Linux Basics

From Network Security Wiki
Revision as of 03:03, 16 September 2015 by m>Amandeep (→‎Linux file system layout: minor)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


Linux Booting Process

Source: technochords.com

The following are the 6 high level stages of a typical Linux boot process:

  1. BIOS
  2. MBR
  3. GRUB
  4. Kernel
  5. Init
  6. Runlevel programs

Detailed explanation of each stage:

BIOS
  • Performs some system integrity checks (POST-Power On Self Test)
  • Searches, loads, and executes the boot loader program.
  • It looks for boot loader in floppy, cd-rom, or hard drive.
  • You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.
  • Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.
  • In simple terms BIOS loads and executes the MBR boot loader.
MBR
  • MBR stands for Master Boot Record.
  • It is located in the 1st sector of the bootable disk.
  • Typically /dev/hda, or /dev/sda
  • MBR is less than 512 bytes in size.
  • This has three components:
  1. primary boot loader info in 1st 446 bytes,
  2. partition table info in next 64 bytes(16,16,16,16) 4 partitions,
  3. magic numbers as mbr validation check in last 2 bytes.
  • It contains information about GRUB (or LILO in old systems).
  • In simple terms MBR loads and executes the GRUB boot loader.
GRUB
  • GRUB stands for Grand Unified Bootloader.
  • It is a Multiboot boot loader.
  • If you have multiple kernel images installed on your system, you can choose which one to be executed.
  • GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.
  • GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).
  • Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this).
  • As you notice from the above info, it contains kernel and initrd image.
  • So, in simple terms GRUB just loads and executes Kernel and initrd images.
Kernel
  • Once the control is given to kernel which is the central part of all your OS and act as a mediator between hardware and software.
  • Kernel once loaded into to RAM it always resides on RAM until the machine is shutdown.
  • Once the Kernel starts its operations the first thing it do is executing INIT process.
Init (initialization)
  • Looks at the /etc/inittab file to decide the Linux run level.
  • Following are the available run levels
0 – halt
1 – Single user mode
2 – Multiuser, without NFS
3 – Full multiuser mode
4 – unused
5 – X11
6 – reboot
  • Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.
  • Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level
  • If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.
  • Typically you would set the default run level to either 3 or 5.
Runlevel programs
  • When the Linux system is booting up, you might see various services getting started.
  • For example, it might say “starting sendmail …. OK”.
  • Those are the runlevel programs, executed from the run level directory as defined by your run level.
  • Depending on your default init level setting, the system will execute the programs from one of the following directories.
Run level 0 – /etc/rc.d/rc0.d/
Run level 1 – /etc/rc.d/rc1.d/
Run level 2 – /etc/rc.d/rc2.d/
Run level 3 – /etc/rc.d/rc3.d/
Run level 4 – /etc/rc.d/rc4.d/
Run level 5 – /etc/rc.d/rc5.d/
Run level 6 – /etc/rc.d/rc6.d/
  • Please note that there are also symbolic links available for these directory under /etc directly.
  • So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.
  • Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.
  1. Programs starts with S are used during startup. S for startup.
  2. Programs starts with K are used during shutdown. K for kill.
  3. There are numbers right next to S and K in the program names.
  4. Those are the sequence number in which the programs should be started or killed.
  5. For example, S12syslog is to start the syslog deamon, which has the sequence number of 12.
  6. S80sendmail is to start the sendmail daemon, which has the sequence number of 80.
  7. So, syslog program will be started before sendmail.


Linux file system layout

This is a layout file system structure from a CentOS linux, depends on the system and linux distro, the structure may vary, and directories may be removed or added.

/ – The Root Directory
  • Everything on Linux system is located under the / or root directory.
  • The meaning of / or root and root user are often confusing to new Linux users.
  • In Linux, the root directory “/” is a separator between a file and a directory contains all underlying directories and files, yet root user is a super user or administrator user with has administrative privileges on the system vs Linux privileged users who only have limited privileges to protect system security.
/bin – Essential command binaries
  • The /bin directory is a place contains most commonly essential executable terminal binaries programs or file required during booting, repairing like cat, ls, mount, rm, du, df, tar, rpm, wc, etc.
/boot – Boot loader files
  • All of the required files to boot the system contains in /boot directory, including GRUB boot loader’s files, Linux kernels, the Linux initial RAM disk (initrd),
/dev – Device Files
  • All of the hardware devices on the machine like cdrom, cpu, hard drives, etc will be stored as special device files that represent all the devices in /dev directory. Device files are created during your Linux system installation.
/etc – Configuration Files
  • Contain host-specific files and directories, e.g. information about system and application configuration files like startup, shutdown, start, stop script for every individual program.
  • In another word /etc data is very similar to Control panel in Microsoft Windows.
/home – Home Directory
  • Home directory of the users. Every time you create a new user, a new directory with user’s name is created in /home directory for users to store their own files within their own home’s directory.
  • Most common automatic directories created within /home ‘s user are Desktop, Downloads, Documents, Music, Movie, etc.
  • Most programs configuration file for a specific user will be saved in it’s users /home directory like web browser settings, web browser bookmarks, desktop wallpaper, themes, and passwords.
/lib – Essential Libraries
  • Similar to Windows ‘dll’ files, all Linux shared libraries and kernel modules files stores in /lib directory.
  • These important Linux dynamic libraries are required to boot the system and run commands in the root file system.
/lost+found – Recovering Files
  • Sounds weird but yes we have lost+found in Linux file system structure.
  • Every Linux file system and partitions has a lost+found in it’s directory.
  • In the even your system is crashed or unexpected shutdown, you can run fsck command to check and repair the filesystem, fsck will turn any corrupted or almost-deleted files back into files that you can recover them later in /lost+founddirectory.
/media – Removable Media Devices
  • Every time you insert a removable device such as external hard drive, floppy disk, zip drive, CDs, DVDs, flash drive to a Linux system, a new directory will automatically be created inside the /media directory.
  • It is a temporary mount directory for removable devices.
/mnt – Temporarily mounted filesystems
  • While /media is where the system automatically mounts removable media, /mnt is for you to mount things (partitions, file systems, devices) manually and temporarily.
/opt – Optional software packages
  • The /opt directory is reserved to store addition software or extra and third-party software for your system, those addition software usually don’t follow the standard file system hierarchy and not handled by the package manager.
/proc – Kernel & Process Information
  • Similar to /dev, /proc directory contains information about running process, system resources and information.
  • You can view information about any running process with a specific process-id (pid) or hardware’s information such as memory, cpu, io, etc.
/root – Root Home Directory
  • Don’t be confused with “/” or root directory, /root is a root account’s home directory determined by developer or local preference rather than /home/root to allow for booting the system even if /home/ is not available.
  • Sometimes /home is located on a different partition or even on another separate system and it’s inaccessible to “root”, that is why “root’s home directory” need to be in the same partition as “/” directory.
/sbin – System binaries
  • Similar to /bin, /sbin contains essential binaries that are generally intended to be run by the root user for system administration and maintenance purpose.
  • For example iptables, reboot, fdisk, ifconfig, swapon, init, ip, mount
/selinux – Security-Enhanced Linux
  • Selinux comes with RedHat based distro (fedora, centos), selinux is a security architecture integrated into the 2.6.x kernel using the Linux Security Modules (LSM).
  • For some reason Centos 6 created an emtpry selinux directory in root directory, the real selinux directory with its configuration files are stored in /etc/selinux/ directory.
/srv – Service Data
  • Server (srv) contains data of services such as HTTP, FTP, rsync, cvs
/sys – virtual filesystem
  • Some newer Linux distros have /sys directory with sysfs virtual filesystem to store information and statistics about (physical and virtual) device and device names.
  • It is newly added since Linux kernel 2.6 /sys contains similar information with /proc which display device information about the kernel’s view of the system.
/tmp – Temporary files
  • System’s Temporary Directory, all users and programs in your system can access/read/write in this directory.
  • Most files in this directory are required temporarily.
  • Many programs use /tmp to create lock file to save temporary data or files.
  • Normally don’t delete files from /tmp unless you know what you are doing because most files are required for current running programs.
  • You should not save or store any important files/directories under /tmp since all files will be removed after system is rebooted.
/usr – binaries, documentation, source code, libraries
  • Pronounced as ‘user’, /usr contains the majority of user utilities, programs, libraries, documentation etc for all user-related second level programs rather than applications and files used by the system.
  • Some user programs are stored here like telnet, ftp, etc.. /usr is shareable between various FHS-compliant hosts but can not be written to.
/var – Variable Files
  • Variable or /var contains data that is expected to change and grow as the system is running (system log files, mail, printer spool, temporary files).
  • Some sub directories under /var are not shareable between systems like /var/log, /var/lock, or /var/run, while other sub directories are shareable like /var/mail, var/cache/man, var/cache/fonts, and /var/spool/news




References





{{#widget:DISQUS |id=networkm |uniqid=Linux Basics |url=https://aman.awiki.org/wiki/Linux_Basics }}

Retrieved from "https://aman.awiki.org/wiki/Linux_Basics?oldid=129"