Creating the root filesystem involves selecting files necessary for the system to run. In this section we describe how to build a compressed root filesystem. A less common option is to build an uncompressed filesystem on a diskette that is directly mounted as root; this alternative is described in Section 9.1.
4. 构建root file system
创建root file system会涉及选择运行系统所需的必要的文件。本节会描述怎么样构建一个压缩的root file system。一个不太通常的做法是在磁盘上构建一个非压缩的file system,直接挂接为root。
4.1. Overview
A root filesystem must contain everything needed to support a full Linux system. To be able to do this, the disk must include the minimum requirements for a Linux system:
· The basic file system structure,
· Minimum set of directories: /dev, /proc, /bin, /etc, /lib, /usr, /tmp,
· Basic set of utilities: sh, ls, cp, mv, etc.,
· Minimum set of config files: rc, inittab, fstab, etc.,
· Devices: /dev/hd*, /dev/tty*, /dev/fd0, etc.,
· Runtime library to provide basic functions used by utilities.
为支持完全的Linux系统,root file system必须包含每件所需。为了达到这个目的,磁盘必须包含Linux系统所需的最小需求:
- 基本的 file system 结构
- 目录的最小集合:/dev,/proc,/bin,/etc,/lib,/user,/tmp
- 基本工具集: sh,ls,cp,mv,等
- 最小的配置文件集合:rc,inittab,fstab,等
- 设备: /dev/hd*,/dev/tty*,/dev/fd0,等
- utilities使用的基本功能所需的运行时库
Of course, any system only becomes useful when you can run something on it, and a root diskette usually only becomes useful when you can do something like:
· Check a file system on another drive, for example to check your root file system on your hard drive, you need to be able to boot Linux from another drive, as you can with a root diskette system. Then you can run fsck on your original root drive while it is not mounted.
· Restore all or part of your original root drive from backup using archive and compression utilities such as cpio, tar, gzip and ftape.
当然,任何系统只有在你能在其上运行一些东西的时候才会变得有用,root磁盘仅在能做某些像下面的那样的事情的时候,才会变得有用:
- 检查另一个驱动器上的file system,例如,在硬盘驱动器上检查root file system,你需要能够从其他的驱动器上启动Llinux,就像你能够从带有root 磁盘的 系统上启动一样。之后,可以在原始的root驱动器还没挂接的同时,在其上运行fsck
- 使用,诸如cpio,tar,gzip和ftape的archive和压缩工具从备份中恢复全部或者部分的原始root 驱动器
We describe how to build a compressed filesystem, so called because it is compressed on disk and, when booted, is uncompressed onto a ramdisk. With a compressed filesystem you can fit many files (approximately six megabytes) onto a standard 1440K diskette. Because the filesystem is much larger than a diskette, it cannot be built on the diskette. We have to build it elsewhere, compress it, then copy it to the diskette.
我们在描述怎么构建一个压缩的file system,如此的称呼,是因为它是压缩在磁盘上的,并且,在启动的时候,它会被解压缩到ramdisk中。与一个压缩的file system一起,你可以将很多文件(大约6MB)放到一个标准的1440K的软盘上。因为,file system比软盘大多了,它不能构建在一个软盘上。我们不得不在别处构建好file system,压缩它,之后将其拷贝到软盘上。
4.2. Creating the filesystem
In order to build such a root filesystem, you need a spare device that is large enough to hold all the files before compression. You will need a device capable of holding about four megabytes. There are several choices:
· Use a ramdisk (DEVICE = /dev/ram0). In this case, memory is used to simulate a disk drive. The ramdisk must be large enough to hold a filesystem of the appropriate size. If you use LILO, check your configuration file (/etc/lilo.conf) for a line like RAMDISK = nnn which determines the maximum RAM that can be allocated to a ramdisk. The default is 4096K, which should be sufficient. You should probably not try to use such a ramdisk on a machine with less than 8MB of RAM. Check to make sure you have a device like /dev/ram0, /dev/ram or /dev/ramdisk.
If not, create /dev/ram0 with mknod (major number 1, minor 0).
· If you have an unused hard disk partition that is large enough (several megabytes), this is acceptable.
· Use a loopback device, which allows a disk file to be treated as a device. Using a loopback device you can create a three megabyte file on your hard disk and build the filesystem on it.
为了构建一个这样的root file system,你需要一个空闲的设备,足够大,可以容纳压缩之前的所有文件。你可能会需要能够容纳大约4MB的设备。这有几个选择:
- 使用ramdisk(DEVICE=/dev/ram0)。在这个情况中,主存用于模拟一个磁盘驱动器。ramdisk必须足够大,以容纳下一个适当大小的file system。如果使用LILO的话,检查一下配置文件(/etc/lilo.conf)有没有一行类似 RAMDISK=nnn,它决定了能够分配给ramdisk的最大的RAM。默认值是4096K,应该是足够的。在一个RAM小于8MB的机器上,不应该尝试使用一个这样的RAMDISK。检查一下以确保你有类似/dev/ram0,/dev/ram,/dev/ramdisk的设备。
如果么有,使用mknod(major number 1, minor 0)创建/dev/ram0
- 如果有一个未使用的硬盘分区,足够大(几MB)的话,这也是可以接受的
- 使用loopback设备,它允许一个磁盘文件可以被看做是一个设备。使用loopback设备,你可以在硬盘上创建一个3MB的文件,并在它上面构建file system。
Type man losetup for instructions on using loopback devices. If you don't have losetup, you can get it along with compatible versions of mount and unmount from the util−linux package in the directoryftp://ftp.win.tue.nl/pub/linux/utils/util−linux/.
输入man losetup命令获取使用loopback设备的指导。如果没有losetup,可以通过路径ftp://ftp.win.tue.nl/pub/linux/utils/util−linux/下的util-linux包中的mount和unmount的兼容版本实现你的需求。
If you do not have a loop device (/dev/loop0, /dev/loop1, etc.) on your system, you will have to create one with ``mknod /dev/loop0 b 7 0''. Once you've installed these special mount and umount binaries, create a temporary file on a hard disk with enough capacity (eg, /tmp/fsfile).
如果你的系统上没有loop设备(/dev/loop0, /dev/loop1, 等),可以通过"mknod /dev/loop0 b 7 0"创建一个。一旦安装了这些特别的mount和unmount二进制文件,就在有足够容量的硬盘上创建一个临时文件。
You can use a command like:
dd if=/dev/zero of=/tmp/fsfile bs=1kn ncnount=
to create an nnn−block file.
可以使用诸如 dd if=/dev/zero of=/tmp/fsfile bs=1kn ncount= 的命令创建一个nnn个block的文件。
Use the file name in place of DEVICE below. When you issue a mount command you must include the option −o loop to tell mount to use a loopback device.
使用文件名代替下面的DEVICE。当你使用mount命令的时候,必须包含选项 -o loop,以告诉mount使用loopback设备。
After you've chosen one of these options, prepare the DEVICE with:
dd if=/dev/zero of=DEVICE bs=1k count=4096
This command zeroes out the device.
当你已经选择了众多选项中的一个之后,使用下面的准备DEVICE
dd if=/dev/zero of=DEVICE bs=1k count=4096
该命令将设备0化了。
NOTE:
Zeroing the device is critical because the filesystem will be compressed later, so all unused portions should be filled with zeroes to achieve maximum compression. Keep this in mind whenever you move or delete files on the filesystem. The filesystem will correctly de−allocate the blocks, but it will not zero them out again. If you do a lot of deletions and copying, your compressed filesystem may end up much larger than necessary.
注意:
将设备0化是很重要的,因为稍后file system会被压缩,因此所有未使用的部分应该填充为0,以实现压缩最大化。无论什么时候在file system 上移动或者删除文件,都请记住这一点。file system会正确地解分配这些blocks,但是不会再次将它们0化。如果你有很多的删除和拷贝,压缩的file system可能会以比必需的大很多的结果而告终。
Next, create the filesystem. The Linux kernel recognizes two file system types for root disks to be automatically copied to ramdisk. These are minix and ext2, of which ext2 is preferred. If using ext2, you may find it useful to use the −N option to specify more inodes than the default; −N 2000 is suggested so that you don't run out of inodes. Alternatively, you can save on inodes by removing lots of unnecessary /dev files. mke2fs will by default create 360 inodes on a 1.44Mb diskette. I find that 120 inodes is ample on my current
rescue root diskette, but if you include all the devices in /dev you will easily exceed 360. Using a compressed root filesystem allows a larger filesystem, and hence more inodes by default, but you may still need to either reduce the number of files or increase the number of inodes.
下一步,创建file system。Linux Kernel可以识别自动拷贝到ramdisk中的用于root磁盘的2种 file system。它们是minix和ext2,ext2会优先一些。如果使用ext2,可以使用-N选项定义比默认值更多的节点;建议的值是 -N 2000,这样就不会出现节点不够用的情况了。另外的方法,可以删除很多不必要的/dev文件,以便为节点腾出空间。mke2fs,默认情况下,会在1.44Mb的软盘上创建360个节点。我发现,在我当前的应急root软盘中,120个节点已经足够了,但是,如果包含了/dev中的所有设备的话,很容易超过360个节点。使用压缩的root file system,允许更大的file system,因此,默认情况下也有更多的节点,但是,仍旧需要或者减少文件的数目,或者增加节点的数目。
So the command you use will look like:
mke2fs −m 0 −N 2000 DEVICE
(If you're using a loopback device, the disk file you're using should be supplied in place of this DEVICE.)
那么,所使用的命令可能像这样:
mke2fs -m 0 -N 2000 DEVICE
(如果使用的是loopback设备,应该用你所使用的磁盘文件代替命令中的DEVICE)
The mke2fs command will automatically detect the space available and configure itself accordingly. The ``−m 0'' parameter prevents it from reserving space for root, and hence provides more usable space on the disk.
Next, mount the device:
mount −t ext2 DEVICE /mnt
(You must create a mount point /mnt if it does not already exist.) In the remaining sections, all destination directory names are assumed to be relative to /mnt.
mke2fs 命令会自动检测可用的空间,并据此对其本身进行相应的配置。 “-m 0”参数防止其为root保留空间,也因此提供了更多的可用空间。
下一步,挂接设备:
mount -t ext2 DEVICE /mnt
(如果挂载点/mnt不存在的话,必须创建一个)。在下面的章节中,所有的目的目录的名字都假定为相对与/mnt的。
4.3. Populating the filesystem
Here is a reasonable minimum set of directories for your root filesystem[1]:
Notes
[1]
The directory structure presented here is for root diskette use only. Real Linux systems have a more complex and disciplined set of policies, called the Filesystem Hierarchy Standard, for determining where files should go.)
这里提及的目录结构仅仅用于启动盘。真实的Linux系统有更复杂的并且必须遵守的策略的一个集合,叫做 文件架构标准,以决定什么文件放在什么位置。
• /dev −− Device files, required to perform I/O
• /proc −− Directory stub required by the proc filesystem
• /etc −− System configuration files
• /sbin −− Critical system binaries
• /bin −− Essential binaries considered part of the system
• /lib −− Shared libraries to provide run−time support
• /mnt −− A mount point for maintenance on other disks
• /usr −− Additional utilities and applications
Three of these directories will be empty on the root filesystem, so they only need to be created with mkdir. The /proc directory is basically a stub under which the proc filesystem is placed. The directories /mnt and /usr are only mount points for use after the boot/root system is running. Hence again, these directories only need to be created.
这些目录中的3个目录在root file system上是空的,因此,只需使用mkdir创建就可以了。/proc 目录基本上是一个存根,proc file system就放在/proc下面。在boot/root系统运行之后,目录/mnt和/usr用于挂接点。因此,再次强调,这些目录只需要创建就可以了。
The remaining four directories are described in the following sections.
4.3.1. /dev
A /dev directory containing a special file for all devices to be used by the system is mandatory for any Linux system. The directory itself is a normal directory, and can be created with mkdir in the normal way. The device special files, however, must be created in a special way, using the mknod command.
对于任何Linux 系统而言,/dev都是强制的。它包含了系统使用的所有设备的特定的文件。目录本身是正常的目录,并可以正常的方法使用mkdir创建。然而,设备特别的文件,必须以特别的方法创建,使用mknod命令。
There is a shortcut, though copy devices files from your existing hard disk /dev directory. The only requirement is that you copy the device special files using −R option. This will copy the directory without attempting to copy the contents of the files. Be sure to use an upper case R. For example:
cp −dpR /dev/fd[01]* /mnt/dev
cp −dpR /dev/tty[0−6] /mnt/dev
assuming that the diskette is mounted at /mnt. The dp switches ensure that symbolic links are copied as links, rather than using the target file, and that the original file attributes are preserved, thus preserving ownership information.
这有一个快捷方式,从已经存在的硬盘/dev目录下拷贝设备文件。唯一的要求是使用-R选项拷贝设备的特定文件。它将会拷贝目录,而不会尝试去拷贝文件的内容。确保使用的是大写的R。例如:
cp -dpR /dev/fd[01]* /mnt/dev
cp -dpR /dev/tty[0-6] /mnt/dev
假定,软盘挂接在/mnt。dp开关确保了符号链接作为链接进行拷贝,而不是使用其指向的目标文件,并且,源文件的属性也被保留下来,因此,保留了文件拥有者的信息。
If you want to do it the hard way, use ls −l to display the major and minor device numbers for the devices you want, and create them on the diskette using mknod.
如果你打算以强硬的方法来做这件事,使用 ls -l命令显示设备的major和minor设备号,并使用mknod在软盘上创建它们。
However the devices files are created, check that any special devices you need have been placed on the rescue diskette. For example, ftape uses tape devices, so you will need to copy all of these if you intend to access your floppy tape drive from the bootdisk.
设备文件已经创建了,然而,检查一下,需要的任何的特定设备都已经放在了应急软盘上。例如,ftape使用磁带设备,因此,你需要将意欲访问的磁带驱动对应的所有磁带设备从bootdisk拷贝出来。
Note that one inode is required for each device special file, and inodes can at times be a scarce resource, especially on diskette filesystems. You'll need to be selective about the device files you include. For example, if you do not have SCSI disks you can safely ignore /dev/sd*; if you don't intend to use serial ports you can ignore /dev/ttyS*.
注意到,每一个设备的特定文件需要一个inode,inodes有时会变成稀缺资源,特别是在软盘 file systems中。你需要对所包含的设备文件有所选择。例如,如果没有SCSI磁盘,你可以放心地忽略掉 /dev/sd*;如果不打算使用串口,那么可以忽略掉 /dev/ttyS*。
If, in building your root filesystem, you get the errorNo space left on device but a df command shows space still available, you have probably run out of inodes. A df −i will display inode usage.
如果,在构建root file system过程中,得到一个错误- No space left on device(设备上没有可用空间,亦即设备满了),但是,使用df命令显示仍旧有空间可用,可能是inodes不够用了,df -i 会显示出inode的使用情况。
Note:
Be sure to include the following files from this directory:
console, kmem, mem, null, ram0 and tty1.
注意:
确定/dev目录中包含了下面的文件:
console, kmem, mem, null, ram0 and tty1.
4.3.2. /etc
The /etc directory contains configuration files. What it should contain depends on what programs you intend to run. On most systems, these can be divided into three groups:
1. Required at all times, e.g. rc, fstab, passwd.
2. May be required, but no one is too sure.
3. Junk that crept in.
Files which are not essential can usually be identified with the command:
ls −ltru
This lists files in reverse order of date last accessed, so if any files are not being accessed, they can be omitted from a root diskette.
/etc目录包含配置文件。该目录包含什么,依赖于你意欲运行什么程序。在大部分的系统中,/etc目录所包含的可划分为3组:
1. 一直需要的,例如,rc,fstab,passwd等
2. 可能需要的,没有人太确定
3. 产生的垃圾文件
不紧要的文件通常可以通过命令来验证:
ls -ltru
列表文件以最后访问日期的倒序排列,因此,如果有任何文件没有访问到,它们可以排除在root 软盘之外。
On my root diskettes, I have the number of config files down to 15. This reduces my work to dealing with three sets of files:
在为的root 软盘上,我将配置文件的数目降低到了15个。这减少了我处理3类文件的工作:
1. The ones I must configure for a boot/root system:
a. rc.d/* −− system startup and run level change scripts
b. fstab −− list of file systems to be mounted
c. inittab −− parameters for the init process, the first process started at boot time.
d. gettydefs −− parameters for the init process, the first process started at boot time.
第一类:必须为 boot/root系统配置的文件:
a. rc.d/* -- 系统启动以及改变运行级别的脚本
b. fstab -- 需要挂载的file systems列表
c. inittab -- init进程的参数,启动时的第一个进程
d. gettydefs --init进程的参数,启动时的第一个进程
2. The ones I should tidy up for a boot/root system:
a. passwd −− Critical list of users, home directories, etc.
b. group −− user groups.
c. shadow −− passwords of users. You may not have this.
d. termcap −− the terminal capability database.
第二类:需要为boot/root系统清理干净的文件:
a. passwd -- users,home 目录等的重要列表
b. group -- user 组
c. shadow -- users的密码。你可能没有这个
d. termcap -- terminal capability database
If security is important, passwd and shadow should be pruned to avoid copying user passwords off the system, and so that unwanted logins are rejected when you boot from diskette.
Be sure that passwd contains at least root. If you intend other users to login, be sure their home directories and shells exist.
确保passwd至少包含root。如果你意欲让其他用户登录,要确保他们的home目录和shells是存在的。
termcap, the terminal database, is typically several hundred kilobytes. The version on your boot/root diskette should be pruned down to contain only the terminal(s) you use, which is usually just the linux or linux−console entry.
termcap,终端数据库,比较典型的是几百KB大小。你的boot/root软盘版本应该进行裁剪,减小到只包含你使用的terminal(s),通常就是linux 或者 linux-console的入口。
3. The rest. They work at the moment, so I leave them alone.
第三类,其余的。目前他们处于工作中,暂时不管它们。
Out of this, I only really have to configure two files, and what they should contain is surprisingly small.
除此之外,只需要配置2个文件,并且,他们包含的也很少。
• rc should contain:
#!/bin/sh
/bin/mount −av
/bin/hostname Kangaroo确定,该脚本是可执行的,确定该脚本的顶端有一行"#!"的内容,并且,确定,任何绝对文件名都是正确的。并不真的是需要运行 hostname,如果写了这么一行,看起来会很好
• fstab should contain at least:
/dev/ram0 / ext2 defaults
/dev/fd0 / ext2 defaults
/proc /proc proc defaults也可以从已存在的fstab中拷贝表项,但是不应该自动挂载任何硬盘分区;使用noauto关键字。在使用bootdisk的时候,硬盘可能会被破坏掉。
Your inittab should be changed so that its sysinit line runs rc or whatever basic boot script will be used. Also, if you want to ensure that users on serial ports cannot login, comment out all the entries forgetty which include a ttys or ttyS device at the end of the line. Leave in thetty ports so that you can login at the console.
你的inittab应该经过修改,以便它的sysinit那行运行rc或者使用的任何基本的boot 脚本。还有,如果你想要确保用户不能通过串口登录,那么,注释掉所有含有getty的,行尾包含ttys或者ttyS设备的表项。留下tty端口,以便你可以在控制台登录。
A minimal inittab file looks like this:
id:2:initdefault:
si::sysinit:/etc/rc
1:2345:respawn:/sbin/getty 9600 tty1
2:23:respawn:/sbin/getty 9600 tty2inittab文件定义了,包括启动,转换为多用户模式等在内的各种状态中,系统会运行些什么。仔细地检查inittab中提到的文件名;如果init找不到提到的程序,bootdisk会挂住,甚至不会出现错误消息。
Note that some programs cannot be moved elsewhere because other programs have hardcoded their locations. For example, on my system, /etc/shutdown has hardcoded in it /etc/reboot. If I move reboot to /bin/reboot, and then issue a shutdown command, it will fail because it cannot find the reboot file.
注意,有些程序不能移动到别处,因为其他的程序对它的位置进行了硬编码。例如,在我的系统里,/etc/shutdown里边硬编码了/etc/reboot。如果我移动reboot到/bin/reboot,之后,触发一个shutdown命令,该命令会失败,因为它找不到reboot文件。
For the rest, just copy all the text files in your /etc directory, plus all the executables in your /etc directory that you cannot be sure you do not need. As a guide, consult the sample listing in Appendix C. Probably it will suffice to copy only those files, but systems differ a great deal, so you cannot be sure that the same set of files on your system is equivalent to the files in the list. The only sure method is to start with inittab and work out what is required.
对于其他文件而言,拷贝/etc目录下的所有文本文件,加上/etc目录下的不能确定不需要的所有可执行文件。或许,只拷贝这些文件就足够了,但是系统与系统之间差异也很大,因此不能确定你的系统上的相同的文件集合与列表中的文件是等价的。唯一可确定的方法是,从inittab开始,找出需要的文件。
Most systems now use an /etc/rc.d/ directory containing shell scripts for different run levels. The minimum is a single rc script, but it may be simpler just to copy inittab and the /etc/rc.d directory from your existing system, and prune the shell scripts in the rc.d directory to remove processing not relevent to a diskette system environment.
现在的大部分系统使用/etc/rc.d/目录为不同的运行级别包含shell脚本。最小的集合是一个单一的rc脚本,但是,从已经存在的系统中拷贝inittab和/etc/rc.d目录或许更简单,并裁剪rc.d目录下的shell脚本以移除与软盘系统环境不相关的处理。
4.3.3. /bin and /sbin
The /bin directory is a convenient place for extra utilities you need to perform basic operations, utilities such as ls, mv, cat and dd. See Appendix C for an example list of files that go in a /bin and /sbin directories. It does not include any of the utilities required to restore from backup, such as cpio, tar and gzip. That is because I place these on a separate utility diskette, to save space on the boot/root diskette. Once the boot/root diskette is booted, it is copied to the ramdisk leaving the diskette drive free to mount another diskette, the utility diskette. I usually mount this as /usr.
/bin目录是一个方便的地方,放置你需要的额外的工具,以执行基本的操作,诸如ls,mv,cat和dd等工具。该目录不包含任何用来从备份恢复的工具,比如cpio,tar和gzip。这是因为我将这些放在了一个独立的工具软盘上,以便节省boot/root软盘的空间。一旦boot/root软盘启动起来,它被拷贝到ramdisk,使得软盘驱动空闲下来,可以挂载另外的软盘,工具软盘。我通常将其挂载为/usr。
Creation of a utility diskette is described below in Section 9.2. It is probably desirable to maintain a copy of the same version of backup utilities used to write the backups so you don't waste time trying to install versions that cannot read your backup tapes.
工具软盘的创建在9.2节描述。可能你期望维护工具软盘的同版本的一个拷贝,用来写入备份,这样,你就不会浪费时间试图安装不能读取你的备份磁带的版本了。
Note:
Be sure to include the following programs: init, getty or equivalent, login, mount, some shell capable of running your rc scripts, a link from sh to the shell.
注意:
确定包含了下面的程序: init,getty(或者等价的),login,mount,一些能运行你的rc脚本的shell,从sh到shell的链接。
4.3.4. /lib
In /lib you place necessary shared libraries and loaders. If the necessary libraries are not found in your /lib directory then the system will be unable to boot. If you're lucky you may see an error message telling you why.
在/lib目录中,你会放置必要的共享库和加载器。如果没有在你的/lib目录中找到必要的库文件,系统就不能启动。如果你够幸运,可能会看见一个错误消息告诉你为什么不能启动。
Nearly every program requires at least the libc library, libc.so.N, where N is the current version number. Check your /lib directory. The file libc.so.N is usually a symlink to a filename with a complete version number:
几乎每一个程序都至少需要libc库,libc.so.N,这里,N是当前的版本号。检查你的/lib目录。文件libc.so.N通常是一个符号链接,指向带有完整的版本号的文件名。
% ls −l /lib/libc*
−rwxr−xr−x 1 root root 4016683 Apr 16 18:48 libc−2.1.1.so*
lrwxrwxrwx 1 root root 13 Apr 10 12:25 libc.so.6 −> libc−2.1.1.so*在本例中,你需要libc-2.1.1.so。为了找到其他的库文件,你需要查看所有你计划包含的二进制文件,可以使用ldd命令检查它们的依赖者。例如:
% ldd /sbin/mke2fs
libext2fs.so.2 => /lib/libext2fs.so.2 (0x40014000)
libcom_err.so.2 => /lib/libcom_err.so.2 (0x40026000)
libuuid.so.1 => /lib/libuuid.so.1 (0x40028000)
libc.so.6 => /lib/libc.so.6 (0x4002c000)
/lib/ld−linux.so.2 => /lib/ld−linux.so.2 (0x40000000)在右手边的每一个文件都是需要的。其也可能是一个符号链接。
Note that some libraries are quite large and will not fit easily on your root filesystem. For example, the libc.so listed above is about 4 meg. You will probably need to strip libraries when copying them to your root filesystem. See Section 8 for instructions.
注意到,有些库文件挺大,放到你的root file system里不会很容易。例如,上面列表中的libc.so文件大约4meg。当将它们拷贝到你的root file system里时,可能需要对库文件进行strip操作。可以查看章节8获得指导。
In /lib you must also include a loader for the libraries. The loader will be either ld.so (for A.OUT libraries, which are no longer common) or ld−linux.so (for ELF libraries). Newer versions of ldd tell you exactly which loader is needed, as in the example above, but older versions may not. If you're unsure which you need, run the file command on the library. For example:
在/lib目录中,必须为库文件包含一个加载器。该加载器或者是ld.so(用于A.OUT库文件,它们已经不再普遍了),或者ld-linux.so(用于ELF库文件)。更新版本的ldd会确切地告诉你需要哪一个加载器,就像上面的例子一样,但是,较老版本的ldd则不会。如果你不确定需要哪个加载器,对库文件运行file命令。例如:
% file /lib/libc.so.4.7.2 /lib/libc.so.5.4.33 /lib/libc−2.1.1.so
/lib/libc.so.4.7.2: Linux/i386 demand−paged executable (QMAGIC), stripped
/lib/libc.so.5.4.33: ELF 32−bit LSB shared object, Intel 80386, version 1, stripped
/lib/libc−2.1.1.so: ELF 32−bit LSB shared object, Intel 80386, version 1, not strippedQMAGIC指示出4.7.2用于A.OUT库文件,而ELF指示出5.4.33和2.1.1用于ELF。
Copy the specific loader(s) you need to the root filesystem you're building. Libraries and loaders should be checked carefully against the included binaries. If the kernel cannot load a necessary library, the kernel may hang with no error message.
将你需要的特定的加载器拷贝到你在构建的root file system。根据被包含的二进制文件,小心地检查库文件,和加载器。如果kernel不能加载必要的库文件,kernel可能没有任何错误消息提示地挂住。
4.4. Providing for PAM and NSS
Your system may require dynamically loaded libraries that are not visible to ldd. If you don't provide for these, you may have trouble logging in or using your bootdisk.
你的系统或许需要动态地加载对于ldd不可见的库文件。如果你没有为这些库文件提供加载的方法,登录或者使用bootdisk的过程中可能会遇到麻烦。
4.4.1. PAM (Pluggable Authentication Modules)
If your system uses PAM (Pluggable Authentication Modules), you must make some provision for it on your bootdisk. Briefly, PAM is a sophisticated modular method for authenticating users and controlling their access to services. An easy way to determine if your system uses PAM is run ldd on your login executable; if the output includes libpam.so, you need PAM.
如果你的系统使用PAM(可插拔的授权模块),那么必须在bootdisk上为它提供一些支持。简单来说,PAM是一个复杂的模块化的方法,用于授权用户,并控制他们对于服务的访问。一个简单的,用于决定你的系统是否使用PAM的方法是,对你的登录可执行文件运行ldd命令;如果输出包含libpam.so,那么,你需要PAM。
Fortunately, security is usually of no concern with bootdisks since anyone who has physical access to a machine can usually do anything they want anyway. Therefore, you can effectively disable PAM by creating a simple /etc/pam.conf file in your root filesystem that looks like this:
幸运地,安全性通常与bootdisks没有什么关联,因为,对于机器有物理访问权限的人通常能够做他们想要的任何事。因此,可以通过在你的root file system里创建一个简单的/etc/pam.conf文件有效的关闭PAM,就像这样:
OTHER auth optional /lib/security/pam_permit.so
OTHER account optional /lib/security/pam_permit.so
OTHER password optional /lib/security/pam_permit.so
OTHER session optional /lib/security/pam_permit.so也可以拷贝/lib/security/pam_permit.so文件到你的root file sysem。该库文件大小仅为8K左右,因此它增加了最小的开销。
This configuration allows anyone complete access to the files and services on your machine. If you care about security on your bootdisk for some reason, you'll have to copy some or all of your hard disk's PAM setup to your root filesystem. Be sure to read the PAM documentation carefully, and copy any libraries needed in /lib/security onto your root filesystem.
该配置允许任何人对你的机器上的文件和服务进行完全的访问。如果因为某些原因,你对bootdisk的安全性很在乎,那么,你不得不将你的硬盘上的PAM中的一些或者全部拷贝root file system。确保小心地阅读PAM文档,并拷贝/lib/security需要的任何库文件到root file system。
You must also include /lib/libpam.so on your bootdisk. But you already know this since you ran ldd on /bin/login, which showed this dependency.
必须在你的bootdisk里包含/lib/libpam.so。但是,你已经知道这一点,因为你对/bin/login运行了ldd命令,该命令就显示了这个依赖性。
4.4.2. NSS (Name Service Switch)
If you are using glibc (aka libc6), you will have to make provisions for name services or you will not be able to login. The file /etc/nsswitch.conf controls database lookups for various servies. If you don't plan to access services from the network (eg, DNS or NIS lookups), you need only prepare a simple nsswitch.conf file that looks like this:
如果你在使用glibc(也称作libc6),你不得不为名称服务提供一些支持,否则,你就不能登录了。/etc/nsswitch.conf文件控制着各种服务的数据库查找。如果你不打算从网络访问服务(例如,DNS或者NIS查找),那么,你只需要像下面这样准备一个简单的nsswitch.conf文件即可:
passwd: files
shadow: files
group: files
hosts: files
services: files
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
automount: files
aliases: files
netgroup: files
publickey: files这定义了每一个服务仅由本地文件提供。你也需要包含/lib/libnss_files.so.X,这里,对于glibc 2.0,X是1,对于glibc 2.1,X是2。该库文件会被动态加载,以便处理文件查找。
If you plan to access the network from your bootdisk, you may want to create a more elaborate nsswitch.conf file. See the nsswitch man page for details. You must include a file /lib/libnss_service.so.1 for each service you specify.
如果你打算从bootdisk访问网络,你或许需要创建一个更详细的nsswitch.conf文件。查看nsswitch man 手册,获取详细信息。对于每一个指定的服务,必须包含/lib/libnss_service.so.1文件。
4.5. Modules
If you have a modular kernel, you must consider which modules you may want to load from your bootdisk after booting. You might want to include ftape and zftape modules if your backup tapes are on floppy tape, modules for SCSI devices if you have them, and possibly modules for PPP or SLIP support if you want to access the net in an emergency.
如果你有一个模块化的kernel,你必须考虑一下在启动之后,你想要从bootdisk加载哪些模块。如果备份磁带在软盘磁带上,你或许需要包含ftape和zftape模块,如果你有SCSI设备,就需要包含SCSI模块,如果你想要在紧急情况下访问网络,就可能需要包含用于PPP或者SLIP支持的模块。
These modules may be placed in /lib/modules. You should also include insmod, rmmod and lsmod. Depending on whether you want to load modules automatically, you might also include modprobe, depmod and swapout. If you use kerneld, include it along with /etc/conf.modules.
这些模块可能放在/lib/modules目录下。你也应该包含insmod, rmmod, 和 lsmod。依赖于是否需要自动加载模块,可能需要包含modprobe,depmod,和swapout。如果你使用kerneld,也需要包含/etc/conf.modules。
However, the main advantage to using modules is that you can move non−critical modules to a utility disk and load them when needed, thus using less space on your root disk. If you may have to deal with many different devices, this approach is preferable to building one huge kernel with many drivers built in.
然而,使用模块的主要优势是,可以将不重要的模块到移动到工具盘,需要的时候加载它们,这样在你的root盘上就会使用较少的空间。如果你要处理许多不同的设备,相对于构建一个内嵌很多驱动的巨大的kernel而言,这个方法更可取。
Note:
In order to boot a compressed ext2 filesystem, you must have ramdisk and ext2 support built−in. They cannot be supplied as modules.
注意:
为了启动一个压缩的ext2 file system,必须内嵌对于ramdisk和ext2的支持。它们不能以模块的形式提供。
4.6. Some final details
Some system programs, such as login, complain if the file /var/run/utmp and the directory /var/log do not exist. So:
一些系统程序,诸如login,如果文件/var/run/utmp和目录/var/log/不存在的话,它就会抱怨。因此:
mkdir −p /mnt/var/{log,run}
touch /mnt/var/run/utmp最终,在建立其所有需要的库文件之后,运行ldconfig以便重新制作root filesystem里的/etc/ld.so.cache。这个cache告诉加载器在哪可以找到库文件。可以通过下面的方法完成这一步:
ldconfig −r /mnt4.7. Wrapping it up
When you have finished constructing the root filesystem, unmount it, copy it to a file and compress it:
当你结束root file system的构建的时候,卸载它,将其拷贝到一个文件,并压缩它:
umount /mnt
dd if=DEVICE bs=1k | gzip −v9 > rootfs.gz当这结束的时候,你会有一个名为rootfs.gz的文件。它是压缩的root file system。你应该检查它的大小以便其能放在软盘上;如果它不能放在软盘上,就不得不返回几步移除一些文件。减少root file system大小的一些建议在章节8中。
扫一扫
1585
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
