Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Which rights are necessary to create a kernel?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
Marlo
Veteran
Veteran


Joined: 26 Jul 2003
Posts: 1231

PostPosted: Tue Dec 05, 2017 6:47 pm    Post subject: Which rights are necessary to create a kernel? Reply with quote

after an "emerge -NDuva @world" sometimes new sources end up in /usr/src/.
For me, the sources always have root: root
Code:
drwxr-xr-x 22 root root   4096  4. Dez 16:23 linux-4.14.2-gentoo
drwxr-xr-x 26 root root   4096  4. Dez 19:29 linux-4.14.3-gentoo

It is often to read that the kernel sources should not be edited as the user root. Only the last step, that create the kernel with make is supposed to be done as root. But when I go as user in /usr/src/linux and call "make menuconfig" I get an error.
Code:
/usr/src/linux $ make menuconfig
 *** Unable to find the ncurses libraries or the
 *** required header files.
 *** 'make menuconfig' requires the ncurses libraries.
 ***
 *** Install ncurses (ncurses-devel) and try again.
 ***
make[1]: *** [scripts/kconfig/Makefile:202: scripts/kconfig/dochecklxdialog] error 1
make: *** [Makefile:548: menuconfig] error 2

Or:
I like to work with genkernel-next. Everything is created with just one command "genkernel all". The kernel; the initramfs-X.XX.X-gentoo.cpio in the kernel with modules for microcode and amdgpu, the separate initramfs in / boot with all other kernel modules (if you need one). In addition, all third-party modules, e.g. from virtualbox.
And in / boot all symlinks are reset or exchanged too old. My homemade grubbootsplash will be installed and the grub.cfg will be created.
That's a lot of work with just one command.

But, that works only as root or with sudo. As a user I receive the error message:
Code:
 $ genkernel all
Genkernel: Could not write to /var/log/genkernel.log.

Back to the question: Which rights are necessary at which time to create a new kernel?
Where and how do I set the rights correctly?

Thank you in advance for any hint
Ma
_________________
Thks 4 ur attention, interest & support.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 39296
Location: 56N 3W

PostPosted: Tue Dec 05, 2017 7:02 pm    Post subject: Reply with quote

Marlo,

I you copy the kernel to /home/Marlo/<kernel> you can do a manual configure and build as Marlo.
Root needs to run make modules_install and the cp to /boot.
Root also needs to update grub.cfg.

You can change the permissions on /var/log/genkernel.log or put it into /home/Marlo/ instead.
genkernel will still need to be be run as root to do the install steps and make the initrd.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Marlo
Veteran
Veteran


Joined: 26 Jul 2003
Posts: 1231

PostPosted: Tue Dec 05, 2017 11:13 pm    Post subject: Reply with quote

thanks NeddySeagoon,

During an emerge process, some programs look for /usr/src/linux to see if there is an appropriate kernel configuration. If not, there is a fatal error and the program stops.
So "/ home/marlo/src/linux" should be copied back to "/usr/src/linux". Then it would be easier to change the rights in /usr/src/. Maybe with a startup script.
_________________
Thks 4 ur attention, interest & support.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 39296
Location: 56N 3W

PostPosted: Tue Dec 05, 2017 11:56 pm    Post subject: Reply with quote

Marlo,

A few programs build against the kernel pointed to by /usr/src/linux
If you set the /usr/src/linux symlink by hand, it can point anywhere, even to /home/Marlo/<kernel>
A chain of symlinks is permitted too, so that /usr/src/linux' which can only be changed by root, can point to /home/Marlo/linux, which user Marlo can change every time a new /home/Marlo/<kernel> appears.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 11426

PostPosted: Wed Dec 06, 2017 3:14 am    Post subject: Reply with quote

My standard practice is to set $KBUILD_OUTPUT so that the kernel's object files are not written under /usr/src. I can then build the kernel as an unprivileged user. Privilege is still required to install it, but that's a much simpler and safer step than compiling the kernel and all its build tools. I don't normally build out-of-tree drivers, so I rarely hit packages that insist on a configured kernel. For those packages that demand it, setting $KBUILD_OUTPUT to point it to the kernel build tree (and making that tree readable to user portage) should be sufficient.
Back to top
View user's profile Send private message
Ant P.
Advocate
Advocate


Joined: 18 Apr 2009
Posts: 4526

PostPosted: Wed Dec 06, 2017 3:58 pm    Post subject: Reply with quote

Code:
mkdir $HOME/kbuild
cd $HOME/kbuild
make -C /usr/src/linux O="$PWD" oldconfig

Now you can do everything from there without needing root at all until the make install phase.
_________________
*.ebuild // /etc/service/*
Back to top
View user's profile Send private message
Etal
Veteran
Veteran


Joined: 15 Jul 2005
Posts: 1670

PostPosted: Thu Dec 07, 2017 2:05 am    Post subject: Reply with quote

I have a ~/kernel directory which contains this script:

Code:
#!/bin/sh

BUILD_DIR="${PWD}/build"
INST_DIR="${PWD}/install"
SRC_DIR="/usr/src/linux"

mkdir -p "${BUILD_DIR}" "${INST_DIR}"

if [ ! -f "${BUILD_DIR}/.config" ]; then
    zcat /proc/config.gz > "${BUILD_DIR}/.config"
fi

exec make -j10 -l8 \
    O="${BUILD_DIR}" \
    INSTALL_MOD_PATH="${INST_DIR}" \
    -C "${SRC_DIR}" \
    "$@"

Code:
$ cd ~/kernel
$ ./kmake oldconfig
$ ./kmake menuconfig
$ ./kmake && ./kmake modules_install


Just make sure you check permissions when copying modules - you don't want them to be your user's.
_________________
“And even in authoritarian countries, information networks are helping people discover new facts and making governments more accountable.”– Hillary Clinton, Jan. 21, 2010
Back to top
View user's profile Send private message
Marlo
Veteran
Veteran


Joined: 26 Jul 2003
Posts: 1231

PostPosted: Thu Dec 07, 2017 4:42 am    Post subject: Reply with quote

Thank you very much for the concrete suggestions to work with kbuild. I will try the suggestions if I have completed the conversion to the 17-profile on all Gentoo installations.
_________________
Thks 4 ur attention, interest & support.
Back to top
View user's profile Send private message
Marlo
Veteran
Veteran


Joined: 26 Jul 2003
Posts: 1231

PostPosted: Thu Dec 07, 2017 9:56 pm    Post subject: Reply with quote

Ant P. wrote:
Code:
mkdir $HOME/kbuild
cd $HOME/kbuild
make -C /usr/src/linux O="$PWD" oldconfig

Now you can do everything from there without needing root at all until the make install phase.


I try your approach Ant P.:

Code:
@tux ~/kbuild $ make -C /usr/src/linux O="$PWD" oldconfig                                                                                                                     
make: Verzeichnis „/usr/src/linux-4.14.4-gentoo“ wird betreten
make[1]: Verzeichnis „/home/hajo/kbuild“ wird betreten
  HOSTCC  scripts/basic/fixdep
  HOSTCC  scripts/basic/bin2c
  GEN     ./Makefile
  HOSTCC  scripts/kconfig/conf.o
  HOSTCC  scripts/kconfig/zconf.tab.o
  HOSTLD  scripts/kconfig/conf
scripts/kconfig/conf  --oldconfig Kconfig
#
# configuration written to .config
#


Thumbs up :-)
Thanks a lot for this
Ma
_________________
Thks 4 ur attention, interest & support.
Back to top
View user's profile Send private message
Marlo
Veteran
Veteran


Joined: 26 Jul 2003
Posts: 1231

PostPosted: Thu Dec 07, 2017 10:13 pm    Post subject: Reply with quote

the next attempt with the suggestion of Etal:

Etal wrote:
I have a ~/kernel directory which contains this script:

Code:
#!/bin/sh

BUILD_DIR="${PWD}/build"
INST_DIR="${PWD}/install"
SRC_DIR="/usr/src/linux"

mkdir -p "${BUILD_DIR}" "${INST_DIR}"

if [ ! -f "${BUILD_DIR}/.config" ]; then
    zcat /proc/config.gz > "${BUILD_DIR}/.config"
fi

exec make -j10 -l8 \
    O="${BUILD_DIR}" \
    INSTALL_MOD_PATH="${INST_DIR}" \
    -C "${SRC_DIR}" \
    "$@"

Code:
$ cd ~/kernel
$ ./kmake oldconfig
$ ./kmake menuconfig
$ ./kmake && ./kmake modules_install

Just make sure you check permissions when copying modules - you don't want them to be your user's.



First the script:
Code:
 ~/kernel $ cat kmake
#!/bin/sh

BUILD_DIR="${PWD}/build"
INST_DIR="${PWD}/install"
SRC_DIR="/usr/src/linux"

mkdir -p "${BUILD_DIR}" "${INST_DIR}"

if [ ! -f "${BUILD_DIR}/.config" ]; then
    zcat /proc/config.gz > "${BUILD_DIR}/.config"
fi

exec make -j10 -l8 \
    O="${BUILD_DIR}" \
    INSTALL_MOD_PATH="${INST_DIR}" \
    -C "${SRC_DIR}" \
    "$@"


Second, the execution:
Code:
~/kernel $ ./kmake oldconfig
cc      -o .o
gcc: fatal error: no input files
compilation terminated.
make: *** [<builtin>: .o] Error 1

There must be something missing on my machine. What could that be?
Many thanks for your effort Etal!
Ma
_________________
Thks 4 ur attention, interest & support.
Back to top
View user's profile Send private message
Etal
Veteran
Veteran


Joined: 15 Jul 2005
Posts: 1670

PostPosted: Fri Dec 08, 2017 4:08 am    Post subject: Reply with quote

Marlo wrote:
Second, the execution:
Code:
~/kernel $ ./kmake oldconfig
cc      -o .o
gcc: fatal error: no input files
compilation terminated.
make: *** [<builtin>: .o] Error 1

There must be something missing on my machine. What could that be?
Many thanks for your effort Etal!
Ma

No idea how that could happen 8O

Is your /usr/src/linux symlink pointing to the correct source directory? Or can you try changing the SRC_DIR line to point to /usr/src/linux-4.14.4-gentoo?
_________________
“And even in authoritarian countries, information networks are helping people discover new facts and making governments more accountable.”– Hillary Clinton, Jan. 21, 2010
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 5751

PostPosted: Fri Dec 08, 2017 5:35 am    Post subject: Reply with quote

What I do is that I have a kbuild directory under /usr/src which is owned by portage.
I set (and export) KBUILD_OUTPUT in the profile of the root user (who is calling emerge) (you might do this in an /etc/env.d file); similarly for KERNEL_DIR.
Then for compiling the kernel, i change permissions from root to portage (keeping KBUILD_OUTPUT and KERNEL_DIR) and compile with permissions of portage.

IMHO, the permissions of portage are just right for this: If the portage account is compromised, he can corrupt the system anyway; the same holds for the one with write access to KBUILD_OUTPUT. On the other hand, portage does not own so many files that an accidental mistake (e.g. a bug in the kernel build system) are likely to cause any severe damage (other than, say, to remove the kbuild directory in the worst case).

For doing the actual permission changing for the various kernel compile/installation phases, I use the "kernel" script (available over the mv overlay) which also contains some cleanup, setting of symlinks, handling of X permissions etc. which might or might not be what you want (but everything is optional). It currently has no support for a ramdisk.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum