Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

mach_init(8) [opendarwin man page]

MACH_INIT(8)						    BSD System Manager's Manual 					      MACH_INIT(8)

NAME
mach_init -- Mach service naming (bootstrap) daemon SYNOPSIS
mach_init [-D] [-d] [-F] [-r name-in-existing-server] DESCRIPTION
mach_init is a daemon that maintains various mappings between service names and the Mach ports that provide access to those services. Clients of mach_init can register and lookup services, create new mapping subsets, and associate services with declared servers. The mach_init daemon will also be responsible for launching (and/or re-launching) those service providing servers when attempts to use one or more of the associated services is detected. The options are as follows: -D When the -D option is specified, mach_init starts in normal (non-debug) mode. Logging is minimal (only security-related and process launch failures are logged). Core dumps are disabled for launched servers. This is the default. -d When the -d option is specified, mach_init starts in debug mode. Logging is extensive. Core dumps will be taken for any launched servers that crash. -F When the -F option is specified, mach_init forks during initialization so that it doesn't have to be put in the background manually by the caller. -r Using the -r option tells mach_init to register itself in a previously running copy of mach_init under the service name name-in-existing-server. This is most useful when debugging new instances of mach_init itself, but can also be used for robustness or to allow the subsequent mach_init processes to run as a non-root user. As mach_init is often used to launch servers, this could be more secure. However, mach_init will not allow a server declaration to specify a user id different than that of the requesting client (unless the client is running as root). So it shouldn't be required for a secure configuration. Access to mach_init is provided through the bootstrap series of RPC APIs over service ports published by mach_init itself. Each Mach task has an assigned bootstrap port retrieved via task_get_bootstrap_port(). These bootstrap port registrations are inherited across fork(). The service registrations are grouped into subsets, providing a level of security. Only processes with access to the subset's bootstrap port will be able to register/lookup Mach ports within that subset. Lookups from within a subset will search the subset first, then move on to its parent, and then its grand-parent, etc... until a string name match is found or the top of the bootstrap tree is reached. Subsets are sometimes associated with login sessions to protect session-specific ports from being exposed outside the session. The first instance of mach_init is responsible for launching the traditional BSD process control initialization daemon (/sbin/init). SAMPLE USAGE
mach_init -d -r com.company.bootstrap mach_init will start in debug mode, and register itself in an already running instance of mach_init under the service name com.company.boot- strap. NOTE
Sending a SIGHUP to a running mach_init will toggle debug mode. SEE ALSO
init(8) Mac OS X March 20, 2002 Mac OS X

Check Out this Related Man Page

RPCBIND(8)						    BSD System Manager's Manual 						RPCBIND(8)

NAME
rpcbind -- universal addresses to RPC program number mapper SYNOPSIS
rpcbind [-dilLs] DESCRIPTION
rpcbind is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. When an RPC service is started, it tells rpcbind the address at which it is listening, and the RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it first contacts rpcbind on the server machine to determine the address where RPC requests should be sent. rpcbind should be started before any other RPC service. Normally, standard RPC servers are started by port monitors, so rpcbind must be started before port monitors are invoked. When rpcbind is started, it checks that certain name-to-address translation-calls function correctly. If they fail, the network configura- tion databases may be corrupt. Since RPC services cannot function correctly in this situation, rpcbind reports the condition and terminates. rpcbind can only be started by the super-user. Access control is provided by /etc/hosts.allow and /etc/hosts.deny, as described in hosts_access(5) with daemon name rpcbind. OPTIONS
-d Run in debug mode. In this mode, rpcbind will not fork when it starts, will print additional information during operation, and will abort on certain errors. With this option, the name-to-address translation consistency checks are shown in detail. -i ``insecure'' mode. Allows calls to SET and UNSET from any host. Normally rpcbind accepts these requests only from the loopback interface for security reasons. This change is necessary for programs that were compiled with earlier versions of the rpc library and do not make those requests using the loopback interface. -l Turns on libwrap connection logging. -s Causes rpcbind to change to the user daemon as soon as possible. This causes rpcbind to use non-privileged ports for outgoing con- nections, preventing non-privileged clients from using rpcbind to connect to services from a privileged port. -L Allow old-style local connections over the loopback interface. Without this flag, local connections are only allowed over a local socket, /var/run/rpcbind.sock NOTES
All RPC servers must be restarted if rpcbind is restarted. FILES
/var/run/rpcbind.sock /etc/hosts.allow explicit remote host access list. /etc/hosts.deny explicit remote host denial of service list. SEE ALSO
rpcbind(3), hosts_access(5), hosts_options(5), netconfig(5), rpcinfo(8) BSD
October 19, 2008 BSD
Man Page