====== Управление ядром и модулями в FreeBSD ======
===== Что за ядро? =====
# uname -a
# ls -l /boot/kernel/kernel
# ls -l /boot/kernel/*ko
===== Переменные ядра =====
# sysctl net.inet.ip.ttl=2
# cat /etc/sysctl.conf
# cat /boot/loader.conf
...
hint.acpi.0.disabled="1"
===== Модули ядра =====
* [[Подключение звуковой карты]] (в старых версиях)
# kldstat
# kldload ipfw
# sysctl net.inet.ip.fw.enable=0
# cat /boot/loader.conf
...
if_em_load="YES"
snd_ich_load="YES"
===== Сборка ядра =====
* [[https://www.freebsd.org/doc/ru/books/handbook/kernelconfig-building.html|Сборка и установка собственного ядра]]
* [[https://www.freebsd.org/doc/handbook/kernelconfig.html|Configuring the FreeBSD Kernel]]
==== Причины требующие сборки нового ядра ====
* изменение функциональности ядра
* наложение заплаток безопасности на ядро
* уменьшение размера ядра
* повышение производительности
==== Бекап старого ядра ====
[server:~] # cp -r /boot/kernel/ /boot/kernel.generic/
==== Сбор сведений об оборудовании ====
* [[Анализ оборудования в FreeBSD]]
==== Установка исходных текстов ядра ====
[server:~] # mount -t cd9660 /dev/cd0 /mnt/
[server:~] # cd /
[server:/] # tar -xvf /mnt/usr/freebsd-dist/src.txz
[server:~] # umount /mnt/
==== Обновление исходных текстов ядра ====
[server:~] # freebsd-update fetch
[server:~] # freebsd-update install
==== Создание файла конфигурации ядра ====
Задачи:
* уменьшенить размер ядра
* отключить IPv6
* добавить в ядро поддержку pf и altq
* вынести драйвера сетевой и звуковой карты в модули
* остальные модули не компилировать
[server:~] # less /usr/src/sys/conf/NOTES
[server:~] # cd /usr/src/sys/i386/conf/
[server:sys/i386/conf] # cp GENERIC KERN
[server:sys/i386/conf] # ee KERN
[server:sys/i386/conf] # sed -E '/#.*device/d' KERN
# cpu I486_CPU
# cpu I586_CPU
cpu I686_CPU
ident GENERIC
makeoptions DEBUG=-gdwarf-2 # Build kernel with gdb(1) debug symbols
makeoptions WITH_CTF=1 # Run ctfconvert(1) for DTrace support
options SCHED_ULE # ULE scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
# options INET6 # IPv6 communications protocols
options TCP_OFFLOAD # TCP offload
options SCTP # Stream Control Transmission Protocol
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options UFS_GJOURNAL # Enable gjournal-based UFS journaling
options QUOTA # Enable disk quotas for UFS
options NFSCL # New Network Filesystem Client
options NFSD # New Network Filesystem Server
options NFSLOCKD # Network Lock Manager
options NFS_ROOT # NFS usable as /, requires NFSCL
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_PART_GPT # GUID Partition Tables.
options GEOM_RAID # Soft RAID functionality.
options GEOM_LABEL # Provides labelization
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options COMPAT_FREEBSD6 # Compatible with FreeBSD6
options COMPAT_FREEBSD7 # Compatible with FreeBSD7
options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI
options KTRACE # ktrace(1) support
options STACK # stack(9) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed.
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
options AUDIT # Security event auditing
options MAC # TrustedBSD MAC Framework
options KDTRACE_HOOKS # Kernel DTrace hooks
options INCLUDE_CONFIG_FILE # Include this file in kernel
options KDB # Kernel debugger related code
options KDB_TRACE # Print a stack trace for a panic
options DDB_CTF # kernel ELF linker loads CTF data
options ALTQ
options ALTQ_CBQ # Class Based Queueing
options ALTQ_RED # Random Early Detection
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler
options ALTQ_CDNR # Traffic conditioner
options ALTQ_PRIQ # Priority Queueing
options ALTQ_NOPCC # Required if the TSC is unusable
options ALTQ_DEBUG
# To make an SMP kernel, the next two lines are needed
options SMP # Symmetric MultiProcessor Kernel
device apic # I/O APIC
# CPU frequency control
device cpufreq
# Bus support.
device acpi
device pci
# Floppy drives
device fdc
# ATA controllers
device ata # Legacy ATA/SATA controllers
options ATA_CAM # Handle legacy controllers with CAM
# SCSI Controllers
# options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~128k to driver.
# options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~215k to driver.
# ATA/SCSI peripherals
device scbus # SCSI bus (required for ATA/SCSI)
device da # Direct Access (disks)
# RAID controllers interfaced to the SCSI subsystem
# RAID controllers
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device kbdmux # keyboard multiplexer
device vga # VGA video card driver
options VESA # Add support for VESA BIOS Extensions (VBE)
device splash # Splash screen and screen saver support
# syscons is the default console driver, resembling an SCO console
device sc
options SC_PIXEL_MODE # add support for the raster text mode
device agp # support several AGP chipsets
# Power management support (see NOTES for more options)
# Add suspend/resume support for the i8254.
device pmtimer
# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
# Serial (COM) ports
device uart # Generic UART driver
# Parallel port
# PCI Ethernet NICs.
# PCI Ethernet NICs that use the common MII bus controller code.
# ISA Ethernet NICs. pccard NICs included.
# Wireless NIC cards
device loop # Network loopback
options PADLOCK_RNG # VIA Padlock RNG
options RDRAND_RNG # Intel Bull Mountain RNG
device ether # Ethernet support
device vlan # 802.1Q VLAN support
device tun # Packet tunnel.
device pty # BSD-style compatibility pseudo ttys
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device faith # IPv6-to-IPv4 relaying (translation)
device firmware # firmware assist module
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device bpf # Berkeley packet filter
# USB support
options USB_DEBUG # enable debug msgs
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device xhci # XHCI PCI->USB interface (USB 3.0)
device usb # USB Bus (required)
device uhid # "Human Interface Devices"
device ukbd # Keyboard
device ulpt # Printer
device umass # Disks/Mass storage - Requires scbus and da
device ums # Mouse
device urio # Diamond Rio 500 MP3 player
device u3g # USB-based 3G modems (Option, Huawei, Sierra)
device uark # Technologies ARK3116 based serial adapters
device ubsa # Belkin F5U103 and compatible serial adapters
device uftdi # For FTDI usb serial adapters
device uplcom # Prolific PL-2303 serial adapters
device uslcom # SI Labs CP2101/CP2102 serial adapters
device uvscom # USB serial support for DDI pocket's PHS
# USB Ethernet, requires miibus
# # USB Wireless
# Sound support
# VirtIO support
device pf
device pflog
device pfsync
==== Выбор модулей ядра ====
# cat /etc/make.conf
...
MODULES_OVERRIDE = sound em
==== Компиляция и инсталяция ядра ====
[server:sys/i386/conf] # cd /usr/src
[server:/usr/src] # make buildkernel KERNCONF=KERN
[server:/usr/src] # make installkernel KERNCONF=KERN
[server:/usr/src] # shutdown –r now
[server:~] # uname –a
==== Загрузка старого ядра ====
В меню Loader выбираем пункт 6
OK unload kernel
OK load /boot/kernel.old/kernel
или
OK load /boot/kernel.generic/kernel
OK boot