SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

redhatboot

Red Hat Boot Process

Red Hat has a 4 stage boot process:

  • BIOS
  • GRUB
  • Kernel
  • Init

BIOS

The BIOS, also known as Basic Input/Output System is the firmware built into the hardware that initializes the hardware and prepares the system to start an OS.

There are two main functions:

  • Detects and initializes the hardware
  • Determines the device to boot from

Normally it can be interrupted using Vendor Specific or Functions Keys:

  • F1/F2: Often used for opening the BIOS configuration utility
  • F12: Often used to perform a one-time override of the boot device

GRUB

GRUB, the GRand Unified Bootloader, is loaded by the BIOS and is used to select the Operating System.

There are three main functions:

  • Loads Initial RAM file system (initramfs)
  • Loads and executes kernel
  • Provides kernel's command line

GRUB can be interrupted to:

  • Use e or a to select a different kernel image or edit the kernel command line
  • Edit the kernel command line to boot into single user mode
    • Use e to go into editing
    • Select the second line (the kernel line)
    • At the end, add single to the line
    • Press b to boot the system
  • Boot with init=/bin/bash
    • Use e to go into editing
    • Select the second line (the kernel line)
    • At the end, add init=/bin/bash to the line
    • Press b to boot the system

The last option opens a command line to do some basic system troubleshooting. However, the filesystems will be mounted by default as readonly. You can remount the filesystems like this:

mount -o remount,rw /

Now you could, for example reset the root password using the passwd command.

Grub.conf

This is the /boot/grub/grub.conf config file:

[root@localhost ~]# cat /boot/grub/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#          all kernel and initrd paths are relative to /boot/, eg.
#          root (hd0,0)
#          kernel /vmlinuz-version ro root=/dev/sda2
#          initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=57d2527c-66f3-46d8-a7b5-dd45be6169ab rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-431.el6.x86_64.img
[root@localhost ~]#

Securing GRUB

You can secure GRUB to prevent it from being edited. It's a two step system:

  1. Create a password string using the grub crypt command
  2. Add this string to the grub.conf file

So first create the password string:

[root@localhost ~]# grub-md5-crypt
Password:
Retype password:
$1$7l1/g1$qQ2Q/KR6iI8FGL9r/O0d11

Now add this string to the grub.conf file:

....
hiddenmenu
password --md5 $1$7l1/g1$qQ2Q/KR6iI8FGL9r/O0d11
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=57d2527c-66f3-46d8-a7b5-dd45be6169ab rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-431.el6.x86_64.img

Now you can still boot without a password, but if you'd like to edit these options you are requested to enter a password:
redhatboot01.jpg

Kernel

The kernel is the heart of the OS, it manages the hardware. Drivers are integrated into the kernel.

There are four main functions:

  • Detect hardware devices
  • Load device drivers (modules) for the devices
  • Mount the root file system read only

Start the initial process init

The only way to generally influence this is through GRUB. You can load kernel modules after the initial boot:

  • Use lsmod to show loaded kernel modules
  • Use modinfo to display more info about a particular module
  • Use modprobe <module_name> to load a module, and use modprobe -v to also show the loading of dependent modules
  • Use modprobe -r <module_name> to unload a module

Lsmod displays the module, how much memory it takes up, and the number of processes that are using the module:

[root@localhost ~]# lsmod
Module                  Size  Used by
lp                      9242  0
rfcomm                 74119  4
sco                    18005  2
bridge                 83177  0
bnep                   16690  2
l2cap                  55682  16 rfcomm,bnep
bnx2fc                 90507  0
cnic                   57079  1 bnx2fc
uio                    10462  1 cnic
fcoe                   23298  0
libfcoe                56791  2 bnx2fc,fcoe
libfc                 108670  3 bnx2fc,fcoe,libfcoe
scsi_transport_fc      55299  3 bnx2fc,fcoe,libfc
8021q                  25349  0
scsi_tgt               12077  1 scsi_transport_fc
garp                    7152  1 8021q
stp                     2218  2 bridge,garp
llc                     5546  3 bridge,garp,stp
ipt_REJECT              2351  9
nf_conntrack_ipv4       9506  4
nf_defrag_ipv4          1483  1 nf_conntrack_ipv4
iptable_filter          2793  1
ip_tables              17831  1 iptable_filter
nf_conntrack_ftp       12913  0
ip6t_REJECT             4628  8
nf_conntrack_ipv6       8748  4
nf_defrag_ipv6         11182  1 nf_conntrack_ipv6
xt_state                1492  8
nf_conntrack           79758  4 nf_conntrack_ipv4,nf_conntrack_ftp,nf_conntrack_ipv6,xt_state
ip6table_filter         2889  1
ip6_tables             18732  1 ip6table_filter
ipv6                  317340  156 cnic,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6
fuse                   73530  2
vmhgfs                 49720  0
vsock                  46726  0
uinput                  7992  0
microcode             112685  0
ppdev                   8537  0
vmware_balloon          7199  0
btusb                  16851  2
bluetooth              99271  9 rfcomm,sco,bnep,l2cap,btusb
rfkill                 19255  2 bluetooth
snd_ens1371            21587  2
snd_rawmidi            23017  1 snd_ens1371
snd_ac97_codec        124967  1 snd_ens1371
ac97_bus                1452  1 snd_ac97_codec
snd_seq                55727  0
snd_seq_device          6500  2 snd_rawmidi,snd_seq
snd_pcm                87409  2 snd_ens1371,snd_ac97_codec
snd_timer              22443  2 snd_seq,snd_pcm
snd                    70569  11 snd_ens1371,snd_rawmidi,snd_ac97_codec,snd_seq,snd_seq_device,snd_pcm,snd_timer
soundcore               7958  1 snd
snd_page_alloc          8856  1 snd_pcm
e1000                 170646  0
parport_pc             22690  1
parport                36209  3 lp,ppdev,parport_pc
sg                     29350  0
vmci                   74263  2 vmhgfs,vsock
i2c_piix4              12608  0
i2c_core               31084  1 i2c_piix4
shpchp                 32778  0
ext4                  374902  3
jbd2                   93427  1 ext4
mbcache                 8193  1 ext4
sr_mod                 15177  0
cdrom                  39085  1 sr_mod
sd_mod                 39069  6
crc_t10dif              1541  1 sd_mod
ahci                   42215  0
pata_acpi               3701  0
ata_generic             3837  0
ata_piix               24601  0
mptspi                 16603  4
mptscsih               36700  1 mptspi
mptbase                93615  2 mptspi,mptscsih
scsi_transport_spi     25863  1 mptspi
dm_mirror              14384  0
dm_region_hash         12085  1 dm_mirror
dm_log                  9930  2 dm_mirror,dm_region_hash
dm_mod                 84209  2 dm_mirror,dm_log

Modinfo show general info and parameters:

[root@localhost ~]# modinfo e1000
filename:       /lib/modules/2.6.32-431.el6.x86_64/kernel/drivers/net/e1000/e1000.ko
version:        7.3.21-k8-NAPI
license:        GPL
description:    Intel(R) PRO/1000 Network Driver
author:         Intel Corporation, <linux.nics@intel.com>
srcversion:     1D4F1E82BB99EA36D320B1B
alias:          pci:v00008086d00002E6Esv*sd*bc*sc*i*
....
alias:          pci:v00008086d00001000sv*sd*bc*sc*i*
depends:
vermagic:       2.6.32-431.el6.x86_64 SMP mod_unload modversions
parm:           TxDescriptors:Number of transmit descriptors (array of int)
parm:           RxDescriptors:Number of receive descriptors (array of int)
parm:           Speed:Speed setting (array of int)
parm:           Duplex:Duplex setting (array of int)
parm:           AutoNeg:Advertised auto-negotiation setting (array of int)
parm:           FlowControl:Flow Control setting (array of int)
parm:           XsumRX:Disable or enable Receive Checksum offload (array of int)
parm:           TxIntDelay:Transmit Interrupt Delay (array of int)
parm:           TxAbsIntDelay:Transmit Absolute Interrupt Delay (array of int)
parm:           RxIntDelay:Receive Interrupt Delay (array of int)
parm:           RxAbsIntDelay:Receive Absolute Interrupt Delay (array of int)
parm:           InterruptThrottleRate:Interrupt Throttling Rate (array of int)
parm:           SmartPowerDownEnable:Enable PHY smart power down (array of int)
parm:           KumeranLockLoss:Enable Kumeran lock loss workaround (array of int)
parm:           copybreak:Maximum size of packet that is copied to a new buffer on receive (uint)
parm:           debug:Debug level (0=none,...,16=all) (int)

And an example of loading and unloading a kernel module:

[root@localhost ~]# modprobe -v wacom
insmod /lib/modules/2.6.32-431.el6.x86_64/kernel/drivers/input/tablet/wacom.ko
[root@localhost ~]# modprobe -r wacom

Init

The first process that starts is init, it is responsible for starting all remaining processes, directly or indirectly.

These steps are taken:

  • Init runs the /etc/init/rcS.conf job which:
    • Runs /etc/rc.d/rc.sysinit ro start LVM, mount filesystems, set system clock and other things
    • Check /etc/inittab for the runlevel
    • Tells the runlevel to init
  • The runlevel event makes init run the /etc/init/rc.conf job which
    • Runs /etc/etc/rc.d/rc script with the runlevel as argument

You can take a look at the process by:

  • Pressing ALT-TAB from a graphical environment to view error messages
  • Pressing ALT-F11 to watch the boot process as it happens
  • Press I (capital i) during service startup to select services interactively

This last option will show a screen like this:
redhatboot02.jpg

You could leave a comment if you were logged in.
redhatboot.txt · Last modified: 2021/09/24 00:25 (external edit)