After pressing the power button, control is given to the motherboard. The BIOS program in the motherboard will detect the quality of the hardware and then transfer control to the hard drive according to the startup sequence. The hard drive then reads the software and loads it into the memory.
First add relevant knowledge:
1. Commands related to shutdown:
init 0
poweroff
Halt
shutdown (default) shut down after 1 minute
shutdown -h now Shut down immediately
shutdown -c cancels shutdown
2. What is the significance of understanding the boot process?
- Master how to start the program you developed
- The computer cannot start normally. What is the reason? Or there is something wrong with that link.
- To prevent hackers from implanting Trojans, check where hackers will put Trojans.
3. The function of snapshot: make a backup of the current state of the virtual machine and retain the state of the virtual machine. But snapshots take up disk space.
4. Main hardware of computer:
Motherboard: The carrier of all hardware. The main circuit system that makes up the computer is installed on it. The main function is to connect the work of various computer hardware devices with each other. The data transmission between all hardware is transmitted by the motherboard;
CPU central processing unit: responsible for executing instructions and processing data;
RAM memory: used to temporarily store programs and data;
HDD/SSD hard drive: The main device for computer storage, used to permanently store data. SSD solid state drive, HDD traditional machine hard drive, the reading speed of SSD hard drive is much faster than HDD hard drive;
Graphics card: Controls the output of graphics.
1. Power-on self-test
After booting, the motherboard will perform a power-on self-test:
1. Which hardware or software in the hardware completes the work? Who finished?
Hardware: motherboard
There is a BIOS program in the motherboard to complete the self-test work
2. What to check?
Check whether the hardware in the computer exists and whether it can work properly
BIOS program
BIOS: Basic input output system is the first software loaded when the computer starts. The BIOS program is a set of programs that are solidified on a ROM chip on the motherboard of the computer. It stores the most important basic input and output programs of the computer, the power-on self-test program and the system self-starting program. It reads parameters from CMOS: Understanding the CPU Configuration, time configuration, startup sequence configuration, etc. CMOS is a chip on the motherboard that stores configuration parameters.
Supplement: The ROM chip is a read-only memory, which is characterized by the fact that it will not be lost during a power outage and is written permanently; the RAM chip is a random access memory, which is characterized by losing data during a power outage.
The relationship between CMOS and BIOS:
How to enter the BIOS:
Notebook: F1, F2, F8, F12, etc.
Server: There is a reminder when starting up
Desktop: del, delete
Virtual machine: F2-enter BIOS; ESC: modify the boot sequence
BIOS interface:
Among them, Boot startup sequence check:
Hard Drive Boot from the hard drive
CD-ROM Drive
Removable device Removable device (USB disk, mobile hard disk)
Network network (start the server installed in the network)
When you first install the system, choose to set the optical drive CD-ROM to the first boot sequence. After installation, set the Hard Drive to the first boot sequence and boot from the hard disk.
To prevent data theft, you can set a BIOS password: After entering the BIOS, select the Security tab to set a password, as shown below.
2. Load the master boot record
The first boot sequence is set to the hard disk, and the BIOS program exits after booting from the hard disk. A special position in the hard disk: MBR - Master Boot Record, is a very important position in the hard disk. The first position in the disk is fixed, occupying one sector, and each sector is 512 bytes.
After the motherboard transfers control to the hard disk, it reads the startup program from the MBR into the memory. The startup program in the MBR is grub2. grub is a boot program in Linux, which is very small; grub2 is an upgraded version of grub.
Two stages of bootstrapping:
The first stage: load grub2 of the MBR partition in the hard disk into memory
The second stage: load the file system driver, read the data in the disk, find the system kernel file and load the kernel file
3. Load the kernel startup service
vmlinuz-3.10.0-1160.el7.x86_64 is the kernel file of Linux and an executable program; the initramfs-3.10.0-1160.el7.x86_64.img compressed file is decompressed in the memory and will be formed after the decompression is completed. A temporary root file system that provides many programs and driver files to vmlinuz.
After loading vmlinuz and initramfs into the memory, the systemd process, the first process of the system, will be started. After starting the systemd process, the services in the corresponding run level will be started.
Run level - a relatively old concept, very popular in centos6:
0 shutdown
1 Single user mode (only one user allowed to log in)
2 Multi-user mode, cannot use network resources
3 Full multi-user mode (character interface)
5 Graphical interface
6 Restart
Related commands:
1.runlevel: View run level
The meaning of the returned result: N means that there is no level at the beginning; 3 means that it is now running level 3. That is, the first character of the returned result indicates the level before entering, and the second character indicates the current level.
2.init 0: shutdown
3.init 6: Restart
4.init [num]: Enter run level [num]
In the new version of the centos operating system, there is a file /etc/inittab that retains this concept and introduces new concepts:
multi-user.target: command line interface
graphical.target: Graphical interface. Compared with the command line interface, the graphical interface starts more programs and consumes more memory and CPU.
You can also know the command according to the file /etc/inittab:
1. View the default startup mode (run level): systemctl get-default
2. Set the default mode: systemctl set-default multi-user.target/graphical.target
How to install graphical interface in linux?
During installation, select software selection (minimum installation only installs the most basic software)
You can realize the graphical interface by selecting the three pictures below, but the interfaces are different.
How does the systemd process manage services?
Files ending with service are used to start a specific service (corresponding to a certain program). If you want to start the service at boot, you must create a link file in the corresponding run-level folder and link to the service. Source files, these files all end with service. Correspondingly, if you want to set the service not to start at startup, the essence is to delete the linked file.
As long as the software is installed by yum, a service file will be automatically created; if the file is compiled and installed, there is no service file, so you need to create the service file yourself. If you have a service file, you can manage the service through the systemctl start/stop/enable/disable/restart [service] command, that is, systemd can manage the service through the above process.
Taking the ssh service as an example, check the source file sshd.service corresponding to the ssh service:
When all services are started, the commands in the /etc/rc.local script will be executed. You can place some scripts that you want to execute on startup in this file. Note: If you want to execute a script on boot, you must grant executable permissions to the /etc/rc.d/rc.local file, where /etc/rc.local is a link file pointing to /etc/rc.d/rc.local
The /etc/fstab file will also be loaded and mounted based on the partition information in the file. In this way, we will know which partitions of the disk in the entire system can be used, and load the real root file system.
4. Login
After starting the service and loading the file, the login program will be executed, and the login screen will appear: enter the user name and password, verify the user information according to the /etc/passwd and /etc/shadow files, and if the verification is successful, the environment variable configuration file will be loaded, and log in The screen is as follows:
Configuration files for 4 user environment variables:
Affected a user:
~/.bashrc
~/.bash_profile
Affects all users:
/etc/bashrc
/etc/profile
The startup sequence of the four environment variable configuration files is:
Note: If you want to execute certain commands or scripts, you can also lurk in these 4 environment variable configuration files.
think
After learning the boot process, here are some questions to think about:
1. There is a problem with a certain aspect of booting. Can the machine start normally? For example, delete the /boot partition? Destroy the MBR?
Can't start normally
2. Where can Trojans hide?
1. Check the process after starting the systemd process: abnormal services, rc.local or abnormal commands in the four environment variable configuration files
2. Troubleshoot planned tasks: crontab -l
3. Check whether there are any suspicious ports opened: netstat -anpltu
4. View suspicious processes: ps aux
rescue mode
Rescue mode is suitable for virtual machine environments and real machine environments.
If you accidentally delete the /etc/passwd or /etc/shadow file, how can you restore normal startup?
Premise: The reason why these two files can be restored by turning on the rescue mode is that there are backup files passwd- and shadow- in the system.
Idea: The system in the hard disk cannot be started. Use the system in the CD to start, and then repair the system in the hard disk.
Steps:
Put the CD into the CD-ROM drive and set the first boot sequence to CD-ROM:
Select Troubleshooting after startup:
Select rescue mode:
Choose to continue:
Enter the original root environment:
reduction:
quit:
After restarting, remember to adjust the first boot order back to Hard Drive.