Step by Step Linux (RHEL 6 / 7) boot process for beginners

Have you ever thought that what process executes as soon as we switch on our machine and then to the login prompt?

As soon as we switch on our machine, it has no idea what to do, the first thing that happens is Bios is loaded. Then Bios searches for MBR( First sector of the bootable device) and BIOS handover control to it. MBR looks for boot-loader once boot loader is loaded into memory it loads kernel and initramfs. After that file system is mounted. Mother process gets executed the by kernel i.e init/ systemd and it runs all the other required process and then login prompts comes.

Linux boot process for RHEL 6 7

BIOS

Basic input/ output system. It is a program that is stored in read-only memory chips on the motherboard of the computer.

  • As soon as our computer is ON, this is the program that gets executed first. It runs regardless of what OS you have installed on your machine. It is not associated with any Operation system. Bios Setup can be changed by pressing F12 or F2.
  • Once this program is executed, it checks if the basic hardware of machine which is required to start the machine is working properly or not. Like the keyboard, RAM, visual display unit etc. This process of checking basic hardware components if they are working fine or not is known as a POST( power on self-test).
  • After POST BIOS check for a bootable device. From where, OS can be booted. The bootable device can be anything like hard disk, floppy disk, pen drive. Once BIOS find the bootable device it handovers control to the first sector of the bootable device, which is MBR. If in case of BIOS do not finds any bootable device then BIOS gives an error and machine boot process is stopped.

Important: Now a days, UEFI (Unified Extensible Firmware Interface ) is used in place of BIOS, which has better features such as faster boot time, more security, hardware size more than 2TB can be supported.

  • There is no way to switch from BIOS of UEFI, you need to buy new hardware that includes UEFI, as most of the machine now comes with UEFI. UEFI support GPT partition instead of MBR.

MBR

Master boot record. Its size is 512 bytes. It is the first sector of any bootable device. It is divided into 3 parts.

First part is bootloader and size of this partition is 446 bytes, second is of 64 bytes (partition table info) and third is of 2 bytes (used for error checking).

MBR Linux Boot Process

  1. Primary Boot Loader in Linux i.e Grub.
  2. Partition table is about Hard disk information attached to the machine.
  3. MBR validation check.
  • MBR job is to look for boot loader ( LILO/GRUB IN case of Linux) and hand over control to it.

Boot loader

•    It gives you options from which OS or kernel you would like to boot your machine (only if you have multiple OS or kernel installed on the machine).

Bootloader Linux Boot Process

In the above image, we can see we are getting 2 options from which we can boot machine.

  •     Its main job is to load kernel and initrd /initramfs image in memory.
  •     Once boot loader loads kernel in RAM it passes control to Kernel.

NOTE: In RHEL7  

  1. The default boot loader is GRUB 2 (Grand Unified Bootloader).
  2. The configuration file is  located at  /boot/grub2/grub.cfg
  3. Menu-configuration setting is located at /etc/default/grub.

Kernel :

  • Initially, the kernel is loaded in read-only mode.
  • Kernel initializes the first process that is init(Till RHEL6)/Systemd( from RHEL 7).
  • The kernel manages memory, input-output device. In short, it controls the overall system.
  • Kernel is compiled with different drivers but they are not able to load actual file system because some     additional drivers are required for it. For this purpose, intird/ iniramfs is loaded in RAM, so that it can install other drivers which are required to load actual file system.
  • Initramfs/initrd gets decompressed and then it first loads temporary file system.

Initrd /Initramfs: 

  •  It loads temporary root file system into memory.
  •  It contains a minimum set of directories and acts as a bridge to the real/actual file system.
  •  Is detects what all device drivers are needed to load the actual file system and it loads them from a temporary   file system. After that, other partition like LVM, RAID etc is mounted then initrd  is unmounted.
  • We can see kernel and initramfs file in  /boot directory. Staring with vmlinuz denotes kernel.
[root@server ~]# ls /boot
config-3.10.0-327.el7.x86_64
grub2
initramfs-0-rescue-e0bdfb7f861a4aa69db9ca2e34abfa03.img
initramfs-3.10.0-327.el7.x86_64.img
initramfs-3.10.0-327.el7.x86_64kdump.img
initrd-plymouth.img
symvers-3.10.0-327.el7.x86_64.gz
System.map-3.10.0-327.el7.x86_64
vmlinuz-0-rescue-e0bdfb7f861a4aa69db9ca2e34abfa03
vmlinuz-3.10.0-327.el7.x86_64

Difference between Initramfs and initrd:

  • Successor of initrd (initial ram disk) is Initramfs ( initital ram disk file system) . Feature made up from a cpio (copy input and output) archive of files that enables an initial root filesystem and init program to reside in kernel memory cache, rather than on a ramdisk, as with initrd filesystems.
  • Initramfs is used by 2.6 kernels whereas initrd was used by older 2.4 (and earlier) kernels.

Once the real file system is mounted, then kernel runs the first process i.e init( till RHEL 6) / Systemd from (RHEL 7).

Init

  •          It is the first process that runs in the system with process id of 1.
  •          Can check with ps –ef  | grep init.
  •          Also known as the parent process, responsible for starting all the other process.
  •          Init is responsible for bringing the computer into the normal running state after power on, also gracefully shutting down services prior to shut down.
  •          Init starts services to the corresponding runlevel on which our machine is booted.
  •          Now you might be thinking what are run levels? Let’s us check.

Runlevel is a state of a machine that defines how a machine should be login, what services and scripts should run when a machine starts.  Runlevel are defined from 0 – 6.

  1. Runlevel 0 – shut down the system
  2. Runlevel 1 – single mode
  3. Runlevel 2 – multiuser mode without networking
  4. Runlevel 3 – multiuser with text login screen
  5. Runlevel 4- customized runlevel (not in use)
  6. Runlevel 5 – runlevel 3 with graphical login
  7. Runlevel 6 – Reboots the system

Configuration file /etc/inittab tells init how to initialization is going to occur  i.e it will point your machine to what scripts that should run depending upon by which runlevel machine got a boot. By default, runlevel is 3. But we can change the runlevel by using “telinit runlevel”        Eg. telinit 5.

  • /etc/init.d/rc or /etc/rc.d/rc : it contains the total number of the script that will run.
  •  Each runlevel has directories of scripts, and each script run at a time.
  • Init will wait until once scripts get completed.

Once all required services and script are executed user gets login prompt.

But from RHEL 7   init and runlevels are replaced by systemd and targets respectively.

Systemd

  • Same as init it is the first service started by the kernel, with process id 1.
  • “ d” in system d stands for a daemon.
  • Daemons are the programs that run in the background performing various tasks.
  • Services usually refer to one or more daemons.
  • Configuration file : /etc/systemd.

Init had several limitations that were taken care by sytemd.

Few of them are:

  1. In init, one script runs at a time, while in systemd multiple scripts run at a time parallel. Thus increasing the performance.
  2. In init, an administrator has to take care of what scripts should run first.Init process does not know if the scripts defined in particular runlevel are dependent on another script, while systemd takes care of dependency.
  3. Systemd kills daemon properly before the machine shuts down.
  4. inittab is no longer used when using systemd.
  5. systemd uses ‘targets’ instead of runlevels. By default, there are two main targets:

a)    multi-user.target: analogous to runlevel 3

b)   graphical.target: analogous to runlevel 5

6.  Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target

To view current default target, run:

systemctl get-default

 To set a default target, run:

systemctl set-default TARGET.target.

Managed services of the system are controlled by an application known as systemctl.

Like starting/stoping services, enable/disable services, checking the status of services etc.

systemctl start ssh (starting the service of ssh)

Systemctl status ssh ( checking their service status if it is running, stopped, enabled, disabled).

So, this is all about the boot process of Linux and system.

10 thoughts on “Step by Step Linux (RHEL 6 / 7) boot process for beginners”

  1. Excellent sumup, but one thing is missing. There is a big difference on how the initramfs is stored in memory between centos-6 and centos-7.
    In centos-6, you can’t mount –bind /bin /mnt from initramfs while you can in centos-7.
    (boot with rdshell and rdbreak=cmdline then mkdir /mnt;mount –bind /bin /mnt)

    Reply

Leave a Reply to Tanushree Cancel reply

1 × three =