LFS Notes
- Linux From Scratch - Version 11.3
-
https://www.linuxfromscratch.org/lfs/view/stable/
- I used default password “lfs”
Run checks on your system to make sure that it is ready to be used for an LFS build:
cat > version-check.sh << "EOF"
#!/bin/bash
# Simple script to list version numbers of critical development tools
export LC_ALL=C
bash --version | head -n1 | cut -d" " -f2-4
MYSH=$(readlink -f /bin/sh)
echo "/bin/sh -> $MYSH"
echo $MYSH | grep -q bash || echo "ERROR: /bin/sh does not point to bash"
unset MYSH
echo -n "Binutils: "; ld --version | head -n1 | cut -d" " -f3-
bison --version | head -n1
if [ -h /usr/bin/yacc ]; then
echo "/usr/bin/yacc -> `readlink -f /usr/bin/yacc`";
elif [ -x /usr/bin/yacc ]; then
echo yacc is `/usr/bin/yacc --version | head -n1`
else
echo "yacc not found"
fi
echo -n "Coreutils: "; chown --version | head -n1 | cut -d")" -f2
diff --version | head -n1
find --version | head -n1
gawk --version | head -n1
if [ -h /usr/bin/awk ]; then
echo "/usr/bin/awk -> `readlink -f /usr/bin/awk`";
elif [ -x /usr/bin/awk ]; then
echo awk is `/usr/bin/awk --version | head -n1`
else
echo "awk not found"
fi
gcc --version | head -n1
g++ --version | head -n1
grep --version | head -n1
gzip --version | head -n1
cat /proc/version
m4 --version | head -n1
make --version | head -n1
patch --version | head -n1
echo Perl `perl -V:version`
python3 --version
sed --version | head -n1
tar --version | head -n1
makeinfo --version | head -n1 # texinfo version
xz --version | head -n1
echo 'int main(){}' > dummy.c && g++ -o dummy dummy.c
if [ -x dummy ]
then echo "g++ compilation OK";
else echo "g++ compilation failed"; fi
rm -f dummy.c dummy
EOF
bash version-check.sh
sudo apt install m4
sudo rm /bin/sh
sudo ln -s /usr/bin/bash /bin/sh
sudo apt install bison
sudo apt install gawk
sudo apt-get install texinfo
bash version-check.sh
- initramfs ??? for raid, lvm, etc
-
swap - not on ssd, needed for hibernate, needs to be as large as RAM for hibernate
- cfdisk or fdisk gdisk
/
/boot kernels and booting info, 200 megabytes is good ( not on Ubuntu system ) good for really old systems, encryption, and unsupported file systems
/boot/efi needed for UEFI ( 538 MB on Ubuntu system )
swap
Grub Bios partition ??
Partition type: 'BIOS Boot'
GUID Partition Table (GPT), then a small, typically 1 MB ( confirmed 1 MB on Ubuntu system )
code of EF02
/dev/sde 64 GB drive serial number: CVEM951500D3064KGN
On Ubuntu:
Size: 1.0 MB
Partition Type: BIOS Boot # needed to boot GPT disk on BIOS/Legacy system
Size: 538 MB
Partition Type: EFI System
Mount Point: /boot/efi # needed to boot on EFI system
FS: FAT32
Size: 1000 GB
Partition Type: Linux Filesystem
Mount Point: /
FS: Ext3
Swap File /swapfile 2 GB # ubuntu uses this, slower than partition and could have bugs or other issues
Check EFI:
test -d /sys/firmware/efi && echo efi || echo bios
- Ubuntu set this as the second partition, first might be a better choice
- “Some (old) UEFI implementations may require the ESP to be the first partition on the disk.”
fdisk /dev/sde
n
+1M
t
4 # BIOS Boot
n
+512M
t
1 # EFI System
n
+512M # for multiple kernels and future initrd, used linux filesystem partition type ( default )
n
+2G
t
19 # Linux Swap
n
# all defaults for root filesystem
Device Start End Sectors Size Type
/dev/sde1 2048 4095 2048 1M BIOS boot
/dev/sde2 4096 1052671 1048576 512M EFI System ( /boot/efi )
/dev/sde3 1052672 2101247 1048576 512M Linux filesystem ( /boot )
/dev/sde4 2101248 6295551 4194304 2G Linux swap
/dev/sde5 6295552 125045390 118749839 56.6G Linux filesystem ( / )
As root:
mkfs -v -t ext4 /dev/sde3
mkfs -v -t ext4 /dev/sde5
mkfs.vfat /dev/sde2
mkswap /dev/sde4
export LFS=/mnt/lfs
echo $LFS
echo "export LFS=/mnt/lfs" >> /root/.bash_profile
echo "export LFS=/mnt/lfs" >> /root/.bashrc
echo "export LFS=/mnt/lfs" >> /home/user1/.bash_profile
echo "export LFS=/mnt/lfs" >> /home/user1/.bashrc
| /root/.bash_profile |
| /root/.bashrc |
| /home/user1/.bash_profile |
| /home/user1/.bashrc |
mkdir -pv $LFS
mount -v -t ext4 /dev/sde5 $LFS
mkdir -pv $LFS/boot
mount -v -t ext4 /dev/sde3 $LFS/boot
mkdir -pv $LFS/boot/efi
mount -v -t vfat /dev/sde2 $LFS/boot/efi
/sbin/swapon -v /dev/sde4
Can’t be mounted with: nosuid or nodev options:
cat /proc/mounts|grep -i lfs
Didn’t use this:
/etc/fstab
/dev/xxx /mnt/lfs ext4 defaults 1 1
mkdir -v $LFS/sources
chmod -v a+wt $LFS/sources
- https://mirror.download.it/lfs/pub/lfs/lfs-packages/11.3/
Won’t work with wget because of cloudflare, download manually:
wget https://mirror.download.it/lfs/pub/lfs/lfs-packages/11.3/wget-list
Works fine with cloudflare:
wget --input-file=wget-list-sysv --continue --directory-prefix=$LFS/sources
pushd $LFS/sources
wget https://www.linuxfromscratch.org/lfs/view/stable/md5sums
md5sum -c md5sums
popd
chown root:root $LFS/sources/*
- https://www.linuxfromscratch.org/lfs/view/stable/chapter03/patches.html
- https://www.linuxfromscratch.org/patches/downloads/ # also, optionally add these patches
wget https://www.linuxfromscratch.org/patches/lfs/11.3/bzip2-1.0.8-install_docs-1.patch
wget https://www.linuxfromscratch.org/patches/lfs/11.3/coreutils-9.1-i18n-1.patch
wget https://www.linuxfromscratch.org/patches/lfs/11.3/glibc-2.37-fhs-1.patch
wget https://www.linuxfromscratch.org/patches/lfs/11.3/grub-2.06-upstream_fixes-1.patch
wget https://www.linuxfromscratch.org/patches/lfs/11.3/kbd-2.5.1-backspace-1.patch
wget https://www.linuxfromscratch.org/patches/lfs/11.3/readline-8.2-upstream_fix-1.patch
wget https://www.linuxfromscratch.org/patches/lfs/11.3/sysvinit-3.06-consolidated-1.patch
mv *.patch $LFS/sources/*
chown root:root $LFS/sources/*
cp -r sources sources_untouched
As root:
mkdir -pv $LFS/{etc,var} $LFS/usr/{bin,lib,sbin}
for i in bin lib sbin; do
ln -sv usr/$i $LFS/$i
done
case $(uname -m) in
x86_64) mkdir -pv $LFS/lib64 ;;
esac
mkdir -pv $LFS/tools
Make sure that this doesn’t exist and isn’t ever created even after building the system:
/usr/lib64
groupadd lfs
useradd -s /bin/bash -g lfs -m -k /dev/null lfs
passwd lfs # I used default password "lfs"
Chown some dirs:
chown -v lfs $LFS/{usr{,/*},lib,var,etc,bin,sbin,tools}
case $(uname -m) in
x86_64) chown -v lfs $LFS/lib64 ;;
esac
Become lfs user:
su - lfs
As lfs user:
cat > ~/.bash_profile << "EOF"
exec env -i HOME=$HOME TERM=$TERM PS1='\u:\w\$ ' /bin/bash
EOF
cat > ~/.bashrc << "EOF"
set +h
umask 022
LFS=/mnt/lfs
LC_ALL=POSIX
LFS_TGT=$(uname -m)-lfs-linux-gnu
PATH=/usr/bin
if [ ! -L /bin ]; then PATH=/bin:$PATH; fi
PATH=$LFS/tools/bin:$PATH
CONFIG_SITE=$LFS/usr/share/config.site
export LFS LC_ALL LFS_TGT PATH CONFIG_SITE
EOF
source ~/.bash_profile
As root:
[ ! -e /etc/bash.bashrc ] || mv -v /etc/bash.bashrc /etc/bash.bashrc.NOUSE
As lfs:
export MAKEFLAGS='-j8'
- dynamic linker / dynamic loader ( not the standard linker ld )
- shlib-versions file in the root of the glibc source tree.
gcc -dumpmachine
readelf -l somebinary... | grep interpreter
All sources go here:
/mnt/lfs/sources/
- extract as LFS user
- delete extracted dir when done building
Compiling a Cross-Toolchain
cd $LFS/sources
Binutils-2.40 - Pass 1
One SBU ( standard build unit ) for me building with:
- Intel(R) Core(TM) i7-9700K
- 32 G RAM
real 0m29.089s
user 1m49.341s
sys 0m12.439s
tar xvf binutils-2.40.tar.xz
cd binutils-2.40
mkdir -v build
cd build
../configure --prefix=$LFS/tools \
--with-sysroot=$LFS \
--target=$LFS_TGT \
--disable-nls \
--enable-gprofng=no \
--disable-werror
make
make install
cd ../..
rm -rf binutils-2.40
GCC-12.2.0 - Pass 1
Time it took me:
real 4m20.248s
user 23m36.357s
sys 1m21.259s
tar xvf gcc-12.2.0.tar.xz
cd gcc-12.2.0
tar -xf ../mpfr-4.2.0.tar.xz
mv -v mpfr-4.2.0 mpfr
tar -xf ../gmp-6.2.1.tar.xz
mv -v gmp-6.2.1 gmp
tar -xf ../mpc-1.3.1.tar.gz
mv -v mpc-1.3.1 mpc
case $(uname -m) in
x86_64)
sed -e '/m64=/s/lib64/lib/' \
-i.orig gcc/config/i386/t-linux64
;;
esac
mkdir -v build
cd build
../configure \
--target=$LFS_TGT \
--prefix=$LFS/tools \
--with-glibc-version=2.37 \
--with-sysroot=$LFS \
--with-newlib \
--without-headers \
--enable-default-pie \
--enable-default-ssp \
--disable-nls \
--disable-shared \
--disable-multilib \
--disable-threads \
--disable-libatomic \
--disable-libgomp \
--disable-libquadmath \
--disable-libssp \
--disable-libvtv \
--disable-libstdcxx \
--enable-languages=c,c++
make
make install
cd ..
cat gcc/limitx.h gcc/glimits.h gcc/limity.h > \
`dirname $($LFS_TGT-gcc -print-libgcc-file-name)`/install-tools/include/limits.h
cd ..
rm -rf gcc-12.2.0
Linux-6.1.11 API Headers
tar xvf linux-6.1.11.tar.xz
cd linux-6.1.11
make mrproper
make headers
find usr/include -type f ! -name '*.h' -delete
cp -rv usr/include $LFS/usr
cd ..
rm -rf linux-6.1.11
Glibc-2.37
tar xvf glibc-2.37.tar.xz
cd glibc-2.37
case $(uname -m) in
i?86) ln -sfv ld-linux.so.2 $LFS/lib/ld-lsb.so.3
;;
x86_64) ln -sfv ../lib/ld-linux-x86-64.so.2 $LFS/lib64
ln -sfv ../lib/ld-linux-x86-64.so.2 $LFS/lib64/ld-lsb-x86-64.so.3
;;
esac
patch -Np1 -i ../glibc-2.37-fhs-1.patch
mkdir -v build
cd build
echo "rootsbindir=/usr/sbin" > configparms
../configure \
--prefix=/usr \
--host=$LFS_TGT \
--build=$(../scripts/config.guess) \
--enable-kernel=3.2 \
--with-headers=$LFS/usr/include \
libc_cv_slibdir=/usr/lib
make
make DESTDIR=$LFS install
sed '/RTLDLIST=/s@/usr@@g' -i $LFS/usr/bin/ldd
Test:
echo 'int main(){}' | $LFS_TGT-gcc -xc -
readelf -l a.out | grep ld-linux
Should see:
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
clean up test:
rm -v a.out
$LFS/tools/libexec/gcc/$LFS_TGT/12.2.0/install-tools/mkheaders
cd ../..
rm -rf glibc-2.37
Libstdc++ from GCC-12.2.0
tar xvf gcc-12.2.0.tar.xz
cd gcc-12.2.0
mkdir -v build
cd build
../libstdc++-v3/configure \
--host=$LFS_TGT \
--build=$(../config.guess) \
--prefix=/usr \
--disable-multilib \
--disable-nls \
--disable-libstdcxx-pch \
--with-gxx-include-dir=/tools/$LFS_TGT/include/c++/12.2.0
make
make DESTDIR=$LFS install
rm -v $LFS/usr/lib/lib{stdc++,stdc++fs,supc++}.la
cd ../..
rm -rf gcc-12.2.0
Cross Compiling Temporary Tools
M4-1.4.19
tar xvf m4-1.4.19.tar.xz
cd m4-1.4.19
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(build-aux/config.guess)
make
make DESTDIR=$LFS install
cd ..
rm -rf m4-1.4.19
Ncurses-6.4
tar xvfz ncurses-6.4.tar.gz
cd ncurses-6.4
sed -i s/mawk// configure
mkdir build
pushd build
../configure
make -C include
make -C progs tic
popd
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(./config.guess) \
--mandir=/usr/share/man \
--with-manpage-format=normal \
--with-shared \
--without-normal \
--with-cxx-shared \
--without-debug \
--without-ada \
--disable-stripping \
--enable-widec
make
make DESTDIR=$LFS TIC_PATH=$(pwd)/build/progs/tic install
echo "INPUT(-lncursesw)" > $LFS/usr/lib/libncurses.so
cd ..
rm -rf ncurses-6.4
Bash-5.2.15
tar xvfz bash-5.2.15.tar.gz
cd bash-5.2.15
./configure --prefix=/usr \
--build=$(sh support/config.guess) \
--host=$LFS_TGT \
--without-bash-malloc
make
make DESTDIR=$LFS install
ln -sv bash $LFS/bin/sh
cd ..
rm -rf bash-5.2.15
Coreutils-9.1
tar xvf coreutils-9.1.tar.xz
cd coreutils-9.1
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(build-aux/config.guess) \
--enable-install-program=hostname \
--enable-no-install-program=kill,uptime
make
make DESTDIR=$LFS install
mv -v $LFS/usr/bin/chroot $LFS/usr/sbin
mkdir -pv $LFS/usr/share/man/man8
mv -v $LFS/usr/share/man/man1/chroot.1 $LFS/usr/share/man/man8/chroot.8
sed -i 's/"1"/"8"/' $LFS/usr/share/man/man8/chroot.8
cd ..
rm -rf coreutils-9.1
Diffutils-3.9
tar xvf diffutils-3.9.tar.xz
cd diffutils-3.9
./configure --prefix=/usr --host=$LFS_TGT
make
make DESTDIR=$LFS install
cd ..
rm -rf diffutils-3.9
File-5.44
tar xvfz file-5.44.tar.gz
cd file-5.44
mkdir build
pushd build
../configure --disable-bzlib \
--disable-libseccomp \
--disable-xzlib \
--disable-zlib
make
popd
./configure --prefix=/usr --host=$LFS_TGT --build=$(./config.guess)
make FILE_COMPILE=$(pwd)/build/src/file
make DESTDIR=$LFS install
rm -v $LFS/usr/lib/libmagic.la
cd ..
rm -rf file-5.44
Findutils-4.9.0
tar xvf findutils-4.9.0.tar.xz
cd findutils-4.9.0
./configure --prefix=/usr \
--localstatedir=/var/lib/locate \
--host=$LFS_TGT \
--build=$(build-aux/config.guess)
make
make DESTDIR=$LFS install
cd ..
rm -rf findutils-4.9.0
Gawk-5.2.1
tar xvf gawk-5.2.1.tar.xz
cd gawk-5.2.1
sed -i 's/extras//' Makefile.in
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(build-aux/config.guess)
make
make DESTDIR=$LFS install
cd ..
rm -rf gawk-5.2.1
Grep-3.8
tar xvf grep-3.8.tar.xz
cd grep-3.8
./configure --prefix=/usr \
--host=$LFS_TGT
make
make DESTDIR=$LFS install
cd ..
rm -rf grep-3.8
Gzip-1.12
tar xvf gzip-1.12.tar.xz
cd gzip-1.12
./configure --prefix=/usr --host=$LFS_TGT
make
make DESTDIR=$LFS install
cd ..
rm -rf gzip-1.12
Make-4.4
tar xvfz make-4.4.tar.gz
cd make-4.4
sed -e '/ifdef SIGPIPE/,+2 d' \
-e '/undef FATAL_SIG/i FATAL_SIG (SIGPIPE);' \
-i src/main.c
./configure --prefix=/usr \
--without-guile \
--host=$LFS_TGT \
--build=$(build-aux/config.guess)
make
make DESTDIR=$LFS install
cd ..
rm -rf make-4.4
Patch-2.7.6
tar xvf patch-2.7.6.tar.xz
cd patch-2.7.6
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(build-aux/config.guess)
make
make DESTDIR=$LFS install
cd ..
rm -rf patch-2.7.6
Sed-4.9
tar xvf sed-4.9.tar.xz
cd sed-4.9
./configure --prefix=/usr \
--host=$LFS_TGT
make
make DESTDIR=$LFS install
cd ..
rm -rf sed-4.9
Tar-1.34
tar xvf tar-1.34.tar.xz
cd tar-1.34
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(build-aux/config.guess)
make
make DESTDIR=$LFS install
cd ..
rm -rf tar-1.34
Xz-5.4.1
tar xvf xz-5.4.1.tar.xz
cd xz-5.4.1
./configure --prefix=/usr \
--host=$LFS_TGT \
--build=$(build-aux/config.guess) \
--disable-static \
--docdir=/usr/share/doc/xz-5.4.1
make
make DESTDIR=$LFS install
rm -v $LFS/usr/lib/liblzma.la
cd ..
rm -rf xz-5.4.1
Binutils-2.40 - Pass 2
tar xvf binutils-2.40.tar.xz
cd binutils-2.40
sed '6009s/$add_dir//' -i ltmain.sh
mkdir -v build
cd build
../configure \
--prefix=/usr \
--build=$(../config.guess) \
--host=$LFS_TGT \
--disable-nls \
--enable-shared \
--enable-gprofng=no \
--disable-werror \
--enable-64-bit-bfd
make
make DESTDIR=$LFS install
rm -v $LFS/usr/lib/lib{bfd,ctf,ctf-nobfd,opcodes}.{a,la}
cd ../..
rm -rf binutils-2.40
GCC-12.2.0 - Pass 2
tar xvf gcc-12.2.0.tar.xz
cd gcc-12.2.0
tar -xf ../mpfr-4.2.0.tar.xz
mv -v mpfr-4.2.0 mpfr
tar -xf ../gmp-6.2.1.tar.xz
mv -v gmp-6.2.1 gmp
tar -xf ../mpc-1.3.1.tar.gz
mv -v mpc-1.3.1 mpc
case $(uname -m) in
x86_64)
sed -e '/m64=/s/lib64/lib/' -i.orig gcc/config/i386/t-linux64
;;
esac
sed '/thread_header =/s/@.*@/gthr-posix.h/' \
-i libgcc/Makefile.in libstdc++-v3/include/Makefile.in
mkdir -v build
cd build
../configure \
--build=$(../config.guess) \
--host=$LFS_TGT \
--target=$LFS_TGT \
LDFLAGS_FOR_TARGET=-L$PWD/$LFS_TGT/libgcc \
--prefix=/usr \
--with-build-sysroot=$LFS \
--enable-default-pie \
--enable-default-ssp \
--disable-nls \
--disable-multilib \
--disable-libatomic \
--disable-libgomp \
--disable-libquadmath \
--disable-libssp \
--disable-libvtv \
--enable-languages=c,c++
make
make DESTDIR=$LFS install
ln -sv gcc $LFS/usr/bin/cc
cd ../..
rm -rf gcc-12.2.0
Entering Chroot and Building Additional Temporary Tools
chown -R root:root $LFS/{usr,lib,var,etc,bin,sbin,tools}
case $(uname -m) in
x86_64) chown -R root:root $LFS/lib64 ;;
esac
As root:
Preparing Virtual Kernel File Systems
mkdir -pv $LFS/{dev,proc,sys,run}
mount -v --bind /dev $LFS/dev
mount -v --bind /dev/pts $LFS/dev/pts
mount -vt proc proc $LFS/proc
mount -vt sysfs sysfs $LFS/sys
mount -vt tmpfs tmpfs $LFS/run
if [ -h $LFS/dev/shm ]; then
mkdir -pv $LFS/$(readlink $LFS/dev/shm)
else
mount -t tmpfs -o nosuid,nodev tmpfs $LFS/dev/shm
fi
Entering the Chroot Environment
chroot "$LFS" /usr/bin/env -i \
HOME=/root \
TERM="$TERM" \
PS1='(lfs chroot) \u:\w\$ ' \
PATH=/usr/bin:/usr/sbin \
/bin/bash --login
mkdir -pv /{boot,home,mnt,opt,srv}
mkdir -pv /etc/{opt,sysconfig}
mkdir -pv /lib/firmware
mkdir -pv /media/{floppy,cdrom}
mkdir -pv /usr/{,local/}{include,src}
mkdir -pv /usr/local/{bin,lib,sbin}
mkdir -pv /usr/{,local/}share/{color,dict,doc,info,locale,man}
mkdir -pv /usr/{,local/}share/{misc,terminfo,zoneinfo}
mkdir -pv /usr/{,local/}share/man/man{1..8}
mkdir -pv /var/{cache,local,log,mail,opt,spool}
mkdir -pv /var/lib/{color,misc,locate}
ln -sfv /run /var/run
ln -sfv /run/lock /var/lock
install -dv -m 0750 /root
install -dv -m 1777 /tmp /var/tmp
ln -sv /proc/self/mounts /etc/mtab
cat > /etc/hosts << EOF
127.0.0.1 localhost $(hostname)
::1 localhost
EOF
cat > /etc/passwd << "EOF"
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/dev/null:/usr/bin/false
daemon:x:6:6:Daemon User:/dev/null:/usr/bin/false
messagebus:x:18:18:D-Bus Message Daemon User:/run/dbus:/usr/bin/false
uuidd:x:80:80:UUID Generation Daemon User:/dev/null:/usr/bin/false
nobody:x:65534:65534:Unprivileged User:/dev/null:/usr/bin/false
EOF
cat > /etc/group << "EOF"
root:x:0:
bin:x:1:daemon
sys:x:2:
kmem:x:3:
tape:x:4:
tty:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
usb:x:14:
cdrom:x:15:
adm:x:16:
messagebus:x:18:
input:x:24:
mail:x:34:
kvm:x:61:
uuidd:x:80:
wheel:x:97:
users:x:999:
nogroup:x:65534:
EOF
Create test user
echo "tester:x:101:101::/home/tester:/bin/bash" >> /etc/passwd
echo "tester:x:101:" >> /etc/group
install -o tester -d /home/tester
Login to new shell:
exec /usr/bin/bash --login
touch /var/log/{btmp,lastlog,faillog,wtmp}
chgrp -v utmp /var/log/lastlog
chmod -v 664 /var/log/lastlog
chmod -v 600 /var/log/btmp
“The /var/log/wtmp file records all logins and logouts. The /var/log/lastlog file records when each user last logged in. The /var/log/faillog file records failed login attempts. The /var/log/btmp file records the bad login attempts.”
- /run/utmp file records the users that are currently logged in.
cd sources
Gettext
tar xvf gettext-0.21.1.tar.xz
cd gettext-0.21.1
./configure --disable-shared
make
cp -v gettext-tools/src/{msgfmt,msgmerge,xgettext} /usr/bin
cd ..
rm -rf gettext-0.21.1
Bison-3.8.2
tar xvf bison-3.8.2.tar.xz
cd bison-3.8.2
./configure --prefix=/usr \
--docdir=/usr/share/doc/bison-3.8.2
make
make install
cd ..
rm -rf bison-3.8.2
Perl-5.36.0
tar xvf perl-5.36.0.tar.xz
cd perl-5.36.0
sh Configure -des \
-Dprefix=/usr \
-Dvendorprefix=/usr \
-Dprivlib=/usr/lib/perl5/5.36/core_perl \
-Darchlib=/usr/lib/perl5/5.36/core_perl \
-Dsitelib=/usr/lib/perl5/5.36/site_perl \
-Dsitearch=/usr/lib/perl5/5.36/site_perl \
-Dvendorlib=/usr/lib/perl5/5.36/vendor_perl \
-Dvendorarch=/usr/lib/perl5/5.36/vendor_perl
make
make install
cd ..
rm -rf perl-5.36.0
Python-3.11.2
May see fatal error for optional modules at this stage.
tar xvf Python-3.11.2.tar.xz
cd Python-3.11.2
./configure --prefix=/usr \
--enable-shared \
--without-ensurepip
make
make install
cd ..
rm -rf Python-3.11.2
Texinfo-7.0.2
tar xvf texinfo-7.0.2.tar.xz
cd texinfo-7.0.2
./configure --prefix=/usr
make
make install
cd ..
rm -rf texinfo-7.0.2
Util-linux-2.38.1
tar xvf util-linux-2.38.1.tar.xz
cd util-linux-2.38.1
mkdir -pv /var/lib/hwclock
./configure ADJTIME_PATH=/var/lib/hwclock/adjtime \
--libdir=/usr/lib \
--docdir=/usr/share/doc/util-linux-2.38.1 \
--disable-chfn-chsh \
--disable-login \
--disable-nologin \
--disable-su \
--disable-setpriv \
--disable-runuser \
--disable-pylibmount \
--disable-static \
--without-python \
runstatedir=/run
make
make install
cd ..
rm -rf util-linux-2.38.1
Clean up
rm -rf /usr/share/{info,man,doc}/*
find /usr/{lib,libexec} -name \*.la -delete
rm -rf /tools
Exit Chroot and Backup System
exit
mountpoint -q $LFS/dev/shm && umount $LFS/dev/shm
umount $LFS/dev/pts
umount $LFS/{sys,proc,run,dev}
umount /mnt/lfs/boot/efi
umount /mnt/lfs/boot
cd $LFS
tar -cJpf $HOME/lfs-temp-tools-11.3.tar.xz .
Restore from Backup
cd $LFS
rm -rf ./*
tar -xpf $HOME/lfs-temp-tools-11.3.tar.xz
Go back into the Chroot environment
mount -v --bind /dev $LFS/dev
mount -v --bind /dev/pts $LFS/dev/pts
mount -vt proc proc $LFS/proc
mount -vt sysfs sysfs $LFS/sys
mount -vt tmpfs tmpfs $LFS/run
mount -v -t ext4 /dev/sde3 $LFS/boot
mount -v -t vfat /dev/sde2 $LFS/boot/efi
if [ -h $LFS/dev/shm ]; then
mkdir -pv $LFS/$(readlink $LFS/dev/shm)
else
mount -t tmpfs -o nosuid,nodev tmpfs $LFS/dev/shm
fi
chroot "$LFS" /usr/bin/env -i \
HOME=/root \
TERM="$TERM" \
PS1='(lfs chroot) \u:\w\$ ' \
PATH=/usr/bin:/usr/sbin \
/bin/bash --login
cd sources
Installing Basic System Software
Man-pages-6.03
tar xvf man-pages-6.03.tar.xz
cd man-pages-6.03
make prefix=/usr install
cd ..
rm -rf man-pages-6.03
Iana-Etc-20230202
tar xvfz iana-etc-20230202.tar.gz
cd iana-etc-20230202
cp services protocols /etc
cd ..
rm -rf iana-etc-20230202
Glibc-2.37
tar xvf glibc-2.37.tar.xz
cd glibc-2.37
patch -Np1 -i ../glibc-2.37-fhs-1.patch
sed '/width -=/s/workend - string/number_length/' \
-i stdio-common/vfprintf-process-arg.c
mkdir -v build
cd build
echo "rootsbindir=/usr/sbin" > configparms
../configure --prefix=/usr \
--disable-werror \
--enable-kernel=3.2 \
--enable-stack-protector=strong \
--with-headers=/usr/include \
libc_cv_slibdir=/usr/lib
make
make check
May see some failures, ex:
- io/tst-lchmod is known to fail in the LFS chroot environment.
- misc/tst-ttyname is known to fail in the LFS chroot environment.
- The stdlib/tst-arc4random-thread test is known to fail if the host kernel is relatively old.
- Some tests, for example nss/tst-nss-files-hosts-multi, are known to fail on relatively slow systems due to an internal timeout.
touch /etc/ld.so.conf
sed '/test-installation/s@$(PERL)@echo not running@' -i ../Makefile
make install
sed '/RTLDLIST=/s@/usr@@g' -i /usr/bin/ldd
cp -v ../nscd/nscd.conf /etc/nscd.conf
mkdir -pv /var/cache/nscd
mkdir -pv /usr/lib/locale
localedef -i POSIX -f UTF-8 C.UTF-8 2> /dev/null || true
localedef -i cs_CZ -f UTF-8 cs_CZ.UTF-8
localedef -i de_DE -f ISO-8859-1 de_DE
localedef -i de_DE@euro -f ISO-8859-15 de_DE@euro
localedef -i de_DE -f UTF-8 de_DE.UTF-8
localedef -i el_GR -f ISO-8859-7 el_GR
localedef -i en_GB -f ISO-8859-1 en_GB
localedef -i en_GB -f UTF-8 en_GB.UTF-8
localedef -i en_HK -f ISO-8859-1 en_HK
localedef -i en_PH -f ISO-8859-1 en_PH
localedef -i en_US -f ISO-8859-1 en_US
localedef -i en_US -f UTF-8 en_US.UTF-8
localedef -i es_ES -f ISO-8859-15 es_ES@euro
localedef -i es_MX -f ISO-8859-1 es_MX
localedef -i fa_IR -f UTF-8 fa_IR
localedef -i fr_FR -f ISO-8859-1 fr_FR
localedef -i fr_FR@euro -f ISO-8859-15 fr_FR@euro
localedef -i fr_FR -f UTF-8 fr_FR.UTF-8
localedef -i is_IS -f ISO-8859-1 is_IS
localedef -i is_IS -f UTF-8 is_IS.UTF-8
localedef -i it_IT -f ISO-8859-1 it_IT
localedef -i it_IT -f ISO-8859-15 it_IT@euro
localedef -i it_IT -f UTF-8 it_IT.UTF-8
localedef -i ja_JP -f EUC-JP ja_JP
localedef -i ja_JP -f SHIFT_JIS ja_JP.SJIS 2> /dev/null || true
localedef -i ja_JP -f UTF-8 ja_JP.UTF-8
localedef -i nl_NL@euro -f ISO-8859-15 nl_NL@euro
localedef -i ru_RU -f KOI8-R ru_RU.KOI8-R
localedef -i ru_RU -f UTF-8 ru_RU.UTF-8
localedef -i se_NO -f UTF-8 se_NO.UTF-8
localedef -i ta_IN -f UTF-8 ta_IN.UTF-8
localedef -i tr_TR -f UTF-8 tr_TR.UTF-8
localedef -i zh_CN -f GB18030 zh_CN.GB18030
localedef -i zh_HK -f BIG5-HKSCS zh_HK.BIG5-HKSCS
localedef -i zh_TW -f UTF-8 zh_TW.UTF-8
- may look into getting more locales later
install all locales:
make localedata/install-locales
localedef -i POSIX -f UTF-8 C.UTF-8 2> /dev/null || true
localedef -i ja_JP -f SHIFT_JIS ja_JP.SJIS 2> /dev/null || true
cat > /etc/nsswitch.conf << "EOF"
# Begin /etc/nsswitch.conf
passwd: files
group: files
shadow: files
hosts: files dns
networks: files
protocols: files
services: files
ethers: files
rpc: files
# End /etc/nsswitch.conf
EOF
tar -xf ../../tzdata2022g.tar.gz
ZONEINFO=/usr/share/zoneinfo
mkdir -pv $ZONEINFO/{posix,right}
for tz in etcetera southamerica northamerica europe africa antarctica \
asia australasia backward; do
zic -L /dev/null -d $ZONEINFO ${tz}
zic -L /dev/null -d $ZONEINFO/posix ${tz}
zic -L leapseconds -d $ZONEINFO/right ${tz}
done
cp -v zone.tab zone1970.tab iso3166.tab $ZONEINFO
zic -d $ZONEINFO -p America/New_York
unset ZONEINFO
Lookup TZ info ( can use on original host system ):
tzselect
timedatectl | grep "Time zone"
ls -l /etc/localtime
ls /usr/share/zoneinfo
ln -sfv /usr/share/zoneinfo/America/New_York /etc/localtime
- dynamic loader: /lib/ld-linux.so.2
- searches /usr/lib and /etc/ld.so.conf
cat > /etc/ld.so.conf << "EOF"
# Begin /etc/ld.so.conf
/usr/local/lib
/opt/lib
EOF
cat >> /etc/ld.so.conf << "EOF"
# Add an include directory
include /etc/ld.so.conf.d/*.conf
EOF
mkdir -pv /etc/ld.so.conf.d
cd ../..
rm -rf glibc-2.37
Zlib-1.2.13
tar xvf zlib-1.2.13.tar.xz
cd zlib-1.2.13
./configure --prefix=/usr
make
make check
make install
rm -fv /usr/lib/libz.a
cd ..
rm -rf zlib-1.2.13
Bzip2-1.0.8
tar xvfz bzip2-1.0.8.tar.gz
cd bzip2-1.0.8
patch -Np1 -i ../bzip2-1.0.8-install_docs-1.patch
sed -i 's@\(ln -s -f \)$(PREFIX)/bin/@\1@' Makefile
sed -i "s@(PREFIX)/man@(PREFIX)/share/man@g" Makefile
make -f Makefile-libbz2_so
make clean
make
make PREFIX=/usr install
cp -av libbz2.so.* /usr/lib
ln -sv libbz2.so.1.0.8 /usr/lib/libbz2.so
cp -v bzip2-shared /usr/bin/bzip2
for i in /usr/bin/{bzcat,bunzip2}; do
ln -sfv bzip2 $i
done
rm -fv /usr/lib/libbz2.a
cd ..
rm -rf bzip2-1.0.8
Xz-5.4.1
tar xvf xz-5.4.1.tar.xz
cd xz-5.4.1
./configure --prefix=/usr \
--disable-static \
--docdir=/usr/share/doc/xz-5.4.1
make
make check
make install
cd ..
rm -rf xz-5.4.1
Zstd-1.5.4
- real failure: ‘FAIL’
- NOT real failure: ‘failed’, etc.
tar xvfz zstd-1.5.4.tar.gz
cd zstd-1.5.4
make prefix=/usr
make check
make prefix=/usr install
rm -v /usr/lib/libzstd.a
cd ..
rm -rf zstd-1.5.4
File-5.44
tar xvfz file-5.44.tar.gz
cd file-5.44
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf file-5.44
Readline-8.2
tar xvfz readline-8.2.tar.gz
cd readline-8.2
sed -i '/MV.*old/d' Makefile.in
sed -i '/{OLDSUFF}/c:' support/shlib-install
patch -Np1 -i ../readline-8.2-upstream_fix-1.patch
./configure --prefix=/usr \
--disable-static \
--with-curses \
--docdir=/usr/share/doc/readline-8.2
make SHLIB_LIBS="-lncursesw"
make SHLIB_LIBS="-lncursesw" install
install -v -m644 doc/*.{ps,pdf,html,dvi} /usr/share/doc/readline-8.2
cd ..
rm -rf readline-8.2
M4-1.4.19
tar xvf m4-1.4.19.tar.xz
cd m4-1.4.19
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf m4-1.4.19
Bc-6.2.4
tar xvf bc-6.2.4.tar.xz
cd bc-6.2.4
CC=gcc ./configure --prefix=/usr -G -O3 -r
make
make test
make install
cd ..
rm -rf bc-6.2.4
Flex-2.6.4
tar xvfz flex-2.6.4.tar.gz
cd flex-2.6.4
./configure --prefix=/usr \
--docdir=/usr/share/doc/flex-2.6.4 \
--disable-static
make
make check
make install
ln -sv flex /usr/bin/lex
cd ..
rm -rf flex-2.6.4
Tcl-8.6.13
tar xvfz tcl8.6.13-src.tar.gz
cd tcl8.6.13
SRCDIR=$(pwd)
cd unix
./configure --prefix=/usr \
--mandir=/usr/share/man
make
sed -e "s|$SRCDIR/unix|/usr/lib|" \
-e "s|$SRCDIR|/usr/include|" \
-i tclConfig.sh
sed -e "s|$SRCDIR/unix/pkgs/tdbc1.1.5|/usr/lib/tdbc1.1.5|" \
-e "s|$SRCDIR/pkgs/tdbc1.1.5/generic|/usr/include|" \
-e "s|$SRCDIR/pkgs/tdbc1.1.5/library|/usr/lib/tcl8.6|" \
-e "s|$SRCDIR/pkgs/tdbc1.1.5|/usr/include|" \
-i pkgs/tdbc1.1.5/tdbcConfig.sh
sed -e "s|$SRCDIR/unix/pkgs/itcl4.2.3|/usr/lib/itcl4.2.3|" \
-e "s|$SRCDIR/pkgs/itcl4.2.3/generic|/usr/include|" \
-e "s|$SRCDIR/pkgs/itcl4.2.3|/usr/include|" \
-i pkgs/itcl4.2.3/itclConfig.sh
unset SRCDIR
make test
make install
chmod -v u+w /usr/lib/libtcl8.6.so
make install-private-headers
ln -sfv tclsh8.6 /usr/bin/tclsh
mv /usr/share/man/man3/{Thread,Tcl_Thread}.3
cd ..
tar -xf ../tcl8.6.13-html.tar.gz --strip-components=1
mkdir -v -p /usr/share/doc/tcl-8.6.13
cp -v -r ./html/* /usr/share/doc/tcl-8.6.13
cd ..
rm -rf tcl8.6.13-src
Expect-5.45.4
tar xvfz expect5.45.4.tar.gz
cd expect5.45.4
./configure --prefix=/usr \
--with-tcl=/usr/lib \
--enable-shared \
--mandir=/usr/share/man \
--with-tclinclude=/usr/include
make
make test
make install
ln -svf expect5.45.4/libexpect5.45.4.so /usr/lib
cd ..
rm -rf expect5.45.4
DejaGNU-1.6.3
tar xvfz dejagnu-1.6.3.tar.gz
cd dejagnu-1.6.3
mkdir -v build
cd build
../configure --prefix=/usr
makeinfo --html --no-split -o doc/dejagnu.html ../doc/dejagnu.texi
makeinfo --plaintext -o doc/dejagnu.txt ../doc/dejagnu.texi
make install
install -v -dm755 /usr/share/doc/dejagnu-1.6.3
install -v -m644 doc/dejagnu.{html,txt} /usr/share/doc/dejagnu-1.6.3
make check
cd ..
rm -rf dejagnu-1.6.3
Binutils-2.40
tar xvf binutils-2.40.tar.xz
cd binutils-2.40
expect -c "spawn ls"
#OK:
# spawn ls
#
#Broken:
# The system has no more ptys.
# Ask your system administrator to create more.
mkdir -v build
cd build
../configure --prefix=/usr \
--sysconfdir=/etc \
--enable-gold \
--enable-ld=default \
--enable-plugins \
--enable-shared \
--disable-werror \
--enable-64-bit-bfd \
--with-system-zlib
make tooldir=/usr
make -k check
grep '^FAIL:' $(find -name '*.log')
make tooldir=/usr install
rm -fv /usr/lib/lib{bfd,ctf,ctf-nobfd,sframe,opcodes}.a
rm -fv /usr/share/man/man1/{gprofng,gp-*}.1
cd ../..
rm -rf binutils-2.40
### GMP-6.2.1
tar xvf gmp-6.2.1.tar.xz
cd gmp-6.2.1
# if building for 32-bit on 64-bit:
# ABI=32 ./configure ...
# use generic libs for lesser CPUs ( don't optimize for this CPU ): !!!!!!!!!!!!!!
cp -v configfsf.guess config.guess
cp -v configfsf.sub config.sub
./configure --prefix=/usr \
--enable-cxx \
--disable-static \
--docdir=/usr/share/doc/gmp-6.2.1
make
make html
make check 2>&1 | tee gmp-check-log
#
# "The code in gmp is highly optimized for the processor where it is built. Occasionally, the code that detects the processor misidentifies the system capabilities and there will be errors in the tests or other applications using the gmp libraries with the message "Illegal instruction". In this case, gmp should be reconfigured with the option --build=x86_64-pc-linux-gnu and rebuilt."
#
#fix this: "Illegal instruction"
# with this:
#
# option --build=x86_64-pc-linux-gnu
# check results ( everything must pass, should see 197 ):
awk '/# PASS:/{total+=$3} ; END{print total}' gmp-check-log
make install
make install-html
cd ..
rm -rf gmp-6.2.1
MPFR-4.2.0
tar xvf mpfr-4.2.0.tar.xz
cd mpfr-4.2.0
sed -e 's/+01,234,567/+1,234,567 /' \
-e 's/13.10Pd/13Pd/' \
-i tests/tsprintf.c
./configure --prefix=/usr \
--disable-static \
--enable-thread-safe \
--docdir=/usr/share/doc/mpfr-4.2.0
make
make html
make check
make install
make install-html
cd ..
rm -rf mpfr-4.2.0
MPC-1.3.1
tar xvfz mpc-1.3.1.tar.gz
cd mpc-1.3.1
./configure --prefix=/usr \
--disable-static \
--docdir=/usr/share/doc/mpc-1.3.1
make
make html
make check
make install
make install-html
cd ..
rm -rf mpc-1.3.1
Attr-2.5.1
tar xvfz attr-2.5.1.tar.gz
cd attr-2.5.1
./configure --prefix=/usr \
--disable-static \
--sysconfdir=/etc \
--docdir=/usr/share/doc/attr-2.5.1
make
make check
make install
cd ..
rm -rf attr-2.5.1
Acl-2.3.1
tar xvf acl-2.3.1.tar.xz
cd acl-2.3.1
./configure --prefix=/usr \
--disable-static \
--docdir=/usr/share/doc/acl-2.3.1
make
make install
##make check # run this after Coreutils is built
cd ..
##rm -rf acl-2.3.1 # wait until after make check .....
Libcap-2.67
tar xvf libcap-2.67.tar.xz
cd libcap-2.67
sed -i '/install -m.*STA/d' libcap/Makefile
make prefix=/usr lib=lib
make test
make prefix=/usr lib=lib install
cd ..
rm -rf libcap-2.67
Shadow-4.13
Could include this but I didn’t. Will rebuild later:
- https://www.linuxfromscratch.org/blfs/view/11.3/postlfs/cracklib.html
tar xvf shadow-4.13.tar.xz
cd shadow-4.13
sed -i 's/groups$(EXEEXT) //' src/Makefile.in
find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \;
find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;
sed -e 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD SHA512:' \
-e 's@#\(SHA_CRYPT_..._ROUNDS 5000\)@\100@' \
-e 's:/var/spool/mail:/var/mail:' \
-e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \
-i etc/login.defs
# build with cracklib support
sed -i 's:DICTPATH.*:DICTPATH\t/lib/cracklib/pw_dict:' etc/login.defs
touch /usr/bin/passwd
./configure --sysconfdir=/etc \
--disable-static \
--with-group-name-max-length=32
make
make exec_prefix=/usr install
make -C man install-man
pwconv
grpconv
# can set this but don't:
# /etc/login.defs
# USERGROUPS_ENAB
mkdir -p /etc/default
useradd -D --gid 999 # generates /etc/default/useradd
#disable creating mail boxes ( optional, I didn't do this ):
#sed -i '/MAIL/s/yes/no/' /etc/default/useradd
passwd root
cd ..
rm -rf shadow-4.13
GCC-12.2.0
tar xvf gcc-12.2.0.tar.xz
cd gcc-12.2.0
case $(uname -m) in
x86_64)
sed -e '/m64=/s/lib64/lib/' \
-i.orig gcc/config/i386/t-linux64
;;
esac
mkdir -v build
cd build
../configure --prefix=/usr \
LD=ld \
--enable-languages=c,c++ \
--enable-default-pie \
--enable-default-ssp \
--disable-multilib \
--disable-bootstrap \
--with-system-zlib
make
ulimit -s 32768
chown -Rv tester .
su tester -c "export MAKEFLAGS='-j8';PATH=$PATH make -k check" ### add -jx ( cores ) !!!!!!!!!
../contrib/test_summary | grep -A7 Summ
Compare results to:
- https://www.linuxfromscratch.org/lfs/build-logs/11.3/
- https://gcc.gnu.org/ml/gcc-testresults/
Expect these:
- “Eleven tests in the i386 test suite for the gcc compiler are known to FAIL. It’s because the test files do not account for the –enable-default-pie option.”
- “Four tests related to PR100400 may be reported as both XPASS and FAIL when testing the g++ compiler; the test file is not well written.”
- also compare to URLs above ( see separate notes from my results )
make install
chown -v -R root:root \
/usr/lib/gcc/$(gcc -dumpmachine)/12.2.0/include{,-fixed}
ln -svr /usr/bin/cpp /usr/lib
ln -sfv ../../libexec/gcc/$(gcc -dumpmachine)/12.2.0/liblto_plugin.so \
/usr/lib/bfd-plugins/
echo 'int main(){}' > dummy.c
cc dummy.c -v -Wl,--verbose &> dummy.log
readelf -l a.out | grep ': /lib'
# expected output:
# [Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
grep -E -o '/usr/lib.*/S?crt[1in].*succeeded' dummy.log
# expected output:
# /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.0/../../../../lib/Scrt1.o succeeded
# /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.0/../../../../lib/crti.o succeeded
# /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.0/../../../../lib/crtn.o succeeded
grep -B4 '^ /usr/include' dummy.log
# expected output:
# #include <...> search starts here:
# /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.0/include
# /usr/local/include
# /usr/lib/gcc/x86_64-pc-linux-gnu/12.2.0/include-fixed
# /usr/include
grep 'SEARCH.*/usr/lib' dummy.log |sed 's|; |\n|g'
# expected output for 64 bit:
# SEARCH_DIR("/usr/x86_64-pc-linux-gnu/lib64")
# SEARCH_DIR("/usr/local/lib64")
# SEARCH_DIR("/lib64")
# SEARCH_DIR("/usr/lib64")
# SEARCH_DIR("/usr/x86_64-pc-linux-gnu/lib")
# SEARCH_DIR("/usr/local/lib")
# SEARCH_DIR("/lib")
# SEARCH_DIR("/usr/lib");
grep "/lib.*/libc.so.6 " dummy.log
# expected output:
attempt to open /usr/lib/libc.so.6 succeeded
grep found dummy.log
# expected output:
found ld-linux-x86-64.so.2 at /usr/lib/ld-linux-x86-64.so.2
rm -v dummy.c a.out dummy.log
mkdir -pv /usr/share/gdb/auto-load/usr/lib
mv -v /usr/lib/*gdb.py /usr/share/gdb/auto-load/usr/lib
cd ../..
rm -rf gcc-12.2.0
Pkg-config-0.29.2
tar xvfz pkg-config-0.29.2.tar.gz
cd pkg-config-0.29.2
./configure --prefix=/usr \
--with-internal-glib \
--disable-host-tool \
--docdir=/usr/share/doc/pkg-config-0.29.2
make
make check
make install
cd ..
rm -rf pkg-config-0.29.2
Ncurses-6.4
tar xvfz ncurses-6.4.tar.gz
cd ncurses-6.4
./configure --prefix=/usr \
--mandir=/usr/share/man \
--with-shared \
--without-debug \
--without-normal \
--with-cxx-shared \
--enable-pc-files \
--enable-widec \
--with-pkg-config-libdir=/usr/lib/pkgconfig
make
make DESTDIR=$PWD/dest install
install -vm755 dest/usr/lib/libncursesw.so.6.4 /usr/lib
rm -v dest/usr/lib/libncursesw.so.6.4
cp -av dest/* /
for lib in ncurses form panel menu ; do
rm -vf /usr/lib/lib${lib}.so
echo "INPUT(-l${lib}w)" > /usr/lib/lib${lib}.so
ln -sfv ${lib}w.pc /usr/lib/pkgconfig/${lib}.pc
done
rm -vf /usr/lib/libcursesw.so
echo "INPUT(-lncursesw)" > /usr/lib/libcursesw.so
ln -sfv libncurses.so /usr/lib/libcurses.so
mkdir -pv /usr/share/doc/ncurses-6.4
cp -v -R doc/* /usr/share/doc/ncurses-6.4
make distclean
./configure --prefix=/usr \
--with-shared \
--without-normal \
--without-debug \
--without-cxx-binding \
--with-abi-version=5
make sources libs
cp -av lib/lib*.so.5* /usr/lib
cd ..
rm -rf ncurses-6.4
Sed-4.9
tar xvf sed-4.9.tar.xz
cd sed-4.9
./configure --prefix=/usr
make
make html
chown -Rv tester .
su tester -c "PATH=$PATH make check"
make install
install -d -m755 /usr/share/doc/sed-4.9
install -m644 doc/sed.html /usr/share/doc/sed-4.9
cd ..
rm -rf sed-4.9
Psmisc-23.6
tar xvf psmisc-23.6.tar.xz
cd psmisc-23.6
./configure --prefix=/usr
make
make install
cd ..
rm -rf psmisc-23.6
Gettext-0.21.1
tar xvf gettext-0.21.1.tar.xz
cd gettext-0.21.1
./configure --prefix=/usr \
--disable-static \
--docdir=/usr/share/doc/gettext-0.21.1
make
make check
make install
chmod -v 0755 /usr/lib/preloadable_libintl.so
cd ..
rm -rf gettext-0.21.1
Bison-3.8.2
tar xvf bison-3.8.2.tar.xz
cd bison-3.8.2
./configure --prefix=/usr --docdir=/usr/share/doc/bison-3.8.2
make
make check
make install
cd ..
rm -rf bison-3.8.2
Grep-3.8
tar xvf grep-3.8.tar.xz
cd grep-3.8
sed -i "s/echo/#echo/" src/egrep.sh
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf grep-3.8
Bash-5.2.15
tar xvfz bash-5.2.15.tar.gz
cd bash-5.2.15
./configure --prefix=/usr \
--without-bash-malloc \
--with-installed-readline \
--docdir=/usr/share/doc/bash-5.2.15
make
chown -Rv tester .
su -s /usr/bin/expect tester << EOF
set timeout -1
spawn make tests
expect eof
lassign [wait] _ _ _ value
exit $value
EOF
### Any output from diff (prefixed with < and >) indicates a test failure, unless there is a message saying the difference can be ignored. One test named run-builtins is known to fail on some host distros with a difference on the first line of the output.
make install
exec /usr/bin/bash --login
cd ..
rm -rf bash-5.2.15
Libtool-2.4.7
tar xvf libtool-2.4.7.tar.xz
cd libtool-2.4.7
./configure --prefix=/usr
make
make -k check TESTSUITEFLAGS=-j8 # for 8 cores
### Five tests are known to fail in the LFS build environment due to a circular dependency, but these tests pass if rechecked after automake has been installed. Additionally, with grep-3.8, two tests will trigger a warning for non-POSIX regular expressions and fail
make install
rm -fv /usr/lib/libltdl.a
# wait to remove, rerun test after automake
cd ..
# rm -rf libtool-2.4.7
GDBM-1.23
tar xvfz gdbm-1.23.tar.gz
cd gdbm-1.23
./configure --prefix=/usr \
--disable-static \
--enable-libgdbm-compat
make
make check
make install
cd ..
rm -rf gdbm-1.23
Gperf-3.1
tar xvfz gperf-3.1.tar.gz
cd gperf-3.1
./configure --prefix=/usr --docdir=/usr/share/doc/gperf-3.1
make
make -j1 check
make install
cd ..
rm -rf gperf-3.1
Expat-2.5.0
tar xvf expat-2.5.0.tar.xz
cd expat-2.5.0
./configure --prefix=/usr \
--disable-static \
--docdir=/usr/share/doc/expat-2.5.0
make
make check
make install
install -v -m644 doc/*.{html,css} /usr/share/doc/expat-2.5.0
cd ..
rm -rf expat-2.5.0
Inetutils-2.4
tar xvf inetutils-2.4.tar.xz
cd inetutils-2.4
./configure --prefix=/usr \
--bindir=/usr/bin \
--localstatedir=/var \
--disable-logger \
--disable-whois \
--disable-rcp \
--disable-rexec \
--disable-rlogin \
--disable-rsh \
--disable-servers
make
make check
make install
mv -v /usr/{,s}bin/ifconfig
- disables rsh, rcp, etc. also disables some servers !!!!!!!
Summary of build decisions:
Clients:
dnsdomainname yes
ftp yes /usr/lib/libreadline.so
hostname yes
ifconfig yes
logger no
ping yes
ping6 yes
rcp no
rexec no
rlogin no
rsh no
talk yes -lcurses
telnet yes -lcurses
tftp yes
traceroute yes
whois no
Servers:
ftpd no
inetd no
rexecd no
rlogind no
rshd no
syslogd no
talkd no
telnetd no
tftpd no
uucpd no
Support:
libls yes
cd ..
rm -rf inetutils-2.4
Less-608
tar xvfz less-608.tar.gz
cd less-608
./configure --prefix=/usr --sysconfdir=/etc
make
make install
cd ..
rm -rf less-608
Perl-5.36.0
tar xvf perl-5.36.0.tar.xz
cd perl-5.36.0
export BUILD_ZLIB=False
export BUILD_BZIP2=0
sh Configure -des \
-Dprefix=/usr \
-Dvendorprefix=/usr \
-Dprivlib=/usr/lib/perl5/5.36/core_perl \
-Darchlib=/usr/lib/perl5/5.36/core_perl \
-Dsitelib=/usr/lib/perl5/5.36/site_perl \
-Dsitearch=/usr/lib/perl5/5.36/site_perl \
-Dvendorlib=/usr/lib/perl5/5.36/vendor_perl \
-Dvendorarch=/usr/lib/perl5/5.36/vendor_perl \
-Dman1dir=/usr/share/man/man1 \
-Dman3dir=/usr/share/man/man3 \
-Dpager="/usr/bin/less -isR" \
-Duseshrplib \
-Dusethreads
make
make test
make install
unset BUILD_ZLIB BUILD_BZIP2
cd ..
rm -rf perl-5.36.0
XML::Parser-2.46
tar xvfz XML-Parser-2.46.tar.gz
cd XML-Parser-2.46
perl Makefile.PL
make
make test
make install
cd ..
rm -rf XML-Parser-2.46
Intltool-0.51.0
tar xvfz intltool-0.51.0.tar.gz
cd intltool-0.51.0
sed -i 's:\\\${:\\\$\\{:' intltool-update.in
./configure --prefix=/usr
make
make check
make install
install -v -Dm644 doc/I18N-HOWTO /usr/share/doc/intltool-0.51.0/I18N-HOWTO
cd ..
rm -rf intltool-0.51.0
Autoconf-2.71
tar xvf autoconf-2.71.tar.xz
cd autoconf-2.71
sed -e 's/SECONDS|/&SHLVL|/' \
-e '/BASH_ARGV=/a\ /^SHLVL=/ d' \
-i.orig tests/local.at
./configure --prefix=/usr
make
make check TESTSUITEFLAGS=-j8 # 8 cores
make install
cd ..
rm -rf autoconf-2.71
Automake-1.16.5
tar xvf automake-1.16.5.tar.xz
cd automake-1.16.5
./configure --prefix=/usr --docdir=/usr/share/doc/automake-1.16.5
make
make -j4 check
## The test t/subobj.sh is known to fail.
make install
cd ..
rm -rf automake-1.16.5
re-run tests for libtool:
cd libtool-2.4.7
make -k check TESTSUITEFLAGS=-j8 # for 8 cores
cd ..
rm -rf libtool-2.4.7
OpenSSL-3.0.8
tar xvfz openssl-3.0.8.tar.gz
cd openssl-3.0.8
./config --prefix=/usr \
--openssldir=/etc/ssl \
--libdir=lib \
shared \
zlib-dynamic
make
make test
## 30-test_afalg.t may fail
sed -i '/INSTALL_LIBS/s/libcrypto.a libssl.a//' Makefile
make MANSUFFIX=ssl install
mv -v /usr/share/doc/openssl /usr/share/doc/openssl-3.0.8
cp -vfr doc/* /usr/share/doc/openssl-3.0.8
cd ..
rm -rf openssl-3.0.8
Kmod-30
- Replaces Module-Init-Tools
tar xvf kmod-30.tar.xz
cd kmod-30
./configure --prefix=/usr \
--sysconfdir=/etc \
--with-openssl \
--with-xz \
--with-zstd \
--with-zlib
make
make install
for target in depmod insmod modinfo modprobe rmmod; do
ln -sfv ../bin/kmod /usr/sbin/$target
done
ln -sfv kmod /usr/bin/lsmod
cd ..
rm -rf kmod-30
Libelf from Elfutils-0.188
bunzip2 elfutils-0.188.tar.bz2
tar xvf elfutils-0.188.tar
cd elfutils-0.188
./configure --prefix=/usr \
--disable-debuginfod \
--enable-libdebuginfod=dummy
make
make check
# run-native-test.sh may fail
make -C libelf install
install -vm644 config/libelf.pc /usr/lib/pkgconfig
rm /usr/lib/libelf.a
cd ..
rm -rf elfutils-0.188
Libffi-3.4.4
Builds for this specific CPU !!!!!! to be more generic, see here: https://gcc.gnu.org/onlinedocs/gcc-12.2.0/gcc/x86-Options.html
tar xvfz libffi-3.4.4.tar.gz
cd libffi-3.4.4
./configure --prefix=/usr \
--disable-static \
--with-gcc-arch=native
make
make check
make install
cd ..
rm -rf libffi-3.4.4
Python-3.11.2
tar xvf Python-3.11.2.tar.xz
cd Python-3.11.2
./configure --prefix=/usr \
--enable-shared \
--with-system-expat \
--with-system-ffi \
--enable-optimizations
make
make install
!!!! run tests after re-installing BLFS version of Python 3
cat > /etc/pip.conf << EOF
[global]
root-user-action = ignore
disable-pip-version-check = true
EOF
install -v -dm755 /usr/share/doc/python-3.11.2/html
tar --strip-components=1 \
--no-same-owner \
--no-same-permissions \
-C /usr/share/doc/python-3.11.2/html \
-xvf ../python-3.11.2-docs-html.tar.bz2
cd ..
rm -rf Python-3.11.2
Wheel-0.38.4
tar xvfz wheel-0.38.4.tar.gz
cd wheel-0.38.4
PYTHONPATH=src pip3 wheel -w dist --no-build-isolation --no-deps $PWD
pip3 install --no-index --find-links=dist wheel
cd ..
rm -rf wheel-0.38.4
Ninja-1.11.1
tar xvfz ninja-1.11.1.tar.gz
cd ninja-1.11.1
export NINJAJOBS=8 # number of CPU cores
sed -i '/int Guess/a \
int j = 0;\
char* jobs = getenv( "NINJAJOBS" );\
if ( jobs != NULL ) j = atoi( jobs );\
if ( j > 0 ) return j;\
' src/ninja.cc
python3 configure.py --bootstrap
./ninja ninja_test
./ninja_test --gtest_filter=-SubprocessTest.SetWithLots
install -vm755 ninja /usr/bin/
install -vDm644 misc/bash-completion /usr/share/bash-completion/completions/ninja
install -vDm644 misc/zsh-completion /usr/share/zsh/site-functions/_ninja
cd ..
rm -rf ninja-1.11.1
Meson-1.0.0
tar xvfz meson-1.0.0.tar.gz
cd meson-1.0.0
pip3 wheel -w dist --no-build-isolation --no-deps $PWD
pip3 install --no-index --find-links dist meson
install -vDm644 data/shell-completions/bash/meson /usr/share/bash-completion/completions/meson
install -vDm644 data/shell-completions/zsh/_meson /usr/share/zsh/site-functions/_meson
cd ..
rm -rf meson-1.0.0
Coreutils-9.1
tar xvf coreutils-9.1.tar.xz
cd coreutils-9.1
patch -Np1 -i ../coreutils-9.1-i18n-1.patch
autoreconf -fiv
FORCE_UNSAFE_CONFIGURE=1 ./configure \
--prefix=/usr \
--enable-no-install-program=kill,uptime
make
make NON_ROOT_USERNAME=tester check-root
echo "dummy:x:102:tester" >> /etc/group
chown -Rv tester .
su tester -c "PATH=$PATH make RUN_EXPENSIVE_TESTS=yes check"
## test-getlogin may fail
sed -i '/dummy/d' /etc/group
make install
mv -v /usr/bin/chroot /usr/sbin
mv -v /usr/share/man/man1/chroot.1 /usr/share/man/man8/chroot.8
sed -i 's/"1"/"8"/' /usr/share/man/man8/chroot.8
cd ..
rm -rf coreutils-9.1
Re-do ACL Check:
cd acl-2.3.1
make check
cd ..
rm -rf acl-2.3.1
Check-0.15.2
tar xvfz check-0.15.2.tar.gz
cd check-0.15.2
./configure --prefix=/usr --disable-static
make
make check
make docdir=/usr/share/doc/check-0.15.2 install
cd ..
rm -rf check-0.15.2
Diffutils-3.9
tar xvf diffutils-3.9.tar.xz
cd diffutils-3.9
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf diffutils-3.9
Gawk-5.2.1
tar xvf gawk-5.2.1.tar.xz
cd gawk-5.2.1
sed -i 's/extras//' Makefile.in
./configure --prefix=/usr
make
make check
make LN='ln -f' install
mkdir -pv /usr/share/doc/gawk-5.2.1
cp -v doc/{awkforai.txt,*.{eps,pdf,jpg}} /usr/share/doc/gawk-5.2.1
cd ..
rm -rf gawk-5.2.1
Findutils-4.9.0
tar xvf findutils-4.9.0.tar.xz
cd findutils-4.9.0
case $(uname -m) in
i?86) TIME_T_32_BIT_OK=yes ./configure --prefix=/usr --localstatedir=/var/lib/locate ;;
x86_64) ./configure --prefix=/usr --localstatedir=/var/lib/locate ;;
esac
make
chown -Rv tester .
su tester -c "PATH=$PATH make check"
make install
cd ..
rm -rf findutils-4.9.0
Groff-1.22.4
tar xvfz groff-1.22.4.tar.gz
cd groff-1.22.4
PAGE=letter ./configure --prefix=/usr # use PAGE=A4 outside the USA
make
make install
cd ..
rm -rf groff-1.22.4
GRUB-2.06
- !!!!!! Skip this section, use next section for EFI support !!!!!!!!
Need this for UEFI:
- https://www.linuxfromscratch.org/blfs/view/11.3/postlfs/grub-efi.html
tar xvfz grub-2.06.tar.xz
cd grub-2.06
unset {C,CPP,CXX,LD}FLAGS
patch -Np1 -i ../grub-2.06-upstream_fixes-1.patch
./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-efiemu \
--disable-werror
make
make install
mv -v /etc/bash_completion.d/grub /usr/share/bash-completion/completions
cd ..
rm -rf grub-2.06
FreeType-2.13.0
- Version r11.3-596
- https://www.linuxfromscratch.org/blfs/view/svn/general/freetype2.html
- I didn’t include the extra documentation package
- I also didn’t include any of the dependencies
Outside chroot env, in the $LFS/sources dir:
cd $LFS/sources
wget https://downloads.sourceforge.net/freetype/freetype-2.13.0.tar.xz
As LFS:
tar xvf freetype-2.13.0.tar.xz
cd freetype-2.13.0
sed -ri "s:.*(AUX_MODULES.*valid):\1:" modules.cfg
sed -r "s:.*(#.*SUBPIXEL_RENDERING) .*:\1:" \
-i include/freetype/config/ftoption.h
./configure --prefix=/usr --enable-freetype-config --disable-static
make
make install
cd ..
rm -rf freetype-2.13.0
GRUB-2.06 for EFI
- https://www.linuxfromscratch.org/blfs/view/11.3/postlfs/grub-efi.html
- difference from non EFI GRUB - unifonts and configure script options
- Also needs FreeType ( above ) !!!!!
Outside chroot env, in the $LFS/sources dir:
cd $LFS/sources
wget https://unifoundry.com/pub/unifont/unifont-15.0.01/font-builds/unifont-15.0.01.pcf.gz
As root:
su -
cd /sources
mkdir -pv /usr/share/fonts/unifont
gunzip -c unifont-15.0.01.pcf.gz > /usr/share/fonts/unifont/unifont.pcf
exit
As LFS:
tar xvf grub-2.06.tar.xz
cd grub-2.06
unset {C,CPP,CXX,LD}FLAGS
patch -Np1 -i ../grub-2.06-upstream_fixes-1.patch
./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-efiemu \
--enable-grub-mkfont \
--with-platform=efi \
--target=x86_64 \
--disable-werror
make
make install
mv -v /etc/bash_completion.d/grub /usr/share/bash-completion/completions
cd ..
rm -rf grub-2.06
Gzip-1.12
tar xvf gzip-1.12.tar.xz
cd gzip-1.12
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf gzip-1.12
Berkeley DB-5.3.28
- From BLFS
- Needed for arpd in IPRoute2 package
outside chroot env, in the $LFS/sources dir:
cd $LFS/sources
wget https://anduin.linuxfromscratch.org/BLFS/bdb/db-5.3.28.tar.gz
tar xvf db-5.3.28.tar.gz
cd db-5.3.28
sed -i 's/\(__atomic_compare_exchange\)/\1_db/' src/dbinc/atomic.h
cd build_unix
../dist/configure --prefix=/usr \
--enable-compat185 \
--enable-dbm \
--disable-static \
--enable-cxx
make
make docdir=/usr/share/doc/db-5.3.28 install
chown -v -R root:root \
/usr/bin/db_* \
/usr/include/db{,_185,_cxx}.h \
/usr/lib/libdb*.{so,la} \
/usr/share/doc/db-5.3.28
cd ../..
rm -rf db-5.3.28
IPRoute2-6.1.0
tar xvf iproute2-6.1.0.tar.xz
cd iproute2-6.1.0
# disable arpd:
# sed -i /ARPD/d Makefile
# rm -fv man/man8/arpd.8
# OR install Berkeley DB first:
# https://www.linuxfromscratch.org/blfs/view/11.3/server/db.html
#
# I installed berkley DB <==== ( see above ) <====
make NETNS_RUN_DIR=/run/netns
make SBINDIR=/usr/sbin install
mkdir -pv /usr/share/doc/iproute2-6.1.0
cp -v COPYING README* /usr/share/doc/iproute2-6.1.0
cd ..
rm -rf iproute2-6.1.0
Kbd-2.5.1
tar xvf kbd-2.5.1.tar.xz
cd kbd-2.5.1
patch -Np1 -i ../kbd-2.5.1-backspace-1.patch
sed -i '/RESIZECONS_PROGS=/s/yes/no/' configure
sed -i 's/resizecons.8 //' docs/man/man8/Makefile.in
./configure --prefix=/usr --disable-vlock
make
make check
make install
mkdir -pv /usr/share/doc/kbd-2.5.1
cp -R -v docs/doc/* /usr/share/doc/kbd-2.5.1
cd ..
rm -rf kbd-2.5.1
Libpipeline-1.5.7
tar xvfz libpipeline-1.5.7.tar.gz
cd libpipeline-1.5.7
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf libpipeline-1.5.7
Make-4.4
tar xvfz make-4.4.tar.gz
cd make-4.4
sed -e '/ifdef SIGPIPE/,+2 d' \
-e '/undef FATAL_SIG/i FATAL_SIG (SIGPIPE);' \
-i src/main.c
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf make-4.4
Patch-2.7.6
tar xvf patch-2.7.6.tar.xz
cd patch-2.7.6
./configure --prefix=/usr
make
make check
make install
cd ..
rm -rf patch-2.7.6
Tar-1.34
tar xvf tar-1.34.tar.xz
cd tar-1.34
FORCE_UNSAFE_CONFIGURE=1 \
./configure --prefix=/usr
make
make check
## binary store/restore, is known to fail if you don't have selinux
make install
make -C doc install-html docdir=/usr/share/doc/tar-1.34
cd ..
rm -rf tar-1.34
Texinfo-7.0.2
tar xvf texinfo-7.0.2.tar.xz
cd texinfo-7.0.2
./configure --prefix=/usr
make
make check
make install
make TEXMF=/usr/share/texmf install-tex
#in case you ever need to rebuild a broken /usr/share/info/dir :
#
#pushd /usr/share/info
# rm -v dir
# for f in *
# do install-info $f dir 2>/dev/null
# done
#popd
cd ..
rm -rf texinfo-7.0.2
Vim-9.0.1273
tar xvf vim-9.0.1273.tar.xz
cd vim-9.0.1273
echo '#define SYS_VIMRC_FILE "/etc/vimrc"' >> src/feature.h
./configure --prefix=/usr
make
chown -Rv tester .
su tester -c "LANG=en_US.UTF-8 make -j1 test" &> vim-test.log
# expect to see: "ALL DONE" , don't need to look at the log above
make install
ln -sv vim /usr/bin/vi
for L in /usr/share/man/{,*/}man1/vim.1; do
ln -sv vim.1 $(dirname $L)/vi.1
done
ln -sv ../vim/vim90/doc /usr/share/doc/vim-9.0.1273
cat > /etc/vimrc << "EOF"
" Begin /etc/vimrc
" Ensure defaults are set before customizing settings, not after
source $VIMRUNTIME/defaults.vim
let skip_defaults_vim=1
set nocompatible
set backspace=2
set mouse=
syntax on
if (&term == "xterm") || (&term == "putty")
set background=dark
endif
" End /etc/vimrc
EOF
## just view documentation???:
##vim -c ':options'
cd ..
rm -rf vim-9.0.1273
Eudev-3.2.11
tar xvfz eudev-3.2.11.tar.gz
cd eudev-3.2.11
sed -i '/udevdir/a udev_dir=${udevdir}' src/udev/udev.pc.in
./configure --prefix=/usr \
--bindir=/usr/sbin \
--sysconfdir=/etc \
--enable-manpages \
--disable-static
make
mkdir -pv /usr/lib/udev/rules.d
mkdir -pv /etc/udev/rules.d
make check
make install
tar -xvf ../udev-lfs-20171102.tar.xz
make -f udev-lfs-20171102/Makefile.lfs install
udevadm hwdb --update # update hardware DB - run on hardware change !!!!!!!!!!!
cd ..
rm -rf eudev-3.2.11
Man-DB-2.11.2
tar xvf man-db-2.11.2.tar.xz
cd man-db-2.11.2
./configure --prefix=/usr \
--docdir=/usr/share/doc/man-db-2.11.2 \
--sysconfdir=/etc \
--disable-setuid \
--enable-cache-owner=bin \
--with-browser=/usr/bin/lynx \
--with-vgrind=/usr/bin/vgrind \
--with-grap=/usr/bin/grap \
--with-systemdtmpfilesdir= \
--with-systemdsystemunitdir=
make
make check
make install
cd ..
rm -rf man-db-2.11.2
Procps-ng-4.0.2
tar xvf procps-ng-4.0.2.tar.xz
cd procps-ng-4.0.2
./configure --prefix=/usr \
--docdir=/usr/share/doc/procps-ng-4.0.2 \
--disable-static \
--disable-kill
make
make check
# this test may fail: "free with commit" - prob if browser or java is running ( anything with custom mem allocator
make install
cd ..
rm -rf procps-ng-4.0.2
Util-linux-2.38.1
tar xvf util-linux-2.38.1.tar.xz
cd util-linux-2.38.1
./configure ADJTIME_PATH=/var/lib/hwclock/adjtime \
--bindir=/usr/bin \
--libdir=/usr/lib \
--sbindir=/usr/sbin \
--disable-chfn-chsh \
--disable-login \
--disable-nologin \
--disable-su \
--disable-setpriv \
--disable-runuser \
--disable-pylibmount \
--disable-static \
--without-python \
--without-systemd \
--without-systemdsystemunitdir \
--docdir=/usr/share/doc/util-linux-2.38.1
make
### Run after booting into complete LFS system:
###
### bash tests/run.sh --srcdir=$PWD --builddir=$PWD
### chown -Rv tester .
### su tester -c "make -k check"
make install
cd ..
##rm -rf util-linux-2.38.1 # wait, test after reboot into system
E2fsprogs-1.47.0
tar xvfz e2fsprogs-1.47.0.tar.gz
cd e2fsprogs-1.47.0
mkdir -v build
cd build
../configure --prefix=/usr \
--sysconfdir=/etc \
--enable-elf-shlibs \
--disable-libblkid \
--disable-libuuid \
--disable-uuidd \
--disable-fsck
make
make check
make install
rm -fv /usr/lib/{libcom_err,libe2p,libext2fs,libss}.a
gunzip -v /usr/share/info/libext2fs.info.gz
install-info --dir-file=/usr/share/info/dir /usr/share/info/libext2fs.info
makeinfo -o doc/com_err.info ../lib/et/com_err.texinfo
install -v -m644 doc/com_err.info /usr/share/info
install-info --dir-file=/usr/share/info/dir /usr/share/info/com_err.info
sed 's/metadata_csum_seed,//' -i /etc/mke2fs.conf # metadata_csum_seed - remove this feature because some tools can't recognize an fs with this feature
cd ../..
rm -rf e2fsprogs-1.47.0
Sysklogd-1.5.1
tar xvfz sysklogd-1.5.1.tar.gz
cd sysklogd-1.5.1
sed -i '/Error loading kernel symbols/{n;n;d}' ksym_mod.c
sed -i 's/union wait/int/' syslogd.c
make
make BINDIR=/sbin install
cat > /etc/syslog.conf << "EOF"
# Begin /etc/syslog.conf
auth,authpriv.* -/var/log/auth.log
*.*;auth,authpriv.none -/var/log/sys.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
*.emerg *
# End /etc/syslog.conf
EOF
cd ..
rm -rf sysklogd-1.5.1
Sysvinit-3.06
tar xvf sysvinit-3.06.tar.xz
cd sysvinit-3.06
patch -Np1 -i ../sysvinit-3.06-consolidated-1.patch
make
make install
cd ..
rm -rf sysvinit-3.06
Strip Debugging Symbols:
save_usrlib="$(cd /usr/lib; ls ld-linux*[^g])
libc.so.6
libthread_db.so.1
libquadmath.so.0.0.0
libstdc++.so.6.0.30
libitm.so.1.0.0
libatomic.so.1.2.0"
cd /usr/lib
for LIB in $save_usrlib; do
objcopy --only-keep-debug $LIB $LIB.dbg
cp $LIB /tmp/$LIB
strip --strip-unneeded /tmp/$LIB
objcopy --add-gnu-debuglink=$LIB.dbg /tmp/$LIB
install -vm755 /tmp/$LIB /usr/lib
rm /tmp/$LIB
done
online_usrbin="bash find strip"
online_usrlib="libbfd-2.40.so
libsframe.so.0.0.0
libhistory.so.8.2
libncursesw.so.6.4
libm.so.6
libreadline.so.8.2
libz.so.1.2.13
$(cd /usr/lib; find libnss*.so* -type f)"
for BIN in $online_usrbin; do
cp /usr/bin/$BIN /tmp/$BIN
strip --strip-unneeded /tmp/$BIN
install -vm755 /tmp/$BIN /usr/bin
rm /tmp/$BIN
done
for LIB in $online_usrlib; do
cp /usr/lib/$LIB /tmp/$LIB
strip --strip-unneeded /tmp/$LIB
install -vm755 /tmp/$LIB /usr/lib
rm /tmp/$LIB
done
for i in $(find /usr/lib -type f -name \*.so* ! -name \*dbg) \
$(find /usr/lib -type f -name \*.a) \
$(find /usr/{bin,sbin,libexec} -type f); do
case "$online_usrbin $online_usrlib $save_usrlib" in
*$(basename $i)* )
;;
* ) strip --strip-unneeded $i
;;
esac
done
unset BIN LIB save_usrlib online_usrbin online_usrlib
- A large number of files will be flagged as errors because their file format is not recognized. These warnings can be safely ignored. They indicate that those files are scripts, not binaries.
Cleanup
rm -rf /tmp/*
find /usr/lib /usr/libexec -name \*.la -delete
find /usr -depth -name $(uname -m)-lfs-linux-gnu\* | xargs rm -rf
userdel -r tester ##?????? didn't exist????
System V and Boot Scripts
- /etc/inittab
Problems with SysV
- control groups (cgroups)
- per-user fair share scheduling
cd /sources
tar xvf lfs-bootscripts-20230101.tar.xz
cd lfs-bootscripts-20230101
make install
cd ..
rm -rf lfs-bootscripts-20230101
Scripts:
checkfs, cleanfs, console, functions, halt, ifdown, ifup, localnet, modules, mountfs, mountvirtfs, network, rc, reboot, sendsignals, setclock, ipv4-static, swap, sysctl, sysklogd, template, udev, and udev_retry
Dirs:
/etc/rc.d, /etc/init.d (symbolic link), /etc/sysconfig, /lib/services, /lib/lsb (symbolic link)
Udev, Devices, Modules
| devfs | - deprecated, removed from kernel |
| sysfs | - devtmpfs, /sys |
| udevd |
- /etc/udev/rules.d
- /usr/lib/udev/rules.d
- /run/udev/rules.d
Check driver for udev support:
modinfo # run on a module
ls -l /sys/bus # check for modalias files
- driver might have a bug
-
bus type might not have mod alias support
- udev can’t/shouldn’t load wrapper drivers or non hardware drivers
For modules not loaded automatically:
Option 1 - wrapped and enhances functionality, add softdep to load after udev loads the wrapped module:
/etc/modprobe.d/<filename>.confsoftdep snd-pcm post: snd-pcm-oss
Option 2 - not a wrapper and is useful by itself - load with modules bood script:
/etc/sysconfig/modules
Black list modules that you don’t want:
/etc/modprobe.d/blacklist.confblacklist forte
More
udevadm info # can be used for fixing rules
Udev Rule Works Unreliably:
Could be a kernel timing issue, add rule here:
/etc/udev/rules.d/10-wait_for_sysfs.rules
Udev Does Not Create a Device
- driver is built into the kernel or already loaded as a module
- that udev isn’t creating a misnamed device
- If a kernel driver does not export its data to sysfs, udev lacks the information needed to create a device node
Create static node here, udev will create /dev file: /usr/lib/udev/devices
Read these:
- http://www.kroah.com/linux/talks/ols_2003_udev_paper/Reprint-Kroah-Hartman-OLS2003.pdf
- https://www.kernel.org/pub/linux/kernel/people/mochel/doc/papers/ols-2005/mochel.pdf
Go back to eth0, eth1, etc ( optional, I didn’t do this ):
net.ifnames=0
Ran this:
bash /usr/lib/udev/init-net-rules.sh # generate network udev rules
cat /etc/udev/rules.d/70-persistent-net.rules # view generated network udev rules
mode - “by-id” or “by-path”
udevadm test /sys/block/hdd
ran this:
sed -e 's/"write_cd_rules"/"write_cd_rules mode"/' \
-i /etc/udev/rules.d/83-cdrom-symlinks.rules
can also look at this:
vi /etc/udev/rules.d/70-persistent-cd.rules
Duplicate / Inconsistent names:
Check info:
udevadm info -a -p /sys/class/video4linux/video0
Create rules:
cat > /etc/udev/rules.d/83-duplicate_devs.rules << "EOF"
# Persistent symlinks for webcam and tuner
KERNEL=="video*", ATTRS{idProduct}=="1910", ATTRS{idVendor}=="0d81", SYMLINK+="webcam"
KERNEL=="video*", ATTRS{device}=="0x036f", ATTRS{vendor}=="0x109e", SYMLINK+="tvtuner"
EOF
Result:
/dev/tvtuner => /dev/video0
/dev/webcam => /dev/video1
Network Configuration
Example network config files:
- /etc/sysconfig/ifconfig.xyz
- /etc/sysconfig/ifconfig.eth0
- /etc/sysconfig/ifconfig.eno2
ip link
ls /sys/class/net
cd /etc/sysconfig/
cat > ifconfig.eno2 << "EOF"
ONBOOT=yes
IFACE=eno2
SERVICE=ipv4-static
IP=192.168.3.238
GATEWAY=192.168.3.1
PREFIX=24
BROADCAST=192.168.1.255
EOF
- /lib/services/ # services can be defined here ( ex: dhcp from blfs )
- ifup and ifdown exist
cat > /etc/resolv.conf << "EOF"
# Begin /etc/resolv.conf
domain example.org # replace
nameserver 8.8.8.8
nameserver 8.8.4.4
# End /etc/resolv.conf
EOF
echo "host1" > /etc/hostname
cat > /etc/hosts << "EOF"
127.0.0.1 localhost.localdomain localhost
127.0.1.1 host1.example.org host1
192.168.3.238 host1.example.org host1
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOF
sysv init
| 0 | halt the computer |
| 1 | single-user mode |
| 2 | reserved for customization, otherwise the same as 3 |
| 3 | multi-user mode with networking |
| 4 | reserved for customization, otherwise the same as 3 |
| 5 | same as 4, it is usually used for GUI login (like GNOME’s gdm or LXDE’s lxdm) |
| 6 | reboot the computer |
cat > /etc/inittab << "EOF"
id:3:initdefault:
si::sysinit:/etc/rc.d/init.d/rc S
l0:0:wait:/etc/rc.d/init.d/rc 0
l1:S1:wait:/etc/rc.d/init.d/rc 1
l2:2:wait:/etc/rc.d/init.d/rc 2
l3:3:wait:/etc/rc.d/init.d/rc 3
l4:4:wait:/etc/rc.d/init.d/rc 4
l5:5:wait:/etc/rc.d/init.d/rc 5
l6:6:wait:/etc/rc.d/init.d/rc 6
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
su:S06:once:/sbin/sulogin
s1:1:respawn:/sbin/sulogin
1:2345:respawn:/sbin/agetty --noclear tty1 9600
2:2345:respawn:/sbin/agetty tty2 9600
3:2345:respawn:/sbin/agetty tty3 9600
4:2345:respawn:/sbin/agetty tty4 9600
5:2345:respawn:/sbin/agetty tty5 9600
6:2345:respawn:/sbin/agetty tty6 9600
EOF
Used by rc script:
| /lib/lsb/init-functions | functions |
| /etc/sysconfig/rc.site | config file |
| /run/var/bootlog | functions script logs everything here |
| /var/log/boot.log | /run/var/bootlog is appended here at end of boot |
Change runlevel:
init <runlevel>
- /etc/rc.d/init.d # real scripts go here, K/S scripts point to them
Scripts can do these actions:
- start
- stop
- restart
- reload
- status
/etc/rc.d/init.d/udev # starts udevd
/etc/rc.d/init.d/udev_retry # re-trigger udev events
/etc/sysconfig/udev_retry # based on subsystems here
udevadm info --attribute-walk <device> # find subsystem of a device ( ex: /dev/sr0 )
setclock script # sets time based on hardware clock in CMOS
/etc/localtime # shows timezone
hwclock --localtime --show # show current time that hardware clock has
Change for other locales - needs to be configurable:
# UTC=1 if UTC, UTC=0 if local
cat > /etc/sysconfig/clock << "EOF"
UTC=1
CLOCKPARAMS=
EOF
- /etc/sysconfig/rc.site # could also set the above stuff in this file
Valid keymaks and fonts: /usr/share/keymaps and /usr/share/consolefonts
Configure for your locale:
cat > /etc/sysconfig/console << "EOF"
KEYMAP="us"
FONT="lat1-16 -m 8859-1"
UNICODE="1"
EOF
| /etc/sysconfig/createfiles | might need /tmp/.ICE-unix |
| /etc/sysconfig/rc.site | settings used by all boot scripts |
Optional things to potentially add: ( I skipped these )
OMIT_UDEV_SETTLE=y
OMIT_UDEV_RETRY_SETTLE=y
VERBOSE_FSCK=y
FASTBOOT=y
SKIPTMPCLEAN=y
Bash Shell
| /etc | global settings |
| ~ | equivalent files may override |
| interactive login shell | when started after using /bin/login and /etc/passwd |
| interactive non-login shell | when launched, ex: $/bin/bash |
| non-interactive shell | when running a script |
| /etc/profile and ~/.bash_profile | interactive shell |
locale -a # list all locales
Lookup info about your locale. All should suceed to validate your locale is installed correctly:
( these are commands )
LC_ALL=en_US.utf8 locale language
LC_ALL=en_US.utf8 locale charmap
LC_ALL=en_US.utf8 locale int_curr_symbol
LC_ALL=en_US.utf8 locale int_prefix
localedef # can be used to install locales
en_US.utf8 # from "locale -a" on Ubuntu - also mentioned in book
#OR
en_us.UTF-8 # in my environment on Ubuntu
cat > /etc/profile << "EOF"
## export LANG=<ll>_<CC>.<charmap><@modifiers>
export LANG=en_US.utf8
EOF
Inputrc and Shells
cat > /etc/inputrc << "EOF"
# Begin /etc/inputrc
# Modified by Chris Lynn <roryo@roryo.dynup.net>
# Allow the command prompt to wrap to the next line
set horizontal-scroll-mode Off
# Enable 8-bit input
set meta-flag On
set input-meta On
# Turns off 8th bit stripping
set convert-meta Off
# Keep the 8th bit for display
set output-meta On
# none, visible or audible
set bell-style none
# All of the following map the escape sequence of the value
# contained in the 1st argument to the readline specific functions
"\eOd": backward-word
"\eOc": forward-word
# for linux console
"\e[1~": beginning-of-line
"\e[4~": end-of-line
"\e[5~": beginning-of-history
"\e[6~": end-of-history
"\e[3~": delete-char
"\e[2~": quoted-insert
# for xterm
"\eOH": beginning-of-line
"\eOF": end-of-line
# for Konsole
"\e[H": beginning-of-line
"\e[F": end-of-line
# End /etc/inputrc
EOF
cat > /etc/shells << "EOF"
# Begin /etc/shells
/bin/sh
/bin/bash
# End /etc/shells
EOF
- Replace devices / uuids as needed
- ext4 for fs type
/boot/efi isn’t required in the fstab, I also don’t know how to set the mount order to after /boot. I’m going to change this for my next build. I will be removing /boot and mounting /boot/efi.
cat > /etc/fstab << "EOF"
# file system mount-point type options dump fsck
# order
#/dev/sde5 / ext4 defaults 1 1
#/dev/sde2 /boot/efi vfat defaults 1 2
#/dev/sde3 /boot ext4 defaults 1 2
#/dev/sde4 swap swap pri=1 0 0
UUID=c446c87a-1259-4e27-a056-2ab3cbc186bc / ext4 defaults 1 1
#UUID=2274-AD69 /boot/efi vfat defaults 1 2
UUID=1a900e89-0aba-40f3-b07b-abe8cc248be9 /boot ext4 defaults 1 2
UUID=f18c8950-54e5-4572-b387-a6e2ebca27a2 swap swap pri=1 0 0
proc /proc proc nosuid,noexec,nodev 0 0
sysfs /sys sysfs nosuid,noexec,nodev 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
tmpfs /run tmpfs defaults 0 0
devtmpfs /dev devtmpfs mode=0755,nosuid 0 0
tmpfs /dev/shm tmpfs nosuid,nodev 0 0
EOF
Revisit for notes about DOS/Windows FS and non-ASCII chars:
- https://www.linuxfromscratch.org/lfs/view/stable/chapter10/fstab.html
hdparm -I /dev/sda | grep NCQ # does this matter for ext4 or just ext3????
Kernel:
More info here:
https://www.linuxfromscratch.org/hints/downloads/files/kernel-configuration.txt https://www.linuxfromscratch.org/blfs/view/11.3/longindex.html#kernel-config-index http://www.kroah.com/lkn/
cd /sources
tar xvf linux-6.1.11.tar.xz
cd linux-6.1.11
make mrproper
LANG=en_US.UTF-8 # match $LANG from host
Two alternatives to menuconfig, I didn’t use these:
make defconfig # good state for base config for current system architecture
make oldconfig
You could also just copy the kernel config from another host. It is kept in this file: .config
Use this to generate a config using a menu based system:
make menuconfig
Processor type and features --->
[*] Build a relocatable kernel [CONFIG_RELOCATABLE]
[*] Randomize the address of the kernel image (KASLR) [CONFIG_RANDOMIZE_BASE]
General setup --->
[ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
< > Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
General architecture-dependent options --->
[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
[*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
Device Drivers --->
Graphics support --->
Frame buffer Devices --->
<*> Support for frame buffer devices --->
Console display driver support --->
[*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
Generic Driver Options --->
[ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
[*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
[*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [CONFIG_DEVTMPFS_MOUNT]
NOT incluced for now, will add proprietary drivers later anyway:
[]Nouveau (NVIDIA) cards
For 64 bit:
Select in this order: CONFIG_PCI_MSI first, then CONFIG_IRQ_REMAP, at last CONFIG_X86_X2APIC
Processor type and features --->
[*] Support x2apic [CONFIG_X86_X2APIC]
Device Drivers --->
[*] PCI Support ---> [CONFIG_PCI]
[*] Message Signaled Interrupts (MSI and MSI-X) [CONFIG_PCI_MSI]
[*] IOMMU Hardware Support ---> [CONFIG_IOMMU_SUPPORT]
[*] Support for Interrupt Remapping [CONFIG_IRQ_REMAP]
https://www.linuxfromscratch.org/blfs/view/11.3/postlfs/grub-setup.html#uefi-kernel
Kernel Configuration for UEFI support:
Processor type and features --->
[*] EFI runtime service support [CONFIG_EFI]
[*] EFI stub support [CONFIG_EFI_STUB]
Enable the block layer --->
Partition Types --->
[*] Advanced partition selection [CONFIG_PARTITION_ADVANCED]
[*] EFI GUID Partition support [CONFIG_EFI_PARTITION]
Device Drivers --->
Firmware Drivers --->
[*] Mark VGA/VBE/EFI FB as generic system framebuffer [CONFIG_SYSFB_SIMPLEFB]
Graphics support --->
<*> Direct Rendering Manager [CONFIG_DRM]
[*] Enable legacy fbdev support for your modesetting driver [CONFIG_DRM_FBDEV_EMULATION]
<*> Simple framebuffer driver [CONFIG_DRM_SIMPLEDRM]
Frame buffer Devices --->
<*> Support for frame buffer devices ---> [CONFIG_FB]
Console display driver support --->
[*] Framebuffer Console support [CONFIG_FRAMEBUFFER_CONSOLE]
File systems --->
<DOS/FAT/EXFAT/NT Filesystems --->
<*/M> VFAT (Windows-95) fs support [CONFIG_VFAT_FS]
Pseudo filesystems --->
<*/M> EFI Variable filesystem [CONFIG_EFIVAR_FS]
make
make modules_install
- if using /boot it needs to be mounted now. Also it should be in fstab.
cp -iv arch/x86/boot/bzImage /boot/vmlinuz-6.1.11-lfs-11.3
cp -iv System.map /boot/System.map-6.1.11
cp -iv .config /boot/config-6.1.11
install -d /usr/share/doc/linux-6.1.11
cp -r Documentation/* /usr/share/doc/linux-6.1.11
chown -R 0:0 .
cd ..
## rm -rf linux-6.1.11 ## don't delete, use later for other blfs packages
- no link from /usr/src/linux to kernel source !!!!
- /usr/include # should be what glibc is compiled against
/etc/modprobe.d # potentially configure modules here
install -v -m755 -d /etc/modprobe.d
cat > /etc/modprobe.d/usb.conf << "EOF"
# Begin /etc/modprobe.d/usb.conf
install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true
# End /etc/modprobe.d/usb.conf
EOF
GRUB
- I skipped this and used the next section for EFI support
I didn’t use this since I already have boot disks and I also have 5 different SSDs on this host with an OS already installed on two of them.
Emergency boot device (optional)
https://www.linuxfromscratch.org/blfs/view/11.3/multimedia/libisoburn.html
cd /tmp
grub-mkrescue --output=grub-img.iso
xorriso -as cdrecord -v dev=/dev/cdrw blank=as_needed grub-img.iso
Writes to first track of hd, that will then access grub modules in /boot/grub/
grub-install /dev/sda ## change for the correct disk !!!!!!!!!
#--target i386-pc ## add for non efi??
cat > /boot/grub/grub.cfg << "EOF"
# Begin /boot/grub/grub.cfg
set default=0
set timeout=5
insmod ext2
set root=(hd0,2)
menuentry "GNU/Linux, Linux 6.1.11-lfs-11.3" {
linux /boot/vmlinuz-6.1.11-lfs-11.3 root=/dev/sda2 ro
}
EOF
GRUB EFI
Extra packages: popt, mandoc, efivar, efibootmgr
These were needed so that the efibootmgr command would be accessible. The instructions for these were taken from BLFS.
- efivar also needs a patch for 32 bit systems
- skipped deoxygen used by popt ( optional )
Outside chroot env, in the $LFS/sources dir:
cd $LFS/sources
wget https://github.com/rhboot/efibootmgr/archive/18/efibootmgr-18.tar.gz
wget http://ftp.rpm.org/popt/releases/popt-1.x/popt-1.19.tar.gz
wget https://github.com/rhboot/efivar/releases/download/38/efivar-38.tar.bz2
wget https://mandoc.bsd.lv/snapshots/mandoc-1.14.6.tar.gz
In chroot:
cd /sources
tar xvfz popt-1.19.tar.gz
cd popt-1.19
./configure --prefix=/usr --disable-static
make
make install
install -v -m755 -d /usr/share/doc/popt-1.19 &&
install -v -m644 doxygen/html/* /usr/share/doc/popt-1.19
cd ..
rm -rf popt-1.19
tar xvfz mandoc-1.14.6.tar.gz
cd mandoc-1.14.6
./configure
make mandoc
install -vm755 mandoc /usr/bin
install -vm644 mandoc.1 /usr/share/man/man1
cd ..
rm -rf mandoc-1.14.6
bunzip2 efivar-38.tar.bz2
tar xvf efivar-38.tar
cd efivar-38
sed '/prep :/a\\ttouch prep' -i src/Makefile
make ERRORS=
make install LIBDIR=/usr/lib
cd ..
rm -rf efivar-38
tar xvfz efibootmgr-18.tar.gz
cd efibootmgr-18
make EFIDIR=LFS EFI_LOADER=grubx64.efi
make install EFIDIR=LFS
cd ..
rm -rf efibootmgr-18
For EFI, boot loader needs to go on this partition:
- EFI System Partition (ESP)
- vfat fs
- type: “EFI system”
- needs to be first partition on some old implementations
NOTE - I partitioned both /boot and /boot/efi. I don’t know of an easy way to mount both of these using only the fstab so this is kind of a problem. The /boot partition doesn’t really need to be separate in most cases so it would probably be better to not have a separate /boot partition. It turns out that /boot/efi doesn’t need to actually be mounted and acessible to the OS after boot. The partition just needs to be reachable during boot. I opted to exclude /boot/efi from the fstab for now and this worked for me. I will probably have this mounted for my next install after removing the separate /boot partition.
I skipped this for now. This is not actually not needed after installation although it normally would be setup to be mounted from the fstab. Ubuntu does mount this.
cat >> /etc/fstab << EOF
/dev/sda1 /boot/efi vfat defaults 0 1
EOF
These should be mounted ( unless /boot wasn’t used, I did use it ):
mount /boot
mount /boot/efi
- Boot loaders are recorded here:
- EFI variables
- hardcoded path: EFI/BOOT/BOOTX64.EFI
Method 1:
- Great for Live USB ( won’t use EFI variables which are stored in NVRAM or EEPROM )
- Won’t break non UEFI boots
- Might not be visable as a boot option for BIOS/UEFI firmware
Overwrite /boot/efi/EFI/BOOT/BOOTX64.EFI ( installs GRUB EFI application ). The rest of GRUB is installed here: /boot/grub ( grub modules ).
grub-install --target=x86_64-efi --removable
Method 2:
This method uses EFI variables which firmware tends to prefer. It will supposedly be more likely to be albe to select your disk without needing to invoke a boot menu ( unconfirmed ).
Mount efivarfs file system:
mountpoint /sys/firmware/efi/efivars || mount -v -t efivarfs efivarfs /sys/firmware/efi/efivars
Add this to the fstab.
- I may skip this for future builds
- Can be a problem if booting without UEFI ( if you change it in the firmware or move the disk to another system )
- Ubuntu doesn’t have this in the fstab on an EFI system and seems to work fine ( efibootmgr command seems to work fine without it too )
cat >> /etc/fstab << EOF
efivarfs /sys/firmware/efi/efivars efivarfs defaults 0 0
EOF
Creates boot entry in efi variables and installs a grub efi application, will be listed in EFI variables: /boot/efi/EFI/[id]/grubx64.efi
grub-install --bootloader-id=LFS --recheck
Check efi variables configured in firmware:
efibootmgr
Grub drive numbering ( I just used the UUIDs instead which is better ):
- sda1 is (hd0,1) # disk starts at 0, partition starts at 1 ( used to be 0 too )
- sdb3 is (hd1,3)
- GRUB excludes cd drives
Check UUIDs
lsblk -o UUID,PARTUUID,PATH,MOUNTPOINT
- partition UUID and FS UUID are different values ( use partition UUID so you don’t need a ramdisk )
Edit config using UUIDs like this ( already done in example below ):
replace this:
<pre class="nice-pre4">set root=(hdx,y)</pre>
with this:
<pre class="nice-pre4">search --set=root --fs-uuid >UUID<</pre>
replace this:
<pre class="nice-pre4">root=/dev/sda2</pre>
with this:
<pre class="nice-pre4">root=PARTUUID=>UUID<</pre>
| 1a900e89-0aba-40f3-b07b-abe8cc248be9 | fs uuid /boot fs |
| 2017147d-221e-1245-a2dd-725696bc30d5 | part uuid /boot fs |
| 322ae130-327b-2c43-9d46-6407b1e8ef82 | part uuid / fs |
- I haven’t set any partitions as bootable ( apparently not needed with GPT vs MBR )
GRUB Configuration File
- make sure all details match what you have ( kernel, partitons, etc )
- remove ‘/boot’ if using a different partition ( I removed it in the example below )
cat > /boot/grub/grub.cfg << EOF
# Begin /boot/grub/grub.cfg
set default=0
set timeout=5
insmod part_gpt
insmod ext2
##set root=(hd0,2)
search --set=root --fs-uuid 1a900e89-0aba-40f3-b07b-abe8cc248be9
if loadfont /grub/fonts/unicode.pf2; then
set gfxmode=auto
insmod all_video
terminal_output gfxterm
fi
menuentry "GNU/Linux, Linux 6.1.11-lfs-11.3" {
#linux /vmlinuz-6.1.11-lfs-11.3 root=/dev/sda2 ro
# linux /vmlinuz-6.1.11-lfs-11.3 root=PARTUUID=2017147d-221e-1245-a2dd-725696bc30d5 ro
linux /vmlinuz-6.1.11-lfs-11.3 root=PARTUUID=322ae130-327b-2c43-9d46-6407b1e8ef82 ro
}
menuentry "Firmware Setup" {
fwsetup
}
EOF
Finish:
echo 11.3 > /etc/lfs-release
cat > /etc/lsb-release << "EOF"
DISTRIB_ID="Linux From Scratch"
DISTRIB_RELEASE="11.3"
DISTRIB_CODENAME="<your name here>"
DISTRIB_DESCRIPTION="Linux From Scratch"
EOF
cat > /etc/os-release << "EOF"
NAME="Linux From Scratch"
VERSION="11.3"
ID=lfs
PRETTY_NAME="Linux From Scratch 11.3"
VERSION_CODENAME="<your name here>"
EOF
review configs:
/etc/bashrc
/etc/dircolors
/etc/fstab
/etc/hosts
/etc/inputrc
/etc/profile
/etc/resolv.conf
/etc/vimrc
/root/.bash_profile
/root/.bashrc
/etc/sysconfig/ifconfig.eth0
logout
umount -v $LFS/dev/pts
mountpoint -q $LFS/dev/shm && umount $LFS/dev/shm
umount -v $LFS/dev
umount -v $LFS/run
umount -v $LFS/proc
umount -v $LFS/sys
Unmount all partitions:
umount -v $LFS/boot/efi
umount -v $LFS/boot
umount -v $LFS
reboot
Backed up everything ( /, /boot, /boot/efi ) all mounted:
tar -cJpf $HOME/lfs_first_backup_root_boot_efi_pre_ssh.tar.xz .
Run after booting into complete LFS system:
sources/util-linux-2.38.1
bash tests/run.sh --srcdir=$PWD --builddir=$PWD
chown -Rv tester .
su tester -c "make -k check"
cd ..
rm -rf util-linux-2.38.1
Keep track of security advisories:
https://www.linuxfromscratch.org/lfs/advisories/
SSH
- Run without pam for now, rebuild with PAM later
https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.2p1.tar.gz
tar xvfz openssh-9.2p1.tar.gz
cd openssh-9.2p1
install -v -m700 -d /var/lib/sshd &&
chown -v root:sys /var/lib/sshd &&
groupadd -g 50 sshd &&
useradd -c 'sshd PrivSep' \
-d /var/lib/sshd \
-g sshd \
-s /bin/false \
-u 50 sshd
./configure --prefix=/usr \
--sysconfdir=/etc/ssh \
--with-privsep-path=/var/lib/sshd \
--with-default-path=/usr/bin \
--with-superuser-path=/usr/sbin:/usr/bin \
--with-pid-dir=/run
make
cp ????/scp /usr/bin
make -j1 tests
make install &&
install -v -m755 contrib/ssh-copy-id /usr/bin
install -v -m644 contrib/ssh-copy-id.1 \
/usr/share/man/man1
install -v -m755 -d /usr/share/doc/openssh-9.2p1
install -v -m644 INSTALL LICENCE OVERVIEW README* \
/usr/share/doc/openssh-9.2p1
Configuration:
~/.ssh/*
/etc/ssh/ssh_config
/etc/ssh/sshd_config
ssh-keygen &&
ssh-copy-id -i ~/.ssh/id_rsa.pub REMOTE_USERNAME@REMOTE_HOSTNAME
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config &&
echo "KbdInteractiveAuthentication no" >> /etc/ssh/sshd_config
For PAM support, won’t get used anyway unless using passwords ( PAM doesn’t authenticate when using keys ):
sed 's@d/login@d/sshd@g' /etc/pam.d/login > /etc/pam.d/sshd &&
chmod 644 /etc/pam.d/sshd &&
echo "UsePAM yes" >> /etc/ssh/sshd_config
Add boot script:
https://anduin.linuxfromscratch.org/BLFS/blfs-bootscripts/blfs-bootscripts-20230101.tar.xz
/etc/rc.d/init.d/sshdtar xvfz blfs-bootscripts-20230101.tar.xz cd blfs-bootscripts-20230101 make install-sshd