|
|
New committer: Robert Noland (ports)
|
|
MACH_INIT(8) BSD System Manager's Manual MACH_INIT(8) NAME
mach_init -- Mach service naming (bootstrap) daemon SYNOPSIS
mach_init [-D] [-d] [-F] [-r name-in-existing-server] DESCRIPTION
mach_init is a daemon that maintains various mappings between service names and the Mach ports that provide access to those services. Clients of mach_init can register and lookup services, create new mapping subsets, and associate services with declared servers. The mach_init daemon will also be responsible for launching (and/or re-launching) those service providing servers when attempts to use one or more of the associated services is detected. The options are as follows: -D When the -D option is specified, mach_init starts in normal (non-debug) mode. Logging is minimal (only security-related and process launch failures are logged). Core dumps are disabled for launched servers. This is the default. -d When the -d option is specified, mach_init starts in debug mode. Logging is extensive. Core dumps will be taken for any launched servers that crash. -F When the -F option is specified, mach_init forks during initialization so that it doesn't have to be put in the background manually by the caller. -r Using the -r option tells mach_init to register itself in a previously running copy of mach_init under the service name name-in-existing-server. This is most useful when debugging new instances of mach_init itself, but can also be used for robustness or to allow the subsequent mach_init processes to run as a non-root user. As mach_init is often used to launch servers, this could be more secure. However, mach_init will not allow a server declaration to specify a user id different than that of the requesting client (unless the client is running as root). So it shouldn't be required for a secure configuration. Access to mach_init is provided through the bootstrap series of RPC APIs over service ports published by mach_init itself. Each Mach task has an assigned bootstrap port retrieved via task_get_bootstrap_port(). These bootstrap port registrations are inherited across fork(). The service registrations are grouped into subsets, providing a level of security. Only processes with access to the subset's bootstrap port will be able to register/lookup Mach ports within that subset. Lookups from within a subset will search the subset first, then move on to its parent, and then its grand-parent, etc... until a string name match is found or the top of the bootstrap tree is reached. Subsets are sometimes associated with login sessions to protect session-specific ports from being exposed outside the session. The first instance of mach_init is responsible for launching the traditional BSD process control initialization daemon (/sbin/init). SAMPLE USAGE
mach_init -d -r com.company.bootstrap mach_init will start in debug mode, and register itself in an already running instance of mach_init under the service name com.company.boot- strap. NOTE
Sending a SIGHUP to a running mach_init will toggle debug mode. SEE ALSO
init(8) Mac OS X March 20, 2002 Mac OS X
