[techtalk] botched newbie kernel compile

Conor Daly conor.daly at oceanfree.net
Tue May 8 23:38:44 EST 2001 

On Tue, May 08, 2001 at 11:30:57AM -0700 or so it is rumoured hereabouts, 
Brian Sweeney thought:
> Julia-
> 
> Check out /etc/lilo.conf.  Mine looks something like this:
> 
> delay=1
> boot=/dev/hda
> map=/boot/map
> install=/boot/boot.b
> prompt # I comment these
> timeout=50 # lines out for security, but I'm paranoid ;-)
> message=/boot/message
> default=linux
> 
> image=/boot/vmlinuz-2.4.2-2
>         label=linux
>         read-only
>         root=/dev/hda1

I leave in the "prompt" and "timeout" lines but include

password=<SECRET>

and "restricted" in the default image section

This has the effect of booting to the default kernel after the timeout but
allowing other options if required but only if the password is supplied.
That way, you can do stuff like "linux single" for troubleshooting or boot
experimental kernels without worrying about security.

> When you do recompile your kernel, NEVER get rid of the old boot option. (I
> know, I know, little to late...).  Your best bet is, instead, to add a
> second boot option like so:

The other thing I do, when compiling kernels, is to modify the
EXTRAVERSION parameter in the Makefile.   This gives me a seperate path
for modules and stuff so I can keep multiple kernels around or compile for
different boxes.  My firewall, for example, has no compilers or sources
so, if I need a new kernel for it, I have to compile on a different box.

[cdaly at Hobbiton linux]$ head -4 Makefile Makefile.original 
==> Makefile <==
VERSION = 2
PATCHLEVEL = 2
SUBLEVEL = 14
EXTRAVERSION = -5.0-faenor-firewall-ipmasqadm

==> Makefile.original <==
VERSION = 2
PATCHLEVEL = 2
SUBLEVEL = 14
EXTRAVERSION = -5.0

As you can see, the Makefile for the firewall has 

EXTRAVERSION = -5.0-faenor-firewall-ipmasqadm

Doing all the make menuconfig blah blah right down to "make modules
install" produces a set of modules in 

/lib/modules/2.2.14-5.0-faenor-firewall-ipmasqadm

while the original set of modules for hobbiton are in 

/lib/modules/2.2.14-5.0

I can tar up the firewall modules along with its kernel and install
without messing up the system I compiled on

Conor
-- 
Conor Daly <conor.daly at oceanfree.net>

Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
 11:22pm  up 8 days,  2:13,  0 users,  load average: 0.00, 0.00, 0.00
Hobbiton.cod.ie
 11:26pm  up 8 days,  2:18,  2 users,  load average: 0.00, 0.06, 0.03

More information about the Techtalk mailing list