1981 lines
35 KiB
HTML
1981 lines
35 KiB
HTML
<HTML
|
||
><HEAD
|
||
><TITLE
|
||
>Building a root filesystem</TITLE
|
||
><META
|
||
NAME="GENERATOR"
|
||
CONTENT="Modular DocBook HTML Stylesheet Version 1.63
|
||
"><LINK
|
||
REL="HOME"
|
||
TITLE="The Linux Bootdisk HOWTO"
|
||
HREF="index.html"><LINK
|
||
REL="PREVIOUS"
|
||
TITLE="Bootdisks and the boot process"
|
||
HREF="x88.html"><LINK
|
||
REL="NEXT"
|
||
TITLE="Choosing a kernel"
|
||
HREF="x688.html"></HEAD
|
||
><BODY
|
||
CLASS="SECT1"
|
||
BGCOLOR="#FFFFFF"
|
||
TEXT="#000000"
|
||
LINK="#0000FF"
|
||
VLINK="#840084"
|
||
ALINK="#0000FF"
|
||
><DIV
|
||
CLASS="NAVHEADER"
|
||
><TABLE
|
||
WIDTH="100%"
|
||
BORDER="0"
|
||
CELLPADDING="0"
|
||
CELLSPACING="0"
|
||
><TR
|
||
><TH
|
||
COLSPAN="3"
|
||
ALIGN="center"
|
||
>The Linux Bootdisk HOWTO</TH
|
||
></TR
|
||
><TR
|
||
><TD
|
||
WIDTH="10%"
|
||
ALIGN="left"
|
||
VALIGN="bottom"
|
||
><A
|
||
HREF="x88.html"
|
||
>Prev</A
|
||
></TD
|
||
><TD
|
||
WIDTH="80%"
|
||
ALIGN="center"
|
||
VALIGN="bottom"
|
||
></TD
|
||
><TD
|
||
WIDTH="10%"
|
||
ALIGN="right"
|
||
VALIGN="bottom"
|
||
><A
|
||
HREF="x688.html"
|
||
>Next</A
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
><HR
|
||
ALIGN="LEFT"
|
||
WIDTH="100%"></DIV
|
||
><DIV
|
||
CLASS="SECT1"
|
||
><H1
|
||
CLASS="SECT1"
|
||
><A
|
||
NAME="BUILDROOT"
|
||
>4. Building a root filesystem</A
|
||
></H1
|
||
><P
|
||
>Creating the root filesystem involves selecting files necessary for the
|
||
system to run. In this section we describe how to build a
|
||
<EM
|
||
>compressed root filesystem</EM
|
||
>. A less common option is to
|
||
build an uncompressed filesystem on a diskette that is directly mounted as
|
||
root; this alternative is described in <A
|
||
HREF="x1014.html#NONRAMDISKROOT"
|
||
>Section 9.1</A
|
||
>.</P
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="AEN195"
|
||
>4.1. Overview</A
|
||
></H2
|
||
><P
|
||
>A root filesystem must contain everything needed to support a full Linux
|
||
system. To be able to do this, the disk must include the minimum requirements
|
||
for a Linux system:</P
|
||
><P
|
||
> <P
|
||
></P
|
||
><UL
|
||
><LI
|
||
><P
|
||
>The basic file system structure,</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
> Minimum set of directories: <TT
|
||
CLASS="FILENAME"
|
||
>/dev</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/proc</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/bin</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/etc</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/lib</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/usr</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/tmp</TT
|
||
>,</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>Basic set of utilities: <TT
|
||
CLASS="FILENAME"
|
||
>sh</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>ls</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>cp</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>mv</TT
|
||
>, etc.,</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>Minimum set of config files: <TT
|
||
CLASS="FILENAME"
|
||
>rc, inittab, fstab</TT
|
||
>, etc.,</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>Devices: <TT
|
||
CLASS="FILENAME"
|
||
>/dev/hd*, /dev/tty*, /dev/fd0</TT
|
||
>, etc.,</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>Runtime library to provide basic functions used by utilities.</P
|
||
></LI
|
||
></UL
|
||
> </P
|
||
><P
|
||
>Of course, any system only becomes useful when you can run something
|
||
on it, and a root diskette usually only becomes useful when you
|
||
can do something like:</P
|
||
><P
|
||
> <P
|
||
></P
|
||
><UL
|
||
><LI
|
||
><P
|
||
> Check a file system on another drive, for example to check your root file
|
||
system on your hard drive, you need to be able to boot Linux from another
|
||
drive, as you can with a root diskette system. Then you can run
|
||
<B
|
||
CLASS="COMMAND"
|
||
>fsck</B
|
||
> on your original root drive while it is not
|
||
mounted. </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
> Restore all or part of your original root drive from backup using
|
||
archive and compression utilities such as <TT
|
||
CLASS="FILENAME"
|
||
>cpio</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>tar</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>gzip</TT
|
||
> and
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>ftape</TT
|
||
>. </P
|
||
></LI
|
||
></UL
|
||
> </P
|
||
><P
|
||
> We describe how to build a <EM
|
||
>compressed</EM
|
||
> filesystem, so
|
||
called because it is compressed on disk and, when booted, is uncompressed onto
|
||
a ramdisk. With a compressed filesystem you can fit many files (approximately
|
||
six megabytes) onto a standard 1440K diskette. Because the filesystem is much
|
||
larger than a diskette, it cannot be built on the diskette. We have to build
|
||
it elsewhere, compress it, then copy it to the diskette.</P
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="CREATINGROOTFS"
|
||
>4.2. Creating the filesystem</A
|
||
></H2
|
||
><P
|
||
>In order to build such a root filesystem, you need a spare device that
|
||
is large enough to hold all the files before compression. You will
|
||
need a device capable of holding about four megabytes. There are
|
||
several choices:</P
|
||
><P
|
||
> <P
|
||
></P
|
||
><UL
|
||
><LI
|
||
><P
|
||
> Use a <EM
|
||
>ramdisk</EM
|
||
> (<SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
> =
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/dev/ram0</TT
|
||
>). In this case, memory is used to simulate
|
||
a disk drive. The ramdisk must be large enough to hold a filesystem of the
|
||
appropriate size. If you use LILO, check your configuration file
|
||
(<TT
|
||
CLASS="FILENAME"
|
||
>/etc/lilo.conf</TT
|
||
>) for a line like <TT
|
||
CLASS="LITERAL"
|
||
>RAMDISK =
|
||
nnn</TT
|
||
> which determines the maximum RAM that can be allocated to a
|
||
ramdisk. The default is 4096K, which should be sufficient. You should
|
||
probably not try to use such a ramdisk on a machine with less than 8MB of
|
||
RAM.
|
||
|
||
Check to make sure you have a device like <TT
|
||
CLASS="FILENAME"
|
||
>/dev/ram0,
|
||
/dev/ram</TT
|
||
> or <TT
|
||
CLASS="FILENAME"
|
||
>/dev/ramdisk</TT
|
||
>. If not, create
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/dev/ram0</TT
|
||
> with <B
|
||
CLASS="COMMAND"
|
||
>mknod</B
|
||
> (major number
|
||
1, minor 0). </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>If you have an unused hard disk partition that is large enough (several
|
||
megabytes), this is acceptable. </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>Use a <EM
|
||
>loopback device</EM
|
||
>, which allows a disk file to be
|
||
treated as a device. Using a loopback device you can create a three
|
||
megabyte file on your hard disk and build the filesystem on it.</P
|
||
><P
|
||
>Type <B
|
||
CLASS="COMMAND"
|
||
>man losetup</B
|
||
> for instructions on using loopback
|
||
devices. If you don't have <B
|
||
CLASS="COMMAND"
|
||
>losetup</B
|
||
>, you can get it
|
||
along with compatible versions of <B
|
||
CLASS="COMMAND"
|
||
>mount</B
|
||
> and
|
||
<B
|
||
CLASS="COMMAND"
|
||
>unmount</B
|
||
> from the <TT
|
||
CLASS="FILENAME"
|
||
>util-linux</TT
|
||
> package
|
||
in the directory <A
|
||
HREF="ftp://ftp.win.tue.nl/pub/linux-local/utils/util-linux/"
|
||
TARGET="_top"
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>ftp://ftp.win.tue.nl/pub/linux/utils/util-linux/</TT
|
||
></A
|
||
>.</P
|
||
><P
|
||
> If you do not have a loop device (<TT
|
||
CLASS="FILENAME"
|
||
>/dev/loop0</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/dev/loop1</TT
|
||
>, etc.) on your system, you will have to
|
||
create one with ``<B
|
||
CLASS="COMMAND"
|
||
>mknod /dev/loop0 b 7 0</B
|
||
>''. Once you've
|
||
installed these special <B
|
||
CLASS="COMMAND"
|
||
>mount</B
|
||
> and
|
||
<B
|
||
CLASS="COMMAND"
|
||
>umount</B
|
||
> binaries, create a temporary file on a hard disk
|
||
with enough capacity (eg, <TT
|
||
CLASS="FILENAME"
|
||
>/tmp/fsfile</TT
|
||
>). You can use a
|
||
command like:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="90%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> dd if=/dev/zero of=/tmp/fsfile bs=1k count=<TT
|
||
CLASS="VARNAME"
|
||
>nnn</TT
|
||
></PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
to create an <TT
|
||
CLASS="VARNAME"
|
||
>nnn</TT
|
||
>-block file.</P
|
||
><P
|
||
>Use the file name in place of <SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
> below. When you issue a
|
||
mount command you must include the option <TT
|
||
CLASS="OPTION"
|
||
>-o loop</TT
|
||
> to tell
|
||
mount to use a loopback device.
|
||
</P
|
||
></LI
|
||
></UL
|
||
></P
|
||
><P
|
||
>After you've chosen one of these options, prepare the <SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
>
|
||
with:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> dd if=/dev/zero of=<SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
> bs=1k count=4096</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
></P
|
||
><P
|
||
>This command zeroes out the device.</P
|
||
><DIV
|
||
CLASS="IMPORTANT"
|
||
><P
|
||
></P
|
||
><TABLE
|
||
CLASS="IMPORTANT"
|
||
WIDTH="100%"
|
||
BORDER="0"
|
||
><TR
|
||
><TD
|
||
WIDTH="25"
|
||
ALIGN="CENTER"
|
||
VALIGN="TOP"
|
||
><IMG
|
||
SRC="../images/important.gif"
|
||
HSPACE="5"
|
||
ALT="Important"></TD
|
||
><TD
|
||
ALIGN="LEFT"
|
||
VALIGN="TOP"
|
||
><P
|
||
>Zeroing the device is critical because the filesystem will be compressed
|
||
later, so all unused portions should be filled with zeroes to achieve maximum
|
||
compression. Keep this in mind whenever you move or delete files on the
|
||
filesystem. The filesystem will correctly de-allocate the blocks,
|
||
<EM
|
||
>but it will not zero them out again</EM
|
||
>. If you do a lot of
|
||
deletions and copying, your compressed filesystem may end up much larger than
|
||
necessary.</P
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
></DIV
|
||
><P
|
||
>
|
||
|
||
Next, create the filesystem. The Linux kernel recognizes two file system
|
||
types for root disks to be automatically copied to ramdisk. These are minix
|
||
and ext2, of which ext2 is preferred. If using ext2, you may find it useful
|
||
to use the <TT
|
||
CLASS="LITERAL"
|
||
>-N</TT
|
||
> option to specify more inodes than the
|
||
default; <TT
|
||
CLASS="LITERAL"
|
||
>-N 2000</TT
|
||
> is suggested so that you don't run out of
|
||
inodes. Alternatively, you can save on inodes by removing lots of unnecessary
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/dev</TT
|
||
> files. <B
|
||
CLASS="COMMAND"
|
||
>mke2fs</B
|
||
> will by default
|
||
create 360 inodes on a 1.44Mb diskette. I find that 120 inodes is ample on my
|
||
current rescue root diskette, but if you include all the devices in
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/dev</TT
|
||
> you will easily exceed 360. Using a compressed root
|
||
filesystem allows a larger filesystem, and hence more inodes by default, but
|
||
you may still need to either reduce the number of files or increase the number
|
||
of inodes. </P
|
||
><P
|
||
>So the command you use will look like:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> mke2fs -m 0 -N 2000 <SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
></PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
></P
|
||
><P
|
||
>(If you're using a loopback device, the disk file you're using should be
|
||
supplied in place of this <SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
>.)</P
|
||
><P
|
||
>The <B
|
||
CLASS="COMMAND"
|
||
>mke2fs</B
|
||
> command will automatically detect the
|
||
space available and configure itself accordingly. The
|
||
``<TT
|
||
CLASS="LITERAL"
|
||
>-m<>0</TT
|
||
>'' parameter prevents it from reserving space
|
||
for root, and hence provides more usable space on the disk.</P
|
||
><P
|
||
>Next, mount the device:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> mount -t ext2 <SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
> /mnt</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
(You must create a mount point <TT
|
||
CLASS="FILENAME"
|
||
>/mnt</TT
|
||
> if it
|
||
does not already exist.) In the remaining sections, all destination
|
||
directory names are assumed to be relative to <TT
|
||
CLASS="FILENAME"
|
||
>/mnt</TT
|
||
>.</P
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="AEN315"
|
||
>4.3. Populating the filesystem</A
|
||
></H2
|
||
><P
|
||
>Here is a reasonable minimum set of directories for your root filesystem
|
||
<A
|
||
NAME="AEN318"
|
||
HREF="#FTN.AEN318"
|
||
>[1]</A
|
||
>:
|
||
|
||
<P
|
||
></P
|
||
><UL
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/dev</TT
|
||
> -- Device files, required to perform I/O</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/proc</TT
|
||
> -- Directory stub required by the
|
||
proc filesystem</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/etc</TT
|
||
> -- System configuration files</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/sbin</TT
|
||
> -- Critical system binaries</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/bin</TT
|
||
> -- Essential binaries considered part of the
|
||
system</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/lib</TT
|
||
> -- Shared libraries to provide run-time
|
||
support</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/mnt</TT
|
||
> -- A mount point for maintenance on other
|
||
disks</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>/usr</TT
|
||
> -- Additional utilities and applications</P
|
||
></LI
|
||
></UL
|
||
></P
|
||
><P
|
||
>Three of these directories will be empty on the root filesystem, so they
|
||
only need to be created with <B
|
||
CLASS="COMMAND"
|
||
>mkdir</B
|
||
>. The
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/proc</TT
|
||
> directory is basically a stub under which the
|
||
proc filesystem is placed. The directories <TT
|
||
CLASS="FILENAME"
|
||
>/mnt</TT
|
||
> and
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/usr</TT
|
||
> are only mount points for use after the boot/root
|
||
system is running. Hence again, these directories only need to be created.</P
|
||
><P
|
||
>The remaining four directories are described in the following sections.</P
|
||
><DIV
|
||
CLASS="SECT3"
|
||
><H3
|
||
CLASS="SECT3"
|
||
><A
|
||
NAME="AEN352"
|
||
>4.3.1. /dev</A
|
||
></H3
|
||
><P
|
||
> A <TT
|
||
CLASS="FILENAME"
|
||
>/dev</TT
|
||
> directory containing a special file
|
||
for all devices to be used by the system is mandatory for any Linux
|
||
system. The directory itself is a normal directory, and can be
|
||
created with <TT
|
||
CLASS="LITERAL"
|
||
>mkdir</TT
|
||
> in the normal way. The device
|
||
special files, however, must be created in a special way, using the
|
||
<B
|
||
CLASS="COMMAND"
|
||
>mknod</B
|
||
> command.</P
|
||
><P
|
||
> There is a shortcut, though — copy devices files from your
|
||
existing hard disk <TT
|
||
CLASS="FILENAME"
|
||
>/dev</TT
|
||
> directory. The only requirement
|
||
is that you copy the device special files using <TT
|
||
CLASS="LITERAL"
|
||
>-R</TT
|
||
> option.
|
||
This will copy the directory without attempting to copy the contents of the
|
||
files. Be sure to use an <EM
|
||
>upper case <TT
|
||
CLASS="OPTION"
|
||
>R</TT
|
||
></EM
|
||
>.
|
||
For example:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> cp -dpR /dev/fd[01]* /mnt/dev
|
||
cp -dpR /dev/tty[0-6] /mnt/dev</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
assuming that the diskette is mounted at <TT
|
||
CLASS="FILENAME"
|
||
>/mnt</TT
|
||
>. The
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>dp</TT
|
||
> switches ensure that symbolic links are copied as links,
|
||
rather than using the target file, and that the original file attributes are
|
||
preserved, thus preserving ownership information.</P
|
||
><P
|
||
>If you want to do it the hard way, use <TT
|
||
CLASS="LITERAL"
|
||
>ls -l</TT
|
||
> to display the
|
||
major and minor device numbers for the devices you want, and create them on
|
||
the diskette using <TT
|
||
CLASS="LITERAL"
|
||
>mknod</TT
|
||
>.</P
|
||
><P
|
||
>However the devices files are created, check that any special devices
|
||
you need have been placed on the rescue diskette. For example,
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>ftape</TT
|
||
> uses tape devices, so you will need to copy all of
|
||
these if you intend to access your floppy tape drive from the bootdisk.</P
|
||
><P
|
||
>Note that one inode is required for each device special file, and inodes
|
||
can at times be a scarce resource, especially on diskette filesystems. You'll
|
||
need to be selective about the device files you include. For example, if you
|
||
do not have SCSI disks you can safely ignore <TT
|
||
CLASS="LITERAL"
|
||
>/dev/sd*</TT
|
||
>; if
|
||
you don't intend to use serial ports you can ignore
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>/dev/ttyS*</TT
|
||
>. </P
|
||
><P
|
||
>If, in building your root filesystem, you get the error <TT
|
||
CLASS="LITERAL"
|
||
>No
|
||
space left on device</TT
|
||
> but a <TT
|
||
CLASS="LITERAL"
|
||
>df</TT
|
||
> command shows space
|
||
still available, you have probably run out of inodes. A <TT
|
||
CLASS="LITERAL"
|
||
>df
|
||
-i</TT
|
||
> will display inode usage.</P
|
||
><DIV
|
||
CLASS="IMPORTANT"
|
||
><P
|
||
></P
|
||
><TABLE
|
||
CLASS="IMPORTANT"
|
||
WIDTH="100%"
|
||
BORDER="0"
|
||
><TR
|
||
><TD
|
||
WIDTH="25"
|
||
ALIGN="CENTER"
|
||
VALIGN="TOP"
|
||
><IMG
|
||
SRC="../images/important.gif"
|
||
HSPACE="5"
|
||
ALT="Important"></TD
|
||
><TD
|
||
ALIGN="LEFT"
|
||
VALIGN="TOP"
|
||
><P
|
||
>Be sure to include the following files from this directory:
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>console</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>kmem</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>mem</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>null</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>ram0</TT
|
||
> and <TT
|
||
CLASS="FILENAME"
|
||
>tty1</TT
|
||
>.</P
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
></DIV
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT3"
|
||
><H3
|
||
CLASS="SECT3"
|
||
><A
|
||
NAME="AEN388"
|
||
>4.3.2. /etc</A
|
||
></H3
|
||
><P
|
||
>The /etc directory contains configuration files. What it should contain
|
||
depends on what programs you intend to run.
|
||
On most systems, these can be divided into three groups:
|
||
<P
|
||
></P
|
||
><OL
|
||
TYPE="1"
|
||
><LI
|
||
><P
|
||
>Required at all times, <EM
|
||
>e.g.</EM
|
||
> <TT
|
||
CLASS="FILENAME"
|
||
>rc</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>fstab</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>passwd</TT
|
||
>.</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>May be required, but no one is too sure.</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>Junk that crept in. </P
|
||
></LI
|
||
></OL
|
||
>
|
||
Files which are not essential can usually be identified with the command:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> ls -ltru</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
This lists files in reverse order of date last accessed, so if any
|
||
files are not being accessed, they can be omitted from a root diskette.</P
|
||
><P
|
||
>On my root diskettes, I have the number of config files down to
|
||
15. This reduces my work to dealing with three sets of files:
|
||
<P
|
||
></P
|
||
><OL
|
||
TYPE="1"
|
||
><LI
|
||
><P
|
||
>The ones I must configure for a boot/root system:
|
||
<P
|
||
></P
|
||
><OL
|
||
TYPE="a"
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>rc.d/*</TT
|
||
> -- system startup and run level change scripts</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>fstab</TT
|
||
> -- list of file systems to be mounted </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>inittab</TT
|
||
> -- parameters for the
|
||
<B
|
||
CLASS="COMMAND"
|
||
>init</B
|
||
> process, the first process started at boot time.</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>gettydefs</TT
|
||
> -- parameters for the
|
||
<B
|
||
CLASS="COMMAND"
|
||
>init</B
|
||
> process, the first process started at boot time.</P
|
||
></LI
|
||
></OL
|
||
></P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>The ones I should tidy up for a boot/root system:
|
||
<P
|
||
></P
|
||
><OL
|
||
TYPE="a"
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>passwd</TT
|
||
> -- Critical list of users, home directories, etc.</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>group</TT
|
||
> -- user groups. </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>shadow</TT
|
||
> -- passwords of users. You may not have this. </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>termcap</TT
|
||
> -- the terminal capability database.</P
|
||
></LI
|
||
></OL
|
||
></P
|
||
><P
|
||
>If security is important, <TT
|
||
CLASS="FILENAME"
|
||
>passwd</TT
|
||
> and
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>shadow</TT
|
||
> should be pruned to avoid copying user passwords
|
||
off the system, and so that unwanted logins are rejected when you boot from
|
||
diskette.</P
|
||
><P
|
||
>
|
||
Be sure that <TT
|
||
CLASS="FILENAME"
|
||
>passwd</TT
|
||
> contains at least
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>root</TT
|
||
>. If you intend other users to login, be sure their
|
||
home directories and shells exist.</P
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>termcap</TT
|
||
>, the terminal database, is typically several
|
||
hundred kilobytes. The version on your boot/root diskette should be pruned
|
||
down to contain only the terminal(s) you use, which is usually just the
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>linux</TT
|
||
> or <TT
|
||
CLASS="LITERAL"
|
||
>linux-console</TT
|
||
> entry.</P
|
||
></LI
|
||
><LI
|
||
><P
|
||
>The rest. They work at the moment, so I leave them alone.</P
|
||
></LI
|
||
></OL
|
||
></P
|
||
><P
|
||
>Out of this, I only really have to configure two files, and what they
|
||
should contain is surprisingly small.
|
||
|
||
<P
|
||
></P
|
||
><UL
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>rc</TT
|
||
> should contain:
|
||
<TABLE
|
||
BORDER="0"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="90%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="PROGRAMLISTING"
|
||
> #!/bin/sh
|
||
/bin/mount -av
|
||
/bin/hostname Kangaroo</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
|
||
Be sure it is executable, be sure it has a "#!" line at the top, and be sure
|
||
any absolute filenames are correct. You don't really need to run
|
||
<B
|
||
CLASS="COMMAND"
|
||
>hostname</B
|
||
> — it just looks nicer if you do. </P
|
||
></LI
|
||
><LI
|
||
><P
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>fstab</TT
|
||
> should contain at least:
|
||
<TABLE
|
||
BORDER="0"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="90%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="PROGRAMLISTING"
|
||
> /dev/ram0 / ext2 defaults
|
||
/dev/fd0 / ext2 defaults
|
||
/proc /proc proc defaults</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
|
||
You can copy entries from your existing <TT
|
||
CLASS="FILENAME"
|
||
>fstab</TT
|
||
>, but you
|
||
should not automatically mount any of your hard disk partitions; use the
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>noauto</TT
|
||
> keyword with them. Your hard disk may be damaged
|
||
or dead when the bootdisk is used.</P
|
||
></LI
|
||
></UL
|
||
></P
|
||
><P
|
||
>Your <TT
|
||
CLASS="FILENAME"
|
||
>inittab</TT
|
||
> should be changed so that its
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>sysinit</TT
|
||
> line runs <TT
|
||
CLASS="FILENAME"
|
||
>rc</TT
|
||
> or whatever
|
||
basic boot script will be used. Also, if you want to ensure that users on
|
||
serial ports cannot login, comment out all the entries for
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>getty</TT
|
||
> which include a <TT
|
||
CLASS="FILENAME"
|
||
>ttys</TT
|
||
> or
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>ttyS</TT
|
||
> device at the end of the line. Leave in the
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>tty</TT
|
||
> ports so that you can login at the console.</P
|
||
><P
|
||
>A minimal <TT
|
||
CLASS="FILENAME"
|
||
>inittab</TT
|
||
> file looks like this:
|
||
|
||
<TABLE
|
||
BORDER="0"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="PROGRAMLISTING"
|
||
> id:2:initdefault:
|
||
si::sysinit:/etc/rc
|
||
1:2345:respawn:/sbin/getty 9600 tty1
|
||
2:23:respawn:/sbin/getty 9600 tty2</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
|
||
The <TT
|
||
CLASS="FILENAME"
|
||
>inittab</TT
|
||
> file defines what the system will run in
|
||
various states including startup, move to multi-user mode, etc.
|
||
Check carefully the filenames mentioned in <TT
|
||
CLASS="FILENAME"
|
||
>inittab</TT
|
||
>; if
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>init</TT
|
||
> cannot find the program mentioned the bootdisk will
|
||
hang, and you may not even get an error message.</P
|
||
><P
|
||
>Note that some programs cannot be moved elsewhere because other programs have
|
||
hardcoded their locations. For example, on my system,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/etc/shutdown</TT
|
||
> has hardcoded in it
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/etc/reboot</TT
|
||
>. If I move <TT
|
||
CLASS="FILENAME"
|
||
>reboot</TT
|
||
> to
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/bin/reboot</TT
|
||
>, and then issue a <TT
|
||
CLASS="LITERAL"
|
||
>shutdown</TT
|
||
>
|
||
command, it will fail because it cannot find the <TT
|
||
CLASS="LITERAL"
|
||
>reboot</TT
|
||
>
|
||
file.</P
|
||
><P
|
||
>For the rest, just copy all the text files in your
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/etc</TT
|
||
> directory, plus all the executables in your
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/etc</TT
|
||
> directory that you cannot be sure you do not need.
|
||
As a guide, consult the sample listing in <A
|
||
HREF="listings.html"
|
||
>Appendix C</A
|
||
>. Probably
|
||
it will suffice to copy only those files, but systems differ a great deal, so
|
||
you cannot be sure that the same set of files on your system is equivalent to
|
||
the files in the list. The only sure method is to start with
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>inittab</TT
|
||
> and work out what is required.</P
|
||
><P
|
||
>Most systems now use an <TT
|
||
CLASS="FILENAME"
|
||
>/etc/rc.d/</TT
|
||
> directory
|
||
containing shell scripts for different run levels. The minimum is a single
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>rc</TT
|
||
> script, but it may be simpler just to copy
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>inittab</TT
|
||
> and the <TT
|
||
CLASS="FILENAME"
|
||
>/etc/rc.d</TT
|
||
>
|
||
directory from your existing system, and prune the shell scripts in the
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>rc.d</TT
|
||
> directory to remove processing not relevent to a
|
||
diskette system environment.</P
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT3"
|
||
><H3
|
||
CLASS="SECT3"
|
||
><A
|
||
NAME="AEN523"
|
||
>4.3.3. /bin and /sbin</A
|
||
></H3
|
||
><P
|
||
> The <TT
|
||
CLASS="FILENAME"
|
||
>/bin</TT
|
||
> directory is a convenient place for extra
|
||
utilities you need to perform basic operations, utilities such as
|
||
<B
|
||
CLASS="COMMAND"
|
||
>ls</B
|
||
>, <B
|
||
CLASS="COMMAND"
|
||
>mv</B
|
||
>, <B
|
||
CLASS="COMMAND"
|
||
>cat</B
|
||
> and
|
||
<B
|
||
CLASS="COMMAND"
|
||
>dd</B
|
||
>. See <A
|
||
HREF="listings.html"
|
||
>Appendix C</A
|
||
> for an example list
|
||
of files that go in a <B
|
||
CLASS="COMMAND"
|
||
>/bin</B
|
||
> and
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/sbin</TT
|
||
> directories. It does not include any of the
|
||
utilities required to restore from backup, such as <B
|
||
CLASS="COMMAND"
|
||
>cpio</B
|
||
>,
|
||
<B
|
||
CLASS="COMMAND"
|
||
>tar</B
|
||
> and <B
|
||
CLASS="COMMAND"
|
||
>gzip</B
|
||
>. That is because I
|
||
place these on a separate utility diskette, to save space on the boot/root
|
||
diskette. Once the boot/root diskette is booted, it is copied to the
|
||
ramdisk leaving the diskette drive free to mount another diskette, the
|
||
utility diskette. I usually mount this as <TT
|
||
CLASS="FILENAME"
|
||
>/usr</TT
|
||
>.</P
|
||
><P
|
||
> Creation of a utility diskette is described below in <A
|
||
HREF="x1014.html#UTILITYDISK"
|
||
>Section 9.2</A
|
||
>. It is probably desirable to maintain a copy of the
|
||
same version of backup utilities used to write the backups so you don't
|
||
waste time trying to install versions that cannot read your backup tapes.</P
|
||
><DIV
|
||
CLASS="IMPORTANT"
|
||
><P
|
||
></P
|
||
><TABLE
|
||
CLASS="IMPORTANT"
|
||
WIDTH="100%"
|
||
BORDER="0"
|
||
><TR
|
||
><TD
|
||
WIDTH="25"
|
||
ALIGN="CENTER"
|
||
VALIGN="TOP"
|
||
><IMG
|
||
SRC="../images/important.gif"
|
||
HSPACE="5"
|
||
ALT="Important"></TD
|
||
><TD
|
||
ALIGN="LEFT"
|
||
VALIGN="TOP"
|
||
><P
|
||
>Be sure to include the following programs: <TT
|
||
CLASS="FILENAME"
|
||
>init</TT
|
||
>,
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>getty</TT
|
||
> or equivalent, <TT
|
||
CLASS="FILENAME"
|
||
>login</TT
|
||
>, <TT
|
||
CLASS="FILENAME"
|
||
>mount</TT
|
||
>, some
|
||
shell capable of running your rc scripts, a link from <TT
|
||
CLASS="FILENAME"
|
||
>sh</TT
|
||
> to the
|
||
shell.</P
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
></DIV
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT3"
|
||
><H3
|
||
CLASS="SECT3"
|
||
><A
|
||
NAME="AEN561"
|
||
>4.3.4. /lib</A
|
||
></H3
|
||
><P
|
||
>In <TT
|
||
CLASS="FILENAME"
|
||
>/lib</TT
|
||
> you place necessary shared libraries and
|
||
loaders. If the necessary libraries are not found in your
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/lib</TT
|
||
> directory then the system will be unable to boot.
|
||
If you're lucky you may see an error message telling you why.</P
|
||
><P
|
||
> Nearly every program requires at least the <TT
|
||
CLASS="FILENAME"
|
||
>libc</TT
|
||
>
|
||
library, <TT
|
||
CLASS="FILENAME"
|
||
>libc.so.</TT
|
||
><EM
|
||
>N</EM
|
||
>, where
|
||
<EM
|
||
>N</EM
|
||
> is the current version number. Check your
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/lib</TT
|
||
> directory. The file
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>libc.so.N</TT
|
||
> is usually a symlink to a filename with a
|
||
complete version number:</P
|
||
><P
|
||
> <TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
>% ls -l /lib/libc*
|
||
-rwxr-xr-x 1 root root 4016683 Apr 16 18:48 libc-2.1.1.so*
|
||
lrwxrwxrwx 1 root root 13 Apr 10 12:25 libc.so.6 -> libc-2.1.1.so*</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
> </P
|
||
><P
|
||
> In this case, you want <TT
|
||
CLASS="FILENAME"
|
||
>libc-2.1.1.so</TT
|
||
>. To find
|
||
other libraries you should go through all the binaries you plan to include
|
||
and check their dependencies with <B
|
||
CLASS="COMMAND"
|
||
>ldd</B
|
||
>. For example:
|
||
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> % ldd /sbin/mke2fs
|
||
libext2fs.so.2 => /lib/libext2fs.so.2 (0x40014000)
|
||
libcom_err.so.2 => /lib/libcom_err.so.2 (0x40026000)
|
||
libuuid.so.1 => /lib/libuuid.so.1 (0x40028000)
|
||
libc.so.6 => /lib/libc.so.6 (0x4002c000)
|
||
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
Each file on the right-hand side is required. The file may be a symbolic
|
||
link.</P
|
||
><P
|
||
> Note that some libraries are <EM
|
||
>quite large</EM
|
||
> and
|
||
will not fit easily on your root filesystem. For example, the
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>libc.so</TT
|
||
> listed above is about 4 meg. You will
|
||
probably need to strip libraries when copying them to your root filesystem.
|
||
See <A
|
||
HREF="slimfast.html"
|
||
>Section 8</A
|
||
> for instructions.</P
|
||
><P
|
||
>In <TT
|
||
CLASS="FILENAME"
|
||
>/lib</TT
|
||
> you must also include a loader for the libraries.
|
||
The loader will be either <TT
|
||
CLASS="FILENAME"
|
||
>ld.so</TT
|
||
> (for A.OUT libraries,
|
||
which are no longer common) or <TT
|
||
CLASS="FILENAME"
|
||
>ld-linux.so</TT
|
||
> (for
|
||
ELF libraries). Newer versions of <B
|
||
CLASS="COMMAND"
|
||
>ldd</B
|
||
> tell you exactly
|
||
which loader is needed, as in the example above, but older versions may not.
|
||
If you're unsure which you need, run the <B
|
||
CLASS="COMMAND"
|
||
>file</B
|
||
> command on
|
||
the library. For example:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
>% file /lib/libc.so.4.7.2 /lib/libc.so.5.4.33 /lib/libc-2.1.1.so
|
||
/lib/libc.so.4.7.2: Linux/i386 demand-paged executable (QMAGIC), stripped
|
||
/lib/libc.so.5.4.33: ELF 32-bit LSB shared object, Intel 80386, version 1, stripped
|
||
/lib/libc-2.1.1.so: ELF 32-bit LSB shared object, Intel 80386, version 1, not stripped</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
The <TT
|
||
CLASS="LITERAL"
|
||
>QMAGIC</TT
|
||
> indicates that <TT
|
||
CLASS="LITERAL"
|
||
>4.7.2</TT
|
||
> is for
|
||
A.OUT libraries, and <TT
|
||
CLASS="LITERAL"
|
||
>ELF</TT
|
||
> indicates that
|
||
<TT
|
||
CLASS="LITERAL"
|
||
>5.4.33</TT
|
||
> and <TT
|
||
CLASS="LITERAL"
|
||
>2.1.1</TT
|
||
> are for ELF.
|
||
</P
|
||
><P
|
||
>Copy the specific loader(s) you need to the root filesystem you're building.
|
||
Libraries and loaders should be checked <EM
|
||
>carefully</EM
|
||
> against
|
||
the included binaries. If the kernel cannot load a necessary library, the
|
||
kernel may hang with no error message.</P
|
||
></DIV
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="PAMANDNSS"
|
||
>4.4. Providing for PAM and NSS</A
|
||
></H2
|
||
><P
|
||
>Your system may require dynamically loaded libraries that are not visible to
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>ldd</TT
|
||
>. If you don't provide for these, you may have
|
||
trouble logging in or using your bootdisk.</P
|
||
><DIV
|
||
CLASS="SECT3"
|
||
><H3
|
||
CLASS="SECT3"
|
||
><A
|
||
NAME="AEN612"
|
||
>4.4.1. PAM (Pluggable Authentication Modules)</A
|
||
></H3
|
||
><P
|
||
>If your system uses PAM (Pluggable Authentication Modules), you must make some
|
||
provision for it on your bootdisk. Briefly, PAM is a sophisticated modular
|
||
method for authenticating users and controlling their access to services. An
|
||
easy way to determine if your system uses PAM is run <TT
|
||
CLASS="FILENAME"
|
||
>ldd</TT
|
||
>
|
||
on your <TT
|
||
CLASS="FILENAME"
|
||
>login</TT
|
||
> executable; if the output includes
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>libpam.so</TT
|
||
>, you need PAM.</P
|
||
><P
|
||
>Fortunately, security is usually of no concern with bootdisks since
|
||
anyone who has physical access to a machine can usually do anything they
|
||
want anyway. Therefore, you can effectively disable PAM by creating a
|
||
simple <TT
|
||
CLASS="FILENAME"
|
||
>/etc/pam.conf</TT
|
||
> file in your root filesystem that
|
||
looks like this:
|
||
<TABLE
|
||
BORDER="0"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="PROGRAMLISTING"
|
||
>OTHER auth optional /lib/security/pam_permit.so
|
||
OTHER account optional /lib/security/pam_permit.so
|
||
OTHER password optional /lib/security/pam_permit.so
|
||
OTHER session optional /lib/security/pam_permit.so</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
|
||
Also copy the file <TT
|
||
CLASS="FILENAME"
|
||
>/lib/security/pam_permit.so</TT
|
||
> to
|
||
your root filesystem. This library is only about 8K so it imposes minimal
|
||
overhead.</P
|
||
><P
|
||
>This configuration allows anyone complete access to the files and
|
||
services on your machine. If you care about security on your bootdisk for
|
||
some reason, you'll have to copy some or all of your hard disk's PAM setup to
|
||
your root filesystem. Be sure to read the PAM documentation carefully, and
|
||
copy any libraries needed in <TT
|
||
CLASS="FILENAME"
|
||
>/lib/security</TT
|
||
> onto your root
|
||
filesystem.</P
|
||
><P
|
||
>You must also include <TT
|
||
CLASS="FILENAME"
|
||
>/lib/libpam.so</TT
|
||
> on your bootdisk.
|
||
But you already know this since you ran ldd on
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/bin/login</TT
|
||
>, which showed this dependency.</P
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT3"
|
||
><H3
|
||
CLASS="SECT3"
|
||
><A
|
||
NAME="AEN627"
|
||
>4.4.2. NSS (Name Service Switch)</A
|
||
></H3
|
||
><P
|
||
>If you are using glibc (aka libc6), you will have to make provisions
|
||
for name services or you will not be able to login. The file
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/etc/nsswitch.conf</TT
|
||
> controls database lookups for
|
||
various servies. If you don't plan to access services from the
|
||
network (eg, DNS or NIS lookups), you need only prepare a simple
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>nsswitch.conf</TT
|
||
> file that looks like this:
|
||
<TABLE
|
||
BORDER="0"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="PROGRAMLISTING"
|
||
> passwd: files
|
||
shadow: files
|
||
group: files
|
||
hosts: files
|
||
services: files
|
||
networks: files
|
||
protocols: files
|
||
rpc: files
|
||
ethers: files
|
||
netmasks: files
|
||
bootparams: files
|
||
automount: files
|
||
aliases: files
|
||
netgroup: files
|
||
publickey: files</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
|
||
This specifies that every service be provided only by local files.
|
||
You will also need to include
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/lib/libnss_files.so.</TT
|
||
><EM
|
||
>X</EM
|
||
>,
|
||
where <EM
|
||
>X</EM
|
||
> is 1 for glibc 2.0 and 2 for glibc 2.1.
|
||
This library will be loaded dynamically to handle the file lookups.</P
|
||
><P
|
||
>If you plan to access the network from your bootdisk, you may want to create a
|
||
more elaborate <TT
|
||
CLASS="FILENAME"
|
||
>nsswitch.conf</TT
|
||
> file. See the
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>nsswitch</TT
|
||
> man page for details. You must include a file
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/lib/libnss_</TT
|
||
><EM
|
||
>service</EM
|
||
><TT
|
||
CLASS="FILENAME"
|
||
>.so.1</TT
|
||
>
|
||
for each <EM
|
||
>service</EM
|
||
> you specify.</P
|
||
></DIV
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="AEN643"
|
||
>4.5. Modules</A
|
||
></H2
|
||
><P
|
||
> If you have a modular kernel, you must consider which modules you
|
||
may want to load from your bootdisk after booting. You might want to
|
||
include <B
|
||
CLASS="COMMAND"
|
||
>ftape</B
|
||
> and <B
|
||
CLASS="COMMAND"
|
||
>zftape</B
|
||
> modules if
|
||
your backup tapes are on floppy tape, modules for SCSI devices if you have
|
||
them, and possibly modules for PPP or SLIP support if you want to access
|
||
the net in an emergency.</P
|
||
><P
|
||
>These modules may be placed in <TT
|
||
CLASS="FILENAME"
|
||
>/lib/modules</TT
|
||
>. You should also
|
||
include <B
|
||
CLASS="COMMAND"
|
||
>insmod</B
|
||
>, <B
|
||
CLASS="COMMAND"
|
||
>rmmod</B
|
||
> and <B
|
||
CLASS="COMMAND"
|
||
>lsmod</B
|
||
>. Depending on whether you
|
||
want to load modules automatically, you might also include <B
|
||
CLASS="COMMAND"
|
||
>modprobe</B
|
||
>,
|
||
<B
|
||
CLASS="COMMAND"
|
||
>depmod</B
|
||
> and <B
|
||
CLASS="COMMAND"
|
||
>swapout</B
|
||
>. If you use
|
||
<B
|
||
CLASS="COMMAND"
|
||
>kerneld</B
|
||
>, include it along
|
||
with <TT
|
||
CLASS="FILENAME"
|
||
>/etc/conf.modules</TT
|
||
>.</P
|
||
><P
|
||
>However, the main advantage to using modules is that you can move non-critical
|
||
modules to a utility disk and load them when needed, thus using less space on
|
||
your root disk. If you may have to deal with many different devices, this
|
||
approach is preferable to building one huge kernel with many drivers built in.</P
|
||
><DIV
|
||
CLASS="IMPORTANT"
|
||
><P
|
||
></P
|
||
><TABLE
|
||
CLASS="IMPORTANT"
|
||
WIDTH="100%"
|
||
BORDER="0"
|
||
><TR
|
||
><TD
|
||
WIDTH="25"
|
||
ALIGN="CENTER"
|
||
VALIGN="TOP"
|
||
><IMG
|
||
SRC="../images/important.gif"
|
||
HSPACE="5"
|
||
ALT="Important"></TD
|
||
><TD
|
||
ALIGN="LEFT"
|
||
VALIGN="TOP"
|
||
><P
|
||
>In order to boot a compressed ext2 filesystem, you must have ramdisk and
|
||
ext2 support built-in. <EM
|
||
>They cannot be supplied as
|
||
modules.</EM
|
||
></P
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
></DIV
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="AEN664"
|
||
>4.6. Some final details</A
|
||
></H2
|
||
><P
|
||
> Some system programs, such as <B
|
||
CLASS="COMMAND"
|
||
>login</B
|
||
>, complain if
|
||
the file <TT
|
||
CLASS="FILENAME"
|
||
>/var/run/utmp</TT
|
||
> and the directory
|
||
<TT
|
||
CLASS="FILENAME"
|
||
>/var/log</TT
|
||
> do not exist. So:</P
|
||
><TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> mkdir -p /mnt/var/{log,run}
|
||
touch /mnt/var/run/utmp</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
><P
|
||
>Finally, after you have set up all the libraries you need, run
|
||
<B
|
||
CLASS="COMMAND"
|
||
>ldconfig</B
|
||
> to remake <TT
|
||
CLASS="FILENAME"
|
||
>/etc/ld.so.cache</TT
|
||
> on
|
||
the root filesystem. The cache tells the loader where to find the libraries.
|
||
You can do this with:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> ldconfig -r /mnt</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
</P
|
||
></DIV
|
||
><DIV
|
||
CLASS="SECT2"
|
||
><H2
|
||
CLASS="SECT2"
|
||
><A
|
||
NAME="WRAPPINGITUP"
|
||
>4.7. Wrapping it up</A
|
||
></H2
|
||
><P
|
||
>When you have finished constructing the root filesystem, unmount it, copy it
|
||
to a file and compress it:
|
||
<TABLE
|
||
BORDER="1"
|
||
BGCOLOR="#E0E0E0"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
><FONT
|
||
COLOR="#000000"
|
||
><PRE
|
||
CLASS="SCREEN"
|
||
> umount /mnt
|
||
dd if=<SPAN
|
||
CLASS="SYMBOL"
|
||
>DEVICE</SPAN
|
||
> bs=1k | gzip -v9 > rootfs.gz</PRE
|
||
></FONT
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
>
|
||
|
||
When this finishes you will have a file <TT
|
||
CLASS="FILENAME"
|
||
>rootfs.gz</TT
|
||
>. This
|
||
is your compressed root filesystem. You should check its size to make sure it
|
||
will fit on a diskette; if it doesn't you'll have to go back and remove some
|
||
files. Some suggestions for reducing root filesystem size appear in <A
|
||
HREF="slimfast.html"
|
||
>Section 8</A
|
||
>.</P
|
||
></DIV
|
||
></DIV
|
||
><H3
|
||
CLASS="FOOTNOTES"
|
||
>Notes</H3
|
||
><TABLE
|
||
BORDER="0"
|
||
CLASS="FOOTNOTES"
|
||
WIDTH="100%"
|
||
><TR
|
||
><TD
|
||
ALIGN="LEFT"
|
||
VALIGN="TOP"
|
||
WIDTH="5%"
|
||
><A
|
||
NAME="FTN.AEN318"
|
||
HREF="buildroot.html#AEN318"
|
||
>[1]</A
|
||
></TD
|
||
><TD
|
||
ALIGN="LEFT"
|
||
VALIGN="TOP"
|
||
WIDTH="95%"
|
||
><P
|
||
>The directory structure presented here is for root diskette use only.
|
||
Real Linux systems have a more complex and disciplined set of policies, called
|
||
the <A
|
||
HREF="http://www.pathname.com/fhs/2.0/fhs-toc.html"
|
||
TARGET="_top"
|
||
>Filesystem
|
||
Hierarchy Standard</A
|
||
>, for determining where files should go.)</P
|
||
></TD
|
||
></TR
|
||
></TABLE
|
||
><DIV
|
||
CLASS="NAVFOOTER"
|
||
><HR
|
||
ALIGN="LEFT"
|
||
WIDTH="100%"><TABLE
|
||
WIDTH="100%"
|
||
BORDER="0"
|
||
CELLPADDING="0"
|
||
CELLSPACING="0"
|
||
><TR
|
||
><TD
|
||
WIDTH="33%"
|
||
ALIGN="left"
|
||
VALIGN="top"
|
||
><A
|
||
HREF="x88.html"
|
||
>Prev</A
|
||
></TD
|
||
><TD
|
||
WIDTH="34%"
|
||
ALIGN="center"
|
||
VALIGN="top"
|
||
><A
|
||
HREF="index.html"
|
||
>Home</A
|
||
></TD
|
||
><TD
|
||
WIDTH="33%"
|
||
ALIGN="right"
|
||
VALIGN="top"
|
||
><A
|
||
HREF="x688.html"
|
||
>Next</A
|
||
></TD
|
||
></TR
|
||
><TR
|
||
><TD
|
||
WIDTH="33%"
|
||
ALIGN="left"
|
||
VALIGN="top"
|
||
>Bootdisks and the boot process</TD
|
||
><TD
|
||
WIDTH="34%"
|
||
ALIGN="center"
|
||
VALIGN="top"
|
||
> </TD
|
||
><TD
|
||
WIDTH="33%"
|
||
ALIGN="right"
|
||
VALIGN="top"
|
||
>Choosing a kernel</TD
|
||
></TR
|
||
></TABLE
|
||
></DIV
|
||
></BODY
|
||
></HTML
|
||
> |