LINUX BOOT PROCESSCODE4VN.COM

TEXT

BOOT SEQUENCE

TEXT

BIOS (BASIC INPUT/OUTPUT SYSTEM)

▸ Built-in firmware used to perform:▸ Initialize and test the system hardware

components▸ Load a boot loader or an operating system from a

mass memory device (ex HDD).▸ The first software they run when powered on.

TEXT

TEXT

MASTER BOOT RECORD

▸ 512 bytes in size and contains machine code instructions for booting the machine, the disk signature, and the partition table for the disk.

▸ Created when the disk is partitioned. ▸ Scans the partition table for the active partition.▸ Finds the starting sector of the active partition.▸ Loads a copy of the boot sector from the active partition

into memory.▸ Transfers control to the executable code in the boot

sector.

TEXT

GRUB: GNU GRAND UNIFIED BOOT LOADER▸ A program which enables the user to select which installed operating system or kernel to

load at system boot time. It also allows the user to pass arguments to the kernel.▸ GRUB loads itself into memory in the following stages:▸ The Stage 1 or primary boot loader is read into memory by the BIOS from the MBR[1]. The

primary boot loader exists on less than 512 bytes of disk space within the MBR and is capable of loading either the Stage 1.5 or Stage 2 boot loader.

▸ The Stage 1.5 boot loader is read into memory by the Stage 1 boot loader, if necessary. Some hardware requires an intermediate step to get to the Stage 2 boot loader. This is sometimes true when the /boot/ partition is above the 1024 cylinder head of the hard drive or when using LBA mode. The Stage 1.5 boot loader is found either on the /boot/ partition or on a small part of the MBR and the /boot/ partition.

▸ The Stage 2 or secondary boot loader is read into memory. The secondary boot loader displays the GRUB menu and command environment. This interface allows selection of the kernel or operating system to boot, pass arguments to the kernel, or look at system parameters.

▸ The secondary boot loader reads the operating system or kernel and initrd into memory. Once GRUB determines which operating system to start, it loads it into memory and transfers control of the machine to that operating system.

TEXT

TEXT

KERNEL

▸ Initializes and configures the computer's memory, various hardware attached to the system ie: all processors, I/O subsystems, and storage devices.

▸ Looks for the compressed initrd image in a predetermined location in memory, decompresses it, mounts it, and loads all necessary drivers.

▸ Initializes virtual devices related to the file system, such as LVM or software RAID.

▸ Unmounting the initrd disk image and freeing up all the memory the disk image once occupied.

TEXT

KERNEL

▸ Creates a root device, mounts the root partition read-only, and frees any unused memory.

▸ At this point, the kernel is loaded into memory and operational.

▸ Kernel executes the /sbin/init program.

TEXT

KERNEL SPACE VS USER SPACE

▸ Kernel space is strictly reserved for running a privileged operating system kernel, kernel extensions, and most device drivers.

▸ In contrast, user space is the memory area where application software and some drivers execute.

▸ Each user space process normally runs in its own virtual memory space, and, unless explicitly allowed, cannot access the memory of other processes.

▸ Depending on the privileges, processes can request the kernel to map part of another process's memory space to its own, as is the case for debuggers.

▸ Programs can also request shared memory regions with other processes, although other techniques are also available to allow inter-process communication.

TEXT

THE /SBIN/INIT PROGRAM (SYS V OR UPSTART)▸ Coordinates the rest of the boot process and

configures the environment for the user.▸ Becomes the parent or grandparent of all of the

processes that start up automatically on the system.▸ Runs the /etc/rc.d/rc.sysinit script, which sets the

environment path, starts swap, checks the file systems, and executes all other steps required for system initialization.

▸ Runs the /etc/inittab script, which describes how the system should be set up in each SysV init runlevel

TEXT

THE /SBIN/INIT PROGRAM (SYS V OR UPSTART)▸ Sets the source function library,

/etc/rc.d/init.d/functions, for the system, which configures how to start, kill, and determine the PID of a program.

▸ Starts all of the background processes by looking in the appropriate rc directory for the runlevel specified as default in /etc/inittab (Redhat) or /etc/init/rc-sysinit.conf (Ubuntu).

▸ Ex: When booting to runlevel 5, the init program looks in the /etc/rc5.d/ directory to determine which processes to start and stop.

TEXT

TEXT

SYS V - RUNLEVELS

▸ The following runlevels are defined by default for Red Hat Enterprise Linux:

▸ 0 — Halt▸ 1 — Single-user text mode▸ 2 — Not used (user-definable)▸ 3 — Full multi-user text mode▸ 4 — Not used (user-definable)▸ 5 — Full multi-user graphical mode (with an X-based login

screen)▸ 6 — Reboot

TEXT

LINUX DAEMON

▸ A daemon is a type of program on Unix-like operating systems that runs unobtrusively in the background, rather than under the direct control of a user, waiting to be activated by the occurance of a specific event or condition

TEXT

/SBIN/GETTY

▸ Forks an /sbin/getty process for each virtual console (login prompt) allocated to the runlevel.

▸ The /sbin/getty process opens communication pathways to tty devices, sets their modes, prints the login prompt, accepts the user's username and password and initiates the login process.

TEXT

GETTY - LOGIN PROCESS

▸ Step 1: Init creates the getty process▸ Step 2: getty process initiates login command▸ Step 3: login command try to check user credentials▸ Step 4: getty creates user shell process▸ Step 5: getty read shell property files▸ Step 6: getty provides you with PS1 prompt

TEXT

/ETC/PASSWD AND /ETC/SHADOW (STEP 3)

TEXT

/ETC/GROUP

▸ Group name: It is the name of group. ▸ Password: Generally password is not used, hence it is empty/blank. It can

store encrypted password. This is useful to implement privileged groups.▸ Group ID (GID): Each user must be assigned a group ID. You can see this

number in your /etc/passwd file.▸ Group List: It is a list of user names of users who are members of the

group. The user names, must be separated by commas.

TEXT

GETTY DETAIL

▸ Step4: Gathers all the properties and before the start of user shell it read /etc/motd file and display its content as banner message to user.

▸ Step5: Process reads /etc/profile file for shell related settings and for importing any alias or some sort of variables which we have to set for user shell.

▸ Step6: Once it completes reading /etc/profile file, it will read user home directory content and change user shell properties according to .bashrc, .bash_profile if his default shell is bash. The getty process get shell details from /etc/passwd file.

TEXT

/USR/SBIN/NOLOGIN AND /BIN/FALSE

▸ When /usr/sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.'. This message can be changed with the file /etc/nologin.txt.

▸ /bin/false is just a binary that immediately exits, returning false, when its called, so when someone who has false as shell logs in, they're immediately logged out when false exits.

TEXT

THANK YOU!