Genkernel

genkernel is used to automate the build process of the kernel and initramfs. Some of the general features include:
 * configuring the kernel sources
 * building the compressed kernel and copying it to
 * creating an initramfs and copying it to
 * creating symlinks in
 * adding custom content to the initramfs such as encryption related files, splash images, extra modules and more.
 * compressing the initramfs
 * configuring the bootloader

Installation
To install, first select the proper USE flags.

Then the installation of the genkernel software can be executed.

Pour la sécurisation des données et valeurs, un coffre-fort classe 0, de préférence ignifugé http://www.infosafe.fr est une solution importante à prendre Les documents seront plus efficacement protègé du vol et du feu dans une armoire forte blindée classe C.

Genkernel Invocation
The general form of genkernel invocation is as follows:

Options
The actual behavior of genkernel depends on a large variety of options, the majority of which can be set/unset in the  file or passed via  the   command. Options passed over the command line take precedence over options defined into. This file is very well documented but let's examine some of the most commonly used ones here. For a more complete explanation, please refer to the comments in itself or to the output of the   command.

Options acting on user interactivity
The configuration options listed below help decide how to interact with the configuration process. Users can even choose whether or not the configuration file created in the process should be saved. The following are the primary configuration options:


 * --[no-]menuconfig
 * Activates [ or deactivates] the  command (which invokes an interactive configuration menu) before building the kernel.


 * --gconfig
 * Provides a kernel configuration utility which depends on the GTK+ libraries. The advantage of this option is that most users find it easier and clearer to configure the kernel using this tool, since it relies on the X-windowing system. The disadvantage of this option is that you need the X-windowing system to use it, so it will not work on the command line.


 * --xconfig
 * Provides a kernel configuration utility which depends on the QT libraries. The advantage of this option is that most users find it easier and clearer to configure the kernel using this tool, since it relies on the X-windowing system. The disadvantage of this option is that you need the X-windowing system to use it, so it will not work on the command line.


 * --[no-]save-config
 * Saves [or does not save] the kernel configuration to a file in the directory for later use.


 * --kernname=&lt;NickName&gt;: Allows the modification of the name of the kernel and initrd images in the directory, so that the images produced are  and.

Options acting on the resulting system
The configuration options listed here defines which features will, or won't be enabled in the resulting kernel and initrd.


 * --[no-]splash
 * Activates [or deactivates] support for Fbsplash framebuffer splash in the genkernel-built initrd image. To override the default theme used by fbsplash, use --splash=&lt;PreferredTheme&gt; (where &lt;PreferredTheme&gt; is the title of one of the directories inside the directory.


 * --splash-res=&lt;PreferredResolution&gt;</tt>
 * This option allows to select which splash screen resolutions will be supported in the initrd during the start-up of the system. This is useful for two reasons. First, to be able to select only the splash screen resolution(s) relevant to the system. Second, to avoid the unnecessary increase in the disk space required by initrd (since the initrd does not have to support resolutions that are irrelevant for your system configuration.) However, the option is best omitted if the kernel is being compiled for an Installation CD; this allows splash support for all possible resolutions.


 * --do-keymap-auto</tt>
 * Force keymap selection during the boot sequence.


 * --lvm</tt>
 * Includes support for storage using via Logical Volume Management (LVM2) from static binaries, if available to the system. Relevant (static) LVM2 binaries are compiled if they are unavailable. Be sure to install the lvm2 package on your system with emerge lvm2 before enabling this option, and review the LVM article on the Gentoo wiki.


 * --dmraid</tt>
 * Includes support for DMRAID; the utility which creates RAID mappings using the kernel device-mapper subsystem. DMRAID discovers, activates, deactivates and displays properties of software RAID sets (ATARAID, for example) and contained DOS partitions.


 * --luks</tt>
 * Includes support for Linux Unified Key Setup or LUKS. This will allow to use a device encrypted by LUKS which contains the root filesystem. On the bootloader, set that encrypted device as the value of  (and   shall be the unencrypted device LUKS creates).


 * --disklabel</tt>
 * Adds support for disk label and UUID support to the initrd.


 * --iscsi</tt>
 * Adds support for iSCSI to the initrd.


 * --multipath</tt>
 * Adds support for Multipath to the initrd.


 * --linuxrc=/path/to/your/linuxrc</tt>
 * Specifies a user-created linuxrc — a script that is initialized during the start-up stage of the kernel, prior to the actual boot process. (A default linuxrc script should be in the directory.) This script allows to boot into a small, modularized kernel and load the drivers that are needed (as modules) by the system.


 * --cachedir=/path/to/alt/dir</tt>
 * Overrides the default cache location used while compiling the kernel.


 * --tempdir=/path/to/new/tempdir</tt>
 * Specifies the location of the temporary directory used by genkernel while compiling the kernel.


 * --unionfs</tt>
 * Includes support for the Unification File System in the initrd image.


 * --mountboot</tt>
 * Detects whether or not the directory needs to be mounted on a separate partition. It will check  script for instructions on how to mount the boot partition on a file system (if needed).

Options acting on the choice of the tools used for building
The following options are supported by genkernel, and are passed to the relevant applications while the kernel is being assembled. These options affect the compiling tools used for the kernel compilation process, albeit at a much lower level.


 * --kernel-cc=&lt;someCompiler&gt;</tt>
 * Specifies the compiler employed during the kernel compilation process.


 * --kernel-ld=&lt;someLinker&gt;</tt>
 * Specifies the linker employed during the kernel compilation process.


 * --kernel-as=&lt;someAssembler&gt;</tt>
 * Specifies the assembler employed during the kernel compilation process.


 * <tt>--kernel-make=&lt;someMake&gt;</tt>
 * Specifies an alternative to the GNU make utility employed during the kernel compilation process.


 * <tt>--utils-cc=&lt;someCompiler&gt;</tt>
 * Specifies the compiler employed during the compilation of support utilities.


 * <tt>--utils-ld=&lt;someLinker&gt;</tt>
 * Specifies the linker employed during the compilation of support utilities.


 * <tt>--utils-as=&lt;someAssembler&gt;</tt>
 * Specifies the assembler employed during the compilation of support utilities.


 * <tt>--utils-make=&lt;someMake&gt;</tt>
 * Specifies an alternative to the GNU make utility employed during the compilation of support utilities.


 * <tt>--makeopts=-jX</tt>
 * Specifies the number of concurrent threads that the make utility can implement while the kernel (and utilities) are being compiled. The variable  is a number to be freely chosen, although the most common values are obtained by adding one (1) to the number of cores used by the system, or just use the number of cores on the system. So, for a system with one core, most common option values are   or  ; a system with two cores most likely uses the   or   options, and so on. (A system with one processor that supports Hyper-Threading™ (HT) Technology can be assumed to have 2 cores, provided Symmetric Multi-Processing (SMP) support is enabled in the kernel.)

Options acting on the compilation process
The following options usually take effect during the actual compilation:


 * <tt>--kerneldir=/path/to/sources/</tt>
 * Specifies an alternative kernel source location, rather than the default location.


 * <tt>--kernel-config=/path/to/config-file</tt>
 * Specifies what alternative kernel configuration will be used, rather than the default file.


 * <tt>--module-prefix=/path/to/prefix-directory/</tt>
 * Specifies a prefix to the directory where kernel modules will be installed (default path is the directory.)


 * <tt>--[no-]clean</tt>
 * Activates [or deactivates] the  command before compiling your kernel. The   command removes all object files and dependencies from the kernel's source tree.


 * <tt>--[no-]mrproper</tt>
 * Activates [or deactivates] the  command before kernel compilation. Like the   command,   removes all object files and dependencies from the kernel's source tree. However, any previous configuration files (in  or ) will also be purged from the kernel's source tree.


 * <tt>--oldconfig</tt>
 * Issues the  command, which attempts to collect configuration information for the system's architecture from a generic script in . This is a non-interactive process; no user input is entertained. Also, if <tt>--oldconfig</tt> is used in conjunction with <tt>--clean</tt>, the latter option is negated, resulting in the activation of the <tt>--no-clean</tt> option.


 * <tt>--callback="echo hello"</tt>
 * Calls the specified arguments (, in this case) after the kernel and the relevant modules have been built, but before building the initrd image. This may be useful if you want to install external modules in the initrd image by emerging the relevant item(s) with the callback feature, and then redefining a genkernel module group.


 * <tt>--[no-]install</tt>
 * Activates [or deactivates] the make install command, which installs your new kernel image, configuration file, initrd image and system map onto your mounted boot partition. Any compiled modules will be installed as well.


 * <tt>--no-ramdisk-modules</tt>
 * Refrains from copying any modules to the genkernel-created initrd image. This option is an exception to the rule about the <tt>no-</tt> prefix; omission of this prefix creates an invalid genkernel option.


 * <tt>--all-ramdisk-modules</tt>
 * Copies all available modules to the genkernel-created initrd image.


 * <tt>--genzimage</tt>
 * Creates the initrd image, prior to the kernel image. (This hack currently applies only to PPC Pegasos systems.)

Debugging options
The use of debugging options during the kernel compilation process controls the amount of information reported, as well as the presentation of said data.


 * <tt>--loglevel=&lt;verblevel&gt;</tt>
 * Controls the level of verbosity for information provided by genkernel. The variable  is an integer between 0 and 5. The level '0' represents minimal output, while '5' provides as much information as possible about genkernel's activities during the kernel compilation process.


 * <tt>--logfile=/path/to/outputfile</tt>
 * Ignores the value set by the <tt>--loglevel</tt> argument, and sends all debugging data produced by genkernel to the specified output file, which is located at by default.


 * <tt>--[no-]color</tt>
 * Activates (or deactivates) colored output of debugging information (reported by genkernel) using escape sequences.

Action
The action passed on the command line with the  command, tells    what to do - the following actions are supported:


 * Builds all stages — the initrd, kernel image and modules.
 * Builds all stages — the initrd, kernel image and modules.


 * Only builds the kernel image
 * Only builds the kernel image


 * Only builds the kernel image and modules
 * Only builds the kernel image and modules


 * Only builds the initramfs/ramdisk image
 * Only builds the initramfs/ramdisk image


 * Only builds the initramfs/ramdisk image
 * Only builds the initramfs/ramdisk image

Genkernel First Invocation
Although there are several ways to run genkernel, the least-intrusive approach recommended for most users is provided by. Here, a generic configuration which works well for most systems is used. As was mentioned earlier, this approach is not without drawbacks; most of the modules created are useless to the average user and may increase compile time. Below is an illustration of a more efficient approach, achieved by passing certain options to genkernel as root:

The above operation causes genkernel to create a framebuffer splash-enabled kernel (<tt>--splash</tt>) that will have to be manually installed (<tt>--no-install</tt>). While preparing the kernel source tree, genkernel will refrain from cleaning out any preexisting object files present in the source tree (<tt>--no-clean</tt>). A menu-driven kernel configuration utility will be displayed that allows the user to select which modules will be built for the system (<tt>--menuconfig</tt>).

Replacing <tt>--no-install</tt> with the <tt>--install</tt> option allows genkernel to automatically install the new kernel in the directory, and will create symlinks for you if <tt>--symlink</tt> is specified. Using the <tt>--mountboot</tt> option allows genkernel to mount the partition automatically, if necessary.

Using Genkernel to change your kernel
The first thing that should be done is to allow the triggering of  in the  file:

File Management by genkernel
While using genkernel, the user has to be aware of some aspects relating to kernel configuration and kernel image files management and the way the kernel sources are handled by the system.

Source Files used by genkernel
After an, whenever new sources are available, a new kernel source directory is created under  to host them. Normally, the active kernel sources directory is pointed to by the symlink.

The directory might look like this:

The symlink can be changed in different ways.


 * If the  USE flag is set in, the  symlink is automatically updated to point to the newly emerged sources.


 * If the previous USE flag is not set, the user can change the destination of the symlink using the   command.

Whatever it is,  always uses the sources pointed by this symlink.

Kernel Configuration file used by genkernel
If a kernel compilation has already been run with the active kernel sources, there might be a file inside the directory that contains the kernel configuration that has been applied while creating the last bzimage of the kernel. This file is named, for example where x86_64 might be substituted with your architecture,  3.7.9 might be substituted with the version of the sources you are using and r1 with the release of the sources..

It is this file that is used as a starting configuration when running   }}.

If it is the first time that  is run with the new kernel sources, or if the previous result has not been saved, this file is substituted with a default configuration file that resides at  where x86_64 is substituted with the actual architecture.

Saving the compiled configuration
If the  genkernel option  is activated, either from the command line or inside, the compiled kernel configuration is saved (with the name given above) into the  directory. At the same time, the configuration is saved in the file in  directory but this file is not reused on the next   run.

Installing the kernel and initramfs into the /boot directory
The  action specified when invoking genkernel, ask   to install the kernel image and the initramfs into the  directory. In order to do it in a convenient manner, set the following in the  file:


 * The first parameter speaks by itself.


 * The second parameter tells genkernel to save the compiled kernel configuration into.


 * The last two options tell genkernel to automatically update the grub configuration. In practice, the following happens:
 * if a previous kernel image with the same name already exist, it is renamed by appending <tt>.old</tt> to its name. A symlink is automatically created that points to it.
 * the new kernel takes the place of any kernel with the same name into . If it is the first time a kernel is compiled, a symlink kernel is automatically created that points to the new kernel.

After running, the  directory might look like this:

Configuring the bootloader
The symlinks presented above in the bootloader's configuration can be used so that, even if the new kernel is not bootable, the user can always boot on the old one.

To allow the kernel and intird provided by genkernel to run correctly, provide a minimum information in your bootloader configuration file :
 * Add  to the kernel parameters passed to the kernel image, where  points to the root partition.
 * If splash is used, add a suitable mode line such as  to the parameters passed to the kernel and also add   or   depending on the verboseness required through the boot process.
 * Add the initrd information as required by the bootloader. Consult the Bootloader Configuration Chapter of the Gentoo Handbook for details on how to make your bootloader initrd-aware.

Here is how the file might look.

Preserving your working files
The genkernel application automatically saves new changes to the files. If previous changes are to be preserved, then the following actions need to be taken.


 * The first file to preserve is the kernel configuration file in . If the source hasn't changed prior to the recompilation of the kernel, the previously used name for this file will be used. So copying the previous configuration file under a different name helps in preserving the information while keeping the file available as a starting point for a new configuration.


 * The second important thing is to preserve the already bootable kernel and initramfs images. The way to accomplish this depends on the context:
 * If the last kernel compiled is bootable, running  will rename this kernel (and similarly initramfs) image to  and create a new . This mean that even if the new kernel is not bootable, users will always be able to boot the old one.
 * If the last kernel compiled is not bootable and sources haven't changed since the user compiled a bootable one, prior to running, first delete the new kernel image and remove the <tt>.old</tt> suffix from the last bootable one. Without this, if the newly compiled kernel is not bootable for the second time, the bootable  will be kicked out by the renaming of the non bootable , giving the user an unbootable system. Use the same reasoning for initramfs.

Using previous kernel configuration while changing the sources
The previous configuration can be used through the  option in your  as follows:

Network Booting with Genkernel from an Installation CD
The genkernel utility can build kernel and initrd images that provide support for network booting, or netbooting. With any luck, users should be able to netboot any recent computer into the environment provided by the Installation CD.

The magic lies in genkernel's linuxrc script: it will try to netmount the Installation CD using NFS. From there, the init scripts of the Installation CD can take over, as if the CD was present locally.

Building Kernel and Initrd Images with Support for Netbooting
To enable support for netbooting, include the following options while configuring the kernel:

First, the kernel image must include the drivers for your Network Interface Cards (NIC). Normally, drivers for such devices will be compiled as modules. However, it is essential (for netbooting) that such drivers are compiled directly into the kernel image and not as modules.

Be sure to select <tt>&lt;*&gt;</tt> and not <tt>&lt;M&gt;</tt>.

Secondly, it is suggested that IP: kernel level autoconfiguration is enabled as well as IP: DHCP support options. This avoids an unnecessary layer of complexity since the IP address and the NFS path to the Installation CD can be configured on a DHCP server. Of course, this means the kernel command line will remain constant for any machine — which is very important for etherbooting.

These options tell the kernel to send a DHCP request at bootup.

Additionally, enable SquashFS because most modern Gentoo Installation CDs require it. Support for SquashFS is not included with the generic kernel source tree. To enable SquashFS, apply the necessary patches to the generic kernel source or install gentoo-sources.

Once the compilation process is completed, create a compressed tarball (tar.gz) that contains the kernel's modules. This step is only necessary if the kernel version does not match the kernel image version on the Installation CD.

To create an archive containing all the modules:

Depending on the network boot mechanism, one of the following steps need to be followed:

To create an etherboot image:

To create a OpenBoot / SPARC64 TFTP image:

The file is the boot image.

Finally, copy this kernel to the TFTP server. The details are architecture-dependent and are beyond the scope of this guide. Please refer to the documentation for your platform.

NFS setup
To setup a NFS share that contains the Installation CD, use the loop device to mount the ISO image and then copy the contents of the CD into the NFS share. As a nice extra, genkernel's initrd scripts will extract all tar.gz files located in the directory. All that needs to be done here is copy the archive to the  directory.

The following assumes that is an exported NFS share:

Now copy the file into :

DHCP setup
The netboot images will ask the DHCP server on the network for an IP as well as a <tt>root-path</tt> parameter. Both can be specified per host using a MAC address to identify machines:

Netbooting Instructions
Netbooting itself is again very platform-specific. The important part is to specify the  and   parameters on the kernel command line, as this will bring up the network interface and tell the initrd scripts to mount the Installation CD via NFS. Here are some platform-specific tips.

For etherboot, insert the etherboot disk into the drive and reboot. The kernel command line was specified when the image was constructed. With Sparc64, hit - at the boot prompt and enter:

For PXE, setup pxelinux (part of syslinux), then create a along the lines of:

Introduction
If an initramfs is installed with genkernel, then take a look at the various boot options that can (or should) be defined in the bootloader configuration. The most common ones are added to this guide.

Loading LVM or software-RAID
If the system uses LVM or software-RAID, the initramfs has to be built using the <tt>--lvm</tt> and <tt>--mdadm</tt> options. Don't forget to enable support during boot as well. This can be done using the dolvm and domdadm options.

Booting in single-user mode
If for some reason boot-up fails, rescuing the system by booting in the single-user mode is still possible. This will only load the really necessary services and then drop the user to a rescue (root) shell.

Acknowledgements
We would like to thank the following authors and editors for their contributions to this guide:


 * Tim Yamin
 * Jimi Ayodele
 * Thomas Seiler
 * Joshua Saddler
 * Sebastian Pipping
 * José Fournier