GRUB 2 boot prompt
If improperly configured, GRUB 2 may fail to load and subsequently drop to a boot prompt. To address this issue, proceed as follows:
1. List the drives which GRUB 2 sees:
2. The output for a dos partition table /dev/sda with three partitons will look something like this:
(hd0) (hd0,msdos3) (hd0,msdos2) (hd0,msdos1)
3. While the output for a gpt partition table /dev/sda with four partitions will look something like this:
(hd0) (hd0,gpt4) (hd0,gpt3) (hd0,gpt2) (hd0,gpt1)
4. With this information you can now probe each partition of the drive and locate your vmlinuz and initramfs files:
Will list the files on /dev/sda1. If this partition contains /boot, the output will show the full name of vmlinuz and initramfs.
5. Armed with the location and full name of vmlinuz and initramfs you can now boot your system.
How to disable Interactive Boot
Edit the file /etc/sysconfig/init. Add or correct the setting:
The PROMPT option allows the console user to perform an interactive system startup, in which it is possible to select the set of services which are started on boot. Using interactive boot, the console user could disable auditing, firewalls, or other services, weakening system security
How can I force fsck on next boot
You can force an automatic full check by changing the check interval using tune2fs (-c and/or -i).
-c max-mount-counts
Adjust the number of mounts after which the filesystem will be checked by e2fsck(8). If max-mount-counts is 0 or -1, the number of times the filesystem is mounted will be disregarded by e2fsck(8) and the kernel.
-i interval-between-checks[d|m|w]
Adjust the maximal time between two filesystem checks. No postfix or d result in days, m in months, and w in weeks. A value of zero will disable the time-dependent checking.
It is strongly recommended that either -c (mount-count-dependent) or -i (time-dependent) checking be enabled to force periodic full e2fsck(8) checking of the filesystem.
The above command would tell the init scripts to run fsck on hda2 at every boot.
# tune2fs -i 1d /dev/hda2
The above command would tell the init scripts to run fsck on hda2 after 1 day.
If you only want to run fsck on the next boot, please execute the following as the root user.
This will only run the file system check on the next reboot. By touching the file “forcefsck” in the / directory, it will force the system to perform a full file system check.
The file “forcefsck” will be deleted automatically after fsck is finished.
Password Protecting GRUB Using Boot Loader Passwords
GRUB can be configured by adding a password directive to its configuration file. To do this, first decide on a password, then open a shell prompt, log in as root, and type:
When prompted, type the GRUB password and press Enter. This returns an MD5 hash of the password.
Next, edit the GRUB configuration file /boot/grub/grub.conf. Open the file and below the timeout line in the main section of the document, add the following line:
Replace with the value returned by /sbin/grub-md5-crypt
The next time the system boots, the GRUB menu does not allow access to the editor or com-mand interface without first pressing p followed by the GRUB password.
prevent an attacker from booting into a non-secure operat-ing system in a dual-boot environment. For this, a different part of the /boot/grub/grub.conf file must be edited.
Look for the title line of the non-secure operating system and add a line that says lock directly beneath it.
For a DOS system, the stanza should begin similar to the following:
To create a different password for a particular kernel or operating system, add a lock line to the stanza, followed by a password line.
Each stanza protected with a unique password should begin with lines similar to the following example:
title DOS lock password –md5
ISCSI mount on boot
Steps to mount ISCSI on boot:
You can see the ISCSI drive while issuing “fdisk -l”. Let it be /dev/sdb1
Consider that you want it to mount over /vz partition.
step 1) e2label /dev/sdb1 /vz
step 2) In /etc/fstab, add the following entry.
LABEL=/vz /vz ext3 _netdev 0 0
step 3) chkconfig –level 3 netfs on
step 4) Reboot
Note:
ISCSI drives should be mounted with “_netdev” mount option.
“netfs” is the daemon which would mount the filesystems with “_netdev” mount option.