Objective
# Boot Linux
1 - Boot Process
Steps
Turn on computer
Special hardware circuit causes the CPU to look at pre-determined address, and execute firmware stored in that location
Firmware
- Motherboard firmware performs Power-On-Self-Test (POST)
- Initialize & configure hardware to a known operational state
- Loads boot loader from boot device (first hard disk)
- Pass control to boot loader
Boot loader loads the OS kernel, or chainload another loader
- BIOS - MBR
- EFI - ESP
Linux kernel program loads into memory
- Initializing devices
- Mount the root partition
- Load & execute the initial program (
/sbin/init)
/sbin/inithas PID = 1, and reads from/etc/inittab
Initialization -
initstarts the rest of the system services via startup scripts (SysV / systemd)Once Linux is running, it doesn’t use BIOS services for I/O. It uses its own drivers to access hardware
Boot without a keyboard
- Many won’t boot, if keyboard is unplugged
- Firmware option: Halt On
Tells firmware in what situation it should refuse to boot
BIOS
BIOS & UEFI are embedded firmware to start the boot process (launch boot loader program)
Notes
Boot process begin by reading boot sector (first sector) from disk, then execute the code
Boot options for BIOS-based computers are limited
- Can only select the order in which boot devices are examined, to find the boot sector
- SCSI disks & SATA disks won’t appear in the main BIOS disk-detection screen
Most important limitation
Can only read one sector’s data from hard drive into memory to run
- Not enough space to load entire OS
Work-around: Split boot process into 2 parts
BIOS runs boot loader program : init. hardware & find and run full OS program
BIOS finds boot loader program : internal / external hard drive, CD / DVD, USB, ISO, etc.
Boot loader program usually has a config file
Boot loader program points to OS kernel file / another boot loader program
No size limitation on the kernel boot file
BIOS 2 important functions
- Configures hardware (built into motherboard & on different plug-in cards)
- Begins boot process, pass control to the boot loader in MBR
UEFI
UEFI: Unified Extensible Firmware Interface
Check whether system is using EFI:
1 | ls /sys/firmware/efi # no such file: BIOS |
Notes
Boot process involves read boot loader file from filesystem, on ESP (EFI System Partition)
EFI begins boot redirection from the firmware level
ESP use FAT filesystem to store boot loader program
ESP is mounted in
/boot/efi, boot loader file:.efi(stores separate boot loader for each OS)
Present extended range of boot options
e.g. Default boot loader files from multiple boot loaders on the computer’s hard disk,
or various devices (e.g grant precedence to bootable USB)With UEFI: need to register each boot loader file to appear at boot time
No size limit for loading boot loader program: Possible to load OS kernel directly without boot loader
For security reason, better to make first hard disk as the only boot device
2 - Boot Loader
Primary boot loader
- Examine partition table, locates the bootable partition
- Or locates OS kernel & execute directly
Boot loader & Boot manager
- Boot loader: loads kernel into memory, and transfers control to it
- Boot manager: presents a menu of boot options
Superblock is part of the filesystem. It describes basic filesystem features such as size, status.
On BIOS based computers, superblock can hold a portion of the boot loader, so damaging it can cause boot problems.
- Fix:
fsckto repair filesystem
Grub Legacy
- Supports BIOS, but not EFI
- Disk & partition: both indexes start from 0. e.g.
(hd0, 0) - Doesn’t distinguish between PATA, SATA, SCSI: First SCSI drive is
hd0 - Treat USB as hard disk
- Config file
- Two sections: Global definitions & OS boot definitions
-
/boot/grub/menu.lst /boot/grub/grub.conf
Options
splashimage: Background image for boot menudefault=: which OS to boottimeout=: wait for user input before booting the default OSchainloader: pass control to another boot loaderinitrd: Initial RAM disk (contains drivers for kernel to interact with system hardware)Replaced by
initramfs(initial RAM filesystem)
Install
Install to the first sector (MBR):
grub-install /dev/sdaInstall on a hard disk, not on a partition
Remember to install grub when changes are made to the disk configuration.
e.g. Resizing / moving the GRUB root partition
Grub 2
Boot loader + Boot manager
Grub Manual at GNU website
Notes
BIOS + EFI
Config file (never edit explicitly):
BIOS:
/boot/grub/grub.cfgUEFI:
/boot/efi/EFI/[distro]
- Modify:
/etc/default/grub(global commands) - Support loadable modules for specific filesystems & operation modes
- Partition indexes start from 1, support GPT:
(hd0, gpt2) - Files in
/etc/grub.d: control particular GRUB OS probers
Options
Menuentry: 1st line for each boot definition sectioninitrdefi: initial RAM filesystem (for UEFI system only)Install:
grub-installUpdate:
update grub📌1
2# equivalent to
grub-mkconfig -o > /boot/grub/grub.cfg
Kernel Boot Parameters
Reference: Linux Kernel Archive
| Parameter | Explanation |
|---|---|
debug |
Enable kernel debugging |
init= |
Execute specific program. e.g. /bin/bash instead of /sbin/init |
initrd= |
Change location of inital RAM filesystem |
root= |
Change root filesystem |
ro |
Mount root filesystem as read-only |
rootflags= |
Set root filesystem’s mount options |
single / Single /S / 1 |
Boot into single-user mode (SysV init system only!) |
systemd.unit= |
Boot to specified target (Systemd system only!) |
Other
- Syslinux
- LILO (Linux Loader)
- ELILO
- rEFIt
- rEFInd
- gummiboot
Secure boot
- Microsoft’s request of firmware feature
- EFI-based computer will launch a boot loader,
only if it’s been cryptographically signed with a key whose counterpart is stored in the firmware
Fix damaged boot loader
Try to boot a kernel from the hard disk
Use live image (e.g. Super GRUB Disk)
Bootable disc image with options to locate & use the GRUB config file
3 - Boot Info
dmesg/var/log
Linux kernel & module log information: Kernel ring buffer
Boot message
Kernel ring buffer is stored under
/var/log/dmesg- Circular buffer, set to a predetermined size
- Held in memory, cleared & regenerated after each boot
- If using
systemd-journald, then boot messages are stored in a journal. Check withjournalctl
- System logger (
syslogd) :/var/log/messagesor/var/log/syslog
Interpret boot message
Look for hardware type names
Search for
SCSI- Linux treats many disk devices as SCSI disksHardware chipset name
8169for RealTek 8169 Ethernet interfaceStudy the output from a working system
During boot, reveal message by pressing
Esc
# Init: SysV & Systemd
The initialization daemon (init) determines which services are started, in what order
SysV: Based on Unix System V initialization daemon
Systemd: located in
/etc,/bin,/sbin,PID = 1Find
initprogram1
2
3
4
5# find init location
which init
# check linked file
readlink -f /sbin/init
1 - SysV & Runlevels
Runlevels
Runlevel 0, 1, and 6 are reserved for special purposes.
| Runlevel | Meaning |
|---|---|
| 0 | Power off (sudo init 0) |
1 (or s, S) |
Single user mode. For low-level maintenance, e.g. resizing partitions |
| 2 | Debian: Multi-user graphic mode |
| 3 | Redhat: Multi-user text mode |
| 4 | For user customization |
| 5 | Redhat: Multi-user graphic mode |
| 6 | Reboot (sudo init 6) |
/etc/inittab file
Format
1
id:runlevel:action:process
Example
1
2
3l0:0:wait:/etc/init.d/rc 0
...
l6:6:wait:/etc/init.d/rc 6
SysV Startup Script
Location:
-
/etc/init.d/rc📌 -
/etc/rc.d/rc
-
Crucial task: Run all the scripts associated with the runlevel
Determine current runlevel:
runlevelChange runlevel:
reboot&poweroffare usually symlink tohalt-
halt -
reboot -
poweroff
-
Commands
1 | # status |
2 - Systemd
Notes
- Parallel startup
- Master config:
/etc/systemd/system.conf
Commands
1 | # reload config file |
States
-
enabled- start at system boot -
disabled- doesn’t start at system boot -
static- only starts if another unit depends on it
Turn off the less pager for systemctl display:
1 | systemctl xx --nopager |
Unit Files
A unit defines an action / service / target (group of services). Each unit consists of name, type & config file.
Currently there’re 12 types of systemd unit file:
- Automount
- Device
- Mount
- Path
- Scope
- Service
- Slice
- Snapshot
- Socket
- Swap
- Target (groups of services that start at system boot)
- Timer
1 | # show current status of all configured units |
The default.target ensures all required services are launched at system init.
-
graphical.target- GUI -
multi-user.target- Text -
runlevel[n].target- backward compatibility to legacy SysV (n = 1 to 5)
Directory location for a unit file is critical, due to precedence override.
1 | /etc/systemd/system # priority 1 |
Config Sections
[Unit]-
Requires- If any required unit does not start, this unit won’t start -
Wants- Still starts, even any required unit fails to start
-
[Install]-
Alias- Set additional names -
RequiredBy- Other units that require this service -
WantBy- Other units that want thos service
-
[Service]-
ExecReload- Run commands when reload unit -
ExecStart- Run commands when start unit -
ExecStop- Run commands when stop unit -
Environment- Set env var, separated by a space 📌 -
Environment File- Set file that contains env var RemainAfterExit- Set tono/yes.
If yes, service is left active even process starts withExecStartis terminated
-
Special Commands
Determine system’s operational status
1 | systemctl is-system-running |
Operational status
-
running- everything is in full working order -
degraded- has one or more failed units -
maintenance- emergency / recovery mode -
initializing- start to boot -
starting- still booting -
stopping- shut down in progress
Other commands
1 | # find failed units |
Special targets
- Rescue target
- Emergency target:
systemctl isolate emergency
3 - Notification
View message status:
mesg
Tools for notifying users of system change
| Location | Explanation |
|---|---|
/etc/issue |
Display texts on tty terminal login screen (Before login to the system) |
/etc/issue.net |
Logon screen messages for remote login |
/etc/motd |
Display text after logged into tty terminal |
/bin/notify |
GUI message (via notify-send utility) |
/bin/wall |
Wall message. Logged into tty terminal with GUI terminal emulator (e.g. iTerm) |
systemctl will send a wall message after the following commands
-
halt/power-off -
reboot -
emergency -
rescue
# Virtualization
1 - VM
Virtualizing an application typically doesn’t make the performance faster.
Two types of hypervisor
Type 1 - Baremetal
No need for host OS. e.g. Xen, Hyper-V, KVM (Linux built-in)
Type 2 - On top of Host OS
Need to install host OS first. e.g. VirtualBox, VMware
Create VM
- Clone
- OVF
- Template
Clone
Some hypervisors do not issue a new NIC MAC address when cloning VM.
List of items that may need modification:
- Host name
- NIC MAC address
- NIC IP (if using static IP)
- Machine ID, UUID
OVF (Open Virtualization Format)
- Export VM to OVF format, to use in other hypervisors
- Single compressed archive file: OVA (Open Virtualization Archive)
- Developed by DMTF (Distributed Management Task Force)
Template
- A VM template is a master copy: Template itself is not bootable
- Scan current system & create VM out of it: P2V (physical-to-virtual)
- Manage VMs with shellscripts:
virsh📌
Linux Extension Support
Hardware extension
- Based on the system’s CPU (require 64-bit)
- Grants hypervisor direct access to CPU
- Check BIOS if virtualization is enabled
Commands
Check hardware extension
If the flag is
hypervisor, means that the OS is not running on a physical machine. It’s a VM
Usevirt-whatto check which hypervisor is being used.1
2
3# Intel: vmx
# AMD: svm
grep ^flags /proc/cpuinfo
Check if module is loaded
1
2
3
4
5# check if kvm is loaded
lsmod | grep -i kvm
# load module
sudo modprobe kvm-amd
2 - Others
Containers
- A container is managed by container engine (e.g. LXC).
Block Storage
- Underlying hardware: Disk drivers in RAID configuration
Cloud-init (Canonical)
- Tool that applies user data to your instances