Linux Booting Procedure

How Linux boot?

2
System startup
How computer startup?
 Booting is a bootstrapping process that
starts operating systems when the user
turns on a computer system
 A boot sequence is the set of
operations the computer performs
when it is switched on that load an
operating system
4
Booting sequence
1. Tern on
2. CPU jump to address of BIOS (0xFFFF0)
3. BIOS runs POST (Power-On Self Test)
4. Find bootale devices
5. Loads and execute boot sector form MBR
6. Load OS

5
 BIOS (Basic Input/Output System)
 BIOS refers to the software code run by a computer
when first powered on
 The primary function of BIOS is code program
embedded on a chip that recognises and controls
various devices that make up the computer.

BIOS on board
BIOS on screen
6
Boot loader
MBR (Master Boot Record)
 OS is booted from a hard disk, where the
Master Boot Record (MBR) contains the
primary boot loader
 The MBR is a 512-byte sector, located in the
first sector on the disk (sector 1 of cylinder 0,
head 0)
 After the MBR is loaded into RAM, the BIOS
yields control to it.

8
MBR (Master Boot Record)

9
MBR (Master Boot Record)
 The first 446 bytes are the primary boot loader,
which contains both executable code and error
message text
 The next sixty-four bytes are the partition table,
which contains a record for each of four partitions
 The MBR ends with two bytes that are defined as
the magic number (0xAA55). The magic number
serves as a validation check of the MBR

10
Extracting the MBR
 To see the contents of MBR, use this command:
 # dd if=/dev/hda of=mbr.bin bs=512 count=1
 # od -xa mbr.bin

**The dd command, which needs to be run from root,

reads the first 512 bytes from /dev/hda (the first Int
egrated Drive Electronics, or IDE drive) and writes t
hem to the mbr.bin file.
**The od command prints the binary file in hex and AS
CII formats.

11
Boot loader
 Boot loader could be more aptly called the
kernel loader. The task at this stage is to
load the Linux kernel
 Optional, initial RAM disk
 GRUB and LILO are the most popular Linux
boot loader.

12
Other boot loader (Several OS)
 bootman
 GRUB
 LILO
 NTLDR
 XOSL
 BootX
 loadlin
 Gujin
 Boot Camp
 Syslinux
 GAG

13
GRUB: GRand Unified Bootloader
 GRUB is an operating system independant boot loader
 A multiboot software packet from GNU
 Flexible command line interface
 File system access
 Support multiple executable format
 Support diskless system
 Download OS from network
 Etc.

14
 GRUB boot process
1. The BIOS finds a bootable device (hard disk) and transfers control to
the master boot record
2. The MBR contains GRUB stage 1. Given the small size of the MBR,
Stage 1 just load the next stage of GRUB
3. GRUB Stage 1.5 is located in the first 30 kilobytes of hard disk
immediately following the MBR. Stage 1.5 loads Stage 2.
4. GRUB Stage 2 receives control, and displays to the user the GRUB boot
menu (where the user can manually specify the boot parameters).
5. GRUB loads the user-selected (or default) kernel into memory and
passes control on to the kernel.

15
Example GRUB config file

16
LILO: LInux LOader
 Not depend on a specific file system
 Can boot from harddisk and floppy
 Up to 16 different images
 Must change LILO when kernel
image file or config file is changed

17
Kernel
Kernel image
 The kernel is the central part in most computer operating
systems because of its task, which is the management of
the system's resources and the communication between
hardware and software components
 Kernel is always store on memory until computer is tern off
 Kernel image is not an executable kernel, but a compress
kernel image
 zImage size less than 512 KB
 bzImage size greater than 512 KB

19
Init process
 The first thing the kernel does is to execute init
program
 Init is the root/parent of all processes
executing on Linux
 The first processes that init starts is a script
/etc/rc.d/rc.sysinit
 Based on the appropriate run-level, scripts are
executed to start various processes to run the
system and make it functional

20
The Linux Init Processes
 The init process is identified by process id "1“
 Init is responsible for starting system processes as defined
in the /etc/inittab file
 Init typically will start multiple instances of "getty" which w
aits for console logins which spawn one's user shell process
 Upon shutdown, init controls the sequence and processes f
or shutdown

21
System processes
Process ID Description
0 The Scheduler
1 The init process
2 kflushd
3 kupdate
4 kpiod
5 kswapd
6 mdrecoveryd

22
Inittab file
 The inittab file describes which processes are
started at bootup and during normal operation
 /etc/init.d/boot
 /etc/init.d/rc
 The computer will be booted to the runlevel as
defined by the initdefault directive in the
/etc/inittab file
 id:5:initdefault:

23
Runlevels
 A runlevel is a software configuration of
the system which allows only a selected
group of processes to exist
 The processes spawned by init for each
of these runlevels are defined in the
/etc/inittab file
 Init can be in one of eight runlevels: 0-6

24
 Runlevels
Runlevel Scripts Directory State
(Red Hat/Fedora Cor
e)
0 /etc/rc.d/rc0.d/ shutdown/halt system
1 /etc/rc.d/rc1.d/ Single user mode
2 /etc/rc.d/rc2.d/ Multiuser with no network services exported
3 /etc/rc.d/rc3.d/ Default text/console only start. Full multiuser
4 /etc/rc.d/rc4.d/ Reserved for local use. Also X-windows (Slackware/BSD)
5 /etc/rc.d/rc5.d/ XDM X-windows GUI mode (Redhat/System V)
6 /etc/rc.d/rc6.d/ Reboot

s or S Single user/Maintenance mode (Slackware)

M Multiuser mode (Slackware)

25
rc#.d files
 rc#.d files are the scripts for a
given run level that run during boot
and shutdown
 The scripts are found in the
directory /etc/rc.d/rc#.d/ where the
symbol # represents the run level

26
init.d
 Deamon is a background process
 init.d is a directory that admin can star
t/stop individual demons by changing
on it
 /etc/rc.d/init.d/ (Red Hat/Fedora )
 /etc/init.d/ (S.u.s.e.)
 /etc/init.d/ (Debian)

27
Start/stop deamon
 Admin can issuing the command and
either the start, stop, status, restart or
reload option
 i.e. to stop the web server:
 cd /etc/rc.d/init.d/
 (or /etc/init.d/ for S.u.s.e. and Debian)
 httpd stop

28
 Overview of RHEL 7
 Features

 Logging
 Dependencies
 Cgroups
 Activating Services

 Familiar with systemd Commands

 Graphical.target
 Multi-user.target
 Basic.target
 Sysinit.target
 Local-fs.target

29
Red Hat Enterprise Linux 7 Booting Process

30
 BIOS

 BIOS stands for Basic Input/output System

 Performs some system integrity checks
 Searches, loads, and executes the boot loader program.
 It looks for boot loader in floppy, CD-ROMs, or hard drive. You
can press a key (typically F12 of F2, but it depends on your
system) during the BIOS startup to change the boot sequence.
 Once the boot loader program is detected and loaded into the
memory, BIOS gives the control to it.
 So, in simple terms BIOS loads and executes the MBR boot
loader.

31
 MBR

 MBR stands for Master Boot Record.

 It is located in the 1st sector of the bootable disk. Typically
/dev/hda, or /dev/sda
 MBR is less than 512 bytes in size. This has three components as
shown:
 Primary boot loader info in 1st 446 bytes

 Partition table info in next 64 bytes

 MBR validation check in last 2 bytes.

 It contains information about GRUB2 (GRUB or LILO in old systems).

 So, in simple terms MBR loads and executes the GRUB2 boot
loader.

32
MBR (Master Boot Record)

33
 GRUB2

 The default bootloader program used on RHEL 7 is GRUB

2. GRUB stands for Grand Unified Bootloader. GRUB 2
replaces the older GRUB bootloader also called as legacy
GRUB.
 The GRUB 2 configuration file is located
at /boot/grub2/grub.cfg (Do not edit this file
directly).
 GRUB 2 menu-configuration settings are taken
from /etc/default/grub when generating grub.cfg.
 Sample /etc/default/grub file:

34
 GRUB2

If changes are made to any of these parameters, you need to

run grub2-mkconfig to re-generate the /boot/grub2/grub.cfg

35
 GRUB2

 GRUB2 searches the compressed kernel image file

also called as vmlinuz in the /boot
 GRUB2 loads the vmlinuz kernel image file into
memory and extracts the contents of
the initramfs image file into a temporary,
memory-based file system (tmpfs).
 The initial RAM disk (Initrd) is an initial root file
system that is mounted before the real root file
system.

36
 About Initramfs  –  /etc/dracut.conf

 The job of the initial RAM file system is to preload the block device
modules, such as for IDE, SCSI, or RAID, so that the root file system, on
which those modules normally reside, can then be accessed and
mounted.
 The initramfs is bound to the kernel and the kernel mounts this initramfs
as part of a two-stage boot process.
 The Dracut utility creates initramfs whenever a new kernel is installed.
 Use the lsinitrd command to view the contents of the image created by
dracut:
 #lsinitrd | less
 So, in simple terms GRUB2 just loads and executes Kernel and
initramfs images.

37
 Kernel

 Linux Kernel is the central core of the OS and it is the first

program loaded on the system starts up. While system
starting kernel loads all the necessary Kernel Modules and
Drives from initrd.img to load system first process
systemd in Linux 7.
 The kernel starts the systemd process with a process ID
of 1 (PID 1) as shown below:

systemd

38
 systemd

 Systemd process is the first process ID (PID 1) to run on

Linux 7 systems, it initializes the system and launches all
the services that were once started by the traditional init
(/etc/init.d) process. Systemd process reads the
configuration file
of /etc/systemd/system/default.target, then its load
the OS in targeted target.
 This tells systemd to start everything in the
/usr/lib/systemd/system/basic.target before starting the
other multi-user services.

39
Troubleshooting of Booting related issues

40
Booting RHEL 7 into Rescue Mode
 Rescue mode is equivalent to single user mode and
requires the root password
  Rescue mode allows you to repair your system in
situations when it is unable to complete a regular booting
process. 
 Rescue mode will try to mount all local file systems and
start some important system services, but it does not
activate network interfaces neither allow multiple users to
be logged in.

41
Booting RHEL 7 into Rescue Mode
 There are 2 ways to get into rescue mode :

1. Method 1
There is a GRUB2 menu option when you boot up the
system which can be selected to directly boot into rescue
mode.

42
Booting RHEL 7 into Rescue Mode
 2. Method 2
1. During bootup, when the GRUB2 menu shows up, press the
e key for edit.
 2. Add the following parameter at the end of the linux16 line:

 Systemd.unit=rescue.target
 Press Ctrl+a (or Home) and Ctrl+e (or End) to jump to the
start and end of the line.


43
Booting RHEL 7 into Rescue Mode

3. Press Ctrl+x to boot the system with the parameter.

44
Booting RHEL 7 into Emergency Mode
Emergency mode provides the most minimal environment possible
and allows you to repair your system even in situations when the
system is unable to enter rescue mode.
In emergency mode, the system mounts the root file system as read-
only, does not attempt to mount any other local file systems, does not
activate network interfaces.  and only starts few essential services.
In Red Hat Enterprise Linux 7, emergency mode requires
the root password.


45
Booting RHEL 7 into Emergency Mode
Bootup into Emergency mode(target)

1. During bootup, when the GRUB2 menu shows up, press the e key for edit.

2. Add the following parameter at the end of the linux16 line

systemd.unit=emergency.target

46
Booting RHEL 7 into Emergency Mode
 Press Ctrl+a (or Home) and Ctrl+e (or End) to jump to the start and end of
the line.

 Press Ctrl+x to boot the system with the parameter.

47
 Switch to Emergency mode(target)

To switch to Emergency target, simply run following command as root:

#systemctl emergency
To prevent systemd from sending informative messages

#systemctl --no-wall emergency

#systemctl isolate emergency.target

Switch to Rescue mode(target)

To switch to rescue target, simply run following command as root:

#systemctl rescue
To prevent systemd from sending informative messages

#systemctl --no-wall emergency

#systemctl isolate emergency.target

48
Changing and Resetting the Root
Password

Setting up the root password is a mandatory part of the Red Hat Enterprise Linux 7

installation. If you forget or lose the root password it is possible to reset it, however users
who are members of the wheel group can change the root password as follows:

$ sudo passwd root

The root password is now required to operate in single-user mode as well as

in emergency mode.

Two procedures for resetting the root password are shown here:

Resetting the Root Password Using an Installation Disk takes you to a shell prompt, without
having to edit the GRUB menu. It is the shorter of the two procedures and it is also the
recommended method. You can use a boot disk or a normal Red Hat Enterprise Linux 7
installation disk.

49
Changing and Resetting the Root
Password

Resetting the Root Password Using an Installation Disk

Start the system and when BIOS information is displayed, select the option for a
boot menu and select to boot from the installation disk.
Choose Troubleshooting.

Choose Rescue a Red Hat Enterprise Linux System.

Choose Continue which is the default option. At this point you will be promoted

for a passphrase if an encrypted file system is found.
Press OK to acknowledge the information displayed until the shell prompt
appears.
Change the file system root as follows:

#chroot /mnt/sysimage

50
Changing and Resetting the Root
Password

Enter the passwd command and follow the instructions displayed on the command

line to change the root password.
Remove the autorelable file to prevent a time consuming SELinux relabel of the
disk:

# rm –f /.autorelabel

Enter the exit command to exit the chroot environment.

Enter the exit command again to resume the initialization and finish the system
boot.

51
Changing and Resetting the Root
Password

 Procedure 25.5. Resetting the Root Password Using rd.break


Start the system and, on the GRUB 2 boot screen, press the e key for edit.
 Remove the rhgb and quiet parameters from the end, or near the end, of the linux16 line,
or linuxefi on UEFI systems.
 Press Ctrl+a and Ctrl+e to jump to the start and end of the line, respectively. On some
systems, Home and End might also work.

 IMPORTANT
 The rhgb and quiet parameters must be removed in order to enable system messages.

 Add the following parameters at the end of the linux line on 64-Bit IBM Power Series,
the linux16 line on x86-64 BIOS-based systems, or the linuxefi line on UEFI systems:

 rd.break enforcing=0

52
Changing and Resetting the Root
Password

 Adding the enforcing=0 option enables omitting the time consuming SELinux relabeling

process.
 The initramfs will stop before passing control to the Linux kernel, enabling you to work
with the root file system.
 Note that the initramfs prompt will appear on the last console specified on the Linux line.
 Press Ctrl+x to boot the system with the changed parameters.
 With an encrypted file system, a password is required at this point. However the
password prompt might not appear as it is obscured by logging messages. You can press
the Backspace key to see the prompt. Release the key and enter the password for the
encrypted file system, while ignoring the logging messages.
 The initramfs switch_root prompt appears.

 The file system is mounted read-only on /sysroot/. You will not be allowed to change the
password if the file system is not writable.

53
Changing and Resetting the Root
Password

 Remount the file system as writable:

 #mount –o remount,rw /sysroot

 The file system is remounted with write enabled.

 Change the file system's root as follows:

 #chroot /mnt/sysimage

 The prompt changes to sh-4.2#.

 Enter the passwd command and follow the instructions displayed on the command line to
change the root password.
 Note that if the system is not writable, the passwd tool fails with the following error:
#Authentication token manipulation error

54
Changing and Resetting the Root
Password

 Updating the password file results in a file with the incorrect SELinux security
context. To relabel all files on next system boot, enter the following command:

 # touch /.autorelabel

 Alternatively, to save the time it takes to relabel a large disk, you can omit this
step provided you included the enforcing=0 option in step 3.
 Remount the file system as read only:

 # mount –o remount,ro /

 Enter the exit command to exit the chroot environment.

55
Changing and Resetting the Root
Password

Enter the exit command again to resume the initialization and finish the system boot.
With an encrypted file system, a pass word or phrase is required at this point. However the password
prompt might not appear as it is obscured by logging messages. You can press and hold the Backspace key
to see the prompt. Release the key and enter the password for the encrypted file system, while ignoring the
logging messages.
NOTE

Note that the SELinux relabeling process can take a long time. A system reboot will occur automatically
when the process is complete.

Ifyou added the enforcing=0 option in step 3 and omitted the touch /.autorelabelcommand in step 8, enter
the following command to restore the /etc/shadow file's SELinux security context:~]# restorecon
# restorecon /etc/shadow

Enter the following commands to turn SELinux policy enforcement back on and verify that it is on:
Setenforce 1
getenforce

56
 Overview of RHEL 7
 Features

 Logging
 Dependencies
 Cgroups
 Activating Services

 Familiar with systemd Commands

 Graphical.target
 Multi-user.target
 Basic.target
 Sysinit.target
 Local-fs.target

57
 INTRODUCTION TO GRUB 2
 Red Hat Enterprise Linux 7 is distributed with version 2 of the GNU GRand
Unified Bootloader (GRUB 2), which allows the user to select an operating
system or kernel to be loaded at system boot time. GRUB 2 also allows the
user to pass arguments to the kernel.

 GRUB 2 reads its configuration from the /boot/grub2/grub.cfg file on

traditional BIOS-based machines and from the
/boot/efi/EFI/redhat/grub.cfg file on UEFI machines. This file contains
menu information.

 The GRUB 2 configuration file, grub.cfg, is generated during installation, or

by invoking the /usr/sbin/grub2-mkconfig utility, and is automatically
updated by grubby each time a new kernel is installed.

58
MENU ENTRIES IN GRUB.CFG

59
 MENU ENTRIES IN GRUB.CFG

Each menuentry block that represents an installed Linux kernel

contains linux on 64-bit IBM POWER Series, linux16 on x86_64
BIOS-based systems, and linuxefi on UEFI-based systems.
The kernel version number as given on the linux16 /vmlinuz-
kernel_version line must match the version number of the
initramfs image given on the initrd /initramfs-
kernel_version.img line of each menuentry block

60
MAKING TEMPORARY CHANGES TO A GRUB 2 MENU

Making Temporary Changes to a Kernel Menu Entry

Startthe system and, on the GRUB 2 boot screen, move the cursor to
the menu entry you want to edit, and press the e key for edit.

Move the cursor down to find the kernel command line. The kernel
command line starts with linux on 64-Bit IBM Power Series, linux16 on
x86-64 BIOS-based systems, or linuxefi on UEFI systems.

Move the cursor to the end of the line.

Press Ctrl+a and Ctrl+e to jump to the start and end of the line,
respectively. On some systems, Home and End might also work.

61
MAKING TEMPORARY CHANGES TO A GRUB 2 MENU

 Edit the kernel parameters as required. For example, to run the system in
emergency mode, add the emergency parameter at the end of the linux16
line:

 linux16 /vmlinuz-3.10.0-0.rc4.59.el7.x86_64 root=/dev/mapper/rhel-

root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0
vconsole.keymap=us rd.lvm.lv=rhel/root rhgb quiet emergency

 The rhgb and quiet parameters can be removed in order to enable system
messages.

 These settings are not persistent and apply only for a single boot. To make
persistent changes to a menu entry on a system, use the grubby tool.

62
MAKING PERSISTENT CHANGES TO A GRUB 2 MENU USING
THE GRUBBY TOOL

 The grubby tool can be used to read information from, and make
persistent changes to, the grub.cfg file.

 In Red Hat Enterprise Linux 7, if grubby is invoked manually without

specifying a GRUB configuration file, it defaults to searching for
/etc/grub2.cfg, which is a symbolic link to the grub.cfg file, whose
location is architecture dependent. If that file cannot be found it will
search for an architecture dependent default.

 # ls -ltr /etc/grub2.cfg
 lrwxrwxrwx. 1 root root 22 Apr 4 2016 /etc/grub2.cfg ->
../boot/grub2/grub.cfg

63
MAKING PERSISTENT CHANGES TO A GRUB 2 MENU USING
THE GRUBBY TOOL

 LISTING THE DEFAULT KERNEL

 To find out the file name of the default kernel, enter a command as follows:

# grubby --default-kernel
 /boot/vmlinuz-3.10.0-229.4.2.el7.x86_64
#

CHANGING THE DEFAULT BOOT ENTRY

To make a persistent change in the kernel designated as the default kernel, use the
grubby command as follows:

# grubby --set-default /boot/vmlinuz-3.10.0-229.4.2.el7.x86_64

64
MAKING PERSISTENT CHANGES TO A GRUB 2 MENU USING
THE GRUBBY TOOL
 VIEWING THE GRUB MENU ENTRY FOR A KERNEL
L
 #grubby –info=ALL

 To view the GRUB menu entry for a specific kernel, enter a commands as follows:

 #grubby –info /boot/vmlinuz-3.10.0-327.3.1.el7.x86_64

 [root@nrpar02 grub2]# grubby --info /boot/vmlinuz-3.10.0-327.3.1.el7.x86_64

 index=0
 kernel=/boot/vmlinuz-3.10.0-327.3.1.el7.x86_64
 args="ro crashkernel=auto rd.lvm.lv=VolGroup70/root rd.lvm.lv=VolGroup70/swap rhgb quiet
LANG=en_GB.UTF-8 systemd.debug"
 root=/dev/mapper/VolGroup70-root
 initrd=/boot/initramfs-3.10.0-327.3.1.el7.x86_64.img
 title=Red Hat Enterprise Linux Server (3.10.0-327.3.1.el7.x86_64) 7.1 (Maipo)

65
MAKING PERSISTENT CHANGES TO A GRUB 2 MENU USING
THE GRUBBY TOOL
 ADDING AND REMOVING ARGUMENTS FROM A GRUB MENU ENTRY

#grubby --remove-args="rhgb quiet" --args=console=ttyS0,115200 --update-kernel
/boot/vmlinuz-3.10.0-229.4.2.el7.x86_64

 This command removes the Red Hat graphical boot argument, enables boot message to
be seen, and adds a serial console. As the console arguments will be added at the end of
the line, the new console will take precedence over any other consoles configured.

 UPDATING ALL KERNEL MENUS WITH THE SAME ARGUMENTS

 # GRUBBY --UPDATE-KERNEL=ALL --ARGS=CONSOLE=TTYS0,115200

66
 MAKING PERSISTENT CHANGES TO A GRUB 2 MENU USING
THE GRUBBY TOOL
 CHANGING A KERNEL ARGUMENT
 To change a value in an existing kernel argument, specify the argument again,
changing the value as required. For example, to change the virtual console font size,
use a command as follows:

 #grubby --args=vconsole.font=latarcyrheb-sun32 --update-kernel /boot/vmlinuz-

3.10.0-229.4.2.el7.x86_64
 index=0
 kernel=/boot/vmlinuz-3.10.0-229.4.2.el7.x86_64
 args="ro rd.lvm.lv=rhel/root crashkernel=auto rd.lvm.lv=rhel/swap
vconsole.font=latarcyrheb-sun32 vconsole.keymap=us LANG=en_US.UTF-8"
 root=/dev/mapper/rhel-root
 initrd=/boot/initramfs-3.10.0-229.4.2.el7.x86_64.img
 title=Red Hat Enterprise Linux Server (3.10.0-229.4.2.el7.x86_64) 7.0 (Maipo)

67
LAB ON RHEL 7

68