Upgrading Red Hat Enterprise Linux / CentOS / Oracle Linux

RHEL/CentOS/Oracle Migration: Booting

Booting changes as you upgrade to more recent Linux distributions. The boot loader changes from GRUB 0.97 (or "Legacy GRUB") to GRUB2, bringing much more complex configuration. Perhaps even more significant, the init program has been replaced with the systemd daemon, queried and controlled with the systemctl command. Of all the enormous changes in Linux in the period 2007-2014, I think this is the biggest one. On top of these changes in Linux, your hardware has probably changed during this time, moving from BIOS to UEFI firmware.

Previous: Installation STIG Compliance

The previous page provided an overview of the many significant changes you encounter through the RHEL/CentOS/Oracle Linux 6–7–8–9 migration path.

The U.S. Department of Defense Security requirements, the STIG or Security Technology Implementation Guide, varies not just from one operating system to the next, but from version to version. The STIG for RHEL 7 focuses on booting and logging. Ensuring that the kernel is always booted in a way to enable the Security-Enhanced Linux mechanism, and that there is adequate storage for the audit logs.

2 — Booting

RHEL 5	Grub 0.97
RHEL 6	Grub 0.97
RHEL 7	Grub2 v2.00
RHEL 8	Grub2 v2.02
RHEL 9	Grub2 v2.06

Red Hat moved from Grub to Grub 2 with RHEL 7. Grub 2 is needed to support booting on UEFI-GPT platforms. See my page on how Linux boots for details on UEFI and GPT.

These two configuration files do approximately the same thing. Notice the much greater complexity of Grub 2.

Typical Grub 0.97 /boot/grub/menu.lst

timeout 10
color black/cyan yellow/cyan
default 0

title Linux release-newer
	root (hd0,0)
	kernel (hd0,0)/vmlinuz-release-newer root=LABEL=/
	initrd /initrd-release-newer.img

title Linux release-older
	root (hd0,0)
	kernel (hd0,0)/vmlinuz-release-older root=LABEL=/
	initrd /initrd-release-older.img

Typical Grub 2 /boot/grub2/grub.cfg

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  load_env
fi
if [ "${next_entry}" ] ; then
   set default="${next_entry}"
   set next_entry=
   save_env next_entry
   set boot_once=true
else
   set default="0"
fi

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
    saved_entry="${chosen}"
    save_env saved_entry
  fi
}

function load_video {
  if [ x$feature_all_video_module = xy ]; then
    insmod all_video
  else
    insmod efi_gop
    insmod efi_uga
    insmod ieee1275_fb
    insmod vbe
    insmod vga
    insmod video_bochs
    insmod video_cirrus
  fi
}

if loadfont unicode ; then
  set gfxmode=auto
  load_video
  insmod gfxterm
fi
terminal_output gfxterm
insmod part_msdos 
insmod ext2
set root='hd0,msdos1'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1  1d2e37f5-1a3d-419a-996e-d7fd5d876a75
else
  search --no-floppy --fs-uuid --set=root 1d2e37f5-1a3d-419a-996e-d7fd5d876a75
fi
insmod gfxmenu
loadfont ($root)/grub2/themes/maggy/MageiaLogo-Bold-16.pf2
loadfont ($root)/grub2/themes/maggy/MageiaLogo-Bold-20.pf2
loadfont ($root)/grub2/themes/maggy/MageiaLogo-Bold-28.pf2
loadfont ($root)/grub2/themes/maggy/MageiaLogo-Regular-20.pf2
insmod png
set theme=($root)/grub2/themes/maggy/theme.txt
export theme
set timeout=10
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Linux release-newer' {
	set gfxpayload=text
	insmod gzio
	insmod part_msdos 
	insmod ext2
	set root='hd0,msdos1'
	if [ x$feature_platform_search_hint = xy ]; then
	  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1  1d2e37f5-1a3d-419a-996e-d7fd5d876a75
	else
	  search --no-floppy --fs-uuid --set=root 1d2e37f5-1a3d-419a-996e-d7fd5d876a75
	fi
	linux	/vmlinuz-release-newer root=UUID=62dfc4a4-86c2-4ebf-aaa3-442ecc740122 ro noacpi nofb 
	initrd	/initrd-release-newer.img
}
menuentry 'Linux release-older' {
	set gfxpayload=text
	insmod gzio
	insmod part_msdos 
	insmod ext2
	set root='hd0,msdos1'
	if [ x$feature_platform_search_hint = xy ]; then
	  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1  1d2e37f5-1a3d-419a-996e-d7fd5d876a75
	else
	  search --no-floppy --fs-uuid --set=root 1d2e37f5-1a3d-419a-996e-d7fd5d876a75
	fi
	linux	/vmlinuz-release-older root=UUID=62dfc4a4-86c2-4ebf-aaa3-442ecc740122 ro noacpi nofb 
	initrd	/initrd-release-older.img
}
### END /etc/grub.d/10_linux ###

### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###

### BEGIN /etc/grub.d/20_ppc_terminfo ###
### END /etc/grub.d/20_ppc_terminfo ###

### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###

### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
### END /etc/grub.d/40_custom ###

### BEGIN /etc/grub.d/41_custom ###
if [ -f  ${config_directory}/custom.cfg ]; then
  source ${config_directory}/custom.cfg
elif [ -z "${config_directory}" -a -f  $prefix/custom.cfg ]; then
  source $prefix/custom.cfg;
fi
### END /etc/grub.d/41_custom ###

GRUB now uses a kernel line about twice the length of that in RHEL/CentOS/Oracle Linux 5.*, many more parameters are passed to the kernel at boot time.

Starting with RHEL 6 GRUB uses UUID rather than LABEL to specify the root file system, and adds several parameters specifying whether it is on LVM or encrypted through LUKS or on NFS or other network-attached storage.

RHEL 5	SVR4 `init`
RHEL 6	Upstart
RHEL 7	systemd
RHEL 8
RHEL 9

The old SVR4 init has been replaced twice now.

Systemd is significantly more capable than Upstart or classic init, with a corresponding increase in complexity. See my page on Linux booting and process control for the rather complicated details on this.

How Linux Boots

There's much more to it than this, but here's what an administrator sees day-to-day:

SVR4 init on RHEL 5:
One file /etc/inittab configures the init program as to what run level to enter by default and what it takes to get there. Other than starting multiple virtual consoles with text login in run levels 3 and 5, and starting a graphical login in run level 5, it says to use the directory /etc/rc[0-6].d/ corresponding to the target run level. That directory will contain symbolic links pointing to the collection of boot scripts in /etc/init.d/. Each link has the same name as the actual script, preceded with either K (to kill) or S (to start) and a two-digit number to impose order. You use the chkconfig program to enable or disable services, it reads specially coded comments in the comment block at the top of the boot script to specify which run levels to start and stop the service and at what numerical order position. You directly run the boot script /etc/init.d/servicename to stop, start, or restart it right now.

Upstart on RHEL 6:
Very similar to SVR4 init as far as configuration and operation goes. The exception is that /etc/inittab is now almost empty. Its functionality has been expanded and moved into the files /etc/sysconfig/init and /etc/init/*.

Systemd on RHEL 7 and 8:
This is very different! Instead of run levels, in which only 1 (maintenance or rescue), 3 (text-only, server) and 5 (graphics, workstation) are useful, it uses "targets". The commonly used one correspond to the traditional run levels 3 and 5, but you can boot or transition into any combination of the targets found in /lib/systemd/system/*.target. Very few boot scripts remain in /etc/init.d/. You use the program systemctl to query the current overall system state, to query the state of individual services, to control a service right now, and to enable or disable it for the future.

Simplified "Phrase Book" of Equivalent Commands

Goal:
What run state are we in?
What services were started/stopped to get here, and with what order dependencies?

SVR4 init, Upstart

runlevel

ls /etc/rcN.d

systemd

systemctl get-default
systemctl
systemctl -a
systemctl list-dependencies
systemctl list-sockets
systemctl status crond sshd httpd ...

Goal:
What is the default run state if the system is simply rebooted?

SVR4 init, Upstart

grep initdefault /etc/inittab

systemd

systemctl get-default

Goal:
What is the default run state if the system Change the default run state to newtarget.

SVR4 init, Upstart

vim /etc/inittab

systemd

systemctl set-default newtarget

Goal:
What services are available? Of the available services, which are enabled and disabled?

SVR4 init, Upstart

ls /etc/rc.d/init.d
chkconfig --list

systemd

systemctl list-unit-files

Goal:
Stop service xyz.
Start service xyz.
Stop and restart service xyz.
Signal service xyz to re-read its configuration file.

SVR4 init, Upstart

/etc/init.d/xyz stop
/etc/init.d/xyz start
/etc/init.d/xyz restart
/etc/init.d/xyz reload

systemd

systemctl stop xyz
systemctl start xyz
systemctl restart xyz
systemctl reload xyz

Goal:
Enable service xyz to automatically start at the next boot.

Disable service xyz to not automatically start at the next boot.

SVR4 init, Upstart

chkconfig --add xyz
chkconfig xyz on
chkconfig --levels 345 xyz on

chkconfig --del xyz
chkconfig xyz off

systemd

systemctl enable xyz

systemctl disable xyz

Systemd will automatically enable services that xyz depends upon.

Goal:
What is involved in service xyz?

A short description, what it needs to run before it, what else wants this to run before it can, is it running now or stopped now, since when, if running what's it PID, and far more?

SVR4 init, Upstart

more /etc/init.d/xyz
ls /etc/rc$(runlevel | awk '{print $2}').d/
/etc/init.d/xyz status
grep xyz /var/log/messages
ls /var/run/xyz
cat /var/run/xyz
ps axuww | egrep 'PID|xyz'

Oof!

You would have to do all of these, plus many more, plus do some careful analysis of all of the output, to get everything you can get from the one systemd command.

This is an area where systemd has an advantage.

systemd

systemctl show xyz

Goal:
Halt or reboot the system.

SVR4 init, Upstart

init 0
halt
poweroff
shutdown -h now -t 0

init 6
reboot
shutdown -r now -t 0

systemd

systemctl halt
systemctl poweroff

systemctl reboot

Goal:
Change to another run state

SVR4 init, Upstart

init 1
init 3
init 5

systemd

systemctl isolate rescue.target
systemctl isolate multi-user.target
systemctl isolate graphical.target

Goal:
The system is shut down, boot it into a non-default run state (typically used for rescue or maintenance.

SVR4 init, Upstart
Interrupt the boot loader's countdown timer and modify the line that will be passed to the kernel. Add the desired target state to the end — 1, 3, or 5 for SVR4 init or Upstart; rescue, multi-user, or graphical for systemd (1, 3, and 5 will probably work, but don't count on it). The kernel's command line at the last boot is kept in /proc/cmdline.

Yes, there are differences in exactly which services are started in the various versions, but it's made much more complex given the choices of installing a workstation, a server, a server with graphics, and so on. Know how to check which services are started by default, and which ones are currently running.

How Linux Boots

This page will help you get through a migration to a newer Linux release. For more detail, see my dedicated page on how Linux boots.

The next page is on logging, which really changed with the appearance of journalctl.

Next ❯ Logging