- Kernel Architecture
- The Boot Process
- Kernel Modules
- sysctl β Runtime Kernel Parameters
- initramfs / initrd
- System Calls
- The init System (PID 1)
- Practice Exercises
The Linux kernel is monolithic β all core services run in kernel space as a single binary.
ββββββββββββββββββββββββββββββββββββββββββββββββββ
β USER SPACE β
β Applications β Libraries β System Call API β
ββββββββββββββββββββββββββββββββββββββββββββββββββ€
β KERNEL SPACE β
β ββββββββββββββββββββββββββββββββββββββββββββ β
β β System Call Interface β β
β ββββββββββ¬βββββββββ¬βββββββββ¬ββββββββββββββββ€ β
β β VFS βProcess β Memory β Network β β
β β(Virtualβ Sched β Mgmt β Stack β β
β β FS) β β β β β
β ββββββββββ΄βββββββββ΄βββββββββ΄ββββββββββββββββ€ β
β β Device Drivers (modules) β β
β ββββββββββββββββββββββββββββββββββββββββββββ€ β
β β Architecture-Dependent Code (x86, ARM) β β
β ββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββ€
β HARDWARE β
ββββββββββββββββββββββββββββββββββββββββββββββββββ
| Subsystem | Role |
|---|---|
| Process Scheduler | Decides which process runs on which CPU core |
| Memory Manager | Virtual memory, paging, OOM killer |
| VFS | Abstraction layer over all filesystems |
| Network Stack | TCP/IP, sockets, netfilter |
| Device Drivers | Hardware communication (loaded as modules) |
| IPC | Inter-process communication (pipes, signals, sockets) |
# Kernel information
uname -r # Kernel version (e.g., 6.8.0-41-generic)
uname -a # All system info
cat /proc/version # Kernel build details
cat /proc/cmdline # Boot parameters1. BIOS/UEFI
ββ POST (Power-On Self-Test)
ββ Find boot device
2. Bootloader (GRUB)
ββ Load kernel + initramfs into memory
ββ Pass boot parameters to kernel
3. Kernel
ββ Decompress itself
ββ Initialize hardware, memory, CPU
ββ Mount initramfs as temporary root
ββ Execute /init from initramfs
4. initramfs
ββ Load necessary drivers (disk, filesystem)
ββ Find and mount real root filesystem
ββ pivot_root to real filesystem
5. Init System (systemd, PID 1)
ββ Mount filesystems from /etc/fstab
ββ Start services (networking, SSH, etc.)
ββ Reach default target (multi-user or graphical)
ββ Display login prompt
# GRUB config
cat /boot/grub/grub.cfg # Generated config (don't edit!)
cat /etc/default/grub # User settings
# Edit GRUB settings
sudo vim /etc/default/grub
# GRUB_TIMEOUT=5
# GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
# GRUB_CMDLINE_LINUX=""
# Rebuild GRUB config
sudo update-grub # Debian/Ubuntu
sudo grub2-mkconfig -o /boot/grub2/grub.cfg # RHEL/Fedora
# Reinstall GRUB (boot repair)
sudo grub-install /dev/sda
sudo update-grubModules are pieces of kernel code loaded on demand (like drivers).
# List loaded modules
lsmod
lsmod | grep usb
# Module info
modinfo ext4
modinfo nvidia
# Load a module
sudo modprobe vfat # Load FAT filesystem module
sudo modprobe -v snd-hda-intel # Verbose load
# Unload a module
sudo modprobe -r vfat # Remove module
sudo rmmod vfat # Alternative
# Load module at boot β add to:
echo "vfat" | sudo tee /etc/modules-load.d/vfat.conf
# Blacklist a module (prevent loading)
echo "blacklist nouveau" | sudo tee /etc/modprobe.d/blacklist-nouveau.conf
sudo update-initramfs -u # Rebuild initramfs
# Module parameters
modinfo i915 | grep parm # Show available parameters
echo "options i915 enable_guc=3" | sudo tee /etc/modprobe.d/i915.conf
# Module dependencies
modprobe --show-depends ext4# View all parameters
sysctl -a
# View specific parameter
sysctl net.ipv4.ip_forward
sysctl vm.swappiness
# Set temporarily (until reboot)
sudo sysctl -w net.ipv4.ip_forward=1
sudo sysctl -w vm.swappiness=10
# Set permanently
echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p # Reload
# Or use drop-in files
echo "vm.swappiness = 10" | sudo tee /etc/sysctl.d/99-custom.conf
sudo sysctl --system # Reload all| Parameter | Description | Default |
|---|---|---|
vm.swappiness |
How aggressively to use swap | 60 |
net.ipv4.ip_forward |
Enable IP forwarding (routing) | 0 |
net.core.somaxconn |
Max socket connections queue | 4096 |
fs.file-max |
Max open files system-wide | 9223372036854775807 |
fs.inotify.max_user_watches |
Max inotify watches | 8192 |
The initramfs is a temporary root filesystem loaded into RAM during boot, before the real root is mounted.
# View current initramfs
ls -la /boot/initrd.img*
# List contents
lsinitramfs /boot/initrd.img-$(uname -r)
# Rebuild initramfs
sudo update-initramfs -u # Update current kernel
sudo update-initramfs -u -k all # Update all kernels
sudo mkinitramfs -o /boot/initrd.img-$(uname -r) # Manual rebuild
# Dracut (RHEL/Fedora)
sudo dracut --forceSystem calls are the API between user space and kernel space.
# Trace system calls of a command
strace ls /tmp # See all syscalls ls makes
strace -c ls /tmp # Summary statistics
strace -e open,read,write ls # Filter specific syscalls
strace -p 1234 # Attach to running process
strace -f -e trace=network curl https://example.com # Network calls
# Common system calls
# open() β Open a file
# read() β Read from file descriptor
# write() β Write to file descriptor
# close() β Close file descriptor
# fork() β Create child process
# exec() β Execute a program
# mmap() β Map memory
# stat() β Get file info
# socket() β Create network socket# Check your init system
ps -p 1 -o comm= # systemd, init, or others
stat /proc/1/exe # Binary path
# systemd (modern standard)
systemctl list-units # All loaded units
systemctl list-unit-files # All available units
systemctl get-default # Default boot target
systemctl set-default multi-user.target # Boot to CLI
systemctl set-default graphical.target # Boot to GUI
# Boot targets (runlevels)
# multi-user.target = runlevel 3 (CLI)
# graphical.target = runlevel 5 (GUI)
# rescue.target = single user
# emergency.target = minimal shell- Kernel: Check your kernel version and when it was compiled
- Modules: List all loaded modules and find one related to your network
- modinfo: Get detailed info about the
ext4module - sysctl: Check and change the swappiness value
- strace: Trace the system calls of
cat /etc/hostname - Boot: Read
/proc/cmdlineto see your boot parameters - GRUB: Look at
/etc/default/grubsettings - initramfs: List the contents of your current initramfs
β Previous: Advanced Shell Scripting Β· π Home Β· Next: Systemd & Service Management β