[system-administrators-guide/21] Adding: Working with the GRUB 2 Boot Loader
stephenw
stephenw at fedoraproject.org
Wed Dec 10 22:25:12 UTC 2014
commit e4772a711ec3312e6c35b628919ad7e055405157
Author: Stephen Wadeley <swadeley at redhat.com>
Date: Wed Dec 10 23:24:26 2014 +0100
Adding: Working with the GRUB 2 Boot Loader
en-US/System_Administrators_Guide.xml | 1 +
en-US/Working_with_the_GRUB_2_Boot_Loader.xml | 883 +++++++++++++++++++++++++
2 files changed, 884 insertions(+), 0 deletions(-)
---
diff --git a/en-US/System_Administrators_Guide.xml b/en-US/System_Administrators_Guide.xml
index 93b369c..30a1d74 100644
--- a/en-US/System_Administrators_Guide.xml
+++ b/en-US/System_Administrators_Guide.xml
@@ -75,6 +75,7 @@
This part covers various tools that assist administrators with kernel customization.
</para>
</partintro>
+ <xi:include href="Working_with_the_GRUB_2_Boot_Loader.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Manually_Upgrading_the_Kernel.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Working_with_Kernel_Modules.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
diff --git a/en-US/Working_with_the_GRUB_2_Boot_Loader.xml b/en-US/Working_with_the_GRUB_2_Boot_Loader.xml
new file mode 100644
index 0000000..1e81667
--- /dev/null
+++ b/en-US/Working_with_the_GRUB_2_Boot_Loader.xml
@@ -0,0 +1,883 @@
+<?xml version='1.0'?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<chapter
+ id="ch-Working_with_the_GRUB_2_Boot_Loader">
+ <title>Working with the GRUB 2 Boot Loader</title>
+ <indexterm>
+ <primary>GRUB 2</primary>
+ <secondary>configuring GRUB 2</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>GRUB 2</primary>
+ <secondary>reinstalling GRUB 2</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>GRUB 2</primary>
+ <secondary>customizing GRUB 2</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>boot loader</primary>
+ <secondary>GRUB 2 boot loader</secondary>
+ </indexterm>
+
+ <para>
+ &MAJOROSVER; is distributed with the GNU GRand Unified Boot loader (GRUB) version 2 boot loader, which allows the user to select an operating system or kernel to be loaded at system boot time. GRUB 2 also allows the user to pass arguments to the kernel.
+ </para>
+
+ <section id="sec-Configuring_the_GRUB_2_Boot_Loader">
+ <title>Configuring the GRUB 2 Boot Loader</title>
+ <para>
+ GRUB 2 reads its configuration from the <filename>/boot/grub2/grub.cfg</filename> file on traditional BIOS-based machines and from the <filename>/boot/efi/EFI/redhat/grub.cfg</filename> file on UEFI machines. This file contains menu information, however, it is not supposed to be edited as it is generated by the <application>/usr/sbin/grub2-mkconfig</application> utility based on Linux kernels located in the <filename class="directory">/boot/</filename> directory, template files located in <filename class="directory">/etc/grub.d/</filename>, and custom settings in the <filename>/etc/default/grub</filename> file. Any manual edits could therefore cause the changes to be lost during updates. The GRUB 2 configuration file, <filename>grub.cfg</filename>, is automatically updated each time a new kernel is installed. Note that any changes to <filename>/etc/default/grub</filename> require rebuilding the <filename>grub.cfg</filename> file. To update the GRUB 2 configuration file m
anually, use the <command>grub2-mkconfig <option>-o</option></command> command as follows:
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ Among various code snippets and directives, the <filename>grub.cfg</filename> configuration file contains one or more <literal>menuentry</literal> blocks, each representing a single GRUB 2 boot menu entry. These blocks always start with the <literal>menuentry</literal> keyword followed by a title, list of options, and an opening curly bracket, and end with a closing curly bracket. Anything between the opening and closing bracket should be indented. For example, the following is a sample <literal>menuentry</literal> block for &MAJOROSVER; with Linux kernel 3.17.4-301.fc21.x86_64:
+ </para>
+
+<programlisting>
+menuentry 'Fedora, with Linux 3.17.4-301.fc21.x86_64' --class fedora --class gnu-linux --class gnu --class os --unrestricted $menuentry_id_option 'gnulinux-3.17.4-301.fc21.x86_64-advanced-effee860-8d55-4e4a-995e-b4c88f9ac9f0' {
+ load_video
+ set gfxpayload=keep
+ insmod gzio
+ insmod part_msdos
+ insmod ext2
+ set root='hd0,msdos1'
+ if [ x$feature_platform_search_hint = xy ]; then
+ search --no-floppy --fs-uuid --set=root --hint='hd0,msdos1' f19c92f4-9ead-4207-b46a-723b7a2c51c8
+ else
+ search --no-floppy --fs-uuid --set=root f19c92f4-9ead-4207-b46a-723b7a2c51c8
+ fi
+ linux16 /vmlinuz-3.17.4-301.fc21.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/swap rd.lvm.lv=fedora/root rhgb quiet LANG=en_US.UTF-8
+ initrd16 /initramfs-3.17.4-301.fc21.x86_64.img
+}
+</programlisting>
+
+ <para>
+ Each <literal>menuentry</literal> block that represents an installed Linux kernel contains <literal>linux</literal> on 64-bit IBM POWER Series, <literal>linux16</literal> on x86_64 BIOS-based systems, and <literal>linuxefi</literal> on UEFI-based systems. Then the <literal>initrd</literal> directives followed by the path to the kernel and the <systemitem>initramfs</systemitem> image respectively. If a separate <filename>/boot</filename> partition was created, the paths to the kernel and the <systemitem>initramfs</systemitem> image are relative to <filename>/boot</filename>. In the example above, the <literal>initrd /initramfs-3.8.0-0.40.el7.x86_64.img</literal> line means that the <systemitem>initramfs</systemitem> image is actually located at <filename>/boot/initramfs-3.8.0-0.40.el7.x86_64.img</filename> when the root file system is mounted, and likewise for the kernel path.
+ </para>
+ <para>
+ The kernel version number as given on the <literal>linux16 /vmlinuz-kernel_version</literal> line must match the version number of the <systemitem>initramfs</systemitem> image given on the <literal>initrd /initramfs-kernel_version.img</literal> line of each <literal>menuentry</literal> block. For more information on how to verify the initial RAM disk image, see <xref
+ linkend="sec-Verifying_the_Initial_RAM_Disk_Image"/>.
+ </para>
+
+ <note>
+ <!--<title>The initrd directive in grub.cfg refers to an initramfs image</title>-->
+ <para>
+ In <literal>menuentry</literal> blocks, the <computeroutput>initrd</computeroutput> directive must point to the location (relative to the <filename class="directory">/boot/</filename> directory if it is on a separate partition) of the <filename>initramfs</filename> file corresponding to the same kernel version. This directive is called <literal>initrd</literal> because the previous tool which created initial RAM disk images, <command>mkinitrd</command>, created what were known as <systemitem class="filesystem">initrd</systemitem> files. The <filename>grub.cfg</filename> directive remains <systemitem class="filesystem">initrd</systemitem> to maintain compatibility with other tools. The file-naming convention of systems using the <command>dracut</command> utility to create the initial RAM disk image is <filename>initramfs-<replaceable>kernel_version</replaceable>.img</filename>.
+ </para>
+ <para>
+ For information on using <application>Dracut</application>, see <xref linkend="sec-Verifying_the_Initial_RAM_Disk_Image" />.
+ </para>
+ </note>
+ </section>
+
+ <section id="sec-Customizing_GRUB_2_Menu">
+ <title>Customizing GRUB 2 Menu</title>
+ <para>
+ GRUB 2 scripts search the user's computer and build a boot menu based on what operating systems the scripts find. To reflect the latest system boot options, the boot menu is rebuilt automatically when the kernel is updated or a new kernel is added.
+ </para>
+ <para>
+ However, users may want to build a menu containing specific entries or to have the entries in a specific order. GRUB 2 allows basic customization of the boot menu to give users control of what actually appears on the screen.
+ </para>
+ <para>
+ GRUB 2 uses a series of scripts to build the menu; these are located in the <filename class="directory">/etc/grub.d/</filename> directory. The following files are included:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <filename>00_header</filename>, which loads GRUB 2 settings from the <filename>/etc/default/grub</filename> file.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>01_users</filename>, which is created only when a boot loader password is assigned in <application>kickstart</application>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>10_linux</filename>, which locates kernels in the default partition of Fedora.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>30_os-prober</filename>, which builds entries for operating systems found on other partitions.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>40_custom</filename>, a template, which can be used to create additional menu entries.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ Scripts from the <filename class="directory">/etc/grub.d/</filename> directory are read in alphabetical order and can be therefore renamed to change the boot order of specific menu entries.
+ </para>
+ <important>
+ <!--<title>Causing the GRUB 2 boot menu to display</title>-->
+ <para>
+ With the <option>GRUB_TIMEOUT</option> key set to <literal>0</literal> in the <filename>/etc/default/grub</filename> file, GRUB 2 does not display the list of bootable kernels when the system starts up. In order to display this list when booting, press and hold any alphanumeric key when the BIOS information is displayed; GRUB 2 will present you with the GRUB menu.
+ </para>
+ </important>
+ <section id="sec-Changing_the_Default_Boot_Entry">
+ <title>Changing the Default Boot Entry</title>
+ <para>
+ By default, the key for the <literal>GRUB_DEFAULT</literal> directive in the <filename>/etc/default/grub</filename> file is the word <literal>saved</literal>. This instructs GRUB 2 to load the kernel specified by the <option>saved_entry</option> directive in the GRUB 2 environment file, located at <filename>/boot/grub2/grubenv</filename>. You can set another GRUB record to be the default, using the <command>grub2-set-default</command> command, which will update the GRUB 2 environment file.</para>
+ <para>
+ By default, the <option>saved_entry</option> value is set to the name of latest installed kernel of package type <package>kernel</package>. This is defined in <filename>/etc/sysconfig/kernel</filename> by the <literal>UPDATEDEFAULT</literal> and <literal>DEFAULTKERNEL</literal> directives. The file can be viewed by the <systemitem class="username">root</systemitem> user as follows:
+ <screen>~]# <command>cat /etc/sysconfig/kernel</command>
+# UPDATEDEFAULT specifies if new-kernel-pkg should make
+# new kernels the default
+UPDATEDEFAULT=yes
+
+# DEFAULTKERNEL specifies the default kernel package type
+DEFAULTKERNEL=kernel-core</screen>
+The <literal>DEFAULTKERNEL</literal> directive specifies what package type will be used as the default. Installing a package of type <package>kernel-debug</package> will not change the default kernel while the <literal>DEFAULTKERNEL</literal> is set to package type <package>kernel</package>.
+ </para>
+ <para>
+ GRUB 2 supports using a numeric value as the key for the <option>saved_entry</option> directive to change the default order in which the operating systems are loaded. To specify which operating system should be loaded first, pass its number to the <command>grub2-set-default</command> command. For example:
+ </para>
+<screen>~]# <command>grub2-set-default</command> <literal>2</literal></screen>
+ <para>
+ Note that the position of a menu entry in the list is denoted by a number starting with zero; therefore, in the example above, the third entry will be loaded. This value will be over-written by the name of the next kernel to be installed.
+ </para>
+ <para>
+ To force a system to always use a particular menu entry, use the menu entry name as the key to the <literal>GRUB_DEFAULT</literal> directive in the <filename>/etc/default/grub</filename> file. To list the available menu entries, run the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg</command></screen>
+ Changes to <filename>/etc/default/grub</filename> require rebuilding the <filename>grub.cfg</filename> file as follows:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section id="sec-Editing_an_Entry">
+ <title>Editing an Entry</title>
+ <bridgehead>Kernel Parameters</bridgehead>
+ <para>
+ To use a kernel parameter only during a single boot process, when the GRUB 2 boot menu appears, move the cursor to the kernel you want to start, and press the <keycap>e</keycap> key to edit the kernel parameters. For example, to run the system in emergency mode, add the <emphasis>emergency</emphasis> parameter at the end of the <literal>linux16</literal> line:
+ </para>
+<screen>linux16 /vmlinuz-3.17.4-301.fc21.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/swap rd.lvm.lv=fedora/root rhgb quiet LANG=en_US.UTF-8 emergency</screen>
+ <para>
+ These settings are not persistent and apply only for a single boot. To make the settings persistent, edit values of the <systemitem>GRUB_CMDLINE_LINUX</systemitem> key in the <filename>/etc/default/grub</filename> file. For example, if you want to enable emergency mode for each boot, use:
+ </para>
+<screen>GRUB_CMDLINE_LINUX="emergency"</screen>
+ <para>
+ Note that you can specify multiple parameters for the <systemitem>GRUB_CMDLINE_LINUX</systemitem> key, similarly to adding the parameters in the GRUB 2 boot menu. For example: <remark></remark>
+ <synopsis>GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,9600n8"</synopsis>
+Where <option>console=tty0</option> is the first virtual terminal and <option>console=ttyS0</option> is the serial terminal to be used.
+ </para>
+ <para>
+ Changes to <filename>/etc/default/grub</filename> require rebuilding the <filename>grub.cfg</filename> file as follows:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section id="sec-Adding_a_new_Entry">
+ <title>Adding a new Entry</title>
+ <para>
+ When executing the <command>grub2-mkconfig</command> command, GRUB 2 searches for Linux kernels and other operating systems based on the files located in the <filename class="directory">/etc/grub.d/</filename> directory. The <filename>/etc/grub.d/10_linux</filename> script searches for installed Linux kernels on the same partition. The <filename>/etc/grub.d/30_os-prober</filename> script searches for other operating systems. Menu entries are also automatically added to the boot menu when updating the kernel.
+ </para>
+ <para>
+ The <filename>40_custom</filename> file located in the <filename class="directory">/etc/grub.d/</filename> directory is a template for custom entries and looks as follows:
+ </para>
+<programlisting language="Bash">#!/bin/sh
+exec tail -n +3 $0
+# This file provides an easy way to add custom menu entries. Simply type the
+# menu entries you want to add after this comment. Be careful not to change
+# the 'exec tail' line above.</programlisting>
+ <para>
+ This file can be edited or copied. Note that as a minimum, a valid menu entry must include at least the following:
+ </para>
+<screen><emphasis role="strong">menuentry</emphasis> "<Title>"<emphasis role="strong">{</emphasis>
+<Data>
+<emphasis role="strong">}</emphasis></screen>
+ </section>
+ <section id="sec-Using_only_a_Custom_Menu">
+ <title>Creating a Custom Menu</title>
+
+ <para>
+ If you do not want menu entries to be updated automatically, you can create a custom menu.
+ </para>
+ <important>
+ <!--<title>Backup of /etc/grub.d/</title>-->
+ <para>
+ Before proceeding, back up the contents of the <filename class="directory">/etc/grub.d/</filename> directory in case you need to revert the changes later.
+ </para>
+ </important>
+ <note>
+ <para>
+ Note that modifying the <filename>/etc/default/grub</filename> file does not have any effect on creating custom menus.
+ </para>
+ </note>
+ <procedure>
+ <step>
+ <para>
+ On BIOS-based machines, copy the contents of <filename>/boot/grub2/grub.cfg</filename>, or, on UEFI machines, copy the contents of <filename>/boot/efi/EFI/redhat/grub.cfg</filename>. Put the content of the <filename>grub.cfg</filename> into the <filename>/etc/grub.d/40_custom</filename> file below the existing header lines. The executable part of the <filename>40_custom</filename> script has to be preserved.
+ </para>
+ </step>
+ <step>
+ <para>
+ From the content put into the <filename>/etc/grub.d/40_custom</filename> file, only the <literal>menuentry</literal> blocks are needed to create the custom menu. The <filename>/boot/grub2/grub.cfg</filename> and <filename>/boot/efi/EFI/redhat/grub.cfg</filename> files might contain function specifications and other content above and below the <literal>menuentry</literal> blocks. If you put these unnecessary lines into the <filename>40_custom</filename> file in the previous step, erase them.
+ </para>
+ <para>
+ This is an example of a custom <filename>40_custom</filename> script:
+ </para>
+<programlisting language="Bash">#!/bin/sh
+exec tail -n +3 $0
+# This file provides an easy way to add custom menu entries. Simply type the
+# menu entries you want to add after this comment. Be careful not to change
+# the 'exec tail' line above.
+
+menuentry 'First custom entry' --class red --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-3.10.0-67.el7.x86_64-advanced-32782dd0-4b47-4d56-a740-2076ab5e5976' {
+ load_video
+ set gfxpayload=keep
+ insmod gzio
+ insmod part_msdos
+ insmod xfs
+ set root='hd0,msdos1'
+ if [ x$feature_platform_search_hint = xy ]; then
+ search --no-floppy --fs-uuid --set=root --hint='hd0,msdos1' 7885bba1-8aa7-4e5d-a7ad-821f4f52170a
+ else
+ search --no-floppy --fs-uuid --set=root 7885bba1-8aa7-4e5d-a7ad-821f4f52170a
+ fi
+ linux16 /vmlinuz-3.10.0-67.el7.x86_64 root=/dev/mapper/rhel-root ro rd.lvm.lv=rhel/root vconsole.font=latarcyrheb-sun16 rd.lvm.lv=rhel/swap vconsole.keymap=us crashkernel=auto rhgb quiet LANG=en_US.UTF-8
+ initrd16 /initramfs-3.10.0-67.el7.x86_64.img
+}
+menuentry 'Second custom entry' --class red --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-0-rescue-07f43f20a54c4ce8ada8b70d33fd001c-advanced-32782dd0-4b47-4d56-a740-2076ab5e5976' {
+ load_video
+ insmod gzio
+ insmod part_msdos
+ insmod xfs
+ set root='hd0,msdos1'
+ if [ x$feature_platform_search_hint = xy ]; then
+ search --no-floppy --fs-uuid --set=root --hint='hd0,msdos1' 7885bba1-8aa7-4e5d-a7ad-821f4f52170a
+ else
+ search --no-floppy --fs-uuid --set=root 7885bba1-8aa7-4e5d-a7ad-821f4f52170a
+ fi
+ linux16 /vmlinuz-0-rescue-07f43f20a54c4ce8ada8b70d33fd001c root=/dev/mapper/rhel-root ro rd.lvm.lv=rhel/root vconsole.font=latarcyrheb-sun16 rd.lvm.lv=rhel/swap vconsole.keymap=us crashkernel=auto rhgb quiet
+ initrd16 /initramfs-0-rescue-07f43f20a54c4ce8ada8b70d33fd001c.img
+}</programlisting>
+ </step>
+ <step>
+ <para>
+ Remove all files from the <filename class="directory">/etc/grub.d</filename> directory except the following:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <filename>00_header</filename>,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>40_custom</filename>,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>01_users</filename> (if it exists),
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ and <filename>README</filename>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ Alternatively, if you want to keep the files in the <filename class="directory">/etc/grub2.d/</filename> directory, make them unexecutable by running the <command>chmod <option>a-x</option> <file_name></command> command.
+ </para>
+ </step>
+ <step>
+ <para>
+ Edit, add, or remove menu entries in the <filename>40_custom</filename> file as desired.
+ </para>
+ </step>
+ <step>
+ <para>
+ Update the <filename>grub.cfg</filename> file by running the <command>grub2-mkconfig <option>-o</option></command> command as follows:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </step>
+ </procedure>
+ </section>
+ </section>
+ <section id="sec-GRUB_2_Password_Protection">
+ <title>GRUB 2 Password Protection</title>
+ <para>
+ GRUB 2 supports both plain-text and encrypted passwords in the GRUB 2 template files. To enable the use of passwords, specify a superuser who can reach the protected entries. Other users can be specified to access these entries as well. Menu entries can be password-protected for booting by adding one or more users to the menu entry as described in <xref linkend="sec-Setting_Up_Users_and_Password_Protection_Specifying_Menu_Entries" />. To use encrypted passwords, see <xref linkend="sec-Password_Encryption" />.</para>
+ <para>
+ All menu entries can be password-protected against changes by setting superusers, which can be done in the <filename>/etc/grub.d/00_header</filename> or the <filename>/etc/grub.d/01_users</filename> file. The <filename>00_header</filename> file is very complicated and, if possible, avoid making modifications in this file. Menu entries should be placed in the <filename>/etc/grub.d/40_custom</filename> and users in the <filename>/etc/grub.d/01_users</filename> file. The <filename>01_users</filename> file is generated by the installation application <application>anaconda</application> when a grub boot loader password is used in a <application>kickstart</application> template (but it should be created and used it if it does not exist). Examples in this section adopt this policy.
+ </para>
+
+ <section id="sec-Setting_Up_Users_and_Password_Protection_Specifying_Menu_Entries">
+ <title>Setting Up Users and Password Protection, Specifying Menu Entries</title>
+
+ <procedure>
+ <step>
+ <para>
+ To specify a superuser, add the following lines in the <filename>/etc/grub.d/01_users</filename> file, where <systemitem class="username">john</systemitem> is the name of the user designated as the superuser, and <literal>johnspassword</literal> is the superuser's password:
+ </para>
+<screen>cat <<EOF
+set superusers="john"
+password john johnspassword
+EOF</screen>
+ </step>
+ <step>
+ <para>
+ To allow other users to access the menu entries, add additional lines per user at the end of the <filename>/etc/grub.d/01_users</filename> file.
+ </para>
+<screen>cat <<EOF
+set superusers="john"
+password john johnspassword
+password jane janespassword
+EOF</screen>
+ </step>
+ <step>
+ <para>
+ When the users and passwords are set up, specify the menu entries that should be password-protected in the <filename>/etc/grub.d/40_custom</filename> file in a similar fashion to the following:
+ </para>
+
+<screen>
+menuentry 'Red Hat Enterprise Linux Server' --unrestricted {
+set root=(hd0,msdos1)
+linux /vmlinuz
+}
+
+menuentry 'Fedora' --users jane {
+set root=(hd0,msdos2)
+linux /vmlinuz
+}
+
+menuentry 'Red Hat Enterprise Linux Workstation' {
+set root=(hd0,msdos3)
+linux /vmlinuz
+}</screen>
+</step>
+</procedure>
+ <para>
+ In the above example:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <systemitem class="username">john</systemitem> is the <literal>superuser</literal> and can therefore boot any menu entry, use the GRUB 2 command line, and edit items of the GRUB 2 menu during boot. In this case, <systemitem class="username">john</systemitem> can access both Red Hat Enterprise Linux Server, Fedora, and Red Hat Enterprise Linux Workstation. Note that only <systemitem class="username">john</systemitem> can access Red Hat Enterprise Linux Workstation because neither the <option>--users</option> nor <option>--unrestricted</option> options have been used.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ User <systemitem class="username">jane</systemitem> can boot Fedora since she was granted the permission in the configuration.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Anyone can boot Red Hat Enterprise Linux Server, because of the <option>--unrestricted</option> option, but only <systemitem class="username">john</systemitem> can edit the menu entry as a superuser has been defined. When a superuser is defined then all records are protected against unauthorized changes and all records are protected for booting if they do <emphasis role="bold">not</emphasis> have the <option>--unrestricted</option> parameter</para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ </para>
+
+ <para>
+ If you do not specify a user for a menu entry, or make use of the <option>--unrestricted</option> option, then only the superuser will have access to the system.
+ </para>
+
+ <para>
+ After you have made changes in the template file the GRUB 2 configuration file must be updated.
+ </para>
+
+ <para>
+ Update the <filename>grub.cfg</filename> file by running the <command>grub2-mkconfig <option>-o</option></command> command as follows:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+
+
+ </section>
+
+ <section id="sec-Password_Encryption">
+ <title>Password Encryption</title>
+ <para>
+ By default, passwords are saved in plain text in GRUB 2 scripts. Although the files cannot be accessed on boot without the correct password, security can be improved by encrypting the password using the <command>grub2-mkpasswd-pbkdf2</command> command. This command converts a desired password into a long hash, which is placed in the GRUB 2 scripts instead of the plain-text password.
+ </para>
+
+ <procedure>
+ <step>
+ <para>
+ To generate an encrypted password, run the <command>grub2-mkpasswd-pbkdf2</command> command on the command line as <systemitem class="username">root</systemitem>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Enter the desired password when prompted and repeat it. The command then outputs your password in an encrypted form.
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy the hash, and paste it in the template file where you configured the users, that is, either in <filename>/etc/grub.d/01_users</filename> or <filename>/etc/grub.d/40_custom</filename>.</para>
+ <para>
+ The following format applies for the <filename>01_users</filename> file:
+
+<screen>cat <<EOF
+set superusers="john"
+password_pbkdf2 john grub.pbkdf2.sha512.10000.19074739ED80F115963D984BDCB35AA671C24325755377C3E9B014D862DA6ACC77BC110EED41822800A87FD3700C037320E51E9326188D53247EC0722DDF15FC.C56EC0738911AD86CEA55546139FEBC366A393DF9785A8F44D3E51BF09DB980BAFEF85281CBBC56778D8B19DC94833EA8342F7D73E3A1AA30B205091F1015A85
+EOF</screen>
+</para>
+ <para>
+ The following format applies for the <filename>40_custom</filename> file:
+
+<screen>set superusers="john"
+password_pbkdf2 john grub.pbkdf2.sha512.10000.19074739ED80F115963D984BDCB35AA671C24325755377C3E9B014D862DA6ACC77BC110EED41822800A87FD3700C037320E51E9326188D53247EC0722DDF15FC.C56EC0738911AD86CEA55546139FEBC366A393DF9785A8F44D3E51BF09DB980BAFEF85281CBBC56778D8B19DC94833EA8342F7D73E3A1AA30B205091F1015A85</screen>
+</para>
+ </step>
+ </procedure>
+ <warning>
+ <para>
+ If you do not use the correct format, or modify the configuration in an incorrect way, you might be unable to boot your system.
+ </para>
+ </warning>
+ </section>
+ </section>
+
+ <section id="sec-Reinstalling_GRUB_2">
+ <title>Reinstalling GRUB 2</title>
+ <para>
+ Reinstalling GRUB 2 might be a useful and easier way to fix certain problems usually caused by an incorrect installation of GRUB 2, missing files, or a broken system. Other reasons to reinstall GRUB 2 include the following:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Upgrading from the previous version of GRUB.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The user requires the GRUB 2 boot loader to control installed operating systems. However, some operating systems are installed with their own boot loaders. Reinstalling GRUB 2 returns control to the desired operating system.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Adding the boot information to another drive.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <section id="sec-Using_the_grub2-install_Command">
+ <title>Using the grub2-install Command</title>
+ <para>
+ When using the <command>grub2-install</command> command, the boot information is updated and missing files are restored. Note that the files are restored only if they are not corrupted. If the <filename class="directory">/boot/grub2/</filename> directory is missing, it will be recreated.
+ </para>
+ <para>
+ Use the <command>grub2-install <device></command> command to reinstall GRUB 2 if the system is operating normally. For example:
+ </para>
+
+<screen>~]# <command>grub2-install</command> <filename>/dev/sda</filename></screen>
+
+ <!-- <remark>grub2-install should be sufficient here</remark>
+ -->
+
+ </section>
+
+ <section id="sec-Resetting_and_Reinstalling_GRUB_2">
+ <title>Resetting and Reinstalling GRUB 2</title>
+ <para>
+ This method completely removes all GRUB 2 configuration files and system settings, and is therefore used when the user wants to reset all configuration setting to the default values. Removing of the configuration files and subsequent reinstalling of GRUB 2 fixes failures caused by corrupted files and incorrect configuration. To do so, as <systemitem class="username">root</systemitem>, follow these steps:
+ </para>
+ <procedure>
+
+ <step>
+ <para>
+ Run the <command>rm /etc/grub.d/*</command> command;
+ </para>
+ </step>
+ <step>
+ <para>
+ Run the <command>rm /etc/sysconfig/grub</command> command;
+ </para>
+ </step>
+ <step>
+ <para>
+ Run the <command>yum reinstall grub2-tools</command> command;
+ </para>
+ </step>
+ <step>
+ <para>
+ Update the <filename>grub.cfg</filename> file by running the <command>grub2-mkconfig <option>-o</option></command> command as follows:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </step>
+ <step>
+ <para>
+ Now follow the procedure in <xref linkend="sec-Using_the_grub2-install_Command" /> to restore GRUB2 on the <filename>/boot/</filename> partition.
+ </para>
+ </step>
+ </procedure>
+ </section>
+ </section>
+
+ <section id="sec-GRUB_2_over_Serial_Console">
+ <title>GRUB 2 over Serial Console</title>
+ <para>
+ If you use computers with no display or keyboard, it can be very useful to control the machines through serial communications.
+ </para>
+ <section id="sec-Configuring_GRUB_2">
+ <title>Configuring GRUB 2</title>
+ <para>
+ In order to use GRUB 2 over a serial line, add the following two lines in the <filename>/etc/default/grub</filename> file:
+ </para>
+<programlisting>
+GRUB_TERMINAL="serial"
+GRUB_SERIAL_COMMAND="serial --speed=9600 --unit=0 --word=8 --parity=no --stop=1"
+</programlisting>
+ <para>
+ The first line disables the graphical terminal. Note that specifying the <literal>GRUB_TERMINAL</literal> key overrides values of <literal>GRUB_TERMINAL_INPUT</literal> and <literal>GRUB_TERMINAL_OUTPUT</literal>. On the second line, adjust the baud rate, parity, and other values to fit your environment and hardware. A much higher baud rate, for example <literal>115200</literal>, is preferable for tasks such as following log files. Once you have completed the changes in the <filename>/etc/default/grub</filename> file, it is necessary to update the GRUB 2 configuration file.
+ </para>
+ <para>
+ Update the <filename>grub.cfg</filename> file by running the <command>grub2-mkconfig <option>-o</option></command> command as follows:</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ On BIOS-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/grub2/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On UEFI-based machines, issue the following command as <systemitem class="username">root</systemitem>:
+ <screen>~]# <command>grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</command></screen>
+ </para>
+ </listitem>
+ </itemizedlist>
+ <note><para>
+ This section explains configuring the grub terminal for access over a serial connection but an additional option must be added to the kernel definition to make that kernel monitor a serial connection. For example:
+ <synopsis>console=ttyS0,9600n8</synopsis>
+Where <option>console=ttyS0</option> is the serial terminal to be used, <option>9600</option> is the baud rate, <option>n</option> is for no party, and <option>8</option> is the word length in bits.
+
+For more information on adding kernel options, see <xref linkend="sec-Editing_an_Entry" />. For more information on serial console settings, see <ulink url="https://www.kernel.org/doc/Documentation/serial-console.txt"></ulink> </para>
+ </note>
+ </section>
+ <section id="sec-Using_screen_to_Connect_to_the_Serial_Console">
+ <title>Using screen to Connect to the Serial Console</title>
+ <para>
+ The <application>screen</application> tool serves as a capable serial terminal. To install it, run as <systemitem class="username">root</systemitem>:
+ </para>
+<screen>~]# <command>yum install screen</command></screen>
+ <para>
+ To connect to your machine using the serial console, run the following command:
+ </para>
+<screen>~]$ <command>screen</command> <filename>/dev/<console_port></filename></screen>
+ <para>
+ By default, if no option is specified, <application>screen</application> uses the standard 9600 baud rate. To set a different baud rate, run:
+ </para>
+<screen>~]$ <command>screen</command> <filename>/dev/<console_port></filename> <option>115200</option></screen>
+ <para>
+ To end the session in <application>screen</application>, press <keycap>Ctrl</keycap>+<keycap>a</keycap>, type <literal>:quit</literal> and press <keycap>Enter</keycap>.
+ </para>
+ <para>
+ See the <filename>screen(1)</filename> manual page for additional options and detailed information.
+ </para>
+ </section>
+
+ </section>
+ <section id="sec-Terminal_Menu_Editing_During_Boot">
+ <title>Terminal Menu Editing During Boot</title>
+ <para>
+ Menu entries can be modified and arguments passed to the kernel on boot. This is done using the menu entry editor interface, which is triggered when pressing the <keycap>e</keycap> key on a selected menu entry in the boot loader menu. The <keycap>Esc</keycap> key discards any changes and reloads the standard menu interface. The <keycap>c</keycap> key loads the command line interface.
+ </para>
+ <para>
+ The command line interface is the most basic GRUB interface, but it is also the one that grants the most control. The command line makes it possible to type any relevant GRUB commands followed by the <keycap>Enter</keycap> key to execute them. This interface features some advanced features similar to <application>shell</application>, including <keycap>Tab</keycap> key completion based on context, and <keycombo><keycap>Ctrl</keycap><keycap>a</keycap></keycombo> to move to the beginning of a line and <keycombo><keycap>Ctrl</keycap><keycap>e</keycap></keycombo> to move to the end of a line. In addition, the <keycap>arrow</keycap>, <keycap>Home</keycap>, <keycap>End</keycap>, and <keycap>Delete</keycap> keys work as they do in the bash shell.
+ </para>
+
+ <section id="sec-Booting_to_Rescue_Mode">
+ <title>Booting to Rescue Mode</title>
+ <para>
+ Rescue mode provides a convenient single-user environment and allows you to repair your system in situations when it is unable to complete a regular booting process. In rescue mode, the system attempts to mount all local file systems and start some important system services, but it does not activate network interfaces or allow more users to be logged into the system at the same time. In Fedora, rescue mode is equivalent to single user mode and requires the root password.
+ </para>
+ <procedure>
+ <step>
+ <para>
+ To enter rescue mode during boot, on the GRUB 2 boot screen, press the <keycap>e</keycap> key for edit.
+ </para>
+ </step>
+ <step>
+ <para>
+ Add the following parameter at the end of the <literal>linux</literal> line on 64-Bit IBM Power Series, the <literal>linux16</literal> line on x86-64 BIOS-based systems, or the <literal>linuxefi</literal> line on UEFI systems:
+ </para>
+<screen>systemd.unit=rescue.target</screen>
+<para>
+ Press <keycombo><keycap>Ctrl</keycap><keycap>a</keycap></keycombo> and <keycombo><keycap>Ctrl</keycap><keycap>e</keycap></keycombo> to jump to the start and end of the line, respectively. On some systems, <keycap>Home</keycap> and <keycap>End</keycap> might also work.
+</para>
+ <para>
+ Note that equivalent parameters, <parameter>1</parameter>, <parameter>s</parameter>, and <parameter>single</parameter>, can be passed to the kernel as well.
+ </para>
+ </step>
+ <step>
+ <para>
+ Press <keycombo><keycap>Ctrl</keycap><keycap>x</keycap></keycombo> to boot the system with the parameter.
+ </para>
+ </step>
+ </procedure>
+ </section>
+
+ <section id="sec-Booting_to_Emergency_Mode">
+ <title>Booting to Emergency Mode</title>
+ <para>
+ Emergency mode provides the most minimal environment possible and allows you to repair your system even in situations when the system is unable to enter rescue mode. In emergency mode, the system mounts the root file system only for reading, does not attempt to mount any other local file systems, does not activate network interfaces, and only starts few essential services. In Fedora, emergency mode requires the root password.
+ </para>
+ <procedure>
+ <step>
+ <para>
+ To enter emergency mode, on the GRUB 2 boot screen, press the <keycap>e</keycap> key for edit.
+ </para>
+ </step>
+ <step>
+ <para>
+ Add the following parameter at the end of the <literal>linux16</literal> line, or <literal>linuxefi</literal> on UEFI systems:
+ </para>
+<screen>systemd.unit=emergency.target</screen>
+<para>
+ Press <keycombo><keycap>Ctrl</keycap><keycap>a</keycap></keycombo> and <keycombo><keycap>Ctrl</keycap><keycap>e</keycap></keycombo> to jump to the start and end of the line, respectively. On some systems, <keycap>Home</keycap> and <keycap>End</keycap> might also work.
+</para>
+ <para>
+ Note that equivalent parameters, <parameter>emergency</parameter> and <parameter>-b</parameter>, can be passed to the kernel as well.
+ </para>
+ </step>
+ <step>
+ <para>
+ Press <keycombo><keycap>Ctrl</keycap><keycap>x</keycap></keycombo> to boot the system with the parameter.
+ </para>
+ </step>
+ </procedure>
+
+ </section>
+
+ <section id="sec-Recovering_Root_Password">
+ <title>Recovering Root Password</title>
+ <para>
+ Setting up the <systemitem class="username">root</systemitem> password is a mandatory part of the Fedora installation. If you forget or lose your password, it is possible to reset it.
+ </para>
+ <para>
+ Note that in GRUB 2, resetting the password is no longer performed in single-user mode as it was in GRUB included in Fedora 15 and Red Hat Enterprise Linux 6. The <systemitem class="username">root</systemitem> password is now required to operate in <literal>single-user</literal> mode as well as in <literal>emergency</literal> mode.
+ </para>
+ <procedure>
+ <title>Resetting the Root Password</title>
+ <step>
+ <para>
+ Start the system and, on the GRUB 2 boot screen, press the <keycap>e</keycap> key for edit.
+ </para>
+ </step>
+ <step>
+ <para>
+ Remove the <option>rhgb</option> and <option>quiet</option> parameters from the end, or near the end, of the <literal>linux16</literal> line, or <literal>linuxefi</literal> on UEFI systems.
+ </para>
+ <para>
+ Press <keycombo><keycap>Ctrl</keycap><keycap>a</keycap></keycombo> and <keycombo><keycap>Ctrl</keycap><keycap>e</keycap></keycombo> to jump to the start and end of the line, respectively. On some systems, <keycap>Home</keycap> and <keycap>End</keycap> might also work.
+</para>
+
+ <important>
+ <para>
+ The <option>rhgb</option> and <option>quiet</option> parameters must be removed in order to enable system messages.
+ </para>
+ </important>
+ </step>
+ <step>
+ <para>
+ Add the following parameter at the end of the <literal>linux16</literal> line, or <literal>linuxefi</literal> on UEFI systems:
+ </para>
+ <screen>init=/bin/sh</screen>
+ <para>
+ The Linux <package>kernel</package> will run the <application>/bin/sh</application> shell rather than the system <systemitem class="daemon">init</systemitem> daemon. Therefore, some functions may be limited or missing.
+ </para>
+ </step>
+ <step>
+ <para>
+ Press <keycombo><keycap>Ctrl</keycap><keycap>x</keycap></keycombo> to boot the system with the parameter.
+ </para>
+ <para>
+ The shell prompt appears.
+ </para>
+ </step>
+ <step>
+ <para>
+ <!-- Add this step as a result of https://bugzilla.redhat.com/show_bug.cgi?id=1045574#c11 -->
+ To preserve the SELinux context of the files that are to be modified, load the SELinux policy into the kernel. Use the <option>-i</option> option as this is the first time the policy is being loaded since boot:
+ <screen>~]# <command>/usr/sbin/load_policy -i</command></screen>
+ </para>
+ </step>
+ <step>
+ <para>
+ The file system is mounted read-only. You will not be allowed to change the password if the file system is not writable.
+ </para>
+ <para>
+ Remount the file system as writable:
+ <screen>~]# <command>mount -o remount, rw /</command></screen>
+ </para>
+ </step>
+ <step>
+ <para>
+ Run the <command>passwd</command> command and follow the instructions displayed on the command line to change the <systemitem class="username">root</systemitem> password.
+ </para>
+ <para>
+ Note that if the system is not writable, the <application>passwd</application> tool fails with the following error:
+ </para>
+<screen>Authentication token manipulation error</screen>
+ </step>
+ <step>
+ <para>
+ Remount the file system as read only:
+ <screen>~]# <command>mount -o remount, ro /</command></screen>
+ </para>
+ </step>
+ <step>
+ <para>
+ Run the <command>exec /sbin/init</command> command to resume the initialization and finish the system boot.
+ </para>
+ <para>
+ Running the <command>exec</command> command with another command specified replaces the shell and creates a new process; <systemitem class="daemon">init</systemitem> in this case.
+ </para>
+ </step>
+ </procedure>
+ </section>
+
+ </section>
+
+ <section id="sec-UEFI_Secure_Boot">
+ <title>UEFI Secure Boot</title>
+ <para>
+ The Secure Boot technology ensures that the system firmware checks whether the system boot loader is signed with a cryptographic key authorized by a database contained in the firmware. With signature verification in the next-stage boot loader, kernel, and, potentially, user space, it is possible to prevent the execution of unsigned code.
+ </para>
+ <para>
+ Secure Boot is the boot path validation component of the Unified Extensible Firmware Interface (UEFI) specification. The specification defines:
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ a programming interface for cryptographically protected UEFI variables in non-volatile storage,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ how the trusted X.509 root certificates are stored in UEFI variables,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ validation of UEFI applications like boot loaders and drivers,
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ procedures to revoke known-bad certificates and application hashes.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ UEFI Secure Boot does not prevent the installation or removal of second-stage boot loaders, nor require explicit user confirmation of such changes. Signatures are verified during booting, not when the boot loader is installed or updated. Therefore, UEFI Secure Boot does not stop boot path manipulations. It only prevents the system from executing a modified boot path once such a modification has occurred, and simplifies their detection.
+ </para>
+
+ <section id="sec-UEFI_Secure_Boot_Support_in_Fedora">
+ <title>UEFI Secure Boot Support in Fedora</title>
+ <para>
+ &PRODUCT; includes support for the UEFI Secure Boot feature, which means that &PRODUCT; can be installed and run on systems where UEFI Secure Boot is enabled. On UEFI-based systems with the Secure Boot technology enabled, all drivers that are loaded must be signed with a valid certificate, otherwise the system will not accept them. All drivers provided by Red Hat are signed by the UEFI CA certificate.
+ </para>
+ <para>
+ If you want to load externally built drivers — drivers that are not provided on the &PRODUCT; Linux DVD — you must make sure these drivers are signed as well.
+ </para>
+ <para>
+ <!--Information on signing custom drivers is available in <xref linkend="sect-signing-kernel-modules-for-secure-boot" />.-->
+ </para>
+ </section>
+ </section>
+
+ <section id="sec-Additional_Resources_GRUB2">
+ <title>Additional Resources</title>
+ <para>
+ Please see the following resources for more information on the GRUB 2 boot loader:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <filename class="directory">/usr/share/doc/grub2-tools-<version-number></filename> — This directory contains information about using and configuring GRUB 2. <literal><version-number></literal> corresponds to the version of the GRUB 2 package installed.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <command>info grub2</command> — The GRUB 2 info page contains a tutorial, a user reference manual, a programmer reference manual, and a FAQ document about GRUB 2 and its usage.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <ulink url="http://docs.fedoraproject.org/install-guide"> &MAJOROS; Installation Guide</ulink> — The Installation Guide provides basic information on GRUB 2, for example, installation, terminology, interfaces, and commands.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+
+</chapter>
More information about the docs-commits
mailing list