Chapter 6. Kernel Services and Configuration
The kernel performs these basic operations
- Access to hardware
- Administration of resources for the system's applications
- Handles Input Output activity
- Data storage
- Security
- Networking
OBJECTIVES
- Know the most relevant activities the kernel has to fulfill and how to achive them
- Explain what parameters can be set on the kernel command line and how to make them effective either in one boot time or persisten across several boot times
- Know where to find detailed information about these parameters
- Know how to use sysctl to set kernel parameters for one boot time or persistently across system reboots
OVERVIEW
The kernel is basically the heart of the operating system. Its main task is to be the middle guy among the hardware (resources) and the software (applications), it administrates resources (hardware) for the sotware layer above the kernel that require them to complete a given task.
MAIN RESPONSABILITIES
- System initialization and boot up
- Process scheduling
- Memory management
- Controlling access to hardware
- I/O between applications and storage devices
- Implementation of local and network filesystems
- Security control, both localy and through the network
- Networking control
KERNEL COMMAND LINE
You can see the command line for the kernel at the GRUB configuration file,
/vmlinuz-4.2.3-300.fc23.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet LANG=es_AR.UTF-8
as you can see, the line 95 at the
- /boot/grub2/grub.cfg
Is the one that the GRUB is using to setup the kernel initial call, as the cmdline show within
- /proc/cmdline
Everything after the vmlinuz file specified is an option. Any options not understood by the kernel will be passed to init (pid = 1), the first user process to be run on the system.
In the above image we have these files
- /boot/grub2/grub.cfg
/vmlinuz-4.2.3-300.fc23.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet LANG=es_AR.UTF-8
- /proc/cmdline
BOOT_IMAGE=/vmlinuz-4.2.3-300.fc23.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet LANG=es_AR.UTF-8
Boot Parameters
Here you can see an explanation of some of the boot parameters we just mentioned
| Parameter | Value |
|---|---|
| ro | mounts root device read-only on boot |
| root | root filesystem |
| rd_LVM_LV | it activates the root filesystem in the logical volume specified |
| rd_NO_LUKS | disables crypto LUKS detection |
| rd_NO_DM | disables DM RAID detection |
| LANG | is the system languaje |
| SYSFONT | is the console font |
| KEYTABLE | is the keytable filename |
| rhgb | for graphical boot support on Red Had Systems |
| quiet | disables most log messages |
REFERENCE
Type the following command
$ man bootparam
Or consult this Link
SYSCTL
The sysctl interface can be used to read and tune kernel parameters at run time. Current values can be displayed by doing
$ sysctl -a .... kernel.pid_max = 32768 ... kernel.threads-max = 63707 .... net.ipv4.ip_default_ttl = 64 .... net.ipv4.ip_forward = 0 .... vm.nr_hugepages = 16 vm.swappiness = 10 ....
Each value corresponds to a particular pseudofile residing under /proc/sys, with directory slashes being replaced by dots. For example, the following two statements are equivalent:
$ sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward' $ sudo sysctl net.ipv4.ip_forward=1
where the second form is used to set a value with the sysctl command line interface. One cannot leave spaces around the = sign in this command. Note in the first form, we can not just use a simple sudo with echo; the command must be done in the complicated way
LAB 1
1. Check if you can ping your own system. (Note on RHEL 7 you must be root to run ping on most external network addreses.)
$ ping localhost
2. Check the current value of net.ipv4.icmp_echo_ignore_all, which is used to turn on and off whether your system will respond to ping. A value of 0 allows your system to respond to pings.
$ sysctl net.ipv4.icmp_echo_ignore_all
3. Set the value to 1 using the sysctl command line utility and then check if pings are responded to.
$ sysctl net.ipv4.icmp_echo_ignore_all=1
4. Set the value back to 0 and show the original behavior in restored.
$ sh -c 'echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all'
5. Now change the value by modifying /etc/sysctl.conf and force the system to activate this setting file without a reboot.
Add the following line to /etc/sysctl.conf: net.ipv4.icmp_echo_ignore_all=1
and then do:
$ sysctl -p
6. Check that this worked properly.
$ sysctl net.ipv4.icmp_echo_ignore_all $ ping localhost
LAB 2
1. Obtain the current maxium PID value.
$ sysctl kernel.pid_max
2. Find out what current PIDs are being issued
$ cat &
3. Reset pid_max to a lower value than the ones currently being issued.
$ sysctl kernel.pid_max=30000
4. Start a new process and see what it gets as a PID.
$ cat &