Boot process and systemd:

Boot sequence:
1. When the machine start power it did what is known as Power on self-test
(POST) checking on all Critical H/W components (RAM, VGA,
Keyboard) and if there is any problem the machine start raising loud voice
based on the mother board codes or everything is going well so we can
boot the machine.

2. All of this tasks is done using Either (Old Version BIOS) or (UEFI
system).
3. Then the machine start checking the boot settings (boot sequence) from
the bios or UEFI ( Boot from Network (Kick Start), CD/DVD, USB and
Hard disk) based on the priority of the bios. This is done boot section of
bios or the UEFI.
4. To Load the OS from the Hard disk there is must be pointer to each OS to
load this pointer must be on the first section of the Hard disk.
5. We used either Two systems (MBR system) and (GPT system), they are
called partitioning styles. Now we are going to Talk about the MBR
System:
6. It is the special type of the boot sector that was used in the early days of
using computers it is divided to 3 parts (Initial Boot loader (IBL) 446
bytes, 64 byte partition table, 2 bytes magic number check for bad sector)
= first part of disk and it size 512 byte.
7. It will display disk operating system (DOS) that means we use MBR
system.

8. Partition table is just pointer to which blocks to be accessed by the (CHS

system) block level and (LBA) file level or the file system .
9. The boot loader section it is containing the mention record which is used
to boot the Linux, Unix or windows called boot loader.
Note: windows boot loader called ntloader managed by bootmgr in
system reserved.
10.Linux boot loader called Grand Unified Boot Loader (GRUB) check it in
/etc/default/grub (edited) file and the /boot/grub2/grub2.cfg (script),
/boot/loader/entries/serial-kernel_version and generated from tool grub2-
install /dev/sda

Note: we only change in /etc/default/grub and save our change via grub2-
mkconf.
11.The grub takes the control of the system and moves to the next step.
12.The boot loader display a menu to the used which is used to select which
operating system is going to be installed.
13.Behind this menu the grub configuration to the OS.
14.After the timeout the grub will load two things the kernel (vmlinuz) and
the initramfs.
Check this location:
[root@server ~]# ls -l /boot/

15.The initramfs is loaded from the disk to the ram based on the
configuration file that is called /etc/dracut.conf
16.The initramfs have all the kernel modules that is needed to load the
system drivers and initialization scripts
17.The kernel loads the root file system /sbin/init ==>
/lib/systemd/system/initrd-root-fs.target (read-only) emergency.

Check the content of initramfs.

[root@server ~]# lsinitrd
 18.Then it loads mentioned on initrd.target configured by /etc/fstab
(read/write) rescue
19.The kernel loads the actual file system / with all the services or units by
systemd which is first process to run on the system that load other
services that finally load the graphical. Target based on its dependencies.
20.Configured using: /etc/systemd/system/default.target,
/etc/systemd/system/ targets directory.
[root@server ~]# pstree | less
[root@server ~]# ps aux | head

To view the current release of the kernel:

To show the systemd release:

To view the boot duration:

To view each service takes time:

To see the started services that depend on each other:

In RHEL 6:
Initramfs ==> initrd
Systemd ==> init
Services and chkconfig:
It is used to start the services and enable it.
The run levels K and S with its priorities
To switch from runlevel to another we use init command and runlevel number
/etc/inittab
/etc/rc.d and run levels

Grand Unified Bootloader (GRUB2):

The difference between the grub ver1 and grub ver2. RHEL6 we can edit the
grub directly and when we enter single user mode there is no root password.
The grub is divided into two parts first stage in MBR and second stage in
/boot.

To see the content of the original script:

[root@server ~]# cat /boot/grub2/grub.cfg

We can see initramfs and vmlinuz which is in /boot.

Note: it is recommended that we do not edit in this script. To edit in the grub
parameters we use this location /etc/defualt/grub.

To edit in the grub we have nice tool:

[root@server ~]#grub2-mkconfig -o /boot/grub2/grub.cfg

To reinstall the grub if it is lost in the MBR we use the command:

[root@server ~]#grub2-install /dev/sda

NOTE: I can change some grub parameters while booting then make this
command to fix that you need while booting and once you have booted
successfully, you write them to grub config file.

If your server doesn’t boot well, it make sense to enter one of the
troubleshooting modes, it can be the systemd rescue.target or emergency.target
or from the CD/DVD.
1. we press e to see grub boot options, first part is not very important
2. it is mainly the linux16 line it counts, in the linux line, the kernel is started
with all the arguments that I needed to start the kernel.

Note: To start with, you probably don’t like the rhgb quiet, by removing
them, you can see what is happening while you are booting your system.
 3. At the end of the line we have systemd.unit=rescue.target to start at rescue
mode.
4. Then press cntr+x to continue, here we have to enter root password to
enter, in previous versions, it is easy to get in the system without knowing
the root password, in RHEL 7 that become real hard.
5. Once we finished what we want to do:
6. [root@server ~]# systemctl reboot
7. If you want to make permanent modification, permanent modification
should be written in /etc/default/grub and /etc/grub.d and once you have
applied modification, you need to run
grub2-mkconfig and that make it written in MBR.

Understanding systemd:
init process has run levels and there is /etc/inittab which is its config file and it
is no longer used when using systemd.

It starts things, basically in the boot procedure after loading the kernel,
systemd is started.
Systemd is taking care of staring everything, not like the old run level system
where just services started, but systemd takes care of starting services, doing
mount, automount, etc.

So systemd provides a method for activating system resources, server daemon

and other processes, both at boot time and a running system.

In RHEL 7, PID 1 is systemd, the new init system, a few of the new features
provided by systemd include:
-parallelization capabilities, which increase the boot speed of a system
-on demand, starting of daemon without requiring a separate service
-automatic service dependency management network if it is not needed turn it
off
-a method of tracking related processes together by using Linux control groups
(cgroups)

The systemd depends mainly on units, the unit is different types of systemd
objects
To see the units:

Unit can be service to start like httpd, socket used with super services like
telnet, or path used to delay the service like spool.

We have two common location used global services at /etc/systemd/system/

directory and service or targets in configuration file /lib/systemd/system/
directory.

The system creates softlink from the service configuration to the global service
config to add the service or start it
basic unit in systemd is the service:

Let check the sshd.service in /lib/systemd/system

[Unit} that start the service
[Service] the actual service definition
[Install] which target need to start this service.

To see the default target now:

Systemd targets or runlevels in RHEL 6:
Graphical.target runlevel 5
Multi-user.target runlevel 2,3
Rescue.target and Emergancy.target runlevel 1
Poweroff.target runlevel 0
Restart. Target runlevle 6

Note: rescue.target mount the FS rw but emergancy,target mount the system

read only and systemctl restart is not enabled.

Note: it is possible that one target is a part of another target or depend on it,
example graphical.target depend on multi-user.target which depends on
basic.targe.

To list this dependencies:

To list the mount, socket, path:

[root@server ~]#systemctl list-units --type unit

all available services enabled or disabled:

[root@server ~]# systemctl list-unit-files --type service --all

All available services active or inactive:

[root@server ~]# systemctl list-units --type service --all

we can see one of this states:

loaded: unit config file has been processed
active (running): running with one or more continuing process
active (exited): successfully completed a one-time config
active (waiting): running but waiting for an event
inactive: not running
enable: will be started at boot time
disable: will not be started at boot time
static: cannot be enabled, but may be started by an enabled unit automatically

To list the service dependencies:

[root@server ~]#systemctl list-dependencies httpd.service

To get default target:

To set the default target:

[root@server ~]# systemctl set-default target_name.target
Or manually softlink
[root@server ~]#ln -sf /lib/systemd/system/target_name.target
/etc/systemd/system/default.target

To switch to target immediately:

[root@server ~]#systemctl isolate multi-user.target

To check specific service status:

[root@server ~]#systemctl status sshd.service

To start service or stop service:

[root@server ~]#systemctl start sshd.service
[root@server ~]#systemctl stop sshd.service

To start and enable the service in one command:

[root@srv1 ~]# systemctl enable --now sshd

To stop and disable the service in one command:

[root@srv1 ~]# systemctl disable --now sshd

To restart the service:

[root@server ~]#systemctl restart sshd.service

To reload the service:

[root@server ~]# systemctl reload sshd.service
Note: restart the service the process ID will be changed while reloading the
service the process pid will be the same it will reload the configuration only.

Enabling system daemons to start or stop at boot time:

Starting a service on a running system does not guarantee that the service will
be started when the system reboots, similarly, stopping a service on a running
system will not keep it from starting again when the system reboots. Service
are started at boot time when links are created in the appropriate systemd
configuration directory.

To enable a service permanent:

[root@server ~]#systemctl enable httpd.service (will create soft link to the
/etc/systemd/system/multi user.target.wants/httpd.service)

To disable a service permanent:

[root@server ~]#systemctl disable httpd.service (will remove the soft link to
the /etc/systemd/system/multi-user.target.wants/httpd.service)

To check the service is active:

[root@server ~]#systemctl is-active httpd.service

To check the service is enabled:

[root@server ~]#systemctl is-enabled httpd

To check what is failed on boot:

[root@server ~]#systemctl is-failed sshd

To show the service configuration details:

[root@server ~]#systemctl show httpd.service

Service Masking:
a system may have conflicting services installed, for example, there are
multiple methods to manage networks (network and NetworkManager) and
firewalls (iptables and firewalld). To prevent an admin from accidently starting
a service, that service may be masked. Masking will create a link in the config
directory /etc/systemd/system to /dev/null so that if the service is started,
nothing will happen.
 To mask or unmask a service:
[root@server ~]#systemctl mask iptables
[root@server ~]#systemctl unmask iptables

Root password reset:

One task that every system admin should be able to accomplish is recovering a
lost root password. If the admin is still logged in, either as an unprivileged user
but with full sudo access or as root, this task is trivial, when the admin is not
logged in , this task become slightly invalid.

on RHEL 7 machine are the rescue.target and emergency.target targets, both of

which require the root password to log in.

On RHEL7, because of the change of systemd, it has become much harder, just
starting the emergency or rescue target isn’t enough, you need to break into the
system, it is possible to have the scripts that run from the initramfs pause at
certain moment, provide a root shell, and then continue when that shell exit.

1. Enter the grub menu by pressing e

2. Look for the kernel line and at the end of the kernel line
3. Remove rhgb quiet and you need to enter rd.break is telling the next part of
boot procedure which is initrd to stop at the specific location at the end of the
initramfs (because initramfs doesn’t access to your HD already), so basically it
will bring you into the system where all the supporting modules are available
but no file system has been mounted yet.

4. so it allows you to get in even before the point where you get in, if you
entering an emergency.target level.
Then press cntr+x à it breaks you to the root shell without asking for any
password with the root fs from the actual system mounted read-only on
/sysroot

NOTE: selinux not yet enabled at this point, so any new files being created
will not have an selinux context assign to them, keep in mind that some
tools(such as passwd) first create a new file, then move it in place of the file
they are intended to edit, effectively creating a new file without an selinux
context.
5. Switch:/#mount -o remount,rw /sysroot à because we are so early in the boot
procedure, the root file system is mounted on a mount point with the name
/sysroot and it is read only mount, in this command is making rw.
next we need to make the content of sysroot, the current root dir

6. chroot /sysroot
In this point, you can set the new password, not just by doing anything else,
but use passwd cmd
now we also need to tell selinux that it needs to do automatic relabeling
because we are so early in boot procedure. Selinux isn’t completely functional
and if you don’t do the touch cmd (touch /.autorelabel) this file you change get
lost.

7. selinux has policy and it sets the right context to the files in your system
8. cntr+d to exit the chroot shell
9. cntr+d to restart your system à to exit from initramfs debug shell, it will take a
while