Chapter 6. Making temporary changes to the GRUB menu


You can modify GRUB menu entries or pass arguments to the kernel, which applies only to the current boot. On a selected menu entry in the boot loader menu, you can:

  • Display the menu entry editor interface by pressing the e key.
  • Discard any changes and reload the standard menu interface by pressing the Esc key.
  • Load the command-line interface by pressing the c key.
  • Type any relevant GRUB commands and enter them by pressing the Enter key.
  • Complete a command based on context by pressing the Tab key.
  • Move to the beginning of a line by pressing the Ctrl+a key combination.
  • Move to the end of a line by pressing the Ctrl+e key combination.
Important

The following procedures provide instruction on making changes to a GRUB Menu during a single boot process.

6.1. Introduction to GRUB

You can use the GNU GRand Unified Bootloader (GRUB) to perform the following actions:

  • Select an operating system or kernel to load at system boot time.
  • Pass arguments to the kernel.

When booting with GRUB, you can use either a menu interface or a command-line interface, the GRUB command shell. When you start the system, the menu interface is displayed.

GRUB menu interface

You can switch to the command-line interface by pressing the c key.

GRUB command shell

You can return to the menu interface by typing exit and pressing the Enter key.

GRUB BLS files

The boot loader menu entries are defined as Boot Loader Specification (BLS) files. This file format manages boot loader configuration for each boot option in a drop-in directory, without manipulating boot loader configuration files. The grubby utility can edit these BLS files.

GRUB configuration file

The /boot/grub2/grub.cfg configuration file does not define the menu entries.

6.2. Introduction to boot loader specification

The BootLoader Specification (BLS) defines a scheme and the file format to manage the boot loader configuration for each boot option in the drop-in directory without the need to manipulate the boot loader configuration files. Unlike earlier approaches, each boot entry is now represented by a separate configuration file in the drop-in directory. The drop-in directory extends its configuration without having the need to edit or regenerate the configuration files. The BLS extends this concept for the boot menu entries.

Using BLS, you can manage the boot loader menu options by adding, removing, or editing individual boot entry files in a directory. This makes the kernel installation process significantly simpler and consistent across the different architectures.

The grubby tool is a thin wrapper script around the BLS and it supports the same grubby arguments and options. It runs the dracut utility to create an initial ramdisk image. With this setup, the core boot loader configuration files are static and are not modified after kernel installation.

This premise is particularly relevant in RHEL 8 because not all architectures use the same boot loader:

  • x86_64, aarch64, and ppc64le with open firmware use GRUB2.
  • ppc64le with Open Power Abstraction Layer (OPAL) uses Petitboot.
  • s390x uses zipl.

Additional Resources

6.3. Booting to rescue mode

Rescue mode provides a convenient single-user environment in which you can repair your system in situations when it is unable to complete a normal booting process. In rescue mode, the system attempts to mount all local file systems and start some important system services. However, it does not activate network interfaces or allow more users to be logged into the system at the same time.

Procedure

  1. On the GRUB boot screen, press the e key for edit.
  2. Add the following parameter at the end of the linux line:

    systemd.unit=rescue.target
    Booting to Rescue Mode
  3. Press Ctrl+x to boot to rescue mode.

    Booting to Rescue Mode

6.4. Booting to emergency mode

Emergency mode provides the most minimal environment possible in which you can repair your system even in situations when the system is unable to enter rescue mode.

In emergency mode, the system:

  • mounts the root file system only for reading
  • starts a few essential services

However, the system does not:

  • attempt to mount any other local file systems
  • activate network interfaces

Procedure

  1. On the GRUB boot screen, press the e key for edit.
  2. Add the following parameter at the end of the linux line:

    systemd.unit=emergency.target
    Booting to Emergency Mode
  3. Press Ctrl+x to boot to emergency mode.

    Booting to Emergency Mode

6.5. Booting to the debug shell

The systemd debug shell provides a shell prompt very early in the start-up process. Once in the debug shell, you can use the systemctl commands, such as systemctl list-jobs and systemctl list-units, to search for the cause of systemd related boot-up problems.

Procedure

  1. On the GRUB boot screen, press the e key for edit.
  2. Add the following parameter at the end of the linux line:

    systemd.debug-shell
    Booting to Rescue Mode
  3. Optional: Add the debug option.

    Note

    Adding the debug option to the kernel command line increases the number of log messages. For systemd, the kernel command-line option debug is now a shortcut for systemd.log_level=debug.

  4. Press Ctrl+x to boot to the debug shell.
Warning

Permanently enabling the debug shell is a security risk because there is no authentication required to use it. It is recommended to disable it when the debugging session has ended.

6.6. Connecting to the debug shell

During the boot process, the systemd-debug-generator configures the debug shell on TTY9.

Prerequisites

Procedure

  1. Press Ctrl+Alt+F9 to connect to the debug shell.

    If you work with a virtual machine, sending this key combination requires support from the virtualization application. For example, if you use Virtual Machine Manager, select Send Key Ctrl+Alt+F9 from the menu.

  2. The debug shell does not require authentication, therefore you can see a prompt similar to the following on TTY9:
sh-4.4#

Verification

  • Enter a command as follows:

    sh-4.4# systemctl status $$
    Connecting to the Debug Shell
  • To return to the default shell, if the boot succeeded, press Ctrl+Alt+F1.

Additional resources

  • The systemd-debug-generator(8) manual page

6.7. Resetting the root password using an installation disk

In case you forget or lose the root password, you can reset it.

Procedure

  1. Boot the host from an installation source.
  2. In the boot menu for the installation media, select the Troubleshooting option.

    RHEL Anaconda Installer screen with the Troubleshooting option selected
  3. In the Troubleshooting menu, select the Rescue a Red Hat Enterprise Linux system option.

    Troubleshooting screen with the Rescue option selected
  4. At the Rescue menu, select 1 and press the Enter key to continue.

    Rescue screen prompting you to continue and mount the target host under /mnt/sysimage
  5. Change the file system root as follows:

    sh-4.4# chroot /mnt/sysimage
    Change the file system root
  6. Enter the passwd command and follow the instructions displayed on the command line to change the root password.

    Resetting the Root Password
  7. Remove the autorelable file to prevent a time consuming SELinux relabel of the disk:

    sh-4.4# rm -f /.autorelabel
  8. Enter the exit command to exit the chroot environment.
  9. Enter the exit command again to resume the initialization and finish the system boot.

6.8. Resetting the root password using rd.break

In case you forget or lose the root password, you can reset it.

Procedure

  1. Start the system and, on the GRUB boot screen, press the e key for edit.
  2. Add the rd.break parameter at the end of the linux line:

    Resetting the Root Password
  3. Press Ctrl+x to boot the system with the changed parameters.

    Resetting the Root Password
  4. Remount the file system as writable.

    switch_root:/# mount -o remount,rw /sysroot
  5. Change the file system’s root.

    switch_root:/# chroot /sysroot
  6. Enter the passwd command and follow the instructions displayed on the command line.

    Resetting the Root Password
  7. Relabel all files on the next system boot.

    sh-4.4# touch /.autorelabel
  8. Remount the file system as read only:

    sh-4.4# mount -o remount,ro /
  9. Enter the exit command to exit the chroot environment.
  10. Enter the exit command again to resume the initialization and finish the system boot.

    Note

    The SELinux relabeling process can take a long time. A system reboot occurs automatically when the process is complete.

Tip

You can omit the time consuming SELinux relabeling process by adding the enforcing=0 option.

Procedure

  1. When adding the rd.break parameter at the end of the linux line, append enforcing=0 as well.

    rd.break enforcing=0
  2. Restore the /etc/shadow file’s SELinux security context.

    # restorecon /etc/shadow
  3. Turn SELinux policy enforcement back on and verify that it is on.

    # setenforce 1
    # getenforce
    Enforcing

Note that if you added the enforcing=0 option in step 3 you can omit entering the touch /.autorelabel command in step 8.

6.9. Additional resources

  • The /usr/share/doc/grub2-common directory.
  • The info grub2 command.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.