about summary refs log tree commit diff
path: root/doc/s6-linux-init-maker.html
blob: 00a97224c6752730fa68616cdafc8a1f11ef46f4 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
<html>
  <head>
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="Content-Language" content="en" />
    <title>s6-linux-init: the s6-linux-init-maker program</title>
    <meta name="Description" content="s6-linux-init: the s6-linux-init-maker program" />
    <meta name="Keywords" content="s6 linux administration root init maker" />
    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
  </head>
<body>

<p>
<a href="index.html">s6-linux-init</a><br />
<a href="//skarnet.org/software/">Software</a><br />
<a href="//skarnet.org/">skarnet.org</a>
</p>

<h1> The <tt>s6-linux-init-maker</tt> program </h1>

<p>
<tt>s6-linux-init-maker</tt> reads configuration options on
the command line, and outputs a directory to place in the
root filesystem. That directory contains
a script that is suitable as an <tt>/sbin/init</tt> program
as well as all the necessary files that this script needs
to properly boot and bring up a full
<a href="//skarnet.org/software/s6/">s6</a>
infrastructure.
</p>

<p>
 s6-linux-init-maker only writes scripts. At boot time, these
scripts will call commands provided by other skarnet.org packages
such as
<a href="//skarnet.org/software/execline/">execline</a> and
<a href="//skarnet.org/software/s6/">s6</a>. It is the
responsibility of the administrator to make sure that all the
dependencies are properly installed at boot time, and that the
correct options have been given to <tt>s6-linux-init-maker</tt>
so that the programs are found <em>on the root filesystem of the
machine</em>. If it is not the case, the system will fail to boot.
</p>

<h2> Interface and usage </h2>

<pre>
     s6-linux-init-maker \
       [ -c <em>basedir</em> ] \
       [ -u <em>log_user</em> ] \
       [ -G <em>early_getty</em> ] \
       [ -1 ] \
       [ -L ] \
       [ -p <em>initial_path</em> ] \
       [ -m <em>initial_umask</em> ] \
       [ -t <em>timestamp_style</em> ] \
       [ -d <em>slashdev</em> ] \
       [ -s <em>env_store</em> ] \
       [ -e <em>initial_envvar</em> ] ... \
       [ -q <em>finalsleeptime</em> ] \
       [ -D <em>initdefault</em> ] \
       [ -n | -N ] \
       [ -f <em>skeldir</em> ] \
       [ -U <em>utmp_user</em> ] \
       [ -C ] \
       [ -B ] \
       [ -S ] \
       <em>dir</em>
</pre>

<ul>
 <li> s6-linux-init-maker must be run on the machine
that will boot an s6-based system. </li>
 <li> It normally should be <em>run as root</em>. It supports
not running as root for a small amount of very specific cases; but
you should run it as root unless you know exactly what you are doing. </li>
 <li> s6-linux-init-maker parses options on its command line. </li>
 <li> It writes data into a directory <em>dir</em>, which must not
exist beforehand. </li>
 <li> It exits 0 if everything went well, 100 if a user error occurred,
and 111 if a problem occurred during the creation of the directory
or its contents. </li>
</ul>

<p>
 Once the command has been run and <em>dir</em> has been created, there
are a few manual steps to take:
</p>

<ol>
 <li> <tt>s6-linux-init-maker</tt> has copied some scripts from the
<tt>/etc/s6-linux-init/skel</tt> directory (or the directory you
gave as an argument to the <tt>--skeldir</tt> configure option at
build time) to the <em>dir</em><tt>/scripts</tt> directory. You
should <strong>edit these scripts</strong> and adapt them to your use case.
(Or you could edit the skeleton scripts before running
<tt>s6-linux-init-maker</tt>.) The scripts are:
  <ul>
   <li> <tt>rc.init</tt>: this script will be run as <em>stage 2
initialization</em>, i.e. the initialization that happens once
<a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
is running as process 1, and should contain all your normal
system bootup tasks. Typically, it should initialize the service
manager and then order it to bring the machine state to its
fully operational state. <em>rc.init</em> is given the default
<em>runlevel</em> as a first argument (i.e. the name of the state
the machine should be brought to, traditionally <tt>default</tt>
for OpenRC and <tt>2</tt> or <tt>5</tt> for sysv-rc), and the
rest of the command line is made of the kernel's command line
except for the kernel arguments of the <em>key=value</em> form,
which have been stored into <em>env_store</em>. If the <tt>-C</tt>
option has been given to <tt>s6-linux-init-maker</tt> and the
system is indeed running in a container, the rest of the
command line is just the command line that has been given to
the container's <tt>init</tt> (e.g. for Docker: the CMD). Note
that the <tt>runlevel</tt> script should not be invoked in a
container, which does not have a notion of runlevels. </li>
 <li> <tt>rc.shutdown</tt>: this script will be run as the
<em>shutdown sequence</em>, when the administrator runs the
<tt>shutdown</tt>, <tt>halt</tt>, <tt>poweroff</tt> or <tt>reboot</tt>
command. (As well, for non-containerized systems,
as <tt>init 0</tt>, <tt>init 6</tt>, <tt>telinit 0</tt> and
<tt>telinit 6</tt> for sysvinit compatibility reasons.)
It should ask the service manager to bring all the
services down, and exit when it's done (in other words: it should
not try to perform a hard halt/poweroff/reboot itself.)
No arguments are given to this script. </li>
 <li> <tt>runlevel</tt>: this script will be invoked for every
<em>runlevel change</em>, i.e. change of machine states. It is
given one argument: the name of the runlevel to change to.
Typically, the <em>runlevel</em> script should just invoke the
service manager, asking it to bring the machine state to the
wanted runlevel. In a containerized system, this script should
not be used at all.</li>
  </ul> </li>
 <li> Copy the <em>dir</em> directory to the place declared as
<em>basedir</em> (<tt>/etc/s6-linux-init/current</tt> by default).
 Be careful: it contains fifos, files with
precise uid/gid permissions, and files with non-standard access rights,
so be sure to copy it verbatim. The
<a href="//skarnet.org/software/s6-portable-utils/s6-hiercopy.html">s6-hiercopy</a>
tool can do it, as well as the GNU or busybox <tt>cp -a</tt> or <tt>mv</tt> commands. </li>
 <li> Back up your <tt>/sbin</tt>. Then copy, link or symlink all the scripts
and symlinks in the <em>basedir</em><tt>/bin</tt> directory into <tt>/sbin</tt>.
 In particular, the <tt><em>basedir</em>/bin/init</tt> script should
be accessible as <tt>/sbin/init</tt>. </li>
</ol>

<h2> Boot sequence </h2>

<p>
 When the kernel boots, it may run an initramfs first, but in any
case it then runs the <tt>/sbin/init</tt> script,
also known as <em>stage 1</em>. This script is just an execution
of the <a href="s6-linux-init.html">s6-linux-init</a> program with
some command-line options that are directly transferred from the
<tt>s6-linux-init-maker</tt> invocation. Refer to the
<a href="s6-linux-init.html">s6-linux-init</a> man page to know
exactly what it does.
</p>

<h2> s6-linux-init-maker options </h2>

<ul>
 <li> <tt>-c</tt>&nbsp;<em>basedir</em>&nbsp;: at boot time, <em>stage 1</em>,
which should be accessible as <tt><em>basedir</em>/init</tt>,
will read its read-only data from <em>basedir</em>. After running
<tt>s6-linux-init-maker</tt>, you should make sure to copy the
created directory <em>dir</em> to <em>basedir</em>. <em>basedir</em>
must be absolute. Default is
<strong><tt>/etc/s6-linux-init/current</tt></strong>. </li> <br />

 <li> <tt>-u</tt>&nbsp;<em>log_user</em>&nbsp;: the catch-all
logger will run as the <em>log_user</em> user. Default is
<strong><tt>root</tt></strong>. </li> <br />

 <li> <tt>-G</tt>&nbsp;<em>early_getty</em>&nbsp;: if this option
is set, <tt>s6-linux-init-maker</tt> will define an additional s6 service
that will be named <tt>s6-linux-init-early-getty</tt> and started
at the same time <em>rc.init</em> is executed. This early service
should be a getty, or equivalent, to allow logins even if <em>stage2</em> fails.
<em>early_getty</em> should be a simple command line: for instance,
<tt>"/sbin/getty 38400 tty1"</tt>. By default, no early service
is defined. </li> <br />

 <li> <tt>-1</tt>&nbsp;: make it so that all the messages that are
sent to the catch-all logger (i.e. all the error messages that are not
caught by a dedicated logger, as well as the output from <em>rc.init</em>,
<em>runlevel</em> and <em>rc.shutdown</em>)
are also copied to <tt>/dev/console</tt>. (Timestamps are not
copied to <tt>/dev/console</tt>.) This is generally useful to
debug a system at a glance, but if a failing program keeps sending
error messages, it may interfere with comfortable usage of an early
getty. A common workaround is to make the early getty start on
<tt>tty2</tt> and leave tty1 for <tt>/dev/console</tt> to print on. </li> <br />

 <li> <tt>-L</tt>&nbsp;: add an early <tt>s6-linux-init-logouthookd</tt>
service to clean up utmp records at user logout time. Check the
<a href="s6-linux-init-logouthookd.html">s6-linux-init-logouthookd</a> page
for details. </li> <br />

 <li> <tt>-p</tt>&nbsp;<em>initial_path</em>&nbsp;: the initial value
for the PATH environment variable, that will be transmitted to all the
starting process unless it's overridden by a PATH declaration via the
<tt>-e</tt> option.
It is absolutely necessary for
<a href="//skarnet.org/software/execline/">execline</a> and
<a href="//skarnet.org/software/s6/">s6</a>
binaries to be accessible via <em>initial_path</em>, else the machine
will not boot. Default is
<strong><tt>/usr/bin:/bin</tt></strong>. </li> <br />

 <li> <tt>-m</tt>&nbsp;<em>initial_umask</em>&nbsp;: the value of
the initial file umask for all the starting processes, in octal.
Default is <strong><tt>022</tt></strong>. </li> <br />

 <li> <tt>-t</tt>&nbsp;<em>timestamp_style</em>&nbsp;: how
logs are timestamped by the catch-all logger. 0 means no
timestamp, 1 means
<a href="https://cr.yp.to/libtai/tai64.html">external TAI64N format</a>,
2 means
<a href="https://www.iso.org/iso/home/standards/iso8601.htm">ISO 8601 format</a>,
and 3 means both. Default is
<strong><tt>1</tt></strong>. </li> <br />

 <li> <tt>-d</tt>&nbsp;<em>slashdev</em>&nbsp;: mount a devtmpfs.
If this option is given, <a href="s6-linux-init.html">s6-linux-init</a>
will mount a devtmpfs pseudo-filesystem on <em>slashdev</em>. This
is useful if the kernel has not been configured to mount
the devtmpfs at boot time and there is no static <tt>/dev</tt>.
By default, it is assumed that there is a suitable <tt>/dev</tt>
at boot time, and no additional devtmpfs is mounted. </li> <br />

 <li> <tt>-s</tt>&nbsp;<em>env_store</em>&nbsp;: stage 1 init sometimes
inherits a few environment variables from the kernel. (These variables
correspond to the arguments on the kernel command line that are of the
form <em>key=value</em>.) It empties its
environment before spawning <em>rc.init</em> and executing into s6-svscan, in
order to prevent those "kernel" environment variables from leaking
into the whole process tree. However, sometimes those variables are
needed at a later time; in that case, giving the <tt>-s</tt> option
to <tt>s6-linux-init-maker</tt> makes stage 1 init dump the "kernel" environment
variables into the <em>env_store</em> directory (under a format that is
later readable with
<a href="//skarnet.org/software/s6/s6-envdir.html">s6-envdir -fn</a>)
before erasing them. <em>env_store</em> should obviously be
a writable directory, so it should be located under <tt>/run</tt>
(or your chosen tmpfsdir)!
If this option is not given, the environment inherited from the kernel
isn't saved anywhere - which is the default. </li> <br />

 <li> <tt>-e</tt>&nbsp;<em>initial_envvar</em>&nbsp;: this option
can be repeated. For every <em>initial_envvar</em>, <tt>s6-linux-init-maker</tt>
will adjust the global environment directory in <em>dir</em>/env.
<em>initial_envvar</em> must either be of the form <em>VAR</em>,
to make sure that <em>VAR</em> does not appear in the global
environment, or of the form <em>VAR=VALUE</em>, to add an
environment variable <em>VAR</em> with the value <em>VALUE</em>.
The global environment is the environment that every supervised
process (as well as the <em>rc.init</em> script) will run with,
so it will be inherited by default by every process running on
the system.
The TZ variable, for instance, is a good candidate to be set in
the global environment. </li> <br />

 <li> <tt>-q</tt>&nbsp;<em>finalsleeptime</em>&nbsp;: when the machine
shuts down, all processes that have not already been killed during
<tt>shutdownscript</tt> will receive a SIGTERM or a SIGHUP to allow
them to exit gracefully; then, after <em>finalsleeptime</em>
milliseconds, they will receive a SIGKILL and the shutdown sequence
will go on. This option configures the amount of time that will
elapse between the SIGTERM/SIGHUP and the SIGKILL.
Default is <strong>3000</strong>, meaning a grace period of 3 seconds. </li> <br />

 <li> <tt>-D</tt>&nbsp;<em>initdefault</em>&nbsp;: boot the system with
a runlevel set to <em>initdefault</em>, which can be an arbitrary
string, but is usually <tt>2</tt>, <tt>3</tt>, <tt>5</tt> (traditional
sysvinit behaviour) or <tt>default</tt> (OpenRC behaviour). Default is
<strong><tt>default</tt></strong>. Note that if a <tt>2</tt>, <tt>3</tt>,
<tt>4</tt>, <tt>5</tt>, or <tt>default</tt> argument is encountered in
the kernel command line, it will be interpreted as the runlevel to boot
the system on, and will override the default given here. </li> <br />

 <li> <tt>-n</tt>&nbsp;: at boot time, assume that a tmpfs is already
present on <tt>/run</tt> (or the argument that was given to the
<tt>--tmpfsdir</tt> configure option at build time) and that its
contents are essential. Instead of unmounting <tt>/run</tt> then
mounting a tmpfs on it, <a href="s6-linux-init.html">s6-linux-init</a>
will simply remount <tt>/run</tt>. This option is useful when
s6-linux-init is used on a distribution that imposes its initramfs
and said initramfs writes data to <tt>/run</tt> that is then used
by the distribution's initialization scripts. (An initramfs should
normally be transparent and leave no trace in the filesystem;
unfortunately, a lot of distributions do not care.) By default,
<tt>/run</tt> will be unmounted at boot time (just in case), and
then a tmpfs will be mounted on it. <strong>Do not</strong> use
this option if you are not sure: failure to remount <tt>/run</tt>
will cause init to die and the kernel to panic. This option is
incompatible with the <tt>-N</tt> option. </li> <br />

 <li> <tt>-N</tt>&nbsp;: at boot time, do not perform
mounting/unmounting/remounting on <tt>/run</tt> (or the <em>tmpfsdir</em>
declared at build time) <strong>at all</strong>. By default,
a tmpfs is mounted on <tt>/run</tt> at boot time. This option is
useful when s6-linux-init is used to boot on an initramfs that
will remain the de facto rootfs of the system (which is the case
for instance in certain live CDs or certain embedded devices), in
which case the rootfs is already read-write and in RAM and mounting
an additional tmpfs is unnecessary. <strong>Do not</strong> use this
option if your rootfs is read-only: failure to write to <tt>/run</tt>
will cause init to die and the kernel to panic. This option is
incompatible with the <tt>-n</tt> option. </li> <br />

 <li> <tt>-f</tt>&nbsp;<em>skeldir</em>&nbsp;: copy the skeleton
scripts from directory <em>skeldir</em>. By default, <em>skeldir</em>
is <strong><tt>/etc/s6-linux-init/skel</tt></strong>, or the directory
that has been
given as an argument to the <tt>--skeldir</tt> configure option at
build time. This option is typically useful when distributions run
<tt>s6-linux-init-maker</tt> in packaging scripts, when preparing
files in a staging directory. </li> <br />

 <li> <tt>-U</tt>&nbsp;<em>utmp_user</em>&nbsp;: this option is only
available when the s6-linux-init package has been built with the
<tt>--enable-utmps</tt> configure option, that enables support for the
<a href="//skarnet.org/software/utmps/">utmps</a> package. The option
defines the user that the <tt>utmpd</tt> service
will run as, and activates this service. (Note that you will still
have to create a <tt>wtmpd</tt> service yourself and activate it
later in the boot sequence, after a writable filesystem is mounted,
because the wtmp database is supposed to be persistent and should live
on a real filesystem.
s6-linux-init cannot do that for you, because it only handles the
early part of the boot sequence, before filesystems are mounted.)
Default is <strong>no utmpd service</strong>. </li> <br />

 <li> <tt>-C</tt>&nbsp;: create a set of scripts that is suitable
for running <em>in a container</em>. This modifies some behaviours:
  <ul>
   <li> SIGTERM will be caught by s6-svscan, and cause an orderly
shutdown of the container, as if the "poweroff" script had been invoked. </li>
   <li> No early <tt>runleveld</tt> service is created. Changing
runlevels via
<a href="s6-linux-init-telinit.html">s6-linux-init-telinit</a>
will be unsupported in a container. </li>
   <li> Consequently, the first argument to the <tt>rc.init</tt> script
will always be <tt>default</tt> (or <em>initdefault</em> if the <tt>-D</tt>
option has been given to <tt>s6-linux-init-maker</tt>). The rest of the
arguments to the <tt>rc.init</tt> script will be the arguments given
to the <tt>init</tt> program when running the container. </li>
   <li> If the <tt>-s</tt> option has been given, <em>env_store</em>
will contain the initial environment given to the container. </li>
   <li> The ultimate output fallback (i.e. the place where error messages
go when nothing catches them, e.g. the error messages from the catch-all
logger and the
<a href="//skarnet.org/software/s6/s6-supervise.html">s6-supervise</a>
process managing the catch-all logger) is not <tt>/dev/console</tt>, but
the descriptor that was <tt>init</tt>'s standard error. </li>
   <li> Stopping the container with <tt>reboot</tt> will make the
container's init program report being killed by a SIGHUP. Stopping it
with <tt>poweroff</tt> will make it report being killed by a SIGINT.
This is according to the
<a href="https://man7.org/linux/man-pages/man2/reboot.2.html">reboot(2)</a>
specification. </li>
   <li> Stopping the container with <tt>halt</tt>, however, is different.
It will make the container's pid 1 read a number in the
<tt>/run/s6-linux-init-container-results/exitcode</tt> file (the
<tt>/run</tt> prefix can be changed at build time via the <tt>--tmpfsdir</tt>
configure option), and exit with the code it has read. (Default is 0.)
This means that in order to run a command in a container managed by
s6-linux-init and exit the container when the command dies while reporting
the exit code to its parent, you should:
    <ul>
     <li> Run that command via <tt>rc.init</tt> </li>
     <li> Store its exit code in the
<tt>/run/s6-linux-init-container-results/exitcode</tt> file </li>
     <li> Call <tt>halt</tt> </li>
    </ul>
 All the running services will be killed, all the zombies will be
reaped, and the container will exit with the required exit code. </li>
  </ul> </li>

 <li> <tt>-B</tt>&nbsp;: run the system without a catch-all logger.
On a non-containerized system, that means that all the logs from the
s6 supervision tree will go to <tt>/dev/console</tt>, and that
<tt>/dev/console</tt> will also be the default stdout and stderr for
services running under the supervision tree: use of this option is
discouraged. On a containerized system (when paired with the <tt>-C</tt>
option), it simply means that these outputs go to the default stdout and
stderr given to the container's <tt>init</tt> - this should generally
not be the default, but might be useful in some cases. </li>

 <li> <tt>-S</tt>&nbsp;: when used with the <tt>-C</tt> option, set up
the container so the disks are <tt>sync</tt>ed on container halt. By
default, no sync is performed. This option has no effect when the <tt>-C</tt>
option is not present: on real machines, a <tt>sync</tt> is <em>always</em>
performed just before a system halt. </li>
</ul>

<h2> Organization of the created directory </h2>

<p>
 If <tt>s6-linux-init-maker</tt> returns successfully, <em>dir</em>
contains data that will be used at boot time. (Actually,
<em>basedir</em> will be used at boot time, not <em>dir</em>. Do not
forget to copy <em>dir</em> to <em>basedir</em> once you have checked
you are happy with what <tt>s6-linux-init-maker</tt> has created.)
</p>

<p>
 This boot-time data is made of several subdirectories:
</p>

<ul>
 <li> <tt>bin</tt>: this subdirectory contains scripts and symlinks
that should be copied to <tt>/sbin</tt> or <tt>/bin</tt>. There is
an <tt>init</tt> program performing stage 1 init, a <tt>telinit</tt>
program to change runlevels, and utilities to order a machine shutdown. </li>
 <li> <tt>env</tt>: this subdirectory is the envdir that is
used to store the global environment. It will be read at boot time
by stage 1 init, and transmitted to all spawned processes. </li>
 <li> <tt>scripts</tt>: this subdirectory contains a copy of the
skeleton scripts that have been installed in <tt>/etc/s6-linux-init/skel</tt>
(or the argument to the <tt>--skeldir</tt> configure option at
build time). These scripts should be edited before booting. They are
described above. </li>
 <li> <tt>run-image</tt>: this is a file hierarchy that will be
copied verbatim at boot time to the newly made and mounted
<tt>/run</tt> tmpfs (or whatever your <em>tmpfsdir</em> is). The
subdirectories it contains are the following:
  <ul>
   <li> <tt>uncaught-logs</tt>: this is the directory where the
catch-all logger will store and rotate the error messages produced
by the s6 supervision tree and the services that do not redirect
their own logs. Not present if the <tt>-B</tt> option has been
given. </li>
   <li> <tt>service</tt>: <tt>/run/service</tt> will be the scandir.
It initially contains a <tt>.s6-svscan</tt> subdirectory that
tells <a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
what to do if it receives a signal (typically via the ctrlaltdel
combination) and ensures a hard reboot if <tt>s6-svscan</tt> ever fails. It
also contains a list of early services, i.e. s6 services that will
be run at boot time as soon as <tt>s6-svscan</tt> is executed. These
services are:
    <ul>
     <li> <tt>s6-svscan-log</tt>: the catch-all logger. Not present
if the <tt>-B</tt> option has been given. </li>
     <li> <tt>s6-linux-init-shutdownd</tt>: a service that listens
to shutdown commands such as <tt>reboot</tt> and triggers the software
shutdown procedure. </li>
     <li> <tt>s6-linux-init-runleveld</tt>: a service that listens
to runlevel change commands such as <tt>telinit</tt> and calls the
<em>runlevel</em> script in a reproducible environment to bring the
machine to the wanted state. Not present if the <tt>-C</tt> option
has been given. </li>
     <li> <tt>s6-linux-init-logouthookd</tt>:
the "clean up user utmp records at logout time" service. See the
<a href="s6-linux-init-logouthookd.html">s6-linux-init-logouthookd</a>
page for details. Not present if the <tt>-L</tt> option has not been
given. </li>
     <li> <tt>s6-linux-init-early-getty</tt>:
the early getty service, that will allow a user to log in even if
<em>rc.init</em> fails to bring the machine to a state where logins
are possible. Not present if the <tt>-G</tt> option has not been
given. </li>
    </ul> </li>
  </ul> </li>
</ul>

<p>
 If s6-linux-init has been built with
<a href="//skarnet.org/software/utmps/">utmps</a> support, some more
directories may exist:
</p>

<ul>
 <li> A directory somewhere under <tt>run-image</tt>, by default <tt>utmps</tt>,
that is the location where the utmp files will be created. </li>
 <li> An additional early service named <tt>utmpd</tt>, which is
a part of the <a href="//skarnet.org/software/utmps/">utmps</a> way of
providing secure utmp functionality. A similar <tt>wtmpd</tt> service
should also be created and run later in the boot sequence by the
service manager; it is not s6-linux-init's job to do it because
<tt>wtmp</tt> requires a real, writable filesystem. </li>
</ul>

<h2> Notes </h2>

<p>
 A directory created by <tt>s6-linux-init-maker</tt> is only valid on
the machine it has been created on. Pre-creating init directories for
other machines is not supported. Of course, the scripts are editable,
so advanced users can run <tt>s6-linux-init-maker</tt> to create a
basic template, and then make their own modifications.
</p>

<p>
 After booting, <em>basedir</em> should remain untouched during the
lifetime of the machine, because the machine state change and shutdown
procedures will look for data in <em>basedir</em>. New invocations of
<tt>s6-linux-init-maker</tt> should use a different <em>basedir</em>.
</p>

<p>
 The difficult parts of
<a href="//skarnet.org/software/s6/s6-svscan-1.html">running
s6-svscan as process 1</a> are:
</p>

<ul>
 <li> The fact that the supervision tree requires writable directories,
so in order to accommodate read-only root filesystems, there needs to
be a tmpfs mounted before s6-svscan is run. </li>
 <li> The catch-22 coming from the need to redirect the supervision
tree's output away from <tt>/dev/console</tt> (which is fine for a
first process invocation but impractical for log management of a
whole process tree) and into a logger that is itself managed by the
supervision tree it's reading data from. </li>
 <li> Keeping appearances of compatibility with another init system
is difficult: in particular, the mechanisms around the shutdown
procedure are fundamentally different from about any other init
system, so even a simple command such as <tt>reboot</tt> needs an
ad-hoc implementation. </li>
 <li> Even for simple systems such as containerized ones, making
sure that the wanted commands only run when s6-svscan is ready
requires a bit of manipulation. </li>
</ul>

<p>
 The main benefit of <tt>s6-linux-init-maker</tt> is that it offers
transparent compatibility while automating the tricky technical parts.
Whether it is used for real hardware or for containers,
<tt>s6-linux-init-maker</tt> gives you a turnkey init system that
frees your mind from the details of getting a
<a href="//skarnet.org/software/s6/">s6</a> supervision tree running
prior to everything else.
</p>

</body>
</html>