source: chapter08/kernel.xml@ 1d609dce

10.0 10.0-rc1 10.1 10.1-rc1 11.0 11.0-rc1 11.0-rc2 11.0-rc3 11.1 11.1-rc1 11.2 11.2-rc1 11.3 11.3-rc1 12.0 12.0-rc1 12.1 12.1-rc1 6.1 6.1.1 6.3 6.4 6.5 6.6 6.7 6.8 7.0 7.1 7.2 7.3 7.4 7.5 7.5-systemd 7.6 7.6-systemd 7.7 7.7-systemd 7.8 7.8-systemd 7.9 7.9-systemd 8.0 8.1 8.2 8.3 8.4 9.0 9.1 arm bdubbs/gcc13 ml-11.0 multilib renodr/libudev-from-systemd s6-init trunk xry111/arm64 xry111/arm64-12.0 xry111/clfs-ng xry111/lfs-next xry111/loongarch xry111/loongarch-12.0 xry111/loongarch-12.1 xry111/mips64el xry111/pip3 xry111/rust-wip-20221008 xry111/update-glibc
Last change on this file since 1d609dce was 1d609dce, checked in by Jeremy Utley <jeremy@…>, 19 years ago

Added the fix for the linux kernel security vulnerability into the build instructions - Thanks Matt for catching this one

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@4469 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
  • Property mode set to 100644
File size: 2.8 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
3 <!ENTITY % general-entities SYSTEM "../general.ent">
4 %general-entities;
5]>
6<sect1 id="ch-bootable-kernel" xreflabel="Linux" role="wrap">
7<title>Linux-&linux-version;</title>
8<?dbhtml filename="kernel.html"?>
9
10<indexterm zone="ch-bootable-kernel"><primary sortas="a-Linux">Linux</primary></indexterm>
11
12<sect2 role="package"><title/>
13
14<segmentedlist>
15<segtitle>&buildtime;</segtitle>
16<segtitle>&diskspace;</segtitle>
17<seglistitem><seg>All default options: 4.20 SBU</seg>
18<seg>All default options: 181 MB</seg></seglistitem>
19</segmentedlist>
20
21</sect2>
22
23<sect2 role="installation">
24<title>Installation of the kernel</title>
25
26<para>Kernel version 2.6.10 has a security vulnerability that will allow user
27processes to gain root privledges upon loading of a kernel module. See:
28<ulink url="http://www.uwsg.iu.edu/hypermail/linux/kernel/0412.3/0679.html"/> for more information. The following patch fixes this problem:</para>
29
30<screen><userinput>patch -Np1 -i ../linux-&linux-version;-security_fix-1.patch</userinput></screen>
31
32<para>Prepare for compilation by running the following command:</para>
33
34<screen><userinput>make mrproper</userinput></screen>
35
36<para>If, in <xref linkend="ch-scripts-console"/>, you decided you want
37to compile the keymap into the kernel, issue the command below:</para>
38
39<screen><userinput>loadkeys -m /usr/share/kbd/keymaps/<replaceable>[path to keymap]</replaceable> &gt; \
40 <replaceable>[unpacked sources dir]</replaceable>/linux-&linux-version;/drivers/char/defkeymap.c</userinput></screen>
41
42<para>Configure the kernel via a menu-driven interface:</para>
43
44<screen><userinput>make menuconfig</userinput></screen>
45
46<para>Compile the kernel image and modules:</para>
47
48<screen><userinput>make</userinput></screen>
49
50<para>Install the modules, if your kernel configuration uses them:</para>
51
52<screen><userinput>make modules_install</userinput></screen>
53
54<para>The path to the kernel image may vary depending on the platform you're
55using. Issue the following command to install the kernel:</para>
56
57<screen><userinput>cp arch/i386/boot/bzImage /boot/lfskernel-&linux-version;</userinput></screen>
58
59<screen><userinput>cp System.map /boot/System.map-&linux-version;</userinput></screen>
60
61<screen><userinput>cp .config /boot/config-&linux-version;</userinput></screen>
62
63<para>If you are going to keep the kernel source tree around, you may want to
64run <command>chown -R 0:0</command> on the
65<filename class="directory">linux-&linux-version;</filename> directory to ensure all files are
66owned by user <emphasis>root</emphasis>.</para>
67
68</sect2>
69
70
71<sect2 id="contents-kernel" role="content"><title>Contents of Linux</title>
72
73<para>See testing</para>
74
75</sect2>
76
77</sect1>
Note: See TracBrowser for help on using the repository browser.