управление_ядром_и_модулями_в_freebsd

This is an old revision of the document!


Управление ядром и модулями в FreeBSD

Что за ядро?

# uname -a

# ls -l /boot/kernel/kernel

# ls -l /boot/kernel/*ko

Переменные ядра

# sysctl net.inet.ip.ttl=2

# cat /etc/sysctl.conf

# cat /boot/loader.conf
hint.acpi.0.disabled="1"

Модули ядра

# kldstat

# kldload ipfw

# sysctl net.inet.ip.fw.enable=0

Сборка ядра

Причины требующие сборки нового ядра

  • изменение функциональности ядра
  • наложение заплаток безопасности на ядро
  • уменьшение размера ядра
  • повышение производительности

Бекап старого ядра

[server:~] # cd /boot
[server:/boot] # cp -r kernel/ kernel.generic/

Сбор сведений об оборудовании

[server:~] # dmesg
[server:~] # pciconf -lv

Установка исходных текстов ядра

[server:~] # mkdir /usr/src
[server:~] # mount /cdrom
[server:~] # cd /cdrom/X-RELEASE/src/
[server:/cdrom/X-RELEASE/src] # ./install.sh base sys
Extracting sources into /usr/src...
  Extracting source component: base
  Extracting source component: sys
Done extracting sources.

[server:/cdrom/X-RELEASE/src] # cd
[server:~] # umount /cdrom/

Обновление исходных текстов ядра

[server:~] # freebsd-update fetch
[server:~] # freebsd-update install

Создание файла конфигурации ядра

Задача - уменьшенить размер ядра

[server:~] # cd /usr/src/sys/i386/conf/
 
[server:sys/i386/conf] # cp GENERIC KERN

[server:sys/i386/conf] # ee KERN 

[server:sys/i386/conf] # sed -E '/#.*device/d' KERN
# cpu           I486_CPU
# cpu           I586_CPU
cpu             I686_CPU
ident           KERN

makeoptions     DEBUG=-g                # Build kernel with gdb(1) debug symbols

options         SCHED_ULE               # ULE scheduler
options         PREEMPTION              # Enable kernel thread preemption
options         INET                    # InterNETworking
# options       INET6                   # IPv6 communications protocols
options         SCTP                    # Stream Control Transmission Protocol
options         FFS                     # Berkeley Fast Filesystem
options         SOFTUPDATES             # Enable FFS soft updates support
options         UFS_ACL                 # Support for access control lists
options         UFS_DIRHASH             # Improve performance on big directories
options         UFS_GJOURNAL            # Enable gjournal-based UFS journaling
options         NFSCLIENT               # Network Filesystem Client
options         NFSSERVER               # Network Filesystem Server
options         NFSLOCKD                # Network Lock Manager
options         NFS_ROOT                # NFS usable as /, requires NFSCLIENT
options         MSDOSFS                 # MSDOS Filesystem
options         CD9660                  # ISO 9660 Filesystem
options         PROCFS                  # Process filesystem (requires PSEUDOFS)
options         PSEUDOFS                # Pseudo-filesystem framework
options         GEOM_PART_GPT           # GUID Partition Tables.
options         GEOM_LABEL              # Provides labelization
options         COMPAT_43TTY            # BSD 4.3 TTY compat [KEEP THIS!]
options         COMPAT_FREEBSD4         # Compatible with FreeBSD4
options         COMPAT_FREEBSD5         # Compatible with FreeBSD5
options         COMPAT_FREEBSD6         # Compatible with FreeBSD6
options         SCSI_DELAY=5000         # Delay (in ms) before probing SCSI
options         KTRACE                  # ktrace(1) support
options         STACK                   # stack(9) support
options         SYSVSHM                 # SYSV-style shared memory
options         SYSVMSG                 # SYSV-style message queues
options         SYSVSEM                 # SYSV-style semaphores
options         _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options         KBD_INSTALL_CDEV        # install a CDEV entry in /dev
options         ADAPTIVE_GIANT          # Giant mutex is adaptive.
options         STOP_NMI                # Stop CPUS using NMI instead of IPI
options         AUDIT                   # Security event auditing
#options        KDTRACE_HOOKS           # Kernel DTrace hooks

# To make an SMP kernel, the next two lines are needed
options         SMP                     # Symmetric MultiProcessor Kernel
device          apic                    # I/O APIC

# CPU frequency control
device          cpufreq

# Bus support.
device          pci

# Floppy drives
device          fdc

device          ata
device          atadisk         # ATA disk drives
device          atapicd         # ATAPI CDROM drives
device          atapist         # ATAPI tape drives

# SCSI Controllers
# options       AHC_REG_PRETTY_PRINT    # Print register bitfields in debug
                                        # output.  Adds ~128k to driver.
# options       AHD_REG_PRETTY_PRINT    # Print register bitfields in debug
                                        # output.  Adds ~215k to driver.

# SCSI peripherals
device          scbus           # SCSI bus (required for SCSI)
device          da              # Direct Access (disks)

# RAID controllers interfaced to the SCSI subsystem

# RAID controllers

# atkbdc0 controls both the keyboard and the PS/2 mouse
device          atkbdc          # AT keyboard controller
device          atkbd           # AT keyboard
device          psm             # PS/2 mouse

device          kbdmux          # keyboard multiplexer

device          vga             # VGA video card driver

device          splash          # Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device          sc

device          agp             # support several AGP chipsets

# Power management support (see NOTES for more options)
# Add suspend/resume support for the i8254.
device          pmtimer

# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support

# Serial (COM) ports
device          sio             # 8250, 16[45]50 based serial ports
device          uart            # Generic UART driver

# Parallel port
device          ppc
device          ppbus           # Parallel port bus (required)
device          lpt             # Printer

# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to sio, uart and/or ppc drivers):

# PCI Ethernet NICs.

# PCI Ethernet NICs that use the common MII bus controller code.
device          miibus          # MII bus support
device          fxp             # Intel EtherExpress PRO/100B (82557, 82558)

# ISA Ethernet NICs.  pccard NICs included.

# Wireless NIC cards

device          loop            # Network loopback
device          ether           # Ethernet support
device          ppp             # Kernel PPP
device          tun             # Packet tunnel.
device          pty             # Pseudo-ttys (telnet etc)
device          md              # Memory "disks"
device          gif             # IPv6 and IPv4 tunneling
device          firmware        # firmware assist module

# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device          bpf             # Berkeley packet filter

# USB support
device          uhci            # UHCI PCI->USB interface
device          ohci            # OHCI PCI->USB interface
device          ehci            # EHCI PCI->USB interface (USB 2.0)
device          usb             # USB Bus (required)
device          ugen            # Generic
device          ukbd            # Keyboard
device          umass           # Disks/Mass storage - Requires scbus and da
device          ums             # Mouse
# USB Ethernet, requires miibus

# FireWire support

Компиляция и инсталяция ядра

[server:sys/i386/conf] # cd /usr/src
[server:/usr/src] # make buildkernel KERNCONF=KERN
[server:/usr/src] # make installkernel KERNCONF=KERN

[server:/usr/src] # shutdown –r now

[server:~] # uname –a

Загрузка старого ядра

В меню Loader выбираем пункт 6

OK unload kernel

OK load /boot/kernel.old/kernel
	или
OK load /boot/kernel.generic/kernel

OK boot
управление_ядром_и_модулями_в_freebsd.1410845348.txt.gz · Last modified: 2014/09/16 09:29 by val