FreeBSD6.2架设之内核编译
Index:
简介
Requirements
Step 1 查看当前机器自检信息.
Step 2备份原内核文件.
Step 3 编辑新内核描述文件.
Step 4 启用磁盘配额.
Step 5 控制台中禁用热启动
Step 6 内核编译前后对比.
Step 2 编译后的清理工作.
F.A.Q.
Links to other sources
简介
为你自己定制专用的内核,加入一些特定功能如QUOTA,禁止控制台重启,声卡,防火墙等,总之可以自己做到很多适合自己机器的配置。
Step 1 查看当前机器的自检信息.
内核编译最好本地操作,不要远程编译。
要是你修改过/etc/make.conf文件,一定要还原此文件。
确保/etc/make.conf文件如下
Shell:
cat /etc/make.conf
# added by use.perl 2007-11-24 22:06:09
PERL_VER=5.8.8
PERL_VERSION=5.8.8
查看当前机器的自检信息,取得CPU 内存显示卡硬盘网卡等信息Shell:
dmesg | less
查看/usr/src/Makefile文件,此文件说明注意事项和具体操作步骤
Shell:
cd /usr/src/
less /usr/src/Makefile
# For individuals wanting to build from the sources currently on their
# system, the simple instructions are:
#
# 1. `cd /usr/src' (or to the directory containing your source tree).
# 2. `make world'
#
# For individuals wanting to upgrade their sources (even if only a
# delta of a few days):
#
# 1. `cd /usr/src' (or to the directory containing your source tree).
# 2. `make buildworld'
# 3. `make buildkernel KERNCONF=YOUR_KERNEL_HERE' (default is GENERIC).
# 4. `make installkernel KERNCONF=YOUR_KERNEL_HERE' (default is GENERIC).
# 5. `reboot' (in single user mode: boot -s from the loader prompt).
# 6. `mergemaster -p'
# 7. `make installworld'
# 8. `make delete-old'
# 9. `mergemaster'
# 10. `reboot'
# 11. `make delete-old-libs' (in case no 3rd party program uses them anymore)
Step 2 备份当前内核描述文件.
查看当前机器内核描述文件
Shell:
uname -a
FreeBSD WOW.freemongolia.cn 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
备份当前机器内核描述文件
复制/usr/src/sys/i386/conf/GENERIC文件到/etc/WOW (WOW表示你自定义的名称)
Shell:
cp /usr/src/sys/i386/conf/GENERIC /etc/WOW
创建一个链接到/usr/src/sys/i386/conf/GENERIC/目录
Shell:
cd /usr/src/sys/i386/conf/
ln -s /etc/WOW /usr/src/sys/i386/conf/
Step 3 编辑内核描述文件.
编辑内核描述文件
添加磁盘配额、禁用控制台中的热启动、等功能
编辑内核描述文件,vi /usr/src/sys/i386/conf/WOW
Shell:
vi /usr/src/sys/i386/conf/WOW
Editor:
# 具体选项请参考http://www.freebsd.org/doc/zh_CN.GB2312/books/handbook/kernelconfig-config.html
ident WOW #内核标记名称
增加以下内容
options QUOTA #启用磁盘配额
options SC_DISABLE_REBOOT #在控制台禁用CTRL+ALT+DEL键
存盘退出
以下2项不要注销
device scbus # SCSI bus (required for SCSI)
device da # Direct Access (disks)
Step 4 编译内核.
编译内核
根据/usr/src/Makefile文件方法,进行编译内核
1、cd /usr/src (进入编译核心目录)
Shell:
cd /usr/src
2、make buildworld(很漫长的等待大约1小时左右,有没有更漫长的事情?有。Ports安装Xorg和Gnome,3天3夜,3天3夜。嗯?好熟悉的旋律……..) (更新版本)
Shell:
make buildworld
3、make buildkernel KERNCONF=你的内核描述文件名 (default is GENERIC) (下面的WOW是我的内核描述文件名称) (正式编译核心大约用时20分钟)
Shell:
make buildkernel KERNCONF=WOW
4、make installkernel KERNCONF=你的内核描述文件名 (default is GENERIC) (安装核心大约用时1分钟)
Shell:
make installkernel KERNCONF=WOW
5、reboot (重新启动进入单人模式,重启选择4;具体操作可以查看第1章忘记root密码怎么办)
Shell:
reboot
以下几步为在单人模式下操作
mount -u(重新挂载,参数-u表示挂载后可读写)
Shell:
单人模式#mount -u
mount -a(挂载全部磁盘,参数-a表示全部磁盘)
Shell:
单人模式#mount -a
cd /usr/src (进入编译核心目录)
Shell:
单人模式#cd /usr/src
mergemaster -p (此命令用来检验内核描述文件正确性)
Shell:
单人模式#mergemaster -p
*** Comparison complete
Do you wish to delete what is left of /var/tmp/temproot?[no]
make installworld (安装所有新的系统源代码,大约用时3分钟)
Shell:
单人模式#make installworld
mergemaster 系统询问是否删除/var/tmp/temproot目录时,按d键进行删除(用来更新或修改/etc的配置文件)
Shell:
单人模式#mergemaster
How should I deal with this? [Use the existing /var/tmp/temproot]d
系统提示发现/etc/rc.d/jail文件与旧的对比有变化,按键盘q键退出查看。询问对新文件怎么处理?按i键安装?还是按d键删除?还是按m键?我们没有编辑过的文件就选择新的,所以按i键选择安装。
Shell:
*** Displaying differences between ./etc/rc.d/jail and installed version
--- /etc/rc.d/jailFri Jan 12 15:42:21 2007
q
How should I deal with this? [Leave it for later]i
系统提示发现/etc/hosts文件与旧的对比有变化,按键盘q键退出查看。询问对新文件怎么处理?按i键安装?还是按d键删除?还是按m键?我们编辑过的文件就保留旧的配置,所以按d键选择删除新的。
Shell:
*** Displaying differences between ./etc/hosts and installed version
--- /etc/hosts Sun Nov 25 05:21:04 2007
+++./etc/hosts Sun Nov 25 20:29:23 2007
q
How should I deal with this? [Leave it for later]d
系统提示发现/etc/mote文件与旧的对比有变化,按键盘q键退出查看。询问对新文件怎么处理?按i键安装?还是按d键删除?还是按m键?motd的作用就是你登入系统时出现的那个欢迎词,我们看看新的欢迎词有没有变化,所以按i键选择安装新的。
Shell:
*** Displaying differences between ./etc/motd and installed version
--- /etc/motd Sun Nov 24 21:22:58 2007
+++./etc/motdSun Nov 25 20:29:23 2007
q
How should I deal with this? [Leave it for later]i
要不要删除/var/tmp/temproot目录,直接回车就行。
Shell:
Do you wish to delete what is left of /var/tmp/temproot? [no]
reboot (重启服务器)
Shell:
单人模式#reboot
Step 5 内核编译前后对比.
激动人心的时刻来临了,等了好几个小时后,我们现在要看看是否新内核安装成功了。
内核文件大小对比
编译后:
Shell:
du -h /boot/kernel
18M /boot/kernel
du -h /boot/kernel/kernel
2.7M /boot/kernel/kernel
编译前:
Shell:
du -h /boot/kernel.old/
23M /boot/kernel.old/
du -h /boot/kernel.old/kernel
6.8M /boot/kernel.old/kernel
内核配置文件名称对比
编译后:
Shell:
uname -a
FreeBSD ohaha.3322.org 6.2-RELEASE-p8 FreeBSD 6.2-RELEASE-p8#0: Sun Nov 25 12:04:05 CST 2007 root@WOW.ohaha.3322.org:/usr/obj/usr/src/sys/WOW i386
编译前:
Shell:
uname -a
FreeBSD ohaha.3322.org 6.2-RELEASE FreeBSD 6.2-RELEASE#0: Fri Jan 12 10:40:27 UTC 2007 root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
内核编译前后SSH侦听端口协议对比
编译后(去除IPV6支持):
Shell:
netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 52 192.168.0.88.22 192.168.0.8.1155 ESTABLISHED
tcp4 0 0 *.22 *.* LISTEN
udp4 0 0 *.514 *.*
Active UNIX domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
c4e8071cstream 0 0 0 c4e807a8 0 0
编译前:
Shell:
netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 127.0.0.1.25 *.* LISTEN
tcp4 0 0 *.22 *.* LISTEN
tcp6 0 0 *.22 *.* LISTEN
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
Active UNIX domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
c4e7c9d8 stream 0 0 0 0 0 0
登入时欢迎信息的对比
编译后(显示更人性化,居然会有一些操作技巧提示^_^):
Shell:
FreeBSD 6.2-RELEASE-p8 (WOW) #0: Sun Nov 25 12:04:05 CST 2007
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
>.............
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
To obtain a neat PostScript rendering of a manual page, use ``-t'' switch
of the man(1) utility: ``man -t ''. For example:
man -t grep >grep.ps # Save the PostScript version to a file
or
man -t printf | lp # Send the PostScript directly to printer
编译前:
Shell:
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
>………………
注:文中所说大约XX时间,是根据不同的机器配置会有出入。主要是看你的CPU,CPU够强劲,速度就够快,时间也就会少。
编译内核时CPU和内存占用
Shell:
top
last pid: 37445; load averages: 1.01, 0.74, 0.50 up 0+03:09:41 04:04:14
35 processes: 2 running, 33 sleeping
CPU states: 92.9%user, 0.0% nice, 6.7% system, 0.4% interrupt, 0.0% idle
Mem: 26MActive, 721MInact, 141MWired, 200K Cache, 111MBuf, 107MFree
Swap: 768MTotal, 768MFree
PID USERNAME THR PRI NICE SIZE RESSTATE TIME WCPU COMMAND
37444 0 1 121 0 6568K 6028K RUN 0:00 3.00% cc1
Step 4 内核编译完后的清理.
内核编译完成后,需要进行清理为下次编译做准备:
清理编译内核后的临时文件Shell:
cd /usr/obj/
chflags -R noschg *
rm -rf *
至此内核编译安装完成。
Step 6 F.A.Q.
Links to other sources
FreeBSD使用手册
FreeBSD使用手册_内核配置
附我的内核配置文件
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.429.2.13 2006/10/09 18:41:36 simon Exp $
machine i386
#cpu I486_CPU
#cpu I586_CPU
cpu I686_CPU
ident WOW
# To statically compile in device wiring instead of /boot/device.hints
#hints "GENERIC.hints" # Default places to look for devices.
#makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
options SCHED_4BSD # 4BSD scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
#options INET6 # IPv6 communications protocols
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options MD_ROOT # MD is a potential root device
options NFSCLIENT # Network Filesystem Client
options NFSSERVER # Network Filesystem Server
options NFS_ROOT # NFS usable as /, requires NFSCLIENT
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_GPT # GUID Partition Tables.
options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options SCSI_DELAY=1000 # Delay (in ms) before probing SCSI
#options KTRACE # ktrace(1) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options ADAPTIVE_GIANT # Giant mutex is adaptive.
options QUOTA # Enable User's QUOTA
options SC_DISABLE_REBOOT # Disable Console Restart
options SMP # Symmetric MultiProcessor Kernel
device apic # I/O APIC
# Bus support.
device eisa
device pci
# Floppy drives
#device fdc
# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
#device ataraid # ATA RAID drives
device atapicd # ATAPI CDROM drives
#device atapifd # ATAPI floppy drives
#device atapist # ATAPI tape drives
options ATA_STATIC_ID # Static device numbering
# SCSI Controllers
#device ahb # EISA AHA1742 family
#device ahc # AHA2940 and onboard AIC7xxx devices
options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~128k to driver.
#device ahd # AHA39320/29320 and onboard AIC79xx devices
options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~215k to driver.
#device amd # AMD 53C974 (Tekram DC-390(T))
#device isp # Qlogic family
#device ispfw # Firmware for QLogic HBAs- normally a module
#device mpt # LSI-Logic MPT-Fusion
#device ncr # NCR/Symbios Logic
#device sym # NCR/Symbios Logic (newer chipsets + those of `ncr')
#device trm # Tekram DC395U/UW/F DC315U adapters
#device adv # Advansys SCSI adapters
#device adw # Advansys wide SCSI adapters
#device aha # Adaptec 154x SCSI adapters
#device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
#device bt # Buslogic/Mylex MultiMaster SCSI adapters
#device ncv # NCR 53C500
#device nsp # Workbit Ninja SCSI-3
#device stg # TMC 18C30/18C50
# SCSI peripherals
device scbus # SCSI bus (required for SCSI)
device ch # SCSI media changers
device da # Direct Access (disks)
device sa # Sequential Access (tape etc)
device cd # CD
device pass # Passthrough device (direct SCSI access)
device ses # SCSI Environmental Services (and SAF-TE)
# RAID controllers interfaced to the SCSI subsystem
#device amr # AMI MegaRAID
#device arcmsr # Areca SATA II RAID
#device asr # DPT SmartRAID V, VI and Adaptec SCSI RAID
#device ciss # Compaq Smart RAID 5*
#device dpt # DPT Smartcache III, IV - See NOTES for options
#device hptmv # Highpoint RocketRAID 182x
#device rr232x # Highpoint RocketRAID 232x
#device iir # Intel Integrated RAID
#device ips # IBM (Adaptec) ServeRAID
#device mly # Mylex AcceleRAID/eXtremeRAID
#device twa # 3ware 9000 series PATA/SATA RAID
# RAID controllers
#device aac # Adaptec FSA RAID
#device aacp # SCSI passthrough for aac (requires CAM)
#device ida # Compaq Smart RAID
#device mfi # LSI MegaRAID SAS
#device mlx # Mylex DAC960 family
#device pst # Promise Supertrak SX6000
#device twe # 3ware ATA RAID
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device kbdmux # keyboard multiplexer
device vga # VGA video card driver
device splash # Splash screen and screen saver support
# syscons is the default console driver, resembling an SCO console
device sc
# Enable this for the pcvt (VT220 compatible) console driver
#device vt
#options XSERVER # support for X server on a vt console
#options FAT_CURSOR # start with block cursor
device agp # support several AGP chipsets
# Power management support (see NOTES for more options)
#device apm
# Add suspend/resume support for the i8254.
device pmtimer
# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
#device cbb # cardbus (yenta) bridge
#device pccard # PC Card (16-bit) bus
#device cardbus # CardBus (32-bit) bus
# Serial (COM) ports
device sio # 8250, 16[45]50 based serial ports
# Parallel port
device ppc
device ppbus # Parallel port bus (required)
device lpt # Printer
device plip # TCP/IP over parallel
device ppi # Parallel port interface device
#device vpo # Requires scbus and da
# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to the sio and/or ppc drivers):
#device puc
# PCI Ethernet NICs.
#device de # DEC/Intel DC21x4x (``Tulip'')
#device em # Intel PRO/1000 adapter Gigabit Ethernet Card
#device ixgb # Intel PRO/10GbE Ethernet Card
#device txp # 3Com 3cR990 (``Typhoon'')
#device vx # 3Com 3c590, 3c595 (``Vortex'')
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
#device bce # Broadcom BCM5706/BCM5708 Gigabit Ethernet
#device bfe # Broadcom BCM440x 10/100 Ethernet
#device bge # Broadcom BCM570xx Gigabit Ethernet
#device dc # DEC/Intel 21143 and various workalikes
#device fxp # Intel EtherExpress PRO/100B (82557, 82558)
#device lge # Level 1 LXT1001 gigabit Ethernet
#device nge # NatSemi DP83820 gigabit Ethernet
#device nve # nVidia nForce MCP on-board Ethernet Networking
#device pcn # AMD Am79C97x PCI 10/100(precedence over 'lnc')
#device re # RealTek 8139C+/8169/8169S/8110S
#device rl # RealTek 8129/8139
#device sf # Adaptec AIC-6915 (``Starfire'')
#device sis # Silicon Integrated Systems SiS 900/SiS 7016
#device sk # SysKonnect SK-984x &SK-982x gigabit Ethernet
#device ste # Sundance ST201 (D-Link DFE-550TX)
#device stge # Sundance/Tamarack TC9021 gigabit Ethernet
#device ti # Alteon Networks Tigon I/II gigabit Ethernet
#device tl # Texas Instruments ThunderLAN
#device tx # SMC EtherPower II (83c170 ``EPIC'')
#device vge # VIA VT612x gigabit Ethernet
#device vr # VIA Rhine, Rhine II
#device wb # Winbond W89C840F
device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
# ISA Ethernet NICs. pccard NICs included.
#device cs # Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
#device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
#device ex # Intel EtherExpress Pro/10 and Pro/10+
#device ep # Etherlink III based cards
#device fe # Fujitsu MB8696x based cards
#device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
#device lnc # NE2100, NE32-VL Lance Ethernet cards
#device sn # SMC's 9000 series of Ethernet chips
#device xe # Xircom pccard Ethernet
# Wireless NIC cards
device wlan # 802.11 support
#device wlan_wep # 802.11 WEP support
#device wlan_ccmp # 802.11 CCMP support
#device wlan_tkip # 802.11 TKIP support
#device an # Aironet 4500/4800 802.11 wireless NICs.
#device ath # Atheros pci/cardbus NIC's
#device ath_hal # Atheros HAL (Hardware Access Layer)
#device ath_rate_sample # SampleRate tx rate control for ath
#device awi # BayStack 660 and others
#device ral # Ralink Technology RT2500 wireless NICs.
#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device wl # Older non 802.11 Wavelan wireless NIC.
# Pseudo devices.
device loop # Network loopback
device random # Entropy device
device ether # Ethernet support
device sl # Kernel SLIP
device ppp # Kernel PPP
device tun # Packet tunnel.
device pty # Pseudo-ttys (telnet etc)
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device faith # IPv6-to-IPv4 relaying (translation)
# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device bpf # Berkeleypacket filter
# USB support
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device usb # USB Bus (required)
#device udbp # USB Double Bulk Pipe devices
device ugen # Generic
device uhid # "Human Interface Devices"
device ukbd # Keyboard
device ulpt # Printer
device umass # Disks/Mass storage - Requires scbus and da
device ums # Mouse
#device ural # Ralink Technology RT2500USB wireless NICs
#device urio # Diamond Rio 500 MP3 player
device uscanner # Scanners
# USB Ethernet, requires miibus
#device aue # ADMtek USB Ethernet
#device axe # ASIX Electronics USB Ethernet
#device cdce # Generic USB over Ethernet
#device cue # CATC USB Ethernet
#device kue # Kawasaki LSI USB Ethernet
#device rue # RealTek RTL8150 USB Ethernet
# FireWire support
#device firewire # FireWire bus code
#device sbp # SCSI over FireWire (Requires scbus and da)
#device fwe # Ethernet over FireWire (non-standard!)
简介
Requirements
Step 1 查看当前机器自检信息.
Step 2备份原内核文件.
Step 3 编辑新内核描述文件.
Step 4 启用磁盘配额.
Step 5 控制台中禁用热启动
Step 6 内核编译前后对比.
Step 2 编译后的清理工作.
F.A.Q.
Links to other sources
简介
为你自己定制专用的内核,加入一些特定功能如QUOTA,禁止控制台重启,声卡,防火墙等,总之可以自己做到很多适合自己机器的配置。
Step 1 查看当前机器的自检信息.
内核编译最好本地操作,不要远程编译。
要是你修改过/etc/make.conf文件,一定要还原此文件。
确保/etc/make.conf文件如下
Shell:
cat /etc/make.conf
# added by use.perl 2007-11-24 22:06:09
PERL_VER=5.8.8
PERL_VERSION=5.8.8
查看当前机器的自检信息,取得CPU 内存显示卡硬盘网卡等信息Shell:
dmesg | less
查看/usr/src/Makefile文件,此文件说明注意事项和具体操作步骤
Shell:
cd /usr/src/
less /usr/src/Makefile
# For individuals wanting to build from the sources currently on their
# system, the simple instructions are:
#
# 1. `cd /usr/src' (or to the directory containing your source tree).
# 2. `make world'
#
# For individuals wanting to upgrade their sources (even if only a
# delta of a few days):
#
# 1. `cd /usr/src' (or to the directory containing your source tree).
# 2. `make buildworld'
# 3. `make buildkernel KERNCONF=YOUR_KERNEL_HERE' (default is GENERIC).
# 4. `make installkernel KERNCONF=YOUR_KERNEL_HERE' (default is GENERIC).
# 5. `reboot' (in single user mode: boot -s from the loader prompt).
# 6. `mergemaster -p'
# 7. `make installworld'
# 8. `make delete-old'
# 9. `mergemaster'
# 10. `reboot'
# 11. `make delete-old-libs' (in case no 3rd party program uses them anymore)
Step 2 备份当前内核描述文件.
查看当前机器内核描述文件
Shell:
uname -a
FreeBSD WOW.freemongolia.cn 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
备份当前机器内核描述文件
复制/usr/src/sys/i386/conf/GENERIC文件到/etc/WOW (WOW表示你自定义的名称)
Shell:
cp /usr/src/sys/i386/conf/GENERIC /etc/WOW
创建一个链接到/usr/src/sys/i386/conf/GENERIC/目录
Shell:
cd /usr/src/sys/i386/conf/
ln -s /etc/WOW /usr/src/sys/i386/conf/
Step 3 编辑内核描述文件.
编辑内核描述文件
添加磁盘配额、禁用控制台中的热启动、等功能
编辑内核描述文件,vi /usr/src/sys/i386/conf/WOW
Shell:
vi /usr/src/sys/i386/conf/WOW
Editor:
# 具体选项请参考http://www.freebsd.org/doc/zh_CN.GB2312/books/handbook/kernelconfig-config.html
ident WOW #内核标记名称
增加以下内容
options QUOTA #启用磁盘配额
options SC_DISABLE_REBOOT #在控制台禁用CTRL+ALT+DEL键
存盘退出
以下2项不要注销
device scbus # SCSI bus (required for SCSI)
device da # Direct Access (disks)
Step 4 编译内核.
编译内核
根据/usr/src/Makefile文件方法,进行编译内核
1、cd /usr/src (进入编译核心目录)
Shell:
cd /usr/src
2、make buildworld(很漫长的等待大约1小时左右,有没有更漫长的事情?有。Ports安装Xorg和Gnome,3天3夜,3天3夜。嗯?好熟悉的旋律……..) (更新版本)
Shell:
make buildworld
3、make buildkernel KERNCONF=你的内核描述文件名 (default is GENERIC) (下面的WOW是我的内核描述文件名称) (正式编译核心大约用时20分钟)
Shell:
make buildkernel KERNCONF=WOW
4、make installkernel KERNCONF=你的内核描述文件名 (default is GENERIC) (安装核心大约用时1分钟)
Shell:
make installkernel KERNCONF=WOW
5、reboot (重新启动进入单人模式,重启选择4;具体操作可以查看第1章忘记root密码怎么办)
Shell:
reboot
以下几步为在单人模式下操作
mount -u(重新挂载,参数-u表示挂载后可读写)
Shell:
单人模式#mount -u
mount -a(挂载全部磁盘,参数-a表示全部磁盘)
Shell:
单人模式#mount -a
cd /usr/src (进入编译核心目录)
Shell:
单人模式#cd /usr/src
mergemaster -p (此命令用来检验内核描述文件正确性)
Shell:
单人模式#mergemaster -p
*** Comparison complete
Do you wish to delete what is left of /var/tmp/temproot?[no]
make installworld (安装所有新的系统源代码,大约用时3分钟)
Shell:
单人模式#make installworld
mergemaster 系统询问是否删除/var/tmp/temproot目录时,按d键进行删除(用来更新或修改/etc的配置文件)
Shell:
单人模式#mergemaster
How should I deal with this? [Use the existing /var/tmp/temproot]d
系统提示发现/etc/rc.d/jail文件与旧的对比有变化,按键盘q键退出查看。询问对新文件怎么处理?按i键安装?还是按d键删除?还是按m键?我们没有编辑过的文件就选择新的,所以按i键选择安装。
Shell:
*** Displaying differences between ./etc/rc.d/jail and installed version
--- /etc/rc.d/jailFri Jan 12 15:42:21 2007
q
How should I deal with this? [Leave it for later]i
系统提示发现/etc/hosts文件与旧的对比有变化,按键盘q键退出查看。询问对新文件怎么处理?按i键安装?还是按d键删除?还是按m键?我们编辑过的文件就保留旧的配置,所以按d键选择删除新的。
Shell:
*** Displaying differences between ./etc/hosts and installed version
--- /etc/hosts Sun Nov 25 05:21:04 2007
+++./etc/hosts Sun Nov 25 20:29:23 2007
q
How should I deal with this? [Leave it for later]d
系统提示发现/etc/mote文件与旧的对比有变化,按键盘q键退出查看。询问对新文件怎么处理?按i键安装?还是按d键删除?还是按m键?motd的作用就是你登入系统时出现的那个欢迎词,我们看看新的欢迎词有没有变化,所以按i键选择安装新的。
Shell:
*** Displaying differences between ./etc/motd and installed version
--- /etc/motd Sun Nov 24 21:22:58 2007
+++./etc/motdSun Nov 25 20:29:23 2007
q
How should I deal with this? [Leave it for later]i
要不要删除/var/tmp/temproot目录,直接回车就行。
Shell:
Do you wish to delete what is left of /var/tmp/temproot? [no]
reboot (重启服务器)
Shell:
单人模式#reboot
Step 5 内核编译前后对比.
激动人心的时刻来临了,等了好几个小时后,我们现在要看看是否新内核安装成功了。
内核文件大小对比
编译后:
Shell:
du -h /boot/kernel
18M /boot/kernel
du -h /boot/kernel/kernel
2.7M /boot/kernel/kernel
编译前:
Shell:
du -h /boot/kernel.old/
23M /boot/kernel.old/
du -h /boot/kernel.old/kernel
6.8M /boot/kernel.old/kernel
内核配置文件名称对比
编译后:
Shell:
uname -a
FreeBSD ohaha.3322.org 6.2-RELEASE-p8 FreeBSD 6.2-RELEASE-p8#0: Sun Nov 25 12:04:05 CST 2007 root@WOW.ohaha.3322.org:/usr/obj/usr/src/sys/WOW i386
编译前:
Shell:
uname -a
FreeBSD ohaha.3322.org 6.2-RELEASE FreeBSD 6.2-RELEASE#0: Fri Jan 12 10:40:27 UTC 2007 root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
内核编译前后SSH侦听端口协议对比
编译后(去除IPV6支持):
Shell:
netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 52 192.168.0.88.22 192.168.0.8.1155 ESTABLISHED
tcp4 0 0 *.22 *.* LISTEN
udp4 0 0 *.514 *.*
Active UNIX domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
c4e8071cstream 0 0 0 c4e807a8 0 0
编译前:
Shell:
netstat -an
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 127.0.0.1.25 *.* LISTEN
tcp4 0 0 *.22 *.* LISTEN
tcp6 0 0 *.22 *.* LISTEN
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
Active UNIX domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
c4e7c9d8 stream 0 0 0 0 0 0
登入时欢迎信息的对比
编译后(显示更人性化,居然会有一些操作技巧提示^_^):
Shell:
FreeBSD 6.2-RELEASE-p8 (WOW) #0: Sun Nov 25 12:04:05 CST 2007
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
>.............
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
To obtain a neat PostScript rendering of a manual page, use ``-t'' switch
of the man(1) utility: ``man -t ''. For example:
man -t grep >grep.ps # Save the PostScript version to a file
or
man -t printf | lp # Send the PostScript directly to printer
编译前:
Shell:
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
>………………
注:文中所说大约XX时间,是根据不同的机器配置会有出入。主要是看你的CPU,CPU够强劲,速度就够快,时间也就会少。
编译内核时CPU和内存占用
Shell:
top
last pid: 37445; load averages: 1.01, 0.74, 0.50 up 0+03:09:41 04:04:14
35 processes: 2 running, 33 sleeping
CPU states: 92.9%user, 0.0% nice, 6.7% system, 0.4% interrupt, 0.0% idle
Mem: 26MActive, 721MInact, 141MWired, 200K Cache, 111MBuf, 107MFree
Swap: 768MTotal, 768MFree
PID USERNAME THR PRI NICE SIZE RESSTATE TIME WCPU COMMAND
37444 0 1 121 0 6568K 6028K RUN 0:00 3.00% cc1
Step 4 内核编译完后的清理.
内核编译完成后,需要进行清理为下次编译做准备:
清理编译内核后的临时文件Shell:
cd /usr/obj/
chflags -R noschg *
rm -rf *
至此内核编译安装完成。
Step 6 F.A.Q.
Links to other sources
FreeBSD使用手册
FreeBSD使用手册_内核配置
附我的内核配置文件
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.429.2.13 2006/10/09 18:41:36 simon Exp $
machine i386
#cpu I486_CPU
#cpu I586_CPU
cpu I686_CPU
ident WOW
# To statically compile in device wiring instead of /boot/device.hints
#hints "GENERIC.hints" # Default places to look for devices.
#makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
options SCHED_4BSD # 4BSD scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
#options INET6 # IPv6 communications protocols
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options MD_ROOT # MD is a potential root device
options NFSCLIENT # Network Filesystem Client
options NFSSERVER # Network Filesystem Server
options NFS_ROOT # NFS usable as /, requires NFSCLIENT
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_GPT # GUID Partition Tables.
options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options SCSI_DELAY=1000 # Delay (in ms) before probing SCSI
#options KTRACE # ktrace(1) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options ADAPTIVE_GIANT # Giant mutex is adaptive.
options QUOTA # Enable User's QUOTA
options SC_DISABLE_REBOOT # Disable Console Restart
options SMP # Symmetric MultiProcessor Kernel
device apic # I/O APIC
# Bus support.
device eisa
device pci
# Floppy drives
#device fdc
# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
#device ataraid # ATA RAID drives
device atapicd # ATAPI CDROM drives
#device atapifd # ATAPI floppy drives
#device atapist # ATAPI tape drives
options ATA_STATIC_ID # Static device numbering
# SCSI Controllers
#device ahb # EISA AHA1742 family
#device ahc # AHA2940 and onboard AIC7xxx devices
options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~128k to driver.
#device ahd # AHA39320/29320 and onboard AIC79xx devices
options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~215k to driver.
#device amd # AMD 53C974 (Tekram DC-390(T))
#device isp # Qlogic family
#device ispfw # Firmware for QLogic HBAs- normally a module
#device mpt # LSI-Logic MPT-Fusion
#device ncr # NCR/Symbios Logic
#device sym # NCR/Symbios Logic (newer chipsets + those of `ncr')
#device trm # Tekram DC395U/UW/F DC315U adapters
#device adv # Advansys SCSI adapters
#device adw # Advansys wide SCSI adapters
#device aha # Adaptec 154x SCSI adapters
#device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
#device bt # Buslogic/Mylex MultiMaster SCSI adapters
#device ncv # NCR 53C500
#device nsp # Workbit Ninja SCSI-3
#device stg # TMC 18C30/18C50
# SCSI peripherals
device scbus # SCSI bus (required for SCSI)
device ch # SCSI media changers
device da # Direct Access (disks)
device sa # Sequential Access (tape etc)
device cd # CD
device pass # Passthrough device (direct SCSI access)
device ses # SCSI Environmental Services (and SAF-TE)
# RAID controllers interfaced to the SCSI subsystem
#device amr # AMI MegaRAID
#device arcmsr # Areca SATA II RAID
#device asr # DPT SmartRAID V, VI and Adaptec SCSI RAID
#device ciss # Compaq Smart RAID 5*
#device dpt # DPT Smartcache III, IV - See NOTES for options
#device hptmv # Highpoint RocketRAID 182x
#device rr232x # Highpoint RocketRAID 232x
#device iir # Intel Integrated RAID
#device ips # IBM (Adaptec) ServeRAID
#device mly # Mylex AcceleRAID/eXtremeRAID
#device twa # 3ware 9000 series PATA/SATA RAID
# RAID controllers
#device aac # Adaptec FSA RAID
#device aacp # SCSI passthrough for aac (requires CAM)
#device ida # Compaq Smart RAID
#device mfi # LSI MegaRAID SAS
#device mlx # Mylex DAC960 family
#device pst # Promise Supertrak SX6000
#device twe # 3ware ATA RAID
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device kbdmux # keyboard multiplexer
device vga # VGA video card driver
device splash # Splash screen and screen saver support
# syscons is the default console driver, resembling an SCO console
device sc
# Enable this for the pcvt (VT220 compatible) console driver
#device vt
#options XSERVER # support for X server on a vt console
#options FAT_CURSOR # start with block cursor
device agp # support several AGP chipsets
# Power management support (see NOTES for more options)
#device apm
# Add suspend/resume support for the i8254.
device pmtimer
# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
#device cbb # cardbus (yenta) bridge
#device pccard # PC Card (16-bit) bus
#device cardbus # CardBus (32-bit) bus
# Serial (COM) ports
device sio # 8250, 16[45]50 based serial ports
# Parallel port
device ppc
device ppbus # Parallel port bus (required)
device lpt # Printer
device plip # TCP/IP over parallel
device ppi # Parallel port interface device
#device vpo # Requires scbus and da
# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to the sio and/or ppc drivers):
#device puc
# PCI Ethernet NICs.
#device de # DEC/Intel DC21x4x (``Tulip'')
#device em # Intel PRO/1000 adapter Gigabit Ethernet Card
#device ixgb # Intel PRO/10GbE Ethernet Card
#device txp # 3Com 3cR990 (``Typhoon'')
#device vx # 3Com 3c590, 3c595 (``Vortex'')
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
#device bce # Broadcom BCM5706/BCM5708 Gigabit Ethernet
#device bfe # Broadcom BCM440x 10/100 Ethernet
#device bge # Broadcom BCM570xx Gigabit Ethernet
#device dc # DEC/Intel 21143 and various workalikes
#device fxp # Intel EtherExpress PRO/100B (82557, 82558)
#device lge # Level 1 LXT1001 gigabit Ethernet
#device nge # NatSemi DP83820 gigabit Ethernet
#device nve # nVidia nForce MCP on-board Ethernet Networking
#device pcn # AMD Am79C97x PCI 10/100(precedence over 'lnc')
#device re # RealTek 8139C+/8169/8169S/8110S
#device rl # RealTek 8129/8139
#device sf # Adaptec AIC-6915 (``Starfire'')
#device sis # Silicon Integrated Systems SiS 900/SiS 7016
#device sk # SysKonnect SK-984x &SK-982x gigabit Ethernet
#device ste # Sundance ST201 (D-Link DFE-550TX)
#device stge # Sundance/Tamarack TC9021 gigabit Ethernet
#device ti # Alteon Networks Tigon I/II gigabit Ethernet
#device tl # Texas Instruments ThunderLAN
#device tx # SMC EtherPower II (83c170 ``EPIC'')
#device vge # VIA VT612x gigabit Ethernet
#device vr # VIA Rhine, Rhine II
#device wb # Winbond W89C840F
device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
# ISA Ethernet NICs. pccard NICs included.
#device cs # Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
#device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
#device ex # Intel EtherExpress Pro/10 and Pro/10+
#device ep # Etherlink III based cards
#device fe # Fujitsu MB8696x based cards
#device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
#device lnc # NE2100, NE32-VL Lance Ethernet cards
#device sn # SMC's 9000 series of Ethernet chips
#device xe # Xircom pccard Ethernet
# Wireless NIC cards
device wlan # 802.11 support
#device wlan_wep # 802.11 WEP support
#device wlan_ccmp # 802.11 CCMP support
#device wlan_tkip # 802.11 TKIP support
#device an # Aironet 4500/4800 802.11 wireless NICs.
#device ath # Atheros pci/cardbus NIC's
#device ath_hal # Atheros HAL (Hardware Access Layer)
#device ath_rate_sample # SampleRate tx rate control for ath
#device awi # BayStack 660 and others
#device ral # Ralink Technology RT2500 wireless NICs.
#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device wl # Older non 802.11 Wavelan wireless NIC.
# Pseudo devices.
device loop # Network loopback
device random # Entropy device
device ether # Ethernet support
device sl # Kernel SLIP
device ppp # Kernel PPP
device tun # Packet tunnel.
device pty # Pseudo-ttys (telnet etc)
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device faith # IPv6-to-IPv4 relaying (translation)
# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device bpf # Berkeleypacket filter
# USB support
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device usb # USB Bus (required)
#device udbp # USB Double Bulk Pipe devices
device ugen # Generic
device uhid # "Human Interface Devices"
device ukbd # Keyboard
device ulpt # Printer
device umass # Disks/Mass storage - Requires scbus and da
device ums # Mouse
#device ural # Ralink Technology RT2500USB wireless NICs
#device urio # Diamond Rio 500 MP3 player
device uscanner # Scanners
# USB Ethernet, requires miibus
#device aue # ADMtek USB Ethernet
#device axe # ASIX Electronics USB Ethernet
#device cdce # Generic USB over Ethernet
#device cue # CATC USB Ethernet
#device kue # Kawasaki LSI USB Ethernet
#device rue # RealTek RTL8150 USB Ethernet
# FireWire support
#device firewire # FireWire bus code
#device sbp # SCSI over FireWire (Requires scbus and da)
#device fwe # Ethernet over FireWire (non-standard!)