Understanding the startup process of a system is very important for a system administrator and operation and maintenance. Understanding the system startup method is very important for effective troubleshooting when the system fails. When the system starts and a few minutes later, we know that we have reached the login prompt stage. Are we trying to find out that all stages of the startup sequence have passed normally, and what happened behind these scenes during system startup. Let's get familiar with the startup process of Centos6 system.
The overall process is roughly as follows:
After the system is powered on, the motherboard BIOS (Basic Input / Output System) runs POST (Power on self test) code to detect key peripheral devices of the system (such as: CPU, memory, graphics card, I/O, keyboard and mouse, etc.). The hardware configuration information and some user configuration parameters are stored on the CMOS (Complementary Metal Oxide Semiconductor) of the motherboard (generally 64 bytes), which is actually a readable and writable RAM chip on the motherboard, powered by the battery on the motherboard, and the system is powered off After that, the information will not be lost.
After executing the POST code to detect the key peripheral equipment of the system, the system starts the self-check program, and searches for the boot drive (such as hard disk, CD-ROM, network server, etc.) according to the boot sequence set in the BIOS. Choose a suitable initiator, such as a hard disk device under normal circumstances. The BIOS will read the first sector (MBR, 512 bytes) of the hard disk device and execute the code in it. In fact, the BIOS here does not care about what is in the first sector of the boot device. It is only responsible for reading and executing the content of the sector, and the BIOS's task is completed. After that, the control of system startup is transferred to the code of the MBR part.
BIOS
MBR:
The size of MBR is 512Bytes and is located in the first or last sector of the HDD (depending on the manufacturer).
Main bootloader code (446Bytes): This code provides the bootloader information and the location details of the actual bootloader code on the hard disk. This helps the CPU to load the second stage of the Boot loader;
Partition table information (64Bytes): MBR contains 64 bytes of data, used to store partition table information, such as the start and end of each partition, partition size, partition type (whether it is a primary partition or an extended partition, etc.);
Magic Number(2Bytes): As a verification check of MBR.
Bootloader:
We know that the file system formats of different operating systems are different? We also know that one disk can install multiple operating systems. How can boot loader
achieve the operating system we want? A 446-byte boot loader is not enough for so many different functions. Therefore, a corresponding program must be made to process the core files of the corresponding operating system. This program is the loader of the operating system (note that it is not the boot loader in the MBR). In this way, bootloader
only needs to transfer the control to the corresponding operation The loader of the system, let it be responsible for starting the operating system.
The following figure can better explain the role of Bootloader
:
Interpreting the content of the above picture, we know that the first sector of each partition of a hard disk is called bootsector
, this sector stores the loader of the operating system, so we often say that only one operating system can be installed on a partition, as shown in the figure above , The boot sector
of the first partition stores the loader of windows, the second partition stores the loader of Linux, the third and the fourth are empty because the operating system is not installed. As for what MBR's bootloader
does, bootloader
has three functions: Provide menus, read kernel files, and transfer them to other loader.
To provide a menu is to provide the user with a menu to let the user choose which operating system to enter;
Reading the kernel file, we know that the system will have an operating system that starts by default. The loader of this operating system has a copy in the boot sector of the partition where it is located. In addition, a copy of the loader of the operating system that starts by default will also be copied. In the boot loader of MBR, MBR will directly read the loader in the boot loader, and then start the default operating system;
Transfer to another loader, when the user selects other operating systems to start, the bootloader will transfer the control to the corresponding loader, and let it be responsible for the start of the operating system.
MBR uses 16Bytes to store the information of a single partition, which is why the number of partitions in the MBR concept is limited to 4 (4×16 = 64).
64 Each byte contains the partition information of 4 partitions (16x4). This is why the hard disk can only have 4 primary partitions, because the MBR can only store the information of 4 partitions. Therefore, if you need more than 4 partitions on the hard disk, you must expand one of the primary partitions and create logical partitions outside of these extended partitions.
It also contains information about GRUB (or LILO in old systems), so, in simple terms, MBR loads and executes the GRUB boot loader.
**Note: ** Now MBR cannot directly load the kernel, because it does not know the concept of file system and needs to provide a boot loader with file system driver for each supported file system so that the boot loader itself can understand and access them .
To overcome this situation, GRUB is used with /boot/grub.conf
and the file system details in the file system driver.
Once the Bootloader
stage 1 is completed and the actual bootloader location can be found, the first stage bootloader starts the second stage by loading the Bootloader
into memory.
At this stage, GRUB (Grand Unified Bootloader) in the first 30KB hard disk after the MBR is loaded into RAM to read its configuration and display the GRUB boot menu (the user can manually specify the boot parameters) to the user.
GRUB loads the user-selected (or default) kernel into memory and passes control to the kernel. If the user does not select an operating system, after a defined timeout, GRUB will load the default kernel in memory to start it.
According to gnu.org, "The boot loader is the first software program that runs when the computer starts." GRUB or GRand Unified Bootloader
is the boot loader of the Linux operating system. There are two major versions of Grub (Grub version 1 and 2). At present, most linux ditros have started to use grub version 2. One of the main features of grub is that it can be installed using a linux image and does not need to run an operating system.
Grub is a multi-stage boot program (Stage1, Stage1.5 and Stage2). The three stages of grub version 1 and version 2 are explained as follows.
**GRUB Phase 1: **
**GRUB stage 1.5: **
**GRUB Phase 2: **
The original file is /etc/grub.conf, you can view the symbolic link file in /boot/grub/grub.conf:
# grub.conf generated by anaconda## Note that you do not have to rerun grub after making changes to this file# NOTICE: You have a /boot partition. This means that# all kernel and initrd paths are relative to /boot/, eg.# root(hd0,0)# kernel /vmlinuz-version ro root=/dev/sda3# initrd /initrd-[generic-]version.img#boot=/dev/sdadefault=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS(2.6.32-431.el6.x86_64)root(hd0,0)
kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=73f96693-ed87-4953-9b51-d6f2cca370eb rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-431.el6.x86_64.img
As you noticed from the information above, it contains the kernel and initrd images, so in simple terms, GRUB just loads and executes the kernel and initrd images.
grub> root (hd0,0) ---> The root command specifies a root partition for grub
grub> kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=73f96693-ed87-4953-9b51-d6f2cca370eb .... ---> Load the specified module
grub> initrd /initramfs-2.6.32-431.el6.x86_64.img ---> Specify the initrd file
As mentioned in Phase 2, after the grub>boot command, the control of system startup is transferred to the kernel. Kernel will immediately initialize all devices in the system and do related configuration work, including CPU, I/O, storage devices, etc.
Regarding device driver loading, there are two parts:
- Part of * device drivers are compiled into Linux Kernel, Kernel will call this part of the drivers to initialize related devices, and at the same time output logs to the kernel message buffer. After the system is started, dmesg can view this part of the output information;
- The other part of * device drivers are not programmed into Kernel, but placed in initrd (ramdisk) as a module.
initrd
is a memory-based file system. During startup, when the system accesses the real root file system, it will first access the initrd file system. Open the contents of initrd and you will find files (including directories) such as bin, devetc, lib, procsys, sysroot, and init. It contains some device driver modules, such as scsi ata
and other device driver modules, as well as several basic executable programs insmod, modprobe, lvm, nash. The main purpose is to load some storage media drive modules, such as the aforementioned scsi ideusb
and other device drive modules, initialize LVM, and mount the root file system in read-only mode.
After the content in initrd
is released to rootfs, Kernel will execute the init file, where init is a script, executed by the nash
interpreter. At this time, the control of the kernel is transferred to the init file for processing. We check the content of the init file, mainly to load device drivers related to various storage media.
After the driver is loaded, a root device is created, and then the root file system is mounted as read-only. After this step, release unused memory and execute switchroot
to switch to the real root. At the same time, run the /sbin/init
program to start the system's No. 1 process, and then transfer the control of system startup to the init process. About switchroot is a program defined in nash.
Linux Kernel
needs to adapt to a variety of different hardware architectures, but it is impractical to compile all hardware drivers into the Kernel, and it is impossible for Kernel to write the device drivers of the hardware into the kernel every time a new hardware structure is developed. . In fact, Linux Kernel
only contains basic hardware drivers. During system installation, system hardware information will be detected, and part of the device drivers will be written to initrd based on the installation information and system hardware information. In this way, when the system is started later, part of the device drivers will be loaded in the initrd.
The summary process is as follows:
After the init process is up, the control of system startup is transferred to the init process. The /sbin/init
process is the parent process of all processes. When the init process is up, it will first read the configuration file /etc/inittab
and perform the following jobs:
/etc/rc.d/rc
, this file defines the order of service startup is K first, then S, and the specific service status of each run level is placed in /etc/rc.d/rcn.d (n=0~6)
Under the directory, all files are linked to the corresponding files under /etc/init.d;At this time, what is presented to the user is the final login interface. At this point, the system startup process is complete.
Explain the concept of the system startup run level and the customization method of the service:
When initrd
can be detected and loaded normally, the final work is basically carried out by the operating system. When the init process of the system is up, the control of system startup is transferred to the init process.
The /sbin/init process is the parent process of all processes. When init is up, it will first read the configuration file /etc/inittab
to determine the run level.
id:3:initdefault:
id:runlevel:action:process
id: is a unique sequence of characters used to identify entries in this file
runlevels: is the run level applicable to this entry
action: is the action taken on the run level
process: specify the process to be executed
runleve: A total of 7 levels are 0-6, the default level is 3
runlevel | meaning |
---|---|
0 | Shutdown |
1 | Single user mode (root, no login required), single, maintenance mode; |
2 | Multi-user mode, will start the network function, but will not start NFS; maintenance mode; |
3 | Multi-user mode, normal mode; text interface; |
4 | Reserved level; can be the same as 3 levels; |
5 | Multi-user mode, normal mode; graphical interface; |
6 | Restart |
There are some additional run levels that are rarely used, such as:
s,S or single: single user mode
emergency: bypass rc.sysinit
To summarize the run level:
Run level 1 is used for maintenance purposes, as this is a very limited run level. Only minimal scripts run in this run level. Only the root user can log in. No other users can log in to this run level. Run level 2 is more lenient than run level 1. Here, all users can log in, but the network service is not running. Runlevel 3 provides a complete working environment. All users can log in and enable the network. Run level 4 is for experimental purposes only. In run level 5, you can use the graphical console. Run level '0' is the paused state of the system, switching to run level 6 will restart the system.
action | meaning |
---|---|
wait | Switch to this level and run once |
respawn | This process terminates, restart it |
initdefault | Set init default run level |
sysinit | Set the system initialization mode, /etc/rc.d/rc.sysinit |
.... | The above are common actions |
Then init will execute the /etc/rc.d/rc.sysinit
script, which is the first script executed by init during the boot process.
The script is only executed once during boot, and it will perform the following actions:
After completing rc.sysinit, the kernel will look at the /etc/rc.d/rcx.d/ directory (X is the run level obtained from /etc/inittab).
There are directories corresponding to each run level in the /etc/rc.d
directory. According to this line, run the script in the /etc/rc.d/rc3.d
directory. We list the files in this directory. (There are similar files in other directories such as rc1.d, rc2.d...).
[ [email protected]~]# ls -l /etc/rc.d/rc3.d/Total amount 0
lrwxrwxrwx.1 root root 199 May 19 2016 K10saslauthd->../init.d/saslauthd
lrwxrwxrwx.1 root root 22 November 17 2016 K14zabbix-agent ->../init.d/zabbix-agent
lrwxrwxrwx 1 root root 225 September 2018 K15htcacheclean->../init.d/htcacheclean
lrwxrwxrwx 1 root root 155 May 92018 K15httpd->../init.d/httpd
lrwxrwxrwx.1 root root 18 November 15 2016 K15svnserve->../init.d/svnserve
lrwxrwxrwx.1 root root 209 Feb 19 2016 K50netconsole->../init.d/netconsole
lrwxrwxrwx.1 root root 15 November 15 2016 K50snmpd->../init.d/snmpd
lrwxrwxrwx.1 root root 19 November 15 2016 K50snmptrapd->../init.d/snmptrapd
lrwxrwxrwx.1 root root 14 November 15 2016 K74ntpd->../init.d/ntpd
lrwxrwxrwx.1 root root 17 November 15 2016 K75ntpdate->../init.d/ntpdate
lrwxrwxrwx.1 root root 219 Feb 19 2016 K87restorecond->../init.d/restorecond
lrwxrwxrwx.1 root root 159 May 19 2016 K89rdisc->../init.d/rdisc
lrwxrwxrwx 1 root root 182月232018 K92iptables->../init.d/iptables
lrwxrwxrwx.1 root root September 19, 2016 S08ip6tables->../init.d/ip6tables
lrwxrwxrwx.1 root root 179 Feb 19 2016 S10network->../init.d/network
lrwxrwxrwx.1 root root 169 Mar 19 2016 S11auditd->../init.d/auditd
lrwxrwxrwx.1 root root 179 Dec 19 2016 S12rsyslog->../init.d/rsyslog
lrwxrwxrwx.1 root root 159 May 19 2016 S25netfs->../init.d/netfs
lrwxrwxrwx.1 root root September 19, 2016 S26udev-post ->../init.d/udev-post
lrwxrwxrwx 1 root root 145 2102:16 S55sshd ->../init.d/sshd
lrwxrwxrwx 1 root root 155 May 92018 S59Redis->../init.d/Redis
lrwxrwxrwx 1 root root 175 Nov 112018 S69Tengine->../init.d/Tengine
lrwxrwxrwx 1 root root 147 months 2306:09 S80exim ->../init.d/exim
lrwxrwxrwx 1 root root 157 month 2306:09 S90crond ->../init.d/crond
lrwxrwxrwx.1 root root 119 December 19 2016 S99local->../rc.local
Some files in this directory start with S
, others start with K
. Files beginning with S
correspond to scripts that must be started
in that particular run level, and files with K
correspond to scripts to be killed
. These files are just soft links to scripts in the /etc/rc.d/init/d
directory (a soft link points to /etc/rc.local
, which itself is /etc/rc.d/rc/local
Soft link.). The scripts in /etc/rc.d/init.d/
are daemons. A daemon is a process that runs in the background and provides a certain service. For example, the http daemon (httpd) provides web services.
After executing all these scripts, the /etc/rc.local
script will be run, and init will run whatever it finds in /etc/rc.d/rc.local
(regardless of the run level). rc.local
is very special, it will be executed every time the run level is changed. It is the last script to run during the initialization process or even the startup process. After everything is complete, control will return to the kernel.
Note:
rc.local
is not used in all distributions, for example, Debian does not have this file.
If you want to execute a command or script when the system starts, you can put it in this script:
[ [email protected]~]# cat /etc/rc.local #!/bin/sh## This script will be executed *after* all the other init scripts.# You can put your own initialization stuff in here if you don't# want to do the full Sys V style init stuff.touch /var/lock/subsys/local# start solution service/data/app/data-solution-service/solution-start.sh
Now all these scripts have been executed successfully.
Launch terminal
Next, the terminal will be started by the /sbin/mingetty command. Because the system is set to start tty1-tty6, 6 command line terminals will be started. What we finally presented to us is such a picture:
/bin/login
By reading the /etc/passwd file, the interactive login shell is started after successful login. This shell call usually reads /etc/profile and its private configuration items ~/.bash_profile
, ~/.bash_login
, ~/.profile
at startup.
Usually a shell program (such as [prompt]$/bin/bash) or the /bin/su command is used to start an interactive non-login shell on the command line. You can also use a terminal program such as xterm or konsole to start an interactive non-login shell in a graphical environment. This type of shell call usually copies the parent environment, and then reads the user's ~/.bashrc file to obtain other startup configuration instructions.
When a shell script is running, a non-interactive shell usually appears. It is non-interactive because it is processing scripts rather than waiting for user input between commands. For these shell calls, only the environment inherited from the parent shell is used.
The file ~/.bash_logout
is not used for calling the shell. When the user exits the interactive login shell, it will be read and executed.
Many distributions /etc/bashrc are used for system-wide initialization of non-login shells. This file is usually called from the user's ~/.bashrc file, not directly built into bash itself. This section follows this convention.
/etc/profile:
The file first sets up some auxiliary functions and some basic parameters. It specifies some bash history parameters, and for security reasons, it is forbidden to keep permanent history files for root users. It also sets the default user prompt. Then it calls the small single-purpose script /etc/profile.d
in the directory to provide most of the initialization
Recommended Posts