\documentclass[a4]{seminar} \usepackage{slidesec} \usepackage[dvips]{graphicx} \usepackage{fancyhdr} \newcommand{\heading}[1]{\begin{center}\large\bf #1\end{center}} \newcommand{\bold}{\bf} \fancyhf{} % Clear all fields \fancyhead[L]{\small Eli Billauer} \fancyhead[R]{\small eli@billauer.co.il} \fancyfoot[L]{\tiny\thedate} \fancyfoot[C]{\small Demystifying Boot Disks} \fancyfoot[R]{\tiny Slide \theslide} % To avoid that the headers be too close of the top of the page \renewcommand{\slidetopmargin}{2cm} % To center horizontally the headers and footers (see seminar.bug) \renewcommand{\headwidth}{\textwidth} \begin{document} \pagestyle{fancy} %%%%%%%%%%%%%%%%%%%%%Title \begin{slide} \includegraphics{tux.eps} \center{\Large {Demystifying Boot Disks}} \center{Eli Billauer} \center{eli@billauer.co.il} \end {slide} \begin{slide} \slideheading{Lecture's outline } \begin{itemize} \item Introduction \item The RAM disk and the loop device \item What's in a rescue disk \item What you need to know to successfully modify a rescue disk \item What's in a boot disk, and how to modify it \end{itemize} \emph{General remark: A large part of this lecture is example-oriented. Where an example is given the explanations are omitted from the slides} \end{slide} \begin{slide} \slideheading{Why boot/rescue disks? } The general idea: Running Linux without mounting hard disks \begin{itemize} \item Repairing a damaged system (``rescue'' disks) \item Running Linux for a single ad-hoc application \item Running on a diskless computer \item Trying a newly compiled kernel \end{itemize} \end{slide} \begin{slide} \slideheading{Where to find what } \begin{itemize} \item Documentation \begin{itemize} \item Bootdisk-HOWTO \item BootPrompt-HOWTO \item The LILO mini-HOWTO \item \verb+/usr/src/linux/Documentation/ramdisk.txt+ \item \verb+/usr/src/linux/Documentation/initrd.txt+ \item \verb+/usr/src/linux/init/main.c+ (Source code of boot process) \end{itemize} \item Boot images \begin{itemize} \item On installation CD's, typically under \verb+images/+ \item All over the web \end{itemize} \end{itemize} \end{slide} \begin{slide} \slideheading{What happens when you boot} \begin{itemize} \item The kernel is loaded, uncompressed and run \item The kernel \emph{might} do some Hocus-Pocus (explained later) to run a \verb+linuxrc+ initialization executable \item The kernel mounts a root directory on a device, usually known in advance \item The First Process is launched, trying in the following order: \verb+/etc/init+, \verb+/bin/init+, \verb+/sbin/init+ or other defaults. \item The boot is now in the hands of this process. \end{itemize} As we shall see, there are endless variations for this \end{slide} \begin{slide} \slideheading{Different ways to boot up} \begin{itemize} \item From hard disk \item Boot kernel from floppy, root on hard disk \item Boot kernel from floppy, root on floppy disk \item Boot kernel from floppy, root on \textbf{RAM disk}. \begin{itemize} \item The root image comes from boot disk \item The root image comes from a second disk \item Both... \end{itemize} \item Booting from CD-ROM is actually booting a floppy disk image written on CD. (See \verb+mkisofs+ documentation) \item \verb+loadlin.exe+ (used by linux4win) \end{itemize} \end{slide} \begin{slide} \slideheading{The RAM disk } This will create a 4 Mbyte RAM disk, and mount it. \begin{verbatim} # dd if=/dev/zero of=/dev/ram0 bs=1k count=4096 4096+0 records in 4096+0 records out # mke2fs /dev/ram0 mke2fs 1.10, 24-Apr-97 for EXT2 FS 0.5b, 95/08/09 (...) # mkdir /mnt/ram # mount /dev/ram0 /mnt/ram \end{verbatim} \end{slide} \begin{slide} \slideheading{The RAM disk (cont.) } \begin{itemize} \item After these instructions ,we can use \texttt{/mnt/ram} like any usual disk. \item The memory taken by a RAM disk is never returned (reboot...) \item This is implicitly done by the kernel when we boot into a RAM disk but: \begin{itemize} \item The kernel copies the boot image from floppy to RAM disk. Something like: \begin{verbatim} cat /dev/fd0 | zcat > /dev/ram0 \end{verbatim} \item Then the kernel mounts the image as root directory. \end{itemize} \end{itemize} \end{slide} \begin{slide} \slideheading{The loop device } How to create a 1 MB loop disk \begin{verbatim} # dd if=/dev/zero of=loopfile bs=1024 count=1024 1024+0 records in 1024+0 records out # ls -l loopfile -rw-rw-r-- 1 root root 1048576 Dec 14 22:32 loopfile # mke2fs loopfile mke2fs 1.10, 24-Apr-97 for EXT2 FS 0.5b, 95/08/09 loopfile is not a block special device. Proceed anyway? (y,n) y (...) # mkdir mountdir # mount -o loop loopfile mountdir \end{verbatim} \end{slide} \begin{slide} \slideheading{The loop device (cont.) } \begin{itemize} \item Note that \texttt{mount -o loop} is actually an abbreviation for \begin{verbatim} # losetup /dev/loop0 loopfile # mount /dev/loop0 mountdir \end{verbatim} \item ...except that \texttt{mount} looks for an available loop device (\texttt{/dev/loop0, /dev/loop1, ...}) \item Loop devices depend on the \texttt{loop.o} kernel module \end{itemize} \end{slide} \begin{slide} \slideheading{Exploring the rescue disk} \begin{itemize} \item If we want to see what's in a certain diskette, we first raw-copy it to a file: \begin{verbatim} # cat /dev/fd0 > from-diskette.gz # gunzip from-diskette.gz gunzip: from-diskette.gz: decompression OK, trailing garbage ignored \end{verbatim} \item Using \texttt{cat} to raw-read diskettes is ``politically incorrect'', so it's more common to see is the equivalent \begin{verbatim} # dd if=/dev/fd0 of=from-diskette.gz bs=1k \end{verbatim} \item We next look at the rescue disk image which comes with the installation CD. \end{itemize} \end{slide} \begin{slide} \slideheading{Exploring the rescue disk (cont.)} \begin{verbatim} # cp /mnt/cdrom/images/rescue.img rescue.gz # ls -l rescue.gz -r--r--r-- 1 root root 1401934 Dec 15 01:11 rescue.gz # gunzip rescue.gz # ls -l rescue -r--r--r-- 1 root root 4194304 Dec 15 01:11 rescue # mkdir temp # mount -o loop rescue temp # cd temp # ls -F bin/ lib/ proc/ usr/ dev/ lost+found/ sbin@ etc/ mnt/ tmp/ \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the rescue disk (cont.)} \begin{verbatim} bin: ash* gunzip@ modprobe* sh@ badblocks* gzip* mount* swapoff@ cat* head* mt* swapon* chmod* ifconfig* mv* sync* chroot* init* open* tac* cp* insmod* pico* tail* cpio* ln* ping* tar* dd* ls* ps* traceroute* df* lsmod* rm* umount* e2fsck* mkdir* route* fdisk* mke2fs* rpm* grep* mknod* sed* \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the rescue disk (cont.)} \begin{verbatim} dev: console hdb1 hdd15 sda11 sdc5 fd@ hdb10 hdd16 sda12 sdc6 fd0 hdb11 hdd2 sda13 sdc7 fd0D360 hdb12 hdd3 sda14 sdc8 (...) fd0h360 hdb4 null sda7 sde5 fd0h720 hdb5 ram sda8 sde6 fd1 hdb6 ram0 sda9 sde7 fd1D360 hdb7 ram1 sdb sde8 (...) \end{verbatim} Not all devices are shown here. If you'll need a certain device, make sure it's in the list! \end{slide} \begin{slide} \slideheading{Exploring the rescue disk (cont.)} \begin{verbatim} etc: fstab mtab protocols services termcap lost+found: mnt: floppy/ image/ proc: tmp: usr: bin@ lib/ sbin@ share/ \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the rescue disk (cont.)} \begin{verbatim} lib: ld-2.1.1.so* libnss_dns-2.1.1.so* ld-linux.so.2@ libnss_dns.so.1@ libc-2.1.1.so* libnss_dns.so.2@ libc.so.6@ libnss_files-2.1.1.so* libcom_err.so.2@ libnss_files.so.1@ libcom_err.so.2.0* libnss_files.so.2@ libdb.so.2@ libproc.so.2.0.0* libdb1-2.1.1.so* libtermcap.so.2@ libe2p.so.2@ libtermcap.so.2.0.8* libe2p.so.2.3* libuuid.so.1@ libext2fs.so.2@ libuuid.so.1.2* libext2fs.so.2.4* (...) \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the rescue disk (cont.)} \begin{verbatim} usr/lib: rpm/ usr/lib/rpm: macros rpmpopt rpmrc usr/share: terminfo/ usr/share/terminfo: l/ usr/share/terminfo/l: linux \end{verbatim} \end{slide} \begin{slide} \slideheading{Changing the rescue disk } What we'll talk about: \begin{itemize} \item Creating a initrd disk image \item Dynamic linking \item Kernel Modules \item Adding a \texttt{/dev} device \end{itemize} \end{slide} \begin{slide} \slideheading{Creating an initrd RAM disk image} After adding and/or removing the files, wrap it all up by: \begin{verbatim} # umount temp # gzip rescue # cat rescue.gz > /dev/fd0 \end{verbatim} Size considerations: \begin{itemize} \item If you modify an existing RAM disk image, you can't exceed the allocated file system size. \item You may create a bigger filesystem of your own, and tell the kernel to prepare a larger RAM disk with the \verb+ramdisk_size=+ kernel argument. \item The bigger problem is to fit the gzipped file into a floppy disk. \end{itemize} \end{slide} \begin{slide} \slideheading{Dynamic Linking } \begin{itemize} \item If you want to add an executable to your rescue disk, make sure the libraries are there too! \begin{verbatim} # ldd /sbin/ifconfig libc.so.6 => /lib/libc.so.6 (0x40006000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x00000000) \end{verbatim} \item We then need to verify that the libraries exist, for example: \begin{verbatim} # ls -l /lib/libc* (...) root root /lib/libc-2.0.7.so* (...) root root /lib/libc.so.6 -> libc-2.0.7.so* (...) \end{verbatim} \end{itemize} \end{slide} \begin{slide} \slideheading{Dynamic Linking (cont.)} \begin{itemize} \item Dynamic linking can be bypassed by compiling the source with \verb+gcc -static ...+ \item This creates an independent executable \end{itemize} \end{slide} \begin{slide} \slideheading{Kernel Modules } \begin{itemize} \item If you add a new executable, it might require a specific kernel module. \verb+lsmod+ might help to find out which. \item Kernel modules might be implicitly needed to access file systems, hardware, etc. \item There's no automated way to know which modules you'll need \item There will (probably) be no \verb+kerneld+ running in rescue mode. \item There are two ways to get the modules in place, then: \begin{itemize} \item Copy the modules into the rescue disk and \verb+insmod+ as needed. \item Have all possibly needed modules loaded from the \textbf{boot disk}. (You won't waste your precisous rescue disk space on this!) \end{itemize} \end{itemize} \end{slide} \begin{slide} \slideheading{Kernel Modules (cont.)} \begin{itemize} \item The kernel modules are organized under \verb+/lib/modules+. The directory structure goes deep \item Some modules depend on others. Attempting to \verb+insmod+ a module before a module it depends on will result in an error message regarding unresolved symbols. \item A quite easy-to-understand makefile-type list of module dependencies appears in the \verb+modules.dep+ file, typically \verb+/lib/modules/preferred/modules.dep+. This file is created by the \verb+depmod+ command. \end{itemize} \end{slide} \begin{slide} \slideheading{Adding a \texttt{/dev} device } \begin{verbatim} # ls -l /dev/hda* brw-rw---- 1 root disk 3, 0 May 5 1998 /dev/hda brw-rw---- 1 root disk 3, 1 May 5 1998 /dev/hda1 brw-rw---- 1 root disk 3, 2 May 5 1998 /dev/hda2 ... # ls -l /dev/ttyS* crw-r--r-- 1 root root 4, 64 May 5 1998 /dev/ttyS0 crw-r--r-- 1 root root 4, 65 May 5 1998 /dev/ttyS1 crw-r--r-- 1 root root 4 66 May 5 1998 /dev/ttyS2 crw-r--r-- 1 root root 4, 67 May 5 1998 /dev/ttyS3 \end{verbatim} \end{slide} \begin{slide} \slideheading{Adding a \texttt{/dev} device (cont.) } Now we'll demonstrate how to add a loop device to our rescue disk \begin{itemize} \item First we find out the type, major and minor of the device: \begin{verbatim} # ls -l /dev/loop0 brw-rw---- 1 root disk 7, 0 May 5 1998 /dev/loop0 \end{verbatim} \item Aha! It's a block device with major 7 and minor 0. We can now create one on the boot disk. \begin{verbatim} # mknod /mnt/my-rescue-disk/dev/loop0 b 7 0 \end{verbatim} \item A list of majors and minors can be found in \texttt{/usr/src/linux/Documentation/devices.txt} (try also \texttt{/usr/src/linux/include/linux/major.h}) \end{itemize} \end{slide} \begin{slide} \slideheading{Don't say I didn't warn you} Dealing with boot \& rescue disks should be harmless, but there are plenty of ways to screw up your system while playing with them: \begin{itemize} \item Write to \texttt{/dev/hda} instead of \texttt{/dev/fd0} \item Tamper with your system files instead of your image files \item You are root most of the time. Plenty of chances to do stupid things. \end{itemize} \end{slide} \begin{slide} \slideheading{Exploring the boot disk} There are two kinds of boot disks: \begin{itemize} \item Kernel and boot image raw-written on sectors (yuck!) \begin{itemize} \item The old way to create boot disks \item Disk is setup with \texttt{rdev} \item We won't get into this further \end{itemize} \item Disk contains an ext2 file system and is LILO'ed \begin{itemize} \item The kernel and boot image appear as files \item The file system is there only so that the \verb+lilo+ executable will have a correct environment. \item Kernel arguments may be sent during bootup, as usual \end{itemize} \end{itemize} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} We now look at a \textbf{customized} boot disk \begin{verbatim} # mount /dev/fd0 /mnt/floppy # cd /mnt/floppy # ls -RF .: boot/ etc/ lost+found/ dev/ initrd.img vmlinuz-2.2.14-15mdk boot: boot.0200 boot.b map message dev: fd0 hda7 etc: lilo.conf \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} \begin{verbatim} # cat etc/lilo.conf boot=/dev/fd0 timeout=100 message=/boot/message prompt image=/vmlinuz-2.2.14-15mdk label=linux root=/dev/hda7 append=" hdc=ide-scsi " image=/vmlinuz-2.2.14-15mdk label=rescue append="load_ramdisk=2 prompt_ramdisk=1 hdc=ide-scsi" root=/dev/fd0 initrd=/initrd.img \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} Did I just count \textbf{TWO} RAM disks? \begin{itemize} \item The kernel is booted from the boot disk \item \verb+initrd.img+ is uncompressed and loaded into the RAM disk, which is mounted as root \item \verb+/linuxrc+ is executed \item The kernel prompts for a second disk \item The RAM disk is now loaded from \verb+/dev/fd0+ (compressed raw data, as we saw before). This is the ``rescue disk'' \item Root is \textbf{remounted} with the new RAM disk. \item \verb+/etc/init+, \verb+/bin/init+, or \verb+/sbin/init+ is executed, whichever is found first. \end{itemize} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} We now look at the RAM disk image on the \textbf{boot disk} \begin{verbatim} # cp initrd.img ~/ # cd ~/ # mv initrd.img initrd.gz # gunzip initrd.gz # mkdir rd # mount -o loop initrd rd \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} \begin{verbatim} # ls -rF rd linuxrc* lib/ etc/ dev/ bin/ # ls -RF rd rd: bin/ dev/ etc/ lib/ linuxrc* rd/bin: insmod* sh* rd/dev: console null ram systty tty1 tty2 tty3 tty4 rd/etc: rd/lib: fat.o lockd.o ntfs.o slhc.o supermount.o ide-scsi.o msdos.o ppp.o sunrpc.o vfat.o \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} The \verb+linuxrc+ file: \begin{verbatim} #!/bin/sh echo "Loading ide-scsi module" insmod /lib/ide-scsi.o echo "Loading fat module" insmod /lib/fat.o echo "Loading vfat module" insmod /lib/vfat.o ... echo "Loading lockd module" insmod /lib/lockd.o \end{verbatim} \end{slide} \begin{slide} \slideheading{Exploring the boot disk (cont.)} Hey! I didn't see any link libraries! \begin{verbatim} # ldd rd/bin/sh not a dynamic executable # ldd rd/bin/insmod not a dynamic executable \end{verbatim} \begin{itemize} \item Both \verb+sh+ and \verb+insmod+ are statically linked, to avoid having the entire libraries. \item These files can probably be found in your filesystem as \verb+/bin/ash.static+ and \verb+/sbin/insmod.static+ \end{itemize} \end{slide} \begin{slide} \slideheading{Changing the boot disk} \begin{itemize} \item You might want to create your own with \texttt{mkbootdisk} \begin{itemize} \item It's recommended to edit the \texttt{mkbootdisk} script so it adds the modules you want, rather than guessing them \item Most of the script deals with picking the right modules. If you skip that part, and just choose the modules, it's quite easy \end{itemize} \item If you want to add modules by hand, it's only a matter of adding the module in the \verb+lib+ directory, and modifying \verb+linuxrc+ accordingly. \item Be sure to load the modules in the right order! \item When finished, write the new compressed initrd.img to your floppy, \textbf{and run LILO} \end{itemize} \end{slide} \end{document}