Certification Objective 8.04-Recompiling a Kernel | Linux Patch Management: Keeping Linux Systems Up To Date

While references to recompiling the Linux kernel have been removed from the Red Hat exam requirements, RHCEs in the real world are expected to know how to perform high-level tasks such as optimizing and recompiling the Linux kernel.

This section looks at the kernel configuration file and then proceeds with a discussion of the different tools available to edit the kernel configuration. Finally, you'll see the commands needed to compile your new configuration into the kernel, the files added to the /boot directory, and the settings added to the boot loader.

The Kernel Configuration Scripts

After you've configured a kernel once, the configuration information is stored in a hidden file, .config, in the Linux source code directory. It is structured as a listing of variables. Here are some entries from the .config file:

 CONFIG_NETDEVICES=y CONFIG_BONDING=m # CONFIG_EQUALIZER is not set

As you can see, there are three main types of variables in this file. The first command compiles in direct support, the second entry compiles support as a module (the m), and the third command is commented out and is therefore not compiled into the kernel at all. You should never have to edit this file directly, as there are easier ways to configure your kernel.

Move to the directory with your kernel source files. If you've installed the RHEL kernel source RPM, navigate to the aforementioned source code directory, /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.`uname -m`. If you've created the link suggested earlier, you can use the /usr/src/linux directory. Four tools can help you configure the kernel configuration file: make config, make menuconfig, make xconfig, and make gconfig. The last three of these tools require some of the packages described in Table 8-2.

Back Up Your Configuration

The default configuration for your current Linux kernel is stored in the /boot directory. For the default RHEL system, it's stored in the config-`uname -r` file. Back up this file (and perhaps all contents of /boot) on another location such as a USB key so that you can restore your current kernel configuration if all else fails.

You can use your current configuration as a baseline; the Linux kernel configuration tools will start with these settings. To do so with the current kernel, copy the config-`uname -r` file to the .config file in the source code directory.

Alternatively, there are a number of standard configuration files in the configs/subdirectory. If you want to start with one of these files, use the configuration file that corresponds most closely to your hardware. You can set that as the starting point for your configuration by copying that to the .config file in the source code directory.

make config

Once you're in the kernel source code directory, you can call a simple script to configure a new kernel with the following command:

 # make config

This script will prompt you through your different options. Figure 8-5 shows an excerpt from the output for this script.

image from book
Figure 8-5: Questions from the make config utility

Here the kernel variables are listed in parentheses and the possible answers are in brackets. The default answer is in capital letters. If you type in a ?, you will see a help page explaining this option. Since several hundred questions are associated with this script, most administrators use one of the other two scripts to manage their Linux kernels.

make menuconfig

A nicer way to create the .config file is to use the make menuconfig command. This requires the ncurses RPM package. This opens a text-based menu-driven system that classifies and organizes the changes that you can make to a kernel. Figure 8-6 illustrates the main menu associated with this command.

image from book
Figure 8-6: The make menuconfig configuration menu

The nice thing about menuconfig is that it works well over a remote text connection from other Linux computers (or perhaps that is dangerous!). Also, when you scroll all the way down, options appear at the bottom of the menu to load or save the configuration file from a different location.

make xconfig

One graphical way to make changes uses KDE-based libraries. You can generate a graphical menu system to configure your kernel by running the make xconfig command. Figure 8-7 shows the xconfig main menu. You can also use xconfig to load or save the configuration from the file of your choice.

image from book
Figure 8-7: The make xconfig configuration menu

make gconfig

A second graphical way to make changes uses GNOME-based libraries. You can generate a graphical menu system to configure your kernel by running the make gconfig command. Figure 8-8 shows the gconfig main menu. You can also use gconfig to load or save the configuration from the file of your choice.

image from book
Figure 8-8: The make gconfig configuration menu

While this menu may look slightly different in other Linux distributions, the principles and basic options remain fairly constant. Each of the Kernel Configuration options discussed on the following pages are presented for completeness. It is important for a Linux administrator to have a detailed understanding of the hows and whys of reconfiguring and recompiling the kernel.

Understanding Kernel Configuration Options

To configure a kernel, you need to understand some of the main kernel configuration options. Each of the aforementioned kernel configuration tools includes help menus for just about every available option.

The Basic Kernel Configuration

If you're asked to change a setting such as CONFIG_EXPERIMENTAL, you don't have to search through different menus. You can find the governing menu using the information in the /boot/config-`uname -r` configuration file. As you can see in the file,

 # Code maturity level options # CONFIG_EXPERIMENTAL=y

the CONFIG_EXPERIMENTAL variable can be found under the Code Maturity Level Options menu, described by a Prompt For Development And/Or Incomplete Code/Drivers selection.

The Standard Red Hat Kernel Configuration

The standard RHEL Linux kernel supports a wide variety of hardware and software. Almost every module that could be made is made. This is a big kernel, and numerous modules can be used for it with the standard installation. This is not a problem when you install RHEL, but many administrators prefer a kernel without unwanted modules.

The following sections describe the different kernel configuration menus, section by section. However, since it appears that recompiling the kernel is no longer a requirement on the Red Hat exams, I do not provide any screenshots of additional menus. If you're interested in this level of detail, follow along on your Red Hat computer.

On the Job

This chapter covers only the default configurable kernel options. For a full list in the gconfig or xconfig GUI menus, choose Options | Show All Options.

Code Maturity Level Options

The Code Maturity Level Options menu allows you to incorporate experimental code in the kernel. Common examples include drivers for new hardware, esoteric filesystems, and network protocols. Experimental code is often also known as alpha level software. If you have obsolete code that you want to incorporate into your kernel, it also falls in this category, as newer kernels often omit support for older features.

The one option (despite the plural title) relates to the CONFIG_EXPERIMENTAL variable. It's enabled by default in RHEL.

General Setup Options

The General Setup Options menu includes some basic hardware and kernel configuration options. Many of these options are self-explanatory, and the defaults are generally acceptable. If you need more information, read the help text associated with a specific kernel option.

General Setup options support memory paging. The System V IPC, POSIX Message Queues, BSD Process Accounting, and Sysctrl support parameters are all standard for current kernels. Other standard settings support netlink-based accounting, auditing, CPUset support, and optimized kernel sizes.

Loadable Module Support Options

The Loadable Module Support options allow you to enable loadable modules. The kernel module loader will automatically load modules for most new hardware, when detected. As discussed earlier, loadable modules allow you to optimize the kernel. If you want to optimize the kernel, keep all of the default options.

Process Debugging Support Options

The Process Debugging Support options enable utrace, an internal Linux kernel interface to track events, which can be useful for tracing user processes, events, and threads.

Block Layer

The Block Layer kernel settings are all enabled by default. Large block devices and files allow support for discs and files greater than 2TB. Related kernel settings allow support for block layer actions. The default I/O scheduler is set to Completely Fair Queuing, known as CFQ.

Processor Type and Features

The Processor Type and Features menu in RHEL supports a wide variety of CPUs, including the latest multicore processors.

Power Management Options

There are three standard categories of power management options related to Advanced Configuration and Power Interface (ACPI), Advanced Power Management (APM), and the CPU frequency scaling that can help conserve power, especially on laptop systems.

Bus Options

On a network, you want networking support. Most computers have PCI cards, and the defaults give you full PCI support, using BIOS detection and documenting the detected cards in the /proc directory. Various types of hot-pluggable devices are now popular, including PCMCIA cards for laptops and PCI hotplug support for removable drives. These settings are available through the Bus Options menu.

Executable File Formats

The Linux kernel includes modular support for binaries in the Executable and Linkable Format (ELF) as well as other miscellaneous formats such as the MS-DOS emulator, Java, and Python. These settings are available through the Executable File Formats menu.

Networking Options

There are many options for networking available in the Linux kernel. The Networking Options menu is extensive. It includes a substantial number of settings for different hardware devices, software settings, and more.

Device Drivers

Relative to previous kernels, several different categories have been organized into a larger Device Drivers category. They include Memory Technology Devices, Parallel Port Support, Plug and Play Support, Block Devices, ATA/ATAPI/MFM/ RLL Support, SCSI Device Support, and more. There are many Device Driver subcategories.

Generic Driver Options

Most of the options in this section relate to firmware.

Connector - Unified Userspace - Kernelspace Linker

The Kernelspace includes the memory dedicated to the kernel, extensions, and related drivers. Userspace is the memory allocated to other functions. The linker allows communication between the two.

Memory Technology Devices

The options shown in the Memory Technology Devices menu allow you to set up Linux for basic Flash memory cards, including those that might be installed through a PCMCIA adapter. Unless you're planning to use some of these devices in the future, keep this option disabled.

Parallel Port Support

The options shown in the Parallel Port Support menu are based on hardware that may be connected to your computer through a parallel port. This includes everything from printers through parallel port hard drives. Remember that it is normally best to avoid the Experimental options unless you are a developer working on supporting the associated drivers.

Plug and Play Support

The options shown under the Plug and Play Configuration menu activate basic plug and play support on your Linux computer. While Linux plug and play does not handle all ISA and PCI devices, it does help you configure your computer for Linux.

Block Devices

Under the Block Devices Options menu, you can specify floppy drives and nonstandard hard disks. You can specify support for parallel port ATAPI CD-ROMs, tape drives, and even ATAPI floppy drives. You can also enable loopback support and network block support (which lets you use a physical disk on the network as if it were a local disk). If you have any parallel port devices such as external CD-ROMs or hard drives (different from those connected via USB or IEEE1394), you could enable support for those here. You can also set up support for RAM disks under this menu.

ATA/IDE/MFM/RLL Support

The ATA/IDE/MFM/RLL acronyms all relate to various types of regular PC hard disk and CD drive interfaces. Normally, you shouldn't disable this kernel option unless all hard disk storage on your system is based on a SCSI interface. Even then, the flexibility of being able to install IDE devices is usually worth the extra code this adds to the kernel.

SCSI Device Support

You can enable SCSI hard disks, tape drivers, and CD-ROM support in this section. If you have a SCSI CD-ROM jukebox, or any other device that requires more than one SCSI Logical Unit Number (LUN), you may have to enable probing of all LUNs.

Near the bottom of the menu, you can configure verbose SCSI error reporting. You can also enable specific low-level SCSI support. Red Hat also includes support for high-end hardware RAID-enabled SCSI host adapters.

Multi-Device Support (RAID and LVM)

If you're ever going to set up a RAID array of disks to help protect your data, you can enable that option in the Linux kernel under the Multi-device Support (RAID and LVM) menu. If you ever want to put together a volume set, where a directory can span more than one partition on more than one physical hard disk, you can enable that option here as well.

On the Job

While there is support for RAID 4 in the Linux kernel, it is not directly supported by RHEL. However, support for RAID 6 is now available.

Fusion MPT Device Support

This menu supports modules associated with very high speed SCSI adapters, associated with hardware developed by LSI.

IEEE 1394 (FireWire) Support

The IEEE 1394 standard is more popularly known as FireWire or iLink. It's basically a very high speed hot plug and play hardware option, with data transfer speeds in the hundreds of Mbps. Linux support for IEEE 1394 standards is far from complete. However, support for IEEE devices such as external hard drives is readily available and configured as modules by default in RHEL.

I2O Device Support

The I2O specification, also known as Intelligent I/O, supports split drivers that can optimize communication performance between a device and the rest of your computer. Don't enable I2O haphazardly; it requires hardware that supports it.

Network Device Support

Linux supports a wide range of network cards. The Network Device Support menu allows you to enable support for the adapters you may need. Generally, you should enable support only for network devices that you're using now or may use in the future.

ISDn Subsystem

Integrated Services Digital Network (ISDN) lines are still a fairly popular high-speed digital option, especially outside of North America. Adding ISDN support in the ISDN Subsystem menu allows you to use an ISDN card for inbound or outbound dialing connections. The ISDN device has a built-in AT-compatible modem emulator, autodial, channel-bundling, callback, and caller authentication, without the need for an external daemon to be running. The supporting isdn4k-utils RPM is installed by default on RHEL.

Telephony Support

Telephony support on a computer network uses special network cards to convert voice into the type of data that can be sent over a network. This is separate from VoIP projects such as Asterisk; remember that you may not need the full kernel source to compile Asterisk drivers.

Input Device Support

The Input Device Support section configures support for various basic input devices: keyboards, mice, touchscreens, and joysticks. These devices are modular by default, which allows Linux to recognize these basic devices using plug and play detection.

Character Devices

Character devices send their data in byte streams. Typical character devices range from serial ports to virtual consoles. The Character Devices submenu allows you to specify support for a wide variety of devices, including virtual terminals, serial ports, newer AGP video cards, mice, joysticks, non-SCSI tape drives, and more.

I2C Support

I2C devices relate to a serial bus protocol of the same name.

SPI Support

This section allows you to enable support for the Serial Peripheral Interface (SPI).

Dallas's 1-wire Bus

The Dallas's 1-wire Bus section supports modules that enable communication over single pin devices.

Hardware Monitoring Support

The Hardware Monitoring Support section includes modules that help monitor system health, such as temperature monitors, fans, and much more.

Misc Devices

This Misc Devices section includes a module that supports the IBM RSA service processor associated with the eServer.

Multimedia Devices

The Multimedia Devices options support a wide range of video capture and AM/FM radio devices. Select each option (Video for Linux, Radio Adapters) for a list of drivers that you can enable. As always, it is best to keep what you enable to the default or a minimum.

Graphics Support

Linux supports console drivers, which can set up text on most graphics systems, even when Linux doesn't detect the right cards or monitors. The Frame Buffer Support option supports video adapters that store images in frame buffers.

Sound

A wide variety of sound cards are supported by RHEL, normally as modules. They're divided into two categories: the Advanced Linux Sound Architecture and the Open Sound System (which is now deprecated). These cards range from the Ensoniq Audio PCI card to TV card mixers. You can also use these drivers for cards that emulate the appropriate hardware. Check the Sound submenu for the latest list of supported hardware for your kernel. If you have a card that's not named in the list associated with older kernels, try to see if it emulates any card on the list. Many proprietary cards do emulate products from Sound Blaster or offer OPL/2 or OPL/3 compatibility.

USB Support

Linux supports a number of USB mass storage devices, printers, input devices, cameras and scanners, and even modems. Linux support for many USB networking cards is still experimental. Linux support for USB is improving, though some USB drivers that you'll see in the USB support menu are still considered experimental. Unfortunately, this includes support for faster USB 2.0 standard drivers.

MMC/SD Card Support

The multimedia cards associated with digital cameras and other small devices are among the latest in memory cards. The MMC/SD Card Support section allows you to enable the drivers required to detect and read these cards. Keep this in mind as some systems even enable MMC/SD cards as boot devices.

LED Devices

This section controls Light Emitting Diode (LED) devices. These devices are not related to keyboard LEDs.

InfiniBand Support

An InfiniBand device uses a point-to-point bidirectional serial link for very high speed communication, in the GB range.

EDAC - Error Detection and Reporting

The error detection and control (EDAC) system processes hardware-related errors, especially those from RAM with error correction codes (ECCs), and PCI bus parity errors.

Real Time Clock

The real time clock (RTC) kernel settings help the kernel work with the hardware clock.

DMA Engine Support

DMA is direct memory access, associated with certain hardware channels. A DMA engine supports multiple DMA channels.

On the Job

If you're interested in virtualization, pay attention to distributions with Kernel 2.6.20, which incorporates Kernel-based Virtual Machine (KVM) support for the first time.

File Systems

The File Systems subsection is a list of all the different types of filesystems Linux supports. Select the Quota option if you need to support quotas.

Because Linux supports so many different hardware platforms, it includes support for a large number of filesystem types. However, because of the proprietary nature of some filesystems, the degree of support is variable. You'll note that support for a lot of filesystems in this menu is experimental; however, there's always progress. In fact, you can now compile write support over existing files on NTFS partitions.

Instrumentation Support

Instrumentation Support allows you to use the OProfile system to characterize the performance of your system. It is described in more detail at http://oprofile.sourceforge.net.

Kernel Hacking

Kernel Hacking allows you to use the drivers you need to debug driver or related Linux kernel issues.

Security Options

Security Options is a relatively new category that includes modules for authentication tokens, security hooks, IPSec, and of course various options associated with SELinux.

Cryptographic Options

The Cryptographic Options support software associated with strong encryption in Linux.

Library Routines

The Library Routines support compression in Linux.

Exercise 8-1: Compiling and Installing a Custom Kernel

This is a very long exercise. For details of the kernel configuration menus, see the previous section. To change and compile a new kernel, take the following steps. It's critical that you do these steps in order: Download and install the kernel source code, as described earlier in this chapter.

Run the cd /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18-`uname -m` command to reach the source code directory. (If it's linked to /usr/src/linux, just navigate to that directory.) Open the Makefile text file in a text editor. The EXTRAVERSION variable is already set to identify a custom kernel. If necessary, change the value of this variable to uniquely identify your kernel. The default value is -prep; in this section I use
```
 EXTRAVERSION= -mjcustom1 
```
Run the make mrproper command to ensure that the source files are in a consistent and clean state.
Save the current kernel configuration file. It's stored in the /boot directory, in the config-`uname -r` file. Have it ready with rescue media such as a USB key in case disaster strikes.

Alternatively, you can start from a standard configuration file in the configs/ subdirectory of the kernel source code directory. A second alternative is to run the make oldconfig command.

If you want to use your current kernel configuration as a baseline, copy it to the .config file in the source code directory.
Now you can customize your kernel with one of the following four utilities: The make config command runs the text-based configuration script. The make menuconfig command runs a low-level graphical configuration script. The make xconfig command starts the tool based on KDE libraries; the make gconfig command opens the GUI tool based on GNOME libraries.
Make any changes as desired. Before you exit from the kernel configuration utility, make sure to save your changes!

Overall, the process is simpler than it used to be. However, the following commands work only if you're in the actual source code directory, not a linked directory such as /usr/src/linux.

The make rpm command is a front end that runs a series of other commands, including make clean; compiles all kernel settings; and creates a custom RPM in the /usr/src/redhat/RPMS/i386 directory. (Although you can customize the Makefile for subarchitectures such as i686, it's not absolutely necessary.)

On the Job
The make rpm process is slow: it took more than an hour on my computer with a 2.4 GHz CPU.
With the kernel now built into a custom RPM, you can install it just like any other kernel RPM. However, it does not do everything that a standard kernel update RPM does. In other words, you still need to create an initial RAM disk and a new stanza in the GRUB configuration file.
Verify the changes to the /boot directory. You'll see new kernel configuration and binary files; in this case, the files are named config-2.6.18-mjcustom1 and vmlinuz-2.6.18-mjcustom1.
Create an initial RAM disk file in the /boot directory; in this case, you would use the following command:
```
 # mkinitrd /boot/initrd-2.6.18-mjcustom1.img 2.6.18-mjcustom1 
```
Add a stanza with the custom kernel files in the GRUB configuration file, /boot/grub/grub.conf. (I usually copy an existing stanza, and change the version numbers of each line.) Reboot your system, open the GRUB menu, and boot from the newly customized kernel!

Building a kernel is an involved process, but it follows a standard pattern. It is very important that you become familiar with kernel construction procedures and troubleshooting. However, this section is already somewhat beyond the scope of this book.

On the Job

To see the full range of available options associated with the make command in the kernel source code directory, run the make help command.