Boot Process

Previous Next

Objectives

  • Trace the Linux boot sequence from BIOS/UEFI to Systemd.
  • Configure and customize the GRUB2 bootloader.
  • Learn basic boot-time troubleshooting.

1. The Boot Chain

The journey from "Power On" to a login prompt happens in four distinct phases:

Phase 1: Hardware Initialization (Firmware)

  • BIOS (Legacy): The older standard. It performs a POST (Power-On Self-Test) and looks for boot code in the MBR (Master Boot Record) on the first sector of the disk.
  • UEFI (Modern): The successor to BIOS. It supports GPT partition tables (allowing disks > 2TB) and includes Secure Boot, a security standard that ensures only trusted, digitally signed code is loaded during startup.

Phase 2: Bootloader (GRUB2)

The firmware loads GRUB2 from the EFI System Partition (ESP) on UEFI systems or the MBR on BIOS systems. GRUB2 provides a menu to select which operating system or kernel version to boot.

Phase 3: Kernel & Initramfs

The bootloader loads two critical files into RAM:

  1. The Kernel: The heart of the OS.
  2. initramfs (Initial RAM File System): A temporary, minimal filesystem.
    • Why it's critical: Most modern kernels are kept small and don't include every possible driver. The initramfs contains the essential drivers (e.g., for NVMe controllers, RAID, or LVM) needed to access and mount the "real" root filesystem on the physical disk.

Phase 4: PID 1 (Init System)

Once the real root filesystem is mounted, the kernel executes the first process: systemd (Process ID 1). systemd is the "mother of all processes," responsible for starting services (SSH, Web servers, etc.) and reaching the final "Target" (like multi-user.target or graphical.target).

2. GRUB2 Configuration

The Golden Rule

"NEVER edit /boot/grub/grub.cfg (or /boot/grub2/grub.cfg) manually." This file is automatically generated. Any manual changes will be overwritten every time you update your kernel or run the generator scripts.

Human-Readable Configuration: /etc/default/grub

This is where you make changes. Here is a commented example:

# /etc/default/grub
GRUB_TIMEOUT=5                  # Seconds to wait for user choice before auto-booting
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_DEFAULT=0                  # Boot the first entry (index 0) in the list
GRUB_TERMINAL=console           # Use text-only mode (good for headless cloud servers)
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
# ^ Parameters passed to the kernel.
# "quiet splash" hides boot messages. Remove them to see what's happening if boot fails.

Applying Your Changes

After editing /etc/default/grub, you must sync the changes to the real config file:

  • Debian/Ubuntu:

bash sudo update-grub

  • RedHat/CentOS/Fedora/ALMA:

bash sudo grub2-mkconfig -o /boot/grub2/grub.cfg

3. Boot Troubleshooting

Scenario: The "Emergency" Root Password Reset

If you lose your root password or the system hangs during boot, you can "break in" via GRUB:

  1. Reboot and press 'e' at the GRUB menu to edit the boot entry.
  2. Find the line starting with linux or linuxefi.
  3. Go to the end of that line and append init=/bin/bash.
  4. Press Ctrl+X or F10 to boot.
  5. You will get a root prompt without a password. However, the disk is read-only.

  6. Fix it:

    bash mount -o remount,rw / # Remount the disk as Writable passwd # Change the root password exec /sbin/init # Continue to boot or reboot the system

The GRUB Rescue Shell (grub>)

If you see a grub> prompt, it means GRUB started but couldn't find its configuration file or the boot partition.

  • Use ls to see what disks/partitions GRUB can see (e.g., (hd0,gpt1)).
  • Use ls (hd0,1)/ to peek inside a partition and find your /boot directory.

Practical Demo

  1. Customization: Change GRUB_TIMEOUT to 10 and run the update command.
  2. Troubleshooting: Practice the init=/bin/bash trick to understand how kernel parameters change system behavior.
Disk Design Shared Libraries