Bug #10980
closed
``/etc/rc.local`` script content is executed at login instead of during boot sequence
100%
Description
See https://redmine.pfsense.org/issues/10978 for context.
/etc/skel/.profile is copied to .profile in all users home directories when they are created, including admin/root. This file contains a (incorrect? The test fails when you log in via SSH) test for interactive mode that executes /etc/rc.initial if the test returns false. In effect the goal seems to be to execute /etc/rc.initial whenever any user logs in non-interactively.
If this were working as intended the /etc/rc.initial script for every user who logs in, every time they log in, if that login was non-interactive. This seems like a mistake on it's face. However the script is not working as intended, and it is executed every time a user logs in, even interactively. This is easy to demonstrate by creating a simple /etc/rc.local script that echoes something to the console. The echoed message will be displayed every time you log in interactively.
The bigger issue is that /etc/rc.local should only be executed once, at boot. It should not be executed every time a user logs in, and it should not rely on a user to log in in order to be executed. This is a long-standing BSD init script that exists to facilitate simple startup routines that don't merit an entire rc.d style startup script in e.g. /usr/local/etc/rc.d/. I don't believe that pfSense ever uses /etc/rc.local for anything itself, and this bugs makes it difficult to use for admins as well.
Updated by Jim Pingle over 4 years ago
- Subject changed from rc.initial, and thus rc.local, is executed every time someone logs on to the console instead of just once at boot to rc.local is executed at login by rc.initial, and not at boot time.
- Category set to Operating System
Only the rc.local parts are relevant here.
Non-root/admin users don't need the menu since most of its options wouldn't work anyhow.
The rc.local* parts can be moved out of rc.initial into /etc/pfSense-rc
Updated by Marcos M over 1 year ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset ce83f38a8a51c3abe1291878420627343cf6b4a4.
Updated by Marcos M over 1 year ago
- Subject changed from rc.local is executed at login by rc.initial, and not at boot time. to rc.local is executed at login instead of at boot time.
- Assignee set to Marcos M
- Target version set to CE-Next
- Plus Target Version set to 24.03
- Release Notes set to Default
- Affected Architecture All added
Updated by Marcos M over 1 year ago
- Subject changed from rc.local is executed at login instead of at boot time. to rc.local is executed at login instead of at boot time
Updated by Jordan G over 1 year ago
confirm startup scripts added (as described here - https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html#shell-script-option) do not run until logging in on 23.09
attempted applying patch and still the script did not run until login completed following a reboot, could be user error or perhaps more time is needed?
Updated by Jim Pingle about 1 year ago
- Subject changed from rc.local is executed at login instead of at boot time to ``/etc/rc.local`` script content is executed at login instead of during boot sequence
- Target version changed from CE-Next to 2.8.0
Updated by alzee bum about 1 year ago
Jordan G wrote in #note-5:
confirm startup scripts added (as described here - https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html#shell-script-option) do not run until logging in on 23.09
attempted applying patch and still the script did not run until login completed following a reboot, could be user error or perhaps more time is needed?
Jordan, I don't think that sounds like the correct behavior for /usr/local/etc/rc.d scripts -- they should run on boot regardless of the user logging in or not.
That said the problem described in this issue is that /etc/rc.local does not run -- not that things in /usr/local/etc/rc.d do or don't run. Scripts in that directory are somewhat inappropriate substitutes as they require the entire rc. subsystem be used in order to function properly.
For example the page you linked to indicates the scripts will not only run on startup but, "also during certain system events (e.g. interface link changes, IP address changes, and gateway events)."
In a normal FreeBSD system, those scripts are passed some parameter or other (start, stop, restart, etc.) and are required to have a specific structure to handle that. See the existing scripts in that directory (none of which end in .sh by the way, which that documentation states they must) for examples.
Updated by Jim Pingle about 1 year ago
Somehow the change didn't get carried over into rc.initial on Plus. I just made the equivalent commit there that removed the code for rc.local from rc.initial.
Updated by Jim Pingle about 1 year ago
- Status changed from Feedback to Resolved
This is working as expected on the latest Plus snapshot.