Re: [techtalk] botched newbie kernel compile

Tue, 08 May 2001 15:23:27 -0700 

On Tue, May 08, 2001 at 11:30:57AM -0700 or so it is rumoured hereabouts, 
Brian Sweeney thought:
> Julia-
> 
> Check out /etc/lilo.conf.  Mine looks something like this:
> 
> delay=1
> boot=/dev/hda
> map=/boot/map
> install=/boot/boot.b
> prompt # I comment these
> timeout=50 # lines out for security, but I'm paranoid ;-)
> message=/boot/message
> default=linux
> 
> image=/boot/vmlinuz-2.4.2-2
>         label=linux
>         read-only
>         root=/dev/hda1

I leave in the "prompt" and "timeout" lines but include

password=<SECRET>

and "restricted" in the default image section

This has the effect of booting to the default kernel after the timeout but
allowing other options if required but only if the password is supplied.
That way, you can do stuff like "linux single" for troubleshooting or boot
experimental kernels without worrying about security.

> When you do recompile your kernel, NEVER get rid of the old boot option. (I
> know, I know, little to late...).  Your best bet is, instead, to add a
> second boot option like so:

The other thing I do, when compiling kernels, is to modify the
EXTRAVERSION parameter in the Makefile.   This gives me a seperate path
for modules and stuff so I can keep multiple kernels around or compile for
different boxes.  My firewall, for example, has no compilers or sources
so, if I need a new kernel for it, I have to compile on a different box.

[cdaly@Hobbiton linux]$ head -4 Makefile Makefile.original 
==> Makefile <==
VERSION = 2
PATCHLEVEL = 2
SUBLEVEL = 14
EXTRAVERSION = -5.0-faenor-firewall-ipmasqadm

==> Makefile.original <==
VERSION = 2
PATCHLEVEL = 2
SUBLEVEL = 14
EXTRAVERSION = -5.0

As you can see, the Makefile for the firewall has 

EXTRAVERSION = -5.0-faenor-firewall-ipmasqadm

Doing all the make menuconfig blah blah right down to "make modules
install" produces a set of modules in 

/lib/modules/2.2.14-5.0-faenor-firewall-ipmasqadm

while the original set of modules for hobbiton are in 

/lib/modules/2.2.14-5.0

I can tar up the firewall modules along with its kernel and install
without messing up the system I compiled on

Conor
-- 
Conor Daly <[EMAIL PROTECTED]>

Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
 11:22pm  up 8 days,  2:13,  0 users,  load average: 0.00, 0.00, 0.00
Hobbiton.cod.ie
 11:26pm  up 8 days,  2:18,  2 users,  load average: 0.00, 0.06, 0.03

_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Reply via email to