Chapter 3. The system initialization

Table of Contents

3.1. An overview of the boot strap process
3.1.1. Stage 1: the BIOS
3.1.2. Stage 2: the boot loader
3.1.3. Stage 3: the mini-Debian system
3.1.4. Stage 4: the normal Debian system
3.2. SysV-style init
3.2.1. The meaning of the runlevel
3.2.2. The configuration of the runlevel
3.2.3. The runlevel management example
3.2.4. The default parameter for each init script
3.2.5. The hostname
3.2.6. The filesystem
3.2.7. Network interface initialization
3.2.8. Network service initialization
3.2.9. The system message
3.2.10. The kernel message
3.3. The udev system
3.3.1. The kernel module initialization

It is wise for you as the system administrator to know roughly how the Debian system is started and configured. Although the exact details are in the source files of the packages installed and their documentations, it is a bit overwhelming for most of us.

I did my best to provide a quick overview of the key points of the Debian system and their configuration for your reference, based on the current and previous knowledge of mine and others. Since the Debian system is a moving target, the situation over the system may have been changed. Before making any changes to the system, you should refer to the latest documentation for each package.

[Warning] Warning

This chapter is getting outdated since this is based on Debian 7.0 (Wheezy) released in 2013.

The computer system undergoes several phases of boot strap processes from the power-on event until it offers the fully functional operating system (OS) to the user.

For simplicity, I limit discussion to the typical PC platform with the default installation.

The typical boot strap process is like a four-stage rocket. Each stage rocket hands over the system control to the next stage one.

Of course, these can be configured differently. For example, if you compiled your own kernel, you may be skipping the step with the mini-Debian system. So please do not assume this is the case for your system until you check it yourself.

[Note] Note

For non-legacy PC platform such as the SUN or the Macintosh system, the BIOS on ROM and the partition on the disk may be quite different (Section 9.5.2, “Disk partition configuration”). Please seek the platform specific documentations elsewhere for such a case.

The BIOS is the 1st stage of the boot process which is started by the power-on event. The BIOS residing on the read only memory (ROM) is executed from the particular memory address to which the program counter of CPU is initialized by the power-on event.

This BIOS performs the basic initialization of the hardware (POST: power on self test) and hands the system control to the next step which you provide. The BIOS is usually provided with the hardware.

The BIOS startup screen usually indicates what key(s) to press to enter the BIOS setup screen to configure the BIOS behavior. Popular keys used are F1, F2, F10, Esc, Ins, and Del. If your BIOS startup screen is hidden by a nice graphics screen, you may press some keys such as Esc to disable this. These keys are highly dependent on the hardware.

The hardware location and the priority of the code started by the BIOS can be selected from the BIOS setup screen. Typically, the first few sectors of the first found selected device (hard disk, floppy disk, CD-ROM, …) are loaded to the memory and this initial code is executed. This initial code can be any one of the following.

  • The boot loader code

  • The kernel code of the stepping stone OS such as FreeDOS

  • The kernel code of the target OS if it fits in this small space

Typically, the system is booted from the specified partition of the primary hard disk partition. First 2 sectors of the hard disk on legacy PC contain the master boot record (MBR). The disk partition information including the boot selection is recorded at the end of this MBR. The first boot loader code executed from the BIOS occupies the rest of this MBR.

The boot loader is the 2nd stage of the boot process which is started by the BIOS. It loads the system kernel image and the initrd image to the memory and hands control over to them. This initrd image is the root filesystem image and its support depends on the bootloader used.

The Debian system normally uses the Linux kernel as the default system kernel. The initrd image for the current 2.6/3.x Linux kernel is technically the initramfs (initial RAM filesystem) image. The initramfs image is a gzipped cpio archive of files in the root filesystem.

[Warning] Warning

The above is no longer true with the new multi-segment initramfs. See Bug #790100.

The default install of the Debian system places first-stage GRUB boot loader code into the MBR for the PC platform. There are many boot loaders and configuration options available.

[Warning] Warning

Do not play with boot loaders without having bootable rescue media (CD or floppy) created from images in the grub-rescue-pc package. It makes you boot your system even without functioning bootloader on the hard disk.

For GRUB Legacy, the menu configuration file is located at "/boot/grub/menu.lst". For example, it has entries as the following.

title           Debian GNU/Linux
root            (hd0,2)
kernel          /vmlinuz root=/dev/hda3 ro
initrd          /initrd.img

For GRUB 2, the menu configuration file is located at "/boot/grub/grub.cfg". It is automatically generated by "/usr/sbin/update-grub" using templates from "/etc/grub.d/*" and settings from "/etc/default/grub". For example, it has entries as the following.

menuentry "Debian GNU/Linux" {
        set root=(hd0,3)
        linux /vmlinuz root=/dev/hda3
        initrd /initrd.img

For these examples, these GRUB parameters mean the following.

[Note] Note

The value of the partition number used by GRUB legacy program is one less than normal one used by Linux kernel and utility tools. GRUB 2 program fixes this problem.

[Tip] Tip

UUID (see Section 9.5.3, “Accessing partition using UUID”) may be used to identify a block special device instead of its file name such as "/dev/hda3", e.g."root=UUID=81b289d5-4341-4003-9602-e254a17ac232 ro".

[Tip] Tip

If GRUB is used, the kernel boot parameter is set in /boot/grub/grub.cfg. On Debian system, you should not edit /boot/grub/grub.cfg directly. You should edit the GRUB_CMDLINE_LINUX_DEFAULT value in /etc/default/grub and run update-grub(8) to update /boot/grub/grub.cfg.

[Tip] Tip

You can start a boot loader from another boot loader using techniques called chain loading.

See "info grub" and grub-install(8).

The normal Debian system is the 4th stage of the boot process which is started by the mini-Debian system. The system kernel for the mini-Debian system continues to run in this environment. The root filesystem is switched from the one on the memory to the one on the real hard disk filesystem.

The init program is executed as the first program with PID=1 to perform the main boot process of starting many programs. The default file path for the init program is "/sbin/init" but it can be changed by the kernel boot parameter as "init=/path/to/init_program".

The default init program has been changing:

  • Debian before squeeze uses the simple SysV-style init.

  • Debian wheezy improves the SysV-style init by ordering the boot sequence with LSB header and starting boot scripts in parallel.

  • Debian jessie switches its default init to the systemd for the event-driven and parallel initialization.

[Tip] Tip

All boot mechanisms are compatible through "/etc/init.d/rc", "/etc/init.d/rcS", "/usr/sbin/update-rc.d", and "/usr/sbin/invoke-rc.d" scripts.

[Tip] Tip

The actual init command on your system can be verified by the "ps --pid 1 -f" command.

[Tip] Tip

See Debian wiki: BootProcessSpeedup for the latest tips to speed up the boot process.

[Caution] Caution

The current default Debian system doesn't use SysV-style init. Please read other resources for the modern systemd based init. See The Debian Administrator's Handbook

This section describes how the good old SysV-style init used to boot the system. Your Debian system does not function exactly as described here but it is quite educational to know this basics since the newer init system tends to offer equivalent functionalities.

The SysV-style boot process essentially goes through the following.

  1. The Debian system goes into runlevel N (none) to initialize the system by following the "/etc/inittab" description.

  2. The Debian system goes into runlevel S to initialize the system under the single-user mode to complete hardware initialization etc.

  3. The Debian system goes into one of the specified multi-user runlevels (2 to 5) to start the system services.

The initial runlevel used for multi-user mode is specified with the "init=" kernel boot parameter or in the "initdefault" line of the "/etc/inittab". The Debian system as installed starts at the runlevel 2.

All actual script files executed by the init system are located in the directory "/etc/init.d/".

See init(8), inittab(5), and "/usr/share/doc/sysv-rc/README.runlevels.gz" for the exact explanation.

For example, let's set up runlevel system somewhat like Red Hat Linux as the following.

  • init starts the system in runlevel=3 as the default.

  • init does not start gdm3(1) in runlevel=(0,1,2,6).

  • init starts gdm3(1) in runlevel=(3,4,5).

This can be done by using editor on the "/etc/inittab" file to change starting runlevel and using user friendly runlevel management tools such as sysv-rc-conf or bum to edit the runlevel. If you are to use command line only instead, here is how you do it (after the default installation of the gdm3 package and selecting it to be the choice of display manager).

# cd /etc/rc2.d ; mv S21gdm3 K21gdm3
# cd /etc ; perl -i -p -e 's/^id:.:/id:3:/' inittab

Please note the "/etc/X11/default-display-manager" file is checked when starting the display manager daemons: xdm, gdm3, sddm, and wdm.

[Note] Note

You can still start X from any console shell with the startx(1) command.

The default parameter for each init script in "/etc/init.d/" is given by the corresponding file in "/etc/default/" which contains environment variable assignments only. This choice of directory name is specific to the Debian system. It is roughly the equivalent of the "/etc/sysconfig" directory found in Red Hat Linux and other distributions. For example, "/etc/default/cron" can be used to control how "/etc/init.d/cron" works.

The "/etc/default/rcS" file can be used to customize boot-time defaults for motd(5), sulogin(8), etc.

If you cannot get the behavior you want by changing such variables then you may modify the init scripts themselves. These are configuration files editable by system administrators.

Many network services (see Chapter 6, Network applications) are started under multi-user mode directly as daemon processes at boot time by the init script, e.g., "/etc/rc2.d/S20exim4" (for RUNLEVEL=2) which is a symlink to "/etc/init.d/exim4".

Some network services can be started on demand using the super-server inetd (or its equivalents). The inetd is started at boot time by "/etc/rc2.d/S20inetd" (for RUNLEVEL=2) which is a symlink to "/etc/init.d/inetd". Essentially, inetd allows one running daemon to invoke several others, reducing load on the system.

Whenever a request for service arrives at super-server inetd , its protocol and service are identified by looking them up in the databases in "/etc/protocols" and "/etc/services". inetd then looks up a normal Internet service in the "/etc/inetd.conf" database, or a Open Network Computing Remote Procedure Call (ONC RPC)/Sun RPC based service in "/etc/rpc.conf".

Sometimes, inetd does not start the intended server directly but starts the TCP wrapper program, tcpd(8), with the intended server name as its argument in "/etc/inetd.conf". In this case, tcpd runs the appropriate server program after logging the request and doing some additional checks using "/etc/hosts.deny" and "/etc/hosts.allow".

For system security, disable as much network service programs as possible. See Section 4.6.4, “Restricting access to some server services”.

See inetd(8), inetd.conf(5), protocols(5), services(5), tcpd(8), hosts_access(5), hosts_options(5), rpcinfo(8), portmap(8), and "/usr/share/doc/portmap/portmapper.txt.gz".

For Linux kernel 2.6 and newer, the udev system provides mechanism for the automatic hardware discovery and initialization (see udev(7)). Upon discovery of each device by the kernel, the udev system starts a user process which uses information from the sysfs filesystem (see Section 1.2.12, “procfs and sysfs”), loads required kernel modules supporting it using the modprobe(8) program (see Section 3.3.1, “The kernel module initialization”), and creates corresponding device nodes.

[Tip] Tip

If "/lib/modules/<kernel-version>/modules.dep" was not generated properly by depmod(8) for some reason, modules may not be loaded as expected by the udev system. Execute "depmod -a" to fix it.

The name of device nodes can be configured by udev rule files in "/etc/udev/rules.d/". Current default rules tend to create dynamically generated names resulting non-static device names except for cd and network devices. By adding your custom rules similar to what cd and network devices do, you can generate static device names for other devices such as USB memory sticks, too. See "Writing udev rules" or "/usr/share/doc/udev/writing_udev_rules/index.html".

Since the udev system is somewhat a moving target, I leave details to other documentations and describe the minimum information here.

[Tip] Tip

For mounting rules in "/etc/fstab", device nodes do not need to be static ones. You can use UUID to mount devices instead of device names such as "/dev/sda". See Section 9.5.3, “Accessing partition using UUID”.

The modprobe(8) program enables us to configure running Linux kernel from user process by adding and removing kernel modules. The udev system (see Section 3.3, “The udev system”) automates its invocation to help the kernel module initialization.

There are non-hardware modules and special hardware driver modules as the following which need to be pre-loaded by listing them in the "/etc/modules" file (see modules(5)).

The configuration files for the modprobe(8) program are located under the "/etc/modprobes.d/" directory as explained in modprobe.conf(5). (If you want to avoid some kernel modules to be auto-loaded, consider to blacklist them in the "/etc/modprobes.d/blacklist" file.)

The "/lib/modules/<version>/modules.dep" file generated by the depmod(8) program describes module dependencies used by the modprobe(8) program.

[Note] Note

If you experience module loading issues with boot time module loading or with modprobe(8), "depmod -a" may resolve these issues by reconstructing "modules.dep".

The modinfo(8) program shows information about a Linux kernel module.

The lsmod(8) program nicely formats the contents of the "/proc/modules", showing what kernel modules are currently loaded.

[Tip] Tip

You can identify exact hardware on your system. See Section 9.4.3, “Hardware identification”.

[Tip] Tip

You may configure hardware at boot time to activate expected hardware features. See Section 9.4.4, “Hardware configuration”.

[Tip] Tip

You can probably add support for your special device by recompiling the kernel. See Section 9.9, “The kernel”.