GRUB (the Grand Unified Boot loader) consists of two stages. The first stage is only 512 bytes long. It is written to the MBR or to the boot sector of a disk partition or floppy disk. The second, larger stage is loaded after that and holds the program code. The only purpose of the first stage is to load the second one.
The second stage contains code for reading file systems. Currently supported are Ext2, Ext3, ReiserFS, JFS, XFS, Minix, and the DOS FAT file system used by Windows. GRUB has the ability to access file systems even before booting is finished, as long as they are on devices handled by the BIOS (floppies or hard disks).
All boot parameters can easily be changed before booting. If, for example, the menu file contains an error, it can be fixed. Boot parameters can be entered interactively at a prompt. GRUB offers the possibility to find the location of the kernel and initrd before booting. With this, you can even boot operating systems for which no entry exists in the boot menu.
GRUB displays a graphical splash screen or a text mode interface with a boot menu. The contents of this screen are controlled by the configuration file /boot/grub/menu.lst. This file contains all the information about the partitions or operating systems that can be selected from the boot menu.
This menu file is loaded by GRUB directly from the file system on each boot, so there is no need to update GRUB when the file has been modified. To reconfigure the boot loader, simply edit the file via YaST or with your favorite editor. Temporary changes can be made in the interactive edit mode.
The menu file contains commands GRUB should execute. Its syntax is quite simple. Each line consists of a command, optionally followed by arguments that must be separated by spaces, as is the case with shell commands. For historical reasons, there are some commands that allow an = before their first argument. Lines beginning with a hash (#) are comments.
To identify the menu item in the menu overview, specify a name or a title for every entry. The text (including any spaces) following the keyword title is displayed as a selectable option in the menu. All commands up to the next title are executed when this menu item is selected.
The simplest case is redirection to boot loaders of other operating systems. The command is chainloader and the argument is usually the boot block in another partition, written in GRUB block notation, for example:
The device naming scheme used by GRUB is explained in Section 126.96.36.199. “Naming Conventions for Hard Disks and Partitions”. The above example specifies the first block of the fourth partition on the first hard disk.
The command for specifying a kernel image is kernel. The first argument is the path to the kernel image on a partition. The remainder are parameters that are passed to the kernel when booting.
If the kernel does not have the needed built-in drivers for accessing the root partition, initrd must be specified. This is a separate GRUB command whose only argument is the path to the initrd file. As the loading address of the initrd is written to the loaded kernel image, the command initrd must follow immediately after the kernel command.
The root command simplifies specification of kernel and initrd files. The only argument for the command root is a device or partition (in GRUB notation). This device is used for all kernel, initrd, or other file paths for which no device is specified. This applies up to the next root command. The command is not used in the default menu.lst file created during the installation. It merely facilitates manual editing.
The boot command is implied and thus automatically executed at the end of each menu entry, so it does not need to be written into the menu file. If entering GRUB commands interactively at the prompt, remember to enter the boot command at the end. The command itself has no arguments. It merely boots the loaded kernel image or chain loader.
Once you have written all your menu entries, specify which entry to use as the default. Otherwise, the first one (number 0) is booted by default. You can also specify a time-out in seconds after which this should occur. The timeout and default usually precede the menu entries. A sample configuration file is described in Section 188.8.131.52. “A Sample Menu File”.
GRUB names hard disks and partitions according to conventions that differ from the Linux device names, such as /dev/hda1. The first hard disk is always referred to as /dev/hd0. The floppy drive is called /dev/fd0. The four primary partitions allowed per disk are numbered from 0 to 3. Logical partitions are counted beginning with 4.
(hd0,0) first primary partition on first hard disk (hd0,1) second primary partition (hd0,2) third primary partition (hd0,3) fourth primary partition (usually an extended partition) (hd0,4) first logical partition (hd0,5) second logical partition ...
GRUB does not distinguish between IDE, SCSI, or RAID devices. All hard disks detected by the BIOS or other disk controllers are counted according to the boot sequence set in the BIOS itself.
The fact that BIOS device names do not correspond to Linux devices is an issue resolved with algorithms that establish a mapping. GRUB stores the result in a file (device.map), which can be edited. For more information about device.map, refer to Section 7.4.2. “The File device.map”.
For GRUB, a file name must be specified as a device name written in parentheses followed by the full path to the file and the file name. The path must always start with a slash. For example, on a system with a single IDE disk and Linux on the first partition, the bootable kernel might be specified with:
The following example shows how the GRUB menu file works. This imaginary machine has a Linux boot partition on /dev/hda5, a root partition on /dev/hda7, and a Windows installation on /dev/hda1.
gfxmenu (hd0,4)/message color white/blue black/light-gray default 0 timeout 8 title linux kernel (hd0,4)/vmlinuz root=/dev/hda7 vga=791 initrd (hd0,4)/initrd title windows chainloader(hd0,0)+1 title floppy chainloader(fd0)+1 title failsafe kernel (hd0,4)/vmlinuz.shipped root=/dev/hda7 ide=nodma \ apm=off acpi=off vga=normal nosmp maxcpus=0 3 initrd (hd0,4)/initrd.shipped
The first part defines the splash screen configuration:
The background image is located on /dev/hda5 and has the name message.
The color scheme: white as normal foreground, blue as normal background, black for the foreground of selected items, and light gray as the selection background. These colors do not affect the graphical splash screen as defined under gfxmenu, but the standard GRUB interface. On a SUSE LINUX system, this interface can be accessed from the splash screen by pressing Esc.
By default, the first menu entry title linux should be booted.
After 8 seconds without user input, GRUB will automatically boot the default entry.
The second, larger part defines the different operating systems to boot:
The first entry (title linux) is responsible for booting SUSE LINUX. The kernel (vmlinuz) is located on the first hard disk on the first logical partition (which is the boot partition in this case). The appended arguments are kernel parameters, such as the root partition and the video mode. The root partition is specified according to the Linux convention (/dev/hda7), as this information is interpreted by the Linux kernel, not by GRUB. The initrd image is located on the same logical partition of the first hard disk.
The second entry is responsible for booting Windows, which is installed on the first partition of the first hard disk (hd0,0). The command chainloader +1 causes GRUB to read and execute the first sector of the specified partition.
The next entry enables booting from the floppy drive without changing any BIOS settings.
The failsafe entry boots a Linux kernel with a number of kernel parameters that enable booting Linux even if the hardware is causing problems.
Some operating systems, such as Windows, can only start from the first hard disk. If you have such an operating system installed on a different hard disk, you can implement a logical change for the respective menu entry. However, this only works if the operating system accesses the hard disks by way of the BIOS when booting.
... title windows map (hd0) (hd1) map (hd1) (hd0) chainloader(hd1,0)+1 ...
In this example, Windows is started from the second hard disk. For this purpose, the logical sequence of the hard disks is changed with map. This change does not affect the logic within the GRUB menu file. You still need to specify the second hard disk for chainloader.
From the graphical boot menu of GRUB, use the cursor keys to select the operating system to boot. If you select a Linux system, you can add boot parameters. After pressing Esc and exiting the splash screen, n press E to edit individual menu entries directly. Changes made in this way only apply to the current boot procedure and will not be adopted permanently.
|Keyboard Layout during the Boot Procedure|
The US keyboard layout is the only one available at boot time.
After enabling the editing mode, use the arrow keys to navigate to the entry to change. To make the selected item editable, press E again. Adjust the entry as desired. Leave the editing mode with Enter and go back to the menu, where the changed entry can be booted by pressing E. In the lower part of the screen, GRUB displays further options.
The file device.map maps GRUB device names to Linux device names. This is only relevant when running the GRUB shell as a Linux program (command grub). For this purpose, the program reads the file device.map. See Section 7.4.4. “The GRUB Shell” for more information.
GRUB does not have access to the boot sequence information in the BIOS. If your system contains both IDE and SCSI hard disks, GRUB must try to determine the boot sequence by means of a special procedure. It saves the results of this check to the file /boot/grub/device.map. For a system that boots IDE devices before SCSI devices, the file device.map could look as follows:
(fd0) /dev/fd0 (hd0) /dev/hda (hd1) /dev/hdb (hd2) /dev/sda (hd3) /dev/sdb
As the order of IDE, SCSI, and other hard disks depends on various factors and Linux is not able to identify the mapping, the sequence in the file device.map can be set manually. If you encounter problems when booting, check if the sequence in this file corresponds to the sequence in the BIOS and use the GRUB shell to modify it if necessary (see Section 7.4.4. “The GRUB Shell”). Once you have successfully booted your Linux system, edit the file device.map permanently with the YaST boot loader module or an editor of your choice.
Any manual change to the device.map file requires that you update your GRUB installation. Use the following command:
grub --batch --device-map=/boot/grub/device.map < /etc/grub.conf
GRUB stores another important part of its configuration in the file grub.conf. This file defines the parameters and options needed by the grub command to install the boot loader correctly:
root (hd0,4) install /grub/stage1 d (hd0) /grub/stage2 0x8000 (hd0,4)/grub/menu.lst quit
The individual entries have the following meaning:
This command tells GRUB that all subsequent commands should be applied to the first logical partition on the first hard disk, where the boot files are located.
The command grub should be run with the parameter install. stage1 of the boot loader should be installed in the MBR of the first hard disk (/grub/stage1 d (hd0)). stage2 should be loaded to the memory address 0x8000 (/grub/stage2 0x8000). The last entry ((hd0,4)/grub/menu.lst) tells GRUB where to look for the menu file.
GRUB actually consists of two parts: the boot loader and a normal Linux program (/usr/sbin/grub). This program is referred to as the GRUB shell. The functionality to install the boot loader on a hard disk or floppy disk is integrated into the GRUB shell through the internal commands install and setup — these commands can be executed using the GRUB shell on a running Linux system. However, these commands are also available while the system is booting with GRUB — before Linux is even running. This makes the repair of a defective system much easier.
Because GRUB is able to access file systems upon booting, it could also be used to read files that would not be accessible under normal circumstances — on a running system, users would need root permissions to read them. To put a stop to this, set a boot password. Such a password can be used to prevent unauthorized access to file systems at boot time and to prevent users from booting certain installed systems.
To create a boot password, log in as root and proceed as follows:
At the root prompt, enter grub.
In the GRUB shell, encrypt the password:
grub> md5crypt Password: **** Encrypted: $1$lS2dv/$JOYcdxIn7CJk9xShzzJVw/
Paste the encrypted string into the global section of the file menu.lst:
gfxmenu (hd0,4)/message color white/blue black/light-gray default 0 timeout 8 password --md5 $1$lS2dv/$JOYcdxIn7CJk9xShzzJVw/
From now on, executing GRUB commands from the boot prompt is impossible without knowing the password. Permission to do so is only granted after pressing P and entering the password. However, users can still boot all operating systems without any restriction.
To keep users from booting certain operating systems, add the entry lock for every section in menu.lst to prevent from being booted without entering a password. Example:
title linux kernel (hd0,4)/vmlinuz root=/dev/hda7 vga=791 initrd (hd0,4)/initrd lock
After rebooting, trying to boot this entry from the menu would result in the following error message:
Error 32: Must be authenticated
Return to the menu by pressing Enter. From the menu, pressing P prompts for the password. The selected system (Linux in this case) should boot after typing the password and pressing Enter.
|Boot Password and Splash Screen|
Setting a boot password for GRUB disables the graphical splash screen as displayed by default.
The geometry of attached hard disks is checked by GRUB only upon booting. In some cases, the BIOS returns inconsistent values, and GRUB reports GRUB Geom Error (see http://portal.suse.com/sdb/en/2003/03/fhassel_geom-error.html). In this case, use LILO or update the BIOS. Details on the installation, configuration, and maintenance of LILO is available in the Support Database article: http://portal.suse.de/sdb/en/2004/01/lilo_overview.html>.
Extensive information about GRUB is available at http://www.gnu.org/software/grub/. If you have texinfo installed on your machine, view the GRUB info pages in a shell by entering info grub. You can also search for the keyword “GRUB” in the Support Database at http://portal.suse.de/sdb/en/index.html to get information about special issues.