What is the use of SYSLINUX

In particular, 'Syslinux' is a collection of boot loaders that includes 'SYSLINUX', 'ISOLINUX', 'EXTLINUX' and 'PXELINUX'

syslinux has pretty much taken a more minimalist approach, whereas GRUB was much more extensive. GRUB also supports different filesystems through the use of a secondary loader. If memory serves, syslinux supports a few formats and doesn't require a secondary boot loader.

If you want to install a Linux distribution on a local drive, use GRUB. If you want to create a bootable media, use Syslinux. This is not a general recipe, as you can use Syslinux on local installs.

Syslinux isn’t a single bootloader, rather it is a collection of lightweight bootloaders. SYSLINUX is a boot loader for the Linux operating system which runs on an MS-DOS/Windows FAT filesystem. It is intended to simplify first-time installation of Linux, and for creation of rescue and other special purpose boot disks.

GRUB was initially developed by Erich Boleyn as part of work on booting the operating system GNU/Hurd, developed by the Free Software Foundation. In 1999, Gordon Matzigkeit and Yoshinori K. Okuji made GRUB an official software package of the GNU Project and opened the development process to the public

What is DD command and what is the use of DD command

dd “data duplicator” -  Will be used for copying and converting data.

Below are the some of the tasks

1) Backup and restore the entire hard disk or partition.

2) Wipe/delete content of a disk so that it will be empty for some one to use it.

3) Backing Up and Restoring MBR (Master Boot Record)

4) Convert lower case to upper case and vice versa

5) It can also be used by Linux kernel make files to make boot images.

SYNTAX

dd if=<source file name> of=<target file name> [Options]

1) Backup and restore the entire hard disk or partition.

Clone one hard disk to another hard disk. This is useful when we are building many machines with same configuration. We no need to install OS on all the machines. Just install OS and required software on machine then clone with below example.

dd if=/dev/sda of=/dev/sdb

EXAMPLE-2:

To create a disk image. 

# dd if=/dev/sda of=/tmp/sdadisk.img

The above creates the image of a harddisk /dev/hda. Backing up a disk to an image will be faster than copying the exact data. Also, disk image make the restoration much more easier.

EXAMPLE-3:

To create a compressed disk image.

# dd if=/dev/sda | gzip >/tmp/sdadisk.img.gz

EXAMPLE-4:

To restore hard disk image.

# dd if=hdadisk.img of=/dev/hdb

The image file hdadisk.img file, is the image of a /dev/hda, so the above command will restore the image of /dev/hda to /dev/hdb.

2) Deleting the Data from Disk

a) Wipe/delete content of a disk so that it will be empty for some one to use it.

# dd if=/dev/zero of=/dev/sdb

b) What to hide your ass by deleting your personal data. Many people think if we do rm -rf /<your data> will do the needful. But we can recover those deletion by using disk recovery tools like Photorec or some forensic tools. But if you want some not to recover your data you have to write random data on your partition where you data resides.

dd if=/dev/random of=/dev/sdb

3. Backing up and restoring MBR

As you are aware MBR makes up the first 512 bytes of the disk, in which 466 bytes about boot loader info. The additional space will be used to store the partition table for that drive.  If MBR gets corrupted, we will not be able to boot into Linux.

a. Backing up MBR

Because the MBR makes up the first 512 bytes of the disk, we just need to copy that block size

# dd if=/dev/sda of=/tmp/sdambr.img bs=512 count=1

With the count=1 and bs=512, only 512 bytes will be copied which corr

b. Backing up the boot data of MBR excluding the partition table

The MBR 512 bytes data is located at the first sector of the hard disk. It consists of 446 bytes bootstrap, 64 bytes partition table and 2 bytes signature. It means that we can exclude the partition table and bytes signature while backing up the MBR with conserving only a block size equal to the bootstrap size.

# dd if=/dev/sda of=/tmp/sdambr2.img bs=446 count=1

c. Restoring MBR from MBR image

You can restore your MBR as shown on the previous commands with

# dd if=/tmp/sdambr.img of=/dev/sda

4. Converting case of a file

dd command can be also used for an amazing thing. It can convert all text (alphabets) in a file to upper or lower case and vice versa. For the example below, we will have a file for the tests.

# cat file10

test dd convert

a. Converting a file to uppercase

Because our text file example is on lowercase, we will convert it to uppercase

# dd if=~/file10 of=~/file20 conv=ucase

The command will create the new file indicated. See that now conv option takes ucase value. Let's check the result

# cat file20

TEST DD CONVERT

b. Converting a file to lowercase

Now we will do the reverse operation which will convert to lowercase

# dd if=~/file20 of=~/file30 conv=lcase

See that we use lcase of conv option to convert from upper case to lower case.

# cat file30

test dd convert

Note: dd command does not convert the file names, only its content

2. Creating virtual filesystem and backup images of CD or DVDs as iso files

You can need to create a virtual filesystem on Linux for some reasons as creating a virtual machine on your Linux host. You can also need to create a backup iso image of a CD or DVD

a. Creating a virtual filesystem

A virtual filesystem is a filesystem that exists in a file, which in turn exists on a physical disk. You can need it to create for example an additional swap or loop device or a virtual machine. We need /dev/zero which is a file used to create a file with no data but with required size (a file with all zero’s). In other words, this will create a data file with all zeros in the file which will give the size to a file.

# dd if=/dev/zero of=/file bs=1024K count=500

500+0 records in

500+0 records out

524288000 bytes (524 MB) copied, 1.21755 s, 431 MB/s

The option count refers to the number of input blocks to be copied. Combined with block size value, it indicates the total size to copy. For example bs=1024k and count=500 give a size=1024K*500 =524288000 bytes =524MB

Now let's check the size of our file

# ls -lh /file

-rw-r--r-- 1 root root 500M May 17 18:57 /file

You can see that we have our virtual filesystem created with the size indicated. You can now use it to create loop device or a virtual disk or anything else.

b. Modify the first 512 bytes of a file with null data

If during the operation you indicate an existing output file, you will lose its data. For some reasons, you can need to replace a block size of the output file.

#dd if=/dev/zero of=file1 bs=512 count=1 conv=notrunc

The notrunc option refers to do not truncate the file, only replace the first 512 bytes, if it exists. Otherwise, you will get a 512 byte file

c. Creating a backup iso image of CD or DVD

You may wonder why not just copy the contents of your CD to a directory. How would you handle the boot sector of a CD? You can’t find that as a file on the device because it’s just the first sector. Because dd copies sector by sector, on the other hand, it will copy that information as well.

# dd if=/dev/cdrom of=/mycd.iso

You need to know that you have to use the -o loop option, which allows you to mount a file like any normal device. So, to mount /mycd.iso on the /mnt/cd directory, do as below

How to create a PXE Boot server.

How to create a PXE ( Preboot eXecution Environment ) boot server

Pre-requisites

1) dhcp

2) tftp-server

3) syslinux

4) http/ftp (any one)

dhcp packages    : dhcp-3.0.7-7.5.20.x86_64.rpm & dhcp-server-3.0.7-7.5.20.x86_64.rpm

tftpboot package  : tftp-0.48-1.6.x86_64.rpm
pxeboot package : syslinux-3.11-20.14.26.x86_64.rpm

1) Prepare installation media on PXE server

2) Configure HTTP/FTP server 
3) Configure TFTP server

4) Change the owner and permission for /var/lib/tftpboot directory
5) Enable the tftp service in xinetd
6) Configure DHCP server

1) Prepare installation media on PXE server

Next we need to copy all the files from the installation media(CD/DVD,ISO) to our PXE server.

You can also mount the media file on the PXE server in case you don't want to copy all the files but using that way you will only be able to configure your PXE server for one OS. For configuring multiple OS you will have to copy the OS files into separate directory for different OS.

In below example we will be configuring a PXE server to install CentOS 6.2

Let us create separate directory to save all the installation files

# mkdir -p /var/lib/tftpboot/images/centos/6/i386/

# mkdir -p /var/lib/tftpboot/images/centos/6/x86_64/

To skip the lenghty process as of now we will just mount the dvd to relevant destination.

# mount /dev/sr0 /var/lib/tftpboot/images/centos/6/i386/

2) Configure HTTP/FTP server

You can use either HTTP/FTP servers for your purpose. But I will show you the configuration of all three so that you can choose any one as per your requirement.

With HTTP server

# vi /etc/httpd/conf/httpd.conf

At the end of the file add the following lines

<VirtualHost 192.168.1.6:80>

    ServerAdmin root@test.example.com

    DocumentRoot /var/lib/tftpboot/images

    ServerName test.example.com

    ErrorLog logs/test.example.com-error_log

    CustomLog logs/test.example.com-access_log common

</VirtualHost>

<Directory /var/lib/tftpboot/images>

AllowOverride None

Options Indexes FollowSymlinks

Order allow,deny

Allow from all

</Directory>

3) Configure TFTP server (Installing syslinux package)

Tftp configuration includes installation of syslinux package, pxelinux.0 file will be created under /usr/share/pxelinux/ directory. This is required to load,install kernel and initrd images on the client machine.

Once these packages are installed copy the below files from the specified directory to /var/lib/tftpboot

# cp /usr/share/syslinux/pxelinux.0     /var/lib/tftpboot/

# cp /usr/share/syslinux/chain.c32     /var/lib/tftpboot/

# cp /usr/share/syslinux/menu.c32     /var/lib/tftpboot/

# cp /usr/share/syslinux/memdisk     /var/lib/tftpboot/

# cp /usr/share/syslinux/mboot.c32     /var/lib/tftpboot/

Next we will create the configuration file required for tftp server

# mkdir /var/lib/tftpboot/pxelinux.cfg

Create a new file "default" under "/var/lib/tftpboot/pxelinux.cfg" folder and add the below entries.

For HTTP server

# vi /var/lib/tftpboot/pxelinux.cfg/default

DEFAULT menu.c32

PROMPT 0

TIMEOUT 100

ONTIMEOUT Local

MENU TITLE PXE Menu

MENU seperator

LABEL CentOS 6.2

KERNEL images/centos/6/i386/images/pxeboot/vmlinuz

APPEND initrd=images/centos/6/i386/images/pxeboot/initrd.img method=http://192.168.1.6/centos/6/i386 devfs=nomount

MENU seperator

LABEL Local

LOCALBOOT 0Here two things which you need to change

KERNEL - defines the location from where the PXELINUX bootloader will load

APPEND - defines the location for PXE initrd image file to load

For FTP server

There is not much change for ftp server just replace the below line in the above file

APPEND initrd=images/centos/6/i386/images/pxeboot/initrd.img method=ftp://192.168.1.6/centos/6/i386 devfs=nomount

4) Change the owner and permission for /tftpboot directory

Assign nobody:nobody to /var/lib/tftpboot directory.

# chown nobody:nobody /var/lib//tftpboot

# chmod 777 /var/lib//tftpboot

5) Enable the tftp service in xinetd

# vi /etc/xinetd.d/tftp

service tftp

{

        socket_type             = dgram

        protocol                = udp

        wait                    = yes

        user                    = root

        server                  = /usr/sbin/in.tftpd

        server_args             = -s /var/lib/tftpboot

        disable                 = no

        per_source              = 11

        cps                     = 100 2

        flags                   = IPv4

}

Restart the relevant services

# /etc/init.d/xinetd restart

Stopping xinetd:                                           [  OK  ]

Starting xinetd:                                           [  OK  ]

6) Configure DHCP server

# vi /etc/dhcp/dhcpd.conf

option domain-name "example.com";

option domain-name-servers test.example.com;

default-lease-time 600;

max-lease-time 7200;

authoritative;

subnet 192.168.1.0 netmask 255.255.255.0 {

range dynamic-bootp 192.168.1.20 192.168.1.25;

option broadcast-address 192.168.1.255;

option routers 192.168.1.1;

  allow booting;

        allow bootp;

        next-server 192.168.1.6;

        filename "pxelinux.0";

}

IMPORTANT NOTE: In your dhcp server make sure you add these lines

        next-server 192.168.1.6;

        filename "pxelinux.0";

as these define the address of your tftp server and the file to look for after getting the IP Address from dhcp server

Restart the relevant services

# service dhcpd restart

Shutting down dhcpd:                                       [  OK  ]

Starting dhcpd:                                            [  OK  ]

Make sure the services start after reboot

# chkconfig httpd on

# chkconfig xinetd on

# chkconfig dhcpd on

TIPS: 

next-server : statement is  used  to  specify  the  host address  of  the  server  from which the initial boot file (specified in the filename statement)  is  to  be  loaded. Server-name  should  be  a  numeric IP address or a domain name.

filename : option should be the name of the file which will be retrieved via TFTP the client filename pxelinux.0 is a boot loader.

Iptables rules

For DHCP server

# iptables -I INPUT -m state --state NEW -p udp --dport 69 -j ACCEPT

For HTTP server

# iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT

For FTP server

# iptables -I INPUT -m state --state NEW -p tcp --dport 21 -j ACCEPT

You are all set to test your PXE server. Boot a machine and select the option of Network Boot from Bios. You should see the below screen.

How PXE Boot Works and what is the use of TFTP and FTP/HTTP in PXE Boot

The PXE environment relies on a combination of UDP/IP, DHCP and TFTP. These are selected as they can be easily implemented in the client's NIC firmware, resulting in standardized small-footprint PXE ROMs. 

DHCP is used to provide the appropriate client network parameters and specifically the location (IP address) of the TFTP server hosting, ready for download, the initial bootstrap program (NBP) and complementary files. To initiate a PXE bootstrap session the DHCP component of the client's PXE firmware broadcasts a DHCPDISCOVER packet containing PXE-specific options to port 67/UDP (DHCP server port); it asks for the required network configuration and network booting parameters. The PXE-specific options identify the initiated DHCP transaction as a PXE transaction. Standard DHCP servers (non PXE enabled) will be able to answer with a regular DHCPOFFER carrying networking information (i.e. IP address) but not the PXE specific parameters. A PXE client will not be able to boot if it only receives an answer from a non PXE enabled DHCP server.

After parsing a PXE enabled DHCP server DHCPOFFER, the client will be able to set its own network IP address, IP Mask, etc., and to point to the network located booting resources, based on the received TFTP Server IP address and the name of the NBP. The client next transfers the NBP into its own random-access memory (RAM) using TFTP, possibly verifies it (i.e. UEFI Secure Boot), and finally boots from it. NBPs are just the first link in the boot chain process and they generally request via TFTP a small set of complementary files in order to get running a minimalistic OS executive (i.e. WindowsPE, or a basic Linux kernel+initrd). The small OS executive loads its own network drivers and TCP/IP stack. At this point, the remaining instructions required to boot or install a full OS are provided not over TFTP, but using a robust transfer protocol (such as HTTP, CIFS, or NFS).

What is VMLINUZ and Difference between VMLINUZ and INITRD

Difference between initrd and vmlinuz

vmlinuz:

vmlinuz is the name of the Linux kernel executable. vmlinuz is a compressed Linux kernel, and it loads the OS into memory so that the server becomes usable.

vmlinuz = Virtual Memory LINUx gZip = Compressed  Bootable Linux kernel Executable

vmlinux = Virtual Memory LINUX = Non-compressed Non-Bootable Linux Kernel Executable

At the head of the kernel image (vmlinuz) is a routine that does some minimal amount of hardware setup and then decompresses the kernel contained within the kernel image and places it into high memory. 

If an initial RAM disk image (initrd) is present, this routine moves it into memory (or we can say extract the compressed ramdisk image in to the real memory) and notes it for later use. The routine then calls the kernel and the kernel boot begins.

vmlinuz is located in the /boot directory, which is the directory that contains the files needed to begin booting the system. The file named vmlinuz might be the actual kernel executable itself, or it could be a link to the kernel executable, which might bear a name such as /boot/vmlinuz-2.4.18-19.8.0 (i.e., the name of the specific version of the kernel). This can be easily determined by using the ls command (whose purpose is to list the contents of a specified directory) with its -l option (which tells ls to provide detailed information about each object in the specified directory) as follows:

ls -l /boot

If vmlinuz is an ordinary file (including an executable), the information about it in the first column will begin with a hyphen. If it is a link, it will begin with the letter l.

The Linux kernel is compiled by issuing the following command:

make bzImage

This results in the creation of a file named bzImage in a directory such as /usr/src/linux/arch/i386/linux/boot/.

Compilation is the conversion the kernel's source code (i.e., the original form in which the kernel is written by a human) into object code (which is understandable directly by a computer's processor). It is performed by a specialized program called a compiler, usually one in the GCC (GNU Compiler Collection).

bzImage is then copied using the cp (i.e., copy) command to the /boot directory and simultaneously renamed vmlinuz with a command such as

cp /usr/src/linux/arch/i386/linux/boot/bzImage /boot/vmlinuz

vmlinuz is the name of the Linux kernel executable.

A kernel is a program that constitutes the central core of a computer operating system. It is the first thing that is loaded into memory (which physically consists of RAM chips) when a computer is booted up (i.e., started), and it remains in memory for the entire time that the computer is in operation. An executable, also called an executable file, is a file that can be run as a program.

vmlinux is generally just an intermediate step to producing vmlinuz.

initrd:

The initial RAM disk (initrd) is an initial root file system that is mounted prior to when the real rootfile system is available. The initrd is bound to the kernel and loaded as part of the kernel boot procedure. The kernel then mounts this initrd as part of the two-stage boot process to load the modules to make the real file systems available and get at the real root file system.

The initrd contains a minimal set of directories and executables to achieve this, such as the insmod tool to install kernel modules into the kernel.

Anatomy of the initrd:

The initrd image contains the necessary executables and system files to support the second-stageboot of a Linux system. Let see what inside the initrd image file:

Copy initrd image file into test directory & rename it as zip file & unzip that file.

Extract the uncompress initrd image file using cpio command:

Now you will have all the directory structure in the test directory looks like a root (/) file system.

Anatomy of the vmlinuz:

The vmlinuz itself is an executable binary file. Here we use readelf & objdump command to display information about BFD library, Object Header info etc. 

The vmlinuz file contains other things besides the gzipped content, so you need to find out where the gzipped content starts. To do that, use:

image

We are looking for 1f 8b 08 00, which can be found from character 12 onwards, or, at 0013920 + 12 (start counting from 0) = 13932.

Now that we know where the gzipped content starts (at position 13932)  you can use dd to extract that gzipped content and ungzip it.

Difference between FTP and TFTP

Difference between FTP and TFTP

FTP 

FTP stands for File Transfer Protocol. It is used to send/receive file from the remote computer. It is defined in RFC959. FTP establishes two connections between client system and server system, one for control information and the other for data to be transfered. Control information carry commands/response. Authentication need to be done initially by way of validating username and password. Once it is done files can be transferred between two systems. FTP handles both binary and text format files.

When a FTP client requests to connect to the FTP server, a TCP connection is being established to the FTP server's port 21 reserved for FTP. After authentication is done, another TCP connection is being established for the actual data transfer on port number 20.

TFTP

TFTP stands for Trivial File Transfer Protocol. It is defined in RFC783. It is simpler than FTP, does file transfer between client and server process but does not provide user authentication and other useful features supported by FTP. TFTP uses UDP while FTP uses TCP.

As TFTP is unreliable protocol due to UDP, it uses application layer recovery supported by UDP. This is done by embedding a small header between the UDP header and the data. This header incorporates codes for example read,write and acknowledgement along with numbering scheme which numbers 512 bytes of data. These block numbers provided are used to acknowledge the receipt and re-send the data in case of checksum failures. TFTP sends one block and waits on acknowledgement before sending another block.

The default configuration file for tftpd-hpa is /etc/default/tftpd-hpa.

The default root directory where files will be stored is /var/lib/tftpboot.                            

FTP (File Transfer Protocol)	TFTP(Trivial File Transfer Protocol)
It uses TCP port numbers 20 & 21.	It uses UDP port number 69.
It uses TCP as transport layer protocol	It uses UDP as transport layer protocol.
FTP uses robust control commands.	TFTP uses simple control commands.
Sends data over a separate TCP	It uses no connections because UDP is connectionless protocol.
It requires less memory and programming effort.	It requires less memory and programming effort.
It is specified in RFC959 document.	It is specified in RFC959 document.