What utility do practically all Linux users use -- regardless of their job or expertise? A boot loader. In this article, see how a boot loader works, meet two popular loaders -- LILO (LInux LOader) and GNU GRUB (GRand Unified Boot loader) -- and review the pros and cons of each.
What is a boot loader?
Most simply, a boot loader loads the operating system. When your machine loads its operating system, the BIOS reads the first 512 bytes of your bootable media (which is known as the master boot record, or MBR). You can store the boot record of only one operating system in a single MBR, so a problem becomes apparent when you require multiple operating systems. Hence the need for more flexible boot loaders.
The master boot record itself holds two things -- either some of or all of the boot loader program and the partition table (which holds information regarding how the rest of the media is split up into partitions). When the BIOS loads, it looks for data stored in the first sector of the hard drive, the MBR; using the data stored in the MBR, the BIOS activates the boot loader.
Due to the very small amount of data the BIOS can access, most boot loaders load in two stages. In the first stage of the boot, the BIOS loads a part of the boot loader known as the initial program loader, or IPL. The IPL interrogates the partition table and subsequently is able to load data wherever it may exist on the various media. This action is used initially to locate the second stage boot loader, which holds the remainder of the loader.
The second stage boot loader is the real meat of the boot loader; many consider it the only real part of the boot loader. This contains the more disk-intensive parts of the loader, such as user interfaces and kernel loaders. These user interfaces can range from a simple command line to the all-singing, all-dancing GUIs.
Boot loaders are usually configured in one of two ways: either as a primary boot loader or as a secondary boot loader. Primary boot loaders are where the first stage of the boot loader is installed on the MBR (per the previous description). Secondary boot loaders are where the first stage of the boot loader is installed onto a bootable partition. A separate boot loader must then be installed into the MBR and configured to pass control to the secondary boot loader.
Many newer Linux boot loaders can be especially useful since they give you varying degrees of interaction, such as advanced GUI and encrypted passwords, along with the ability to load from a selection of operating systems. Thus you can have many operating systems coexisting on the same machine spanning multiple physical disks. This setup has become common because it helps many users reconcile the treasures of valuable datafiles originally generated by their Windows® machines with their shiny new Linux installs. Personally, I think this setup is great; I use a single box for both Linux and Windows.
Over time, boot loaders have been enhanced to include a greater range of functionality for the user. Such functionality and configuration vary from loader to loader, although the basic purpose remains the same.
Now let's look at two of the more popular boot loaders: LILO and GRUB.
LInux LOader, or LILO, comes as standard on all distributions of Linux. As one of the older/oldest Linux boot loaders, its continued strong Linux community support has enabled it to evolve over time and stay viable as a usable modern-day boot loader. Some new functionality includes an enhanced user interface and exploitation of new BIOS functions that eliminate the old 1024-cylinder limit.
Although LILO continues to be developed, the basic principles of how LILO works still remain the same.
Making LILO your boot loader
What you will need to do to use LILO as your boot loader depends on whether you are installing the OS fresh or have already installed Linux and are planning on moving to LILO. If you're starting fresh, you can jump straight to the Configuring LILO section. If you already have a Linux distribution installed, you usually get an option to install and configure LILO (and can boot your machine into your new Linux install).
For existing Linux users migrating to LILO, first you have to acquire the latest version of LILO. Before doing anything else, I advise you to make sure you have a Linux boot disk handy -- it makes life a lot easier if you accidentally mess something up and would like to be able to get back into your original Linux configuration! Once you have LILO on your system, making it take over your MBR is very easy. As the root user, type:
# /sbin/lilo -v -v
This will use the current LILO defaults and splat anything that is currently in the MBR. However, read about Configuring LILO to make sure you are able to boot up as expected. Also note that if you want to run Windows and Linux on a single machine, you should install your Windows OS first and then the Linux OS, so that the boot loader you choose in the Linux install won't be written over by the Windows boot loader. Unlike the Linux boot loaders, the majority of Windows boot loaders will not allow you to load Linux. If you've already installed Linux first, don't fret; just create yourself a Linux boot disk so that after you have installed Windows, you can get back into your Linux install and overwrite the MBR.
LILO configuration is all done through a configuration file located in /etc/lilo.conf. Listing 1 shows an example configuration, relating to my home machine, for dual booting a Linux and Windows machine. You can visualize how this configuration relates to an actual machine by looking at my basic workstation setup:
- Primary HDD (physical disk 1) with Windows XP installed (initially all there was on the machine). In Linux terms, this HDD is /dev/hda (hd0,0 in GRUB terms).
- Secondary HDD (physical disk 2) with Red Hat Linux installed; the root partition is on the third partition of this hard drive, /dev/hdb3 (hd1,2 in GRUB terms).
Listing 1. Example lilo.conf file
boot=/dev/hda map=/boot/map install=/boot/boot.b prompt timeout=100 compact default=Linux image=/boot/vmlinuz-2.4.18-14 label=Linux root=/dev/hdb3 read-only password=linux other=/dev/hda label=WindowsXP
The options used in Listing 1 are:
boot=line tells LILO where to install the boot loader. In the previous example, this will install it to the MBR of first hard disk. You could alternatively install LILO in /dev/hdb3 (the Linux partition in the example), which would then require you to install another boot loader into /dev/hda that points it to the LILO boot loader; then you just let LILO act as a secondary boot loader. In general, /dev/hda is the most common place for your boot loader to reside. You can also make a LILO floppy boot disk by pointing this parameter to the floppy drive, most commonly /dev/fd0.
map=points to the map file used by LILO internally during bootup. When you install LILO using the
/sbin/lilocommand, it automatically generates this file, which holds the descriptor table (among other things). My advice is to leave this as it is!
install=is one of the files used internally by LILO during the boot process. This holds both the primary and secondary parts of the boot loader. A segment of this boot.b file is written to the MBR (the primary part of the boot loader), which then points to the map and subsequently points to the secondary boot loader. Again, leave this as it is!
prompt=tells LILO to use the user interface (giving you in this example two selections -- Linux and WindowsXP). In addition using the prompt/user interface, you get the option to specify specific parameters for the Linux kernel or others if appropriate. If you do not specify this option in the configuration file, LILO will boot into the default OS with no user interaction and no waiting. (It's worth noting, though, that if you hold the SHIFT key down during boot, you can get the prompt up anyway, which is quite useful if you don't want the average Joe to be exposed to the boot loader).
timeout=is the number of tenths of a second that the boot prompt will wait before automatically loading the default OS, in this case Linux. If
promptis not specified in the lilo.conf, this parameter is ignored.
compactoption magically makes the boot process quicker by merging adjacent disk read requests into a single request. It can be a mixed blessing, though, as I've seen a number of posts on forums regarding issues with this option. This option especially useful if you wish to boot from a floppy.
default=option tells LILO which image to boot from by default, such as after the timeout period. This relates to a label of one of the images in the lilo.conf file. If you don't specify this option in the configuration file, it will boot the first image specified in the file.
- For each version of Linux you want to make available for users to boot into, you should specify
image=and the following three options. The image option specifies the kernel version you wish to boot to.
label=identifies the different OS you want to boot from at the user interface at runtime. In addition, this label is used for specifying the default OS to boot from. (Note: Avoid spaces in the label name; otherwise, you will get an unexpected error when loading the file.)
root=option tells LILO where the OS file system actually lives. In our example, it is /dev/hdb3, which is the third partition of the second disk.
read-onlytells LILO to perform the initial boot to the file system read only. Once the OS is fully booted, it is mounted read-write.
password=option allows you to set a password for the specific OS you are booting into. In the example this password is held in the lilo.conf file as readable text, so is easily accessible for all to read. Alternatively if you set password="" you can set the password when the bootloader is installed. These can be set on each of the operating systems you wish to boot from if required (in our example we only set a password on the Linux boot).
other=acts like a combination of the image and root options, but for operating systems other than Linux. In our example, it tells LILO where to find the Windows OS, which resides on the first disk in the first partition. This will usually be the case if you have installed Windows first, then Linux.
label=is the same as all other label options.
You can use many other parameters in the lilo.conf file, but the parameters in Listing 1 should get you into a fairly usable state on your machine. For further information on these and other lilo.conf parameters, refer to the manual pages (man lilo.conf). Since lilo.conf is not read at boot time, the MBR needs to be "refreshed" when this is changed. If you do not do this upon rebooting, none of your changes to lilo.conf will be reflected at startup. Like getting LILO into the MBR in the first place, you need to run:
$ /sbin/lilo -v -v
-v -v flags give you very verbose output. There are a fair number of parameters you can specify when running LILO like we did. See the manual pages for further information (man lilo).
The initial boot process
When LILO initially loads, it brings up in order each of the letters -- L-I-L-O. If all the letters come up, the first stage boot was successful. Anything less indicates a problem:
- L: The first stage boot loader has been loaded. If LILO stops here, there were problems loading the second stage boot loader. This is usually accompanied by an error code. The common problems at this stage are media problems or incorrect disk parameters specified in your lilo.conf file.
- LI: The second stage boot loader has been loaded. LILO halting at this point indicates the second stage boot loader could not be executed. Again, this can be due to problems similar to just L: loading or if the boot.b file has been corrupted, moved, or deleted.
- LIL: The second stage boot loader has now been executed. At this point, media problem could again be responsible or the map file (as specified in the lilo.conf file) could have had problems finding the descriptor tables.
- LIL?: Loaded to the same point as above. This usually means the second stage boot loader loaded at an incorrect address, caused most likely by boot.b being in a different place than specified in the lilo.conf file.
- LIL-: Loaded to the same point as above. Problem loading the descriptor table, most likely due to a corrupt descriptor table.
- LILO: LILO has successfully loaded with no errors.
Additional configuration at boot time
Once LILO has successfully loaded, you will see a LILO prompt. Still using the example lilo.conf file as before, at this point you have two choices, which may not be immediately obvious to LILO newbies. First, you may let LILO time out (after 10 seconds), which will boot /dev/hdb3, the Linux partition. Second, you can press the TAB key, which will list a selection of operating systems to boot from. In our example lilo.conf, we would get "Linux" and "WindowsXP" as our options. Typing either of these will load up that OS. Specifically loading the Linux option will then prompt you to enter a password, which in this case is
linux. Incorrectly entering the password will take you back to the LILO prompt.
A final word of advice when trying out LILO for the first time: I found it a lot safer to work out my LILO configuration using a floppy boot disk rather than my hard disk. To do this, you must replace the
boot=/dev/fd0 in the lilo.conf file. That way, if I messed up any of the configuration in my lilo.conf file, I could take out the boot disk and boot into Linux as before. Once I was happy everything booted fine using the floppy disk, I then changed my lilo.conf back to use
boot=/dev/hda and ran
/sbin/lilo a final time to upload my changes.
More recently, the GRand Unified Boot loader (commonly known as GRUB) seems to have somewhat taken the boot loaders crown from LILO. GNU GRUB is actively developed by the Free Software Foundation and based on the original GRUB program, originally created by Erich Stefan Boleyn.
Make GRUB your boot loader
As with LILO, the steps you will need to perform to use GRUB as your active boot loader depend on whether you are installing the OS fresh or have already installed Linux and are planning on moving to GRUB. If you're starting fresh, you can jump straight to the Configuring GRUB section. If you already have a Linux distribution installed, you usually get an option to install and configure LILO (and can boot your machine into your new Linux install).
For existing Linux users wanting to migrate to GRUB, get the latest version of GRUB (see Resources). Again, as with LILO, before doing anything else, have a Linux boot disk handy. With the interactive mode (described below), this disk should not be required, but it's nice to have just in case you get out of your depth. Once you have GRUB installed on your system, making it take over your MBR is easy. As the root user, type:
This will load up a BASH-like command prompt where you now use the GRUB command:
grub> install (hd1,2)/boot/grub/stage1 (hd1)
(hd1,2)/boot/grub/stage2 p (hd1,2)/boot/grub/menu.conf
This command uses the GRUB install command, which requires the location of the stage one image and the location of the MBR (
install (hd1,2)/boot/grub/stage1 (hd1)). Also the location of the stage two image (
(hd1,2)/boot/grub/stage2) is required. Finally, an optional
p (hd1,2)/boot/grub/menu.conf tells GRUB the location of the GUI menu configuration file.
In the previous example,
hd1 is my Linux
hd0 is my Windows disk. This will use the current GRUB defaults and splat anything that is currently in the MBR (read Configuring GRUB to make sure you are able to boot up as expected).
GRUB configuration is all done through a configuration file located in /boot/grub/grub.conf. Listing 2 shows an example configuration that relates to my home setup, a dual-booting Linux and Windows machine:
Listing 2. Example grub.conf file
default=0 timeout=10 splashimage=(hd1,2)/grub/splash.xpm.gz password --md5 $1$opeVt0$Y.br.18LyAasRsGdSKLYlp1 title Red Hat Linux password --md5 $1$0peVt0$Y.br.18LyAasRsGdSKLYlp1 root (hd1,2) kernel /vmlinuz-2.4.18-14 ro root=LABEL=/ initrd /initrd-2.4.18-14.img title Windows XP password --md5 $1$0peVt0$Y.br.18LyAasRsGdSKLYlp1 rootnoverify (hd0,0) chainloader +1
The options used in Listing 2 are:
default=option signals to GRUB which image to boot from by default after the timeout period. This relates to one of the images in the grub.conf file. 0 is the first specified, 1 is the second specified, etc. If you don't specify this option in the configuration file, it will boot the first image specified in the file.
timeout=is the number of seconds the boot prompt will wait before automatically loading the default OS, in this case, Red Hat Linux.
splashimage=is the location of the image to be used as the background for the GRUB GUI.
passwordoption specifies the MD5-encrypted password used to gain access to GRUB's interactive boot options. Note this does not stop users loading your defined OS choices; this needs to be set on a per-
titlebasis. To generate an
md5password, run the tool
grub-md5-crypt(as root), which comes with GRUB. It will prompt you for the password you want to encrypt. It then will output the MD5-encrypted password. Copy this into your grub.conf after
password -md5but on the same line. Usually this password can be set to the root password, since it is only root who can read the grub.conf file anyway.
titleidentifies the specific OS that will be booted from at the user interface at runtime. Unlike with LILO, you can include spaces in this name.
passwordis set in the same way as the password above. Do not set this password to the root password if you are planning on sharing this machine with other users.
rootoption tells GRUB where the OS file system actually lives. As you can see, GRUB references the media in a different way than LILO. In our LILO example, /dev/hdb3 is the third partition of the second disk. Grub references this disk as (hd1,2), again the third partition of the second disk (disk 0 being the first disk, partition 0 being the first partition).
kernel: vmlinuz-X.X.XX-XX is the name of the default boot kernel image within your root directory.
initrd: initrd-X.X.XX-XX.img is the name of the default initrd file within your root directory.
titleis the same as all other title options.
password: See other password options.
rootnoverifyoption tells GRUB to not try to vary the root of the OS. This saves load errors if the file system is not a supported by GRUB.
chainloader +1tells GRUB to use a chain loader to load this OS, which is required for loading Windows.
You can use many other parameters in the grub.conf file, but the parameters in Listing 2 should get you into a fairly usable state on your machine. For further information on these and other grub.conf parameters, see the manual pages (man grub.conf).
Unlike LILO's configuration file, grub.conf is read at boot time, and the MBR does not need to be refreshed when this is changed.
The initial boot process
When GRUB initially loads, like LILO it loads its first stage from the MBR. Once this has loaded, it then enters an intermediate stage between the common boot loader stages one and two (or for argument's sake, Stage 1.5). Stage 1.5 is present to enable regular file system access to the GRUB configuration files in /boot/grub rather than accessing using disk blocks. We then enter stage two of the boot loader where GRUB loads the grub.conf file.
You should now see the GRUB GUI. For any native Windows user, this seems a much more friendly experience than that of LILO. But don't think by having a GUI that GRUB is a dumbed-down boot loader. The wealth of options is astonishing. (See the tips for additional configuration at boot time.)
If your configuration is like mine, you should now be looking at a screen giving you two options: to boot into Red Hat Linux or to boot into Windows XP. By default, it will load Linux. The result of selecting either one of these is self explanatory.
Now for the good stuff.
Additional configuration at boot time
At the GRUB GUI, pressing any key will stop the timeout from kicking in. Then by pressing the P key, you can enter your GRUB password and gain full access to GRUB's interactive booting options. You should now be able to use one of the three options by pressing the one of the following keys:
- For edit commands before booting, press E. This allows you to edit the specific options for the currently highlighted OS. GRUB will then show only the options specific to the booting of that OS, which you can then edit as you see fit. This is especially useful if you have specified the wrong HDD for the root file system. If you need to access the machine in single-user mode (giving you root access without specifying a password!), select the Linux OS at the GRUB main screen. Then as before, press E and move to the kernel line (in my example, this is
kernel /vmlinuz-2.4.18-14 ro root=LABEL=/). You then append
singleto the end of this line, and press B to boot using your changed grub.conf. Any changes you make in edit mode are not saved to the grub.conf file.
- To modify kernel arguments, press A. If you are an experienced Linux user, you can tweak the kernel arguments to suit your needs.
- To get to a BASH-like command-line interface, press C. This minimal command-line interface allows you to find GRUB configuration files on your system, load an alternate configuration file, and edit lines in the configuration file, as well as enter GRUB commands directly. You might use this if a configuration change, such as deleting a partition, has made your system unbootable. You might also use it if you need to boot a system into single-user mode or perhaps runlevel 3 instead of your normal runlevel.
The many uses for these options are beyond the scope of this article.
As you can see, GRUB really opens up the possibilities at boot time. This can be a mixed blessing, though, as GRUB also potentially allows attackers to gain access to the system before the OS has loaded. The main areas open to misuse are:
- Access to single-user mode. Anyone loading into single-user mode is given root access, leaving your Linux system wide open to abuse.
- Access to other operating systems. Any bootable operating systems you have configured that do not require a password, such as DOS, will be open.
- Access to the GRUB editor. This allows users full access to change the GRUB configuration.
Setting security plays an important part in your GRUB configuration; setting a password and using MD5 encryption pays dividends to your overall system security.
Future of GRUB
GRUB is now being replaced by GRUB2. The original GRUB is being renamed to GRUB Legacy; apart from fixing bugs, it will no longer be actively developed. GRUB2 will be a complete rewrite of the original boot loader. To date, the following features are the core of the changes:
- Replacement of Stage 1.5 with the creation of a compact core image
- Support for dynamic loading to the core image
- Trend towards making the overall GRUB framework object oriented
- Support for internationalization, such as non-ASCII character sets
- Support for different hardware architectures and different platforms (other than Linux)
Refer to the GRUB Web site (see the Resources section below for the latest developments.
GRUB vs. LILO
As stated at the start of this article, all boot loaders work in a similar way to fulfill a common purpose. But LILO and GRUB do have a number of differences:
- LILO has no interactive command interface, whereas GRUB does.
- LILO does not support booting from a network, whereas GRUB does.
- LILO stores information regarding the location of the operating systems it can to load physically on the MBR. If you change your LILO config file, you have to rewrite the LILO stage one boot loader to the MBR. Compared with GRUB, this is a much more risky option since a misconfigured MBR could leave the system unbootable. With GRUB, if the configuration file is configured incorrectly, it will simply default to the GRUB command-line interface.
As with all software, the best choice for one user isn't always the best for all. Of the two boot loaders covered here, my personal favorite is GNU GRUB. It is a good all-around loader, combining a slick user interface with a wealth of functionality. And yet many people who have used and loved LILO still find it to be the boot loader of choice. Fortunately, if you are new to the world of Linux boot loading, you won't go far wrong with either.
Regarding security, anyone with access to a boot disk/CD can get past any of the security measures mentioned in this article by simply booting using a grub.conf or lilo.conf that does not have security set. With GRUB in particular, being able to boot into single-user mode could pose a serious security hole. A simple way to get around this problem is to disable booting from CD and floppy in your machine's BIOS and make sure your BIOS is set with a password so others can not change these settings.
- The tutorial "Build a Linux test network" (developerWorks, May 2003) shows how to combine Samba and GRUB to build a compact, highly adaptable, cross-platform test network, capable of booting and networking a large number of operating systems on a small number of machines.
- Find more resources for Linux developers in the developerWorks Linux zone.
Get products and technologies
- Get the latest version of the GRUB boot loader, and take a look at GRUB2 as well.
- Build your next development project on Linux with IBM trial software, available for download directly from developerWorks.
- Get involved in the developerWorks community by participating in developerWorks blogs.