Absolute OpenBSD: Unix for the Practical Paranoid

We examined /etc/rc.conf in some detail in Chapter 5. Now let's see how those variables are processed by the system.

Whenever your system boots to the point where it can execute userland commands, it runs the shell script /etc/rc. This script mounts all file systems, brings up the network interfaces, configures device nodes, sets up shared libraries, and does all the other tasks required to bring a system up to multiuser mode. These are an awful lot of tasks, and some of them aren't necessary on all systems. The purpose of /etc/rc.conf is to tell /etc/rc what to run, what values to run with, and what to not bother with. Everything you set in /etc/rc.conf is used in /etc/rc in one way or another. The /etc/rc system actually has six associated files: /etc/rc, /etc/rc.conf, /etc/rc.local, /etc/rc.securelevel, /etc/netstart, and /etc/rc.shutdown.

/etc/rc

Every configuration step on an OpenBSD box, from setting the host name to starting server programs, can be performed by a simple shell command. As such, /etc/rc is a basic shell script. This script reads in variable assignments from /etc/rc.conf as well as files such as /etc/myname and /etc/hostname.*, and acts as those variables tell it to. The /etc/rc script also starts every other /etc/rc script at the appropriate time. When /etc/rc exits, the system fires up getty(8) and presents login prompts on all the appropriate terminals.

Generally speaking, you should not need to edit /etc/rc unless you are a very experienced systems administrator with truly unique needs. Editing the other /etc/rc.* files, especially /etc/rc.conf, should do everything you need.

/etc/rc.conf

This file contains nothing but variables used by other /etc/rc scripts. We covered it in extreme detail in Chapter 5. Various other /etc/rc.* scripts use /etc/rc.conf to get their configuration information.

/etc/netstart

While the name doesn't look like the others, /etc/netstart is definitely a system startup script. This script reads /etc/hostname.if*, /etc/mygate, and /etc/myname, and uses that information to configure all network functionality: interfaces, bridges, routing, and so forth. You can run this script in single-user mode to bring up the network without starting any of the other software that normally starts in multi-user mode.

/etc/rc.securelevel

This shell script runs just before the system raises its securelevel (see more about this in Chapter 10), but after the network is started. Many programs, particularly those that affect the kernel or file systems in some way, will not run once the securelevel is raised. The examples in the file relate to ntpd(8) and related programs, but you can edit /etc/rc.securelevel to include any programs that must be run before securelevel is raised. If at all possible, however, you're better off starting local programs from /etc/rc.local. We'll look at adding proper shell commands to these files in "Editing /etc/rc Scripts," later in this chapter.

One important detail in /etc/rc.securelevel is the securelevel setting itself. We discuss securelevel in Chapter 10. For now, just don't touch the line that sets the securelevel unless you're already familiar with BSD and know exactly what you're getting with securelevels!

/etc/rc.local

The /etc/rc.local shell script runs at the very end of system initialization. Once every other system process has been started, /etc/rc.local runs. This is the usual place to put startup commands for systems such as databases, small servers, and any other programs you want to run at boot time. You can place your add-on shell commands here, as discussed in "Editing /etc/rc Scripts," later in this chapter.

/etc/rc.conf.local

In various circumstances, you might not want to edit /etc/rc.conf for each machine. Perhaps you share one rc.conf amongst several machines, but have a few machines that require particular tweaks. If you're a developer and upgrade frequently, handling /etc/rc.conf can be tedious. That's where /etc/rc.conf. local comes in.

/etc/rc.conf.local starts off as an empty file. You can put any rc.conf variable assignments you like into this file. Entries in /etc/rc.conf.local override any values in /etc/rc.conf. For example, /etc/rc.conf contains this line.

identd_flags=NO

Let's suppose you want to change this value without editing the /etc/rc.conf line. You could create a line like the following in /etc/rc.conf.local.

identd_flags="-b -u nobody -elo"

When /etc/rc runs, it will use the values from /etc/rc.conf.local instead of /etc/rc.conf. This minimizes the number of changes necessary to /etc/rc.conf and makes upgrading easier.

/etc/rc.shutdown

The /etc/rc.shutdown script runs whenever you use reboot(8), halt(8), or a keyboard shutdown (i.e., CTRL-ALT-DELETE on i386). The commands here are shut down commands that require specialized shutdown sequences. Database programs use this feature frequently, which you need to shut down correctly to prevent data loss.

Категории