Monday, January 28, 2013

What is ARIN

Hi People,

The American Registry for Internet Numbers (ARIN) is a nonprofit corporation that serves users of Internet number resources, such as Internet Service Providers, governments, and end-users in its region. ARIN's service region includes Canada, the United States, and several islands in the Caribbean Sea and North Atlantic Ocean.

ARIN is one of five Regional Internet Registries (RIRs) worldwide that provide Internet number resource services to all regions of the globe.

Can know more about Internet Numbers visit

Happy to help

Sunday, January 27, 2013

Sysprep in VMware, while cloning VMs

Hi People

We all know and familiar with sysprep - System Preparation executable file

Sysprep Executable :-

Sysprep.exe is the main program that calls other executable files that prepare the Windows installation. Sysprep.exe is located in the %WINDIR%\system32\sysprep directory on all installations. Sysprep must always be run from the %WINDIR%\system32\sysprep directory and must run on the version of Windows with which it was installed.
Above is the little Information of sysprep, which you can use in VMware, when cloning VMs

Why do we require sysprep While cloning VMs:-

1. You can set Computer Name

2. You can set Administrator password, for post installation task

3. SID is created separately, Because in VM cloning, it does take the same SID, which in future conflicts with the original VM

Long story in short :- It allows you for custom installation, where you can specify IP address & other required details of system, as per your choice.

You can browse some more details, how to use this in VMware, It really works

Happy to help

Creating a WinSSHD User For UNIX Access

Hi People,

 Creating a WinSSHD user will allow Unix user to communicate with Windows system , using password less autehntication.

This requires following things

  1. WinSHHD software
  2. RSA Key generated by Unix
  3. Existing Unix user
  4. Path of Root directory

Please find thge steps below as how to configure WinSSHD software on Windows System

1. Log into server

2. Launch WinSSHD Control Panel (you can find this by clicking START and using search)

3. Under Settings click Open Easy Settings

4. Go to Tab #3 Virtual accounts

5. Click Add

6. Under Virtual Account Name enter the Unix Name

7. Click Public Keys

8. On new window that opens, click Import

9. Browse to SSH key click OK

10. Click Close to close out the Public Keys window

11. Uncheck “Allow Terminal”

12. To the right of Virtual Filesystem Layout select Limit to root directory

13. A new field will appear “Root Directory” enter the path provided by client.

14. Click OK to close out Account Add window

15. Click Save Changes to close out Easy Settings window

  Please feel free to communicate   Happy to help

Tuesday, January 22, 2013

Robocopy Command

Hi People

When it comes to copy data from source to destination, we have several commands and utilities.
Like xcopy, robocopy, copy and etc.

One of these command is robocopy,
Command Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2
And it works like any thing, if the data size is less than 100 GB, I would suggest this command

Command options are

/Z : Copy files in restartable mode (survive network glitch).
/R:n : Number of Retries on failed copies - default is 1 million.
/W:n : Wait time between retries - default is 30 seconds.
/COPYALL : Copy ALL file info (equivalent to /COPY:DATSOU).
/E : Copy Subfolders, including Empty Subfolders.
/LOG:file : Output status to LOG file (overwrite existing log).
/FP : Include Full Pathname of files in the output.
/TEE : Output to console window, as well as the log file.
/V : Produce Verbose output log, showing skipped files.
/ETA : Show Estimated Time of Arrival of copied files

Simple command syntax would be with example would be  :-

ROBOCOPY E:\ G:\ /ETA /E /Z /V /R:0 /W:0

Monday, January 21, 2013

How to find LDAP server details in your domain

Hello People

We all have LDAP configured in Infastructure, however not aware on which all servers it is, what is the port number (Default is port 389, avoid changing this port number, as it will break connections)

Step One :- Check the list of Domain Controllers in your Domain

Command is :-  nltest /dclist:Domain Name

Here after :  Specify youir domain name without space, It will list all the DC's under your domain.

E.g.       [DS] Site: Thornton

Here - Complete FQDN of server: [DS = Directory Services]; Site - Name of Site

Setp Two :- How to check LDAP server & its Priority & Port in your Domain

  • Open Command Prompt - Start - CMD - Right click and say Run as Administration
  • Enter Administrator passwrd and you'll get Command Prompt
  • Type - nslookup & Press Enter
  • You'll be at nslookup prompt, Like this :- >
  • At nslookup prompt type - set type=all
  • You'll be back on nslookup prompt again, then execute below command to find LDAP server & its priority & port number

Here :- is your domain name; Also very important you need to specify sign like _ & .
any mistake will not execute result.

Result would be like as below  SRV service location:

priority = 0

weight = 100

port = 389

svr hostname = - This is your complete FQDN of your LDAP server  internet address =   - This is your LDAP Internet Address

Feel free to raise any queries  
Happy to help you  
I Thank You for your time

Add DNS forwarder to 2003 Domain controller

Add DNS forwarder to 2003 Domain controller

1. Connect to DNS server with RDP

2. Launch DNS management from administrative tools

3. Right click the root of the DNS server and select properties

4. Select the forwarders tab

5. Select “All other DNS domains” and add the IP of server (DNS) into the new domain forwarder IP field

6. Click Add and then Ok.

7. Launch nslookup on your DNS server & try to resolve your added DNS server entry.

8. If not getting resolved, please flush DNS entries on your DNS server and try again, it will resolve the added DNS server entry.

I Thank You for your time

Saturday, January 19, 2013

Convert To A Dynamic Disk In Windows Server 2003

Windows Server 2003 supports two different types of disks: basic disks and dynamic disks. All disk devices added to a computer are basic disks until they are converted to dynamic. You may be asking why you would want to convert to your disks from basic to dynamic. Well the answer is that dynamic disks include features that are not available under basic disks such as the ability to create volumes that span multiple disks and the ability to extend a volume.

It is a relatively simple process to convert from basic to dynamic. You can do so through the Computer Management console as outlined below. However, keep the following points in mind before you proceed:
  • There must be at least 1 MB of free space on the disk you are converting
  • You will not lose any data by converting to a dynamic disk
  • Dynamic disks are not supported by mobile computers
  • Pre-windows 2000 operating systems do not supported dynamic disks
How to Create Basic Disk to Dynamic Disk :-
  1. Right click My Computer and click Manage
  2. Click Disk Management.
  3. In the right pane, right click the disk you want to convert and click Convert to Dynamic Disk.
  4. Place a check beside the disk you want to convert. Click OK.
  5. Click Convert.
  6. Click Yes.
  7. Click OK.

I Thank You  for your time

Use the Dell ExtPart utility to expand your Window partitions

Hi People,

You can use Dell ExtPart utility to expand your windows partition without any downtime.

You can download this tool from :-

This simple utility lets you grow basic disks in Windows operating system. I myself have only used it to extend the system disk C:\ on a Windows 2003 server, and it worked without a hitch.

How to use this Utility :- 

Step 1. Power down your virtual machine so you can grow your HDD in "edit settings" (Note that you can not have snapshots saved as you cant resize your virtual disk if you do)

Step 2. Once you have grown your virtual disk, power on your virtual machine and check in DiskManager that you have unallocated space next to the disk you intend to expand

Step 3. Extract the Dell ExtPart utility and then start cmd.exe since this a cmd based tool

Step 4. Simply grow your disk the following syntax:

extpart partition: size

The size is given in MB and dont forget the :

An example :

extpart c: 1024 (This grows my system partition with 1 GB)

Feel Free to go and browse more details on this 

I Thank You for your time


Friday, January 11, 2013

Important files and commands in Linux 6

Hello people

While practicing RHEL6, I found couple of commands, that can be used frequently in Linux system administration or they can be very useful, when we wish to change some settings related to hostname, NIS domain, DNS, adding DNS entries like IP address and all.

Note :- all commands that we perform or run on Linux are case sensitive and even small space does make a difference.

Here we go

  • vim /etc/sysconfig/network
When you enter this command at root # prompt, you can change or modify settings of IPV4 & IPV6

by defult you will see NETWORKING=yes :- this is IPV4 state
if you wish to change it to IPV6 modify it to :- NETWWORKING_init6=yes & you are done with it.

You can also add your hostname & NIS domain name here in this file

Make sure (vim) is a eidtor, it has command mode, execution mode, so when you wish to modify this file, Please type (i) and can write / modify

Save and exit by :- Esc - semi co symbol (:) - wq (write & quit)

You'll be out of this file, to implement changes you restart your network service or system

by command - service network restart OR reboot

to check and confirm, you can also use command

# cat /etc/sysconfig/network

This command will only execute the content, you won't be able to modify it. For modification use above command.

  • vim /etc/sysconfig/network-scripts.ifcfg.eth0

here - eth0 - is NIC card one which is installed in my Linux 6, so when you have another NIC card it will be eth1

Simple understanding Ethernet Wired Card - eth & Wireless Card - wlan

Linux OS works on some different concept so when you add IP address through (ifconfig command)
it stores IP address temporary & also the NIC card get down after network service restart or system reboot.

In above command we can set following things like

ONBOOT=yes :- This keeps NIC alive even after network service restart / system reboot; If you say (no) it will bring the NIC card down after network service restart or system reboot

You can mention your system IP address & Netmask / Subnet Mask also

You can eneable IPV6=enable

USERCTL :- Thsi option is to ensure that no user other than root, can access this file. Ofcourse you can modify this option, however not recommended under system administration.

Please don't forget to restart you network service / system reboot to implement changes

  • vim /etc/hosts
This file is to add / modify IP address or FQDN in Linux, same like what we have in Windows

after adding data to this fiule, restart your system / network service

  • vim /etc/resolv.conf

This is usually used by DNS client to contact other DNS server in our Infrastructure, Only you should know the IP address / FQDN of that DNS server

so when you wish to add IP address say :- nameserver OR DOMAIN

save and exit this file, restart your network service / system & done with it

Also ensure, if you add # before any of the entries, that you do in all vim commands, they will be considered as disabled.
So if you wish to disable a perticular entry, just add # before that entry or can delete that entry.

I Thank you for your time & Happy to help you

Thursday, January 10, 2013

Linux Basic Networking Commands

Linux Basic Networking Commands

hostname :- can display /change hostname temporary, after system reatrt it will take previous hostname / or hostname which is their in /etc/sysconfig/network

ifconfig :- Display NIC card info, number of cards installed /enabled in Linux (eth0 - Ethernet Card & wlan0 - Wireless Card)

setup :- utility to add/change/modify NIC,Firewall, Keybard settings

ifup / ifdown :- Enabled / Disabled NIC - as per word (ifup eth0 -enabled / ifdown etho -disabled)

system-config-network :- utility to add/change/modify NIC,Firewall, Keybard settings

system-config-network-tui (tui -text user interface) :- same utility as above

ethtool :- this tool display information of your NIC card - so ethtool eth0/wlan0

mii-tool :- to check the cable connectivity of NIC

system-config-network-gui(gui - Graphis User Interface):- utility to add/change/modify
NIC,Firewall, Keybard settings -however it requires graphical user interface

lokkit :- utility to enable or diable firewall

Note :- commands are case senstive in Linux /Unix. Also after any network change it is recommended to restart "network / NetworkManager" service like service network restart

Linux File System Diagram

Wednesday, January 9, 2013

What is Runlevel in Linux

What is RunLevel ?

A runlevel is a preset operating state on a Unix-like operating system.

A system can be booted into (i.e., started up into) any of several runlevels, each of which is represented by a single digit integer. Each runlevel designates a different system configuration and allows access to a different combination of processes (i.e., instances of executing programs).

The are differences in the runlevels according to the operating system. Seven runlevels are supported in the standard Linux kernel (i.e., core of the operating system). They are:

0 - System halt; no activity, the system can be safely powered down. 
1 - Single user; rarely used. 
2 - Multiple users, no NFS (network filesystem); also used rarely. 
3 - Multiple users, command line (i.e., all-text mode) interface; the standard runlevel for most Linux-based server hardware. 
4 - User-definable 
5 - Multiple users, GUI (graphical user interface); the standard runlevel for most Linux-based desktop systems. 
6 - Reboot; used when restarting the system.

By default Linux boots either to runlevel 3 or to runlevel 5. The former permits the system to run all services except for a GUI. The latter allows all services including a GUI.

In addition to the standard runlevels, users can modify the preset runlevels or even create new ones if desired. Runlevels 2 and 4 are usually used for user defined runlevels.

The program responsible for altering the runlevel is init, and it can be called using the telinit command. For example, changing from runlevel 3 to runlevel 5, which allows the GUI to be started, can be accomplished by the root (i.e., administrative) user by issuing the following command:

telinit 5

Booting into a different runlevel can help solve certain problems. For example, if a change made in the X Window System configuration on a machine that has been set up to boot into a GUI has rendered the system unusable, it is possible to temporarily boot into a console (i.e., all-text mode) runlevel (i.e., runlevels 3 or 1) in order to repair the error and then reboot into the GUI. The X Window System is a widely used system for managing GUIs on single computers and on networks of computers.

Likewise, if a machine will not boot due to a damaged configuration file or will not allow logging in because of a corrupted /etc/passwd file (which stores user names and other data about users) or because of a forgotten password, the problem can solved by first booting into single-user mode (i.e. runlevel 1).

The runlevel command can be used to find both the current runlevel and the previous runlevel by merely typing the following and pressing the Enter key:


The runlevel executable file (i.e., the ready-to-run form of the program) is typically located in the /sbin directory, which contains mostly administrative tools and which by default is not in the user's PATH (i.e., the list of directories in which the system searches for programs). Thus, it is usually necessary to type the full path of the command as shown above rather than just the name of the command itself.

The default runlevel for a system is specified in the /etc/inittab file, which will contain an entry such as id:3:initdefault: if the system starts in runlevel 3, or id:5:initdefault: if it starts in runlevel 5. This file can be easily (and safely) read with a command such as cat, i.e.,

cat /etc/inittab

As an alternative to telinit, the runlevel into which the system boots can be changed by modifying /etc/inittab manually with a text editor. However, it is generally easier and safer (i.e., less chance of accidental damage to the file) to use telinit. It is always wise to make a backup copy of /etc/inittab or any other configuration file before attempting to modify it manually.

How to unmount external / internal devices in Linux

How to unmount external / internal devices in Linux :-

Unmounting is done with the umount command. No, I didn't make a typo: the command really is umount, not unmount.
When unmounting, you'll need to tell umount what mounted device to unmount, either by telling what's the device or the mount point. For example, if /dev/fd0 is mounted to /mnt/floppy, you'll unmount it with

$ umount /mnt/floppy
$ umount /dev/fd0

It's not wise to remove the floppy from the floppy drive without unmounting it first! In the worst case the data you were writing to the floppy wasn't written into it yet. With CD-ROMs you can't do this: the tray won't even open if you haven't unmounted the CD first.

How to mount external / internal devices in Linux

How to mount external / internal devices in Linux :-

Mounting is done with the mount command.
When mounting, you must tell the mount command what is the device or partition you want to mount and what is the mount point. The mount point must be a directory that already exists on your system. For example, to mount your floppy:

$ mount /dev/fd0 /mnt/floppy

In this example, /dev/fd0 is your floppy drive, and /mnt/floppy is the mount point. Now when you access /mnt/floppy, you'll actually access the files on your floppy.
Usually /dev/fd0 is your floppy drive, although some distros are configured so that /dev/floppy is the same thing as /dev/fd0. Usually your CD-ROM is configured the same way: /dev/cdrom is your CD-ROM device (or, more specifically, /dev/floppy is a symbolic link to your actual floppy drive, and /dev/cdrom is a symbolic link to your CD-ROM drive).

What is mounting in Linux Operating System

What is mounting  in Linux Operating System ?

As you know, you can store your data in different physical storage devices, like floppies, CD-ROMs, and hard disk drives. Your hard disk or disks are also very likely split up into different partitions with different filesystems.
If you're migrating to Linux from Microsoft Windows, you're probably used to accessing all your filesystems very easily: you just boot up your puter, go to My Computer, and find all your Windows partitions there immediately. For example, if you have a second hard drive (or a second Windows partition), it automatically appears as D:\ and you can immediately access it. The same goes for floppies, CD-ROMs, digital cameras, and other storage devices - you just plug them in, and you'll be able to immediately access them. However, this isn't the case in Linux.
You're probably a bit confused at first: you put your floppy or CD into the drive and start wondering why you're not able to access it! This is because your floppies, CDs, hard disk partitions, and other storage devices must be attached to some existing directory on your system before they can be accessed. This attaching is called mounting, and the directory where the device is attached is called a mount point.
After the device is mounted, you can access the files on that device by accessing the directory where the device is attached. When you're done and want to remove the floppy or CD or other device, you need to detach, unmount, it before removing it.

What is GRUB & How does it Work

GRUB :- GRand Unified Bootloader

GNU GRUB is a bootloader (can also be spelled boot loader) capable of loading a variety of free and proprietary operating systems. GRUB will work well with Linux, DOS, Windows, or BSD. GRUB stands for GRand Unified Bootloader.

GRUB is dynamically configurable. This means that the user can make changes during the boot time, which include altering existing boot entries, adding new, custom entries, selecting different kernels, or modifying initrd. GRUB also supports Logical Block Address mode. This means that if your computer has a fairly modern BIOS that can access more than 8GB (first 1024 cylinders) of hard disk space, GRUB will automatically be able to access all of it.

GRUB can be run from or be installed to any device (floppy disk, hard disk, CD-ROM, USB drive, network drive) and can load operating systems from just as many locations, including network drives. It can also decompress operating system images before booting them.

How does GRUB work?

When a computer boots, the BIOS transfers control to the first boot device, which can be a hard disk, a floppy disk, a CD-ROM, or any other BIOS-recognized device. We'll concentrate on hard disks, for the sake of simplicity.

The first sector on a hard is called the Master Boot Record (MBR). This sector is only 512 bytes long and contains a small piece of code (446 bytes) called the primary boot loader and the partition table (64 bytes) describing the primary and extended partitions.

By default, MBR code looks for the partition marked as active and once such a partition is found, it loads its boot sector into memory and passes control to it.

GRUB replaces the default MBR with its own code.

Furthermore, GRUB works in stages.

Stage 1 is located in the MBR and mainly points to Stage 2, since the MBR is too small to contain all of the needed data.

Stage 2 points to its configuration file, which contains all of the complex user interface and options we are normally familiar with when talking about GRUB. Stage 2 can be located anywhere on the disk. If Stage 2 cannot find its configuration table, GRUB will cease the boot sequence and present the user with a command line for manual configuration.

Stage 1.5 also exists and might be used if the boot information is small enough to fit in the area immediately after MBR.

The Stage architecture allows GRUB to be large (~20-30K) and therefore fairly complex and highly configurable, compared to most bootloaders, which are sparse and simple to fit within the limitations of the Partition Table.

Linux Directory Structure

< / >

The root directory. The starting point of your directory structure. This is where the Linux system begins. Every other file and directory on your system is under the root directory. Usually the root directory contains only subdirectories, so it's a bad idea to store single files directly under root.

Don't confuse the root directory with the root user account, root password (which obviously is the root user's password) or root user's home directory.

< /boot >

As the name suggests, this is the place where Linux keeps information that it needs when booting up. For example, this is where the Linux kernel is kept. If you list the contents of /boot, you'll see a file called vmlinuz - that's the kernel.

< /etc >

The configuration files for the Linux system. Most of these files are text files and can be edited by hand. Some interesting stuff in this directory:


A text file that describes what processes are started at system bootup and during normal operation. For example, here you can determine if you want the X Window System to start automatically at bootup, and configure what happens when a user presses Ctrl+Alt+Del.


This file contains descriptive information about the various file systems and their mount points, like floppies, cdroms, and so on.


A file that contains various pieces of information for each user account. This is where the users are defined.

< /bin, /usr/bin >

These two directories contain a lot of programs (binaries, hence the directory's name) for the system. The /bin directory contains the most important programs that the system needs to operate, such as the shells, ls, grep, and other essential things. /usr/bin in turn contains applications for the system's users. However, in some cases it really doesn't make much difference if you put the program in /bin or /usr/bin.

< /sbin, /usr/sbin >

Most system administration programs are stored in these directories. In many cases you must run these programs as the root user.

< /usr >

This directory contains user applications and a variety of other things for them, like their source codes, and pictures, docs, or config files they use. /usr is the largest directory on a Linux system, and some people like to have it on a separate partition. Some interesting stuff in /usr:


Documentation for the user apps, in many file formats.


Config files and graphics for many user apps.


Source code files for the system's software, including the Linux kernel.


Header files for the C compiler. The header files define structures and constants that are needed for building most standard programs. A subdirectory under /usr/include contains headers for the C++ compiler.


The X Window System and things for it. The subdirectories under /usr/X11R6 may contain some X binaries themselves, as well as documentation, header files, config files, icons, sounds, and other things related to the graphical programs.

< /usr/local >

This is where you install apps and other files for use on the local machine. If your machine is a part of a network, the /usr directory may physically be on another machine and can be shared by many networked Linux workstations. On this kind of a network, the /usr/local directory contains only stuff that is not supposed to be used on many machines and is intended for use at the local machine only.

Most likely your machine isn't a part of a network like this, but it doesn't mean that /usr/local is useless. If you find interesting apps that aren't officially a part of your distro, you should install them in /usr/local. For example, if the app would normally go to /usr/bin but it isn't a part of your distro, you should install it in /usr/local/bin instead. When you keep your own programs away from the programs that are included in your distro, you'll avoid confusion and keep things nice and clean.

< /lib >

The shared libraries for programs that are dynamically linked. The shared libraries are similar to DLL's on Winblows.

< /home >

This is where users keep their personal files. Every user has their own directory under /home, and usually it's the only place where normal users are allowed to write files. You can configure a Linux system so that normal users can't even list the contents of other users' home directories. This means that if your family members have their own user accounts on your Linux system, they won't see all the w4r3z you keep in your home directory. ;-)

< /root >

The superuser's (root's) home directory. Don't confuse this with the root directory (/) of a Linux system.

< /var >

This directory contains variable data that changes constantly when the system is running. Some interesting subdirectories:


A directory that contains system log files. They're updated when the system runs, and checking them out can give you valuable info about the health of your system. If something in your system suddenly goes wrong, the log files may contain some info about the situation.


Incoming and outgoing mail is stored in this directory.


This directory holds files that are queued for some process, like printing.

< /tmp >

Programs can write their temporary files here.

< /dev >

The devices that are available to a Linux system. Remember that in Linux, devices are treated like files and you can read and write devices like they were files. For example, /dev/fd0 is your first floppy drive, /dev/cdrom is your CD drive, /dev/hda is the first IDE hard drive, and so on. All the devices that a Linux kernel can understand are located under /dev, and that's why it contains hundreds of entries.

< /mnt >

This directory is used for mount points. The different physical storage devices (like the hard disk drives, floppies, CD-ROM's) must be attached to some directory in the file system tree before they can be accessed. This attaching is called mounting, and the directory where the device is attached is called the mount point.

The /mnt directory contains mount points for different devices, like /mnt/floppy for the floppy drive, /mnt/cdrom for the CD-ROM, and so on. However, you're not forced to use the /mnt directory for this purpose, you can use whatever directory you wish. Actually in some distros, like Debian and SuSE, the default is to use /floppy and /cdrom as mount points instead of directories under /mnt.

< /proc >

This is a special directory. Well, actually /proc is just a virtual directory, because it doesn't exist at all! It contains some info about the kernel itself. There's a bunch of numbered entries that correspond to all processes running on the system, and there are also named entries that permit access to the current configuration of the system. Many of these entries can be viewed.

< /lost+found >

Here Linux keeps the files that it restores after a system crash or when a partition hasn't been unmounted before a system shutdown. This way you can recover files that would otherwise have been lost.

Linux Boot Process

The following are the 6 high level stages of a typical Linux boot process.


BIOS stands for Basic Input/Output System

Performs some system integrity checks

Searches, loads, and executes the boot loader program.

It looks for boot loader in floppy, cd-rom, or hard drive. You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.

Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.

So, in simple terms BIOS loads and executes the MBR boot loader.

2. MBR

MBR stands for Master Boot Record.

It is located in the 1st sector of the bootable disk. Typically /dev/hda, or /dev/sda

MBR is less than 512 bytes in size. This has three components 1) primary boot loader info in 1st 446 bytes 2) partition table info in next 64 bytes 3) mbr validation check in last 2 bytes.

It contains information about GRUB (or LILO in old systems).

So, in simple terms MBR loads and executes the GRUB boot loader.


GRUB stands for Grand Unified Bootloader.

If you have multiple kernel images installed on your system, you can choose which one to be executed.

GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.

GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).

Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this). The following is sample grub.conf of CentOS.






title CentOS (2.6.18-194.el5PAE)

root (hd0,0)

kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/

initrd /boot/initrd-2.6.18-194.el5PAE.img

As you notice from the above info, it contains kernel and initrd image.

So, in simple terms GRUB just loads and executes Kernel and initrd images.

4. Kernel

Mounts the root file system as specified in the “root=” in grub.conf

Kernel executes the /sbin/init program

Since init was the 1st program to be executed by Linux Kernel, it has the process id (PID) of 1. Do a ‘ps -ef
grep init’ and check the pid.

initrd stands for Initial RAM Disk.

initrd is used by kernel as temporary root file system until kernel is booted and the real root file system is mounted. It also contains necessary drivers compiled inside, which helps it to access the hard drive partitions, and other hardware.

5. Init

Looks at the /etc/inittab file to decide the Linux run level.

Following are the available run levels

0 – halt

1 – Single user mode

2 – Multiuser, without NFS

3 – Full multiuser mode

4 – unused

5 – X11

6 – reboot

Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.

Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level

If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.

Typically you would set the default run level to either 3 or 5.

6. Runlevel programs

When the Linux system is booting up, you might see various services getting started. For example, it might say “starting sendmail …. OK”. Those are the runlevel programs, executed from the run level directory as defined by your run level.

Depending on your default init level setting, the system will execute the programs from one of the following directories.

Run level 0 – /etc/rc.d/rc0.d/

Run level 1 – /etc/rc.d/rc1.d/

Run level 2 – /etc/rc.d/rc2.d/

Run level 3 – /etc/rc.d/rc3.d/

Run level 4 – /etc/rc.d/rc4.d/

Run level 5 – /etc/rc.d/rc5.d/

Run level 6 – /etc/rc.d/rc6.d/

Please note that there are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.

Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.

Programs starts with S are used during startup. S for startup.

Programs starts with K are used during shutdown. K for kill.

There are numbers right next to S and K in the program names. Those are the sequence number in which the programs should be started or killed.

For example, S12syslog is to start the syslog deamon, which has the sequence number of 12. S80sendmail is to start the sendmail daemon, which has the sequence number of 80. So, syslog program will be started before sendmail.