Boot loader phase
The boot loader phase varies by computer architecture. Since the earlier phases are not specific to the operating system, the BIOS-based boot process for x86 and x86-64 architectures is considered to start when the master boot record (MBR) code is executed in real mode and the first-stage boot loader is loaded, which is typically a part of LILO or GRUB.[3] From that point, the boot process continues as described below.
The first-stage boot loader (stored within the MBR or the volume boot record) loads the remainder of the boot loader, which typically gives a prompt asking which operating system (or type of session) the user wishes to initialize. LILO and GRUB differ in some ways:[3]
Under LILO, the map installer, lilo, reads the configuration file /etc/lilo.conf to identify the available bootable systems (it is executed from a running Linux system). The configuration file can include data such as boot partition and kernel pathname for each, as well as customized options if needed. To be precise, /etc/lilo.conf is prior-parsed[clarification needed] and used to create fixed-offset information saved in the boot sector and the map file, which will be used at the next boot. This information is discovered by asking the Linux kernel, at map installer time, where (i.e. on which disk sectors) the object of interest (such as an initrd, a kernel image file, or the like) is stored. At boot time, the default or selected operating system is loaded into RAM, a minimal initial file system is possibly set up in RAM from an image file ("initrd"), and along with the appropriate boot parameters, control is passed to the newly loaded kernel. LILO does not "understand" file systems, so it uses raw disk offsets and the BIOS to load any needed code or data based on data in the boot sector and map file. It cannot "find" /etc/lilo.conf at boot time because it does not understand file systems; instead it searches fixed locations on the disk memorized the last time the LILO map installer (lilo) was run to generate new offsets in the boot sector and the map file image. Boot time LILO logic loads the menu code, and then, depending on the lilo.conf directives used to make the map file, along with any user interaction, loads either the boot sector for another system such as Microsoft Windows, or the kernel image for Linux.[3]
GRUB by contrast does have understanding of the common ext2, ext3 and ext4 file systems.[4] Because GRUB stores its data in a configuration file rather than the MBR and contains a command-line interface, it is often easier to rectify or modify GRUB if misconfigured or corrupt.[5]
GRUB
Main article: GNU GRUB
The first-stage loader (stage1) is loaded and executed either by the BIOS from the Master boot record (MBR) or by another boot loader from the partition boot sector.
If necessary, an intermediate stage loader (stage1.5) is loaded and executed by the first-stage loader. This may be necessary if the second-stage loader is not contiguous, or if the filesystem or hardware requires special handling in order to access the second-stage loader.
The second-stage loader (stage2) is then loaded and executed. This displays the GRUB startup menu, which allows the user to choose an operating system or to examine and edit startup parameters.
After an operating system is chosen, GRUB loads its kernel into memory and passes control to the kernel. Alternatively, GRUB can pass control of the boot process to another boot loader, using chain loading.
LILO
Main article: LILO (boot loader)
LILO, the older of the two boot loaders, is almost identical to GRUB in process, except that its command line interface allows only selection of options previously recorded in the boot sector and map file. Thus all changes must be made to its configuration and written to the boot sector and map file, and then the system restarted. An error in configuration can therefore leave a disk unable to be booted without use of a separate boot device (floppy disk etc.) containing a program capable of fixing this.[5] Additionally, it does not understand filesystems. Instead, locations of image files are stored within the boot sector and map file directly[5] and the BIOS is used to access them directly.
SYSLINUX
Main article: SYSLINUX
SYSLINUX is not normally used for booting full Linux installations since Linux is not normally installed on FAT filesystems. Instead, it is often used for boot or rescue floppy discs, live USBs, or other lightweight boot systems. ISOLINUX is generally used by Linux live CDs and bootable install CDs.
Loadlin
Main article: Loadlin
Yet another way to boot Linux is from DOS or Windows 9x, where the Linux kernel completely replaces the running copy of this operating system. This can be useful in the case of hardware which needs to be switched on via software and for which such configuration programs are only available for DOS, whereas not for Linux, those being proprietary to the manufacturer and kept an industry secret. This tedious booting method is less necessary nowadays, as Linux has drivers for a multitude of hardware devices, but it has seen some use in mobile devices.
Another case is when the Linux is located on a storage device which is not available to the BIOS for booting: DOS or Windows can load the appropriate drivers to make up for the BIOS limitation, and boot Linux from there.
Kernel phase
The kernel in Linux handles all operating system processes, such as memory management, task scheduling, I/O, interprocess communication, and overall system control. This is loaded in two stages - in the first stage the kernel (as a compressed image file) is loaded into memory and decompressed, and a few fundamental functions such as basic memory management are set up. Control is then switched one final time to the main kernel start process. Once the kernel is fully operational – and as part of its startup, upon being loaded and executing – the kernel looks for an init process to run, which (separately) sets up a user space and the processes needed for a user environment and ultimate login. The kernel itself is then allowed to go idle, subject to calls from other processes.
Kernel loading stage
The kernel as loaded is typically an image file, compressed into either zImage or bzImage formats with zlib. A routine at the head of it does a minimal amount of hardware setup, decompresses the image fully into high memory, and takes note of any RAM disk if configured.[6] It then executes kernel startup via ./arch/i386/boot/head and the startup_32 () (for x86 based processors) process.
Kernel startup stage
Source: IBM description of Linux boot process
The startup function for the kernel (also called the swapper or process 0) establishes memory management (paging tables and memory paging), detects the type of CPU and any additional functionality such as floating point capabilities, and then switches to non-architecture specific Linux kernel functionality via a call to start_kernel().
start_kernel executes a wide range of initialization functions. It sets up interrupt handling (IRQs), further configures memory, starts the Init process (the first user-space process), and then starts the idle task via cpu_idle(). Notably, the kernel startup process also mounts the initial RAM disk ("initrd") that was loaded previously as the temporary root file system during the boot phase. The initrd allows driver modules to be loaded directly from memory, without reliance upon other devices (e.g. a hard disk) and the drivers that are needed to access them (e.g. a SATA driver). This split of some drivers statically compiled into the kernel and other drivers loaded from initrd allows for a smaller kernel. The root file system is later switched via a call to pivot_root() which unmounts the temporary root file system and replaces it with the use of the real one, once the latter is accessible. The memory used by the temporary root file system is then reclaimed.
Thus, the kernel initializes devices, mounts the root filesystem specified by the boot loader as read only, and runs Init (/sbin/init) which is designated as the first process run by the system (PID = 1).[3] A message is printed by the kernel upon mounting the file system, and by Init upon starting the Init process. It may also optionally run Initrd[clarification needed] to allow setup and device related matters (RAM disk or similar) to be handled before the root file system is mounted.[3]
According to Red Hat, the detailed kernel process at this stage is therefore summarized as follows:[4]
"When the kernel is loaded, it immediately initializes and configures the computer's memory and configures the various hardware attached to the system, including all processors, I/O subsystems, and storage devices. It then looks for the compressed initrd image in a predetermined location in memory, decompresses it, mounts it, and loads all necessary drivers. Next, it initializes virtual devices related to the file system, such as LVM or software RAID before unmounting the initrd disk image and freeing up all the memory the disk image once occupied. The kernel then creates a root device,[clarification needed] mounts the root partition read-only, and frees any unused memory. At this point, the kernel is loaded into memory and operational. However, since there are no user applications that allow meaningful input to the system, not much can be done with it." An initramfs-style boot is similar, but not identical to the described initrd boot.
At this point, with interrupts enabled, the scheduler can take control of the overall management of the system, to provide pre-emptive multi-tasking, and the init process is left to continue booting the user environment in user space.
Init process
SysV init
Main article: Init
init is the parent of all processes on the system, it is executed by the kernel and is responsible for starting all other processes; it is the parent of all processes whose natural parents have died and it is responsible for reaping those when they die. Processes managed by init are known as jobs and are defined by files in the /etc/init directory.
— manual page for Init[7]
Init's job is "to get everything running the way it should be"[8] once the kernel is fully running. Essentially it establishes and operates the entire user space. This includes checking and mounting file systems, starting up necessary user services, and ultimately switching to a user-environment when system startup is completed. It is similar to the Unix and BSD init processes, from which it derived, but in some cases has diverged or became customized. In a standard Linux system, Init is executed with a parameter, known as a runlevel, that takes a value from 0 to 6, and that determines which subsystems are to be made operational. Each runlevel has its own scripts which codify the various processes involved in setting up or leaving the given runlevel, and it is these scripts which are referenced as necessary in the boot process. Init scripts are typically held in directories with names such as "/etc/rc...". The top level configuration file for init is at /etc/inittab.[8]
During system boot, it checks whether a default runlevel is specified in /etc/inittab, and requests the runlevel to enter via the system console if not. It then proceeds to run all the relevant boot scripts for the given runlevel, including loading modules, checking the integrity of the root file system (which was mounted read-only) and then remounting it for full read-write access, and sets up the network.[3]
After it has spawned all of the processes specified, init goes dormant, and waits for one of three events to happen: processes that started to end or die, a power failure signal,[clarification needed] or a request via /sbin/telinit to further change the runlevel.[7]
This applies to SysV-style init.
systemd
Main article: systemd
The developers of systemd aimed to replace the Linux init system inherited from UNIX System V and Berkeley Software Distribution (BSD) operating systems. Like init, systemd is a daemon that manages other daemons. All daemons, including systemd, are background processes. Systemd is the first daemon to start (during booting) and the last daemon to terminate (during shutdown).
Lennart Poettering and Kay Sievers, software engineers that initially developed systemd,[9] sought to surpass the efficiency of the init daemon in several ways. They wanted to improve the software framework for expressing dependencies, to allow more processing to be done concurrently or in parallel during system booting, and to reduce the computational overhead of the shell.
Systemd's initialization instructions for each daemon are recorded in a declarative configuration file rather than a shell script. For inter-process communication, systemd makes Unix domain sockets and D-Bus available to the running daemons. Systemd is also capable of aggressive parallelization.
Upstart
Main article: Upstart
The traditional init process was originally only responsible for bringing the computer into a normal running state after power-on, or gracefully shutting down services prior to shutdown. As a result, the design is strictly synchronous, blocking future tasks until the current one has completed. Its tasks must also be defined in advance, as they are limited to this prep or cleanup function. This leaves it unable to handle various non-startup-tasks on a modern desktop computer.
Upstart operates asynchronously; it handles starting of the tasks and services during boot and stopping them during shutdown, and also supervises the tasks and services while the system is running.
Easy transition and perfect backward compatibility with sysvinit were the explicit design goals;[10] accordingly, Upstart can run unmodified sysvinit scripts. In this way it differs from most other init replacements (beside systemd and OpenRC), which usually assume and require complete transition to run properly, and do not support a mixed environment of traditional and new startup methods.[11]
Upstart allows for extensions to its event model through the use of initctl to input custom, single events, or event bridges to integrate many or more-complicated events.[12] By default, Upstart includes bridges for socket, dbus, udev, file, and dconf events; additionally, more bridges (for example, a Mach ports bridge, or a devd (found on FreeBSD systems) bridge) are possible.[13]
runit
Main article: runit
Runit is an init scheme for Unix-like operating systems that initializes, supervises, and ends processes throughout the operating system. It is a "reimplementation" of the "seminal" daemontools[14] process supervision toolkit that runs on the Linux, Mac OS X, *BSD, and Solaris operating systems. Runit features parallelization of the start up of system services, which can speed up the boot time of the operating system.[15]
Runit is an init daemon, so it is the direct or indirect ancestor of all other processes. It is the first process started during booting, and continues running until the system is shut down.
