/*	$OpenBSD: init.c,v 1.65 2017/06/16 06:46:54 natano Exp $	*/

/*	$NetBSD: init.c,v 1.22 1996/05/15 23:29:33 jtc Exp $	*/

/*-

 * Copyright (c) 1991, 1993

 *	The Regents of the University of California.  All rights reserved.

 *

 * This code is derived from software contributed to Berkeley by

 * Donn Seeley at Berkeley Software Design, Inc.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 3. Neither the name of the University nor the names of its contributors

 *    may be used to endorse or promote products derived from this software

 *    without specific prior written permission.

 *

 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND

 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE

 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 */

#include <sys/types.h>

#include <sys/reboot.h>

#include <sys/sysctl.h>

#include <sys/time.h>

#include <sys/tree.h>

#include <sys/wait.h>

#include <machine/cpu.h>

#include <err.h>

#include <errno.h>

#include <fcntl.h>

#include <limits.h>

#include <signal.h>

#include <stdarg.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <syslog.h>

#include <time.h>

#include <ttyent.h>

#include <unistd.h>

#include <util.h>

#ifdef SECURE

#include <pwd.h>

#include <readpassphrase.h>

#endif

#ifdef LOGIN_CAP

#include <login_cap.h>

#endif

#include "pathnames.h"

/*

 * Sleep times; used to prevent thrashing.

 */

#define	GETTY_SPACING		 5	/* N secs minimum getty spacing */

#define	GETTY_SLEEP		30	/* sleep N secs after spacing problem */

#define	WINDOW_WAIT		 3	/* wait N secs after starting window */

#define	STALL_TIMEOUT		30	/* wait N secs after warning */

#define	DEATH_WATCH		10	/* wait N secs for procs to die */

/*

 * User-based resource limits.

 */

#define RESOURCE_RC		"daemon"

#define RESOURCE_WINDOW		"default"

#define RESOURCE_GETTY		"default"

#ifndef DEFAULT_STATE

#define DEFAULT_STATE		runcom

#endif

void handle(sig_t, ...);

void delset(sigset_t *, ...);

void stall(char *, ...);

void warning(char *, ...);

void emergency(char *, ...);

void disaster(int);

void badsys(int);

typedef enum {

	invalid_state,

	single_user,

	runcom,

	read_ttys,

	multi_user,

	clean_ttys,

	catatonia,

	death,

	do_reboot,

	hard_death,

	nice_death

} state_t;

typedef state_t (*state_func_t)(void);

state_t f_single_user(void);

state_t f_runcom(void);

state_t f_read_ttys(void);

state_t f_multi_user(void);

state_t f_clean_ttys(void);

state_t f_catatonia(void);

state_t f_death(void);

state_t f_do_reboot(void);

state_t f_hard_death(void);

state_t f_nice_death(void);

state_func_t state_funcs[] = {

	NULL,

	f_single_user,

	f_runcom,

	f_read_ttys,

	f_multi_user,

	f_clean_ttys,

	f_catatonia,

	f_death,

	f_do_reboot,

	f_hard_death,

	f_nice_death

};

enum { AUTOBOOT, FASTBOOT } runcom_mode = AUTOBOOT;

void transition(state_t);

volatile sig_atomic_t requested_transition = DEFAULT_STATE;

void setctty(char *);

typedef struct init_session {

	int	se_index;		/* index of entry in ttys file */

	pid_t	se_process;		/* controlling process */

	time_t	se_started;		/* used to avoid thrashing */

	int	se_flags;		/* status of session */

#define	SE_SHUTDOWN	0x1		/* session won't be restarted */

#define	SE_PRESENT	0x2		/* session is in /etc/ttys */

#define	SE_DEVEXISTS	0x4		/* open does not result in ENODEV */

	char	*se_device;		/* filename of port */

	char	*se_getty;		/* what to run on that port */

	char	**se_getty_argv;	/* pre-parsed argument array */

	char	*se_window;		/* window system (started only once) */

	char	**se_window_argv;	/* pre-parsed argument array */

	struct	init_session *se_prev;

	struct	init_session *se_next;

	RB_ENTRY(init_session) se_entry;

} session_t;

static int cmp_sessions(session_t *, session_t *);

RB_HEAD(session_tree, init_session) session_tree = RB_INITIALIZER(session_tree);

RB_PROTOTYPE(session_tree, init_session, se_entry, cmp_sessions);

void free_session(session_t *);

session_t *new_session(session_t *, int, struct ttyent *);

session_t *sessions;

char **construct_argv(char *);

void start_window_system(session_t *);

void collect_child(pid_t);

pid_t start_getty(session_t *);

void transition_handler(int);

void alrm_handler(int);

void setsecuritylevel(int);

int getsecuritylevel(void);

int setupargv(session_t *, struct ttyent *);

int clang;

#ifdef LOGIN_CAP

void setprocresources(char *);

#else

#define setprocresources(p)

#endif

void clear_session_logs(session_t *);

void add_session(session_t *);

void del_session(session_t *);

session_t *find_session(pid_t);

/*

 * The mother of all processes.

 */

int

main(int argc, char *argv[])

{

	int c, fd;

	/* Dispose of random users. */

	}

	/* System V users like to reexec init. */

	}

	/*

	 * Paranoia.

	 */

	}

	/*

	 * Note that this does NOT open a file...

	 * Does 'init' deserve its own facility number?

	 */

	/*

	 * Create an initial session.

	 */

	/*

	 * Establish an initial user so that programs running

	 * single user do not freak out and die (like passwd).

	 */

	/*

	 * This code assumes that we always get arguments through flags,

	 * never through bits set in some random machine register.

	 */

		case 's':

		case 'f':

		default:

		}

	/*

	 * We catch or block signals rather than ignore them,

	 * so that they get reset on exec.

	 */

	    SIGBUS, SIGXCPU, SIGXFSZ, 0);

            SIGUSR1, SIGUSR2, 0);

	    SIGXCPU, SIGXFSZ, SIGHUP, SIGINT, SIGTERM, SIGUSR1, SIGUSR2,

	    SIGTSTP, SIGALRM, 0);

	/*

	 * Start the state machine.

	 */

	/*

	 * Should never reach here.

	 */

}

/*

 * Associate a function with a signal handler.

 */

void

handle(sig_t handler, ...)

{

	int sig;

		/* XXX SA_RESTART? */

	}

}

/*

 * Delete a set of signals from a mask.

 */

void

delset(sigset_t *maskp, ...)

{

	int sig;

}

/*

 * Log a message and sleep for a while (to give someone an opportunity

 * to read it and to save log or hardcopy output if the problem is chronic).

 * NB: should send a message to the session logger to avoid blocking.

 */

void

stall(char *message, ...)

{

}

/*

 * Like stall(), but doesn't sleep.

 * If cpp had variadic macros, the two functions could be #defines for another.

 * NB: should send a message to the session logger to avoid blocking.

 */

void

warning(char *message, ...)

{

}

/*

 * Log an emergency message.

 * NB: should send a message to the session logger to avoid blocking.

 */

void

emergency(char *message, ...)

{

}

/*

 * Catch a SIGSYS signal.

 *

 * These may arise if a system does not support sysctl.

 * We tolerate up to 25 of these, then throw in the towel.

 */

void

badsys(int sig)

{

	static int badcount = 0;

		return;

}

/*

 * Catch an unexpected signal.

 */

void

disaster(int sig)

{

}

/*

 * Get the security level of the kernel.

 */

int

getsecuritylevel(void)

{

#ifdef KERN_SECURELVL

	}

#else

	return (-1);

#endif

}

/*

 * Set the security level of the kernel.

 */

void

setsecuritylevel(int newlevel)

{

#ifdef KERN_SECURELVL

		    "cannot change kernel security level from %d to %d: %s",

	}

#ifdef SECURE

	    curlevel, newlevel);

#endif

#endif

}

/*

 * Change states in the finite state machine.

 * The initial state is passed as an argument.

 */

void

transition(state_t s)

{

}

/*

 * Close out the accounting files for a login session.

 * NB: should send a message to the session logger to avoid blocking.

 */

void

clear_session_logs(session_t *sp)

{

}

/*

 * Start a session and allocate a controlling terminal.

 * Only called by children of init after forking.

 */

void

setctty(char *name)

{

	int fd;

	}

	}

}

/*

 * Bring the system up single user.

 */

state_t

f_single_user(void)

{

	pid_t pid, wpid;

#ifdef SECURE

	struct ttyent *typ;

	struct passwd *pp;

	static const char banner[] =

		"Enter root password, or ^D to go multi-user\n";

	char *clear;

#endif

	/* Init shell and name */

	/*

	 * If the kernel is in secure mode, downgrade it to insecure mode.

	 */

		/*

		 * Start the single user session.

		 */

#ifdef SECURE

		/*

		 * Check the root password.

		 * We don't care if the console is 'on' by default;

		 * it's the only tty that can be 'off' and 'secure'.

		 */

				int ok = 0;

				    sizeof(pbuf), RPP_ECHO_OFF);

			}

		}

#endif /* SECURE */

#ifdef DEBUGSHELL

		{

			int num;

#define	SHREQUEST \

	"Enter pathname of shell or RETURN for sh: "

			    SHREQUEST, sizeof(SHREQUEST) - 1);

			/* Copy in alternate shell */

				char *p;

				/* Binary to exec */

				/* argv[0] */

			}

		}

#endif /* DEBUGSHELL */

		/*

		 * Unblock signals.

		 * We catch all the interesting ones,

		 * and those are reset to SIG_DFL on exec.

		 */

		/*

		 * Fire off a shell.

		 * If the default one doesn't work, try the Bourne shell.

		 */

	}

		/*

		 * We are seriously hosed.  Do our best.

		 */

			continue;

	}

				continue;

		}

			wpid = -1;

		}

			/*

			 *  reboot(8) killed shell?

			 */

		} else {

		}

	}

}

/*

 * Run the system startup script.

 */

state_t

f_runcom(void)

{

	pid_t pid, wpid;

	}

			_PATH_BSHELL, _PATH_RUNCOM);

			continue;

	}

	/*

	 * Copied from single_user().  This is a bit paranoid.

	 */

	do {

				continue;

			    _PATH_BSHELL, _PATH_RUNCOM);

		}

			    _PATH_BSHELL, _PATH_RUNCOM);

			wpid = -1;

		}

		/* /etc/rc executed /sbin/reboot; wait for the end quietly */

	}

		    _PATH_BSHELL, _PATH_RUNCOM);

	}

	/* NB: should send a message to the session logger to avoid blocking. */

}

/*

 * Compare session keys.

 */

static int

cmp_sessions(session_t *sp1, session_t *sp2)

{

}

/*

 * Add a new login session.

 */

void

add_session(session_t *sp)

{

}

/*

 * Delete an old login session.

 */

void

del_session(session_t *sp)

{

}

/*

 * Look up a login session by pid.

 */

session_t *

find_session(pid_t pid)

{

}

/*

 * Construct an argument vector from a command line.

 */

char **

construct_argv(char *command)

{

	int argc = 0;

	static const char separators[] = " \t";

	}

		continue;

}

/*

 * Deallocate a session descriptor.

 */

void

free_session(session_t *sp)

{

	}

	}

}

/*

 * Allocate a new session descriptor.

 */

session_t *

new_session(session_t *sprev, int session_index, struct ttyent *typ)

{

	session_t *sp;

	}

		sp->se_prev = NULL;

		sp->se_prev = sprev;

	}

}

/*

 * Calculate getty and if useful window argv vectors.

 */

int

setupargv(session_t *sp, struct ttyent *typ)

{

	}

	}

		}

		}

	}

}

/*

 * Walk the list of ttys and create sessions for each active line.

 */

state_t

f_read_ttys(void)

{

	int session_index = 0;

	session_t *sp, *snext;

	struct ttyent *typ;

	/*

	 * Destroy any previous session state.

	 * There shouldn't be any, but just in case...

	 */

	}

	/*

	 * Allocate a session entry for each active port.

	 * Note that sp starts at 0.

	 */

}

/*

 * Start a window system running.

 */

void

start_window_system(session_t *sp)

{

	pid_t pid;

		/* hope that getty fails and we can try again */

	}