3. TEXT
BIOS (BASIC INPUT/OUTPUT SYSTEM)
▸Built-in firmware used to perform:
▸Initialize and test the system hardware components
▸Load a boot loader or an operating system from a mass
memory device (ex HDD).
▸The first software they run when powered on.
5. TEXT
MASTER BOOT RECORD
▸512 bytes in size and contains machine code instructions for
booting the machine, the disk signature, and the partition table
for the disk.
▸Created when the disk is partitioned.
▸Scans the partition table for the active partition.
▸Finds the starting sector of the active partition.
▸Loads a copy of the boot sector from the active partition into
memory.
▸Transfers control to the executable code in the boot sector.
6. TEXT
GRUB: GNU GRAND UNIFIED BOOT LOADER
▸A program which enables the user to select which installed operating system or kernel to load at system
boot time. It also allows the user to pass arguments to the kernel.
▸GRUB loads itself into memory in the following stages:
▸The Stage 1 or primary boot loader is read into memory by the BIOS from the MBR[1]. The primary boot
loader exists on less than 512 bytes of disk space within the MBR and is capable of loading either the
Stage 1.5 or Stage 2 boot loader.
▸The Stage 1.5 boot loader is read into memory by the Stage 1 boot loader, if necessary. Some hardware
requires an intermediate step to get to the Stage 2 boot loader. This is sometimes true when the /boot/
partition is above the 1024 cylinder head of the hard drive or when using LBA mode. The Stage 1.5 boot
loader is found either on the /boot/ partition or on a small part of the MBR and the /boot/ partition.
▸The Stage 2 or secondary boot loader is read into memory. The secondary boot loader displays the
GRUB menu and command environment. This interface allows selection of the kernel or operating
system to boot, pass arguments to the kernel, or look at system parameters.
▸The secondary boot loader reads the operating system or kernel and initrd into memory. Once GRUB
determines which operating system to start, it loads it into memory and transfers control of the machine
to that operating system.
9. TEXT
KERNEL
▸Initializes and configures the computer's memory, various
hardware attached to the system ie: all processors, I/O
subsystems, and storage devices.
▸Looks for the compressed initrd image in a predetermined
location in memory, decompresses it, mounts it, and loads all
necessary drivers.
▸Initializes virtual devices related to the file system, such as LVM
or software RAID.
▸Unmounting the initrd disk image and freeing up all the memory
the disk image once occupied.
10. TEXT
KERNEL
▸Creates a root device, mounts the root partition read-only,
and frees any unused memory.
▸At this point, the kernel is loaded into memory and
operational.
▸Kernel executes the /sbin/init program.
11. TEXT
KERNEL SPACE VS USER SPACE
▸Kernel space is strictly reserved for running a privileged operating system
kernel, kernel extensions, and most device drivers.
▸In contrast, user space is the memory area where application software and
some drivers execute.
▸Each user space process normally runs in its own virtual memory space,
and, unless explicitly allowed, cannot access the memory of other processes.
▸Depending on the privileges, processes can request the kernel to map part
of another process's memory space to its own, as is the case for debuggers.
▸Programs can also request shared memory regions with other processes,
although other techniques are also available to allow inter-process
communication.
12. TEXT
THE /SBIN/INIT PROGRAM (SYS V OR UPSTART)
▸Coordinates the rest of the boot process and configures the
environment for the user.
▸Becomes the parent or grandparent of all of the processes
that start up automatically on the system.
▸Runs the /etc/rc.d/rc.sysinit script, which sets the
environment path, starts swap, checks the file systems, and
executes all other steps required for system initialization.
▸Runs the /etc/inittab script, which describes how the system
should be set up in each SysV init runlevel
13. TEXT
THE /SBIN/INIT PROGRAM (SYS V OR UPSTART)
▸Sets the source function library, /etc/rc.d/init.d/functions, for
the system, which configures how to start, kill, and
determine the PID of a program.
▸Starts all of the background processes by looking in the
appropriate rc directory for the runlevel specified as default
in /etc/inittab (Redhat) or /etc/init/rc-sysinit.conf (Ubuntu).
▸Ex: When booting to runlevel 5, the init program looks in the
/etc/rc5.d/ directory to determine which processes to start
and stop.
15. TEXT
SYS V - RUNLEVELS
▸The following runlevels are defined by default for Red Hat Enterprise
Linux:
▸0 — Halt
▸1 — Single-user text mode
▸2 — Not used (user-definable)
▸3 — Full multi-user text mode
▸4 — Not used (user-definable)
▸5 — Full multi-user graphical mode (with an X-based login screen)
▸6 — Reboot
16. TEXT
LINUX DAEMON
▸A daemon is a type of program on Unix-like operating
systems that runs unobtrusively in the background, rather
than under the direct control of a user, waiting to be
activated by the occurance of a specific event or condition
17. TEXT
/SBIN/GETTY
▸Forks an /sbin/getty process for each virtual console (login
prompt) allocated to the runlevel.
▸The /sbin/getty process opens communication pathways to
tty devices, sets their modes, prints the login prompt,
accepts the user's username and password and initiates the
login process.
18. TEXT
GETTY - LOGIN PROCESS
▸Step 1: Init creates the getty process
▸Step 2: getty process initiates login command
▸Step 3: login command try to check user credentials
▸Step 4: getty creates user shell process
▸Step 5: getty read shell property files
▸Step 6: getty provides you with PS1 prompt
20. TEXT
/ETC/GROUP
▸Group name: It is the name of group.
▸Password: Generally password is not used, hence it is empty/blank. It can store
encrypted password. This is useful to implement privileged groups.
▸Group ID (GID): Each user must be assigned a group ID. You can see this number in
your /etc/passwd file.
▸Group List: It is a list of user names of users who are members of the group. The
user names, must be separated by commas.
21. TEXT
GETTY DETAIL
▸Step4: Gathers all the properties and before the start of user
shell it read /etc/motd file and display its content as banner
message to user.
▸Step5: Process reads /etc/profile file for shell related settings
and for importing any alias or some sort of variables which
we have to set for user shell.
▸Step6: Once it completes reading /etc/profile file, it will read
user home directory content and change user shell properties
according to .bashrc, .bash_profile if his default shell is bash.
The getty process get shell details from /etc/passwd file.
22. TEXT
/USR/SBIN/NOLOGIN AND /BIN/FALSE
▸When /usr/sbin/nologin is set as the shell, if user with that
shell logs in, they'll get a polite message saying 'This
account is currently not available.'. This message can be
changed with the file /etc/nologin.txt.
▸/bin/false is just a binary that immediately exits, returning
false, when its called, so when someone who has false as
shell logs in, they're immediately logged out when false
exits.