rusty%garnet.Berkeley.EDU@violet.berkeley.edu (11/29/88)
On a Sun 3 I find that the safest way to do an ungraceful shutdown is to
do an L1-A to get to the prom monitor and then give it the command g0.
This causes the system to
(1) panic ("panic: 0"),
(2) sync the disks,
(3) dump all of ram out to the disk for savecore to retrieve when the
system reboots,
(4) reboot.
Step 3 takes long enough that at that point you can do another L1-A to
prevent it from rebooting, and shut off the power.
I don't know what a g0 does on a Sun 4 or a Sun 2.grossi@uunet.uu.net (Thomas Grossi) (12/01/88)
The system command /etc/shutdown (8) schedules a system halt or reboot and sends out messages to warn users. We made this command setuid so that any user could call it and also wrote a script (of the same name) to call it with the appropriate options (usually we want to reboot right away). If you can assume that your users are responsible people and won't abuse the command, there's probably no better way to stop a system gracefully. Thomas Grossi Cap Sogeti Innovation Grenoble, France
guy@uunet.uu.net (Guy Harris) (12/12/88)
>I don't know what a g0 does on a Sun 4 or a Sun 2.
I don't know what it does on a Sun-2 either, but at least on a Sun-4/2xx
(and probably on a 4/110) it does the same sort of ungraceful shutdown.trinkle@purdue.edu (12/14/88)
We also have written a setuid shutdown. However, rather than let anyone
use it, we have a shutdown.allow file that contains a list of valid
shutdown users. When a user runs shutdown, it looks for the name in the
allow list. If it finds the user, it prompts the user for their login
password and verifies it. This prevents someone from using an unattended
user's terminal. On workstations, it is easy to add the local user to the
allow list.
I also wrote a program that is used by shutdown (but is more general
purpose) to do the real work. It takes a description file similar to
cron, but with times relative to the target (shutdown) time. This makes
it easier to modify the shutdown behavior of various machines. It was
very useful when we had a VAX8600 with a DEUNA that needed to be
ifconfig'ed down before UNIX actually halted. It also would allow us to
send mail to specific users a few minutes before, etc. It is the kind of
stuff you would never want to add to the program, but is easy enough with
a configuration file.
If there is enough interest, I can probably bundle it up and make it
available through the Sun-Spots archive.
[[ Sounds good! I might be interested in it for around here: our systems
group uses a variant of Stanford's "V" instead of Unix, so generic
students need to have the ability to gracefully shut down Unix so they can
boot V. The local hack we run now is not very sophisticated. --wnl ]]
Daniel Trinkle trinkle@cs.purdue.edu ARPA
Department of Computer Sciences trinkle%purdue.edu@relay.cs.net CSNET
Purdue University {ucbvax,decvax}!purdue!trinkle UUCP
West Lafayette, IN 47907 (317) 494-7844 PHONE