= Red Hat Boot Process =
**Summary**: Explaining the Red Hat Boot process. \\
**Date**: Around 2014 \\
**Refactor**: 29 March 2025: Checked links and formatting. \\
{{tag>redhat linux}}
Red Hat has a 4 stage boot process:
* BIOS
* GRUB
* Kernel
* Init
= BIOS =
The BIOS, also known as Basic Input/Output System is the firmware built into the hardware that initializes the hardware and prepares the system to start an OS.
There are two main functions:
* Detects and initializes the hardware
* Determines the device to boot from
Normally it can be interrupted using Vendor Specific or Functions Keys:
* F1/F2: Often used for opening the BIOS configuration utility
* vSphere (VMware) uses the F2 key, but it also allows you to configure the VM to [[http://kb.vmware.com/kb/1004129|automatically boot into BIOS]]
* F12: Often used to perform a one-time override of the boot device
= GRUB =
[[http://en.wikipedia.org/wiki/GNU_GRUB|GRUB]], the GRand Unified Bootloader, is loaded by the BIOS and is used to select the Operating System.
There are three main functions:
* Loads Initial RAM file system (initramfs)
* Loads and executes kernel
* Provides kernel's command line
GRUB can be interrupted to:
* Use {{{e}}} or {{{a}}} to select a different kernel image or edit the kernel command line
* Edit the kernel command line to boot into single user mode
* Use {{{e}}} to go into editing
* Select the second line (the kernel line)
* At the end, add {{{single}}} to the line
* Press {{{b}}} to boot the system
* Boot with {{{init=/bin/bash}}}
* Use {{{e}}} to go into editing
* Select the second line (the kernel line)
* At the end, add {{{init=/bin/bash}}} to the line
* Press {{{b}}} to boot the system
The last option opens a command line to do some basic system troubleshooting. However, the filesystems will be mounted by default as readonly. You can remount the filesystems like this:
mount -o remount,rw /
Now you could, for example reset the root password using the {{{passwd}}} command.
== Grub.conf ==
This is the {{{/boot/grub/grub.conf}}} config file:
[root@localhost ~]# cat /boot/grub/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/sda2
# initrd /initrd-[generic-]version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=57d2527c-66f3-46d8-a7b5-dd45be6169ab rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-431.el6.x86_64.img
[root@localhost ~]#
== Securing GRUB ==
You can secure GRUB to prevent it from being edited. It's a two step system:
# Create a password string using the grub crypt command
# Add this string to the grub.conf file
So first create the password string:
[root@localhost ~]# grub-md5-crypt
Password:
Retype password:
$1$7l1/g1$qQ2Q/KR6iI8FGL9r/O0d11
Now add this string to the grub.conf file:
....
hiddenmenu
password --md5 $1$7l1/g1$qQ2Q/KR6iI8FGL9r/O0d11
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=57d2527c-66f3-46d8-a7b5-dd45be6169ab rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-431.el6.x86_64.img
Now you can still boot without a password, but if you'd like to edit these options you are requested to enter a password: \\
[{{redhatboot01.jpg}}] \\
= Kernel =
The kernel is the heart of the OS, it manages the hardware. Drivers are integrated into the kernel.
There are four main functions:
* Detect hardware devices
* Load device drivers (modules) for the devices
* Mount the root file system read only
Start the initial process {{{init}}}
The only way to generally influence this is through GRUB. You can load kernel modules after the initial boot:
* Use {{{lsmod}}} to show loaded kernel modules
* Use {{{modinfo}}} to display more info about a particular module
* Use {{{modprobe }}} to load a module, and use {{{modprobe -v}}} to also show the loading of dependent modules
* Use {{{modprobe -r }}} to unload a module
Lsmod displays the module, how much memory it takes up, and the number of processes that are using the module:
[root@localhost ~]# lsmod
Module Size Used by
lp 9242 0
rfcomm 74119 4
sco 18005 2
bridge 83177 0
bnep 16690 2
l2cap 55682 16 rfcomm,bnep
bnx2fc 90507 0
cnic 57079 1 bnx2fc
uio 10462 1 cnic
fcoe 23298 0
libfcoe 56791 2 bnx2fc,fcoe
libfc 108670 3 bnx2fc,fcoe,libfcoe
scsi_transport_fc 55299 3 bnx2fc,fcoe,libfc
8021q 25349 0
scsi_tgt 12077 1 scsi_transport_fc
garp 7152 1 8021q
stp 2218 2 bridge,garp
llc 5546 3 bridge,garp,stp
ipt_REJECT 2351 9
nf_conntrack_ipv4 9506 4
nf_defrag_ipv4 1483 1 nf_conntrack_ipv4
iptable_filter 2793 1
ip_tables 17831 1 iptable_filter
nf_conntrack_ftp 12913 0
ip6t_REJECT 4628 8
nf_conntrack_ipv6 8748 4
nf_defrag_ipv6 11182 1 nf_conntrack_ipv6
xt_state 1492 8
nf_conntrack 79758 4 nf_conntrack_ipv4,nf_conntrack_ftp,nf_conntrack_ipv6,xt_state
ip6table_filter 2889 1
ip6_tables 18732 1 ip6table_filter
ipv6 317340 156 cnic,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6
fuse 73530 2
vmhgfs 49720 0
vsock 46726 0
uinput 7992 0
microcode 112685 0
ppdev 8537 0
vmware_balloon 7199 0
btusb 16851 2
bluetooth 99271 9 rfcomm,sco,bnep,l2cap,btusb
rfkill 19255 2 bluetooth
snd_ens1371 21587 2
snd_rawmidi 23017 1 snd_ens1371
snd_ac97_codec 124967 1 snd_ens1371
ac97_bus 1452 1 snd_ac97_codec
snd_seq 55727 0
snd_seq_device 6500 2 snd_rawmidi,snd_seq
snd_pcm 87409 2 snd_ens1371,snd_ac97_codec
snd_timer 22443 2 snd_seq,snd_pcm
snd 70569 11 snd_ens1371,snd_rawmidi,snd_ac97_codec,snd_seq,snd_seq_device,snd_pcm,snd_timer
soundcore 7958 1 snd
snd_page_alloc 8856 1 snd_pcm
e1000 170646 0
parport_pc 22690 1
parport 36209 3 lp,ppdev,parport_pc
sg 29350 0
vmci 74263 2 vmhgfs,vsock
i2c_piix4 12608 0
i2c_core 31084 1 i2c_piix4
shpchp 32778 0
ext4 374902 3
jbd2 93427 1 ext4
mbcache 8193 1 ext4
sr_mod 15177 0
cdrom 39085 1 sr_mod
sd_mod 39069 6
crc_t10dif 1541 1 sd_mod
ahci 42215 0
pata_acpi 3701 0
ata_generic 3837 0
ata_piix 24601 0
mptspi 16603 4
mptscsih 36700 1 mptspi
mptbase 93615 2 mptspi,mptscsih
scsi_transport_spi 25863 1 mptspi
dm_mirror 14384 0
dm_region_hash 12085 1 dm_mirror
dm_log 9930 2 dm_mirror,dm_region_hash
dm_mod 84209 2 dm_mirror,dm_log
Modinfo show general info and parameters:
[root@localhost ~]# modinfo e1000
filename: /lib/modules/2.6.32-431.el6.x86_64/kernel/drivers/net/e1000/e1000.ko
version: 7.3.21-k8-NAPI
license: GPL
description: Intel(R) PRO/1000 Network Driver
author: Intel Corporation,
srcversion: 1D4F1E82BB99EA36D320B1B
alias: pci:v00008086d00002E6Esv*sd*bc*sc*i*
....
alias: pci:v00008086d00001000sv*sd*bc*sc*i*
depends:
vermagic: 2.6.32-431.el6.x86_64 SMP mod_unload modversions
parm: TxDescriptors:Number of transmit descriptors (array of int)
parm: RxDescriptors:Number of receive descriptors (array of int)
parm: Speed:Speed setting (array of int)
parm: Duplex:Duplex setting (array of int)
parm: AutoNeg:Advertised auto-negotiation setting (array of int)
parm: FlowControl:Flow Control setting (array of int)
parm: XsumRX:Disable or enable Receive Checksum offload (array of int)
parm: TxIntDelay:Transmit Interrupt Delay (array of int)
parm: TxAbsIntDelay:Transmit Absolute Interrupt Delay (array of int)
parm: RxIntDelay:Receive Interrupt Delay (array of int)
parm: RxAbsIntDelay:Receive Absolute Interrupt Delay (array of int)
parm: InterruptThrottleRate:Interrupt Throttling Rate (array of int)
parm: SmartPowerDownEnable:Enable PHY smart power down (array of int)
parm: KumeranLockLoss:Enable Kumeran lock loss workaround (array of int)
parm: copybreak:Maximum size of packet that is copied to a new buffer on receive (uint)
parm: debug:Debug level (0=none,...,16=all) (int)
And an example of loading and unloading a kernel module:
[root@localhost ~]# modprobe -v wacom
insmod /lib/modules/2.6.32-431.el6.x86_64/kernel/drivers/input/tablet/wacom.ko
[root@localhost ~]# modprobe -r wacom
= Init =
The first process that starts is init, it is responsible for starting all remaining processes, directly or indirectly.
These steps are taken:
* Init runs the /etc/init/rcS.conf job which:
* Runs /etc/rc.d/rc.sysinit ro start LVM, mount filesystems, set system clock and other things
* Check /etc/inittab for the runlevel
* Tells the runlevel to init
* The runlevel event makes init run the /etc/init/rc.conf job which
* Runs /etc/etc/rc.d/rc script with the runlevel as argument
You can take a look at the process by:
* Pressing {{{ALT-TAB}}} from a graphical environment to view error messages
* Pressing {{{ALT-F11}}} to watch the boot process as it happens
* Press {{{I}}} (capital {{{i}}}) during service startup to select services interactively
This last option will show a screen like this: \\
[{{redhatboot02.jpg}}] \\