Difference between pages "Rootfs over encrypted lvm" and "Funtoo Linux Kernels"

From Funtoo
(Difference between pages)
Jump to: navigation, search
(Changed more <pre>'s to <console>'s)
 
m (Kernel Features and Stability: Updated versions in table)
 
Line 1: Line 1:
This howto describes how to setup LVM and rootfs with cryptoLUKS-encrypted drive
+
This Section will give you an overview of kernels used in funtoo.
  
= Prepare the hard drive and partitions =
+
Funtoo Linux provides a number of new kernels for your use. This is the official page for all Funtoo Linux kernel information.  
This is an example partition scheme, you may want to choose differently.
+
<code>/dev/sda1</code> used as <code>/boot</code>. <code>/dev/sda2</code> will be encrypted drive with LVM.
+
  
* <code>/dev/sda1</code> -- <code>/boot</code> partition.
+
Some points of interest:
* <code>/dev/sda2</code> -- BIOS boot partition (not needed for MBR - only needed if you are using GPT) This step required for GRUB2. For more info, see: [http://www.funtoo.org/Funtoo_Linux_Installation#Prepare_Hard_Disk] for more information on GPT and MBR.
+
* <code>/dev/sda3</code> -- <code>/</code> partition, will be the drive with LUKS and LVM.
+
  
<console>
+
* Most Funtoo Linux kernels support the handy <tt>[[#Binary USE|binary]]</tt> USE flag, described below.
##r### ##b##dd if=/dev/zero of=/dev/sda3 bs=100M
+
* Funtoo Linux offers quality kernels from other Linux Distributions, like <tt>ubuntu-server</tt> and <tt>debian-sources</tt>.
##r### ##b##dd if=/dev/urandom of=/dev/sda3 bs=100M
+
* A detailed [[#Kernel Features and Stability|Kernel Features and Stability]] table can be found below.
</console>
+
* Advanced users may want to take a look at [[Additional Kernel Resources]].
The <code>dd</code> part is optional, and the command only needs to be run for security reasons (i.e only if you had top secret files on your drive). The command overwrites the lingering data on the device with random data. It takes around 6 hours to complete for a 200GB drive.
+
* There is a quick'n dirty howto to compile your own [[kernel]] with initramfs the funtoo way.
  
Note that you will get a message about reaching the end of the device when the <code>dd</code> command has finished. This behavior is intended.
+
== Overview of Kernels ==
  
= Encrypting the drive =
+
=== sysrescue-std-sources ===
<console>
+
##r### ##b##cryptsetup --cipher aes-xts-plain64 luksFormat /dev/sda3
+
##r### ##b##cryptsetup luksOpen /dev/sda3 dmcrypt_root
+
</console>
+
  
There you'll be prompted to enter your password phrase for encrypted drive, type your paranoid password there.
+
This kernel is from the [http://www.sysresccd.org SystemRescueCD project], and is based on Fedora 14/15, plus some other patches related to booting from a live CD. It is a quality kernel, and is generally pretty stable. It is not suitable for production servers but is a good choice for Funtoo Linux desktops. Earlier,the [[Funtoo Linux Installation]] Guide recommended this kernel for general users, but now 'debian-sources' is recommended. Note however,  that by design all audio functions are removed from SystemRescue, ie no sound when using this kernel.
  
= Create logical volumes =
+
=== vanilla-sources ===
<console>
+
##r### ##b##pvcreate /dev/mapper/dmcrypt_root
+
##r### ##b##vgcreate vg /dev/mapper/dmcrypt_root
+
##r### ##b##lvcreate -L10G --name root vg         
+
##r### ##b##lvcreate -L2G --name swap vg
+
##r### ##b##lvcreate -L5G --name portage vg
+
##r### ##b##lvcreate -l 100%FREE -nhome vg
+
</console>
+
Feel free to specify your desired size by altering the numbers after the -L flag. For example, to make your portage dataset 20GB's, use the flag -L20G instead of -L5G.
+
  
= Create a filesystem on volumes =
+
This will install the "vanilla" (unmodified) Linux kernel sources. Current recommended version is 3.x. Funtoo Linux fully supports Linux 3.x. The advantages of this kernel include recent improvements to [[Linux Containers]], a very modern networking stack with lots of bug fixes, and high reliability for desktops and servers. The downside is that this kernel must be manually configured by the user and does not have built-in <tt>genkernel</tt> support via the <tt>binary</tt> USE flag at this time.
<console>
+
##r### ##b##mkfs.ext2 /dev/sda1
+
##r### ##b##mkswap /dev/mapper/vg-swap
+
##r### ##b##mkfs.ext4 /dev/mapper/vg-root
+
##r### ##b##mkfs.ext4 /dev/mapper/vg-portage
+
##r### ##b##mkfs.ext4 /dev/mapper/vg-home
+
</console>
+
  
= Basic system setup =
+
=== gentoo-sources ===
<console>
+
##r### ##b##swapon /dev/mapper/vg-swap
+
##r### ##b##mkdir /mnt/funtoo
+
##r### ##b##mount /dev/mapper/vg-root /mnt/funtoo
+
##r### ##b##mkdir -p /mnt/funtoo/{boot,usr/portage,home}
+
##r### ##b##mount /dev/sda1 /mnt/funtoo/boot
+
##r### ##b##mount /dev/mapper/vg-portage /mnt/funtoo/usr/portage
+
##r### ##b##mount /dev/mapper/vg-home /mnt/funtoo/home
+
</console>
+
Now perform all the steps required for basic system install, please follow [http://docs.funtoo.org/wiki/Funtoo_Linux_Installation]
+
don't forget to emerge the following:
+
  
* cryptsetup
+
This kernel tree is based on stable kernels from [https://www.kernel.org/ kernel.org] with genpatches applied [http://dev.gentoo.org/~mpagano/genpatches/about.htm genpatches].
* lvm2
+
Gentoo patchset aims to support the entire range of Gentoo-supported architectures. List of available genpatched kernels: [http://dev.gentoo.org/~mpagano/genpatches/kernels.htm genpatches-kernels]
* grub
+
* kernel sources (gentoo-sources recommended)
+
  
 +
=== openvz-rhel6-stable ===
  
= Editing the fstab =
+
This is a RHEL6-based kernel with OpenVZ support. This kernel is now the preferred kernel for production OpenVZ deployments. It requires gcc-4.4.5 to build, which it will use automatically without the user needing to use <tt>gcc-config</tt>. We use this version of gcc since this is the version of gcc used by Red Hat to build this kernel.
Fire up your favorite text editor to edit <code>/etc/fstab</code>. You want to put the following in the file:
+
<console>
+
# <fs>                  <mountpoint>  <type>    <opts>                          <dump/pass>
+
/dev/sda1              /boot        ext2      noauto,noatime                  1 2
+
/dev/mapper/vg-swap    none          swap      sw                              0 0
+
/dev/mapper/vg-root    /            ext4      noatime,nodiratime,defaults    0 1
+
/dev/sr0                /mnt/cdrom    auto      noauto,ro                      0 0
+
/dev/mapper/vg-portage  /usr/portage  ext4      noatime,nodiratime              0 0
+
/dev/mapper/vg-home    /home        ext4      noatime,nodiratime              0 0
+
</console>
+
  
= Kernel options =
+
=== openvz-rhel5-stable ===
{{Note}}Important, do not miss this part.
+
{{kernelop
+
|'''General setup --->'''
+
|'''[*] Initial RAM filesystem and RAM disk (initramfs/initrd) support'''
+
}}
+
  
{{kernelop
+
This kernel is based on the latest Red Hat Enterprise Linux 5.6 kernel, and contains additional OpenVZ (virtual containers) patches from the [[OpenVZ on Funtoo Linux|OpenVZ]] project. It is a very stable and reliable kernel, and is recommended for use in production environments. The only major downside to this kernel is that it is based on Linux 2.6.18 -- some parts of the kernel are out-of-date, and it is not compatible with modern versions of udev. However, it is pretty trivial to downgrade udev to an earlier version on Funtoo Linux and this kernel has a track-record of being rock-solid. When stability is paramount, you put up with the udev downgrade, use this kernel, and can enjoy hundreds of days of uptime. For more information on how to use this kernel with Funtoo Linux, see the [[RHEL5 Kernel HOWTO]].
|'''Device Drivers --->''' <br> '''Generic Driver Options --->'''
+
|'''[*] Maintain a devtmpfs filesystem to mount at /dev''' <br>
+
}}
+
  
{{kernelop
+
=== ubuntu-server ===
|'''Device Drivers --->''' <br> '''[*] Multiple devices driver support --->'''
+
|'''<*>Device Mapper Support''' <br> '''<*> Crypt target support'''
+
}}
+
  
{{kernelop
+
This is the kernel from Ubuntu Server. Version <tt>2.6.32.32.62</tt> is the same version used in Ubuntu Server 10.04 LTS, and version <tt>2.6.35.28.50</tt> is the one used in Ubuntu Server 10.10 (currently masked). In our testing of <tt>2.6.32.32.62</tt>, it has been very reliable and offers very good performance. One exception, which is common among 2.6.32-based kernels, is that it's recommended that you emerge <tt>broadcom-netxtreme2</tt> if you have any Broadcom-based NICs, as the in-kernel drivers have compatibility issues with certain models. This kernel is a very good option if you want a relatively modern server kernel and do not need [[OpenVZ]] support. We use gcc-4.4.5 to build this kernel. It will use gcc-4.4.5 automatically, without requiring the user to use <tt>gcc-config</tt>.
|'''Cryptographic API --->'''
+
 
|'''-*-AES cipher algorithms''' <br> '''<*> XTS support'''
+
=== debian-sources ===
 +
 
 +
This is the Debian kernel. '''These ebuilds now support the <tt>binary</tt> USE flag.''' Daniel has added a special <tt>config-extract</tt> command which can be used to list all available official Debian kernel configurations, and generate them from the Debian files included with the kernel. This kernel has optional [[OpenVZ]] support, but it is much better to use <tt>openvz-rhel6-stable</tt> if you want a production-quality OpenVZ installation. For more information about how to use <tt>debian-sources</tt> and <tt>config-extract</tt>, see [[#Using Debian-Sources with Genkernel|Using debian-sources with Genkernel]] below.
 +
 
 +
=== debian-sources-lts ===
 +
 
 +
This is the Debian long-term stable kernel. '''These ebuilds now support the <tt>binary</tt> USE flag.''' Daniel has added a special <tt>config-extract</tt> command which can be used to list all available official Debian kernel configurations, and generate them from the Debian files included with the kernel.
 +
 
 +
== Binary USE ==
 +
 
 +
Many of the kernel ebuilds in Funtoo Linux support the very useful <tt>binary</tt> USE flag. By enabling this USE flag and emerging the kernel, the ebuild will automatically build a binary kernel image, initramfs and kernel modules and install them to <tt>/boot</tt>. The binary kernel image and initramfs can be used to boot your Funtoo Linux system without requiring any additional configuration. This is a great way to get a Funtoo Linux system up and running quickly. Here's how to do it:
 +
 
 +
<pre>
 +
# echo "sys-kernel/openvz-rhel5-stable binary" >> /etc/portage/package.use
 +
# emerge openvz-rhel5-stable
 +
# nano -w /etc/boot.conf
 +
# boot-update
 +
</pre>
 +
 
 +
More information can be found in the [[Funtoo Linux Installation]] Guide.
 +
 
 +
== Funtoo Linux Genkernel ==
 +
 
 +
Funtoo Linux contains a forked/enhanced version of genkernel with the following new capabilities:
 +
 
 +
* genkernel can use a build directory that is separate from the kernel source directory. This is enabled using the new <tt>--build-dst</tt> option.
 +
* <tt>--build-src</tt> is a new option that is equivalent to the <tt>--kerneldir</tt> option.
 +
* <tt>--fullname</tt> can be used to specify the entire name of the kernel and initramfs images -- everything after <tt>kernel-</tt> and <tt>initramfs-</tt>.
 +
* <tt>--firmware-src</tt> - a new option that works identically to <tt>--firmware-dir</tt>.
 +
* <tt>--firmware-dst</tt> - a new capability - you can now define where genkernel installs firmware.
 +
* Genkernel uses Funtoo Linux <tt>lvm2</tt> rather than building its own.
 +
* Some compile fixes.
 +
 
 +
== Kernel Features and Stability ==
 +
 
 +
This page provides an overview of kernel features and stability information:
 +
 
 +
{| {{table}}
 +
!Kernel Name
 +
!Version
 +
!USE flags
 +
!Stability
 +
!Extra Features
 +
!Req'd udev
 +
!Notes
 +
|-
 +
|<tt>[[#vanilla-sources|vanilla-sources]]</tt>
 +
|3.12.4
 +
|N/A
 +
|'''Excellent''' - recommended for desktops and servers.
 +
|N/A
 +
|Any
 +
|Recommended for modern networking stack, hardware and [[Linux Containers]] support. This kernel must be manually configured by the user. New Features: [http://kernelnewbies.org/Linux_3.11 kernelnewbies.org/linux_3.11]  New Drivers: [http://kernelnewbies.org/Linux_3.11-DriversArch kernelnewbies/Linux_3.11-DriversArch]
 +
|-
 +
|<tt>[[#gentoo-sources|gentoo-sources]]</tt>
 +
|3.12.4
 +
|N/A
 +
|'''Excellent''' - recommended for desktops and workstations
 +
|N/A
 +
|Any
 +
|Recommended for modern networking stack, hardware and [[Linux Containers]] support. This kernel must be manually configured by the user. New Features: [http://kernelnewbies.org/Linux_3.11 kernelnewbies.org/linux_3.11]  New Drivers: [http://kernelnewbies.org/Linux_3.11-DriversArch kernelnewbies/Linux_3.11-DriversArch]
 +
|-
 +
|<tt>[[#sysrescue-std-sources|sysrescue-std-sources]]</tt>
 +
|3.0.21.302
 +
|<tt>binary</tt>
 +
|''Good'' - recommended for desktops
 +
|N/A
 +
|Any
 +
|Nvidia card users: binary use flag installs nouveau drivers. Not compatible with nvidia-drivers.
 +
|-
 +
|<tt>[[#openvz-rhel6-stable|openvz-rhel6-stable]]</tt>
 +
|2.6.32.042.079.5
 +
|<tt>binary</tt>
 +
|'''Excellent''' - recommended for production servers
 +
|N/A
 +
|Any
 +
|This kernel is built with gcc-4.4.5. <tt>emerge broadcom-netxtreme2</tt> for reliable BCM5709+ support (integrated NIC)
 +
|-
 +
|<tt>[[#openvz-rhel5-stable|openvz-rhel5-stable]]</tt>
 +
|2.6.18.028.095.1
 +
|<tt>binary</tt>
 +
|'''Excellent''' - recommended for production servers
 +
|OpenVZ
 +
|=sys-fs/udev-146*
 +
|Broadcom <tt>bnx2</tt> driver module bundled with kernel appears to be OK. This kernel is built with gcc-4.1.2. Enabling the <tt>binary</tt> USE flag will cause gcc-4.1.2 to be emerged and used for building the kernel.
 +
|-
 +
|<tt>[[#ubuntu-server|ubuntu-server]]</tt>
 +
|2.6.32.32.62
 +
|<tt>binary</tt>
 +
|'''Excellent''' - recommended for production servers (still in extended testing)
 +
| N/A
 +
|Any
 +
|This kernel is built with gcc-4.4.5. <tt>emerge broadcom-netxtreme2</tt> for reliable BCM5709+ support (integrated NIC)
 +
|-
 +
|<tt>[[#ubuntu-server|ubuntu-server]]</tt>
 +
|2.6.35.28.50
 +
|<tt>binary</tt>
 +
|''not yet tested''
 +
| N/A
 +
|Any
 +
|This kernel is built with gcc-4.4.5. <tt>emerge broadcom-netxtreme2</tt> for reliable BCM5709+ support (integrated NIC)
 +
|-
 +
|<tt>[[#debian-sources|debian-sources]]</tt>
 +
|3.11.5
 +
|<tt>openvz</tt>
 +
|''Good'' - default kernel recommended by Funtoo
 +
|OpenVZ (optional)
 +
|Any
 +
|See [[#Using debian-sources with Genkernel]], below.
 +
|-
 +
|}
 +
 
 +
== Using Debian-Sources with Genkernel ==
 +
 
 +
{{ fancyimportant|Debian-sources is now fully compatible with ''binary'' USE flag and recommended for desktop users. The below example is valid for manual installation. At least 12G of /var/tmp required to build
 
}}
 
}}
 +
This section describes how to build a binary kernel with <tt>debian-sources</tt> and <tt>genkernel</tt>, and it also explains how to use Funtoo Linux's <tt>config-extract</tt> tool to list and create official Debian kernel configurations.
  
= Initramfs setup and configuration =
+
=== First step: emerging the required packages ===
'''Build your initramfs with [https://bitbucket.org/piotrkarbowski/better-initramfs better-initramfs] project.'''
+
  
{{note}}better-initramfs supports neither dynamic modules nor udev, so you should compile your kernel with built-in support for your block devices.
+
The first step is to emerge:
  
<console>
+
# The Debian sources
##r### ##b##git clone git://github.com/slashbeast/better-initramfs.git
+
# Genkernel itself
##r### ##b##cd better-initramfs
+
##r### ##b##less README.rst
+
##r### ##b##bootstrap/bootstrap-all
+
##r### ##b##make prepare
+
##r### ##b##make image
+
</console>
+
  
Copy resulting <code>initramfs.cpio.gz</code> to <code>/boot</code>:
+
This is achieved with:
<console>##r### ##b##cp output/initramfs.cpio.gz /boot</console>
+
  
Alternatively, a pre-compiled binary initramfs is available at https://bitbucket.org/piotrkarbowski/better-initramfs/downloads
+
<pre>
<console>
+
# emerge sys-kernel/debian-sources sys-kernel/genkernel
##r### ##b##wget https://bitbucket.org/piotrkarbowski/better-initramfs/downloads/release-x86_64-v0.7.2.tar.bz2
+
</pre>
##r### ##b##tar xf release-x86_64-v0.5.tar.bz2
+
##r### ##b##cd release*
+
##r### ##b##gzip initramfs.cpio
+
##r### ##b##cp initramfs.cpio.gz /boot
+
</console>
+
  
Remember, better-initramfs project is a work in progress, so you need to update from time to time. It can be done easily with <code>git</code>. Go to the better-initramfs source dir and follow:
+
Once the Debian kernel sources are deployed, you should find a directory named '''linux-debian-''version''''' (e.g. linux-debian-2.6.32.30) under '''/usr/src'''. Update your the '''linux''' symlink to point on this directory:
<pre># git pull
+
<pre>
# less ChangeLog
+
# cd /usr/src
 +
# rm linux
 +
# ln -s linux-debian-2.6.32.30 linux
 
</pre>
 
</pre>
Please, read the ChangeLog carefuly and do necessary updates, to <code>/etc/boot.conf</code>, the example config below. Please, backup working <code>initramfs.cpio.gz</code> and <code>/etc/boot.conf</code> before updating initramfs.
+
Alternatively, emerge the debian-sources with USE="symlink"
  
= Genkernel approach =
+
=== Second step: Grabbing a configuration file ===
Funtoo's genkernel capable to create initramfs for encrypted drive. Compile and install kernel and initramfs of your favorite kernel sources:
+
<pre>genkernel --kernel-config=/path/to/your/custom-kernel-config --no-mrproper --makeopts=-j5 --install --lvm --luks all</pre>
+
Configure the bootloader as described above, with correct kernel and initramfs images names. An example for genkernel and grub2:
+
  
{{code|/etc/boot.conf|<pre>
+
If is now time to download the kernel configuration file. For this tutorial we will use a configuration file for AMD64 (several others architectures like MIPS or SPARC64 are available.)  To view a complete list of available kernel configurations, type <tt>./config-extract -l</tt> in the Debian kernel source directory:
boot {
+
  generate grub
+
  default "Funtoo Linux"
+
  timeout 3
+
}
+
"Funtoo Linux" {
+
  kernel kernel-genkernel-x86_64-2.6.39
+
  initrd initramfs-genkernel-x86_64-2.6.39
+
  params += crypt_root=/dev/sda2 dolvm real_root=/dev/mapper/vg-root  rootfstype=ext4 resume=swap:/dev/mapper/vg-swap quiet
+
}</pre>}}
+
  
= Grub2 configuration =
+
<pre>
An example of <code>/etc/boot.conf</code> for better-initramfs
+
ninja1 linux-debian-2.6.32.30 # ./config-extract -l
{{code|/etc/boot.conf|<pre>
+
 
boot {
+
====== standard featureset ======
  generate grub
+
 
  default "Funtoo Linux"
+
      alpha: alpha-generic, alpha-legacy, alpha-smp
  timeout 3
+
      amd64
}
+
      armel: iop32x, ixp4xx, kirkwood, orion5x, versatile
"Funtoo Linux" {
+
        hppa: parisc, parisc-smp, parisc64, parisc64-smp
  kernel bzImage[-v]
+
        i386: 486, 686, 686-bigmem, amd64
  initrd /initramfs.cpio.gz
+
        ia64: itanium, mckinley
  params += enc_root=/dev/sda2 lvm luks root=/dev/mapper/vg-root  rootfstype=ext4 resume=swap:/dev/mapper/vg-swap quiet
+
        m68k: amiga, atari, bvme6000, mac, mvme147, mvme16x
}</pre>}}
+
        mips: 4kc-malta, 5kc-malta, r4k-ip22, r5k-ip32, sb1-bcm91250a, sb1a-bcm91480b
 +
      mipsel: 4kc-malta, 5kc-malta, r5k-cobalt, sb1-bcm91250a, sb1a-bcm91480b
 +
    powerpc: powerpc, powerpc-smp, powerpc64
 +
        s390: s390x, s390x-tape
 +
        sh4: sh7751r, sh7785lcr
 +
      sparc: sparc64, sparc64-smp
 +
    sparc64: sparc64, sparc64-smp
 +
 
 +
====== vserver featureset ======
 +
 
 +
      amd64
 +
        i386: 686, 686-bigmem
 +
        ia64: itanium, mckinley
 +
    powerpc: powerpc, powerpc64
 +
        s390
 +
      sparc
 +
    sparc64
 +
 
 +
====== xen featureset ======
 +
 
 +
      amd64
 +
        i386
 +
 
 +
====== openvz featureset ======
 +
 
 +
      amd64
 +
        i386
 +
</pre>
 +
 
 +
Type <tt>config-extract -h</tt> for extended usage information:
  
= Lilo configuration =
 
For oldschool geeks, an example for lilo bootloader. Emerge lilo with device-mapper support
 
 
<pre>
 
<pre>
# echo 'sys-boot/lilo device-mapper' >> /etc/portage/package.use/lilo
+
ninja1 linux-debian-2.6.32.30 # ./config-extract -h
# emerge lilo</pre>
+
This work is free software.
 +
 
 +
Copyright 2011 Funtoo Technologies. You can redistribute and/or modify it under
 +
the terms of the GNU General Public License version 3 as published by the Free
 +
Software Foundation. Alternatively you may (at your option) use any other
 +
license that has been publicly approved for use with this program by Funtoo
 +
Technologies (or its successors, if any.)
 +
 
 +
usage: config-extract [options] arch [featureset] [subarch]
 +
 
 +
  -h  --help        print this usage and exit
 +
  -l  --list        list all available kernel configurations
 +
  -o  --outfile    specify kernel config outfile --
 +
                    defaults to .config in current directory
 +
  [featureset]      defaults to "none" if not specified
 +
  [subarch]        defaults to the only one available; otherwise required
 +
 
 +
This program was written by Daniel Robbins for Funtoo Linux, for the purpose of
 +
easily and conveniently extracting Debian kernel configurations. To see a nice
 +
list of all available kernel configurations, use the --list option.
 +
 
 +
Debian's kernel configs are specified internally in arch_featureset_flavor
 +
format, such as: "amd64_openvz_amd64". The featureset typically describes an
 +
optional kernel configuration such as "xen" or "openvz", while the flavor in
 +
Debian terminology typically refers to the sub-architecture of the CPU.
 +
 
 +
When using this command, you must specify an arch. A featureset of "none" is
 +
assumed unless you specify one, and by default this program will pick the only
 +
available subarch if there is only one to choose from. If not, you will need to
 +
pick one (and the program will remind you to do this.)
 +
 
 +
The kernel configuration will be written to ".config" in the current directory,
 +
or the location you specified using the -o/--outfile option.
 +
</pre>
 +
 
 +
Let's use <tt>config-extract</tt> to create a kernel configuration for an amd64 system:
  
{{code|/etc/lilo.conf|<pre>append="init=/linuxrc dolvm crypt_root=/dev/sda2 real_root=/dev/mapper/vg-root"
 
boot=/dev/sda
 
compact
 
default=funtoo
 
lba32
 
prompt
 
read-only
 
timeout=50
 
image=/boot/kernel-genkernel-x86_64-2.6.39
 
initrd=/boot/initramfs-genkernel-x86_64-2.6.39
 
label=funtoo
 
</pre>}}
 
= Syslinux bootloader setup =
 
Syslinux is another advanced bootloader which you can find on all live CD's.
 
 
<pre>
 
<pre>
# emerge syslinux
+
# cd linux
# mkdir /boot/extlinux
+
# ./config-extract amd64
# extlinux --install /boot/extlinux
+
Wrote amd64_none_amd64 kernel configuration to /usr/src/linux-debian-2.6.32.30/.config.
# dd bs=440 conv=notrunc count=1 if=/usr/share/syslinux/mbr.bin of=/dev/sda
+
</pre>
- or -
+
# sgdisk /dev/sda --attributes=1:set:2
+
# dd bs=440 conv=notrunc count=1 if=/usr/share/syslinux/gptmbr.bin of=/dev/sda, for GPT partition</pre>
+
{{code|/boot/extlinux/extlinux.conf|<pre>LABEL kernel1_bzImage-3.2.1
+
MENU LABEL Funtoo Linux bzImage-3.2.1
+
LINUX /bzImage-3.2.1
+
INITRD /initramfs.cpio.gz
+
APPEND rootfstype=ext4 luks enc_root=/dev/sda2 lvm root=/dev/mapper/vg-root
+
</pre>}}
+
  
= Final steps =
+
<tt>config-extract</tt> also allows you to extract special Debian featuresets, such as settings for Xen and [[OpenVZ]] kernels:
Umount everything, close encrypted drive and reboot
+
 
<pre>umount /mnt/funtoo/proc (/dev, /home, /usr/portage, /boot)
+
<pre>
vgchange -a n
+
# ./config-extract amd64 openvz
cryptsetup luksClose /dev/sda2 dmcrypt_root</pre>
+
Wrote amd64_openvz_amd64 kernel configuration to /usr/src/linux-debian-2.6.32.30/.config.
After reboot you will get the following:
+
</pre>
<pre>>>> better-initramfs started. Kernel version 2.6.35-gentoo-r10
+
 
>>> Create all the symlinks to /bin/busybox.
+
'''It is necessary to name the kernel configuration file something other than ".config" to avoid errors with genkernel.'''
>>> Initiating /dev/dir
+
 
>>> Getting LVM volumes up (if any)
+
 
Reding all physical volumes. This make take awhile...
+
After using <tt>config-extract</tt>, run <tt>make oldconfig</tt> and accept all default options by hitting Enter at all prompts.
No volume group found
+
 
No volume group found
+
=== Third step: Building and installing the kernel ===
>>> Opening encrypted partition and mapping to /dev/mapper/dmcrypt_root
+
 
Enter passphrase fore /dev/sda2:</pre>
+
This is simply achieved by:
Type your password
+
 
 +
<pre>
 +
# genkernel --kernel-config=config-2.6.32-5-amd64 all
 +
</pre>
 +
 
 +
* --kernel-config: use the given configfile. If you only give a filename here, it is searched for in your current working dir. You can also use a relative or an absolute path leading to your configfile here (for example: "--kernel-config=/usr/src/linux/configfile").
 +
* all: rebuild the kernel image and the initramfs ramdisk image (aside of kernel modules, the ramdisk image contains tools such as BusyBox and some generic startup scripts, depending on options you use on the command line several additional tools like lvm or raid volume management can be incorporated as well).
 +
 
 +
{{ fancyimportant|Unless explicitly stated via ''--no-clean'' or ''--no-mrproper'', Genkernel will do a '''make mrproper''' in the kernel source tree, thus cleaning a previous build '''and removing the previous kernel configuration file''' in it.
 +
}}
  
<pre>>>> Again, getting LVM volumes up (if any, after map dmcrypt).
+
If you use Genkernel to rebuild a Linux kernel on SPARC64, remember to either:
  Reading all physical volumes.  This may take a while...
+
* Set '''sparc64-unknown-linux-gnu-''' in ''General setup --> Cross-compiler tool prefix''
  Found volume group "vg" using metadata type lvm2
+
* Put '''--kernel-cross-compile=sparc64-unknown-linux-gnu-''' on the Genkernel command line
  4 logical volume(s) in volume group "vg" now active
+
>>> Mounting rootfs to /newroot
+
>>> Umounting /sys and /proc.
+
>>> Switching root to /newroot and executing /sbin/init.
+
INIT: version 2.88 booting
+
Loading /libexec/rc/console/keymap
+
  OpenRC 0.6.1 is starting up Funtoo Linux (x86_64)
+
...boot messages omitted for clarity
+
 
+
orion login: oleg
+
Password:
+
Last login: Thu Oct 14 20:49:21 EEST 2010 on tty1
+
oleg@orion ~ %</pre>
+
  
= Additional links =
+
Once the kernel has been compiled and the ram disk has been generated, the kernel image plus its companion files (initramfs image and System.map) are placed in the /boot directory. You can use your favourite tool to update your bootloader configuration files.
* [[gentoo-wiki:Root filesystem over LVM2, DM-Crypt and RAID|Root filesystem over LVM2, DM-Crypt, and RAID]]
+
* [http://wiki.archlinux.org/index.php/System_Encryption_with_LUKS_for_dm-crypt System Encryption with LUKS for dm-crypt]
+
  
[[Category:HOWTO]]
+
[[Category:Internals]]
 +
[[Category:Funtoo features]]
 +
[[Category:Kernel]]

Revision as of 03:26, 10 December 2013

This Section will give you an overview of kernels used in funtoo.

Funtoo Linux provides a number of new kernels for your use. This is the official page for all Funtoo Linux kernel information.

Some points of interest:

  • Most Funtoo Linux kernels support the handy binary USE flag, described below.
  • Funtoo Linux offers quality kernels from other Linux Distributions, like ubuntu-server and debian-sources.
  • A detailed Kernel Features and Stability table can be found below.
  • Advanced users may want to take a look at Additional Kernel Resources.
  • There is a quick'n dirty howto to compile your own kernel with initramfs the funtoo way.

Contents

Overview of Kernels

sysrescue-std-sources

This kernel is from the SystemRescueCD project, and is based on Fedora 14/15, plus some other patches related to booting from a live CD. It is a quality kernel, and is generally pretty stable. It is not suitable for production servers but is a good choice for Funtoo Linux desktops. Earlier,the Funtoo Linux Installation Guide recommended this kernel for general users, but now 'debian-sources' is recommended. Note however, that by design all audio functions are removed from SystemRescue, ie no sound when using this kernel.

vanilla-sources

This will install the "vanilla" (unmodified) Linux kernel sources. Current recommended version is 3.x. Funtoo Linux fully supports Linux 3.x. The advantages of this kernel include recent improvements to Linux Containers, a very modern networking stack with lots of bug fixes, and high reliability for desktops and servers. The downside is that this kernel must be manually configured by the user and does not have built-in genkernel support via the binary USE flag at this time.

gentoo-sources

This kernel tree is based on stable kernels from kernel.org with genpatches applied genpatches. Gentoo patchset aims to support the entire range of Gentoo-supported architectures. List of available genpatched kernels: genpatches-kernels

openvz-rhel6-stable

This is a RHEL6-based kernel with OpenVZ support. This kernel is now the preferred kernel for production OpenVZ deployments. It requires gcc-4.4.5 to build, which it will use automatically without the user needing to use gcc-config. We use this version of gcc since this is the version of gcc used by Red Hat to build this kernel.

openvz-rhel5-stable

This kernel is based on the latest Red Hat Enterprise Linux 5.6 kernel, and contains additional OpenVZ (virtual containers) patches from the OpenVZ project. It is a very stable and reliable kernel, and is recommended for use in production environments. The only major downside to this kernel is that it is based on Linux 2.6.18 -- some parts of the kernel are out-of-date, and it is not compatible with modern versions of udev. However, it is pretty trivial to downgrade udev to an earlier version on Funtoo Linux and this kernel has a track-record of being rock-solid. When stability is paramount, you put up with the udev downgrade, use this kernel, and can enjoy hundreds of days of uptime. For more information on how to use this kernel with Funtoo Linux, see the RHEL5 Kernel HOWTO.

ubuntu-server

This is the kernel from Ubuntu Server. Version 2.6.32.32.62 is the same version used in Ubuntu Server 10.04 LTS, and version 2.6.35.28.50 is the one used in Ubuntu Server 10.10 (currently masked). In our testing of 2.6.32.32.62, it has been very reliable and offers very good performance. One exception, which is common among 2.6.32-based kernels, is that it's recommended that you emerge broadcom-netxtreme2 if you have any Broadcom-based NICs, as the in-kernel drivers have compatibility issues with certain models. This kernel is a very good option if you want a relatively modern server kernel and do not need OpenVZ support. We use gcc-4.4.5 to build this kernel. It will use gcc-4.4.5 automatically, without requiring the user to use gcc-config.

debian-sources

This is the Debian kernel. These ebuilds now support the binary USE flag. Daniel has added a special config-extract command which can be used to list all available official Debian kernel configurations, and generate them from the Debian files included with the kernel. This kernel has optional OpenVZ support, but it is much better to use openvz-rhel6-stable if you want a production-quality OpenVZ installation. For more information about how to use debian-sources and config-extract, see Using debian-sources with Genkernel below.

debian-sources-lts

This is the Debian long-term stable kernel. These ebuilds now support the binary USE flag. Daniel has added a special config-extract command which can be used to list all available official Debian kernel configurations, and generate them from the Debian files included with the kernel.

Binary USE

Many of the kernel ebuilds in Funtoo Linux support the very useful binary USE flag. By enabling this USE flag and emerging the kernel, the ebuild will automatically build a binary kernel image, initramfs and kernel modules and install them to /boot. The binary kernel image and initramfs can be used to boot your Funtoo Linux system without requiring any additional configuration. This is a great way to get a Funtoo Linux system up and running quickly. Here's how to do it:

# echo "sys-kernel/openvz-rhel5-stable binary" >> /etc/portage/package.use
# emerge openvz-rhel5-stable
# nano -w /etc/boot.conf
# boot-update

More information can be found in the Funtoo Linux Installation Guide.

Funtoo Linux Genkernel

Funtoo Linux contains a forked/enhanced version of genkernel with the following new capabilities:

  • genkernel can use a build directory that is separate from the kernel source directory. This is enabled using the new --build-dst option.
  • --build-src is a new option that is equivalent to the --kerneldir option.
  • --fullname can be used to specify the entire name of the kernel and initramfs images -- everything after kernel- and initramfs-.
  • --firmware-src - a new option that works identically to --firmware-dir.
  • --firmware-dst - a new capability - you can now define where genkernel installs firmware.
  • Genkernel uses Funtoo Linux lvm2 rather than building its own.
  • Some compile fixes.

Kernel Features and Stability

This page provides an overview of kernel features and stability information:

Kernel Name Version USE flags Stability Extra Features Req'd udev Notes
vanilla-sources 3.12.4 N/A Excellent - recommended for desktops and servers. N/A Any Recommended for modern networking stack, hardware and Linux Containers support. This kernel must be manually configured by the user. New Features: kernelnewbies.org/linux_3.11 New Drivers: kernelnewbies/Linux_3.11-DriversArch
gentoo-sources 3.12.4 N/A Excellent - recommended for desktops and workstations N/A Any Recommended for modern networking stack, hardware and Linux Containers support. This kernel must be manually configured by the user. New Features: kernelnewbies.org/linux_3.11 New Drivers: kernelnewbies/Linux_3.11-DriversArch
sysrescue-std-sources 3.0.21.302 binary Good - recommended for desktops N/A Any Nvidia card users: binary use flag installs nouveau drivers. Not compatible with nvidia-drivers.
openvz-rhel6-stable 2.6.32.042.079.5 binary Excellent - recommended for production servers N/A Any This kernel is built with gcc-4.4.5. emerge broadcom-netxtreme2 for reliable BCM5709+ support (integrated NIC)
openvz-rhel5-stable 2.6.18.028.095.1 binary Excellent - recommended for production servers OpenVZ =sys-fs/udev-146* Broadcom bnx2 driver module bundled with kernel appears to be OK. This kernel is built with gcc-4.1.2. Enabling the binary USE flag will cause gcc-4.1.2 to be emerged and used for building the kernel.
ubuntu-server 2.6.32.32.62 binary Excellent - recommended for production servers (still in extended testing) N/A Any This kernel is built with gcc-4.4.5. emerge broadcom-netxtreme2 for reliable BCM5709+ support (integrated NIC)
ubuntu-server 2.6.35.28.50 binary not yet tested N/A Any This kernel is built with gcc-4.4.5. emerge broadcom-netxtreme2 for reliable BCM5709+ support (integrated NIC)
debian-sources 3.11.5 openvz Good - default kernel recommended by Funtoo OpenVZ (optional) Any See #Using debian-sources with Genkernel, below.

Using Debian-Sources with Genkernel

Important: Debian-sources is now fully compatible with binary USE flag and recommended for desktop users. The below example is valid for manual installation. At least 12G of /var/tmp required to build

This section describes how to build a binary kernel with debian-sources and genkernel, and it also explains how to use Funtoo Linux's config-extract tool to list and create official Debian kernel configurations.

First step: emerging the required packages

The first step is to emerge:

  1. The Debian sources
  2. Genkernel itself

This is achieved with:

# emerge sys-kernel/debian-sources sys-kernel/genkernel

Once the Debian kernel sources are deployed, you should find a directory named linux-debian-version (e.g. linux-debian-2.6.32.30) under /usr/src. Update your the linux symlink to point on this directory:

# cd /usr/src
# rm linux
# ln -s linux-debian-2.6.32.30 linux

Alternatively, emerge the debian-sources with USE="symlink"

Second step: Grabbing a configuration file

If is now time to download the kernel configuration file. For this tutorial we will use a configuration file for AMD64 (several others architectures like MIPS or SPARC64 are available.) To view a complete list of available kernel configurations, type ./config-extract -l in the Debian kernel source directory:

ninja1 linux-debian-2.6.32.30 # ./config-extract -l

====== standard featureset ======

       alpha: alpha-generic, alpha-legacy, alpha-smp
       amd64
       armel: iop32x, ixp4xx, kirkwood, orion5x, versatile
        hppa: parisc, parisc-smp, parisc64, parisc64-smp
        i386: 486, 686, 686-bigmem, amd64
        ia64: itanium, mckinley
        m68k: amiga, atari, bvme6000, mac, mvme147, mvme16x
        mips: 4kc-malta, 5kc-malta, r4k-ip22, r5k-ip32, sb1-bcm91250a, sb1a-bcm91480b
      mipsel: 4kc-malta, 5kc-malta, r5k-cobalt, sb1-bcm91250a, sb1a-bcm91480b
     powerpc: powerpc, powerpc-smp, powerpc64
        s390: s390x, s390x-tape
         sh4: sh7751r, sh7785lcr
       sparc: sparc64, sparc64-smp
     sparc64: sparc64, sparc64-smp

====== vserver featureset ======

       amd64
        i386: 686, 686-bigmem
        ia64: itanium, mckinley
     powerpc: powerpc, powerpc64
        s390
       sparc
     sparc64

====== xen featureset ======

       amd64
        i386

====== openvz featureset ======

       amd64
        i386

Type config-extract -h for extended usage information:

ninja1 linux-debian-2.6.32.30 # ./config-extract -h
This work is free software.

Copyright 2011 Funtoo Technologies. You can redistribute and/or modify it under
the terms of the GNU General Public License version 3 as published by the Free
Software Foundation. Alternatively you may (at your option) use any other
license that has been publicly approved for use with this program by Funtoo
Technologies (or its successors, if any.)

usage: config-extract [options] arch [featureset] [subarch]

  -h  --help        print this usage and exit
  -l  --list        list all available kernel configurations
  -o  --outfile     specify kernel config outfile --
                    defaults to .config in current directory
  [featureset]      defaults to "none" if not specified
  [subarch]         defaults to the only one available; otherwise required

This program was written by Daniel Robbins for Funtoo Linux, for the purpose of
easily and conveniently extracting Debian kernel configurations. To see a nice
list of all available kernel configurations, use the --list option.

Debian's kernel configs are specified internally in arch_featureset_flavor
format, such as: "amd64_openvz_amd64". The featureset typically describes an
optional kernel configuration such as "xen" or "openvz", while the flavor in
Debian terminology typically refers to the sub-architecture of the CPU.

When using this command, you must specify an arch. A featureset of "none" is
assumed unless you specify one, and by default this program will pick the only
available subarch if there is only one to choose from. If not, you will need to
pick one (and the program will remind you to do this.)

The kernel configuration will be written to ".config" in the current directory,
or the location you specified using the -o/--outfile option.

Let's use config-extract to create a kernel configuration for an amd64 system:

# cd linux
# ./config-extract amd64
Wrote amd64_none_amd64 kernel configuration to /usr/src/linux-debian-2.6.32.30/.config.

config-extract also allows you to extract special Debian featuresets, such as settings for Xen and OpenVZ kernels:

# ./config-extract amd64 openvz
Wrote amd64_openvz_amd64 kernel configuration to /usr/src/linux-debian-2.6.32.30/.config.

It is necessary to name the kernel configuration file something other than ".config" to avoid errors with genkernel.


After using config-extract, run make oldconfig and accept all default options by hitting Enter at all prompts.

Third step: Building and installing the kernel

This is simply achieved by:

# genkernel --kernel-config=config-2.6.32-5-amd64 all
  • --kernel-config: use the given configfile. If you only give a filename here, it is searched for in your current working dir. You can also use a relative or an absolute path leading to your configfile here (for example: "--kernel-config=/usr/src/linux/configfile").
  • all: rebuild the kernel image and the initramfs ramdisk image (aside of kernel modules, the ramdisk image contains tools such as BusyBox and some generic startup scripts, depending on options you use on the command line several additional tools like lvm or raid volume management can be incorporated as well).
Important: Unless explicitly stated via --no-clean or --no-mrproper, Genkernel will do a make mrproper in the kernel source tree, thus cleaning a previous build and removing the previous kernel configuration file in it.

If you use Genkernel to rebuild a Linux kernel on SPARC64, remember to either:

  • Set sparc64-unknown-linux-gnu- in General setup --> Cross-compiler tool prefix
  • Put --kernel-cross-compile=sparc64-unknown-linux-gnu- on the Genkernel command line

Once the kernel has been compiled and the ram disk has been generated, the kernel image plus its companion files (initramfs image and System.map) are placed in the /boot directory. You can use your favourite tool to update your bootloader configuration files.