On Sat, 29 Dec 2001, Bill Studenmund wrote:

: > 	- If you reboot to single user mode, you can specify
: > 	  /recovery/sh as the shell.  If /sbin/init was dynamically
: > 	  linked (see above), the kernel could just try
: > 	  /recovery/init as an alternative (see above).
:
: The kernel trying /recovery/init isn't 100% as I understand things. That
: list of inits the kernel looks for are ones the kernel tries to start. But
: once one of them starts, it is init.
:
: And if it exits, the kernel panics.

: We could have the kernel try /recovery/init at that point, but how does
: the kernel know if we're in a, "libc is messed up, try recovery" mode, or
: a, "we're doomed, panic until someone comes to help" mode?

As a point of information, do realize that ld.elf_so is loaded and set up by
the kernel (before the exec call succeeds).  Of course, libc.so is loaded by
ld.elf_so, so that can be a failure point.

I'm not entirely sure there is a sane way to detect that init has
*successfully* started, short of proc0 restarting init if it exits with the
exitcode != 0.

Perhaps the question should be rephrased as, "do we *need* the ability for
init to have external auth methods, and so forth?"  If not, then init can
stay static without pain.

-- 
-- Todd Vierling <tv@wasabisystems.com>  *  Wasabi & NetBSD:  Run with it.
-- CDs, Integration, Embedding, Support -- http://www.wasabisystems.com/