ]; then_RUN_QUOTACHECK=1fifiremount_needed() {local state oldifs[ "$READONLY" = "yes" ] && return 1state=$(LC_ALL=C awk '/ \/ / && ($3 !~ /rootfs/) { print $4 }' /proc/mounts)oldifs=$IFSIFS=","for opt in $state ; doif [ "$opt" = "rw" ]; thenIFS=$oldifsreturn 1fidoneIFS=$oldifsreturn 0}# Remount the root filesystem read-write.update_boot_stage RCmountfsif remount_needed ; thenaction $"Remounting root filesystem in read-write mode: " mount -n -o remount,rw /fi# Clean up SELinux labelsif [ -n "$SELINUX_STATE" ]; thenrestorecon /etc/mtab /etc/ld.so.cache /etc/blkid/blkid.tab /etc/resolv.conf >/dev/null 2>&1fi# If relabeling, relabel mount points.if [ -n "$SELINUX_STATE" -a "$READONLY" != "yes" ]; thenif [ -f /.autorelabel ] || strstr "$cmdline" autorelabel ; thenrestorecon $(awk '!/^#/ && $4 !~ /noauto/ && $2 ~ /^\// { print $2 }' /etc/fstab) >/dev/null 2>&1fifiif [ "$READONLY" != "yes" ] ; then# Clear mtab(> /etc/mtab) &> /dev/null# Remove stale backupsrm -f /etc/mtab~ /etc/mtab~~# Enter mounted filesystems into /etc/mtabmount -f /mount -f /proc >/dev/null 2>&1mount -f /sys >/dev/null 2>&1mount -f /dev/pts >/dev/null 2>&1mount -f /dev/shm >/dev/null 2>&1mount -f /proc/bus/usb >/dev/null 2>&1fi# Mount all other filesystems (except for NFS and /proc, which is already# mounted). Contrary to standard usage,# filesystems are NOT unmounted in single user mode.# The 'no' applies to all listed filesystem types. See mount(8).if [ "$READONLY" != "yes" ] ; thenaction $"Mounting local filesystems: " mount -a -t nonfs,nfs4,smbfs,ncpfs,cifs,gfs,gfs2,glusterfs -O no_netdevelseaction $"Mounting local filesystems: " mount -a -n -t nonfs,nfs4,smbfs,ncpfs,cifs,gfs,gfs2i,glusterfs -O no_netdevfi# Update quotas if necessaryif [ X"$_RUN_QUOTACHECK" = X1 -a -x /sbin/quotacheck ]; thenaction $"Checking local filesystem quotas: " /sbin/quotacheck -anugfiif [ -x /sbin/quotaon ]; thenaction $"Enabling local filesystem quotas: " /sbin/quotaon -augfi# Check to see if a full relabel is neededif [ -n "$SELINUX_STATE" -a "$READONLY" != "yes" ]; thenif [ -f /.autorelabel ] || strstr "$cmdline" autorelabel ; thenrelabel_selinuxfielseif [ -d /etc/selinux -a "$READONLY" != "yes" ]; then[ -f /.autorelabel ] || touch /.autorelabelfifi# Initialize pseudo-random number generatorif [ -f "/var/lib/random-seed" ]; thencat /var/lib/random-seed > /dev/urandomelse[ "$READONLY" != "yes" ] && touch /var/lib/random-seedfiif [ "$READONLY" != "yes" ]; thenchmod 600 /var/lib/random-seeddd if=/dev/urandom of=/var/lib/random-seed count=1 bs=4096 2>/dev/nullfiif [ -f /etc/crypttab ]; theninit_crypto 1fi# Configure machine if necessary.if [ -f /.unconfigured ]; thenif [ -x /bin/plymouth ]; then/bin/plymouth quitfiif [ -x /usr/bin/system-config-keyboard ]; then/usr/bin/system-config-keyboardfiif [ -x /usr/bin/passwd ]; then/usr/bin/passwd rootfiif [ -x /usr/sbin/system-config-network-tui ]; then/usr/sbin/system-config-network-tuifiif [ -x /usr/sbin/timeconfig ]; then/usr/sbin/timeconfigfiif [ -x /usr/sbin/authconfig-tui ]; then/usr/sbin/authconfig-tui --nostartfiif [ -x /usr/sbin/ntsysv ]; then/usr/sbin/ntsysv --level 35fi# Reread in network configuration data.if [ -f /etc/sysconfig/network ]; then. /etc/sysconfig/network# Reset the hostname.action $"Resetting hostname ${HOSTNAME}: " hostname ${HOSTNAME}firm -f /.unconfiguredfi# Clean out /.rm -f /fastboot /fsckoptions /forcefsck /.autofsck /forcequotacheck /halt \/poweroff /.suspended &> /dev/null# Do we need (w|u)tmpx files? We don't set them up, but the sysadmin might..._NEED_XFILES=[ -f /var/run/utmpx -o -f /var/log/wtmpx ] && _NEED_XFILES=1# Clean up /var.rm -rf /var/lock/cvs/* /var/run/screen/*find /var/lock /var/run ! -type d -exec rm -f {} \;rm -f /var/lib/rpm/__db* &> /dev/nullrm -f /var/gdm/.gdmfifo &> /dev/null[ "$PROMPT" != no ] && plymouth watch-keystroke --command "touch /var/run/confirm" --keys=Ii &# Clean up utmp/wtmp> /var/run/utmptouch /var/log/wtmpchgrp utmp /var/run/utmp /var/log/wtmpchmod 0664 /var/run/utmp /var/log/wtmpif [ -n "$_NEED_XFILES" ]; then> /var/run/utmpxtouch /var/log/wtmpxchgrp utmp /var/run/utmpx /var/log/wtmpxchmod 0664 /var/run/utmpx /var/log/wtmpxfi[ -n "$SELINUX_STATE" ] && restorecon /var/run/utmp* /var/log/wtmp* >/dev/null 2>&1# Clean up various /tmp bits[ -n "$SELINUX_STATE" ] && restorecon /tmprm -f /tmp/.X*-lock /tmp/.lock.* /tmp/.gdm_socket /tmp/.s.PGSQL.*rm -rf /tmp/.X*-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/hsperfdata_* \/tmp/kde-* /tmp/ksocket-* /tmp/mc-* /tmp/mcop-* /tmp/orbit-* \/tmp/scrollkeeper-* /tmp/ssh-* \/dev/.in_sysinit# Make ICE directorymkdir -m 1777 -p /tmp/.ICE-unix >/dev/null 2>&1chown root:root /tmp/.ICE-unix[ -n "$SELINUX_STATE" ] && restorecon /tmp/.ICE-unix >/dev/null 2>&1# Start up swapping.update_boot_stage RCswapaction $"Enabling /etc/fstab swaps: " swapon -a -eif [ "$AUTOSWAP" = "yes" ]; thencurswap=$(awk '/^\/dev/ { print $1 }' /proc/swaps | while read x; do get_numeric_dev dec $x ; echo -n " "; done)swappartitions=$(blkid -t TYPE=swap -o device)if [ x"$swappartitions" != x ]; thenfor partition in $swappartitions ; do[ ! -e $partition ] && continuemajmin=$(get_numeric_dev dec $partition)echo $curswap | grep -qw "$majmin" || action $"Enabling local swap partitions: " swapon $partitiondonefifi# Set up binfmt_misc/bin/mount -t binfmt_misc none /proc/sys/fs/binfmt_misc > /dev/null 2>&1# Boot time profiles. Yes, this should be somewhere else.if [ -x /usr/sbin/system-config-network-cmd ]; thenif strstr "$cmdline" netprofile= ; thenfor arg in $cmdline ; doif [ "${arg##netprofile=}" != "${arg}" ]; then/usr/sbin/system-config-network-cmd --profile ${arg##netprofile=}fidonefifi# Now that we have all of our basic modules loaded and the kernel going,# let's dump the syslog ring somewhere so we can find it later[ -f /var/log/dmesg ] && mv -f /var/log/dmesg /var/log/dmesg.olddmesg -s 131072 > /var/log/dmesg# create the crash indicator flag to warn on crashes, offer fsck with timeouttouch /.autofsck &> /dev/null[ "$PROMPT" != no ] && plymouth --ignore-keystroke=Iiif strstr "$cmdline" confirm ; thentouch /var/run/confirmfi# Let rhgb know that we're leaving rc.sysinitif [ -x /bin/plymouth ]; then/bin/plymouth --sysinitfi