2.1 Booting Mac OS X | Mac OS X Panther for Unix Geeks

When the computer is powered up, the firmware is in complete control. After the firmware initializes the hardware, it hands off control to the BootX loader, which bootstraps the kernel. After a trip into Mach, the control bubbles up into the BSD subsystem, and eventually into the Aqua user interface.

By default, Mac OS X boots graphically. If you'd like to see console messages as you boot, hold down -V (the "V" stands for "verbose") as you start the computer. If you'd like to always boot in verbose mode, you can specify a flag in the boot arguments that are stored in your system's firmware. First, use the command nvram boot-args to make sure there aren't any flags already set (if there are, and you didn't set them, you probably should not change this setting). Set your boot arguments to -v with this command:

 sudo /usr/sbin/nvram boot-args="-v"

The next time you boot the computer, it will boot in verbose mode. To turn this setting off, use the command:

 sudo /usr/sbin/nvram boot-args=

To boot in single-user mode, hold down -S as you start the computer. In single-user mode, your filesystem will be mounted as read-only, and you will be limited in what you can do. Single-user mode should generally be used only to repair a system that has been damaged (for example, see Section 3.11 in Chapter 3). Unlike with other Unix systems, we do not suggest that you use single-user mode to perform fsck repairs manually. Instead, boot from the Mac OS X install CD or DVD and run the Disk Utility (Installer Open Disk Utility) to repair a problem disk volume.

2.1.1 The BootX Loader

BootX is located in /System/Library/CoreServices . It draws the Apple logo on the screen and proceeds to set up the kernel environment. BootX first looks for kernel extensions ( drivers, also known as kexts ) that are cached in the mkext cache . If this cache does not exist, BootX loads only those extensions in /System/Library/Extensions that have the OSBundleRequired key in their Info . plist file. Each extension lives in a folder ( ExtensionName.kext ), and the Info.plist file is an XML document that resides in its Contents subfolder. Example 2-1 is an excerpt from the /System/Library/Extensions/System.kext/Contents/Info.plist file.

Example 2-1. A portion of a kernel extension's Info.plist file

 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"            "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0">   <dict>     <key>CFBundleDevelopmentRegion</key>     <string>English</string>     <!-- multiple keys and strings omitted -->   </dict> </plist>

After the required drivers are loaded, BootX hands off control to the kernel ( /mach_kernel ).

2.1.2 Initialization

The kernel first initializes all the data structures needed to support Mach and BSD. Next, it initializes the I/O Kit, which connects the kernel with the set of extensions that correspond to the machine's hardware configuration. Then, the kernel finds and mounts the root filesystem. The kernel next loads mach_init , which starts Mach message handling. mach_init then launches the BSD init process. In keeping with Unix conventions, init is process ID (PID) 1, even though it was started second. mach_init is given PID 2, and its parent PID is set to 1 ( init 's PID).

2.1.3 The /etc/rc.boot Script

The init process launches the /etc/rc.boot and /etc/rc shell scripts to start the system. Both rc scripts (and all startup items) source the /etc/rc.common script, which sets the initial environment, defines some useful functions, and loads the /etc/hostconfig file, which controls the system services that will be started at boot. Example 2-2 is an excerpt from the hostconfig file.

Example 2-2. A portion of /etc/hostconfig

 # Services AFPSERVER=-NO- CUPS=-YES-

This excerpt shows that Apple File Sharing and CUPS (Common Unix Printing System) will be launched at startup. See "The startup script," later in this chapter, for an explanation of how /etc/hostconfig can be used to control services that you install yourself. Table 2-1 describes the default entries from /etc/hostconfig .

Table 2-1. Default entries from the hostconfig file

Entry	Default value	Description
HOSTNAME	-AUTOMATIC-	Specifies a hostname. A setting of `-AUTOMATIC-` causes configd (described in Table 2-2) to use the value from the system configuration database.
ROUTER	-AUTOMATIC-	Description unavailable at time of printing. Please see the errata at http://www.oreilly.com/catalog/mpantherunix/.
AFPSERVER	-NO-	Controls whether Apple File Sharing (Personal File Sharing in System Preferences Sharing) is enabled. This corresponds to the AppleShare startup item. (For information on startup items, see Section 2.1.5, later in this chapter.)
AUTHSERVER	-NO-	Specifies whether the NetInfo authentication server for legacy clients ( /usr/sbin/tim ) should be started. This corresponds to the AuthServer startup item.
AUTOMOUNT	-YES-	Determines whether the NFS automount daemon should be started. The NFS startup item consults this setting.
CUPS	-YES-	Controls whether Printing Services are started up. This corresponds to the PrintingServices startup item. However, this is not controlled by the Printer Sharing option in System Preferences Sharing (that setting instead inserts the appropriate settings into the /etc/cups/cupsd.conf file).
IPFORWARDING	-NO-	Determines whether the Network startup item enables IP forwarding.
IPV6	-YES-	Specifies whether the Network startup item should turn on IPv6 support.
MAILSERVER	-NO-	Controls whether the Postfix mail server is started. This corresponds to the Postfix startup item. If you want to enable Postfix, you will need to perform additional configuration. For more information, see Section 13.3 in Chapter 13.
NETINFOSERVER	-AUTOMATIC-	Determines whether NetInfo should be started. A setting of `-AUTOMATIC-` causes Mac OS X to decide whether it is needed based on the current system configuration. This setting is consulted by the /etc/rc script.
NFSLOCKS	-AUTOMATIC-	If your Mac is running as an NFS server, a setting of `-AUTOMATIC-` enables locking for NFS files. As an NFS client, a value of `-YES-` will enable locking, but `-AUTOMATIC-` will load the appropriate daemons ( rpc.statd and rpc.lockd ) so they are only used when needed. The NFS startup item consults this setting.
NISDOMAIN	-NO-	Specifies the NIS Domain that your Mac should participate in. Leave it set to `-NO-` to disable NIS, otherwise set it to the appropriate domain. The NIS startup item uses this setting.
RPCSERVER	-AUTOMATIC-	Determines whether the RPC server ( portmap ) should be started. A setting of `-AUTOMATIC-` causes Mac OS X to decide whether it is needed based on the current system configuration. This setting is consulted by the /etc/rc script.
TIMESYNC	-YES-	Controls whether the network time daemon ( ntpd ) is started. You can configure these settings with System Preferences Date & Time. This setting affects the NetworkTime startup item.
QTSSERVER	-NO-	Specifies whether the QuickTime Streaming Server is started at boot time. Although it's not included with the desktop version of Mac OS X, you can download it from http://developer.apple.com/darwin/projects/streaming/.
WEBSERVER	-NO-	Controls whether the Apache web server (Personal Web Sharing in System Preferences Sharing) is started. This corresponds to the Apache startup item.
SMBSERVER	-NO-	This setting has no effect. Previous versions of Mac OS X used it to control Samba, the Windows file sharing server. This setting can be toggled using Windows Sharing in System Preferences Sharing, which toggles the `disable` setting in /etc/xinetd.d/smbd .
DNSSERVER	-NO-	Determines whether the BIND DNS server ( named ) should be started. The default /etc/named.conf file specifies a caching nameserver configuration. This corresponds to the BIND startup item.
COREDUMPS	-NO-	Specifies whether coredumps are enabled. This setting is consulted by the /etc/rc.common script. You can override this in the shell with the ulimit -c command.
VPNSERVER	-NO-	Controls whether the Mac OS X VPN service ( vpnd ) is started. This service lets remote hosts tunnel into a network through your Mac. See the vpnd manpage for more information. The NetworkExtensions startup item consults this setting.

After rc.boot has loaded in values from /etc/rc.common and /etc/hostconfig , it sets the hostname to localhost (this will be changed later in the boot process) and then determines whether the system is booting from a CD. Next, rc.boot tests to see whether the system is booting in single-user mode. If the system is neither in single-user mode nor booting from a CD, rc.boot performs a check of the filesystem ( fsck ). If the fsck fails, rc.boot tries an fsck - y , which assumes a "Yes" answer to all the questions that fsck asks. If that fails, the system reboots (and may end up trying an fsck - y over and over again).

If you find yourself in an fsck loop, you should boot from the Mac OS X installation CD. You can boot from a CD by holding down the C key at startup. When the Installer appears, choose Installer Disk Utility from the menu bar and use it to inspect and repair the damaged disk.

2.1.4 The /etc/rc Script

If rc.boot succeeds, init drops into a shell (for single-user mode) or launches /etc/rc (for installation or multiuser mode). In single-user mode, only the root user may log in. In multiuser mode, the system is fully functional and ready to accept logins from normal users.

If /etc/rc determines that the system is booting from a CD, it starts the Mac OS X installation program. (If you booted from a CD in single-user mode, you'll get dropped into a shell and /etc/rc won't get run.) Otherwise, /etc/rc performs the following steps (among others, that is; this list describes the most significant):

Mounts local filesystems: By this point, the root filesystem is already mounted, but the rc script now mounts any additional HFS+ and UFS volumes listed in /etc/fstab , as well as the /dev filesystem. This step does not, however, perform the automatic mounting of local volumes under the /Volumes directory. This is handled by the disk arbitration daemon, which is started as a Mach bootstrap daemon (see Table 2-2).
Launches BootCacheControl: The rc script initializes the boot-time performance cache ( BootCacheControl ), which implements intelligent read-ahead strategies for the boot volume.
Tunes the system: Next, a series of sysctl calls tune kernel variables such as the maximum number of vnodes (data structures the kernel uses to represent files) and various shared memory settings.
Configures the loopback network interface: At this step, the ifconfig utility configures and activates the loopback address, 127.0.0.1.
Starts the system log daemon: The system log daemon ( syslogd ) starts running at this point. It logs most messages to /dev/console (launch /Applications/Utilities/Console or look in /Library/Logs/Console/$USER/console.log ) or /var/log/system.log . See /etc/syslogd.conf for complete details.
Starts kextd , the kernel extension daemon: The kernel initially boots with the minimum set of extensions needed to mount the root filesystem on all supported hardware. Some of these extensions are not needed, so /etc/rc starts the kextd daemon ( /usr/libexec/kextd ) to unload unnecessary extensions. For example, the iPodDriver includes the OSBundleRequired key to support booting from your iPod. If you don't have your iPod plugged in, kextd can safely unload that driver. The kextd daemon is also responsible for loading and unloading extensions on demand for the duration of the system's uptime. Extensions live in the /System/Library/Extensions directory.
Launches Mach bootstrap services: Next, the rc script runs register_mach_bootstrap_servers on all the services listed in /etc/mach_init.d . That directory contains a collection of XML .plist files containing a description of services, the path to the corresponding executable, and whether the service should be loaded on demand. Table 2-2 describes the services started in this stage.

Mac OS X Panther introduced Mach bootstrap services, a new approach for starting daemons.

Daemons can be loaded at two points: system startup ( /etc/mach_init.d ) and user login ( /etc/mach_init_per_user.d ), including local and remote (such as SSH) logins. Bootstrap daemons are identified to the system using the ServiceName in their .plist files, and the operating system can load that service on demand, if the OnDemand option is set to true (this is the default). The mach_init process will launch these services on demand or wake sleeping bootstrap services (when a bootstrap service goes unused for a period of time, it can sleep).

Launch the portmap daemon: If Mac OS X determines that the port mapper is necessary based on the settings in /etc/hostconfig (see Table 2-1), it launches the portmap daemon here. For more information, see the portmap manpage.
Start NetInfo: NetInfo is a Directory Services database for standalone machines. See Chapter 3 for a complete discussion. In this step, the rc script creates a default NetInfo database (if none exists) and starts the daemon(s) that are needed for NetInfo to provide its services.
Updates the kernel extension cache: At this point, the kextcache utility updates the /System/Library/Extensions.mkext extension cache, which is used at boot time (see "The BootX Loader," earlier in this chapter).
Starts the update process: This process flushes the filesystem buffers every 30 seconds.
Enables virtual memory: At this point, the dynamic_pager daemon starts running. This daemon manages swap files in the /var/vm/ subdirectory. The kernel uses these files to allocate virtual memory as it is needed.
Sets the system language: If this system is not fully configured (if the file /var/db/.AppleSetupDone does not exist), the language chooser appears at this point and prompts the user to choose a default language for the system. Whether that chooser appears, the rc script reads in /var/log/CDIS.custom and export s the variable it contains into subsequent environments.

After these steps are completed, /etc/rc hands off control to /sbin/SystemStarter .

Table 2-2. Mach bootstrap services

Item	Description
ATSServer.plist	Launches the Apple Type Solution server.
configd.plist	Starts the Configuration server daemon. See Section 15.3.1 in Chapter 15 for information on working with the Configuration server's database.
coreservicesd.plist	Launches the Core Services daemon.
DirectoryService.plist	Starts The DirectoryService daemon. For more information, see Chapter 3, Section 3.5, and the DirectoryService manpage.
diskarbitrationd.plist	Launches the disk arbitration daemon, which coordinates the mounting of filesystems. For more information, see the diskarbitrationd manpage.
distnoted.plist	Starts the distributed notifications daemon.
fix_prebinding.plist	Launches the fix_prebinding daemon, which is invoked when the dynamic loader (dyld) comes across a binary that has not been through the prebinding process, or that has changed since prebinding was last run on it. The prebinding process creates hints for the dynamic loader that can make a binary load more quickly.
KerberosAutoConfig.plist	Configures the single sign-on service. See the kerberosautoconfig manpage .
kuncd.plist	Starts the Kernel-User Notification daemon, which kernel-level code can use to pop up dialogs when user action is needed. See the "Kernel-User Notification" topic in Writing an I/O Kit Device Driver , which you can find at http://developer.apple.com/documentation/DeviceDrivers/.
lookupd .plist	Starts lookupd , a thin layer that acts as a front-end to Directory Services. For more information, see the lookupd manpage and Chapter 3.
notifyd.plist	Description unavailable at time of printing. Please see the errata at http://www.oreilly.com/catalog/mpantherunix/
WindowServer.plist	Starts the Mac OS X WindowServer, the service that manages the screen and the windows drawn upon it.

2.1.5 SystemStarter

SystemStarter examines /System/Library/StartupItems and /Library/StartupItems for applications that should be started at boot time. /Library/StartupItems contains items for locally installed applications; you can also put your own custom startup items there. /System/Library/StartupItems contains items for the system. You should not modify these or add your own items here. Table 2-3 lists Mac OS X's available startup items.

Table 2-3. Mac OS X default startup items

Item	Description
AMD	Starts the NFS automounter, which mounts remote filesystems on demand. Enable this with the `AMDSERVER` entry in /etc/hostconfig .
Accounting	Starts the acct daemon, which collects process accounting records.
Apache	Starts the Apache web server. Enable this with the `WEBSERVER` entry in /etc/hostconfig or by turning on Web Sharing (System Preferences Sharing).
AppServices	Starts the desktop database, input managers, and printing services.
AppleShare	Starts Apple file sharing. Enable this with the `AFPSERVER` entry in /etc/hostconfig or by turning on File Sharing (System Preferences Sharing).
AuthServer	Starts the authentication server. Enable this with the `AUTHSERVER` entry in /etc/hostconfig.
BIND	Starts named , the Internet domain name server, if `DNSSERVER` is set to `-YES-` in /etc/hostconfig .
ConfigServer	An empty startup script whose former role is now filled by the configd.plist item in mach_init.d (see Table 2-2).
CoreGraphics	Loads the QuartzDisplay bundle. Full description unavailable at time of printing. Please see the errata at http://www.oreilly.com/catalog/mpantherunix/
CrashReporter	Enables automatic crash report generation when an application crashes. Enable this with the `CRASHREPORTER` entry in /etc/hostconfig .
Cron	Starts the cron daemon.
DirectoryServices	An empty startup script whose former role is now filled by the lookupd.plist item in mach_init.d (see Table 2-2).
Disks	Mounts local filesystems.
IPServices	Starts xinetd and, optionally , Internet address sharing.
KernelEventAgent	Description unavailable at time of printing. Please see the errata at http://www.oreilly.com/catalog/mpantherunix/
LDAP	Starts slapd , the standalone LDAP daemon. Enable this with the `LDAPSERVER` entry in /etc/hostconfig .
LoginWindow	Does nothing except to note the point at which the system is ready to display the login window.
mDNSResponder	Starts the multicast DNS responder , which is used by Rendezvous for configuration.
NFS	Starts the NFS client. The NFS server is started if NetInfo or /etc/exports has been configured to export one or more filesystems.
NIS	Starts the Network Information Service unless `NISDOMAIN` is set to `-NO-` in /etc/hostconfig .
NetInfo	An empty startup script whose former role is now filled by part of /etc/rc .
Network	Configures network interfaces and the hostname. If `IPFORWARDING` is enabled in /etc/hostconfig , this script also enables IP forwarding.
NetworkExtensions	Loads various networking extensions.
NetworkTime	Starts the NTP client. Enable this with the `TIMESYNC` entry in /etc/hostconfig or with System Preferences Date & Time.
Portmap	An empty startup script whose former role is now filled by part of /etc/rc .
Postfix	Starts the Postfix mail server. If you want to enable Postfix, you will need to perform additional configuration. For more information, see Chapter 13.
PrintingServices	Starts the Common Unix Printing System (CUPS).
RemoteDesktopAgent	Starts the remote desktop server. Enable it with the `ARDAGENT` entry in /etc/hostconfig or by enabling Apple Remote Desktop in System Preferences Sharing.
SNMP	Starts snmpd , the SNMP daemon. Enable it with the `SNMPSERVER` entry in /etc/hostconfig.
SecurityServer	Starts the security server, which provides keychain management
SystemLog	An empty startup script whose former role is now filled by part of /etc/rc .
SystemTuning	An empty startup script whose former role is now filled by part of /etc/rc .

2.1.6 The Login Window

Once SystemStarter is finished, control is returned to init , which launches getty . In /etc/ttys , the console entry launches the Login Window ( /System/Library/CoreServices/loginwindow.app ). At this point, the system is fully functional and ready to accept logins.