Lab 1b - System Startup, runlevels and log files
General Description / Aims
To boot a machine into single user mode, using the bootloader
Explore and modify the system startup procedures in Linux
Change runlevels
System log files
Task 1: Boot single-user shell only, using the boot loader
Description
Boot up Linux virtual machine (if already running, reboot it).
We will see the Virtual machine BIOS screen for a few seconds.
Then the GRUB2 boot loader will begin running and show a message: “Press any key . . .”
Interrupt the boot process by pressing a key when you see this message. It might take several attempts to get your timing right. You should now see the GRUB boot loader screen. Follow the process below to instruct GRUB to boot in single user mode.
1. The GRUB2 boot loader shows the kernels that are available to boot.
We can install as many as we like by later editing the /etc/grub2.cfg file.
Highlight the desired kernel then press the ‘E’ key to edit the boot commands.
2. The screen will change to one with several lines. Move the cursor with the arrow keys to the line that starts “linux....”. We want to pass a new option to the kernel, to tell it to boot with just a simple Unix shell.
3. On this line, look for where it says “ro” as a word by itself. We need to: Delete the word “ro” In its place, instead type: rw init=/sysroot/bin/sh
4. When We are sure we have typed it correctly, press Ctrl-X to boot the machine with your new boot parameters.
The machine will now boot and provide you with a root (single-user) shell without asking for a password.
Changing “ro” (read-only) into “rw” (read-write) means that we will be able to edit files if we need to as the filesystem will be mounted in a writable mode.
Note that the actual files of the machine are found inside the /sysroot folder when you are in single-user mode.
Single-user mode is mainly used for system maintenance:
be sure that no-one else is using the system, and that
a minimum number of processes are running.
Also note that this didn’t require you to enter any passwords, so it is also the way to do password recovery on a Linux system using GRUB2. The downside is that if an attacker has physical access to your machine, they can do this too. It is possible to secure the GRUB2 bootloader so we cannot do what we have just done without entering a password. There is also a ‘rescue mode’ that still gives you a single-user environment, but does require the root password.
Quick Steps to boot the machine as a single user shell
Boot up / Reboot
Press a key to interrupt the boot process
Edit /etc/grub2.cfg file (GRUB2 boot loader)
Highlight the desired kernel then press the ‘E’ key to edit the boot commands.
Delete the word “ro” In its place, instead type: rw init=/sysroot/bin/sh
press Ctrl-X to boot the machine with your new boot parameters.
GRUB2 boot loader stage
editing the boot commands
New boot parameters
Task 2: Explore and modify system startup scripts
Exit single-user mode
From single-user mode, we want to now exit and go back to graphical mode. The simplest way is to use the “reboot” command.
There are different modes the system can boot in:
Single-user mode is one.
Multi-user mode without graphics.
Graphical mode.
Previously these were called “runlevels”. In the latest releases they are called “targets”.
Use the command systemctl get-default to check the current default mode.
It should show “graphical.target”, indicating that the default boot mode of the system is graphical mode. We can change it with “systemctl set-default”
The main targets are:
• emergency.target – used for emergency system recovery (a bit like single user shell)
• rescue.target – rescue mode – also for system recovery – requires root password
• multi-user.target – multi-user mode with no graphical login
• graphical.target – full graphical mode
Check the current default mode
Use the command systemctl get-default to check the current default mode.
# systemctl get-default
“graphical.target”, indicating that the default boot mode of the system is graphical mode. We can change it with “systemctl set-default”
Changing to multi-user mode
Changing to multi-user mode, with the command:
# systemctl isolate multi-user.target
Change target to full graphical mode
graphical.target – full graphical mode
Changing to full graphical mode with:
# systemctl isolate graphical.target
Change target to emergency system recovery
Emergency.target and rescue.target.
emergency.target – used for emergency system recovery (a bit like single user shell)
# systemctl emergency.target
systemctl is the command that manages the startup process, including which services start at boot time. We have just seen “targets”, now let’s explore “services”. Run:
shows a list of all “units”
#systemctl list-unit-files
It shows a list of all “units” – units can be targets or services or a few other kinds (we just focus on targets and services).
For services, it will show us whether they are enabled or disabled.
Is the “sshd” service enabled or disabled by default? What about the “httpd” service?
Check if a service is enabled or disabled
Another way to check whether a single service is enabled or disabled is to use the ‘is-enabled’ command to systemctl,
# systemctl is-enabled sshd
Enabled/disabled means whether the service will/won’t start automatically when the machine boots.
Check if a service is active (running) or inactive
We can also check whether a service is active (currently running) or inactive.
# systemctl is-active sshd
More Systemctl commands
We can make it active (“start”) or inactive (“stop”). We can make it start at boot (“enable”) or not start at boot (“disable”).
Try:
systemctl start <servicename>
systemctl stop <servicename>
systemctl enable <servicename>
systemctl disable <servicename>
Task 3: Examine system log information
dmesg
dmesg command to view the contents of the kernel ring buffer.