Kernel

From DikapediaV2
Revision as of 16:08, 10 December 2024 by Ardika Sulistija (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The kernel is the heart of the Linux operating system. It's responsible for scheduling running programs, file management, and security.

If you have a device driver, it runs in the kernel. Networking is implemented in the kernel. This is what we mean as kernel space.

The kernel's job is also to support user programs, which run in user space like shell, web browser, or similar programs. User space programs interact with a kernel through special devices or system calls that they make.

An individual running program is called a process. Each process has its own private virtual memory space. It runs as a particular user and a set of groups, so that it can access files on the file system.

A process also has a state, that describes whether it is currently running, waiting to run, or whether it is blocked waiting for other resources. We use unique process ID or PID to identify a process.


Different types of Processes


  • User Processes - Associated with a particular user, stated by being run from the Shell. They are associated with the terminal. They print the output to the terminal, and they get input from the terminal. It's possible for a process to be put in the background, in which case they are not going to be taking input from the terminal BUT can output to the terminal.
  • Daemon Processes - These processes are not associate dwith the terminal. They are started up at the system and provide things like networking services or other house keeping tasks to keep the system running.
  • Kernel Threads - These are part of the kernel that are running as if they were regular user processes, or system daemons, but are not associated with the terminal. They are parts of the kernel, but they are still scheduled as if there were regular processes.


Kernel paramaters


https://linux.die.net/man/8/dracut
https://mirrors.edge.kernel.org/pub/linux/utils/boot/dracut/dracut.html#dracutcmdline7
https://man7.org/linux/man-pages/man8/systemd-udevd.service.8.html
https://www.kernel.org/doc/html/v4.14/admin-guide/kernel-parameters.html
https://www.theburningofrome.com/contributing/what-is-rhgb-quiet-in-grub-conf/

/etc/default/grub is the main (master) configuration file. It is used by the grub2-mkconfig tool, which is used by anaconda when creating grub. cfg during the installation process, and can be used in the event of a system failure, for example if the boot loader configurations need to be recreated.

These are some that I have encountered. Some are common, some are not:

  • rd.lvm=0
    • disable LVM detection
  • rd.lvm.vg=<volume group name>
    • only activate all logical volumes in the the volume groups with the given name. rd.lvm.vg can be specified multiple times on the kernel command line.
  • rd.lvm.lv=<volume group name>/<logical volume name>
    • only activate the logical volumes with the given name. rd.lvm.lv can be specified multiple times on the kernel command line.
  • rd.lvm.conf=0
    • remove any /etc/lvm/lvm.conf, which may exist in the initramfs
  • rd_NO_LVMCONF
    • remove any /etc/lvm/lvm.conf, which may exist in the initramfs
  • biosdevname=0
    • boolean, turn off biosdevname network interface renaming
  • modprobe.blacklist
    • For RHEL-7 the kernel command line parameter modprobe.blacklist=<module name> can be used to blacklist the module for the initramfs as well as the real root, without the need to create a modprobe.d configuration file and regeneration of the initramfs.
  • net.ifnames
    • Network interfaces are renamed to give them predictable names when possible. It is enabled by default; specifying 0 disables it.
  • nomodeset
    • The nomodeset parameter instructs the kernel to not load video drivers and use BIOS modes instead until X is loaded. Note: Many open source drivers have removed support for non-kernel mode setting.
  • rdblacklist=<drivername>
    • do not load kernel module <drivername> This parameter can be specified multiple times.
  • consoleblank= [KNL]
    • The console blank (screen saver) timeout in seconds. Defaults to 10*60 = 10mins. A value of 0 disables the blank timer.
  • rhgb
    • redhat graphical boot – This is a GUI mode booting screen with most of the information hidden while the user sees a rotating activity icon spining and brief information as to what the computer is doing.
  • quiet
    • quiet = hides the majority of boot messages before rhgb starts.
  • rd.break
    • The rd.break parameter interrupts the boot process before the control is passed over to the kernel. At this point, when you run the passwd command to do the password reset, the associated shadow file (/etc/shadow) is modified with an incorrect SELinux context. The touch /.autorelabel command creates a hidden file named .autorelabel under the root directory. On the next boot, the SELinux subsystem will detect this file, and then relabel all of the files on that system with the correct SELinux contexts. On large disks, this process can take a good amount of time.
    • This is the equivalent of when the system boots into emergency mode/dracut prompt due to some boot failure.
    • In this scenario, you may see an empty fstab file (i.e. etc/fstab.empty)
  • init=/bin/bash
    • This is a feature, and is used for system maintainance: it allows a sysadmin to recover a system from messed-up initialization files like /etc/fstab or change a forgotten password. In Unix-like systems, init is the first process to be run, and the ultimate ancestor of all processes ever run. It's responsible for running all the init scripts. So when you do init=/bin/bash, you're telling the Linux kernel to run /bin/bash as init, rather than the system init.


Resetting Root Password using rd.break


You will have to reset the password manually by interrupting grub by using the kernel parameter rd.break.

1. Boot the system and interrupt the booting process when you're at the GRUB menu by pressing 'e'.
2. Add the kernel parameter rd.break to the Linux kernel line.
3. Press 'ctrl+x' to boot.
4. You will enter the emergency mode prompt (or preboot screen, per Joe) to authenticate to unlock the drive.
5. Then run the following commands:

# mount -o remount,rw /sysroot
# chroot /sysroot
# passwd 
# touch /.autorelabel
# exit
# logout

6. A couple of minutes and once done, the system will reboot upon which you can log in as the root user with the new password.


Reference: [+] https://www.tecmint.com/reset-forgotten-root-password-in-rhel-8/ [+] https://learn.redhat.com/t5/Platform-Linux/Unable-to-reset-the-root-password-when-disabling-SELinux/td-p/21082 [+] https://unix.stackexchange.com/questions/509798/what-does-touch-autorelabel-do-when-we-reset-the-root-password-in-red-hat-en/509801#509801


Using init=/bin/bash when system is booting to Emergency Mode


This method works on a workstation.

You can use this method if a user has misconfigured an /etc/fstab entry.

  1. On boot/grub menu, select "e" to edit the kernel boot line. At the end of the line, add "init=/bin/bash". Ctrl-X to continue the boot process.
  2. After the above was done, you end up at a shell prompt.
  3. The root filesystem is read-only, so we had to remount it with rw permissions by running: "mount -o remount,rw /"
  4. Edit /etc/fstab as needed.
  5. Reboot system

You may also be able to use rd.break instead of init=/bin/bash. See the next section


init=/bin/bash vs rd.break


https://www.sws-international.com/?p=494

How to Remove Old Kernels on Ubuntu


Sometimes, when you have a lot of kernel images under /boot, it can take up a lot of space. There are ways to clean up the /boot directory by removing old kernels. See this third-party document: https://linuxconfig.org/how-to-remove-old-kernels-on-ubuntu