top: remove GCCisms
[oweals/busybox.git] / init / init.c
index e00a3b128796aa5ffee8b36a59c40a302a186ffa..6bee8f35ca5bf49c3c3879ddaa2b48a917ef3703 100644 (file)
 #include <syslog.h>
 #include <paths.h>
 #include <sys/reboot.h>
+#include <sys/resource.h>
+#include <linux/vt.h>
 
-#define COMMAND_SIZE 256
-#define CONSOLE_NAME_SIZE 32
-#define MAXENV 16              /* Number of env. vars */
 
-/*
- * When a file named CORE_ENABLE_FLAG_FILE exists, setrlimit is called
- * before processes are spawned to set core file size as unlimited.
- * This is for debugging only.  Don't use this is production, unless
- * you want core dumps lying about....
- */
-#define CORE_ENABLE_FLAG_FILE "/.init_enable_core"
-#include <sys/resource.h>
+/* Was a CONFIG_xxx option. A lot of people were building
+ * not fully functional init by switching it on! */
+#define DEBUG_INIT 0
 
-#define INITTAB      "/etc/inittab"    /* inittab file location */
+#define COMMAND_SIZE      256
+#define CONSOLE_NAME_SIZE 32
+
+/* Default sysinit script. */
 #ifndef INIT_SCRIPT
-#define INIT_SCRIPT  "/etc/init.d/rcS" /* Default sysinit script. */
+#define INIT_SCRIPT  "/etc/init.d/rcS"
 #endif
 
-/* Allowed init action types */
+/* Each type of actions can appear many times. They will be
+ * handled in order. RESTART is an exception, only 1st is used.
+ */
+/* Start these actions first and wait for completion */
 #define SYSINIT     0x01
-#define RESPAWN     0x02
-/* like respawn, but wait for <Enter> to be pressed on tty: */
-#define ASKFIRST    0x04
-#define WAIT        0x08
-#define ONCE        0x10
+/* Start these after SYSINIT and wait for completion */
+#define WAIT        0x02
+/* Start these after WAIT and *dont* wait for completion */
+#define ONCE        0x04
+/*
+ * NB: while SYSINIT/WAIT/ONCE are being processed,
+ * SIGHUP ("reread /etc/inittab") will be ignored.
+ * Rationale: it would be ambiguous whether SYSINIT/WAIT/ONCE
+ * need to be rerun or not.
+ */
+/* Start these after ONCE are started, restart on exit */
+#define RESPAWN     0x08
+/* Like RESPAWN, but wait for <Enter> to be pressed on tty */
+#define ASKFIRST    0x10
+/*
+ * Start these on SIGINT, and wait for completion.
+ * Then go back to respawning RESPAWN and ASKFIRST actions.
+ * NB: kernel sends SIGINT to us if Ctrl-Alt-Del was pressed.
+ */
 #define CTRLALTDEL  0x20
+/*
+ * Start these before killing all processes in preparation for
+ * running RESTART actions or doing low-level halt/reboot/poweroff
+ * (initiated by SIGUSR1/SIGTERM/SIGUSR2).
+ * Wait for completion before proceeding.
+ */
 #define SHUTDOWN    0x40
+/*
+ * exec() on SIGQUIT. SHUTDOWN actions are started and waited for,
+ * then all processes are killed, then init exec's 1st RESTART action,
+ * replacing itself by it. If no RESTART action specified,
+ * SIGQUIT has no effect.
+ */
 #define RESTART     0x80
 
-/* Set up a linked list of init_actions, to be read from inittab */
+
+/* A linked list of init_actions, to be read from inittab */
 struct init_action {
        struct init_action *next;
        pid_t pid;
@@ -52,22 +79,14 @@ struct init_action {
        char command[COMMAND_SIZE];
 };
 
-/* Static variables */
 static struct init_action *init_action_list = NULL;
 
 static const char *log_console = VC_5;
-static sig_atomic_t got_cont = 0;
 
 enum {
        L_LOG = 0x1,
        L_CONSOLE = 0x2,
-
-#if ENABLE_FEATURE_EXTRA_QUIET
-       MAYBE_CONSOLE = 0x0,
-#else
-       MAYBE_CONSOLE = L_CONSOLE,
-#endif
-
+       MAYBE_CONSOLE = L_CONSOLE * !ENABLE_FEATURE_EXTRA_QUIET,
 #ifndef RB_HALT_SYSTEM
        RB_HALT_SYSTEM = 0xcdef0123, /* FIXME: this overflows enum */
        RB_ENABLE_CAD = 0x89abcdef,
@@ -77,61 +96,41 @@ enum {
 #endif
 };
 
-/* Function prototypes */
-static void halt_reboot_pwoff(int sig) NORETURN;
-
-static void waitfor(pid_t pid)
-{
-       /* waitfor(run(x)): protect against failed fork inside run() */
-       if (pid <= 0)
-               return;
-
-       /* Wait for any child (prevent zombies from exiting orphaned processes)
-        * but exit the loop only when specified one has exited. */
-       while (wait(NULL) != pid)
-               continue;
-}
-
-static void loop_forever(void) NORETURN;
-static void loop_forever(void)
-{
-       while (1)
-               sleep(1);
-}
-
 /* Print a message to the specified device.
  * "where" may be bitwise-or'd from L_LOG | L_CONSOLE
  * NB: careful, we can be called after vfork!
  */
-#define messageD(...) do { if (ENABLE_DEBUG_INIT) message(__VA_ARGS__); } while (0)
+#define dbg_message(...) do { if (DEBUG_INIT) message(__VA_ARGS__); } while (0)
 static void message(int where, const char *fmt, ...)
        __attribute__ ((format(printf, 2, 3)));
 static void message(int where, const char *fmt, ...)
 {
-       static int log_fd = -1;
        va_list arguments;
        unsigned l;
        char msg[128];
 
        msg[0] = '\r';
        va_start(arguments, fmt);
-       l = vsnprintf(msg + 1, sizeof(msg) - 2, fmt, arguments);
-       if (l > sizeof(msg) - 2)
-               l = sizeof(msg) - 2;
-       msg[l] = '\0';
+       l = 1 + vsnprintf(msg + 1, sizeof(msg) - 2, fmt, arguments);
+       if (l > sizeof(msg) - 1)
+               l = sizeof(msg) - 1;
        va_end(arguments);
 
-       if (ENABLE_FEATURE_INIT_SYSLOG) {
+#if ENABLE_FEATURE_INIT_SYSLOG
+       msg[l] = '\0';
+       if (where & L_LOG) {
                /* Log the message to syslogd */
-               if (where & L_LOG) {
-                       /* don't print out "\r" */
-                       openlog(applet_name, 0, LOG_DAEMON);
-                       syslog(LOG_INFO, "init: %s", msg + 1);
-                       closelog();
-               }
-               msg[l++] = '\n';
-               msg[l] = '\0';
-       } else {
+               openlog("init", 0, LOG_DAEMON);
+               /* don't print "\r" */
+               syslog(LOG_INFO, "%s", msg + 1);
+               closelog();
+       }
+       msg[l++] = '\n';
+       msg[l] = '\0';
+#else
+       {
+               static int log_fd = -1;
+
                msg[l++] = '\n';
                msg[l] = '\0';
                /* Take full control of the log tty, and never close it.
@@ -155,6 +154,7 @@ static void message(int where, const char *fmt, ...)
                                return; /* don't print dup messages */
                }
        }
+#endif
 
        if (where & L_CONSOLE) {
                /* Send console messages to console so people will see them. */
@@ -162,33 +162,9 @@ static void message(int where, const char *fmt, ...)
        }
 }
 
-/* From <linux/serial.h> */
-struct serial_struct {
-       int     type;
-       int     line;
-       unsigned int    port;
-       int     irq;
-       int     flags;
-       int     xmit_fifo_size;
-       int     custom_divisor;
-       int     baud_base;
-       unsigned short  close_delay;
-       char    io_type;
-       char    reserved_char[1];
-       int     hub6;
-       unsigned short  closing_wait; /* time to wait before closing */
-       unsigned short  closing_wait2; /* no longer used... */
-       unsigned char   *iomem_base;
-       unsigned short  iomem_reg_shift;
-       unsigned int    port_high;
-       unsigned long   iomap_base;     /* cookie passed into ioremap */
-       int     reserved[1];
-       /* Paranoia (imagine 64bit kernel overwriting 32bit userspace stack) */
-       uint32_t bbox_reserved[16];
-};
 static void console_init(void)
 {
-       struct serial_struct sr;
+       int vtno;
        char *s;
 
        s = getenv("CONSOLE");
@@ -201,18 +177,20 @@ static void console_init(void)
                        dup2(fd, STDOUT_FILENO);
                        xmove_fd(fd, STDERR_FILENO);
                }
-               messageD(L_LOG, "console='%s'", s);
+               dbg_message(L_LOG, "console='%s'", s);
        } else {
                /* Make sure fd 0,1,2 are not closed
                 * (so that they won't be used by future opens) */
                bb_sanitize_stdio();
-               /* Make sure init can't be blocked by writing to stderr */
-               fcntl(STDERR_FILENO, F_SETFL, fcntl(STDERR_FILENO, F_GETFL) | O_NONBLOCK);
+// Users report problems
+//             /* Make sure init can't be blocked by writing to stderr */
+//             fcntl(STDERR_FILENO, F_SETFL, fcntl(STDERR_FILENO, F_GETFL) | O_NONBLOCK);
        }
 
        s = getenv("TERM");
-       if (ioctl(STDIN_FILENO, TIOCGSERIAL, &sr) == 0) {
-               /* Force the TERM setting to vt102 for serial console
+       if (ioctl(STDIN_FILENO, VT_OPENQRY, &vtno) != 0) {
+               /* Not a linux terminal, probably serial console.
+                * Force the TERM setting to vt102
                 * if TERM is set to linux (the default) */
                if (!s || strcmp(s, "linux") == 0)
                        putenv((char*)"TERM=vt102");
@@ -257,34 +235,30 @@ static void set_sane_term(void)
        tty.c_lflag =
                ISIG | ICANON | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOKE | IEXTEN;
 
-       tcsetattr(STDIN_FILENO, TCSANOW, &tty);
+       tcsetattr_stdin_TCSANOW(&tty);
 }
 
 /* Open the new terminal device.
  * NB: careful, we can be called after vfork! */
-static void open_stdio_to_tty(const char* tty_name, int exit_on_failure)
+static int open_stdio_to_tty(const char* tty_name)
 {
        /* empty tty_name means "use init's tty", else... */
        if (tty_name[0]) {
                int fd;
+
                close(STDIN_FILENO);
                /* fd can be only < 0 or 0: */
                fd = device_open(tty_name, O_RDWR);
                if (fd) {
                        message(L_LOG | L_CONSOLE, "can't open %s: %s",
                                tty_name, strerror(errno));
-                       if (exit_on_failure)
-                               _exit(EXIT_FAILURE);
-                       if (ENABLE_DEBUG_INIT)
-                               _exit(2);
-                       /* NB: we don't reach this if we were called after vfork.
-                        * Thus halt_reboot_pwoff() itself need not be vfork-safe. */
-                       halt_reboot_pwoff(SIGUSR1); /* halt the system */
+                       return 0; /* failure */
                }
                dup2(STDIN_FILENO, STDOUT_FILENO);
                dup2(STDIN_FILENO, STDERR_FILENO);
        }
        set_sane_term();
+       return 1; /* success */
 }
 
 /* Wrapper around exec:
@@ -339,22 +313,19 @@ static void init_exec(const char *command)
 static pid_t run(const struct init_action *a)
 {
        pid_t pid;
-       sigset_t nmask, omask;
 
-       /* Block sigchild while forking (why?) */
-       sigemptyset(&nmask);
-       sigaddset(&nmask, SIGCHLD);
-       sigprocmask(SIG_BLOCK, &nmask, &omask);
+       /* Careful: don't be affected by a signal in vforked child */
+       sigprocmask_allsigs(SIG_BLOCK);
        if (BB_MMU && (a->action_type & ASKFIRST))
                pid = fork();
        else
                pid = vfork();
-       sigprocmask(SIG_SETMASK, &omask, NULL);
-
        if (pid < 0)
                message(L_LOG | L_CONSOLE, "can't fork");
-       if (pid)
-               return pid;
+       if (pid) {
+               sigprocmask_allsigs(SIG_UNBLOCK);
+               return pid; /* Parent or error */
+       }
 
        /* Child */
 
@@ -362,65 +333,20 @@ static pid_t run(const struct init_action *a)
        bb_signals(0
                + (1 << SIGUSR1)
                + (1 << SIGUSR2)
-               + (1 << SIGINT)
                + (1 << SIGTERM)
-               + (1 << SIGHUP)
                + (1 << SIGQUIT)
-               + (1 << SIGCONT)
-               + (1 << SIGSTOP)
+               + (1 << SIGINT)
+               + (1 << SIGHUP)
                + (1 << SIGTSTP)
                , SIG_DFL);
+       sigprocmask_allsigs(SIG_UNBLOCK);
 
-       /* Create a new session and make ourself the process
-        * group leader */
+       /* Create a new session and make ourself the process group leader */
        setsid();
 
        /* Open the new terminal device */
-       open_stdio_to_tty(a->terminal, 1 /* - exit if open fails */);
-
-// NB: do not enable unless you change vfork to fork above
-#ifdef BUT_RUN_ACTIONS_ALREADY_DOES_WAITING
-       /* If the init Action requires us to wait, then force the
-        * supplied terminal to be the controlling tty. */
-       if (a->action_type & (SYSINIT | WAIT | CTRLALTDEL | SHUTDOWN | RESTART)) {
-               /* Now fork off another process to just hang around */
-               pid = fork();
-               if (pid < 0) {
-                       message(L_LOG | L_CONSOLE, "can't fork");
-                       _exit(EXIT_FAILURE);
-               }
-
-               if (pid > 0) {
-                       /* Parent - wait till the child is done */
-                       bb_signals(0
-                               + (1 << SIGINT)
-                               + (1 << SIGTSTP)
-                               + (1 << SIGQUIT)
-                               , SIG_IGN);
-                       signal(SIGCHLD, SIG_DFL);
-
-                       waitfor(pid);
-                       /* See if stealing the controlling tty back is necessary */
-                       if (tcgetpgrp(0) != getpid())
-                               _exit(EXIT_SUCCESS);
-
-                       /* Use a temporary process to steal the controlling tty. */
-                       pid = fork();
-                       if (pid < 0) {
-                               message(L_LOG | L_CONSOLE, "can't fork");
-                               _exit(EXIT_FAILURE);
-                       }
-                       if (pid == 0) {
-                               setsid();
-                               ioctl(0, TIOCSCTTY, 1);
-                               _exit(EXIT_SUCCESS);
-                       }
-                       waitfor(pid);
-                       _exit(EXIT_SUCCESS);
-               }
-               /* Child - fall though to actually execute things */
-       }
-#endif
+       if (!open_stdio_to_tty(a->terminal))
+               _exit(EXIT_FAILURE);
 
        /* NB: on NOMMU we can't wait for input in child, so
         * "askfirst" will work the same as "respawn". */
@@ -439,7 +365,7 @@ static pid_t run(const struct init_action *a)
                 * be allowed to start a shell or whatever an init script
                 * specifies.
                 */
-               messageD(L_LOG, "waiting for enter to start '%s'"
+               dbg_message(L_LOG, "waiting for enter to start '%s'"
                                        "(pid %d, tty '%s')\n",
                                a->command, getpid(), a->terminal);
                full_write(STDOUT_FILENO, press_enter, sizeof(press_enter) - 1);
@@ -447,9 +373,14 @@ static pid_t run(const struct init_action *a)
                        continue;
        }
 
+       /*
+        * When a file named /.init_enable_core exists, setrlimit is called
+        * before processes are spawned to set core file size as unlimited.
+        * This is for debugging only.  Don't use this is production, unless
+        * you want core dumps lying about....
+        */
        if (ENABLE_FEATURE_INIT_COREDUMPS) {
-               struct stat sb;
-               if (stat(CORE_ENABLE_FLAG_FILE, &sb) == 0) {
+               if (access("/.init_enable_core", F_OK) == 0) {
                        struct rlimit limit;
                        limit.rlim_cur = RLIM_INFINITY;
                        limit.rlim_max = RLIM_INFINITY;
@@ -468,196 +399,106 @@ static pid_t run(const struct init_action *a)
        _exit(-1);
 }
 
-static void delete_init_action(struct init_action *action)
+static struct init_action *mark_terminated(pid_t pid)
 {
-       struct init_action *a, *b = NULL;
-
-       for (a = init_action_list; a; b = a, a = a->next) {
-               if (a == action) {
-                       if (b == NULL) {
-                               init_action_list = a->next;
-                       } else {
-                               b->next = a->next;
-                       }
-                       free(a);
-                       break;
-               }
-       }
-}
+       struct init_action *a;
 
-/* Run all commands of a particular type */
-static void run_actions(int action_type)
-{
-       struct init_action *a, *tmp;
-
-       for (a = init_action_list; a; a = tmp) {
-               tmp = a->next;
-               if (a->action_type & action_type) {
-                       // Pointless: run() will error out if open of device fails.
-                       ///* a->terminal of "" means "init's console" */
-                       //if (a->terminal[0] && access(a->terminal, R_OK | W_OK)) {
-                       //      //message(L_LOG | L_CONSOLE, "Device %s cannot be opened in RW mode", a->terminal /*, strerror(errno)*/);
-                       //      delete_init_action(a);
-                       //} else
-                       if (a->action_type & (SYSINIT | WAIT | CTRLALTDEL | SHUTDOWN | RESTART)) {
-                               waitfor(run(a));
-                               delete_init_action(a);
-                       } else if (a->action_type & ONCE) {
-                               run(a);
-                               delete_init_action(a);
-                       } else if (a->action_type & (RESPAWN | ASKFIRST)) {
-                               /* Only run stuff with pid==0.  If they have
-                                * a pid, that means it is still running */
-                               if (a->pid == 0) {
-                                       a->pid = run(a);
-                               }
+       if (pid > 0) {
+               for (a = init_action_list; a; a = a->next) {
+                       if (a->pid == pid) {
+                               a->pid = 0;
+                               return a;
                        }
                }
        }
+       return NULL;
 }
 
-static void init_reboot(unsigned long magic)
-{
-       pid_t pid;
-       /* We have to fork here, since the kernel calls do_exit(EXIT_SUCCESS) in
-        * linux/kernel/sys.c, which can cause the machine to panic when
-        * the init process is killed.... */
-       pid = vfork();
-       if (pid == 0) { /* child */
-               reboot(magic);
-               _exit(EXIT_SUCCESS);
-       }
-       waitfor(pid);
-}
-
-static void kill_all_processes(void)
-{
-       /* run everything to be run at "shutdown".  This is done _prior_
-        * to killing everything, in case people wish to use scripts to
-        * shut things down gracefully... */
-       run_actions(SHUTDOWN);
-
-       /* first disable all our signals */
-       sigprocmask_allsigs(SIG_BLOCK);
-
-       message(L_CONSOLE | L_LOG, "The system is going down NOW!");
-
-       /* Allow Ctrl-Alt-Del to reboot system. */
-       init_reboot(RB_ENABLE_CAD);
-
-       /* Send signals to every process _except_ pid 1 */
-       message(L_CONSOLE | L_LOG, "Sending SIG%s to all processes", "TERM");
-       kill(-1, SIGTERM);
-       sync();
-       sleep(1);
-
-       message(L_CONSOLE | L_LOG, "Sending SIG%s to all processes", "KILL");
-       kill(-1, SIGKILL);
-       sync();
-       sleep(1);
-}
-
-static void halt_reboot_pwoff(int sig)
+static void waitfor(pid_t pid)
 {
-       const char *m = "halt";
-       int rb;
-
-       kill_all_processes();
+       /* waitfor(run(x)): protect against failed fork inside run() */
+       if (pid <= 0)
+               return;
 
-       rb = RB_HALT_SYSTEM;
-       if (sig == SIGTERM) {
-               m = "reboot";
-               rb = RB_AUTOBOOT;
-       } else if (sig == SIGUSR2) {
-               m = "poweroff";
-               rb = RB_POWER_OFF;
+       /* Wait for any child (prevent zombies from exiting orphaned processes)
+        * but exit the loop only when specified one has exited. */
+       while (1) {
+               pid_t wpid = wait(NULL);
+               mark_terminated(wpid);
+               /* Unsafe. SIGTSTP handler might have wait'ed it already */
+               /*if (wpid == pid) break;*/
+               /* More reliable: */
+               if (kill(pid, 0))
+                       break;
        }
-       message(L_CONSOLE | L_LOG, "Requesting system %s", m);
-       /* allow time for last message to reach serial console */
-       sleep(2);
-       init_reboot(rb);
-       loop_forever();
 }
 
-/* Handler for QUIT - exec "restart" action,
- * else (no such action defined) do nothing */
-static void exec_restart_action(int sig UNUSED_PARAM)
+/* Run all commands of a particular type */
+static void run_actions(int action_type)
 {
        struct init_action *a;
 
        for (a = init_action_list; a; a = a->next) {
-               if (a->action_type & RESTART) {
-                       kill_all_processes();
-
-                       /* unblock all signals (blocked in kill_all_processes()) */
-                       sigprocmask_allsigs(SIG_UNBLOCK);
-
-                       /* Open the new terminal device */
-                       open_stdio_to_tty(a->terminal, 0 /* - halt if open fails */);
+               if (!(a->action_type & action_type))
+                       continue;
 
-                       messageD(L_CONSOLE | L_LOG, "Trying to re-exec %s", a->command);
-                       init_exec(a->command);
-                       sleep(2);
-                       init_reboot(RB_HALT_SYSTEM);
-                       loop_forever();
+               if (a->action_type & (SYSINIT | WAIT | ONCE | CTRLALTDEL | SHUTDOWN)) {
+                       pid_t pid = run(a);
+                       if (a->action_type & (SYSINIT | WAIT | CTRLALTDEL | SHUTDOWN))
+                               waitfor(pid);
+               }
+               if (a->action_type & (RESPAWN | ASKFIRST)) {
+                       /* Only run stuff with pid == 0. If pid != 0,
+                        * it is already running
+                        */
+                       if (a->pid == 0)
+                               a->pid = run(a);
                }
        }
 }
 
-static void ctrlaltdel_signal(int sig UNUSED_PARAM)
-{
-       run_actions(CTRLALTDEL);
-}
-
-/* The SIGSTOP & SIGTSTP handler */
-static void stop_handler(int sig UNUSED_PARAM)
-{
-       int saved_errno = errno;
-
-       got_cont = 0;
-       while (!got_cont)
-               pause();
-
-       errno = saved_errno;
-}
-
-/* The SIGCONT handler */
-static void cont_handler(int sig UNUSED_PARAM)
-{
-       got_cont = 1;
-}
-
 static void new_init_action(uint8_t action_type, const char *command, const char *cons)
 {
-       struct init_action *a, *last;
-
-// Why?
-//     if (strcmp(cons, bb_dev_null) == 0 && (action & ASKFIRST))
-//             return;
-
-       /* Append to the end of the list */
-       for (a = last = init_action_list; a; a = a->next) {
-               /* don't enter action if it's already in the list,
-                * but do overwrite existing actions */
+       struct init_action *a, **nextp;
+
+       /* Scenario:
+        * old inittab:
+        * ::shutdown:umount -a -r
+        * ::shutdown:swapoff -a
+        * new inittab:
+        * ::shutdown:swapoff -a
+        * ::shutdown:umount -a -r
+        * On reload, we must ensure entries end up in correct order.
+        * To achieve that, if we find a matching entry, we move it
+        * to the end.
+        */
+       nextp = &init_action_list;
+       while ((a = *nextp) != NULL) {
+               /* Don't enter action if it's already in the list,
+                * This prevents losing running RESPAWNs.
+                */
                if ((strcmp(a->command, command) == 0)
                 && (strcmp(a->terminal, cons) == 0)
                ) {
-                       a->action_type = action_type;
-                       return;
+                       /* Remove from list */
+                       *nextp = a->next;
+                       /* Find the end of the list */
+                       while (*nextp != NULL)
+                               nextp = &(*nextp)->next;
+                       a->next = NULL;
+                       break;
                }
-               last = a;
+               nextp = &a->next;
        }
 
-       a = xzalloc(sizeof(*a));
-       if (last) {
-               last->next = a;
-       } else {
-               init_action_list = a;
-       }
+       if (!a)
+               a = xzalloc(sizeof(*a));
+       /* Append to the end of the list */
+       *nextp = a;
        a->action_type = action_type;
        safe_strncpy(a->command, command, sizeof(a->command));
        safe_strncpy(a->terminal, cons, sizeof(a->terminal));
-       messageD(L_LOG | L_CONSOLE, "command='%s' action=%d tty='%s'\n",
+       dbg_message(L_LOG | L_CONSOLE, "command='%s' action=%d tty='%s'\n",
                a->command, a->action_type, a->terminal);
 }
 
@@ -670,15 +511,14 @@ static void new_init_action(uint8_t action_type, const char *command, const char
  */
 static void parse_inittab(void)
 {
+#if ENABLE_FEATURE_USE_INITTAB
        char *token[4];
-       /* order must correspond to SYSINIT..RESTART constants */
-       static const char actions[] ALIGN1 =
-               "sysinit\0""respawn\0""askfirst\0""wait\0""once\0"
-               "ctrlaltdel\0""shutdown\0""restart\0";
-
-       parser_t *parser = config_open2(INITTAB, fopen_for_read);
-       /* No inittab file -- set up some default behavior */
-       if (parser == NULL) {
+       parser_t *parser = config_open2("/etc/inittab", fopen_for_read);
+
+       if (parser == NULL)
+#endif
+       {
+               /* No inittab file - set up some default behavior */
                /* Reboot on Ctrl-Alt-Del */
                new_init_action(CTRLALTDEL, "reboot", "");
                /* Umount all filesystems on halt/reboot */
@@ -698,11 +538,17 @@ static void parse_inittab(void)
                new_init_action(SYSINIT, INIT_SCRIPT, "");
                return;
        }
+
+#if ENABLE_FEATURE_USE_INITTAB
        /* optional_tty:ignored_runlevel:action:command
         * Delims are not to be collapsed and need exactly 4 tokens
         */
        while (config_read(parser, token, 4, 0, "#:",
                                PARSE_NORMAL & ~(PARSE_TRIM | PARSE_COLLAPSE))) {
+               /* order must correspond to SYSINIT..RESTART constants */
+               static const char actions[] ALIGN1 =
+                       "sysinit\0""wait\0""once\0""respawn\0""askfirst\0"
+                       "ctrlaltdel\0""shutdown\0""restart\0";
                int action;
                char *tty = token[0];
 
@@ -726,93 +572,271 @@ static void parse_inittab(void)
                                parser->lineno);
        }
        config_close(parser);
+#endif
+}
+
+static void pause_and_low_level_reboot(unsigned magic) NORETURN;
+static void pause_and_low_level_reboot(unsigned magic)
+{
+       pid_t pid;
+
+       /* Allow time for last message to reach serial console, etc */
+       sleep(1);
+
+       /* We have to fork here, since the kernel calls do_exit(EXIT_SUCCESS)
+        * in linux/kernel/sys.c, which can cause the machine to panic when
+        * the init process exits... */
+       pid = vfork();
+       if (pid == 0) { /* child */
+               reboot(magic);
+               _exit(EXIT_SUCCESS);
+       }
+       while (1)
+               sleep(1);
+}
+
+static void run_shutdown_and_kill_processes(void)
+{
+       /* Run everything to be run at "shutdown".  This is done _prior_
+        * to killing everything, in case people wish to use scripts to
+        * shut things down gracefully... */
+       run_actions(SHUTDOWN);
+
+       message(L_CONSOLE | L_LOG, "The system is going down NOW!");
+
+       /* Send signals to every process _except_ pid 1 */
+       kill(-1, SIGTERM);
+       message(L_CONSOLE | L_LOG, "Sent SIG%s to all processes", "TERM");
+       sync();
+       sleep(1);
+
+       kill(-1, SIGKILL);
+       message(L_CONSOLE, "Sent SIG%s to all processes", "KILL");
+       sync();
+       /*sleep(1); - callers take care about making a pause */
+}
+
+/* Signal handling by init:
+ *
+ * For process with PID==1, on entry kernel sets all signals to SIG_DFL
+ * and unmasks all signals. However, for process with PID==1,
+ * default action (SIG_DFL) on any signal is to ignore it,
+ * even for special signals SIGKILL and SIGCONT.
+ * Also, any signal can be caught or blocked.
+ * (but SIGSTOP is still handled specially, at least in 2.6.20)
+ *
+ * We install two kinds of handlers, "immediate" and "delayed".
+ *
+ * Immediate handlers execute at any time, even while, say, sysinit
+ * is running.
+ *
+ * Delayed handlers just set a flag variable. The variable is checked
+ * in the main loop and acted upon.
+ *
+ * halt/poweroff/reboot and restart have immediate handlers.
+ * They only traverse linked list of struct action's, never modify it,
+ * this should be safe to do even in signal handler. Also they
+ * never return.
+ *
+ * SIGSTOP and SIGTSTP have immediate handlers. They just wait
+ * for SIGCONT to happen.
+ *
+ * SIGHUP has a delayed handler, because modifying linked list
+ * of struct action's from a signal handler while it is manipulated
+ * by the program may be disastrous.
+ *
+ * Ctrl-Alt-Del has a delayed handler. Not a must, but allowing
+ * it to happen even somewhere inside "sysinit" would be a bit awkward.
+ *
+ * There is a tiny probability that SIGHUP and Ctrl-Alt-Del will collide
+ * and only one will be remembered and acted upon.
+ */
+
+static void halt_reboot_pwoff(int sig) NORETURN;
+static void halt_reboot_pwoff(int sig)
+{
+       const char *m;
+       unsigned rb;
+
+       run_shutdown_and_kill_processes();
+
+       m = "halt";
+       rb = RB_HALT_SYSTEM;
+       if (sig == SIGTERM) {
+               m = "reboot";
+               rb = RB_AUTOBOOT;
+       } else if (sig == SIGUSR2) {
+               m = "poweroff";
+               rb = RB_POWER_OFF;
+       }
+       message(L_CONSOLE, "Requesting system %s", m);
+       pause_and_low_level_reboot(rb);
+       /* not reached */
+}
+
+/* The SIGSTOP/SIGTSTP handler
+ * NB: inside it, all signals except SIGCONT are masked
+ * via appropriate setup in sigaction().
+ */
+static void stop_handler(int sig UNUSED_PARAM)
+{
+       smallint saved_bb_got_signal;
+       int saved_errno;
+
+       saved_bb_got_signal = bb_got_signal;
+       saved_errno = errno;
+       signal(SIGCONT, record_signo);
+
+       while (1) {
+               pid_t wpid;
+
+               if (bb_got_signal == SIGCONT)
+                       break;
+               /* NB: this can accidentally wait() for a process
+                * which we waitfor() elsewhere! waitfor() must have
+                * code which is resilient against this.
+                */
+               wpid = wait_any_nohang(NULL);
+               mark_terminated(wpid);
+               sleep(1);
+       }
+
+       signal(SIGCONT, SIG_DFL);
+       errno = saved_errno;
+       bb_got_signal = saved_bb_got_signal;
+}
+
+/* Handler for QUIT - exec "restart" action,
+ * else (no such action defined) do nothing */
+static void restart_handler(int sig UNUSED_PARAM)
+{
+       struct init_action *a;
+
+       for (a = init_action_list; a; a = a->next) {
+               if (!(a->action_type & RESTART))
+                       continue;
+
+               /* Starting from here, we won't return.
+                * Thus don't need to worry about preserving errno
+                * and such.
+                */
+               run_shutdown_and_kill_processes();
+
+               /* Allow Ctrl-Alt-Del to reboot the system.
+                * This is how kernel sets it up for init, we follow suit.
+                */
+               reboot(RB_ENABLE_CAD); /* misnomer */
+
+               if (open_stdio_to_tty(a->terminal)) {
+                       dbg_message(L_CONSOLE, "Trying to re-exec %s", a->command);
+                       /* Theoretically should be safe.
+                        * But in practice, kernel bugs may leave
+                        * unkillable processes, and wait() may block forever.
+                        * Oh well. Hoping "new" init won't be too surprised
+                        * by having children it didn't create.
+                        */
+                       //while (wait(NULL) > 0)
+                       //      continue;
+                       init_exec(a->command);
+               }
+               /* Open or exec failed */
+               pause_and_low_level_reboot(RB_HALT_SYSTEM);
+               /* not reached */
+       }
 }
 
 #if ENABLE_FEATURE_USE_INITTAB
-static void reload_signal(int sig UNUSED_PARAM)
+static void reload_inittab(void)
 {
-       struct init_action *a, *tmp;
+       struct init_action *a, **nextp;
 
        message(L_LOG, "reloading /etc/inittab");
 
-       /* disable old entrys */
-       for (a = init_action_list; a; a = a->next) {
+       /* Disable old entries */
+       for (a = init_action_list; a; a = a->next)
                a->action_type = ONCE;
-       }
 
+       /* Append new entries, or modify existing entries
+        * (set a->action_type) if cmd and device name
+        * match new ones. End result: only entries with
+        * a->action_type == ONCE are stale.
+        */
        parse_inittab();
 
-       if (ENABLE_FEATURE_KILL_REMOVED) {
-               /* Be nice and send SIGTERM first */
-               for (a = init_action_list; a; a = a->next) {
-                       pid_t pid = a->pid;
-                       if ((a->action_type & ONCE) && pid != 0) {
-                               kill(pid, SIGTERM);
-                       }
-               }
-#if CONFIG_FEATURE_KILL_DELAY
+#if ENABLE_FEATURE_KILL_REMOVED
+       /* Kill stale entries */
+       /* Be nice and send SIGTERM first */
+       for (a = init_action_list; a; a = a->next)
+               if (a->action_type == ONCE && a->pid != 0)
+                       kill(a->pid, SIGTERM);
+       if (CONFIG_FEATURE_KILL_DELAY) {
                /* NB: parent will wait in NOMMU case */
                if ((BB_MMU ? fork() : vfork()) == 0) { /* child */
                        sleep(CONFIG_FEATURE_KILL_DELAY);
-                       for (a = init_action_list; a; a = a->next) {
-                               pid_t pid = a->pid;
-                               if ((a->action_type & ONCE) && pid != 0) {
-                                       kill(pid, SIGKILL);
-                               }
-                       }
+                       for (a = init_action_list; a; a = a->next)
+                               if (a->action_type == ONCE && a->pid != 0)
+                                       kill(a->pid, SIGKILL);
                        _exit(EXIT_SUCCESS);
                }
-#endif
        }
+#endif
 
-       /* remove unused entrys */
-       for (a = init_action_list; a; a = tmp) {
-               tmp = a->next;
-               if ((a->action_type & (ONCE | SYSINIT | WAIT)) && a->pid == 0) {
-                       delete_init_action(a);
+       /* Remove stale (ONCE) and not useful (SYSINIT,WAIT) entries */
+       nextp = &init_action_list;
+       while ((a = *nextp) != NULL) {
+               if (a->action_type & (ONCE | SYSINIT | WAIT)) {
+                       *nextp = a->next;
+                       free(a);
+               } else {
+                       nextp = &a->next;
                }
        }
-       run_actions(RESPAWN | ASKFIRST);
+
+       /* Not needed: */
+       /* run_actions(RESPAWN | ASKFIRST); */
+       /* - we return to main loop, which does this automagically */
 }
 #endif
 
+static int check_delayed_sigs(void)
+{
+       int sigs_seen = 0;
+
+       while (1) {
+               smallint sig = bb_got_signal;
+
+               if (!sig)
+                       return sigs_seen;
+               bb_got_signal = 0;
+               sigs_seen = 1;
+#if ENABLE_FEATURE_USE_INITTAB
+               if (sig == SIGHUP)
+                       reload_inittab();
+#endif
+               if (sig == SIGINT)
+                       run_actions(CTRLALTDEL);
+       }
+}
+
 int init_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int init_main(int argc UNUSED_PARAM, char **argv)
 {
-       struct init_action *a;
-       pid_t wpid;
-
-       die_sleep = 30 * 24*60*60; /* if xmalloc will ever die... */
+       die_sleep = 30 * 24*60*60; /* if xmalloc would ever die... */
 
        if (argv[1] && !strcmp(argv[1], "-q")) {
                return kill(1, SIGHUP);
        }
 
-       if (!ENABLE_DEBUG_INIT) {
+       if (!DEBUG_INIT) {
                /* Expect to be invoked as init with PID=1 or be invoked as linuxrc */
                if (getpid() != 1
                 && (!ENABLE_FEATURE_INITRD || !strstr(applet_name, "linuxrc"))
                ) {
                        bb_show_usage();
                }
-               /* Set up sig handlers  -- be sure to
-                * clear all of these in run() */
-               signal(SIGQUIT, exec_restart_action);
-               bb_signals(0
-                       + (1 << SIGUSR1)  /* halt */
-                       + (1 << SIGUSR2)  /* poweroff */
-                       + (1 << SIGTERM)  /* reboot */
-                       , halt_reboot_pwoff);
-               signal(SIGINT, ctrlaltdel_signal);
-               signal(SIGCONT, cont_handler);
-               bb_signals(0
-                       + (1 << SIGSTOP)
-                       + (1 << SIGTSTP)
-                       , stop_handler);
-
-               /* Turn off rebooting via CTL-ALT-DEL -- we get a
+               /* Turn off rebooting via CTL-ALT-DEL - we get a
                 * SIGINT on CAD so we can shut things down gracefully... */
-               init_reboot(RB_DISABLE_CAD);
+               reboot(RB_DISABLE_CAD); /* misnomer */
        }
 
        /* Figure out where the default console should be */
@@ -837,9 +861,9 @@ int init_main(int argc UNUSED_PARAM, char **argv)
        if (ENABLE_SWAPONOFF) {
                struct sysinfo info;
 
-               if (!sysinfo(&info) &&
-                       (info.mem_unit ? : 1) * (long long)info.totalram < 1024*1024)
-               {
+               if (sysinfo(&info) == 0
+                && (info.mem_unit ? info.mem_unit : 1) * (long long)info.totalram < 1024*1024
+               {
                        message(L_CONSOLE, "Low memory, forcing swapon");
                        /* swapon -a requires /proc typically */
                        new_init_action(SYSINIT, "mount -t proc proc /proc", "");
@@ -857,11 +881,11 @@ int init_main(int argc UNUSED_PARAM, char **argv)
                /* Start a shell on console */
                new_init_action(RESPAWN, bb_default_login_shell, "");
        } else {
-               /* Not in single user mode -- see what inittab says */
+               /* Not in single user mode - see what inittab says */
 
                /* NOTE that if CONFIG_FEATURE_USE_INITTAB is NOT defined,
                 * then parse_inittab() simply adds in some default
-                * actions(i.e., runs INIT_SCRIPT and then starts a pair
+                * actions(i.e., INIT_SCRIPT and a pair
                 * of "askfirst" shells */
                parse_inittab();
        }
@@ -880,7 +904,7 @@ int init_main(int argc UNUSED_PARAM, char **argv)
                        exit(EXIT_FAILURE);
                }
        }
-#endif /* CONFIG_SELINUX */
+#endif
 
        /* Make the command line just say "init"  - thats all, nothing else */
        strncpy(argv[0], "init", strlen(argv[0]));
@@ -888,48 +912,96 @@ int init_main(int argc UNUSED_PARAM, char **argv)
        while (*++argv)
                memset(*argv, 0, strlen(*argv));
 
-       /* Now run everything that needs to be run */
+       /* Set up signal handlers */
+       if (!DEBUG_INIT) {
+               struct sigaction sa;
+
+               bb_signals(0
+                       + (1 << SIGUSR1) /* halt */
+                       + (1 << SIGTERM) /* reboot */
+                       + (1 << SIGUSR2) /* poweroff */
+                       , halt_reboot_pwoff);
+               signal(SIGQUIT, restart_handler); /* re-exec another init */
+
+               /* Stop handler must allow only SIGCONT inside itself */
+               memset(&sa, 0, sizeof(sa));
+               sigfillset(&sa.sa_mask);
+               sigdelset(&sa.sa_mask, SIGCONT);
+               sa.sa_handler = stop_handler;
+               /* NB: sa_flags doesn't have SA_RESTART.
+                * It must be able to interrupt wait().
+                */
+               sigaction_set(SIGTSTP, &sa); /* pause */
+               /* Does not work as intended, at least in 2.6.20.
+                * SIGSTOP is simply ignored by init:
+                */
+               sigaction_set(SIGSTOP, &sa); /* pause */
+
+               /* SIGINT (Ctrl-Alt-Del) must interrupt wait(),
+                * setting handler without SA_RESTART flag.
+                */
+               bb_signals_recursive_norestart((1 << SIGINT), record_signo);
+       }
 
+       /* Now run everything that needs to be run */
        /* First run the sysinit command */
        run_actions(SYSINIT);
-
+       check_delayed_sigs();
        /* Next run anything that wants to block */
        run_actions(WAIT);
-
+       check_delayed_sigs();
        /* Next run anything to be run only once */
        run_actions(ONCE);
 
-       /* Redefine SIGHUP to reread /etc/inittab */
-#if ENABLE_FEATURE_USE_INITTAB
-       signal(SIGHUP, reload_signal);
-#else
-       signal(SIGHUP, SIG_IGN);
-#endif
+       /* Set up "reread /etc/inittab" handler.
+        * Handler is set up without SA_RESTART, it will interrupt syscalls.
+        */
+       if (!DEBUG_INIT && ENABLE_FEATURE_USE_INITTAB)
+               bb_signals_recursive_norestart((1 << SIGHUP), record_signo);
 
-       /* Now run the looping stuff for the rest of forever */
+       /* Now run the looping stuff for the rest of forever.
+        */
        while (1) {
-               /* run the respawn/askfirst stuff */
+               int maybe_WNOHANG;
+
+               maybe_WNOHANG = check_delayed_sigs();
+
+               /* (Re)run the respawn/askfirst stuff */
                run_actions(RESPAWN | ASKFIRST);
+               maybe_WNOHANG |= check_delayed_sigs();
 
-               /* Don't consume all CPU time -- sleep a bit */
+               /* Don't consume all CPU time - sleep a bit */
                sleep(1);
-
-               /* Wait for any child process to exit */
-               wpid = wait(NULL);
-               while (wpid > 0) {
-                       /* Find out who died and clean up their corpse */
-                       for (a = init_action_list; a; a = a->next) {
-                               if (a->pid == wpid) {
-                                       /* Set the pid to 0 so that the process gets
-                                        * restarted by run_actions() */
-                                       a->pid = 0;
-                                       message(L_LOG, "process '%s' (pid %d) exited. "
-                                                       "Scheduling for restart.",
-                                                       a->command, wpid);
-                               }
+               maybe_WNOHANG |= check_delayed_sigs();
+
+               /* Wait for any child process(es) to exit.
+                *
+                * If check_delayed_sigs above reported that a signal
+                * was caught, wait will be nonblocking. This ensures
+                * that if SIGHUP has reloaded inittab, respawn and askfirst
+                * actions will not be delayed until next child death.
+                */
+               if (maybe_WNOHANG)
+                       maybe_WNOHANG = WNOHANG;
+               while (1) {
+                       pid_t wpid;
+                       struct init_action *a;
+
+                       /* If signals happen _in_ the wait, they interrupt it,
+                        * bb_signals_recursive_norestart set them up that way
+                        */
+                       wpid = waitpid(-1, NULL, maybe_WNOHANG);
+                       if (wpid <= 0)
+                               break;
+
+                       a = mark_terminated(wpid);
+                       if (a) {
+                               message(L_LOG, "process '%s' (pid %d) exited. "
+                                               "Scheduling for restart.",
+                                               a->command, wpid);
                        }
-                       /* see if anyone else is waiting to be reaped */
-                       wpid = wait_any_nohang(NULL);
+                       /* See if anyone else is waiting to be reaped */
+                       maybe_WNOHANG = WNOHANG;
                }
-       }
+       } /* while (1) */
 }