Table of Contents

Preface

• Foreword
• Audience
• LFS Target Architectures
• LFS and Standards
• Rationale for Packages in the Book
• Prerequisites
• Typography
• Structure
• Errata

I. Introduction

• 1. Introduction

  • How to Build an LFS System
  • What's new since the last release
  • Changelog
  • Resources
  • Help

II. Preparing for the Build

• 2. Preparing the Host System

  • Introduction
  • Host System Requirements
  • Building LFS in Stages
  • Creating a New Partition
  • Creating a File System on the Partition
  • Setting The $LFS Variable
  • Mounting the New Partition

• 3. Packages and Patches

  • Introduction
  • All Packages
  • Needed Patches

• 4. Final Preparations

  • Introduction
  • Creating the $LFS/tools Directory
  • Adding the LFS User
  • Setting Up the Environment
  • About SBUs
  • About the Test Suites

• 5. Constructing a Temporary System

  • Introduction
  • Toolchain Technical Notes
  • General Compilation Instructions
  • Binutils-2.32 - Pass 1
  • GCC-8.2.0 - Pass 1
  • Linux-4.20.12 API Headers
  • Glibc-2.29
  • Libstdc++ from GCC-8.2.0
  • Binutils-2.32 - Pass 2
  • GCC-8.2.0 - Pass 2
  • Tcl-8.6.9
  • Expect-5.45.4
  • DejaGNU-1.6.2
  • M4-1.4.18
  • Ncurses-6.1
  • Bash-5.0
  • Bison-3.3.2
  • Bzip2-1.0.6
  • Coreutils-8.30
  • Diffutils-3.7
  • File-5.36
  • Findutils-4.6.0
  • Gawk-4.2.1
  • Gettext-0.19.8.1
  • Grep-3.3
  • Gzip-1.10
  • Make-4.2.1
  • Patch-2.7.6
  • Perl-5.28.1
  • Python-3.7.2
  • Sed-4.7
  • Tar-1.31
  • Texinfo-6.5
  • Util-linux-2.33.1
  • Xz-5.2.4
  • Stripping
  • Changing Ownership

III. Building the LFS System

• 6. Installing Basic System Software

  • Introduction
  • Preparing Virtual Kernel File Systems
  • Package Management
  • Entering the Chroot Environment
  • Creating Directories
  • Creating Essential Files and Symlinks
  • Linux-4.20.12 API Headers
  • Man-pages-4.16
  • Glibc-2.29
  • Adjusting the Toolchain
  • Zlib-1.2.11
  • File-5.36
  • Readline-8.0
  • M4-1.4.18
  • Bc-1.07.1
  • Binutils-2.32
  • GMP-6.1.2
  • MPFR-4.0.2
  • MPC-1.1.0
  • Shadow-4.6
  • GCC-8.2.0
  • Bzip2-1.0.6
  • Pkg-config-0.29.2
  • Ncurses-6.1
  • Attr-2.4.48
  • Acl-2.2.53
  • Libcap-2.26
  • Sed-4.7
  • Psmisc-23.2
  • Iana-Etc-2.30
  • Bison-3.3.2
  • Flex-2.6.4
  • Grep-3.3
  • Bash-5.0
  • Libtool-2.4.6
  • GDBM-1.18.1
  • Gperf-3.1
  • Expat-2.2.6
  • Inetutils-1.9.4
  • Perl-5.28.1
  • XML::Parser-2.44
  • Intltool-0.51.0
  • Autoconf-2.69
  • Automake-1.16.1
  • Xz-5.2.4
  • Kmod-26
  • Gettext-0.19.8.1
  • Libelf from Elfutils-0.176
  • Libffi-3.2.1
  • OpenSSL-1.1.1a
  • Python-3.7.2
  • Ninja-1.9.0
  • Meson-0.49.2
  • Coreutils-8.30
  • Check-0.12.0
  • Diffutils-3.7
  • Gawk-4.2.1
  • Findutils-4.6.0
  • Groff-1.22.4
  • GRUB-2.02
  • Less-530
  • Gzip-1.10
  • IPRoute2-4.20.0
  • Kbd-2.0.4
  • Libpipeline-1.5.1
  • Make-4.2.1
  • Patch-2.7.6
  • Man-DB-2.8.5
  • Tar-1.31
  • Texinfo-6.5
  • Vim-8.1
  • Systemd-240
  • D-Bus-1.12.12
  • Procps-ng-3.3.15
  • Util-linux-2.33.1
  • E2fsprogs-1.44.5
  • About Debugging Symbols
  • Stripping Again
  • Cleaning Up

• 7. System Configuration

  • Introduction
  • General Network Configuration
  • Overview of Device and Module Handling
  • Managing Devices
  • Configuring the system clock
  • Configuring the Linux Console
  • Configuring the System Locale
  • Creating the /etc/inputrc File
  • Creating the /etc/shells File
  • Systemd Usage and Configuration

• 8. Making the LFS System Bootable

  • Introduction
  • Creating the /etc/fstab File
  • Linux-4.20.12
  • Using GRUB to Set Up the Boot Process

• 9. The End

  • The End
  • Get Counted
  • Rebooting the System
  • What Now?

IV. Appendices

• A. Acronyms and Terms

• B. Acknowledgments

• C. Dependencies

• D. LFS Licenses

  • Creative Commons License
  • The MIT License

Foreword

My journey to learn and better understand Linux began back in 1998. I had just installed my first Linux distribution and had quickly become intrigued with the whole concept and philosophy behind Linux.

There are always many ways to accomplish a single task. The same can be said about Linux distributions. A great many have existed over the years. Some still exist, some have morphed into something else, yet others have been relegated to our memories. They all do things differently to suit the needs of their target audience. Because so many different ways to accomplish the same end goal exist, I began to realize I no longer had to be limited by any one implementation. Prior to discovering Linux, we simply put up with issues in other Operating Systems as you had no choice. It was what it was, whether you liked it or not. With Linux, the concept of choice began to emerge. If you didn't like something, you were free, even encouraged, to change it.

I tried a number of distributions and could not decide on any one. They were great systems in their own right. It wasn't a matter of right and wrong anymore. It had become a matter of personal taste. With all that choice available, it became apparent that there would not be a single system that would be perfect for me. So I set out to create my own Linux system that would fully conform to my personal preferences.

To truly make it my own system, I resolved to compile everything from source code instead of using pre-compiled binary packages. This “perfect” Linux system would have the strengths of various systems without their perceived weaknesses. At first, the idea was rather daunting. I remained committed to the idea that such a system could be built.

After sorting through issues such as circular dependencies and compile-time errors, I finally built a custom-built Linux system. It was fully operational and perfectly usable like any of the other Linux systems out there at the time. But it was my own creation. It was very satisfying to have put together such a system myself. The only thing better would have been to create each piece of software myself. This was the next best thing.

As I shared my goals and experiences with other members of the Linux community, it became apparent that there was a sustained interest in these ideas. It quickly became plain that such custom-built Linux systems serve not only to meet user specific requirements, but also serve as an ideal learning opportunity for programmers and system administrators to enhance their (existing) Linux skills. Out of this broadened interest, the Linux From Scratch Project was born.

This Linux From Scratch book is the central core around that project. It provides the background and instructions necessary for you to design and build your own system. While this book provides a template that will result in a correctly working system, you are free to alter the instructions to suit yourself, which is, in part, an important part of this project. You remain in control; we just lend a helping hand to get you started on your own journey.

I sincerely hope you will have a great time working on your own Linux From Scratch system and enjoy the numerous benefits of having a system that is truly your own.

-- Gerard Beekmans gerard@linuxfromscratch.org

Audience

There are many reasons why you would want to read this book. One of the questions many people raise is, “why go through all the hassle of manually building a Linux system from scratch when you can just download and install an existing one?”

One important reason for this project's existence is to help you learn how a Linux system works from the inside out. Building an LFS system helps demonstrate what makes Linux tick, and how things work together and depend on each other. One of the best things that this learning experience can provide is the ability to customize a Linux system to suit your own unique needs.

Another key benefit of LFS is that it allows you to have more control over the system without relying on someone else's Linux implementation. With LFS, you are in the driver's seat and dictate every aspect of the system.

LFS allows you to create very compact Linux systems. When installing regular distributions, you are often forced to install a great many programs which are probably never used or understood. These programs waste resources. You may argue that with today's hard drive and CPUs, such resources are no longer a consideration. Sometimes, however, you are still constrained by size considerations if nothing else. Think about bootable CDs, USB sticks, and embedded systems. Those are areas where LFS can be beneficial.

Another advantage of a custom built Linux system is security. By compiling the entire system from source code, you are empowered to audit everything and apply all the security patches desired. It is no longer necessary to wait for somebody else to compile binary packages that fix a security hole. Unless you examine the patch and implement it yourself, you have no guarantee that the new binary package was built correctly and adequately fixes the problem.

The goal of Linux From Scratch is to build a complete and usable foundation-level system. If you do not wish to build your own Linux system from scratch, you may nevertheless benefit from the information in this book.

There are too many other good reasons to build your own LFS system to list them all here. In the end, education is by far the most powerful of reasons. As you continue in your LFS experience, you will discover the power that information and knowledge truly bring.

LFS Target Architectures

The primary target architectures of LFS are the AMD/Intel x86 (32-bit) and x86_64 (64-bit) CPUs. On the other hand, the instructions in this book are also known to work, with some modifications, with the Power PC and ARM CPUs. To build a system that utilizes one of these CPUs, the main prerequisite, in addition to those on the next few pages, is an existing Linux system such as an earlier LFS installation, Ubuntu, Red Hat/Fedora, SuSE, or other distribution that targets the architecture that you have. Also note that a 32-bit distribution can be installed and used as a host system on a 64-bit AMD/Intel computer.

Some other facts about 64-bit systems need to be added here. When compared to a 32-bit system, the sizes of executable programs are slightly larger and the execution speeds of arbitrary programs are only slightly faster. For example, in a test build of LFS-6.5 on a Core2Duo CPU based system, the following statistics were measured:

Architecture Build Time     Build Size
32-bit       198.5 minutes  648 MB
64-bit       190.6 minutes  709 MB

As you can see, the 64-bit build is only 4% faster and is 9% larger than the 32-bit build. The gain from going to a 64-bit system is relatively minimal. Of course, if you have more than 4GB of RAM or want to manipulate data that exceeds 4GB, the advantages of a 64-bit system are substantial.

Note

The above discussion is only appropriate when comparing builds on the same hardware. Modern 64-bit systems are considerably faster than older 64-bit systems and the LFS authors recommend building on a 64-bit system when given a choice.

The default 64-bit build that results from LFS is considered a "pure" 64-bit system. That is, it supports 64-bit executables only. Building a "multi-lib" system requires compiling many applications twice, once for a 32-bit system and once for a 64-bit system. This is not directly supported in LFS because it would interfere with the educational objective of providing the instructions needed for a straightforward base Linux system. You can refer to the Cross Linux From Scratch project for this advanced topic.

LFS and Standards

The structure of LFS follows Linux standards as closely as possible. The primary standards are:

• POSIX.1-2008
• Filesystem Hierarchy Standard (FHS) Version 3.0
• Linux Standard Base (LSB) Version 5.0 (2015)

The LSB has four separate standards: Core, Desktop, Runtime Languages, and Imaging. In addition to generic requirements there are also architecture specific requirements. There are also two areas for trial use: Gtk3 and Graphics. LFS attempts to conform to the architectures discussed in the previous section.

Note

Many people do not agree with the requirements of the LSB. The main purpose of defining it is to ensure that proprietary software will be able to be installed and run properly on a compliant system. Since LFS is source based, the user has complete control over what packages are desired and many choose not to install some packages that are specified by the LSB.

Packages supplied by LFS needed to satisfy the LSB Requirements

Packages supplied by BLFS needed to satisfy the LSB Requirements

Packages not supplied by LFS or BLFS needed to satisfy the LSB Requirements

Rationale for Packages in the Book

As stated earlier, the goal of LFS is to build a complete and usable foundation-level system. This includes all packages needed to replicate itself while providing a relatively minimal base from which to customize a more complete system based on the choices of the user. This does not mean that LFS is the smallest system possible. Several important packages are included that are not strictly required. The lists below document the rationale for each package in the book.

• Acl

This package contains utilities to administer Access Control Lists, which are used to define more fine-grained discretionary access rights for files and directories.

• Attr

This package contains programs for administering extended attributes on filesystem objects.

• Autoconf

This package contains programs for producing shell scripts that can automatically configure source code from a developer's template. It is often needed to rebuild a package after updates to the build procedures.

• Automake

This package contains programs for generating Make files from a template. It is often needed to rebuild a package after updates to the build procedures.

• Bash

This package satisfies an LSB core requirement to provide a Bourne Shell interface to the system. It was chosen over other shell packages because of its common usage and extensive capabilities beyond basic shell functions.

• Bc

This package provides an arbitrary precision numeric processing language. It satisfies a requirement needed when building the Linux kernel.

• Binutils

This package contains a linker, an assembler, and other tools for handling object files. The programs in this package are needed to compile most of the packages in an LFS system and beyond.

• Bison

This package contains the GNU version of yacc (Yet Another Compiler Compiler) needed to build several other LFS programs.

• Bzip2

This package contains programs for compressing and decompressing files. It is required to decompress many LFS packages.

• Check

This package contains a test harness for other programs. It is only installed in the temporary toolchain.

• Coreutils

This package contains a number of essential programs for viewing and manipulating files and directories. These programs are needed for command line file management, and are necessary for the installation procedures of every package in LFS.

• D-Bus

This package contains programs to implement a message bus system, which a simple way for applications to talk to one another.

• DejaGNU

This package contains a framework for testing other programs. It is only installed in the temporary toolchain.

• Diffutils

This package contains programs that show the differences between files or directories. These programs can be used to create patches, and are also used in many packages' build procedures.

• E2fsprogs

This package contains the utilities for handling the ext2, ext3 and ext4 file systems. These are the most common and thoroughly tested file systems that Linux supports.

• Expat

This package contains a relatively small XML parsing library. It is required by the XML::Parser Perl module.

• Expect

This package contains a program for carrying out scripted dialogues with other interactive programs. It is commonly used for testing other packages. It is only installed in the temporary toolchain.

• File

This package contains a utility for determining the type of a given file or files. A few packages need it to build.

• Findutils

This package contains programs to find files in a file system. It is used in many packages' build scripts.

• Flex

This package contains a utility for generating programs that recognize patterns in text. It is the GNU version of the lex (lexical analyzer) program. It is required to build several LFS packages.

• Gawk

This package contains programs for manipulating text files. It is the GNU version of awk (Aho-Weinberg-Kernighan). It is used in many other packages' build scripts.

• Gcc

This package is the Gnu Compiler Collection. It contains the C and C++ compilers as well as several others not built by LFS.

• GDBM

This package contains the GNU Database Manager library. It is used by one other LFS package, Man-DB.

• Gettext

This package contains utilities and libraries for internationalization and localization of numerous packages.

• *Glibc

This package contains the main C library. Linux programs would not run without it.

• GMP

This package contains math libraries that provide useful functions for arbitrary precision arithmetic. It is required to build Gcc.

• Gperf

This package contains a program that generates a perfect hash function from a key set. It is required for Eudev.

• Grep

This package contains programs for searching through files. These programs are used by most packages' build scripts.

• Groff

This package contains programs for processing and formatting text. One important function of these programs is to format man pages.

• GRUB

This package is the Grand Unified Boot Loader. It is one of several boot loaders available, but is the most flexible.

• Gzip

This package contains programs for compressing and decompressing files. It is needed to decompress many packages in LFS and beyond.

• Iana-etc

This package provides data for network services and protocols. It is needed to enable proper networking capabilities.

• Inetutils

This package contains programs for basic network administration.

• Intltool

This package contains tools for extracting translatable strings from source files.

• IProute2

This package contains programs for basic and advanced IPv4 and IPv6 networking. It was chosen over the other common network tools package (net-tools) for its IPv6 capabilities.

• Kbd

This package contains key-table files, keyboard utilities for non-US keyboards, and a number of console fonts.

• Kmod

This package contains programs needed to administer Linux kernel modules.

• Less

This package contains a very nice text file viewer that allows scrolling up or down when viewing a file. It is also used by Man-DB for viewing manpages.

• Libcap

This package implements the user-space interfaces to the POSIX 1003.1e capabilities available in Linux kernels.

• Libelf

The elfutils project provides libraries and tools for ELF files and DWARF data. Most utilities in this package are available in other packages, but the library is needed to build the Linux kernel using the default (and most efficient) configuration.

• Libffi

This package implements a portable, high level programming interface to various calling conventions. Some programs may not know at the time of compilation what arguments are to be passed to a function. For instance, an interpreter may be told at run-time about the number and types of arguments used to call a given function. Libffi can be used in such programs to provide a bridge from the interpreter program to compiled code.

• Libpipeline

The Libpipeline package contains a library for manipulating pipelines of subprocesses in a flexible and convenient way. It is required by the Man-DB package.

• Libtool

This package contains the GNU generic library support script. It wraps the complexity of using shared libraries in a consistent, portable interface. It is needed by the test suites in other LFS packages.

• Linux Kernel

This package is the Operating System. It is the Linux in the GNU/Linux environment.

• M4

This package contains a general text macro processor useful as a build tool for other programs.

• Make

This package contains a program for directing the building of packages. It is required by almost every package in LFS.

• Man-DB

This package contains programs for finding and viewing man pages. It was chosen instead of the man package due to superior internationalization capabilities. It supplies the man program.

• Man-pages

This package contains the actual contents of the basic Linux man pages.

• Meson

This package provides a software tool for automating the building of software. The main goal for Meson is to minimize the amount of time that software developers need to spend configuring their build system.

• MPC

This package contains functions for the arithmetic of complex numbers. It is required by Gcc.

• MPFR

This package contains functions for multiple precision arithmetic. It is required by Gcc.

• Ninja

This package contains a small build system with a focus on speed. It is designed to have its input files generated by a higher-level build system, and to run builds as fast as possible.

• Ncurses

This package contains libraries for terminal-independent handling of character screens. It is often used to provide cursor control for a menuing system. It is needed by a number of packages in LFS.

• Openssl

This package provides management tools and libraries relating to cryptography. These are useful for providing cryptographic functions to other packages, including the Linux kernel.

• Patch

This package contains a program for modifying or creating files by applying a patch file typically created by the diff program. It is needed by the build procedure for several LFS packages.

• Perl

This package is an interpreter for the runtime language PERL. It is needed for the installation and test suites of several LFS packages.

• Pkg-config

This package provides a program to return meta-data about an installed library or package.

• Procps-NG

This package contains programs for monitoring processes. These programs are useful for system administration, and are also used by the LFS Bootscripts.

• Psmisc

This package contains programs for displaying information about running processes. These programs are useful for system administration.

• Python 3

This package provides an interpreted language that has a design philosophy that emphasizes code readability.

• Readline

This package is a set of libraries that offers command-line editing and history capabilities. It is used by Bash.

• Sed

This package allows editing of text without opening it in a text editor. It is also needed by most LFS packages' configure scripts.

• Shadow

This package contains programs for handling passwords in a secure way.

• Systemd

This package provides an init program and several additional boot and system control capabilities as an alternative to Sysvinit. It is used by many commercial distributions.

• Tar

This package provides archiving and extraction capabilities of virtually all packages used in LFS.

• Tcl

This package contains the Tool Command Language used in many test suites in LFS packages. It is only installed in the temporary toolchain.

• Texinfo

This package contains programs for reading, writing, and converting info pages. It is used in the installation procedures of many LFS packages.

• Util-linux

This package contains miscellaneous utility programs. Among them are utilities for handling file systems, consoles, partitions, and messages.

• Vim

This package contains an editor. It was chosen because of its compatibility with the classic vi editor and its huge number of powerful capabilities. An editor is a very personal choice for many users and any other editor could be substituted if desired.

• XML::Parser

This package is a Perl module that interfaces with Expat.

• XZ Utils

This package contains programs for compressing and decompressing files. It provides the highest compression generally available and is useful for decompressing packages in XZ or LZMA format.

• Zlib

This package contains compression and decompression routines used by some programs.

Prerequisites

Building an LFS system is not a simple task. It requires a certain level of existing knowledge of Unix system administration in order to resolve problems and correctly execute the commands listed. In particular, as an absolute minimum, you should already have the ability to use the command line (shell) to copy or move files and directories, list directory and file contents, and change the current directory. It is also expected that you have a reasonable knowledge of using and installing Linux software.

Because the LFS book assumes at least this basic level of skill, the various LFS support forums are unlikely to be able to provide you with much assistance in these areas. You will find that your questions regarding such basic knowledge will likely go unanswered or you will simply be referred to the LFS essential pre-reading list.

Before building an LFS system, we recommend reading the following:

• Software-Building-HOWTO http://www.tldp.org/HOWTO/Software-Building-HOWTO.html

  This is a comprehensive guide to building and installing “generic” Unix software packages under Linux. Although it was written some time ago, it still provides a good summary of the basic techniques needed to build and install software.

• Beginner's Guide to Installing from Source http://moi.vonos.net/linux/beginners-installing-from-source/

  This guide provides a good summary of basic skills and techniques needed to build software from source code.

Typography

To make things easier to follow, there are a few typographical conventions used throughout this book. This section contains some examples of the typographical format found throughout Linux From Scratch.

./configure --prefix=/usr

This form of text is designed to be typed exactly as seen unless otherwise noted in the surrounding text. It is also used in the explanation sections to identify which of the commands is being referenced.

In some cases, a logical line is extended to two or more physical lines with a backslash at the end of the line.

CC="gcc -B/usr/bin/" ../binutils-2.18/configure \
  --prefix=/tools --disable-nls --disable-werror

Note that the backslash must be followed by an immediate return. Other whitespace characters like spaces or tab characters will create incorrect results.

install-info: unknown option '--dir-file=/mnt/lfs/usr/info/dir'

This form of text (fixed-width text) shows screen output, usually as the result of commands issued. This format is also used to show filenames, such as /etc/ld.so.conf.

Emphasis

This form of text is used for several purposes in the book. Its main purpose is to emphasize important points or items.

linuxfromscratch.org

This format is used for hyperlinks both within the LFS community and to external pages. It includes HOWTOs, download locations, and websites.

cat > $LFS/etc/group << "EOF"
root:x:0:
bin:x:1:
......
EOF

This format is used when creating configuration files. The first command tells the system to create the file $LFS/etc/group from whatever is typed on the following lines until the sequence End Of File (EOF) is encountered. Therefore, this entire section is generally typed as seen.

<REPLACED TEXT>

This format is used to encapsulate text that is not to be typed as seen or for copy-and-paste operations.

[OPTIONAL TEXT]

This format is used to encapsulate text that is optional.

passwd(5) This format is used to refer to a specific manual (man) page. The number inside parentheses indicates a specific section inside the manuals. For example, passwd has two man pages. Per LFS installation instructions, those two man pages will be located at /usr/share/man/man1/passwd.1 and /usr/share/man/man5/passwd.5. When the book uses passwd(5) it is specifically referring to /usr/share/man/man5/passwd.5. man passwd will print the first man page it finds that matches “passwd”, which will be /usr/share/man/man1/passwd.1. For this example, you will need to run man 5 passwd in order to read the specific page being referred to. It should be noted that most man pages do not have duplicate page names in different sections. Therefore, man program name is generally sufficient.

Structure

This book is divided into the following parts.

Part I - Introduction

Part I explains a few important notes on how to proceed with the LFS installation. This section also provides meta-information about the book.

1. Introduction
    How to Build an LFS System
    What's new since the last release
    Changelog
    Resources
    Help

Part II - Preparing for the Build

Part II describes how to prepare for the building process—making a partition, downloading the packages, and compiling temporary tools.

2. Preparing the Host System
3. Packages and Patches
4. Final Preparations
5. Constructing a Temporary System

Part III - Building the LFS System

Part III guides the reader through the building of the LFS system—compiling and installing all the packages one by one, setting up the boot scripts, and installing the kernel. The resulting Linux system is the foundation on which other software can be built to expand the system as desired. At the end of this book, there is an easy to use reference listing all of the programs, libraries, and important files that have been installed.

6. Installing Basic System Software
7. System Configuration
8. Making the LFS System Bootable
9. The End

Errata

The software used to create an LFS system is constantly being updated and enhanced. Security warnings and bug fixes may become available after the LFS book has been released. To check whether the package versions or instructions in this release of LFS need any modifications to accommodate security vulnerabilities or other bug fixes, please visit lfs systemd before proceeding with your build. You should note any changes shown and apply them to the relevant section of the book as you progress with building the LFS system.

Introduction

Table of Contents

• How to Build an LFS System

• What's new since the last release

• Changelog

• Resources

• Help

How to Build an LFS System

The LFS system will be built by using an already installed Linux distribution (such as Debian, OpenMandriva, Fedora, or openSUSE). This existing Linux system (the host) will be used as a starting point to provide necessary programs, including a compiler, linker, and shell, to build the new system. Select the “development” option during the distribution installation to be able to access these tools.

As an alternative to installing a separate distribution onto your machine, you may wish to use a LiveCD from a commercial distribution.

Chapter 2 of this book describes how to create a new Linux native partition and file system. This is the place where the new LFS system will be compiled and installed. Chapter 3 explains which packages and patches need to be downloaded to build an LFS system and how to store them on the new file system. Chapter 4 discusses the setup of an appropriate working environment. Please read Chapter 4 carefully as it explains several important issues you need be aware of before beginning to work your way through Chapter 5 and beyond.

Chapter 5 explains the installation of a number of packages that will form the basic development suite (or toolchain) which is used to build the actual system in Chapter 6. Some of these packages are needed to resolve circular dependencies—for example, to compile a compiler, you need a compiler.

Chapter 5 also shows you how to build a first pass of the toolchain, including Binutils and GCC (first pass basically means these two core packages will be reinstalled). The next step is to build Glibc, the C library. Glibc will be compiled by the toolchain programs built in the first pass. Then, a second pass of the toolchain will be built. This time, the toolchain will be dynamically linked against the newly built Glibc. The remaining Chapter 5 packages are built using this second pass toolchain. When this is done, the LFS installation process will no longer depend on the host distribution, with the exception of the running kernel.

This effort to isolate the new system from the host distribution may seem excessive. A full technical explanation as to why this is done is provided in Section 5.2, “Toolchain Technical Notes”.

In Chapter 6., the full LFS system is built. The chroot (change root) program is used to enter a virtual environment and start a new shell whose root directory will be set to the LFS partition. This is very similar to rebooting and instructing the kernel to mount the LFS partition as the root partition. The system does not actually reboot, but instead uses chroot because creating a bootable system requires additional work which is not necessary just yet. The major advantage is that “chrooting” allows you to continue using the host system while LFS is being built. While waiting for package compilations to complete, you can continue using your computer as normal.

To finish the installation, the basic system configuration is set up in Chapter 7, and the kernel and boot loader are set up in Chapter 8. Chapter 9 contains information on continuing the LFS experience beyond this book. After the steps in this book have been implemented, the computer will be ready to reboot into the new LFS system.

This is the process in a nutshell. Detailed information on each step is discussed in the following chapters and package descriptions. Items that may seem complicated will be clarified, and everything will fall into place as you embark on the LFS adventure.

What's new since the last release

Below is a list of package updates made since the previous release of the book.

Upgraded to:

• Bash 5.0
• Binutils-2.32
• Bison-3.3.2
• DejaGNU-1.6.2
• D-Bus-1.12.12
• Diffutils-3.7
• E2fsprogs-1.44.5
• File-5.36
• GDBM-1.18.1
• Glibc-2.29
• Grep-3.3
• Groff-1.22.4
• Gzip-1.10
• IPRoute2-4.20.0
• Kmod-26
• Libcap-2.26
• Libelf-0.176 (from elfutils)
• Libpipeline-1.5.1
• Linux-4.20.12
• Man-DB-2.8.5
• Meson-0.49.2
• MPFR-4.0.2
• Ninja-1.9.0
• Openssl-1.1.1a
• Perl-5.28.1
• Psmisc-23.2
• Python-3.7.2
• Readline-8.0
• Sed-4.7
• Systemd-240
• Tar-1.31
• Tcl-8.6.9
• Tzdata-2018i
• Util-Linux-2.33.1

Added:

Removed:

Changelog

This is version 8.4-systemd of the Linux From Scratch book, dated Maarch 1, 2019. If this book is more than six months old, a newer and better version is probably already available. To find out, please check one of the mirrors.

Below is a list of changes made since the previous release of the book.

Changelog Entries:

• 2019-03-01

  • [bdubbs] - LFS-8.4 released.

• 2019-02-25

  • [bdubbs] - Update to linux-4.20.12. Fixes #4425.
  • [bdubbs] - Update to elfutils-0.176. Fixes #4426.
  • [bdubbs] - Update to file-5.36. Fixes #4429.
  • [renodr] - Add a security patch for systemd-240 to fix a PID1 crash over D-Bus. Fixes #4428.

• 2019-02-19

  • [bdubbs] - Add an optional modification to the build procedure for ninja to allow use the the environment variable NINJAJOBS.

• 2019-02-14

  • [bdubbs] - Update to linux-4.20.8. Fixes #4423.
  • [bdubbs] - Fix a problem when building Python in Chapter 5 where some hosts may use host dependent headers.

• 2019-02-11

  • [bdubbs] - Update to linux-4.20.7. Fixes #4421.

  • Update to kmod-26. Fixes #4422.

  • 2019-02-08

  • • [renodr] - Update host system requirements.

• 2019-02-06

  • [bdubbs] - Simlify instructions for glibc in Chapter 5. Thanks to Romain Geissler for the report.

• 2019-02-05

  • [bdubbs] - Update to bison-3.3.2. Fixes #4419.
  • [bdubbs] - Update to meson-0.49.2. Fixes #4420.

• 2019-02-02

• [bdubbs] - Fix psmisc URL. Fixes #4418.
• [bdubbs] - Update to binutils-2.32. Fixes #4417.

• 2019-02-01

  • [bdubbs] - Update to bison-3.3.1. Fixes #4412.
  • [bdubbs] - Update to glibc-2.29. Fixes #4415.
  • [bdubbs] - Update to libpipeline-1.5.1. Fixes #4413.
  • [bdubbs] - Update to linux-4.20.6. Fixes #4409.
  • [bdubbs] - Update to meson-0.49.1. Fixes #4410.
  • [bdubbs] - Update to mpfr-4.0.2. Fixes #4416.
  • [bdubbs] - Update to ninja-1.9.0. Fixes #4414.

• 2019-01-27

  • [pierre] - Fix a bug introduced in tar-1.31, by adding a sed to the build instructions. Also remove an obsolete comment about a failing test.

• 2019-01-20

  • [renodr] - Regenerate the systemd man pages tarball with the Non-namespaced versions of the Docbook XSL Stylesheets.

• 2019-01-27

  • [renodr] - Add a security patch for systemd-240. This fixes CVE-2018-16865 and CVE-2018-16864 (memory corruption in journald leading to stack overflows / arbitrary code execution). Apply this as soon as you can. Fixes #4408.

• 2019-01-10

  • [bdubbs] - Update to linux-4.20.1. Fixes #4398.
  • [bdubbs] - Update to diffutils-3.7. Fixes #4401.
  • [bdubbs] - Update to tar-1.31. Fixes #4402.
  • [bdubbs] - Update to man-db-2.8.5. Fixes #4403.
  • [bdubbs] - Update to bash-5.0. Fixes #4404.
  • [bdubbs] - Update to readline-8.0. Fixes #4405.
  • [bdubbs] - Update to iproute2-4.20.0. Fixes #4406.
  • [bdubbs] - Update to util-linux-2.33.1. Fixes #4407.

• 2019-01-01

  • [bdubbs] - Update to gzip-1.10. Fixes #4400.
  • [bdubbs] - Update to tzdata-2018i. Fixes #4399.

• 2018-12-27

  • [bdubbs] - Update to linux-4.19.12. Fixes #4389.
  • [bdubbs] - Update to e2fsprogs-1.44.5. Fixes #4390.
  • [bdubbs] - Update to bison-3.2.4. Fixes #4391.
  • [bdubbs] - Update to sed-4.7. Fixes #4392.
  • [bdubbs] - Update to grep-3.3. Fixes #4393.
  • [bdubbs] - Update to systemd-240. Contains a critical fix for systemd-tmpfiles (privilege escalation). Fixes #4394.
  • [bdubbs] - Update to Python-3.7.2. Fixes #4395.
  • [bdubbs] - Update to groff-1.22.4. Fixes #4396.

• 2018-12-12

  • [renodr] - Add a note to libffi about optimizing for the specific CPU in use at compile time. Similar to GMP, this causes Illegal Operation errors if the installation is moved to another system.

• 2018-12-01

  • [bdubbs] - Move /etc/bash_completions.d/grub to a better location. Fixes #4385.
  • [bdubbs] - Update to dejagnu-1.6.2. Fixes #4382.
  • [bdubbs] - Update to linux-4.19.6. Fixes #4383.
  • [bdubbs] - Update to perl-5.28.1. Fixes #4384.

• 2018-11-25

  • [renodr] - Update to bison-3.2.2. Fixes #4380.

• 2018-11-24

  • [dj] - Update to linux-4.19.4. Fixes #4381.
  • [dj] - Update to systemd-239-6b4878d.
  • [dj] - Add "wheel" group to systemd groups.
  • [dj] - Add touch to the list of moved coreutils programs, and clarify necessity of the moves to meet FHS compliance.

• 2018-11-21

  • [renodr] - Add "wheel" group to satisfy systemd requirements. Fixes #4376.
  • [renodr] - Add a sed to fix a bug in autoconf's test suite. Fixes #4372.
  • [renodr] - Update to tcl-8.6.9. Security update. Fixes #4375.
  • [renodr] - Update to openssl-1.1.1a. This is a security update. Fixes #4379.
  • [renodr] - Update to systemd-239-25d1ba1. This fixes three security problems in systemd. Fixes #4377.
  • [renodr] - Update to linux-4.19.3. Fixes #4373.
  • [renodr] - Update to elfutils-0.175. Fixes #4374.

• 2018-11-19

  • [bdubbs] - Update to libcap-2.26. Fixes #4378.

• 2018-11-09

  • [bdubbs] - Update to meson-0.48.2. Fixes #4371.
  • [bdubbs] - Update to bison-3.2.1. Fixes #4370.

• 2018-11-06

  • [bdubbs] - Update to bison-3.2. Fixes #4367.
  • [bdubbs] - Update to linux-4.19.1. Fixes #4368.
  • [bdubbs] - Update to tzdata-2018g. Fixes #4366.
  • [bdubbs] - Update to util-linux-v2.33. Fixes #4353.

• 2018-10-29

  • [dj] - Update to gdbm-1.18.1. Fixes #4364.
  • [dj] - Update to Python-3.7.1. Fixes #4361.

• 2018-10-27

  • [dj] - Update to iproute2-4.19.0. Fixes #4363.
  • [dj] - Update to file-5.35. Fixes #4359.
  • [dj] - Update to tzdata-2018f. Fixes #4358.
  • [dj] - Update to meson-0.48.1. Fixes #4357.
  • [dj] - Update to linux-4.19. Fixes #4356.

• 2018-10-10

  • [dj] - Removed incorrect link to /toold/lib64 in systemd instructions. Fixes #4355.
  • [dj] - Added systemd-239-meson-0.48.0_fixes-1.patch to resolve build errors with meson.
  • [dj] - Update to meson-0.48.0. Fixes #4351.
  • [dj] - Update to linux-4.18.12. Fixes #4352.

• 2018-09-30

  • [dj] - Restore build of Util-Linux in chapter5 to avoid reciprocal dependency for Systemd.
  • [dj] - Moved installation of Util-Linux and E2fsprogs after Procps to satisfy build order in the Systemd book. This has no effect on the SysV book.

• 2018-09-20

  • [bdubbs] - Clean up of unneeded symbolic links. Reordered packages so version specific packages are built as late as possible in Chapter 6. Now building util-linux in Chapter 5 is unneeded and has been removed. Fixes #4345 and #4349.
  • [bdubbs] - Update to elfutils-0.174 (libelf). Fixes #4348.
  • [bdubbs] - Update to psmisc-23.2. Fixes #4347.
  • [bdubbs] - Update to openssl-1.1.1. Fixes #4346.
  • [bdubbs] - Update to linux-4.18.9. Fixes #4344.

• 2018-09-02

  • [bdubbs] - Update to bison-3.1. Fixes #4342.
  • [bdubbs] - Update to meson-0.47.2. Fixes #4341.
  • [bdubbs] - Update to gdbm-1.18. Fixes #4340.
  • [bdubbs] - Update to e2fsprogs-1.44.4. Fixes #4338.

• 2018-09-01

  • [bdubbs] - LFS-8.3 released.

Resources

1.4.1. FAQ

If during the building of the LFS system you encounter any errors, have any questions, or think there is a typo in the book, please start by consulting the Frequently Asked Questions.

1.4.2. Mailing Lists

The linuxfromscratch.org server hosts a number of mailing lists used for the development of the LFS project. These lists include the main development and support lists, among others. If the FAQ does not solve the problem you are having, the next step would be to search the mailing lists.

For information on the different lists, how to subscribe, archive locations, and additional information, visit LFS Mail.

1.4.3. IRC

Several members of the LFS community offer assistance on Internet Relay Chat (IRC). Before using this support, please make sure that your question is not already answered in the LFS FAQ or the mailing list archives. You can find the IRC network at irc.freenode.net. The support channel is named #LFS-support.

1.4.4. Mirror Sites

The LFS project has a number of world-wide mirrors to make accessing the website and downloading the required packages more convenient. Please visit the LFS mirrors for a list of current mirrors.

1.4.5. Contact Information

Please direct all your questions and comments to one of the LFS mailing lists (see above).

Help

If an issue or a question is encountered while working through this book, please check the FAQ. Questions are often already answered there. If your question is not answered on this page, try to find the source of the problem. This hint will give you some guidance for troubleshooting.

If you cannot find your problem listed in the FAQ, search the mailing lists.

We also have a wonderful LFS community that is willing to offer assistance through the mailing lists and IRC (see the Section 1.4, “Resources” section of this book). However, we get several support questions every day and many of them can be easily answered by going to the FAQ and by searching the mailing lists first. So, for us to offer the best assistance possible, you need to do some research on your own first. That allows us to focus on the more unusual support needs. If your searches do not produce a solution, please include all relevant information (mentioned below) in your request for help.

1.5.1. Things to Mention

Apart from a brief explanation of the problem being experienced, the essential things to include in any request for help are:

• The version of the book being used (in this case 8.4-systemd)
• The host distribution and version being used to create LFS
• The output from the Host System Requirements script
• The package or section the problem was encountered in
• The exact error message or symptom being received
• Note whether you have deviated from the book at all

Note

Deviating from this book does not mean that we will not help you. After all, LFS is about personal preference. Being upfront about any changes to the established procedure helps us evaluate and determine possible causes of your problem.

1.5.2. Configure Script Problems

If something goes wrong while running the configure script, review the config.log file. This file may contain errors encountered during configure which were not printed to the screen. Include the relevant lines if you need to ask for help.

1.5.3. Compilation Problems

Both the screen output and the contents of various files are useful in determining the cause of compilation problems. The screen output from the configure script and the make run can be helpful. It is not necessary to include the entire output, but do include enough of the relevant information. Below is an example of the type of information to include from the screen output from make:

gcc -DALIASPATH=\"/mnt/lfs/usr/share/locale:.\"
-DLOCALEDIR=\"/mnt/lfs/usr/share/locale\"
-DLIBDIR=\"/mnt/lfs/usr/lib\"
-DINCLUDEDIR=\"/mnt/lfs/usr/include\" -DHAVE_CONFIG_H -I. -I.
-g -O2 -c getopt1.c
gcc -g -O2 -static -o make ar.o arscan.o commands.o dir.o
expand.o file.o function.o getopt.o implicit.o job.o main.o
misc.o read.o remake.o rule.o signame.o variable.o vpath.o
default.o remote-stub.o version.o opt1.o
-lutil job.o: In function `load_too_high':
/lfs/tmp/make-3.79.1/job.c:1565: undefined reference
to `getloadavg'
collect2: ld returned 1 exit status
make[2]: *** [make] Error 1
make[2]: Leaving directory `/lfs/tmp/make-3.79.1'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/lfs/tmp/make-3.79.1'
make: *** [all-recursive-am] Error 2

In this case, many people would just include the bottom section:

make [2]: *** [make] Error 1

This is not enough information to properly diagnose the problem because it only notes that something went wrong, not what went wrong. The entire section, as in the example above, is what should be saved because it includes the command that was executed and the associated error message(s).

An excellent article about asking for help on the Internet is available online at smart questions. Read and follow the hints in this document to increase the likelihood of getting the help you need.

Preparing the Host System

Table of Contents

• Introduction

• Host System Requirements

• Building LFS in Stages

• Creating a New Partition

• Creating a File System on the Partition

• Setting The $LFS Variable

• Mounting the New Partition

Introduction

In this chapter, the host tools needed for building LFS are checked and, if necessary, installed. Then a partition which will host the LFS system is prepared. We will create the partition itself, create a file system on it, and mount it.

Host System Requirements

Your host system should have the following software with the minimum versions indicated. This should not be an issue for most modern Linux distributions. Also note that many distributions will place software headers into separate packages, often in the form of “-devel” or “-dev”. Be sure to install those if your distribution provides them.

Earlier versions of the listed software packages may work, but have not been tested.

• Bash-3.2 (/bin/sh should be a symbolic or hard link to bash)

• Binutils-2.25 (Versions greater than 2.32 are not recommended as they have not been tested)

• Bison-2.7 (/usr/bin/yacc should be a link to bison or small script that executes bison)

• Bzip2-1.0.4

• Coreutils-6.9

• Diffutils-2.8.1

• Findutils-4.2.31

• Gawk-4.0.1 (/usr/bin/awk should be a link to gawk)

• GCC-5.2 including the C++ compiler, g++ (Versions greater than 8.2.0 are not recommended as they have not been tested)

• Glibc-2.11 (Versions greater than 2.29 are not recommended as they have not been tested)

• Grep-2.5.1a

• Gzip-1.3.12

• Linux Kernel-3.2

  The reason for the kernel version requirement is that we specify that version when building glibc in Chapter 6 at the recommendation of the developers. It is also required by udev.

  If the host kernel is earlier than 3.2 you will need to replace the kernel with a more up to date version. There are two ways you can go about this. First, see if your Linux vendor provides a 3.2 or later kernel package. If so, you may wish to install it. If your vendor doesn't offer an acceptable kernel package, or you would prefer not to install it, you can compile a kernel yourself. Instructions for compiling the kernel and configuring the boot loader (assuming the host uses GRUB) are located in Chapter 8.

• M4-1.4.10

• Make-4.0

• Patch-2.5.4

• Perl-5.8.8

• Python-3.4

• Sed-4.1.5

• Tar-1.22

• Texinfo-4.7

• Xz-5.0.0

Important

Note that the symlinks mentioned above are required to build an LFS system using the instructions contained within this book. Symlinks that point to other software (such as dash, mawk, etc.) may work, but are not tested or supported by the LFS development team, and may require either deviation from the instructions or additional patches to some packages.

To see whether your host system has all the appropriate versions, and the ability to compile programs, run the following:

cat > version-check.sh << "EOF"
#!/bin/bash
# Simple script to list version numbers of critical development tools
export LC_ALL=C
bash --version | head -n1 | cut -d" " -f2-4
MYSH=$(readlink -f /bin/sh)
echo "/bin/sh -> $MYSH"
echo $MYSH | grep -q bash || echo "ERROR: /bin/sh does not point to bash"
unset MYSH

echo -n "Binutils: "; ld --version | head -n1 | cut -d" " -f3-
bison --version | head -n1

if [ -h /usr/bin/yacc ]; then
  echo "/usr/bin/yacc -> `readlink -f /usr/bin/yacc`";
elif [ -x /usr/bin/yacc ]; then
  echo yacc is `/usr/bin/yacc --version | head -n1`
else
  echo "yacc not found"
fi

bzip2 --version 2>&1 < /dev/null | head -n1 | cut -d" " -f1,6-
echo -n "Coreutils: "; chown --version | head -n1 | cut -d")" -f2
diff --version | head -n1
find --version | head -n1
gawk --version | head -n1

if [ -h /usr/bin/awk ]; then
  echo "/usr/bin/awk -> `readlink -f /usr/bin/awk`";
elif [ -x /usr/bin/awk ]; then
  echo awk is `/usr/bin/awk --version | head -n1`
else
  echo "awk not found"
fi

gcc --version | head -n1
g++ --version | head -n1
ldd --version | head -n1 | cut -d" " -f2-  # glibc version
grep --version | head -n1
gzip --version | head -n1
cat /proc/version
m4 --version | head -n1
make --version | head -n1
patch --version | head -n1
echo Perl `perl -V:version`
python3 --version
sed --version | head -n1
tar --version | head -n1
makeinfo --version | head -n1  # texinfo version
xz --version | head -n1

echo 'int main(){}' > dummy.c && g++ -o dummy dummy.c
if [ -x dummy ]
  then echo "g++ compilation OK";
  else echo "g++ compilation failed"; fi
rm -f dummy.c dummy
EOF

bash version-check.sh

Building LFS in Stages

LFS is designed to be built in one session. That is, the instructions assume that the system will not be shut down during the process. That does not mean that the system has to be done in one sitting. The issue is that certain procedures have to be re-accomplished after a reboot if resuming LFS at different points.

2.3.1. Chapters 1–4

These chapters are accomplished on the host system. When restarting, be careful of the following:

• Procedures done as the root user after Section 2.4 need to have the LFS environment variable set FOR THE ROOT USER.

2.3.2. Chapter 5

• The /mnt/lfs partition must be mounted.

• ALL instructions in Chapter 5 must be done by user lfs. A su - lfs needs to be done before any task in Chapter 5.

• The procedures in Section 5.3, “General Compilation Instructions” are critical. If there is any doubt about installing a package, ensure any previously expanded tarballs are removed, re-extract the package files, and complete all instructions in that section.

2.3.3. Chapters 6–8

• The /mnt/lfs partition must be mounted.

• When entering chroot, the LFS environment variable must be set for root. The LFS variable is not used otherwise.

• The virtual file systems must be mounted. This can be done before or after entering chroot by changing to a host virtual terminal and, as root, running the commands in Section 6.2.2, “Mounting and Populating /dev” and Section 6.2.3, “Mounting Virtual Kernel File Systems”.

Creating a New Partition

Like most other operating systems, LFS is usually installed on a dedicated partition. The recommended approach to building an LFS system is to use an available empty partition or, if you have enough unpartitioned space, to create one.

A minimal system requires a partition of around 6 gigabytes (GB). This is enough to store all the source tarballs and compile the packages. However, if the LFS system is intended to be the primary Linux system, additional software will probably be installed which will require additional space. A 20 GB partition is a reasonable size to provide for growth. The LFS system itself will not take up this much room. A large portion of this requirement is to provide sufficient free temporary storage as well as for adding additional capabilities after LFS is complete. Additionally, compiling packages can require a lot of disk space which will be reclaimed after the package is installed.

Because there is not always enough Random Access Memory (RAM) available for compilation processes, it is a good idea to use a small disk partition as swap space. This is used by the kernel to store seldom-used data and leave more memory available for active processes. The swap partition for an LFS system can be the same as the one used by the host system, in which case it is not necessary to create another one.

Start a disk partitioning program such as cfdisk or fdisk with a command line option naming the hard disk on which the new partition will be created—for example /dev/sda for the primary Integrated Drive Electronics (IDE) disk. Create a Linux native partition and a swap partition, if needed. Please refer to cfdisk(8) or fdisk(8) if you do not yet know how to use the programs.

Note

For experienced users, other partitioning schemes are possible. The new LFS system can be on a software RAID array or an LVM logical volume. However, some of these options require an initramfs, which is an advanced topic. These partitioning methodologies are not recommended for first time LFS users.

Remember the designation of the new partition (e.g., sda5). This book will refer to this as the LFS partition. Also remember the designation of the swap partition. These names will be needed later for the /etc/fstab file.

2.4.1. Other Partition Issues

Requests for advice on system partitioning are often posted on the LFS mailing lists. This is a highly subjective topic. The default for most distributions is to use the entire drive with the exception of one small swap partition. This is not optimal for LFS for several reasons. It reduces flexibility, makes sharing of data across multiple distributions or LFS builds more difficult, makes backups more time consuming, and can waste disk space through inefficient allocation of file system structures.

2.4.1.1. The Root Partition

A root LFS partition (not to be confused with the/root directory) of ten gigabytes is a good compromise for most systems. It provides enough space to build LFS and most of BLFS, but is small enough so that multiple partitions can be easily created for experimentation.

2.4.1.2. The Swap Partition

Most distributions automatically create a swap partition. Generally the recommended size of the swap partition is about twice the amount of physical RAM, however this is rarely needed. If disk space is limited, hold the swap partition to two gigabytes and monitor the amount of disk swapping.

Swapping is never good. Generally you can tell if a system is swapping by just listening to disk activity and observing how the system reacts to commands. The first reaction to swapping should be to check for an unreasonable command such as trying to edit a five gigabyte file. If swapping becomes a normal occurrence, the best solution is to purchase more RAM for your system.

2.4.1.3. The Grub Bios Partition

If the boot disk has been partitioned with a GUID Partition Table (GPT), then a small, typically 1 MB, partition must be created if it does not already exist. This partition is not formatted, but must be available for GRUB to use during installation of the boot loader. This partition will normally be labeled 'BIOS Boot' if using fdisk or have a code of EF02 if using gdisk.

Note

The Grub Bios partition must be on the drive that the BIOS uses to boot the system. This is not necessarily the same drive where the LFS root partition is located. Disks on a system may use different partition table types. The requirement for this partition depends only on the partition table type of the boot disk.

2.4.1.4. Convenience Partitions

There are several other partitions that are not required, but should be considered when designing a disk layout. The following list is not comprehensive, but is meant as a guide.

• /boot – Highly recommended. Use this partition to store kernels and other booting information. To minimize potential boot problems with larger disks, make this the first physical partition on your first disk drive. A partition size of 100 megabytes is quite adequate.

• /home – Highly recommended. Share your home directory and user customization across multiple distributions or LFS builds. The size is generally fairly large and depends on available disk space.

• /usr– A separate /usr partition is generally used if providing a server for a thin client or diskless workstation. It is normally not needed for LFS. A size of five gigabytes will handle most installations.

• /opt – This directory is most useful for BLFS where multiple installations of large packages like Gnome or KDE can be installed without embedding the files in the /usr hierarchy. If used, 5 to 10 gigabytes is generally adequate.

• /tmp – A separate /tmp directory is rare, but useful if configuring a thin client. This partition, if used, will usually not need to exceed a couple of gigabytes.

• /usr/src – This partition is very useful for providing a location to store BLFS source files and share them across LFS builds. It can also be used as a location for building BLFS packages. A reasonably large partition of 30-50 gigabytes allows plenty of room.

Any separate partition that you want automatically mounted upon boot needs to be specified in the /etc/fstab. Details about how to specify partitions will be discussed in Section 8.2, “Creating the /etc/fstab File”.

Creating a File System on the Partition

Now that a blank partition has been set up, the file system can be created. LFS can use any file system recognized by the Linux kernel, but the most common types are ext3 and ext4. The choice of file system can be complex and depends on the characteristics of the files and the size of the partition. For example:

ext2

is suitable for small partitions that are updated infrequently such as /boot.

ext3

is an upgrade to ext2 that includes a journal to help recover the partition's status in the case of an unclean shutdown. It is commonly used as a general purpose file system.

ext4

is the latest version of the ext file system family of partition types. It provides several new capabilities including nano-second timestamps, creation and use of very large files (16 TB), and speed improvements.

Other file systems, including FAT32, NTFS, ReiserFS, JFS, and XFS are useful for specialized purposes. More information about these file systems can be found at here.

LFS assumes that the root file system (/) is of type ext4. To create an ext4 file system on the LFS partition, run the following:

mkfs -v -t ext4 /dev/<xxx>

If you are using an existing swap partition, there is no need to format it. If a new swap partition was created, it will need to be initialized with this command:

mkswap /dev/<yyy>

Replace <yyy> with the name of the swap partition.

Setting The $LFS Variable

Throughout this book, the environment variable LFS will be used several times. You should ensure that this variable is always defined throughout the LFS build process. It should be set to the name of the directory where you will be building your LFS system - we will use /mnt/lfs as an example, but the directory choice is up to you. If you are building LFS on a separate partition, this directory will be the mount point for the partition. Choose a directory location and set the variable with the following command:

export LFS=/mnt/lfs

Having this variable set is beneficial in that commands such as mkdir -v $LFS/tools can be typed literally. The shell will automatically replace “$LFS” with “/mnt/lfs” (or whatever the variable was set to) when it processes the command line.

Caution

Do not forget to check that LFS is set whenever you leave and reenter the current working environment (such as when doing a su to root or another user). Check that the LFS variable is set up properly with:

echo $LFS

Make sure the output shows the path to your LFS system's build location, which is /mnt/lfs if the provided example was followed. If the output is incorrect, use the command given earlier on this page to set $LFS to the correct directory name.

Note

One way to ensure that the LFS variable is always set is to edit the .bash_profile file in both your personal home directory and in /root/.bash_profile and enter the export command above. In addition, the shell specified in the /etc/passwdfile for all users that need the LFS variable needs to be bash to ensure that the /root/.bash_profilefile is incorporated as a part of the login process.

Another consideration is the method that is used to log into the host system. If logging in through a graphical display manager, the user's .bash_profileis not normally used when a virtual terminal is started. In this case, add the export command to the .bashrc file for the user and root. In addition, some distributions have instructions to not run the .bashrc instructions in a non-interactive bash invocation. Be sure to add the export command before the test for non-interactive use.

Mounting the New Partition

Now that a file system has been created, the partition needs to be made accessible. In order to do this, the partition needs to be mounted at a chosen mount point. For the purposes of this book, it is assumed that the file system is mounted under the directory specified by the LFS environment variable as described in the previous section.

Create the mount point and mount the LFS file system by running:

mkdir -pv $LFS
mount -v -t ext4 /dev/<xxx> $LFS

Replace _\_ with the designation of the LFS partition.

If using multiple partitions for LFS (e.g., one for /and another for /usr), mount them using:

Replace __ and __ with the appropriate partition names.

Ensure that this new partition is not mounted with permissions that are too restrictive (such as the nosuid or nodev options). Run the mount command without any parameters to see what options are set for the mounted LFS partition. If nosuid and/or nodev are set, the partition will need to be remounted.

Warning

The above instructions assume that you will not be restarting your computer throughout the LFS process. If you shut down your system, you will either need to remount the LFS partition each time you restart the build process or modify your host system's /etc/fstab file to automatically remount it upon boot. For example:

/dev/<xxx>  /mnt/lfs ext4   defaults      1     1

If you use additional optional partitions, be sure to add them also.

If you are using a swap partition, ensure that it is enabled using the swapon command:

/sbin/swapon -v /dev/<zzz>

Replace <zzz> with the name of the _swap_ partition.

Now that there is an established place to work, it is time to download the packages.

Packages and Patches

Table of Contents

• Introduction
• All Packages
• Needed Patches

Introduction

his chapter includes a list of packages that need to be downloaded in order to build a basic Linux system. The listed version numbers correspond to versions of the software that are known to work, and this book is based on their use. We highly recommend against using newer versions because the build commands for one version may not work with a newer version. The newest package versions may also have problems that require work-arounds. These work-arounds will be developed and stabilized in the development version of the book.

Download locations may not always be accessible. If a download location has changed since this book was published, Google provides a useful search engine for most packages. If this search is unsuccessful, try one of the alternative means of downloading discussed at [here(http://www.linuxfromscratch.org/lfs/packages.html#packages).

Downloaded packages and patches will need to be stored somewhere that is conveniently available throughout the entire build. A working directory is also required to unpack the sources and build them. \$LFS/sources can be used both as the place to store the tarballs and patches and as a working directory. By using this directory, the required elements will be located on the LFS partition and will be available during all stages of the building process.

To create this directory, execute the following command, as user root, before starting the download session:

mkdir -v $LFS/sources

Make this directory writable and sticky. “Sticky” means that even if multiple users have write permission on a directory, only the owner of a file can delete the file within a sticky directory. The following command will enable the write and sticky modes:

chmod -v a+wt $LFS/sources

An easy way to download all of the packages and patches is by using wget-list as an input to wget. For example:

wget --input-file=wget-list --continue --directory-prefix=$LFS/sources

Additionally, starting with LFS-7.0, there is a separate file, md5sums, which can be used to verify that all the correct packages are available before proceeding. Place that file in \$LFS/sources and run:

pushd $LFS/sources
md5sum -c md5sums
popd

All Packages

Note

File (5.36) may no longer be available at the listed location. The site administrators of the master download location occasionally remove older versions when new ones are released. An alternative download location that may have the correct version available can also be found here.

Note

The Linux kernel is updated relatively often, many times due to discoveries of security vulnerabilities. The latest available 4.20.x kernel version should be used, unless the errata page says otherwise..

For users with limited speed or expensive bandwidth who wish to update the Linux kernel, a baseline version of the package and patches can be downloaded separately. This may save some time or cost for a subsequent patch level upgrade within a minor release.

Note

The Linux From Scratch team generates its own tarball of the man pages using the systemd source. This is done in order to avoid unnecessary dependencies.

Total size of these packages: about 381 MB

Needed Patches

In addition to the packages, several patches are also required. These patches correct any mistakes in the packages that should be fixed by the maintainer. The patches also make small modifications to make the packages easier to work with. The following patches will be needed to build an LFS system:

Total size of these patches: about 198.4 KB

In addition to the above required patches, there exist a number of optional patches created by the LFS community. These optional patches solve minor problems or enable functionality that is not enabled by default. Feel free to peruse the patches database and acquire any additional patches to suit your system needs.

Final Preparations

• Introduction
• Creating the $LFS/tools Directory
• Adding the LFS User
• Setting Up the Environment
• About SBUs
• About the Test Suites

Introduction

In this chapter, we will perform a few additional tasks to prepare for building the temporary system. We will create a directory in $LFS for the installation of the temporary tools, add an unprivileged user to reduce risk, and create an appropriate build environment for that user. We will also explain the unit of time we use to measure how long LFS packages take to build, or “SBUs”, and give some information about package test suites.

Creating the $LFS/tools Directory

All programs compiled in Chapter 5 will be installed under $LFS/tools to keep them separate from the programs compiled in Chapter 6. The programs compiled here are temporary tools and will not be a part of the final LFS system. By keeping these programs in a separate directory, they can easily be discarded later after their use. This also prevents these programs from ending up in the host production directories (easy to do by accident in Chapter 5).

Create the required directory by running the following as root:

mkdir -v $LFS/tools

The next step is to create a /tools symlink on the host system. This will point to the newly-created directory on the LFS partition. Run this command as root as well:

ln -sv $LFS/tools /

Note

The above command is correct. The ln command has a few syntactic variations, so be sure to check info coreutils ln and ln(1) before reporting what you may think is an error.

The created symlink enables the toolchain to be compiled so that it always refers to /tools, meaning that the compiler, assembler, and linker will work both in Chapter 5 (when we are still using some tools from the host) and in the next (when we are “chrooted” to the LFS partition).

Adding the LFS User

When logged in as user root, making a single mistake can damage or destroy a system. Therefore, we recommend building the packages in this chapter as an unprivileged user. You could use your own user name, but to make it easier to set up a clean working environment, create a new user called lfs as a member of a new group (also named lfs) and use this user during the installation process. As root, issue the following commands to add the new user:

groupadd lfs
useradd -s /bin/bash -g lfs -m -k /dev/null lfs

The meaning of the command line options:

-s /bin/bash

This makes bash the default shell for user lfs.

-g lfs

This option adds user lfs to group lfs.

-m

This creates a home directory for lfs.

-k /dev/null

This parameter prevents possible copying of files from a skeleton directory (default is /etc/skel) by changing the input location to the special null device.

lfs

This is the actual name for the created group and user.

To log in as lfs (as opposed to switching to user lfs when logged in as root, which does not require the lfs user to have a password), give lfs a password:

passwd lfs

Grant lfs full access to $LFS/tools by making lfs the directory owner:

chown -v lfs $LFS/tools

If a separate working directory was created as suggested, give user lfs ownership of this directory:

chown -v lfs $LFS/sources

Next, login as user lfs. This can be done via a virtual console, through a display manager, or with the following substitute user command:

su - lfs

The “-” instructs su to start a login shell as opposed to a non-login shell. The difference between these two types of shells can be found in detail in bash(1) and info bash.

Setting Up the Environment

Set up a good working environment by creating two new startup files for the bash shell. While logged in as user lfs, issue the following command to create a new .bash_profile:

cat > ~/.bash_profile << "EOF"
exec env -i HOME=$HOME TERM=$TERM PS1='\u:\w\$ ' /bin/bash
EOF

When logged on as user lfs, the initial shell is usually a login shell which reads the /etc/profile of the host (probably containing some settings and environment variables) and then .bash_profile. The exec env -i.../bin/bash command in the .bash_profile file replaces the running shell with a new one with a completely empty environment, except for the HOME, TERM, and PS1 variables. This ensures that no unwanted and potentially hazardous environment variables from the host system leak into the build environment. The technique used here achieves the goal of ensuring a clean environment.

The new instance of the shell is a non-login shell, which does not read the /etc/profile or .bash_profile files, but rather reads the .bashrc file instead. Create the .bashrcfile now:

cat > ~/.bashrc << "EOF"
set +h
umask 022
LFS=/mnt/lfs
LC_ALL=POSIX
LFS_TGT=$(uname -m)-lfs-linux-gnu
PATH=/tools/bin:/bin:/usr/bin
export LFS LC_ALL LFS_TGT PATH
EOF

The set +h command turns off bash's hash function. Hashing is ordinarily a useful feature—bash uses a hash table to remember the full path of executable files to avoid searching the PATH time and again to find the same executable. However, the new tools should be used as soon as they are installed. By switching off the hash function, the shell will always search the PATH when a program is to be run. As such, the shell will find the newly compiled tools in \$LFS/tools as soon as they are available without remembering a previous version of the same program in a different location.

Setting the user file-creation mask (umask) to 022 ensures that newly created files and directories are only writable by their owner, but are readable and executable by anyone (assuming default modes are used by the open(2) system call, new files will end up with permission mode 644 and directories with mode 755).

The LFS variable should be set to the chosen mount point.

The LC_ALL variable controls the localization of certain programs, making their messages follow the conventions of a specified country. Setting LC_ALL to “POSIX” or “C” (the two are equivalent) ensures that everything will work as expected in the chroot environment.

The LFS_TGT variable sets a non-default, but compatible machine description for use when building our cross compiler and linker and when cross compiling our temporary toolchain. More information is contained in Section 5.2, “Toolchain Technical Notes”.

By putting /tools/bin ahead of the standard PATH, all the programs installed in Chapter 5 are picked up by the shell immediately after their installation. This, combined with turning off hashing, limits the risk that old programs are used from the host when the same programs are available in the chapter 5 environment.

Finally, to have the environment fully prepared for building the temporary tools, source the just-created user profile:

source ~/.bash_profile

About SBUs

Many people would like to know beforehand approximately how long it takes to compile and install each package. Because Linux From Scratch can be built on many different systems, it is impossible to provide accurate time estimates. The biggest package (Glibc) will take approximately 20 minutes on the fastest systems, but could take up to three days on slower systems! Instead of providing actual times, the Standard Build Unit (SBU) measure will be used instead.

The SBU measure works as follows. The first package to be compiled from this book is Binutils in Chapter 5. The time it takes to compile this package is what will be referred to as the Standard Build Unit or SBU. All other compile times will be expressed relative to this time.

For example, consider a package whose compilation time is 4.5 SBUs. This means that if a system took 10 minutes to compile and install the first pass of Binutils, it will take approximately 45 minutes to build this example package. Fortunately, most build times are shorter than the one for Binutils.

In general, SBUs are not entirely accurate because they depend on many factors, including the host system's version of GCC. They are provided here to give an estimate of how long it might take to install a package, but the numbers can vary by as much as dozens of minutes in some cases.

Note

For many modern systems with multiple processors (or cores) the compilation time for a package can be reduced by performing a "parallel make" by either setting an environment variable or telling the make program how many processors are available. For instance, a Core2Duo can support two simultaneous processes with:

export MAKEFLAGS='-j 2'

or just building with:

make -j2

When multiple processors are used in this way, the SBU units in the book will vary even more than they normally would. In some cases, the make step will simply fail. Analyzing the output of the build process will also be more difficult because the lines of different processes will be interleaved. If you run into a problem with a build step, revert back to a single processor build to properly analyze the error messages.

About the Test Suites

Most packages provide a test suite. Running the test suite for a newly built package is a good idea because it can provide a “sanity check” indicating that everything compiled correctly. A test suite that passes its set of checks usually proves that the package is functioning as the developer intended. It does not, however, guarantee that the package is totally bug free.

Some test suites are more important than others. For example, the test suites for the core toolchain packages—GCC, Binutils, and Glibc—are of the utmost importance due to their central role in a properly functioning system. The test suites for GCC and Glibc can take a very long time to complete, especially on slower hardware, but are strongly recommended.

Note

Experience has shown that there is little to be gained from running the test suites in Chapter 5. There can be no escaping the fact that the host system always exerts some influence on the tests in that chapter, often causing inexplicable failures. Because the tools built in Chapter 5 are temporary and eventually discarded, we do not recommend running the test suites in Chapter 5 for the average reader. The instructions for running those test suites are provided for the benefit of testers and developers, but they are strictly optional.

A common issue with running the test suites for Binutils and GCC is running out of pseudo terminals (PTYs). This can result in a high number of failing tests. This may happen for several reasons, but the most likely cause is that the host system does not have the devpts file system set up correctly. This issue is discussed in greater detail at here.

Sometimes package test suites will fail, but for reasons which the developers are aware of and have deemed non-critical. Consult the logs to verify whether or not these failures are expected. This site is valid for all tests throughout this book.

Constructing a Temporary System

Table of Contents

• Introduction
• Toolchain Technical Notes
• General Compilation Instructions
• Binutils-2.32 - Pass 1
• GCC-8.2.0 - Pass 1
• Linux-4.20.12 API Headers
• Glibc-2.29
• Libstdc++ from GCC-8.2.0
• Binutils-2.32 - Pass 2
• GCC-8.2.0 - Pass 2
• Tcl-8.6.9
• Expect-5.45.4
• DejaGNU-1.6.2
• M4-1.4.18
• Ncurses-6.1
• Bash-5.0
• Bison-3.3.2
• Bzip2-1.0.6
• Coreutils-8.30
• Diffutils-3.7
• File-5.36
• Findutils-4.6.0
• Gawk-4.2.1
• Gettext-0.19.8.1
• Grep-3.3
• Gzip-1.10
• Make-4.2.1
• Patch-2.7.6
• Perl-5.28.1
• Python-3.7.2
• Sed-4.7
• Tar-1.31
• Texinfo-6.5
• Util-linux-2.33.1
• Xz-5.2.4
• Stripping
• Changing Ownership

Introduction

This chapter shows how to build a minimal Linux system. This system will contain just enough tools to start constructing the final LFS system in Chapter 6 and allow a working environment with more user convenience than a minimum environment would.

There are two steps in building this minimal system. The first step is to build a new and host-independent toolchain (compiler, assembler, linker, libraries, and a few useful utilities). The second step uses this toolchain to build the other essential tools.

The files compiled in this chapter will be installed under the \$LFS/tools directory to keep them separate from the files installed in the next chapter and the host production directories. Since the packages compiled here are temporary, we do not want them to pollute the soon-to-be LFS system.

Toolchain Technical Notes

This section explains some of the rationale and technical details behind the overall build method. It is not essential to immediately understand everything in this section. Most of this information will be clearer after performing an actual build. This section can be referred to at any time during the process.

The overall goal of Chapter 5 is to produce a temporary area that contains a known-good set of tools that can be isolated from the host system. By using chroot, the commands in the remaining chapters will be contained within that environment, ensuring a clean, trouble-free build of the target LFS system. The build process has been designed to minimize the risks for new readers and to provide the most educational value at the same time.

Note

Before continuing, be aware of the name of the working platform, often referred to as the target triplet. A simple way to determine the name of the target triplet is to run the config.guess script that comes with the source for many packages. Unpack the Binutils sources and run the script: ./config.guess and note the output. For example, for a 32-bit Intel processor the output will be i686-pc-linux-gnu. On a 64-bit system it will be x86_64-pc-linux-gnu.

Also be aware of the name of the platform's dynamic linker, often referred to as the dynamic loader (not to be confused with the standard linker ld that is part of Binutils). The dynamic linker provided by Glibc finds and loads the shared libraries needed by a program, prepares the program to run, and then runs it. The name of the dynamic linker for a 32-bit Intel machine will be ld-linux.so.2 (ld-linux-x86-64.so.2 for 64-bit systems). A sure-fire way to determine the name of the dynamic linker is to inspect a random binary from the host system by running: readelf -l <name of binary> | grep interpreter and noting the output. The authoritative reference covering all platforms is in the shlib-versions file in the root of the Glibc source tree.

Some key technical points of how the Chapter 5 build method works:

• Slightly adjusting the name of the working platform, by changing the "vendor" field target triplet by way of the LFS_TGT variable, ensures that the first build of Binutils and GCC produces a compatible cross-linker and cross-compiler. Instead of producing binaries for another architecture, the cross-linker and cross-compiler will produce binaries compatible with the current hardware.

• The temporary libraries are cross-compiled. Because a cross-compiler by its nature cannot rely on anything from its host system, this method removes potential contamination of the target system by lessening the chance of headers or libraries from the host being incorporated into the new tools. Cross-compilation also allows for the possibility of building both 32-bit and 64-bit libraries on 64-bit capable hardware.

• Careful manipulation of the GCC source tells the compiler which target dynamic linker will be used.

Binutils is installed first because the configure runs of both GCC and Glibc perform various feature tests on the assembler and linker to determine which software features to enable or disable. This is more important than one might first realize. An incorrectly configured GCC or Glibc can result in a subtly broken toolchain, where the impact of such breakage might not show up until near the end of the build of an entire distribution. A test suite failure will usually highlight this error before too much additional work is performed.

Binutils installs its assembler and linker in two locations, /tools/bin and /tools/\$LFS_TGT/bin. The tools in one location are hard linked to the other. An important facet of the linker is its library search order. Detailed information can be obtained from ld by passing it the --verbose flag. For example, an ld --verbose | grep SEARCH will illustrate the current search paths and their order. It shows which files are linked by ld by compiling a dummy program and passing the --verbose switch to the linker. For example, gcc dummy.c -Wl,--verbose 2>&1 | grep succeeded will show all the files successfully opened during the linking.

The next package installed is GCC. An example of what can be seen during its run of configure is:

checking what assembler to use... /tools/i686-lfs-linux-gnu/bin/as
checking what linker to use... /tools/i686-lfs-linux-gnu/bin/ld

This is important for the reasons mentioned above. It also demonstrates that GCC's configure script does not search the PATH directories to find which tools to use. However, during the actual operation of gcc itself, the same search paths are not necessarily used. To find out which standard linker gcc will use, run: gcc -print-prog-name=ld.

Detailed information can be obtained from gcc by passing it the -v command line option while compiling a dummy program. For example, gcc -v dummy.c will show detailed information about the preprocessor, compilation, and assembly stages, including gcc's included search paths and their order.

Next installed are sanitized Linux API headers. These allow the standard C library (Glibc) to interface with features that the Linux kernel will provide.

The next package installed is Glibc. The most important considerations for building Glibc are the compiler, binary tools, and kernel headers. The compiler is generally not an issue since Glibc will always use the compiler relating to the --host parameter passed to its configure script; e.g. in our case, the compiler will be i686-lfs-linux-gnu-gcc. The binary tools and kernel headers can be a bit more complicated. Therefore, take no risks and use the available configure switches to enforce the correct selections. After the run of configure, check the contents of the config.makefile in the glibc-build directory for all important details. Note the use of CC="i686-lfs-gnu-gcc" to control which binary tools are used and the use of the -nostdinc and -isystem flags to control the compiler's include search path. These items highlight an important aspect of the Glibc package—it is very self-sufficient in terms of its build machinery and generally does not rely on toolchain defaults.

During the second pass of Binutils, we are able to utilize the --with-lib-path configure switch to control ld's library search path.

For the second pass of GCC, its sources also need to be modified to tell GCC to use the new dynamic linker. Failure to do so will result in the GCC programs themselves having the name of the dynamic linker from the host system's /lib directory embedded into them, which would defeat the goal of getting away from the host. From this point onwards, the core toolchain is self-contained and self-hosted. The remainder of the Chapter 5 packages all build against the new Glibc in /tools.

Upon entering the chroot environment in Chapter 6, the first major package to be installed is Glibc, due to its self-sufficient nature mentioned above. Once this Glibc is installed into /usr, we will perform a quick changeover of the toolchain defaults, and then proceed in building the rest of the target LFS system.

General Compilation Instructions

When building packages there are several assumptions made within the instructions:

• Several of the packages are patched before compilation, but only when the patch is needed to circumvent a problem. A patch is often needed in both this and the next chapter, but sometimes in only one or the other. Therefore, do not be concerned if instructions for a downloaded patch seem to be missing. Warning messages about offset or fuzz may also be encountered when applying a patch. Do not worry about these warnings, as the patch was still successfully applied.

• During the compilation of most packages, there will be several warnings that scroll by on the screen. These are normal and can safely be ignored. These warnings are as they appear—warnings about deprecated, but not invalid, use of the C or C++ syntax. C standards change fairly often, and some packages still use the older standard. This is not a problem, but does prompt the warning.

• Check one last time that the LFS environment variable is set up properly:

echo $LFS

Make sure the output shows the path to the LFS partition's mount point, which is /mnt/lfs, using our example.

• Finally, two important items must be emphasized:

Important

The build instructions assume that the Host System Requirements, including symbolic links, have been set properly:

• bash is the shell in use.
• sh is a symbolic link to bash.
• /usr/bin/awk is a symbolic link to gawk.
• /usr/bin/yacc is a symbolic link to bison or a small script that executes bison.

Important

1. Place all the sources and patches in a directory that will be accessible from the chroot environment such as /mnt/lfs/sources/. Do not put sources in /mnt/lfs/tools/.
2. Change to the sources directory.
3. For each package:

   • Using the tar program, extract the package to be built. In Chapter 5, ensure you are the lfs user when extracting the package.
   • Change to the directory created when the package was extracted.
   • Follow the book's instructions for building the package.
   • Change back to the sources directory.
   • Delete the extracted source directory unless instructed otherwise.

Binutils-2.32 - Pass 1

The Binutils package contains a linker, an assembler, and other tools for handling object files.

Approximate Build Time: 1 SBU

Required Disk Space: 580 MB

Installation of Cross Binutils

Note

Go back and re-read the notes in the previous section. Understanding the notes labeled important will save you a lot of problems later.

It is important that Binutils be the first package compiled because both Glibc and GCC perform various tests on the available linker and assembler to determine which of their own features to enable.

The Binutils documentation recommends building Binutils in a dedicated build directory:

mkdir -v build
cd       build

Note

In order for the SBU values listed in the rest of the book to be of any use, measure the time it takes to build this package from the configuration, up to and including the first install. To achieve this easily, wrap the commands in a time command like this: time { ./configure ... && ... && make install; }.

Note

The approximate build SBU values and required disk space in Chapter 5 does not include test suite data.

Now prepare Binutils for compilation:

../configure --prefix=/tools            \
             --with-sysroot=$LFS        \
             --with-lib-path=/tools/lib \
             --target=$LFS_TGT          \
             --disable-nls              \
             --disable-werror

The meaning of the configure options:

--prefix=/tools

This tells the configure script to prepare to install the Binutils programs in the /tools directory.

--with-sysroot=$LFS

For cross compilation, this tells the build system to look in $LFS for the target system libraries as needed.

--with-lib-path=/tools/lib

This specifies which library path the linker should be configured to use.

--target=$LFS_TGT

Because the machine description in the LFS_TGT variable is slightly different than the value returned by the config.guess script, this switch will tell the configure script to adjust Binutil's build system for building a cross linker.

--disable-nls

This disables internationalization as i18n is not needed for the temporary tools.

--disable-werror

This prevents the build from stopping in the event that there are warnings from the host's compiler.

Continue with compiling the package:

make

Compilation is now complete. Ordinarily we would now run the test suite, but at this early stage the test suite framework (Tcl, Expect, and DejaGNU) is not yet in place. The benefits of running the tests at this point are minimal since the programs from this first pass will soon be replaced by those from the second.

If building on x86_64, create a symlink to ensure the sanity of the toolchain:

case $(uname -m) in
  x86_64) mkdir -v /tools/lib && ln -sv lib /tools/lib64 ;;
esac

Install the package:

make install

Details on this package are located in Section 6.16.2, “Contents of Binutils".

GCC-8.2.0 - Pass 1

The GCC package contains the GNU compiler collection, which includes the C and C++ compilers.

Approximate Build Time: 11 SBU

Required Disk Space: 2.9 GB

Installation of Cross GCC

GCC now requires the GMP, MPFR and MPC packages. As these packages may not be included in your host distribution, they will be built with GCC. Unpack each package into the GCC source directory and rename the resulting directories so the GCC build procedures will automatically use them:

Note

There are frequent misunderstandings about this chapter. The procedures are the same as every other chapter as explained earlier (Package build instructions). First extract the gcc tarball from the sources directory and then change to the directory created. Only then should you proceed with the instructions below.

tar -xf ../mpfr-4.0.2.tar.xz
mv -v mpfr-4.0.2 mpfr
tar -xf ../gmp-6.1.2.tar.xz
mv -v gmp-6.1.2 gmp
tar -xf ../mpc-1.1.0.tar.gz
mv -v mpc-1.1.0 mpc

The following command will change the location of GCC's default dynamic linker to use the one installed in /tools. It also removes /usr/include from GCC's include search path. Issue:

for file in gcc/config/{linux,i386/linux{,64}}.h
do
  cp -uv $file{,.orig}
  sed -e 's@/lib\(64\)\?\(32\)\?/ld@/tools&@g' \
      -e 's@/usr@/tools@g' $file.orig > $file
  echo '
#undef STANDARD_STARTFILE_PREFIX_1
#undef STANDARD_STARTFILE_PREFIX_2
#define STANDARD_STARTFILE_PREFIX_1 "/tools/lib/"
#define STANDARD_STARTFILE_PREFIX_2 ""' >> $file
  touch $file.orig
done

In case the above seems hard to follow, let's break it down a bit. First we copy the files gcc/config/linux.h, gcc/config/i386/linux.h, and gcc/config/i368/linux64.h to a file of the same name but with an added suffix of “.orig”. Then the first sed expression prepends “/tools” to every instance of “/lib/ld”, “/lib64/ld” or “/lib32/ld”, while the second one replaces hard-coded instances of “/usr”. Next, we add our define statements which alter the default startfile prefix to the end of the file. Note that the trailing “/” in “/tools/lib/” is required. Finally, we use touch to update the timestamp on the copied files. When used in conjunction with cp -u, this prevents unexpected changes to the original files in case the commands are inadvertently run twice.

Finally, on x86_64 hosts, set the default directory name for 64-bit libraries to “lib”:

case $(uname -m) in
  x86_64)
    sed -e '/m64=/s/lib64/lib/' \
        -i.orig gcc/config/i386/t-linux64
 ;;
esac

The GCC documentation recommends building GCC in a dedicated build directory:

mkdir -v build
cd       build

Prepare GCC for compilation:

../configure                                       \
    --target=$LFS_TGT                              \
    --prefix=/tools                                \
    --with-glibc-version=2.11                      \
    --with-sysroot=$LFS                            \
    --with-newlib                                  \
    --without-headers                              \
    --with-local-prefix=/tools                     \
    --with-native-system-header-dir=/tools/include \
    --disable-nls                                  \
    --disable-shared                               \
    --disable-multilib                             \
    --disable-decimal-float                        \
    --disable-threads                              \
    --disable-libatomic                            \
    --disable-libgomp                              \
    --disable-libmpx                               \
    --disable-libquadmath                          \
    --disable-libssp                               \
    --disable-libvtv                               \
    --disable-libstdcxx                            \
    --enable-languages=c,c++

The meaning of the configure options:

--with-newlib

Since a working C library is not yet available, this ensures that the inhibit_libc constant is defined when building libgcc. This prevents the compiling of any code that requires libc support.

--without-headers

When creating a complete cross-compiler, GCC requires standard headers compatible with the target system. For our purposes these headers will not be needed. This switch prevents GCC from looking for them.

--with-local-prefix=/tools

The local prefix is the location in the system that GCC will search for locally installed include files. The default is /usr/local. Setting this to /tools helps keep the host location of /usr/local out of this GCC's search path.

--with-native-system-header-dir=/tools/include

By default GCC searches /usr/include for system headers. In conjunction with the sysroot switch, this would normally translate to $LFS/usr/include. However the headers that will be installed in the next two sections will go to $LFS/tools/include. This switch ensures that gcc will find them correctly. In the second pass of GCC, this same switch will ensure that no headers from the host system are found.

--disable-shared

This switch forces GCC to link its internal libraries statically. We do this to avoid possible issues with the host system.

--disable-decimal-float, --disable-threads, --disable-libatomic, --disable-libgomp, --disable-libmpx, --disable-libquadmath, --disable-libssp, --disable-libvtv, --disable-libstdcxx

These switches disable support for the decimal floating point extension, threading, libatomic, libgomp, libmpx, libquadmath, libssp, libvtv, and the C++ standard library respectively. These features will fail to compile when building a cross-compiler and are not necessary for the task of cross-compiling the temporary libc.

--disable-multilib

On x86_64, LFS does not yet support a multilib configuration. This switch is harmless for x86.

--enable-languages=c,c++

This option ensures that only the C and C++ compilers are built. These are the only languages needed now.

Compile GCC by running:

make

Compilation is now complete. At this point, the test suite would normally be run, but, as mentioned before, the test suite framework is not in place yet. The benefits of running the tests at this point are minimal since the programs from this first pass will soon be replaced.

Install the package:

make install

Details on this package are located in Section 6.21.2, “Contents of GCC”.

Linux-4.20.12 API Headers

The Linux API Headers (in linux-4.20.12.tar.xz) expose the kernel's API for use by Glibc.

Approximate Build Time: 0.1 SBU

Required Disk Space: 937 MB

Installation of Linux API Headers

The Linux kernel needs to expose an Application Programming Interface (API) for the system's C library (Glibc in LFS) to use. This is done by way of sanitizing various C header files that are shipped in the Linux kernel source tarball.

Make sure there are no stale files embedded in the package:

make mrproper

Now extract the user-visible kernel headers from the source. They are placed in an intermediate local directory and copied to the needed location because the extraction process removes any existing files in the target directory.

make INSTALL_HDR_PATH=dest headers_install
cp -rv dest/include/* /tools/include

Details on this package are located in Section 6.7.2, “Contents of Linux API Headers”.

Glibc-2.29

The Glibc package contains the main C library. This library provides the basic routines for allocating memory, searching directories, opening and closing files, reading and writing files, string handling, pattern matching, arithmetic, and so on.

Approximate Build Time: 5.1 SBU

Required Disk Space: 885 MB

Installation of Glibc

The Glibc documentation recommends building Glibc in a dedicated build directory:

mkdir -v build
cd       build

Next, prepare Glibc for compilation:

../configure                             \
      --prefix=/tools                    \
      --host=$LFS_TGT                    \
      --build=$(../scripts/config.guess) \
      --enable-kernel=3.2                \
      --with-headers=/tools/include

The meaning of the configure options:

--host=$LFS_TGT, --build=$(../scripts/config.guess)

The combined effect of these switches is that Glibc's build system configures itself to cross-compile, using the cross-linker and cross-compiler in /tools.

--enable-kernel=3.2

This tells Glibc to compile the library with support for 3.2 and later Linux kernels. Workarounds for older kernels are not enabled.

--with-headers=/tools/include

This tells Glibc to compile itself against the headers recently installed to the tools directory, so that it knows exactly what features the kernel has and can optimize itself accordingly.

During this stage the following warning might appear:

configure: WARNING:
*** These auxiliary programs are missing or
*** incompatible versions: msgfmt
*** some features will be disabled.
*** Check the INSTALL file for required versions.

The missing or incompatible msgfmt program is generally harmless. This msgfmt program is part of the Gettext package which the host distribution should provide.

Note

There have been reports that this package may fail when building as a "parallel make". If this occurs, rerun the make command with a "-j1" option.

Compile the package:

make

Install the package:

make install

Caution

At this point, it is imperative to stop and ensure that the basic functions (compiling and linking) of the new toolchain are working as expected. To perform a sanity check, run the following commands:

echo 'int main(){}' > dummy.c
$LFS_TGT-gcc dummy.c
readelf -l a.out | grep ': /tools'

If everything is working correctly, there should be no errors, and the output of the last command will be of the form:

[Requesting program interpreter: /tools/lib64/ld-linux-x86-64.so.2]

Note that for 32-bit machines, the interpreter name will be /tools/lib/ld-linux.so.2.

If the output is not shown as above or there was no output at all, then something is wrong. Investigate and retrace the steps to find out where the problem is and correct it. This issue must be resolved before continuing on.

Once all is well, clean up the test files:

rm -v dummy.c a.out

Note

Building Binutils in the section after next will serve as an additional check that the toolchain has been built properly. If Binutils fails to build, it is an indication that something has gone wrong with the previous Binutils, GCC, or Glibc installations.

Details on this package are located in Section 6.9.3, “Contents of Glibc”.

Libstdc++ from GCC-8.2.0

Libstdc++ is the standard C++ library. It is needed to compile C++ code (part of GCC is written in C++), but we had to defer its installation when we built gcc-pass1 because it depends on glibc, which was not yet available in /tools.

Approximate Build Time: 0.5 SBU

Required Disk Space: 803 MB

Installation of Target Libstdc++

Note

Libstdc++ is part of the GCC sources. You should first unpack the GCC tarball and change to the gcc-8.2.0 directory.

Create a separate build directory for Libstdc++ and enter it:

mkdir -v build
cd       build

Prepare Libstdc++ for compilation:

../libstdc++-v3/configure           \
    --host=$LFS_TGT                 \
    --prefix=/tools                 \
    --disable-multilib              \
    --disable-nls                   \
    --disable-libstdcxx-threads     \
    --disable-libstdcxx-pch         \
    --with-gxx-include-dir=/tools/$LFS_TGT/include/c++/8.2.0

The meaning of the configure options:

--host=...

Indicates to use the cross compiler we have just built instead of the one in /usr/bin. _ --disable-libstdcxx-threads_

Since we have not yet built the C threads library, the C++ one cannot be built either.

--disable-libstdcxx-pch

This switch prevents the installation of precompiled include files, which are not needed at this stage.

--with-gxx-include-dir=/tools/$LFS_TGT/include/c++/8.2.0

This is the location where the standard include files are searched by the C++ compiler. In a normal build, this information is automatically passed to the Libstdc++ configure options from the top level directory. In our case, this information must be explicitly given.

Compile libstdc++ by running:

make

Install the library:

make install

Details on this package are located in Section 6.21.2, “Contents of GCC”.

Binutils-2.32 - Pass 2

The Binutils package contains a linker, an assembler, and other tools for handling object files.

Approximate Build Time: 1.1 SBU

Required Disk Space: 598 MB

Installation of Binutils

Create a separate build directory again:

 mkdir -v build
cd       build

Prepare Binutils for compilation:

CC=$LFS_TGT-gcc                \
AR=$LFS_TGT-ar                 \
RANLIB=$LFS_TGT-ranlib         \
../configure                   \
    --prefix=/tools            \
    --disable-nls              \
    --disable-werror           \
    --with-lib-path=/tools/lib \
    --with-sysroot

The meaning of the new configure options:

CC=$LFS_TGT-gcc AR=$LFS_TGT-ar RANLIB=$LFS_TGT-ranlib

Because this is really a native build of Binutils, setting these variables ensures that the build system uses the cross-compiler and associated tools instead of the ones on the host system.

--with-lib-path=/tools/lib

This tells the configure script to specify the library search path during the compilation of Binutils, resulting in /tools/lib being passed to the linker. This prevents the linker from searching through library directories on the host.

--with-sysroot

The sysroot feature enables the linker to find shared objects which are required by other shared objects explicitly included on the linker's command line. Without this, some packages may not build successfully on some hosts.

Compile the package:

make

Install the package:

make install

Now prepare the linker for the “Re-adjusting” phase in the next chapter:

make -C ld clean
make -C ld LIB_PATH=/usr/lib:/lib
cp -v ld/ld-new /tools/bin

The meaning of the make parameters:

-C ld clean

This tells the make program to remove all compiled files in the ld subdirectory.

-C ld LIB_PATH=/usr/lib:/lib

This option rebuilds everything in the ld subdirectory. Specifying the LIB_PATH Makefile variable on the command line allows us to override the default value of the temporary tools and point it to the proper final path. The value of this variable specifies the linker's default library search path. This preparation is used in the next chapter.

Details on this package are located in Section 6.16.2, “Contents of Binutils”.

GCC-8.2.0 - Pass 2

The GCC package contains the GNU compiler collection, which includes the C and C++ compilers.

Approximate Build Time: 14 SBU

Required Disk Space: 3.4 GB

Installation of GCC

Our first build of GCC has installed a couple of internal system headers. Normally one of them, limits.h, will in turn include the corresponding system limits.h header, in this case, /tools/include/limits.h. However, at the time of the first build of gcc /tools/include/limits.h did not exist, so the internal header that GCC installed is a partial, self-contained file and does not include the extended features of the system header. This was adequate for building the temporary libc, but this build of GCC now requires the full internal header. Create a full version of the internal header using a command that is identical to what the GCC build system does in normal circumstances:

cat gcc/limitx.h gcc/glimits.h gcc/limity.h > \
 `dirname $($LFS_TGT-gcc -print-libgcc-file-name)`/include-fixed/limits.h

Once again, change the location of GCC's default dynamic linker to use the one installed in /tools.

for file in gcc/config/{linux,i386/linux{,64}}.h
do
cp -uv $file{,.orig}
  sed -e 's@/lib\(64\)\?\(32\)\?/ld@/tools&@g' \
      -e 's@/usr@/tools@g' $file.orig > $file
  echo '
#undef STANDARD_STARTFILE_PREFIX_1
#undef STANDARD_STARTFILE_PREFIX_2
#define STANDARD_STARTFILE_PREFIX_1 "/tools/lib/"
#define STANDARD_STARTFILE_PREFIX_2 ""' >> $file
touch \$file.orig
done

If building on x86_64, change the default directory name for 64-bit libraries to “lib”:

case \$(uname -m) in
x86_64)
sed -e '/m64=/s/lib64/lib/' \
 -i.orig gcc/config/i386/t-linux64
;;
esac

As in the first build of GCC it requires the GMP, MPFR and MPC packages. Unpack the tarballs and move them into the required directory names:

tar -xf ../mpfr-4.0.2.tar.xz
mv -v mpfr-4.0.2 mpfr
tar -xf ../gmp-6.1.2.tar.xz
mv -v gmp-6.1.2 gmp
tar -xf ../mpc-1.1.0.tar.gz
mv -v mpc-1.1.0 mpc

Create a separate build directory again:

mkdir -v build
cd build

Before starting to build GCC, remember to unset any environment variables that override the default optimization flags.

Now prepare GCC for compilation:

CC=$LFS_TGT-gcc                                    \
CXX=$LFS_TGT-g++ \
AR=$LFS_TGT-ar                                     \
RANLIB=$LFS_TGT-ranlib \
../configure \
 --prefix=/tools \
 --with-local-prefix=/tools \
 --with-native-system-header-dir=/tools/include \
 --enable-languages=c,c++ \
 --disable-libstdcxx-pch \
 --disable-multilib \
 --disable-bootstrap \
 --disable-libgomp

The meaning of the new configure options:

--enable-languages=c,c++

This option ensures that both the C and C++ compilers are built.

--disable-libstdcxx-pch

Do not build the pre-compiled header (PCH) for libstdc++. It takes up a lot of space, and we have no use for it.

--disable-bootstrap

For native builds of GCC, the default is to do a "bootstrap" build. This does not just compile GCC, but compiles it several times. It uses the programs compiled in a first round to compile itself a second time, and then again a third time. The second and third iterations are compared to make sure it can reproduce itself flawlessly. This also implies that it was compiled correctly. However, the LFS build method should provide a solid compiler without the need to bootstrap each time.

Compile the package:

make
``

Install the package:

```sh
make install

As a finishing touch, create a symlink. Many programs and scripts run cc instead of gcc, which is used to keep programs generic and therefore usable on all kinds of UNIX systems where the GNU C compiler is not always installed. Running cc leaves the system administrator free to decide which C compiler to install:

ln -sv gcc /tools/bin/cc

Caution

At this point, it is imperative to stop and ensure that the basic functions (compiling and linking) of the new toolchain are working as expected. To perform a sanity check, run the following commands:

echo 'int main(){}' > dummy.c
cc dummy.c
readelf -l a.out | grep ': /tools'

If everything is working correctly, there should be no errors, and the output of the last command will be of the form:

[Requesting program interpreter: /tools/lib64/ld-linux-x86-64.so.2]

Note that the dynamic linker will be /tools/lib/ld-linux.so.2 for 32-bit machines.

If the output is not shown as above or there was no output at all, then something is wrong. Investigate and retrace the steps to find out where the problem is and correct it. This issue must be resolved before continuing on. First, perform the sanity check again, using gcc instead of cc. If this works, then the /tools/bin/cc symlink is missing. Install the symlink as per above. Next, ensure that the PATH is correct. This can be checked by running echo $PATH and verifying that /tools/bin is at the head of the list. If the PATH is wrong it could mean that you are not logged in as user lfs or that something went wrong back in Section 4.4, “Setting Up the Environment”.

Once all is well, clean up the test files:

rm -v dummy.c a.out

Details on this package are located in Section 6.16.2, “Contents of GCC.

Tcl-8.6.9

The Tcl package contains the Tool Command Language.

Approximate Build Time: 0.9 SBU

Required Disk Space: 66 MB

Installation of Tcl

This package and the next two (Expect and DejaGNU) are installed to support running the test suites for GCC and Binutils and other packages. Installing three packages for testing purposes may seem excessive, but it is very reassuring, if not essential, to know that the most important tools are working properly. Even if the test suites are not run in this chapter (they are not mandatory), these packages are required to run the test suites in Chapter 6.

Note that the Tcl package used here is a minimal version needed to run the LFS tests. For the full package, see the BLFS Tcl procedures.

Prepare Tcl for compilation:

cd unix
./configure --prefix=/tools

Build the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Tcl test suite anyway, issue the following command:

TZ=UTC make test

The Tcl test suite may experience failures under certain host conditions that are not fully understood. Therefore, test suite failures here are not surprising, and are not considered critical. The TZ=UTC parameter sets the time zone to Coordinated Universal Time (UTC), but only for the duration of the test suite run. This ensures that the clock tests are exercised correctly. Details on the TZ environment variable are provided in Chapter 7.

Install the package:

make install

Make the installed library writable so debugging symbols can be removed later:

chmod -v u+w /tools/lib/libtcl8.6.so

Install Tcl's headers. The next package, Expect, requires them to build.

make install-private-headers

Now make a necessary symbolic link:

ln -sv tclsh8.6 /tools/bin/tclsh

Contents of Tcl

Installed Programs: tclsh (link to tclsh8.6) and tclsh8.6

Installed Library: libtcl8.6.so, libtclstub8.6.a

Installed	Description
tclsh8.6	The Tcl command shell
tclsh	A link to tclsh8.6
libtcl8.6.so	The Tcl library
libtclstub8.6.a	The Tcl Stub library

Expect-5.45.4

The Expect package contains a program for carrying out scripted dialogues with other interactive programs.

Approximate Build Time: 0.1 SBU

Required Disk Space: 3.9 MB

Installation of Expect

First, force Expect's configure script to use /bin/stty instead of a /usr/local/bin/stty it may find on the host system. This will ensure that our test suite tools remain sane for the final builds of our toolchain:

cp -v configure{,.orig}
sed 's:/usr/local/bin:/bin:' configure.orig > configure

Now prepare Expect for compilation:

./configure --prefix=/tools \
 --with-tcl=/tools/lib \
 --with-tclinclude=/tools/include

The meaning of the configure options:

--with-tcl=/tools/lib

This ensures that the configure script finds the Tcl installation in the temporary tools location instead of possibly locating an existing one on the host system.

--with-tclinclude=/tools/include

This explicitly tells Expect where to find Tcl's internal headers. Using this option avoids conditions where configure fails because it cannot automatically discover the location of Tcl's headers.

Build the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Expect test suite anyway, issue the following command:

make test

Note that the Expect test suite is known to experience failures under certain host conditions that are not within our control. Therefore, test suite failures here are not surprising and are not considered critical.

Install the package:

make SCRIPTS="" install

The meaning of the make parameter:

SCRIPTS=""

This prevents installation of the supplementary Expect scripts, which are not needed.

Contents of Expect

Installed Programs: expect

Installed Library: libexpect-5.45.so

Installed	Descriptions
expect	Communicates with other interactive programs according to a script
libexpect-5.45.so	Contains functions that allow Expect to be used as a Tcl extension or to be used directly from C or C++ (without Tcl)

DejaGNU-1.6.2

The DejaGNU package contains a framework for testing other programs.

Approximate Build Time: less than 0.1 SBU

Required Disk Space: 3.2 MB

Installation of DejaGNU

Prepare DejaGNU for compilation:

./configure --prefix=/tools

Build and install the package:

make install

To test the results, issue:

make check

Contents of DejaGNU

Installed Programs: runtest

Installed	Descriptions
runtest	A wrapper script that locates the proper expect shell and then runs DejaGNU

M4-1.4.18

The M4 package contains a macro processor.

Approximate Build Time: 0.2 SBU

Required Disk Space: 20 MB

Installation of M4

First, make some fixes required by glibc-2.28:

sed -i 's/IO_ftrylockfile/IO_EOF_SEEN/' lib/\*.c
echo "#define \_IO_IN_BACKUP 0x100" >> lib/stdio-impl.h

Prepare M4 for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the M4 test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.14.2, “Contents of M4”.

Ncurses-6.1

The Ncurses package contains libraries for terminal-independent handling of character screens.

Approximate Build Time: 0.6 SBU

Required Disk Space: 41 MB

Installation of Ncurses

First, ensure that gawk is found first during configuration:

sed -i s/mawk// configure

Prepare Ncurses for compilation:

./configure --prefix=/tools \
 --with-shared \
 --without-debug \
 --without-ada \
 --enable-widec \
 --enable-overwrite

The meaning of the configure options:

--without-ada

This ensures that Ncurses does not build support for the Ada compiler which may be present on the host but will not be available once we enter the chroot environment.

--enable-overwrite

This tells Ncurses to install its header files into /tools/include, instead of /tools/include/ncurses, to ensure that other packages can find the Ncurses headers successfully.

--enable-widec

This switch causes wide-character libraries (e.g., libncursesw.so.6.1) to be built instead of normal ones (e.g., libncurses.so.6.1). These wide-character libraries are usable in both multibyte and traditional 8-bit locales, while normal libraries work properly only in 8-bit locales. Wide-character and normal libraries are source-compatible, but not binary-compatible.

Compile the package:

make

This package has a test suite, but it can only be run after the package has been installed. The tests reside in the test/ directory. See the README file in that directory for further details.

Install the package:

make install
ln -s libncursesw.so /tools/lib/libncurses.so

Details on this package are located in Section 6.24.2, “Contents of Ncurses”.

Bash-5.0

The Bash package contains the Bourne-Again SHell.

Approximate Build Time: 0.4 SBU

Required Disk Space: 67 MB

Installation of Bash

Prepare Bash for compilation:

./configure --prefix=/tools --without-bash-malloc

The meaning of the configure options:

--without-bash-malloc

This option turns off the use of Bash's memory allocation (malloc) function which is known to cause segmentation faults. By turning this option off, Bash will use the malloc functions from Glibc which are more stable.

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Bash test suite anyway, issue the following command:

make tests

Install the package:

make install

Make a link for the programs that use sh for a shell:

ln -sv bash /tools/bin/sh

Details on this package are located in Section 6.34.2, “Contents of Bash”.

Bison-3.3.2

The Bison package contains a parser generator.

Approximate Build Time: 0.3 SBU

Required Disk Space: 37 MB

Installation of Bison

Prepare Bison for compilation:

./configure --prefix=/tools

Compile the package:

make

To test the results, issue:

make check

Install the package:

make install

Details on this package are located in Section 6.31.2, “Contents of Bison”.

Bzip2-1.0.6

The Bzip2 package contains programs for compressing and decompressing files. Compressing text files with bzip2 yields a much better compression percentage than with the traditional gzip.

Approximate Build Time: 0.1 SBU

Required Disk Space: 5.5 MB

Installation of Bzip2

The Bzip2 package does not contain a configure script. Compile and test it with:

make

Install the package:

make PREFIX=/tools install

Details on this package are located in Section 6.22.2, “Contents of Bzip2”.

Coreutils-8.30

The Coreutils package contains utilities for showing and setting the basic system characteristics.

Approximate Build Time: 0.8 SBU

Required Disk Space: 148 MB

Installation of Coreutils

Prepare Coreutils for compilation:

./configure --prefix=/tools --enable-install-program=hostname

The meaning of the configure options:

--enable-install-program=hostname

This enables the hostname binary to be built and installed – it is disabled by default but is required by the Perl test suite.

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Coreutils test suite anyway, issue the following command:

make RUN_EXPENSIVE_TESTS=yes check

The RUN_EXPENSIVE_TESTS=yes parameter tells the test suite to run several additional tests that are considered relatively expensive (in terms of CPU power and memory usage) on some platforms, but generally are not a problem on Linux.

Install the package:

make install

Details on this package are located in Section 6.54.2, “Contents of Coreutils”.

Diffutils-3.7

The Diffutils package contains programs that show the differences between files or directories.

Approximate Build Time: 0.2 SBU

Required Disk Space: 26 MB

Installation of Diffutils

Prepare Diffutils for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Diffutils test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.56.2, “Contents of Diffutils”.

File-5.36

The File package contains a utility for determining the type of a given file or files.

Approximate Build Time: 0.1 SBU

Required Disk Space: 18 MB

Installation of File

Prepare File for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the File test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.12.2, “Contents of File”.

Findutils-4.6.0

The Findutils package contains programs to find files. These programs are provided to recursively search through a directory tree and to create, maintain, and search a database (often faster than the recursive find, but unreliable if the database has not been recently updated).

Approximate Build Time: 0.3 SBU

Required Disk Space: 36 MB

Installation of Findutils

First, make some fixes required by glibc-2.28:

sed -i 's/IO_ftrylockfile/IO_EOF_SEEN/' gl/lib/*.c
sed -i '/unistd/a #include <sys/sysmacros.h>' gl/lib/mountlist.c
echo "#define _IO_IN_BACKUP 0x100" >> gl/lib/stdio-impl.h

Prepare Findutils for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Findutils test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.58.2, “Contents of Findutils”.

Gawk-4.2.1

The Gawk package contains programs for manipulating text files.

Approximate Build Time: 0.2 SBU

Required Disk Space: 43 MB

Installation of Gawk

Prepare Gawk for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Gawk test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.57.2, “Contents of Gawk”.

Gettext-0.19.8.1

The Gettext package contains utilities for internationalization and localization. These allow programs to be compiled with NLS (Native Language Support), enabling them to output messages in the user's native language.

Approximate Build Time: 0.9 SBU

Required Disk Space: 173 MB

Installation of Gettext

For our temporary set of tools, we only need to build and install three programs from Gettext.

Prepare Gettext for compilation:

cd gettext-tools
EMACS="no" ./configure --prefix=/tools --disable-shared

The meaning of the configure option:

EMACS="no"

This prevents the configure script from determining where to install Emacs Lisp files as the test is known to hang on some hosts.

--disable-shared

We do not need to install any of the shared Gettext libraries at this time, therefore there is no need to build them.

Compile the package:

make -C gnulib-lib
make -C intl pluralx.c
make -C src msgfmt
make -C src msgmerge
make -C src xgettext

As only three programs have been compiled, it is not possible to run the test suite without compiling additional support libraries from the Gettext package. It is therefore not recommended to attempt to run the test suite at this stage.

Install the msgfmt, msgmerge, and xgettext programs:

cp -v src/{msgfmt,msgmerge,xgettext} /tools/bin

Details on this package are located in Section 6.47.2, “Contents of Gettext”.

Grep-3.3

The Grep package contains programs for searching through files.

Approximate Build Time: 0.2 SBU

Required Disk Space: 24 MB

Installation of Grep

Prepare Grep for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Grep test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.33.2, “Contents of Grep”.

Gzip-1.10

The Gzip package contains programs for compressing and decompressing files.

Approximate Build Time: 0.1 SBU

Required Disk Space: 10 MB

Installation of Gzip

Prepare Gzip for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Gzip test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.62.2, “Contents of Gzip”.

Make-4.2.1

The Make package contains a program for compiling packages.

Approximate Build Time: 0.1 SBU

Required Disk Space: 13 MB

Installation of Make

First, work around an error caused by glibc-2.27 and later:

sed -i '211,217 d; 219,229 d; 232 d' glob/glob.c

Prepare Make for compilation:

./configure --prefix=/tools --without-guile

The meaning of the configure option:

--without-guile

This ensures that Make-4.2.1 won't link against Guile libraries, which may be present on the host system, but won't be available within the chroot environment in the next chapter.

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Make test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.66.2, “Contents of Make”.

Patch-2.7.6

The Patch package contains a program for modifying or creating files by applying a “patch” file typically created by the diff program.

Approximate Build Time: 0.2 SBU

Required Disk Space: 12 MB

Installation of Patch

Prepare Patch for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Patch test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.67.2, “Contents of Patch”.

Perl-5.28.1

The Perl package contains the Practical Extraction and Report Language.

Approximate Build Time: 1.6 SBU

Required Disk Space: 275 MB

Installation of Perl

Prepare Perl for compilation:

sh Configure -des -Dprefix=/tools -Dlibs=-lm -Uloclibpth -Ulocincpth

The meaning of the Configure options:

-des

This is a combination of three options: -d uses defaults for all items; -e ensures completion of all tasks; -s silences non-essential output.

-Uloclibpth amd -Ulocincpth

These entries undefine variables that cause the configuration to search for locally installed components that may exist on the host system.

Build the package:

make

Although Perl comes with a test suite, it would be better to wait until it is installed in the next chapter.

Only a few of the utilities and libraries need to be installed at this time:

cp -v perl cpan/podlators/scripts/pod2man /tools/bin
mkdir -pv /tools/lib/perl5/5.28.1
cp -Rv lib/\* /tools/lib/perl5/5.28.1

Details on this package are located in Section 6.40.2, “Contents of Perl”.

Python-3.7.2

The Python 3 package contains the Python development environment. It is useful for object-oriented programming, writing scripts, prototyping large programs or developing entire applications.

Approximate Build Time: 1.5 SBU

Required Disk Space: 371 MB

Installation of Python

This package first builds the Python interpreter, then some standard Python modules. The main script for building modules is written in Python, and uses hard-coded paths to the host /usr/include and /usr/lib directories. To prevent them from being used, issue:

sed -i '/def add_multiarch_paths/a \        return' setup.py

Prepare Python for compilation:

./configure --prefix=/tools --without-ensurepip

The meaning of the configure option:

--without-ensurepip

This switch disables the Python installer, which is not needed at this stage.

Compile the package:

make

Compilation is now complete. The test suite requires TK and and X Windows and cannot be run at this time.

Install the package:

make install

Details on this package are located in Section 6.51.2, “Contents of Python 3”.

Sed-4.7

The Sed package contains a stream editor.

Approximate Build Time: 0.2 SBU

Required Disk Space: 20 MB

Installation of Sed

Prepare Sed for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Sed test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.28.2, “Contents of Sed”.

Tar-1.31

The Tar package contains an archiving program.

Approximate Build Time: 0.3 SBU

Required Disk Space: 38 MB

Installation of Tar

Prepare Tar for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Tar test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.69.2, “Contents of Tar”.

Texinfo-6.5

The Texinfo package contains programs for reading, writing, and converting info pages.

Approximate Build Time: 0.3 SBU

Required Disk Space: 104 MB

Installation of Texinfo

Prepare Texinfo for compilation:

./configure --prefix=/tools

Note

As part of the configure process, a test is made that indicates an error for TestXS_la-TestXS.lo. This is not relevant for LFS and should be ignored.

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Texinfo test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.70.2, “Contents of Texinfo”.

Util-linux-2.33.1

The Util-linux package contains miscellaneous utility programs.

Approximate Build Time: 1 SBU

Required Disk Space: 147 MB

Installation of Util-linux

Prepare Util-linux for compilation:

./configure --prefix=/tools                \
            --without-python               \
            --disable-makeinstall-chown    \
            --without-systemdsystemunitdir \
            --without-ncurses              \
            PKG_CONFIG=""

The meaning of the configure option:

--without-python

This switch disables using Python if it is installed on the host system. It avoids trying to build unneeded bindings.

--disable-makeinstall-chown

This switch disables using the chown command during installation. This is not needed when installing into the /tools directory and avoids the necessity of installing as root.

--without-ncurses

This switch disables using the ncurses library for the build process. This is not needed when installing into the /tools directory and avoids problems on some host distros.

--without-systemdsystemunitdir

On systems that use systemd, the package tries to install a systemd specific file to a non-existent directory in /tools. This switch disables the unnecessary action.

PKG_CONFIG=""

Setting this environment variable prevents adding unneeded features that may be available on the host. Note that the location shown for setting this environment variable is different from other LFS sections where variables are set preceding the command. This location is shown to demonstrate an alternative way of setting an environment variable when using configure.

Compile the package:

make

Install the package:

make install

Details on this package are located in Section 6.75.3, “Contents of Util-linux”.

Xz-5.2.4

The Xz package contains programs for compressing and decompressing files. It provides capabilities for the lzma and the newer xz compression formats. Compressing text files with xz yields a better compression percentage than with the traditional gzip or bzip2 commands.

Approximate Build Time: 0.2 SBU

Required Disk Space: 18 MB

Installation of Xz

Prepare Xz for compilation:

./configure --prefix=/tools

Compile the package:

make

Compilation is now complete. As discussed earlier, running the test suite is not mandatory for the temporary tools here in this chapter. To run the Xz test suite anyway, issue the following command:

make check

Install the package:

make install

Details on this package are located in Section 6.45.2, “Contents of Xz”.

Stripping

The steps in this section are optional, but if the LFS partition is rather small, it is beneficial to learn that unnecessary items can be removed. The executables and libraries built so far contain about 70 MB of unneeded debugging symbols. Remove those symbols with:

strip --strip-debug /tools/lib/_
/usr/bin/strip --strip-unneeded /tools/{,s}bin/_

These commands will skip a number of files, reporting that it does not recognize their file format. Most of these are scripts instead of binaries. Also use the system strip command to include the strip binary in /tools.

Take care not to use --strip-unneeded on the libraries. The static ones would be destroyed and the toolchain packages would need to be built all over again.

To save more, remove the documentation:

rm -rf /tools/{,share}/{info,man,doc}

Remove unneeded files:

find /tools/{lib,libexec} -name \*.la -delete

At this point, you should have at least 3 GB of free space in $LFS that can be used to build and install Glibc and Gcc in the next phase. If you can build and install Glibc, you can build and install the rest too.

Changing Ownership

Note

The commands in the remainder of this book must be performed while logged in as user root and no longer as user lfs. Also, double check that $LFS is set in root's environment.

Currently, the \$LFS/tools directory is owned by the user lfs, a user that exists only on the host system. If the \$LFS/tools directory is kept as is, the files are owned by a user ID without a corresponding account. This is dangerous because a user account created later could get this same user ID and would own the \$LFS/tools directory and all the files therein, thus exposing these files to possible malicious manipulation.

To avoid this issue, you could add the lfs user to the new LFS system later when creating the /etc/passwd file, taking care to assign it the same user and group IDs as on the host system. Better yet, change the ownership of the \$LFS/tools directory to user root by running the following command:

chown -R root:root $LFS/tools

Although the $LFS/tools directory can be deleted once the LFS system has been finished, it can be retained to build additional LFS systems of the same book version. How best to backup $LFS/tools is a matter of personal preference.

Caution

If you intend to keep the temporary tools for use in building future LFS systems, now is the time to back them up. Subsequent commands in chapter 6 will alter the tools currently in place, rendering them useless for future builds.

Installing Basic System Software

Table of Contents

• Introduction
• Preparing Virtual Kernel File Systems
• Package Management
• Entering the Chroot Environment
• Creating Directories
• Creating Essential Files and Symlinks
• Linux-4.20.12 API Headers
• Man-pages-4.16
• Glibc-2.29
• Adjusting the Toolchain
• Zlib-1.2.11
• File-5.36
• Readline-8.0
• M4-1.4.18
• Bc-1.07.1
• Binutils-2.32
• GMP-6.1.2
• MPFR-4.0.2
• MPC-1.1.0
• Shadow-4.6
• GCC-8.2.0
• Bzip2-1.0.6
• Pkg-config-0.29.2
• Ncurses-6.1
• Attr-2.4.48
• Acl-2.2.53
• Libcap-2.26
• Sed-4.7
• Psmisc-23.2
• Iana-Etc-2.30
• Bison-3.3.2
• Flex-2.6.4
• Grep-3.3
• Bash-5.0
• Libtool-2.4.6
• GDBM-1.18.1
• Gperf-3.1
• Expat-2.2.6
• Inetutils-1.9.4
• Perl-5.28.1
• XML::Parser-2.44
• Intltool-0.51.0
• Autoconf-2.69
• Automake-1.16.1
• Xz-5.2.4
• Kmod-26
• Gettext-0.19.8.1
• Libelf from Elfutils-0.176
• Libffi-3.2.1
• OpenSSL-1.1.1a
• Python-3.7.2
• Ninja-1.9.0
• Meson-0.49.2
• Coreutils-8.30
• Check-0.12.0
• Diffutils-3.7
• Gawk-4.2.1
• Findutils-4.6.0
• Groff-1.22.4
• GRUB-2.02
• Less-530
• Gzip-1.10
• IPRoute2-4.20.0
• Kbd-2.0.4
• Libpipeline-1.5.1
• Make-4.2.1
• Patch-2.7.6
• Man-DB-2.8.5
• Tar-1.31
• Texinfo-6.5
• Vim-8.1
• Systemd-240
• D-Bus-1.12.12
• Procps-ng-3.3.15
• Util-linux-2.33.1
• E2fsprogs-1.44.5
• About Debugging Symbols
• Stripping Again
• Cleaning Up

Introduction

In this chapter, we enter the building site and start constructing the LFS system in earnest. That is, we chroot into the temporary mini Linux system, make a few final preparations, and then begin installing the packages.

The installation of this software is straightforward. Although in many cases the installation instructions could be made shorter and more generic, we have opted to provide the full instructions for every package to minimize the possibilities for mistakes. The key to learning what makes a Linux system work is to know what each package is used for and why you (or the system) may need it.

We do not recommend using optimizations. They can make a program run slightly faster, but they may also cause compilation difficulties and problems when running the program. If a package refuses to compile when using optimization, try to compile it without optimization and see if that fixes the problem. Even if the package does compile when using optimization, there is the risk it may have been compiled incorrectly because of the complex interactions between the code and build tools. Also note that the -march and -mtune options using values not specified in the book have not been tested. This may cause problems with the toolchain packages (Binutils, GCC and Glibc). The small potential gains achieved in using compiler optimizations are often outweighed by the risks. First-time builders of LFS are encouraged to build without custom optimizations. The subsequent system will still run very fast and be stable at the same time.

The order that packages are installed in this chapter needs to be strictly followed to ensure that no program accidentally acquires a path referring to /tools hard-wired into it. For the same reason, do not compile separate packages in parallel. Compiling in parallel may save time (especially on dual-CPU machines), but it could result in a program containing a hard-wired path to /tools, which will cause the program to stop working when that directory is removed.

Before the installation instructions, each installation page provides information about the package, including a concise description of what it contains, approximately how long it will take to build, and how much disk space is required during this building process. Following the installation instructions, there is a list of programs and libraries (along with brief descriptions of these) that the package installs.

Note

The SBU values and required disk space includes test suite data for all applicable packages in Chapter 6.

About libraries

In general, the LFS editors discourage building and installing static libraries. The original purpose for most static libraries has been made obsolete in a modern Linux system. In addition linking a static library into a program can be detrimental. If an update to the library is needed to remove a security problem, all programs that use the static library will need to be relinked to the new library. Since the use of static libraries is not always obvious, the relevant programs (and the procedures needed to do the linking) may not even be known.

In the procedures in Chapter 6, we remove or disable installation of most static libraries. Usually this is done by passing a --disable-static option to configure. In other cases, alternate means are needed. In a few cases, especially glibc and gcc, the use of static libraries remains essential to the general package building process.

For a more complete discussion of libraries, see the discussion Libraries: Static or shared? in the BLFS book.

Preparing Virtual Kernel File Systems

Various file systems exported by the kernel are used to communicate to and from the kernel itself. These file systems are virtual in that no disk space is used for them. The content of the file systems resides in memory.

Begin by creating directories onto which the file systems will be mounted:

mkdir -pv $LFS/{dev,proc,sys,run}

Creating Initial Device Nodes

When the kernel boots the system, it requires the presence of a few device nodes, in particular the console and null devices. The device nodes must be created on the hard disk so that they are available before udevd has been started, and additionally when Linux is started with init=/bin/bash. Create the devices by running the following commands:

mknod -m 600 $LFS/dev/console c 5 1
mknod -m 666 $LFS/dev/null c 1 3

Mounting and Populating /dev

The recommended method of populating the /dev directory with devices is to mount a virtual filesystem (such as tmpfs) on the /dev directory, and allow the devices to be created dynamically on that virtual filesystem as they are detected or accessed. Device creation is generally done during the boot process by Udev. Since this new system does not yet have Udev and has not yet been booted, it is necessary to mount and populate /dev manually. This is accomplished by bind mounting the host system's /dev directory. A bind mount is a special type of mount that allows you to create a mirror of a directory or mount point to some other location. Use the following command to achieve this:

mount -v --bind /dev $LFS/dev

Mounting Virtual Kernel File Systems

Now mount the remaining virtual kernel filesystems:

mount -vt devpts devpts $LFS/dev/pts -o gid=5,mode=620
mount -vt proc proc $LFS/proc
mount -vt sysfs sysfs $LFS/sys
mount -vt tmpfs tmpfs $LFS/run

The meaning of the mount options for devpts:

gid=5

This ensures that all devpts-created device nodes are owned by group ID 5. This is the ID we will use later on for the tty group. We use the group ID instead of a name, since the host system might use a different ID for its tty group.

mode=0620

This ensures that all devpts-created device nodes have mode 0620 (user readable and writable, group writable). Together with the option above, this ensures that devpts will create device nodes that meet the requirements of grantpt(), meaning the Glibc pt_chown helper binary (which is not installed by default) is not necessary.

In some host systems, /dev/shm is a symbolic link to /run/shm. The /run tmpfs was mounted above so in this case only a directory needs to be created.

if [ -h $LFS/dev/shm ]; then
 mkdir -pv $LFS/$(readlink $LFS/dev/shm)
fi

Package Management

Package Management is an often requested addition to the LFS Book. A Package Manager allows tracking the installation of files making it easy to remove and upgrade packages. As well as the binary and library files, a package manager will handle the installation of configuration files. Before you begin to wonder, NO—this section will not talk about nor recommend any particular package manager. What it provides is a roundup of the more popular techniques and how they work. The perfect package manager for you may be among these techniques or may be a combination of two or more of these techniques. This section briefly mentions issues that may arise when upgrading packages.

Some reasons why no package manager is mentioned in LFS or BLFS include:

• Dealing with package management takes the focus away from the goals of these books—teaching how a Linux system is built.

• There are multiple solutions for package management, each having its strengths and drawbacks. Including one that satisfies all audiences is difficult.

There are some hints written on the topic of package management. Visit the Hints Project and see if one of them fits your need.

Upgrade Issues

A Package Manager makes it easy to upgrade to newer versions when they are released. Generally the instructions in the LFS and BLFS Book can be used to upgrade to the newer versions. Here are some points that you should be aware of when upgrading packages, especially on a running system.

• If Glibc needs to be upgraded to a newer version, (e.g. from glibc-2.19 to glibc-2.20), it is safer to rebuild LFS. Though you may be able to rebuild all the packages in their dependency order, we do not recommend it.

• If a package containing a shared library is updated, and if the name of the library changes, then all the packages dynamically linked to the library need to be recompiled to link against the newer library. (Note that there is no correlation between the package version and the name of the library.) For example, consider a package foo-1.2.3 that installs a shared library with name libfoo.so.1. Say you upgrade the package to a newer version foo-1.2.4 that installs a shared library with name libfoo.so.2. In this case, all packages that are dynamically linked to libfoo.so.1 need to be recompiled to link against libfoo.so.2. Note that you should not remove the previous libraries until the dependent packages are recompiled.

Package Management Techniques

The following are some common package management techniques. Before making a decision on a package manager, do some research on the various techniques, particularly the drawbacks of the particular scheme.

It is All in My Head!

Yes, this is a package management technique. Some folks do not find the need for a package manager because they know the packages intimately and know what files are installed by each package. Some users also do not need any package management because they plan on rebuilding the entire system when a package is changed.

Install in Separate Directories

This is a simplistic package management that does not need any extra package to manage the installations. Each package is installed in a separate directory. For example, package foo-1.1 is installed in /usr/pkg/foo-1.1 and a symlink is made from /usr/pkg/foo to /usr/pkg/foo-1.1. When installing a new version foo-1.2, it is installed in /usr/pkg/foo-1.2 and the previous symlink is replaced by a symlink to the new version.

Environment variables such as PATH, LD_LIBRARY_PATH, MANPATH, INFOPATH and CPPFLAGS need to be expanded to include /usr/pkg/foo. For more than a few packages, this scheme becomes unmanageable.

Symlink Style Package Management

This is a variation of the previous package management technique. Each package is installed similar to the previous scheme. But instead of making the symlink, each file is symlinked into the /usr hierarchy. This removes the need to expand the environment variables. Though the symlinks can be created by the user to automate the creation, many package managers have been written using this approach. A few of the popular ones include Stow, Epkg, Graft, and Depot.

The installation needs to be faked, so that the package thinks that it is installed in /usr though in reality it is installed in the /usr/pkg hierarchy. Installing in this manner is not usually a trivial task. For example, consider that you are installing a package libfoo-1.1. The following instructions may not install the package properly:

./configure --prefix=/usr/pkg/libfoo/1.1
make
make install

The installation will work, but the dependent packages may not link to libfoo as you would expect. If you compile a package that links against libfoo, you may notice that it is linked to /usr/pkg/libfoo/1.1/lib/libfoo.so.1 instead of /usr/lib/libfoo.so.1 as you would expect. The correct approach is to use the DESTDIR strategy to fake installation of the package. This approach works as follows:

./configure --prefix=/usr
make
make DESTDIR=/usr/pkg/libfoo/1.1 install

Most packages support this approach, but there are some which do not. For the non-compliant packages, you may either need to manually install the package, or you may find that it is easier to install some problematic packages into /opt.

Timestamp Based

In this technique, a file is timestamped before the installation of the package. After the installation, a simple use of the find command with the appropriate options can generate a log of all the files installed after the timestamp file was created. A package manager written with this approach is install-log.

Though this scheme has the advantage of being simple, it has two drawbacks. If, during installation, the files are installed with any timestamp other than the current time, those files will not be tracked by the package manager. Also, this scheme can only be used when one package is installed at a time. The logs are not reliable if two packages are being installed on two different consoles.

Tracing Installation Scripts

In this approach, the commands that the installation scripts perform are recorded. There are two techniques that one can use:

The LD_PRELOAD environment variable can be set to point to a library to be preloaded before installation. During installation, this library tracks the packages that are being installed by attaching itself to various executables such as cp, install, mv and tracking the system calls that modify the filesystem. For this approach to work, all the executables need to be dynamically linked without the suid or sgid bit. Preloading the library may cause some unwanted side-effects during installation. Therefore, it is advised that one performs some tests to ensure that the package manager does not break anything and logs all the appropriate files.

The second technique is to use strace, which logs all system calls made during the execution of the installation scripts.

Creating Package Archives

In this scheme, the package installation is faked into a separate tree as described in the Symlink style package management. After the installation, a package archive is created using the installed files. This archive is then used to install the package either on the local machine or can even be used to install the package on other machines.

This approach is used by most of the package managers found in the commercial distributions. Examples of package managers that follow this approach are RPM (which, incidentally, is required by the Linux Standard Base Specification), pkg-utils, Debian's apt, and Gentoo's Portage system. A hint describing how to adopt this style of package management for LFS systems is located here.

Creation of package files that include dependency information is complex and is beyond the scope of LFS.

Slackware uses a tar based system for package archives. This system purposely does not handle package dependencies as more complex package managers do. For details of Slackware package management, see http://www.slackbook.org/html/package-management.html.

User Based Management

This scheme, unique to LFS, was devised by Matthias Benkmann, and is available from the Hints Project. In this scheme, each package is installed as a separate user into the standard locations. Files belonging to a package are easily identified by checking the user ID. The features and shortcomings of this approach are too complex to describe in this section. For the details please see the hint.

Deploying LFS on Multiple Systems

One of the advantages of an LFS system is that there are no files that depend on the position of files on a disk system. Cloning an LFS build to another computer with the same architecture as the base system is as simple as using tar on the LFS partition that contains the root directory (about 250MB uncompressed for a base LFS build), copying that file via network transfer or CD-ROM to the new system and expanding it. From that point, a few configuration files will have to be changed. Configuration files that may need to be updated include: /etc/hosts, /etc/fstab, /etc/passwd, /etc/group, /etc/shadow, and /etc/ld.so.conf.

A custom kernel may need to be built for the new system depending on differences in system hardware and the original kernel configuration.

Note

There have been some reports of issues when copying between similar but not identical architectures. For instance, the instruction set for an Intel system is not identical with an AMD processor and later versions of some processors may have instructions that are unavailable in earlier versions.

Finally the new system has to be made bootable via Section 8.4, “Using GRUB to Set Up the Boot Process”.

Entering the Chroot Environment

It is time to enter the chroot environment to begin building and installing the final LFS system. As user root, run the following command to enter the realm that is, at the moment, populated with only the temporary tools:

chroot "$LFS" /tools/bin/env -i \
    HOME=/root                  \
    TERM="$TERM"                \
    PS1='(lfs chroot) \u:\w\$ ' \
    PATH=/bin:/usr/bin:/sbin:/usr/sbin:/tools/bin \
    /tools/bin/bash --login +h

The -i option given to the env command will clear all variables of the chroot environment. After that, only the HOME, TERM, PS1, and PATH variables are set again. The TERM=$TERM construct will set the TERM variable inside chroot to the same value as outside chroot. This variable is needed for programs like vim and less to operate properly. If other variables are needed, such as CFLAGS or CXXFLAGS, this is a good place to set them again.

From this point on, there is no need to use the LFS variable anymore, because all work will be restricted to the LFS file system. This is because the Bash shell is told that $LFS is now the root (/) directory.

Notice that /tools/bin comes last in the PATH. This means that a temporary tool will no longer be used once its final version is installed. This occurs when the shell does not “remember” the locations of executed binaries—for this reason, hashing is switched off by passing the +h option to bash.

Note that the bash prompt will say I have no name! This is normal because the /etc/passwd file has not been created yet.

Note

It is important that all the commands throughout the remainder of this chapter and the following chapters are run from within the chroot environment. If you leave this environment for any reason (rebooting for example), ensure that the virtual kernel filesystems are mounted as explained in Section 6.2.2, “Mounting and Populating /dev” and Section 6.2.3, “Mounting Virtual Kernel File Systems” and enter chroot again before continuing with the installation.

Creating Directories

It is time to create some structure in the LFS file system. Create a standard directory tree by issuing the following commands:

mkdir -pv /{bin,boot,etc/{opt,sysconfig},home,lib/firmware,mnt,opt}
mkdir -pv /{media/{floppy,cdrom},sbin,srv,var}
install -dv -m 0750 /root
install -dv -m 1777 /tmp /var/tmp
mkdir -pv /usr/{,local/}{bin,include,lib,sbin,src}
mkdir -pv /usr/{,local/}share/{color,dict,doc,info,locale,man}
mkdir -v  /usr/{,local/}share/{misc,terminfo,zoneinfo}
mkdir -v  /usr/libexec
mkdir -pv /usr/{,local/}share/man/man{1..8}

case $(uname -m) in
 x86_64) mkdir -v /lib64 ;;
esac

mkdir -v /var/{log,mail,spool}
ln -sv /run /var/run
ln -sv /run/lock /var/lock
mkdir -pv /var/{opt,cache,lib/{color,misc,locate},local}

Directories are, by default, created with permission mode 755, but this is not desirable for all directories. In the commands above, two changes are made—one to the home directory of user root, and another to the directories for temporary files.

The first mode change ensures that not just anybody can enter the /root directory—the same as a normal user would do with his or her home directory. The second mode change makes sure that any user can write to the /tmp and /var/tmp directories, but cannot remove another user's files from them. The latter is prohibited by the so-called “sticky bit,” the highest bit (1) in the 1777 bit mask.

FHS Compliance Note

The directory tree is based on the Filesystem Hierarchy Standard (FHS). The FHS also specifies the optional existence of some directories such as /usr/local/games and /usr/share/games. We create only the directories that are needed. However, feel free to create these directories.

Creating Essential Files and Symlinks

Some programs use hard-wired paths to programs which do not exist yet. In order to satisfy these programs, create a number of symbolic links which will be replaced by real files throughout the course of this chapter after the software has been installed:

ln -sv /tools/bin/{bash,cat,chmod,dd,echo,ln,mkdir,pwd,rm,stty,touch} /bin
ln -sv /tools/bin/{env,install,perl,printf}         /usr/bin
ln -sv /tools/lib/libgcc_s.so{,.1}                  /usr/lib
ln -sv /tools/lib/libstdc++.{a,so{,.6}}             /usr/lib

install -vdm755 /usr/lib/pkgconfig

ln -sv bash /bin/sh

The purpose of each link:

/bin/bash

Many bash scripts specify /bin/bash.

/bin/cat

This pathname is hard-coded into Glibc's configure script.

/bin/dd

The path to dd will be hard-coded into the /usr/bin/libtool utility.

/bin/echo

This is to satisfy one of the tests in Glibc's test suite, which expects /bin/echo.

/usr/bin/env

This pathname is hard-coded into some packages build procedures.

/usr/bin/install

The path to install will be hard-coded into the /usr/lib/bash/Makefile.inc file.

/bin/ln

The path to ln will be hard-coded into the /usr/lib/perl5/5.28.1/<target-triplet>/Config_heavy.pl file.

/bin/pwd

Some configure scripts, particularly Glibc's, have this pathname hard-coded.

/bin/rm

The path to rm will be hard-coded into the /usr/lib/perl5/5.28.1/<target-triplet>/Config_heavy.pl file.

/bin/stty

This pathname is hard-coded into Expect, therefore it is needed for Binutils and GCC test suites to pass.

/usr/bin/perl

Many Perl scripts hard-code this path to the perl program.

/usr/lib/libgcc_s.so{,.1}

Glibc needs this for the pthreads library to work.

/usr/lib/libstdc++{,.6}

This is needed by several tests in Glibc's test suite, as well as for C++ support in GMP.

/bin/sh

Many shell scripts hard-code /bin/sh.

Historically, Linux maintains a list of the mounted file systems in the file /etc/mtab. Modern kernels maintain this list internally and exposes it to the user via the /proc filesystem. To satisfy utilities that expect the presence of /etc/mtab, create the following symbolic link:

ln -sv /proc/self/mounts /etc/mtab

In order for user root to be able to login and for the name “root” to be recognized, there must be relevant entries in the /etc/passwd and /etc/group files.

Create the /etc/passwd file by running the following command:

cat > /etc/passwd << "EOF"
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/dev/null:/bin/false
daemon:x:6:6:Daemon User:/dev/null:/bin/false
messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false
systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false
systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false
systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false
systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false
systemd-network:x:76:76:systemd Network Management:/:/bin/false
systemd-resolve:x:77:77:systemd Resolver:/:/bin/false
systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false
systemd-coredump:x:79:79:systemd Core Dumper:/:/bin/false
nobody:x:99:99:Unprivileged User:/dev/null:/bin/false
EOF

The actual password for root (the “x” used here is just a placeholder) will be set later.

Create the /etc/group file by running the following command:

cat > /etc/group << "EOF"
root:x:0:
bin:x:1:daemon
sys:x:2:
kmem:x:3:
tape:x:4:
tty:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
usb:x:14:
cdrom:x:15:
adm:x:16:
messagebus:x:18:
systemd-journal:x:23:
input:x:24:
mail:x:34:
kvm:x:61:
systemd-bus-proxy:x:72:
systemd-journal-gateway:x:73:
systemd-journal-remote:x:74:
systemd-journal-upload:x:75:
systemd-network:x:76:
systemd-resolve:x:77:
systemd-timesync:x:78:
systemd-coredump:x:79:
wheel:x:97:
nogroup:x:99:
users:x:999:
EOF

The created groups are not part of any standard—they are groups decided on in part by the requirements of the Udev configuration in this chapter, and in part by common convention employed by a number of existing Linux distributions. In addition, some test suites rely on specific users or groups. The Linux Standard Base (LSB) recommends only that, besides the group root with a Group ID (GID) of 0, a group bin with a GID of 1 be present. All other group names and GIDs can be chosen freely by the system administrator since well-written programs do not depend on GID numbers, but rather use the group's name.

To remove the “I have no name!” prompt, start a new shell. Since a full Glibc was installed in Chapter 5 and the /etc/passwd and /etc/group files have been created, user name and group name resolution will now work:

exec /tools/bin/bash --login +h

Note the use of the +h directive. This tells bash not to use its internal path hashing. Without this directive, bash would remember the paths to binaries it has executed. To ensure the use of the newly compiled binaries as soon as they are installed, the +h directive will be used for the duration of this chapter.

The login, agetty, and init programs (and others) use a number of log files to record information such as who was logged into the system and when. However, these programs will not write to the log files if they do not already exist. Initialize the log files and give them proper permissions:

touch /var/log/{btmp,lastlog,faillog,wtmp}
chgrp -v utmp /var/log/lastlog
chmod -v 664  /var/log/lastlog
chmod -v 600  /var/log/btmp

The /var/log/wtmp file records all logins and logouts. The /var/log/lastlog file records when each user last logged in. The /var/log/faillog file records failed login attempts. The /var/log/btmp file records the bad login attempts.

Note

The /run/utmp file records the users that are currently logged in. This file is created dynamically in the boot scripts.

Linux-4.20.12 API Headers

The Linux API Headers (in linux-4.20.12.tar.xz) expose the kernel's API for use by Glibc.

Approximate Build Time: 0.1 SBU

Required Disk Space: 941 MB

Installation of Linux API Headers

The Linux kernel needs to expose an Application Programming Interface (API) for the system's C library (Glibc in LFS) to use. This is done by way of sanitizing various C header files that are shipped in the Linux kernel source tarball.

Make sure there are no stale files and dependencies lying around from previous activity:

make mrproper

Now extract the user-visible kernel headers from the source. They are placed in an intermediate local directory and copied to the needed location because the extraction process removes any existing files in the target directory. There are also some hidden files used by the kernel developers and not needed by LFS that are removed from the intermediate directory.

make INSTALL_HDR_PATH=dest headers_install
find dest/include \( -name .install -o -name ..install.cmd \) -delete
cp -rv dest/include/* /usr/include

Contents of Linux API Headers

Installed Headers: /usr/include/asm/.h, /usr/include/asm-generic/.h, /usr/include/drm/.h, /usr/include/linux/.h, /usr/include/misc/.h, /usr/include/mtd/.h, /usr/include/rdma/.h, /usr/include/scsi/.h, /usr/include/sound/.h, /usr/include/video/.h, and /usr/include/xen/*.h

Installed Directories: /usr/include/asm, /usr/include/asm-generic, /usr/include/drm, /usr/include/linux, /usr/include/misc, /usr/include/mtd, /usr/include/rdma, /usr/include/scsi, /usr/include/sound, /usr/include/video, and /usr/include/xen

Installed	Description
/usr/include/asm/*.h	The Linux API ASM Headers
/usr/include/asm-generic/*.h	The Linux API ASM Generic Headers
/usr/include/drm/*.h	The Linux API DRM Headers
/usr/include/linux/*.h	The Linux API Linux Headers
/usr/include/mtd/*.h	The Linux API MTD Headers
/usr/include/rdma/*.h	The Linux API RDMA Headers
/usr/include/scsi/*.h	The Linux API SCSI Headers
/usr/include/sound/*.h	The Linux API Sound Headers
/usr/include/video/*.h	The Linux API Video Headers
/usr/include/xen/*.h	The Linux API Xen Headers

Man-pages-4.16

The Man-pages package contains over 2,200 man pages.

Approximate Build Time: 0.1 SBU

Required Disk Space: 28 MB

Installation of Man-pages

Install Man-pages by running:

make install

Contents of Man-pages

Installed Files: various man pages

Installed	Description
man pages	Describe C programming language functions, important device files, and significant configuration files

Glibc-2.29

The Glibc package contains the main C library. This library provides the basic routines for allocating memory, searching directories, opening and closing files, reading and writing files, string handling, pattern matching, arithmetic, and so on.

Approximate Build Time: 22 SBU

Required Disk Space: 3.2 GB

Installation of Glibc

Note

The Glibc build system is self-contained and will install perfectly, even though the compiler specs file and linker are still pointing to /tools. The specs and linker cannot be adjusted before the Glibc install because the Glibc autoconf tests would give false results and defeat the goal of achieving a clean build.

Some of the Glibc programs use the non-FHS compilant /var/db directory to store their runtime data. Apply the following patch to make such programs store their runtime data in the FHS-compliant locations:

patch -Np1 -i ../glibc-2.29-fhs-1.patch

First create a compatibility symlink to avoid references to /tools in our final glibc:

ln -sfv /tools/lib/gcc /usr/lib

Determine the GCC include directory and create a symlink for LSB compliance. Additionally, for x86_64, create a compatibility symlink required for the dynamic loader to function correctly:

case $(uname -m) in
    i?86)    GCC_INCDIR=/usr/lib/gcc/$(uname -m)-pc-linux-gnu/8.2.0/include
            ln -sfv ld-linux.so.2 /lib/ld-lsb.so.3
    ;;
    x86_64) GCC_INCDIR=/usr/lib/gcc/x86_64-pc-linux-gnu/8.2.0/include
            ln -sfv ../lib/ld-linux-x86-64.so.2 /lib64
            ln -sfv ../lib/ld-linux-x86-64.so.2 /lib64/ld-lsb-x86-64.so.3
    ;;
esac

Remove a file that may be left over from a previous build attempt:

rm -f /usr/include/limits.h

The Glibc documentation recommends building Glibc in a dedicated build directory:

mkdir -v build
cd       build

Prepare Glibc for compilation:

CC="gcc -isystem $GCC_INCDIR -isystem /usr/include" \
../configure --prefix=/usr                          \
             --disable-werror                       \
             --enable-kernel=3.2                    \
             --enable-stack-protector=strong        \
             libc_cv_slibdir=/lib
unset GCC_INCDIR

The meaning of the options and new configure parameters:

CC="gcc -isystem $GCC_INCDIR -isystem /usr/include"

Setting the location of both gcc and system include directories avoids introduction of invalid paths in debugging symbols.

--disable-werror

This option disables the -Werror option passed to GCC. This is necessary for running the test suite.

--enable-stack-protector=strong

This option increases system security by adding extra code to check for buffer overflows, such as stack smashing attacks.

libc_cv_slibdir=/lib

This variable sets the correct library for all systems. We do not want lib64 to be used.

Compile the package:

make

Important

In this section, the test suite for Glibc is considered critical. Do not skip it under any circumstance.

Generally a few tests do not pass. The test failures listed below are usually safe to ignore.

case $(uname -m) in
  i?86)   ln -sfnv $PWD/elf/ld-linux.so.2        /lib ;;
  x86_64) ln -sfnv $PWD/elf/ld-linux-x86-64.so.2 /lib ;;
esac

Note

The symbolic link above is needed to run the tests at this stage of building in the chroot envirnment. It will be overwritten in the install phase below.

make check

You may see some test failures. The Glibc test suite is somewhat dependent on the host system. This is a list of the most common issues seen for some versions of LFS:

• misc/tst-ttyname is known to fail in the LFS chroot environment.

• inet/tst-idna_name_classify is known to fail in the LFS chroot environment.

• posix/tst-getaddrinfo4 and posix/tst-getaddrinfo5 may fail on some architectures.

• The nss/tst-nss-files-hosts-multi test may fail for reasons that have not been determined.

• The rt/tst-cputimer{1,2,3} tests depend on the host system kernel. Kernels 4.14.91–4.14.96, 4.19.13–4.19.18, and 4.20.0–4.20.5 are known to cause these tests to fail.

• The math tests sometimes fail when running on systems where the CPU is not a relatively new Intel or AMD processor.

Though it is a harmless message, the install stage of Glibc will complain about the absence of /etc/ld.so.conf. Prevent this warning with:

touch /etc/ld.so.conf

Fix the generated Makefile to skip an unneeded sanity check that fails in the LFS partial environment:

sed '/test-installation/s@$(PERL)@echo not running@' -i ../Makefile

Install the package:

make install

Install the configuration file and runtime directory for nscd:

cp -v ../nscd/nscd.conf /etc/nscd.conf
mkdir -pv /var/cache/nscd

Install the systemd support files for nscd:

install -v -Dm644 ../nscd/nscd.tmpfiles /usr/lib/tmpfiles.d/nscd.conf
install -v -Dm644 ../nscd/nscd.service /lib/systemd/system/nscd.service

Next, install the locales that can make the system respond in a different language. None of the locales are required, but if some of them are missing, the test suites of future packages would skip important testcases.

Individual locales can be installed using the localedef program. E.g., the first localedef command below combines the /usr/share/i18n/locales/cs_CZ charset-independent locale definition with the /usr/share/i18n/charmaps/UTF-8.gz charmap definition and appends the result to the /usr/lib/locale/locale-archive file. The following instructions will install the minimum set of locales necessary for the optimal coverage of tests:

mkdir -pv /usr/lib/locale
localedef -i POSIX -f UTF-8 C.UTF-8 2> /dev/null || true
localedef -i cs_CZ -f UTF-8 cs_CZ.UTF-8
localedef -i de_DE -f ISO-8859-1 de_DE
localedef -i de_DE@euro -f ISO-8859-15 de_DE@euro
localedef -i de_DE -f UTF-8 de_DE.UTF-8
localedef -i el_GR -f ISO-8859-7 el_GR
localedef -i en_GB -f UTF-8 en_GB.UTF-8
localedef -i en_HK -f ISO-8859-1 en_HK
localedef -i en_PH -f ISO-8859-1 en_PH
localedef -i en_US -f ISO-8859-1 en_US
localedef -i en_US -f UTF-8 en_US.UTF-8
localedef -i es_MX -f ISO-8859-1 es_MX
localedef -i fa_IR -f UTF-8 fa_IR
localedef -i fr_FR -f ISO-8859-1 fr_FR
localedef -i fr_FR@euro -f ISO-8859-15 fr_FR@euro
localedef -i fr_FR -f UTF-8 fr_FR.UTF-8
localedef -i it_IT -f ISO-8859-1 it_IT
localedef -i it_IT -f UTF-8 it_IT.UTF-8
localedef -i ja_JP -f EUC-JP ja_JP
localedef -i ja_JP -f SHIFT_JIS ja_JP.SIJS 2> /dev/null || true
localedef -i ja_JP -f UTF-8 ja_JP.UTF-8
localedef -i ru_RU -f KOI8-R ru_RU.KOI8-R
localedef -i ru_RU -f UTF-8 ru_RU.UTF-8
localedef -i tr_TR -f UTF-8 tr_TR.UTF-8
localedef -i zh_CN -f GB18030 zh_CN.GB18030
localedef -i zh_HK -f BIG5-HKSCS zh_HK.BIG5-HKSCS

In addition, install the locale for your own country, language and character set.

Alternatively, install all locales listed in the glibc-2.29/localedata/SUPPORTED file (it includes every locale listed above and many more) at once with the following time-consuming command:

make localedata/install-locales

Then use the localedef command to create and install locales not listed in the glibc-2.29/localedata/SUPPORTED file in the unlikely case you need them.

Note

Glibc now uses libidn2 when resolving internationalized domain names. This is a run time dependency. If this capability is needed, the instructions for installing libidn2 are in the BLFS libidn2 page.

Configuring Glibc

Adding nsswitch.conf

The /etc/nsswitch.conf file needs to be created because the Glibc defaults do not work well in a networked environment.

Create a new file /etc/nsswitch.conf by running the following:

cat > /etc/nsswitch.conf << "EOF"
# Begin /etc/nsswitch.conf

passwd: files
group: files
shadow: files

hosts: files dns
networks: files

protocols: files
services: files
ethers: files
rpc: files

# End /etc/nsswitch.conf
EOF

Adding time zone data

Install and set up the time zone data with the following:

tar -xf ../../tzdata2018i.tar.gz

ZONEINFO=/usr/share/zoneinfo
mkdir -pv $ZONEINFO/{posix,right}

for tz in etcetera southamerica northamerica europe africa antarctica  \
          asia australasia backward pacificnew systemv; do
    zic -L /dev/null   -d $ZONEINFO       ${tz}
    zic -L /dev/null   -d $ZONEINFO/posix ${tz}
    zic -L leapseconds -d $ZONEINFO/right ${tz}
done

cp -v zone.tab zone1970.tab iso3166.tab $ZONEINFO
zic -d $ZONEINFO -p America/New_York
unset ZONEINFO

The meaning of the zic commands:

zic -L /dev/null ...

This creates posix time zones, without any leap seconds. It is conventional to put these in both zoneinfo and zoneinfo/posix. It is necessary to put the POSIX time zones in zoneinfo, otherwise various test-suites will report errors. On an embedded system, where space is tight and you do not intend to ever update the time zones, you could save 1.9MB by not using the posix directory, but some applications or test-suites might produce some failures.

zic -L leapseconds ...

This creates right time zones, including leap seconds. On an embedded system, where space is tight and you do not intend to ever update the time zones, or care about the correct time, you could save 1.9MB by omitting the right directory.

zic ... -p ...

This creates the posixrules file. We use New York because POSIX requires the daylight savings time rules to be in accordance with US rules.

One way to determine the local time zone is to run the following script:

tzselect

After answering a few questions about the location, the script will output the name of the time zone (e.g., America/Edmonton). There are also some other possible time zones listed in /usr/share/zoneinfo such as Canada/Eastern or EST5EDT that are not identified by the script but can be used.

Then create the /etc/localtime file by running:

ln -sfv /usr/share/zoneinfo/<xxx> /etc/localtime

Replace <xxx> with the name of the time zone selected (e.g., Canada/Eastern).

Configuring the Dynamic Loader

By default, the dynamic loader (/lib/ld-linux.so.2) searches through /lib and /usr/lib for dynamic libraries that are needed by programs as they are run. However, if there are libraries in directories other than /lib and /usr/lib, these need to be added to the /etc/ld.so.conf file in order for the dynamic loader to find them. Two directories that are commonly known to contain additional libraries are /usr/local/lib and /opt/lib, so add those directories to the dynamic loader's search path.

Create a new file /etc/ld.so.conf by running the following:

cat > /etc/ld.so.conf << "EOF"
# Begin /etc/ld.so.conf
/usr/local/lib
/opt/lib

EOF

If desired, the dynamic loader can also search a directory and include the contents of files found there. Generally the files in this include directory are one line specifying the desired library path. To add this capability run the following commands:

cat >> /etc/ld.so.conf << "EOF"
# Add an include directory
include /etc/ld.so.conf.d/*.conf

EOF
mkdir -pv /etc/ld.so.conf.d

Contents of Glibc

Installed Programs: catchsegv, gencat, getconf, getent, iconv, iconvconfig, ldconfig, ldd, lddlibc4, locale, localedef, makedb, mtrace, nscd, pldd, sln, sotruss, sprof, tzselect, xtrace, zdump, and zic

Installed Libraries: ld-2.29.so, libBrokenLocale.{a,so}, libSegFault.so, libanl.{a,so}, libc.{a,so}, libc_nonshared.a, libcidn.so, libcrypt.{a,so}, libdl.{a,so}, libg.a, libieee.a, libm.{a,so}, libmcheck.a, libmemusage.so, libnsl.{a,so}, libnss_compat.so, libnss_dns.so, libnss_files.so, libnss_hesiod.so, libnss_nis.so, libnss_nisplus.so, libpthread.{a,so}, libpthread_nonshared.a, libresolv.{a,so}, librpcsvc.a, librt.{a,so}, libthread_db.so, and libutil.{a,so}

Installed Directories: /usr/include/arpa, /usr/include/bits, /usr/include/gnu, /usr/include/net, /usr/include/netash, /usr/include/netatalk, /usr/include/netax25, /usr/include/neteconet, /usr/include/netinet, /usr/include/netipx, /usr/include/netiucv, /usr/include/netpacket, /usr/include/netrom, /usr/include/netrose, /usr/include/nfs, /usr/include/protocols, /usr/include/rpc, /usr/include/rpcsvc, /usr/include/sys, /usr/lib/audit, /usr/lib/gconv, /usr/lib/locale, /usr/libexec/getconf, /usr/share/i18n, /usr/share/zoneinfo, /var/cache/nscd, and /var/lib/nss_db

Installed	Description
catchsegv	Can be used to create a stack trace when a program terminates with a segmentation fault
gencat	Generates message catalogues
getconf	Displays the system configuration values for file system specific variables
getent	Gets entries from an administrative database
iconv	Performs character set conversion
iconvconfig	Creates fastloading iconv module configuration files
ldconfig	Configures the dynamic linker runtime bindings
ldd	Reports which shared libraries are required by each given program or shared library
lddlibc4	Assists ldd with object files
locale	Prints various information about the current locale
localedef	Compiles locale specifications
makedb	Creates a simple database from textual input
mtrace	Reads and interprets a memory trace file and displays a summary in human-readable format
nscd	A daemon that provides a cache for the most common name service requests
pldd	Lists dynamic shared objects used by running processes
sln	A statically linked ln program
sotruss	Traces shared library procedure calls of a specified command
sprof	Reads and displays shared object profiling data
tzselect	Asks the user about the location of the system and reports the corresponding time zone description
xtrace	Traces the execution of a program by printing the currently executed function
zdump	The time zone dumper
zic	The time zone compiler
ld-2.29.so	The helper program for shared library executables
libBrokenLocale	Used internally by Glibc as a gross hack to get broken programs (e.g., some Motif applications) running. See comments in glibc-2.29/locale/broken_cur_max.c for more information
libSegFault	The segmentation fault signal handler, used by catchsegv
libanl	An asynchronous name lookup library
libc	The main C library
libcidn	Used internally by Glibc for handling internationalized domain names in the getaddrinfo() function
libcrypt	The cryptography library
libdl	The dynamic linking interface library
libg	Dummy library containing no functions. Previously was a runtime library for g++
libieee	Linking in this module forces error handling rules for math functions as defined by the Institute of Electrical and Electronic Engineers (IEEE). The default is POSIX.1 error handling
libm	The mathematical library
libmcheck	Turns on memory allocation checking when linked to
libmemusage	Used by memusage to help collect information about the memory usage of a program
libnsl	The network services library
libnss	The Name Service Switch libraries, containing functions for resolving host names, user names, group names, aliases, services, protocols, etc.
libpthread	The POSIX threads library
libresolv	Contains functions for creating, sending, and interpreting packets to the Internet domain name servers
librpcsvc	Contains functions providing miscellaneous RPC services
librt	Contains functions providing most of the interfaces specified by the POSIX.1b Realtime Extension
libthread_db	Contains functions useful for building debuggers for multi-threaded programs
libutil	Contains code for “standard” functions used in many different Unix utilities

Adjusting the Toolchain

Now that the final C libraries have been installed, it is time to adjust the toolchain so that it will link any newly compiled program against these new libraries.

First, backup the /tools linker, and replace it with the adjusted linker we made in chapter 5. We'll also create a link to its counterpart in /tools/\$(uname -m)-pc-linux-gnu/bin:

mv -v /tools/bin/{ld,ld-old}
mv -v /tools/$(uname -m)-pc-linux-gnu/bin/{ld,ld-old}
mv -v /tools/bin/{ld-new,ld}
ln -sv /tools/bin/ld /tools/$(uname -m)-pc-linux-gnu/bin/ld

Next, amend the GCC specs file so that it points to the new dynamic linker. Simply deleting all instances of “/tools” should leave us with the correct path to the dynamic linker. Also adjust the specs file so that GCC knows where to find the correct headers and Glibc start files. A sed command accomplishes this:

gcc -dumpspecs | sed -e 's@/tools@@g'                   \
    -e '/\*startfile_prefix_spec:/{n;s@.*@/usr/lib/ @}' \
    -e '/\*cpp:/{n;s@$@ -isystem /usr/include@}' >      \
    `dirname $(gcc --print-libgcc-file-name)`/specs

It is a good idea to visually inspect the specs file to verify the intended change was actually made.

It is imperative at this point to ensure that the basic functions (compiling and linking) of the adjusted toolchain are working as expected. To do this, perform the following sanity checks:

echo 'int main(){}' > dummy.c
cc dummy.c -v -Wl,--verbose &> dummy.log
readelf -l a.out | grep ': /lib'

There should be no errors, and the output of the last command will be (allowing for platform-specific differences in dynamic linker name):

[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]

Note that on 64-bit systems /lib is the location of our dynamic linker, but is accessed via a symbolic link in /lib64.

NOTE

On 32-bit systems the interpreter should be /lib/ld-linux.so.2.

Now make sure that we're setup to use the correct start files:

grep -o '/usr/lib.*/crt[1in].*succeeded' dummy.log

The output of the last command should be:

/usr/lib/../lib/crt1.o succeeded
/usr/lib/../lib/crti.o succeeded
/usr/lib/../lib/crtn.o succeeded

Verify that the compiler is searching for the correct header files:

grep -B1 '^ /usr/include' dummy.log

This command should return the following output:

#include <...> search starts here:
/usr/include

Next, verify that the new linker is being used with the correct search paths:

grep 'SEARCH.*/usr/lib' dummy.log |sed 's|; |\n|g'

References to paths that have components with '-linux-gnu' should be ignored, but otherwise the output of the last command should be:

SEARCH_DIR("/usr/lib")
SEARCH_DIR("/lib")

Next make sure that we're using the correct libc:

grep "/lib.*/libc.so.6 " dummy.log

The output of the last command should be:

attempt to open /lib/libc.so.6 succeeded

Lastly, make sure GCC is using the correct dynamic linker:

grep found dummy.log

The output of the last command should be (allowing for platform-specific differences in dynamic linker name):

found ld-linux-x86-64.so.2 at /lib/ld-linux-x86-64.so.2

If the output does not appear as shown above or is not received at all, then something is seriously wrong. Investigate and retrace the steps to find out where the problem is and correct it. The most likely reason is that something went wrong with the specs file adjustment. Any issues will need to be resolved before continuing with the process.

Once everything is working correctly, clean up the test files:

rm -v dummy.c a.out dummy.log

Zlib-1.2.11

The Zlib package contains compression and decompression routines used by some programs.

Approximate Build Time: less than 0.1 SBU

Required Disk Space: 4.4 MB

Installation of Zlib

Prepare Zlib for compilation:

./configure --prefix=/usr

Compile the package:

make

To test the results, issue:

make check

Install the package:

make install

The shared library needs to be moved to /lib, and as a result the .so file in /usr/lib will need to be recreated:

mv -v /usr/lib/libz.so.\* /lib
ln -sfv ../../lib/\$(readlink /usr/lib/libz.so) /usr/lib/libz.so

Contents of Zlib

Installed Libraries: libz.{a,so}

Installed	Description
libz	Contains compression and decompression functions used by some programs

File-5.36

The File package contains a utility for determining the type of a given file or files.

Approximate Build Time: 0.1 SBU

Required Disk Space: 18 MB

Installation of File

Prepare File for compilation:

./configure --prefix=/usr

Compile the package:

make

To test the results, issue:

make check

Install the package:

make install

Contents of File

Installed Programs: File

Installed Libraries: libmagic.so

Installed	Description
file	Tries to classify each given file; it does this by performing several tests—file system tests, magic number tests, and language tests
libmagic	Contains routines for magic number recognition, used by the file program

Readline-8.0

The Readline package is a set of libraries that offers command-line editing and history capabilities.

Approximate Build Time: 0.1 SBU

Required Disk Space: 15 MB

Installation of Readline

Reinstalling Readline will cause the old libraries to be moved to <libraryname>.old. While this is normally not a problem, in some cases it can trigger a linking bug in ldconfig. This can be avoided by issuing the following two seds:

sed -i '/MV.*old/d' Makefile.in
sed -i '/{OLDSUFF}/c:' support/shlib-install

Prepare Readline for compilation:

./configure --prefix=/usr    \
            --disable-static \
            --docdir=/usr/share/doc/readline-8.0

Compile the package:

make SHLIB_LIBS="-L/tools/lib -lncursesw"

The meaning of the make option:

SHLIB_LIBS="-L/tools/lib -lncursesw"

This option forces Readline to link against the libncursesw library.

This package does not come with a test suite.

Install the package:

make SHLIB_LIBS="-L/tools/lib -lncursesw" install

Now move the dynamic libraries to a more appropriate location and fix up some permissions and symbolic links:

mv -v /usr/lib/lib{readline,history}.so.* /lib
chmod -v u+w /lib/lib{readline,history}.so.*
ln -sfv ../../lib/$(readlink /usr/lib/libreadline.so) /usr/lib/libreadline.so
ln -sfv ../../lib/$(readlink /usr/lib/libhistory.so ) /usr/lib/libhistory.so

If desired, install the documentation:

install -v -m644 doc/*.{ps,pdf,html,dvi} /usr/share/doc/readline-8.0

Contents of Readline

Installed Libraries: libhistory.so and libreadline.so

Installed Directories: /usr/include/readline, /usr/share/readline, and /usr/share/doc/readline-8.0

Installed	Description
libhistory	Provides a consistent user interface for recalling lines of history
libreadline	Provides a set of commands for manipulating text entered in an interactive session of a program.

M4-1.4.18

The M4 package contains a macro processor.

Approximate Build Time: 0.4 SBU

Required Disk Space: 33 MB

Installation of M4

First, make some fixes required by glibc-2.28:

sed -i 's/IO_ftrylockfile/IO_EOF_SEEN/' lib/*.c
echo "#define _IO_IN_BACKUP 0x100" >> lib/stdio-impl.h

Prepare M4 for compilation:

./configure --prefix=/usr

Compile the package:

make

To test the results, issue:

make check

Install the package:

make install

Contents of File

Installed Programs: m4

Installed

Description

m4

Copies the given files while expanding the macros that they contain [These macros are either built-in or user-defined and can take any number of arguments. Besides performing macro expansion, m4 has built-in functions for including named files, running Unix commands, performing integer arithmetic, manipulating text, recursion, etc. The m4 program can be used either as a front-end to a compiler or as a macro processor in its own right.]

Bc-1.07.1

The Bc package contains an arbitrary precision numeric processing language.

Approximate Build Time: 0.1 SBU

Required Disk Space: 4.1 MB

Installation of Bc

First, change an internal script to use sed instead of ed:

cat > bc/fix-libmath_h << "EOF"
#! /bin/bash
sed -e '1   s/^/{"/' \
    -e     's/$/",/' \
    -e '2,$ s/^/"/'  \
    -e   '$ d'       \
    -i libmath.h

sed -e '$ s/$/0}/' \
    -i libmath.h
EOF

Create temporary symbolic links so the package can find the readline library and confirm that its required libncurses library is available. Even though the libraries are in /tools/lib at this point, the system will use /usr/lib at the end of this chapter.

ln -sv /tools/lib/libncursesw.so.6 /usr/lib/libncursesw.so.6
ln -sfv libncursesw.so.6 /usr/lib/libncurses.so

Fix an issue in configure due to missing files in the early stages of LFS:

sed -i -e '/flex/s/as_fn_error/: ;; # &/' configure

Prepare Bc for compilation:

./configure --prefix=/usr           \
            --with-readline         \
            --mandir=/usr/share/man \
            --infodir=/usr/share/info

The meaning of the configure options:

--with-readline

This option tells Bc to use the readline library that is already installed on the system rather than using its own readline version.

Compile the package:

make

To test bc, run the commands below. There is quite a bit of output, so you may want to redirect it to a file. There are a very small percentage of tests (10 of 12,144) that will indicate a round off error at the last digit.

echo "quit" | ./bc/bc -l Test/checklib.b

Install the package:

make install

Contents of Bc

Installed Programs: bc and dc

Installed	Description
bc	A command line calculator
dc	A reverse-polish command line calculator

Binutils-2.32

The Binutils package contains a linker, an assembler, and other tools for handling object files.

Approximate Build Time: 6.9 SBU

Required Disk Space: 4.9 MB

Installation of Binutils

Verify that the PTYs are working properly inside the chroot environment by performing a simple test:

expect -c "spawn ls"

This command should output the following:

spawn ls

If, instead, the output includes the message below, then the environment is not set up for proper PTY operation. This issue needs to be resolved before running the test suites for Binutils and GCC:

The system has no more ptys.
Ask your system administrator to create more.

mkdir -v build cd build

The Binutils documentation recommends building Binutils in a dedicated build directory:

Prepare Binutils for compilation:

../configure --prefix=/usr       \
             --enable-gold       \
             --enable-ld=default \
             --enable-plugins    \
             --enable-shared     \
             --disable-werror    \
             --enable-64-bit-bfd \
             --with-system-zlib

The meaning of the configure parameters:

--enable-gold

Build the gold linker and install it as ld.gold (along side the default linker). --enable-ld=default

Build the original bdf linker and install it as both ld (the default linker) and ld.bfd.

--enable-plugins

Enables plugin support for the linker.

--enable-64-bit-bfd

Enables 64-bit support (on hosts with narrower word sizes). May not be needed on 64-bit systems, but does no harm.

--with-system-zlib

Use the installed zlib library rather than building the included version.

Compile the package:

make tooldir=/usr

The meaning of the make parameters:

tooldir=/usr

Normally, the tooldir (the directory where the executables will ultimately be located) is set to $(exec_prefix)/$(target_alias). For example, x86_64 machines would expand that to /usr/x86_64-unknown-linux-gnu. Because this is a custom system, this target-specific directory in /usr is not required. $(exec_prefix)/$(target_alias) would be used if the system was used to cross-compile (for example, compiling a package on an Intel machine that generates code that can be executed on PowerPC machines).

IMPORTANT

The test suite for Binutils in this section is considered critical. Do not skip it under any circumstances.

To test the results, issue:

make -k check

One test, debug_msg.sh, is known to fail.

Install the package:

make tooldir=/usr install

Contents of Binutils

Installed Programs: addr2line, ar, as, c++filt, elfedit, gprof, ld, ld.bfd, ld.gold, nm, objcopy, objdump, ranlib, readelf, size, strings, and strip

Installed Libraries: libbfd.{a,so} and libopcodes.{a,so}

Installed Directories: /usr/lib/ldscripts

Installed	Description
** addr2line **	Translates program addresses to file names and line numbers; given an address and the name of an executable, it uses the debugging information in the executable to determine which source file and line number are associated with the address
ar	Creates, modifies, and extracts from archives
as	An assembler that assembles the output of gcc into object files
c++filt	Used by the linker to de-mangle C++ and Java symbols and to keep overloaded functions from clashing
elfedit	Updates the ELF header of ELF files
gprof	Displays call graph profile data
ld	A linker that combines a number of object and archive files into a single file, relocating their data and tying up symbol references
ld.gold	A cut down version of ld that only supports the elf object file format
ld.bfd	Hard link to ld
nm	Lists the symbols occurring in a given object file
objcopy	Translates one type of object file into another
objdump	Displays information about the given object file, with options controlling the particular information to display; the information shown is useful to programmers who are working on the compilation tools
ranlib	Generates an index of the contents of an archive and stores it in the archive; the index lists all of the symbols defined by archive members that are relocatable object files
readelf	Displays information about ELF type binaries
size	Lists the section sizes and the total size for the given object files
strings	Outputs, for each given file, the sequences of printable characters that are of at least the specified length (defaulting to four); for object files, it prints, by default, only the strings from the initializing and loading sections while for other types of files, it scans the entire file
strip	Discards symbols from object files
libbfd	The Binary File Descriptor library
libopcodes	A library for dealing with opcodes—the “readable text” versions of instructions for the processor; it is used for building utilities like objdump

GMP-6.1.2

The GMP package contains math libraries. These have useful functions for arbitrary precision arithmetic.

Approximate Build Time: 1.3 SBU

Required Disk Space: 61 MB

Installation of GMP

Prepare File for compilation:

NOTE

If you are building for 32-bit x86, but you have a CPU which is capable of running 64-bit code and you have specified CFLAGS in the environment, the configure script will attempt to configure for 64-bits and fail. Avoid this by invoking the configure command below with

ABI=32 ./configure ...

NOTE

The default settings of GMP produce libraries optimized for the host processor. If libraries suitable for processors less capable than the host's CPU are desired, generic libraries can be created by running the following:

cp -v configfsf.guess config.guess
cp -v configfsf.sub   config.sub

Prepare GMP for compilation:

./configure --prefix=/usr    \
            --enable-cxx     \
            --disable-static \
            --docdir=/usr/share/doc/gmp-6.1.2

The meaning of the new configure options:

--enable-cxx

This parameter enables C++ support

--docdir=/usr/share/doc/gmp-6.1.2

This variable specifies the correct place for the documentation.

Compile the package and generate the HTML documentation:

make
make html

IMPORTANT

The test suite for GMP in this section is considered critical. Do not skip it under any circumstances.

To test the results, issue:

make check 2>&1 | tee gmp-check-log

CAUTION

The code in gmp is highly optimized for the processor where it is built. Occasionally, the code that detects the processor misidentifies the system capabilities and there will be errors in the tests or other applications using the gmp libraries with the message "Illegal instruction". In this case, gmp should be reconfigured with the option --build=x86_64-unknown-linux-gnu and rebuilt.

Ensure that all 190 tests in the test suite passed. Check the results by issuing the following command:

awk '/# PASS:/{total+=$3} ; END{print total}' gmp-check-log

Install the package and its documentation:

make install
make install-html

Contents of GMP

Installed Libraries: libgmp.so and libgmpxx.so

Installed Directories: /usr/share/doc/gmp-6.1.2

Installed	Description
libgmp	Contains precision math functions
libgmpxx	Contains C++ precision math functions

MPFR-4.0.2

The MPFR package contains functions for multiple precision math.

Approximate Build Time: 1.0 SBU

Required Disk Space: 37 MB

Installation of MPFR

Prepare MPFR for compilation:

./configure --prefix=/usr        \
            --disable-static     \
            --enable-thread-safe \
            --docdir=/usr/share/doc/mpfr-4.0.2

Compile the package and generate the HTML documentation:

make
make html

IMPORTANT

The test suite for MPFR in this section is considered critical. Do not skip it under any circumstances.

To test the results, issue:

make check

Install the package and its documentation:

make install
make install-html

Contents of MPFR

Installed Programs: File

Installed Libraries: libmagic.so

Installed Directories: /usr/share/doc/mpfr-4.0.2

Installed	Description
libmpfr	Contains multiple-precision math functions

MPC-1.1.0

The MPC package contains a library for the arithmetic of complex numbers with arbitrarily high precision and correct rounding of the result.

Approximate Build Time: 0.3 SBU

Required Disk Space: 22 MB

Installation of MPC

Prepare MPC for compilation:

./configure --prefix=/usr    \
            --disable-static \
            --docdir=/usr/share/doc/mpc-1.1.0

Compile the package and generate the HTML documentation:

make
make html

To test the results, issue:

make check

Install the package and its documentation:

make install
make install-html

Contents of MPC

Installed Programs: File

Installed Libraries: libmpc.so

Installed Directories: /usr/share/doc/mpc-1.1.0

Installed	Description
libmpc	Contains complex math functions

Shadow-4.6

The Shadow package contains programs for handling passwords in a secure way.

Approximate Build Time: 0.3 SBU

Required Disk Space: 22 MB

Installation of Shadow

NOTE

If you would like to enforce the use of strong passwords, refer to cracklib for installing CrackLib prior to building Shadow. Then add --with-libcrack to the configure command below.

Disable the installation of the groups program and its man pages, as Coreutils provides a better version. Also Prevent the installation of manual pages that were already installed in Section 6.8, “Man-pages-4.16”:

sed -i 's/groups$(EXEEXT) //' src/Makefile.in
find man -name Makefile.in -exec sed -i 's/groups\.1 / /'   {} \;
find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
find man -name Makefile.in -exec sed -i 's/passwd\.5 / /'   {} \;

Instead of using the default crypt method, use the more secure SHA-512 method of password encryption, which also allows passwords longer than 8 characters. It is also necessary to change the obsolete /var/spool/mail location for user mailboxes that Shadow uses by default to the /var/mail location used currently:

sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
       -e 's@/var/spool/mail@/var/mail@' etc/login.defs

NOTE

If you chose to build Shadow with Cracklib support, run the following:

sed -i 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' etc/login.defs

Make a minor change to make the first group number generated by useradd 1000:

sed -i 's/1000/999/' etc/useradd

Prepare Shadow for compilation:

./configure --sysconfdir=/etc --with-group-name-max-length=32

The meaning of the configure option:

--with-group-name-max-length=32

The maximum user name is 32 characters. Make the maximum group name the same.

Compile the package:

make

This package does not come with a test suite.

Install the package:

make install

Move a misplaced program to its proper location:

mv -v /usr/bin/passwd /bin

Configuring Shadow

This package contains utilities to add, modify, and delete users and groups; set and change their passwords; and perform other administrative tasks. For a full explanation of what password shadowing means, see the doc/HOWTO file within the unpacked source tree. If using Shadow support, keep in mind that programs which need to verify passwords (display managers, FTP programs, pop3 daemons, etc.) must be Shadow-compliant. That is, they need to be able to work with shadowed passwords.

To enable shadowed passwords, run the following command:

pwconv

To enable shadowed group passwords, run:

grpconv

Shadow's stock configuration for the useradd utility has a few caveats that need some explanation. First, the default action for the useradd utility is to create the user and a group of the same name as the user. By default the user ID (UID) and group ID (GID) numbers will begin with 1000. This means if you don't pass parameters to useradd, each user will be a member of a unique group on the system. If this behavior is undesirable, you'll need to pass the -g parameter to useradd. The default parameters are stored in the /etc/default/useradd file. You may need to modify two parameters in this file to suit your particular needs.

/etc/default/useradd Parameter Explanations

GROUP=1000

This parameter sets the beginning of the group numbers used in the /etc/group file. You can modify it to anything you desire. Note that useradd will never reuse a UID or GID. If the number identified in this parameter is used, it will use the next available number after this. Note also that if you don't have a group 1000 on your system the first time you use useradd without the -g parameter, you'll get a message displayed on the terminal that says: useradd: unknown GID 1000. You may disregard this message and group number 1000 will be used. CREATE_MAIL_SPOOL=yes

This parameter causes useradd to create a mailbox file for the newly created user. useradd will make the group ownership of this file to the mail group with 0660 permissions. If you would prefer that these mailbox files are not created by useradd, issue the following command:

sed -i 's/yes/no/' /etc/default/useradd

Setting the root password

Choose a password for user root and set it by running:

passwd root

Contents of Shadow

Installed Programs: chage, chfn, chgpasswd, chpasswd, chsh, expiry, faillog, gpasswd, groupadd, groupdel, groupmems, groupmod, grpck, grpconv, grpunconv, lastlog, login, logoutd, newgidmap, newgrp, newuidmap, newusers, nologin, passwd, pwck, pwconv, pwunconv, sg (link to newgrp), su, useradd, userdel, usermod, vigr (link to vipw), and vipw

Installed Directories: /etc/default

Installed	Description
chage	Used to change the maximum number of days between obligatory password changes
chfn	Used to change a user's full name and other information
chgpasswd	Used to update group passwords in batch mode
chpasswd	Used to update user passwords in batch mode
chsh	Used to change a user's default login shell
expiry	Checks and enforces the current password expiration policy
faillog	Is used to examine the log of login failures, to set a maximum number of failures before an account is blocked, or to reset the failure count
gpasswd	Is used to add and delete members and administrators to groups
groupadd	Creates a group with the given name
groupdel	Deletes the group with the given name
groupmems	Allows a user to administer his/her own group membership list without the requirement of super user privileges.
groupmod	Is used to modify the given group's name or GID
grpck	Verifies the integrity of the group files /etc/group and /etc/gshadow
grpconv	Creates or updates the shadow group file from the normal group file
grpunconv	Updates /etc/group from /etc/gshadow and then deletes the latter
lastlog	Reports the most recent login of all users or of a given user
login	Is used by the system to let users sign on
logoutd	Is a daemon used to enforce restrictions on log-on time and ports
newgidmap	Is used to set the gid mapping of a user namespace
newgrp	Is used to change the current GID during a login session
newuidmap	Is used to set the uid mapping of a user namespace
newusers	Is used to create or update an entire series of user accounts
nologin	Displays a message that an account is not available; it is designed to be used as the default shell for accounts that have been disabled
passwd	Is used to change the password for a user or group account
pwck	Verifies the integrity of the password files /etc/passwd and /etc/shadow
pwconv	Creates or updates the shadow password file from the normal password file
pwunconv	Updates /etc/passwd from /etc/shadow and then deletes the latter
sg	Executes a given command while the user's GID is set to that of the given group
su	Runs a shell with substitute user and group IDs
useradd	Creates a new user with the given name, or updates the default new-user information
userdel	Deletes the given user account
usermod	Is used to modify the given user's login name, User Identification (UID), shell, initial group, home directory, etc.
vigr	Edits the /etc/group or /etc/gshadow files
vipw	Edits the /etc/passwd or /etc/shadow files

GCC-8.2.0

Bzip2-1.0.6

Pkg-config-0.29.2

Ncurses-6.1

Attr-2.4.48

Acl-2.2.53

Libcap-2.26

Sed-4.7

Psmisc-23.2

Iana-Etc-2.30

Bison-3.3.2

Flex-2.6.4

Grep-3.3

Bash-5.0

Libtool-2.4.6

GDBM-1.18.1

Gperf-3.1

Expat-2.2.6

Inetutils-1.9.4

Perl-5.28.1

XML::Parser-2.44

Intltool-0.51.0

Autoconf-2.69

Automake-1.16.1

Xz-5.2.4

Kmod-26

Gettext-0.19.8.1

Libelf from Elfutils-0.176

Libffi-3.2.1

OpenSSL-1.1.1a

Python-3.7.2

Ninja-1.9.0

Meson-0.49.2

Coreutils-8.30

Check-0.12.0

Diffutils-3.7

Gawk-4.2.1

Findutils-4.6.0

Groff-1.22.4

GRUB-2.02

Less-530

Gzip-1.10

IPRoute2-4.20.0

Kbd-2.0.4

Libpipeline-1.5.1

Make-4.2.1

Patch-2.7.6

Man-DB-2.8.5

Tar-1.31

Texinfo-6.5

Vim-8.1

Systemd-240

D-Bus-1.12.12

Procps-ng-3.3.15

Util-linux-2.33.1

E2fsprogs-1.44.5

About Debugging Symbols

Stripping Again

Cleaning Up

System Configuration

Table of Contents

• Introduction
• General Network Configuration
• Overview of Device and Module Handling
• Managing Devices
• Configuring the system clock
• Configuring the Linux Console
• Configuring the System Locale
• Creating the /etc/inputrc File
• Creating the /etc/shells File
• Systemd Usage and Configuration

Introduction

This chapter discusses configuration files and systemd services. First, the general configuration files needed to set up networking are presented.

• Section 7.2, “General Network Configuration”.

• Section 7.2.3, “Configuring the system hostname”.

• Section 7.2.4, “Customizing the /etc/hosts File”.

Second, issues that affect the proper setup of devices are discussed.

• Section 7.3, “Overview of Device and Module Handling”.

• Section 7.4, “Managing Devices”.

Third, configuring the system clock and keyboard layout.

• Section 7.5, “Configuring the system clock”.

• Section 7.6, “Configuring the Linux Console”.

Fourth, a brief introduction to the scripts and configuration files used when the user logs into the system.

• Section 7.7, “Configuring the System Locale”.

• Section 7.8, “Creating the /etc/inputrc File”.

And finally, configuring the systemd behavior.

• Section 7.10, “Systemd Usage and Configuration”.

General Network Configuration

This section only applies if a network card is to be configured.

Network Interface Configuration Files

Starting with version 209, systemd ships a network configuration daemon called systemd-networkd which can be used for basic network configuration. Additionally, since version 213, DNS name resolution can be handled by systemd-resolved in place of a static /etc/resolv.conf file. Both services are enabled by default.

Configuration files for systemd-networkd (and systemd-resolved) can be placed in /usr/lib/systemd/network or /etc/systemd/network. Files in /etc/systemd/network have a higher priority than the ones in /usr/lib/systemd/network. There are three types of configuration files: .link, .netdev and .network files. For detailed descriptions and example contents of these configuration files, consult the systemd-link(5), systemd-netdev(5) and systemd-network(5) manual pages.

Network Device Naming

Udev normally assigns network card interface names based on system physical characteristics such as enp2s1. If you are not sure what your interface name is, you can always run ip link after you have booted your system.

For most systems, there is only one network interface for each type of connection. For example, the classic interface name for a wired connection is eth0. A wireless connection will usually have the name wifi0 or wlan0.

If you prefer to use the classic or customized network interface names, there are three alternative ways to do that:

• Mask udev's .link file for the default policy:

  ln -s /dev/null /etc/systemd/network/99-default.link
  

• Create a manual naming scheme, for example by naming the interfaces something like "internet0", "dmz0", or "lan0". For that, create .link files in /etc/systemd/network/, that choose an explicit name or a better naming scheme for one, some, or all of your interfaces. For example:

  cat > /etc/systemd/network/10-ether0.link << "EOF"
  [Match]
  
  # Change the MAC address as appropriate for your network device
  
  MACAddress=12:34:45:78:90:AB
  
  [Link]
  Name=ether0
  EOF
  

  See the man page systemd.link(5) for more information.

• In /boot/grub/grub.cfg, pass the option net.ifnames=0 on the kernel command line.

Static IP Configuration

The command below creates a basic configuration file for a Static IP setup (using both systemd-networkd and systemd-resolved):

cat > /etc/systemd/network/10-eth-static.network << "EOF"
[Match]
Name=<network-device-name>

[Network]
Address=192.168.0.2/24
Gateway=192.168.0.1
DNS=192.168.0.1
Domains=<Your Domain Name>
EOF

Multiple DNS entries can be added if you have more than one DNS server. Do not include DNS or Domains entries if you intend to use a static /etc/resolv.conf file.

DHCP Configuration

The command below creates a basic configuration file for an IPv4 DHCP setup:

cat > /etc/systemd/network/10-eth-dhcp.network << "EOF"
[Match]
Name=<network-device-name>

[Network]
DHCP=ipv4

[DHCP]
UseDomains=true
EOF

Creating the /etc/resolv.conf File

If the system is going to be connected to the Internet, it will need some means of Domain Name Service (DNS) name resolution to resolve Internet domain names to IP addresses, and vice versa. This is best achieved by placing the IP address of the DNS server, available from the ISP or network administrator, into /etc/resolv.conf.

systemd-resolved Configuration

Note

If using another means to configure your network interfaces (ex: ppp, network-manager, etc.), or if using any type of local resolver (ex: bind, dnsmasq, etc.), or any other software that generates an /etc/resolv.conf (ex: resolvconf), the systemd-resolved service should not be used.

When using systemd-resolved for DNS configuration, it creates the file /run/systemd/resolve/resolv.conf. Create a symlink in /etc to use the generated file:

Static resolv.conf Configuration

If a static /etc/resolv.conf is desired, create it by running the following command:

cat > /etc/resolv.conf << "EOF"
# Begin /etc/resolv.conf

domain <Your Domain Name>
nameserver _<IP address of your primary nameserver>_
nameserver _<IP address of your secondary nameserver>_

# End /etc/resolv.conf
EOF

The domain statement can be omitted or replaced with a search statement. See the man page for resolv.conf for more details.

Replace <IP address of the nameserver> with the IP address of the DNS most appropriate for the setup. There will often be more than one entry (requirements demand secondary servers for fallback capability). If you only need or want one DNS server, remove the second nameserver line from the file. The IP address may also be a router on the local network.

Note

The Google Public IPv4 DNS addresses are 8.8.8.8 and 8.8.4.4 for IPv4, and 2001:4860:4860::8888 and 2001:4860:4860::8844 for IPv6.

Configuring the system hostname

During the boot process, the file /etc/hostname is used for establishing the system's hostname.

Create the /etc/hostname file and enter a hostname by running:

echo "<lfs>" > /etc/hostname

<lfs> needs to be replaced with the name given to the computer. Do not enter the Fully Qualified Domain Name (FQDN) here. That information is put in the /etc/hosts file.

Customizing the /etc/hosts File

Decide on a fully-qualified domain name (FQDN), and possible aliases for use in the /etc/hosts file. If using static addresses, you'll also need to decide on an IP address. The syntax for a hosts file entry is:

IP_address myhost.example.org aliases

Unless the computer is to be visible to the Internet (i.e., there is a registered domain and a valid block of assigned IP addresses—most users do not have this), make sure that the IP address is in the private network IP address range. Valid ranges are:

Private Network Address Range      Normal Prefix
10.0.0.1 - 10.255.255.254           8
172.x.0.1 - 172.x.255.254           16
192.168.y.1 - 192.168.y.254         24

x can be any number in the range 16-31. y can be any number in the range 0-255.

A valid private IP address could be 192.168.1.1. A valid FQDN for this IP could be lfs.example.org.

Even if not using a network card, a valid FQDN is still required. This is necessary for certain programs to operate correctly.

If using DHCP, DHCPv6, IPv6 Autoconfiguration, or if a network card is not going to be configured, create the /etc/hostsfile by running the following command:

cat > /etc/hosts << "EOF"
# Begin /etc/hosts

127.0.0.1 localhost
127.0.1.1 _<FQDN>_ _<HOSTNAME>_
::1       localhost ip6-localhost ip6-loopback
ff02::1   ip6-allnodes
ff02::2   ip6-allrouters

# End /etc/hosts
EOF

The ::1 entry is the IPv6 counterpart of 127.0.0.1 and represents the IPv6 loopback interface. 127.0.1.1 is a loopback entry reserved specifically for the FQDN.

If using a static address, create the /etc/hosts file by running this command instead:

cat > /etc/hosts << "EOF"
# Begin /etc/hosts

127.0.0.1 localhost
127.0.1.1 _<FQDN>_ _<HOSTNAME>_
_<192.168.0.2>_ _<FQDN>_ _<HOSTNAME>_ [alias1] [alias2] ...
::1       localhost ip6-localhost ip6-loopback
ff02::1   ip6-allnodes
ff02::2   ip6-allrouters

# End /etc/hosts
EOF

The <192.168.0.2>, <FQDN>, and <HOSTNAME> values need to be changed for specific uses or requirements (if assigned an IP address by a network/system administrator and the machine will be connected to an existing network). The optional alias name(s) can be omitted.

Overview of Device and Module Handling

In Chapter 6, we installed the Udev package when systemd was built. Before we go into the details regarding how this works, a brief history of previous methods of handling devices is in order.

Linux systems in general traditionally used a static device creation method, whereby a great many device nodes were created under /dev (sometimes literally thousands of nodes), regardless of whether the corresponding hardware devices actually existed. This was typically done via a MAKEDEV script, which contains a number of calls to the mknod program with the relevant major and minor device numbers for every possible device that might exist in the world.

Using the Udev method, only those devices which are detected by the kernel get device nodes created for them. Because these device nodes will be created each time the system boots, they will be stored on a devtmpfs file system (a virtual file system that resides entirely in system memory). Device nodes do not require much space, so the memory that is used is negligible.

History

In February 2000, a new filesystem called devfs was merged into the 2.3.46 kernel and was made available during the 2.4 series of stable kernels. Although it was present in the kernel source itself, this method of creating devices dynamically never received overwhelming support from the core kernel developers.

The main problem with the approach adopted by devfs was the way it handled device detection, creation, and naming. The latter issue, that of device node naming, was perhaps the most critical. It is generally accepted that if device names are allowed to be configurable, then the device naming policy should be up to a system administrator, not imposed on them by any particular developer(s). The devfs file system also suffered from race conditions that were inherent in its design and could not be fixed without a substantial revision to the kernel. It was marked as deprecated for a long period – due to a lack of maintenance – and was finally removed from the kernel in June, 2006.

With the development of the unstable 2.5 kernel tree, later released as the 2.6 series of stable kernels, a new virtual filesystem called sysfs came to be. The job of sysfs is to export a view of the system's hardware configuration to userspace processes. With this userspace-visible representation, the possibility of developing a userspace replacement for devfs became much more realistic.

Udev Implementation

Sysfs

The sysfs filesystem was mentioned briefly above. One may wonder how sysfs knows about the devices present on a system and what device numbers should be used for them. Drivers that have been compiled into the kernel directly register their objects with a sysfs (devtmpfs internally) as they are detected by the kernel. For drivers compiled as modules, this registration will happen when the module is loaded. Once the sysfs filesystem is mounted (on /sys), data which the drivers register with sysfs are available to userspace processes and to udevd for processing (including modifications to device nodes).

Device Node Creation

Device files are created by the kernel by the devtmpfs filesystem. Any driver that wishes to register a device node will go through the devtmpfs (via the driver core) to do it. When a devtmpfs instance is mounted on /dev, the device node will initially be created with a fixed name, permissions, and owner.

A short time later, the kernel will send a uevent to udevd. Based on the rules specified in the files within the /etc/udev/rules.d, /lib/udev/rules.d, and /run/udev/rules.d directories, udevd will create additional symlinks to the device node, or change its permissions, owner, or group, or modify the internal udevd database entry (name) for that object.

The rules in these three directories are numbered and all three directories are merged together. If udevd can't find a rule for the device it is creating, it will leave the permissions and ownership at whatever devtmpfs used initially.

Module Loading

Device drivers compiled as modules may have aliases built into them. Aliases are visible in the output of the modinfo program and are usually related to the bus-specific identifiers of devices supported by a module. For example, the snd-fm801 driver supports PCI devices with vendor ID 0x1319 and device ID 0x0801, and has an alias of “pci:v00001319d00000801svsdbc04sc01i*”. For most devices, the bus driver exports the alias of the driver that would handle the device via sysfs. E.g., the /sys/bus/pci/devices/0000:00:0d.0/modalias file might contain the string “pci:v00001319d00000801sv00001319sd00001319bc04sc01i00”. The default rules provided with Udev will cause udevd to call out to /sbin/modprobe with the contents of the MODALIAS uevent environment variable (which should be the same as the contents of the modalias file in sysfs), thus loading all modules whose aliases match this string after wildcard expansion.

In this example, this means that, in addition to snd-fm801, the obsolete (and unwanted) forte driver will be loaded if it is available. See below for ways in which the loading of unwanted drivers can be prevented.

The kernel itself is also able to load modules for network protocols, filesystems and NLS support on demand.

Handling Hotpluggable/Dynamic Devices

When you plug in a device, such as a Universal Serial Bus (USB) MP3 player, the kernel recognizes that the device is now connected and generates a uevent. This uevent is then handled by udevd as described above.

Problems with Loading Modules and Creating Devices

There are a few possible problems when it comes to automatically creating device nodes.

A kernel module is not loaded automatically

Udev will only load a module if it has a bus-specific alias and the bus driver properly exports the necessary aliases to sysfs. In other cases, one should arrange module loading by other means. With Linux-4.20.12, Udev is known to load properly-written drivers for INPUT, IDE, PCI, USB, SCSI, SERIO, and FireWire devices.

To determine if the device driver you require has the necessary support for Udev, run modinfo with the module name as the argument. Now try locating the device directory under /sys/bus and check whether there is a modalias file there.

If the modalias file exists in sysfs, the driver supports the device and can talk to it directly, but doesn't have the alias, it is a bug in the driver. Load the driver without the help from Udev and expect the issue to be fixed later.

If there is no modalias file in the relevant directory under /sys/bus, this means that the kernel developers have not yet added modalias support to this bus type. With Linux-4.20.12, this is the case with ISA busses. Expect this issue to be fixed in later kernel versions.

Udev is not intended to load “wrapper” drivers such as snd-pcm-oss and non-hardware drivers such as loop at all.

A kernel module is not loaded automatically, and Udev is not intended to load it

If the “wrapper” module only enhances the functionality provided by some other module (e.g., snd-pcm-oss enhances the functionality of snd-pcm by making the sound cards available to OSS applications), configure modprobe to load the wrapper after Udev loads the wrapped module. To do this, add a “softdep” line to the corresponding /etc/modprobe.d/<filename>.conf file. For example:

softdep snd-pcm post: snd-pcm-oss

Note that the “softdep” command also allows pre: dependencies, or a mixture of both pre: and post:. See the modprobe.d(5) manual page for more information on “softdep” syntax and capabilities.

If the module in question is not a wrapper and is useful by itself, configure the modules bootscript to load this module on system boot. To do this, add the module name to the /etc/sysconfig/modules file on a separate line. This works for wrapper modules too, but is suboptimal in that case.

Udev loads some unwanted module

Either don't build the module, or blacklist it in a /etc/modprobe.d/blacklist.conf file as done with the forte module in the example below:

blacklist forte

Blacklisted modules can still be loaded manually with the explicit modprobe command.

Udev creates a device incorrectly, or makes a wrong symlink

This usually happens if a rule unexpectedly matches a device. For example, a poorly-written rule can match both a SCSI disk (as desired) and the corresponding SCSI generic device (incorrectly) by vendor. Find the offending rule and make it more specific, with the help of the udevadm info command.

Udev rule works unreliably

This may be another manifestation of the previous problem. If not, and your rule uses sysfs attributes, it may be a kernel timing issue, to be fixed in later kernels. For now, you can work around it by creating a rule that waits for the used sysfs attribute and appending it to the /etc/udev/rules.d/10-wait_for_sysfs.rulesfile (create this file if it does not exist). Please notify the LFS Development list if you do so and it helps.

Udev does not create a device

Further text assumes that the driver is built statically into the kernel or already loaded as a module, and that you have already checked that Udev doesn't create a misnamed device.

Udev has no information needed to create a device node if a kernel driver does not export its data to sysfs. This is most common with third party drivers from outside the kernel tree. Create a static device node in /lib/udev/devices with the appropriate major/minor numbers (see the file devices.txt inside the kernel documentation or the documentation provided by the third party driver vendor). The static device node will be copied to /dev by udev.

Device naming order changes randomly after rebooting

This is due to the fact that Udev, by design, handles uevents and loads modules in parallel, and thus in an unpredictable order. This will never be “fixed”. You should not rely upon the kernel device names being stable. Instead, create your own rules that make symlinks with stable names based on some stable attributes of the device, such as a serial number or the output of various *_id utilities installed by Udev. See Section 7.4, “Managing Devices” and Section 7.2, “General Network Configuration” for examples.

Useful Reading

Additional helpful documentation is available at the following sites:

• A Userspace Implementation of devfs http://www.kroah.com/linux/talks/ols_2003_udev_paper/Reprint-Kroah-Hartman-OLS2003.pdf

• The sysfs Filesystem http://www.kernel.org/pub/linux/kernel/people/mochel/doc/papers/ols-2005/mochel.pdf

Managing Devices

As explained in Section 7.3, “Overview of Device and Module Handling”, the order in which devices with the same function appear in /dev is essentially random. E.g., if you have a USB web camera and a TV tuner, sometimes /dev/video0 refers to the camera and /dev/video1 refers to the tuner, and sometimes after a reboot the order changes to the opposite one. For all classes of hardware except sound cards and network cards, this is fixable by creating Udev rules for custom persistent symlinks. The case of network cards is covered separately in Section 7.2, “General Network Configuration”, and sound card configuration can be found in BLFS.

For each of your devices that is likely to have this problem (even if the problem doesn't exist in your current Linux distribution), find the corresponding directory under /sys/class or /sys/block. For video devices, this may be /sys/class/video4linux/videoX. Figure out the attributes that identify the device uniquely (usually, vendor and product IDs and/or serial numbers work):

udevadm info -a -p /sys/class/video4linux/video0

Then write rules that create the symlinks, e.g.:

cat > /etc/udev/rules.d/83-duplicate_devs.rules << "EOF"

# Persistent symlinks for webcam and tuner
KERNEL=="video*", ATTRS{idProduct}=="1910", ATTRS{idVendor}=="0d81", \
   SYMLINK+="webcam"
KERNEL=="video*", ATTRS{device}=="0x036f", ATTRS{vendor}=="0x109e", \
   SYMLINK+="tvtuner"

EOF

The result is that /dev/video0 and /dev/video1 devices still refer randomly to the tuner and the web camera (and thus should never be used directly), but there are symlinks /dev/tvtuner and /dev/webcam that always point to the correct device.

Configuring the system clock

This section discusses how to configure the systemd-timedated system service, which configures system clock and timezone.

If you cannot remember whether or not the hardware clock is set to UTC, find out by running the hwclock --localtime --show command. This will display what the current time is according to the hardware clock. If this time matches whatever your watch says, then the hardware clock is set to local time. If the output from hwclock is not local time, chances are it is set to UTC time. Verify this by adding or subtracting the proper amount of hours for the timezone to the time shown by hwclock. For example, if you are currently in the MST timezone, which is also known as GMT -0700, add seven hours to the local time.

systemd-timedated reads /etc/adjtime, and depending on the contents of the file, it sets the clock to either UTC or local time.

Create the /etc/adjtime file with the following contents if your hardware clock is set to local time:

cat > /etc/adjtime << "EOF"
0.0 0 0.0
0
LOCAL
EOF

If /etc/adjtime isn't present at first boot, systemd-timedated will assume that hardware clock is set to UTC and adjust the file according to that.

You can also use the timedatectl utility to tell systemd-timedated if your hardware clock is set to UTC or local time:

timedatectl set-local-rtc 1

timedatectl can also be used to change system time and time zone.

To change your current system time, issue:

timedatectl set-time YYYY-MM-DD HH:MM:SS

Hardware clock will also be updated accordingly.

To change your current time zone, issue:

timedatectl set-timezone TIMEZONE

You can get a list of available time zones by running:

timedatectl list-timezones

Note

Please note that the timedatectl command can be used only on a system booted with systemd.

Network Time Synchronization

Starting with version 213, systemd ships a daemon called systemd-timesyncd which can be used to synchronize the system time with remote NTP servers.

The daemon is not intended as a replacement for the well established NTP daemon, but as a client only implementation of the SNTP protocol which can be used for less advanced tasks and on resource limited systems.

Starting with systemd version 216, the systemd-timesyncd daemon is enabled by default. If you want to disable it, issue the following command:

systemctl disable systemd-timesyncd

The /etc/systemd/timesyncd.conf file can be used to change the NTP servers that systemd-timesyncd synchronizes with.

Please note that when system clock is set to Local Time, systemd-timesyncd won't update hardware clock.

Configuring the Linux Console

This section discusses how to configure the systemd-vconsole-setup system service, which configures the virtual console font and console keymap.

The systemd-vconsole-setup service reads the /etc/vconsole.conf file for configuration information. Decide which keymap and screen font will be used. Various language-specific HOWTOs can also help with this, see http://www.tldp.org/HOWTO/HOWTO-INDEX/other-lang.html. Examine localectl list-keymaps output for a list of valid console keymaps. Look in /usr/share/consolefonts directory for valid screen fonts.

The /etc/vconsole.conf file should contain lines of the form: VARIABLE="value". The following variables are recognized:

KEYMAP

This variable specifies the key mapping table for the keyboard. If unset, it defaults to us.

KEYMAP_TOGGLE

This variable can be used to configure a second toggle keymap and is unset by default.

FONT

This variable specifies the font used by the virtual console.

FONT_MAP

This variable specifies the console map to be used.

FONT_UNIMAP

This variable specifies the Unicode font map.

An example for a German keyboard and console is given below:

cat > /etc/vconsole.conf << "EOF"
KEYMAP=de-latin1
FONT=Lat2-Terminus16
EOF

You can change KEYMAP value at runtime by using the localectl utility:

localectl set-keymap MAP

Note

Please note that the localectl command can be used only on a system booted with systemd.

You can also use localectl utility with the corresponding parameters to change X11 keyboard layout, model, variant and options:

localectl set-x11-keymap LAYOUT [MODEL] [VARIANT] [OPTIONS]

To list possible values for localectl set-x11-keymap parameters, run localectl with parameters listed below:

list-x11-keymap-models

Show known X11 keyboard mapping models.

list-x11-keymap-layouts

Show known X11 keyboard mapping layouts.

list-x11-keymap-variants

Show known X11 keyboard mapping variants.

list-x11-keymap-options

Show known X11 keyboard mapping options.

Note

Using any of the parameters listed above requires the XKeyboard Config package from BLFS.

Configuring the System Locale

The /etc/locale.conf below sets some environment variables necessary for native language support. Setting them properly results in:

• The output of programs translated into the native language

• Correct classification of characters into letters, digits and other classes. This is necessary for bash to properly accept non-ASCII characters in command lines in non-English locales

• The correct alphabetical sorting order for the country

• Appropriate default paper size

• Correct formatting of monetary, time, and date values

Replace <ll> below with the two-letter code for the desired language (e.g., “en”) and <CC> with the two-letter code for the appropriate country (e.g., “GB”). <charmap> should be replaced with the canonical charmap for your chosen locale. Optional modifiers such as “@euro” may also be present.

The list of all locales supported by Glibc can be obtained by running the following command:

locale -a

Charmaps can have a number of aliases, e.g., “ISO-8859-1” is also referred to as “iso8859-1” and “iso88591”. Some applications cannot handle the various synonyms correctly (e.g., require that “UTF-8” is written as “UTF-8”, not “utf8”), so it is safest in most cases to choose the canonical name for a particular locale. To determine the canonical name, run the following command, where <locale name> is the output given by locale -a for your preferred locale (“en_GB.iso88591” in our example).

LC_ALL=<locale name> locale charmap

For the “en_GB.iso88591” locale, the above command will print:

ISO-8859-1

This results in a final locale setting of “en_GB.ISO-8859-1”. It is important that the locale found using the heuristic above is tested prior to it being added to the Bash startup files:

LC_ALL=<locale name> locale language
LC_ALL=<locale name> locale charmap
LC_ALL=<locale name> locale int_curr_symbol
LC_ALL=<locale name> locale int_prefix

The above commands should print the language name, the character encoding used by the locale, the local currency, and the prefix to dial before the telephone number in order to get into the country. If any of the commands above fail with a message similar to the one shown below, this means that your locale was either not installed in Chapter 6 or is not supported by the default installation of Glibc.

locale: Cannot set LC_* to default locale: No such file or directory

If this happens, you should either install the desired locale using the localedef command, or consider choosing a different locale. Further instructions assume that there are no such error messages from Glibc.

Some packages beyond LFS may also lack support for your chosen locale. One example is the X library (part of the X Window System), which outputs the following error message if the locale does not exactly match one of the character map names in its internal files:

Warning: locale not supported by Xlib, locale set to C

In several cases Xlib expects that the character map will be listed in uppercase notation with canonical dashes. For instance, "ISO-8859-1" rather than "iso88591". It is also possible to find an appropriate specification by removing the charmap part of the locale specification. This can be checked by running the locale charmap command in both locales. For example, one would have to change "de_DE.ISO-8859-15@euro" to "de_DE@euro" in order to get this locale recognized by Xlib.

Other packages can also function incorrectly (but may not necessarily display any error messages) if the locale name does not meet their expectations. In those cases, investigating how other Linux distributions support your locale might provide some useful information.

Once the proper locale settings have been determined, create the /etc/locale.conf file:

cat > /etc/locale.conf << "EOF"
LANG=<ll>_<CC>.<charmap><@modifiers>
EOF

Note that you can modify /etc/locale.conf with the systemd localectl utility. To use localectl for the example above, run:

localectl set-locale LANG="<ll>_<CC>.<charmap><@modifiers>"

You can also specify other language specific environment variables such as LANG, LC_CTYPE, LC_NUMERIC or any other environment variable from locale output. Just separate them with a space. An example where LANG is set as en_US.UTF-8 but LC_CTYPE is set as just en_US is:

localectl set-locale LANG="en_US.UTF-8" LC_CTYPE="en_US"

Note

Please note that the localectl command can be used only on a system booted with systemd.

The “C” (default) and “en_US” (the recommended one for United States English users) locales are different. “C” uses the US-ASCII 7-bit character set, and treats bytes with the high bit set as invalid characters. That's why, e.g., the ls command substitutes them with question marks in that locale. Also, an attempt to send mail with such characters from Mutt or Pine results in non-RFC-conforming messages being sent (the charset in the outgoing mail is indicated as “unknown 8-bit”). So you can use the “C” locale only if you are sure that you will never need 8-bit characters.

UTF-8 based locales are not supported well by many programs. Work is in progress to document and, if possible, fix such problems, see http://www.linuxfromscratch.org/blfs/view/8.4/introduction/locale-issues.html.

Creating the /etc/inputrc File

The inputrc file is the configuration file for the Readline library, which provides editing capabilities while the user is entering a line from the terminal. It works by translating keyboard inputs into specific actions. Readline is used by Bash and most other shells as well as many other applications.

Most people do not need user-specific functionality so the command below creates a global /etc/inputrc used by everyone who logs in. If you later decide you need to override the defaults on a per-user basis, you can create a .inputrc file in the user's home directory with the modified mappings.

For more information on how to edit the inputrc file, see info bash under the Readline Init File section. info readline is also a good source of information.

Below is a generic global inputrc along with comments to explain what the various options do. Note that comments cannot be on the same line as commands. Create the file using the following command:

cat > /etc/inputrc << "EOF"
# Begin /etc/inputrc
# Modified by Chris Lynn <roryo@roryo.dynup.net>

# Allow the command prompt to wrap to the next line
set horizontal-scroll-mode Off

# Enable 8bit input
set meta-flag On
set input-meta On

# Turns off 8th bit stripping
set convert-meta Off

# Keep the 8th bit for display
set output-meta On

# none, visible or audible
set bell-style none

# All of the following map the escape sequence of the value
# contained in the 1st argument to the readline specific functions
"\eOd": backward-word
"\eOc": forward-word

# for linux console
"\e[1~": beginning-of-line
"\e[4~": end-of-line
"\e[5~": beginning-of-history
"\e[6~": end-of-history
"\e[3~": delete-char
"\e[2~": quoted-insert

# for xterm
"\eOH": beginning-of-line
"\eOF": end-of-line

# for Konsole
"\e[H": beginning-of-line
"\e[F": end-of-line

# End /etc/inputrc
EOF

Creating the /etc/shells File

The shells file contains a list of login shells on the system. Applications use this file to determine whether a shell is valid. For each shell a single line should be present, consisting of the shell's path, relative to the root of the directory structure (/).

For example, this file is consulted by chsh to determine whether an unprivileged user may change the login shell for her own account. If the command name is not listed, the user will be denied of change.

It is a requirement for applications such as GDM which does not populate the face browser if it can't find /etc/shells, or FTP daemons which traditionally disallow access to users with shells not included in this file.

cat > /etc/shells << "EOF"
# Begin /etc/shells

/bin/sh
/bin/bash

# End /etc/shells
EOF

Systemd Usage and Configuration

Basic Configuration

The /etc/systemd/system.conf file contains a set of options to control basic systemd operations. The default file has all entries commented out with the default settings indicated. This file is where the log level may be changed as well as some basic logging settings. See the systemd-system.conf(5) manual page for details on each configuration option.

Disabling Screen Clearing at Boot Time

The normal behavior for systemd is to clear the screen at the end of the boot sequence. If desired, this behavior may be changed by running the following command:

mkdir -pv /etc/systemd/system/getty@tty1.service.d

cat > /etc/systemd/system/getty@tty1.service.d/noclear.conf << EOF
[Service]
TTYVTDisallocate=no
EOF

The boot messages can always be reviewed by using the journalctl -b command as the root user.

Disabling tmpfs for /tmp

By default, /tmp is created as a tmpfs. If this is not desired, it can be overridden by the following:

ln -sfv /dev/null /etc/systemd/system/tmp.mount

Alternatively, if a a separate partition for /tmp is desired, specify that partition in an /etc/fstab entry.

Warning

Do not create the symbolic link above if a separate partition is used for /tmp. This will prevent the root file system (/) from being remounted r/w and make the system unusable when booted.

Configuring Automatic File Creation and Deletion

There are several services that create or delete files or directories:

• systemd-tmpfiles-clean.service
• systemd-tmpfiles-setup-dev.service
• systemd-tmpfiles-setup.service

The system location for the configuration files is /usr/lib/tmpfiles.d/\*.conf. The local configuration files are in /etc/tmpfiles.d. Files in /etc/tmpfiles.d override files with the same name in /usr/lib/tmpfiles.d. See tmpfiles.d(5) manual page for file format details.

Note that the syntax for the /usr/lib/tmpfiles.d/\*.conf files can be confusing. For example, the default deletion of files in the /tmp directory is located in /usr/lib/tmpfiles.d/tmp.conf with the line:

q /tmp 1777 root root 10d

The type field, q, discusses creating a subvolume with quotas which is really only applicable to btrfs filesystems. It references type v which in turn references type d (directory). This then creates the specified directory if is is not present and adjusts the permissions and ownership as specified. Contents of the directory will be subject to time based cleanup if the age argument is specified.

If the default parameters are not desired, then the file should be copied to /etc/tmpfiles.d and edited as desired. For example:

mkdir -p /etc/tempfiles.d
cp /usr/lib/tmpfiles.d/tmp.conf /etc/tempfiles.d

Overriding Default Services Behavior

The parameter of a unit can be overriden by creating a directory and a configuration file in /etc/systemd/system. For example:

mkdir -pv /etc/systemd/system/foobar.service.d

cat > /etc/systemd/system/foobar.service.d/foobar.conf << EOF
[Service]
Restart=always
RestartSec=30
EOF

See systemd.unit(5) manual page for more information. After creating the configuration file, run systemctl daemon-reload and systemctl restart foobar to activate the changes to a service.

Debugging the Boot Sequence

Rather than plain shell scripts used in SysVinit or BSD style init systems, systemd uses a unified format for different types of startup files (or units). The command systemctl is used to enable, disable, control state, and obtain status of unit files. Here are some examples of frequently used commands:

• systemctl list-units -t [--all]: lists loaded unit files of type service.

• systemctl list-units -t [--all]: lists loaded unit files of type target.

• systemctl show -p Wants <multi-user.target>: shows all units that depend on the multi-user target. Targets are special unit files that are anogalous to runlevels under SysVinit.

• systemctl status <servicename.service>: shows the status of the servicename service. The .service extension can be omitted if there are no other unit files with the same name, such as .socket files (which create a listening socket that provides similar functionality to inetd/xinetd).

Working with the Systemd Journal

Logging on a system booted with systemd is handled with systemd-journald (by default), rather than a typical unix syslog daemon. You can also add a normal syslog daemon and have both work side by side if desired. The systemd-journald program stores journal entries in a binary format rather than a plain text log file. To assist with parsing the file, the command journalctl is provided. Here are some examples of frequently used commands:

• journalctl -r: shows all contents of the journal in reverse chronological order.

• journalctl -u UNIT: shows the journal entries associated with the specified UNIT file.

• journalctl -b[=ID] -r: shows the journal entries since last successful boot (or for boot ID) in reverse chronological order.

• journalctl -f: povides functionality similar to tail -f (follow).

Long Running Processes

Beginning with systemd-230, all user processes are killed when a user session is ended, even if nohup is used, or the process uses the daemon() or setsid() functions. This is a deliberate change from a historically permissive environment to a more restrictive one. The new behavior may cause issues if you depend on long running programs (e.g., screen or tmux) to remain active after ending your user session. There are three ways to enable lingering processes to remain after a user session is ended.

• Enable process lingering for only selected users: Normal users have permission to enable process lingering with the command loginctl enable-linger for their own user. System administrators can use the same command with a user argument to enable for a user. That user can then use the systemd-run command to start long running processes. For example: systemd-run --scope --user /usr/bin/screen. If you enable lingering for your user, the user@.service will remain even after all login sessions are closed, and will automatically start at system boot. This has the advantage of explicitly allowing and disallowing processes to run after the user session has ended, but breaks backwards compatibility with tools like nohup and utilities that use deamon().

• Enable system-wide process lingering: You can set KillUserProcesses=no in /etc/logind.conf to enable process lingering globally for all users. This has the benefit of leaving the old method available to all users at the expense of explicit control.

• Disable at build-time: You can enable lingering by default while building systemd by adding the switch -Ddefault-kill-user-processes=no to the meson command for systemd. This completely disables the ability of systemd to kill user processes at session end.

Making the LFS System Bootable

Table of Contents

• Introduction
• Creating the /etc/fstab File
• Linux-4.20.12
• Using GRUB to Set Up the Boot Process

Introduction

It is time to make the LFS system bootable. This chapter discusses creating an fstab file, building a kernel for the new LFS system, and installing the GRUB boot loader so that the LFS system can be selected for booting at startup.

Creating the /etc/fstab File

The /etc/fstab file is used by some programs to determine where file systems are to be mounted by default, in which order, and which must be checked (for integrity errors) prior to mounting. Create a new file systems table like this:

cat > /etc/fstab << "EOF"
# Begin /etc/fstab

# file system  mount-point  type     options             dump  fsck
#                                                              order

/dev/<xxx>     /            <fff>    defaults            1     1
/dev/<yyy>     swap         swap     pri=1               0     0

# End /etc/fstab
EOF

Replace <xxx>, <yyy>, and <fff> with the values appropriate for the system, for example, sda2, sda5, and ext4. For details on the six fields in this file, see man 5 fstab.

Filesystems with MS-DOS or Windows origin (i.e. vfat, ntfs, smbfs, cifs, iso9660, udf) need a special option, utf8, in order for non-ASCII characters in file names to be interpreted properly. For non-UTF-8 locales, the value of iocharset should be set to be the same as the character set of the locale, adjusted in such a way that the kernel understands it. This works if the relevant character set definition (found under File systems -> Native Language Support when configuring the kernel) has been compiled into the kernel or built as a module. However, if the character set of the locale is UTF-8, the corresponding option iocharset=utf8 would make the file system case sensitive. To fix this, use the special option utf8 instead of iocharset=utf8, for UTF-8 locales. The “codepage” option is also needed for vfat and smbfs filesystems. It should be set to the codepage number used under MS-DOS in your country. For example, in order to mount USB flash drives, a ru_RU.KOI8-R user would need the following in the options portion of its mount line in /etc/fstab:

noauto,user,quiet,showexec,codepage=866,iocharset=koi8r

The corresponding options fragment for ru_RU.UTF-8 users is:

noauto,user,quiet,showexec,codepage=866,utf8

Note that using iocharset is the default for iso8859-1 (which keeps the file system case insensitive), and the utf8 option tells the kernel to convert the file names using UTF-8 so they can be interpreted in the UTF-8 locale.

It is also possible to specify default codepage and iocharset values for some filesystems during kernel configuration. The relevant parameters are named “Default NLS Option” (CONFIG_NLS_DEFAULT), “Default Remote NLS Option” (CONFIG_SMB_NLS_DEFAULT), “Default codepage for FAT” (CONFIG_FAT_DEFAULT_CODEPAGE), and “Default iocharset for FAT” (CONFIG_FAT_DEFAULT_IOCHARSET). There is no way to specify these settings for the ntfs filesystem at kernel compilation time.

It is possible to make the ext3 filesystem reliable across power failures for some hard disk types. To do this, add the barrier=1 mount option to the appropriate entry in /etc/fstab. To check if the disk drive supports this option, run hdparm on the applicable disk drive. For example, if:

hdparm -I /dev/sda | grep NCQ

returns non-empty output, the option is supported.

Note: Logical Volume Management (LVM) based partitions cannot use the barrier option

Linux-4.20.12

The Linux package contains the Linux kernel.

Approximate Build Time: 4.4 - 66.0 SBU (typically about 6 SBU)

Required Disk Space: 960 - 4250 MB (typically about 1100 MB)

Installation of the kernel

Building the kernel involves a few steps—configuration, compilation, and installation. Read the README file in the kernel source tree for alternative methods to the way this book configures the kernel.

Prepare for compilation by running the following command:

make mrproper

This ensures that the kernel tree is absolutely clean. The kernel team recommends that this command be issued prior to each kernel compilation. Do not rely on the source tree being clean after un-tarring.

Configure the kernel via a menu-driven interface. For general information on kernel configuration see kernel configuration. BLFS has some information regarding particular kernel configuration requirements of packages outside of LFS here. Additional information about configuring and building the kernel can be found here.

Note

A good starting place for setting up the kernel configuration is to run make defconfig. This will set the base configuration to a good state that takes your current system architecture into account.

Be sure to enable/disable/set the following features or the system might not work correctly or boot at all:

General setup -->
   [ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
  [ ] Enable deprecated sysfs features by default [CONFIG_SYSFS_DEPRECATED_V2]
   [*] open by fhandle syscalls [CONFIG_FHANDLE]
   [ ] Auditing support [CONFIG_AUDIT]
   [*] Control Group support [CONFIG_CGROUPS]
Processor type and features  --->
   [*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
Networking support  --->
  Networking options  --->
   <*> The IPv6 protocol [CONFIG_IPV6]
Device Drivers  --->
  Generic Driver Options  --->
   [ ] Support for uevent helper [CONFIG_UEVENT_HELPER]
   [*] Maintain a devtmpfs filesystem to mount at /dev [CONFIG_DEVTMPFS]
   [ ] Fallback user-helper invocation for firmware loading [CONFIG_FW_LOADER_USER_HELPER]
Firmware Drivers  --->
   [*] Export DMI identification via sysfs to userspace [CONFIG_DMIID]
File systems  --->
   [*] Inotify support for userspace [CONFIG_INOTIFY_USER]
   <*> Kernel automounter version 4 support (also supports v3) [CONFIG_AUTOFS4_FS]
  Pseudo filesystems  --->
   [*] Tmpfs POSIX Access Control Lists [CONFIG_TMPFS_POSIX_ACL]
   [*] Tmpfs extended attributes [CONFIG_TMPFS_XATTR]
Kernel hacking  --->
       Choose kernel unwinder (Frame pointer unwinder)  ---> [CONFIG_UNWINDER_FRAME_POINTER]

Note

While "The IPv6 Protocol" is not strictly required, it is highly recommended by the systemd developers.

Note

If your host hardware is using UEFI, then the 'make defconfig' above should automatically add in some EFI-related kernel options.

In order to allow your LFS kernel to be booted from within your host's UEFI boot environment, your kernel must have this option selected:

Processor type and features  --->
   [*]   EFI stub support  [CONFIG_EFI_STUB]

A fuller description of managing UEFI environments from within LFS is covered by the lfs-uefi.txt hint at http://www.linuxfromscratch.org/hints/downloads/files/lfs-uefi.txt.

The rationale for the above configuration items:

Support for uevent helper

Having this option set may interfere with device management when using Udev/Eudev.

Maintain a devtmpfs

This will create automated device nodes which are populated by the kernel, even without Udev running. Udev then runs on top of this, managing permissions and adding symlinks. This configuration item is required for all users of Udev/Eudev.

make menuconfig

The meaning of optional make environment variables:

LANG=<host_LANG_value> LC_ALL=

This establishes the locale setting to the one used on the host. This may be needed for a proper menuconfig ncurses interface line drawing on a UTF-8 linux text console.

If used, be sure to replace <host_LANG_value> by the value of the $LANG variable from your host. You can alternatively use instead the host's value of $LC_ALL or $LC_CTYPE.

Alternatively, make oldconfig may be more appropriate in some situations. See the README file for more information.

If desired, skip kernel configuration by copying the kernel config file, .config, from the host system (assuming it is available) to the unpacked linux-4.20.12 directory. However, we do not recommend this option. It is often better to explore all the configuration menus and create the kernel configuration from scratch.

Compile the kernel image and modules:

make

If using kernel modules, module configuration in /etc/modprobe.d may be required. Information pertaining to modules and kernel configuration is located in Section 7.3, “Overview of Device and Module Handling” and in the kernel documentation in the linux-4.20.12/Documentation directory. Also, modprobe.d(5) may be of interest.

Install the modules, if the kernel configuration uses them:

make modules_install

After kernel compilation is complete, additional steps are required to complete the installation. Some files need to be copied to the /boot directory.

Caution

If the host system has a separate /boot partition, the files copied below should go there. The easiest way to do that is to bind /boot on the host (outside chroot) to /mnt/lfs/boot before proceeding. As the root user in the host system:

mount --bind /boot /mnt/lfs/boot

The path to the kernel image may vary depending on the platform being used. The filename below can be changed to suit your taste, but the stem of the filename should be vmlinuz to be compatible with the automatic setup of the boot process described in the next section. The following command assumes an x86 architecture:

cp -iv arch/x86/boot/bzImage /boot/vmlinuz-4.20.12-lfs-8.4-systemd

System.map is a symbol file for the kernel. It maps the function entry points of every function in the kernel API, as well as the addresses of the kernel data structures for the running kernel. It is used as a resource when investigating kernel problems. Issue the following command to install the map file:

cp -iv System.map /boot/System.map-4.20.12

The kernel configuration file .configproduced by the make menuconfig step above contains all the configuration selections for the kernel that was just compiled. It is a good idea to keep this file for future reference:

cp -iv .config /boot/config-4.20.12

Install the documentation for the Linux kernel:

install -d /usr/share/doc/linux-4.20.12
cp -r Documentation/* /usr/share/doc/linux-4.20.12

It is important to note that the files in the kernel source directory are not owned by root. Whenever a package is unpacked as user root (like we did inside chroot), the files have the user and group IDs of whatever they were on the packager's computer. This is usually not a problem for any other package to be installed because the source tree is removed after the installation. However, the Linux source tree is often retained for a long time. Because of this, there is a chance that whatever user ID the packager used will be assigned to somebody on the machine. That person would then have write access to the kernel source.

Note

In many cases, the configuration of the kernel will need to be updated for packages that will be installed later in BLFS. Unlike other packages, it is not necessary to remove the kernel source tree after the newly built kernel is installed.

If the kernel source tree is going to be retained, run chown -R 0:0 on the linux-4.20.12 directory to ensure all files are owned by user root.

Warning

Some kernel documentation recommends creating a symlink from /usr/src/linux pointing to the kernel source directory. This is specific to kernels prior to the 2.6 series and must not be created on an LFS system as it can cause problems for packages you may wish to build once your base LFS system is complete.

Warning

The headers in the system's include directory (/usr/include) should always be the ones against which Glibc was compiled, that is, the sanitised headers installed in Section 6.7, “Linux-4.20.12 API Headers”. Therefore, they should never be replaced by either the raw kernel headers or any other kernel sanitized headers.

Configuring Linux Module Load Order

Most of the time Linux modules are loaded automatically, but sometimes it needs some specific direction. The program that loads modules, modprobe or insmod, uses /etc/modprobe.d/usb.conf for this purpose. This file needs to be created so that if the USB drivers (ehci_hcd, ohci_hcd and uhci_hcd) have been built as modules, they will be loaded in the correct order; ehci_hcd needs to be loaded prior to ohci_hcd and uhci_hcd in order to avoid a warning being output at boot time.

Create a new file /etc/modprobe.d/usb.conf by running the following:

install -v -m755 -d /etc/modprobe.d
cat > /etc/modprobe.d/usb.conf << "EOF"
# Begin /etc/modprobe.d/usb.conf

install ohci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i ohci_hcd ; true
install uhci_hcd /sbin/modprobe ehci_hcd ; /sbin/modprobe -i uhci_hcd ; true

# End /etc/modprobe.d/usb.conf
EOF

Contents of Linux

Installed Programs: config-4.20.12, vmlinuz-4.20.12-lfs-8.4-systemd, and System.map-4.20.12and tclsh8.6

Installed Directories: /lib/modules, /usr/share/doc/linux-4.20.12

Installed	Descriptions
config-4.20.12	Contains all the configuration selections for the kernel
vmlinuz-4.20.12-lfs-8.4-systemd	The engine of the Linux system. When turning on the computer, the kernel is the first part of the operating system that gets loaded. It detects and initializes all components of the computer's hardware, then makes these components available as a tree of files to the software and turns a single CPU into a multitasking machine capable of running scores of programs seemingly at the same time
System.map-4.20.12	A list of addresses and symbols; it maps the entry points and addresses of all the functions and data structures in the kernel

Using GRUB to Set Up the Boot Process

Introduction

Warning

Configuring GRUB incorrectly can render your system inoperable without an alternate boot device such as a CD-ROM. This section is not required to boot your LFS system. You may just want to modify your current boot loader, e.g. Grub-Legacy, GRUB2, or LILO.

Ensure that an emergency boot disk is ready to “rescue” the computer if the computer becomes unusable (un-bootable). If you do not already have a boot device, you can create one. In order for the procedure below to work, you need to jump ahead to BLFS and install xorriso from the libisoburn package.

cd /tmp
grub-mkrescue --output=grub-img.iso
xorriso -as cdrecord -v dev=/dev/cdrw blank=as_needed grub-img.iso

Note

To boot LFS on host systems that have UEFI enabled, the kernel needs to have been built with the CONFIG_EFI_STUB capabality described in the previous section. However, LFS can be booted using GRUB2 without such an addition. To do this, the UEFI Mode and Secure Boot capabilities in the host system's BIOS need to be turned off. For details, see the lfs-uefi.txt hint.

GRUB Naming Conventions

GRUB uses its own naming structure for drives and partitions in the form of (hdn,m), where n is the hard drive number and m is the partition number. The hard drive number starts from zero, but the partition number starts from one for normal partitions and five for extended partitions. Note that this is different from earlier versions where both numbers started from zero. For example, partition sda1 is (hd0,1) to GRUB and sdb3 is (hd1,3). In contrast to Linux, GRUB does not consider CD-ROM drives to be hard drives. For example, if using a CD on hdb and a second hard drive on hdc, that second hard drive would still be (hd1).

Setting Up the Configuration

GRUB works by writing data to the first physical track of the hard disk. This area is not part of any file system. The programs there access GRUB modules in the boot partition. The default location is /boot/grub/.

The location of the boot partition is a choice of the user that affects the configuration. One recommendation is to have a separate small (suggested size is 100 MB) partition just for boot information. That way each build, whether LFS or some commercial distro, can access the same boot files and access can be made from any booted system. If you choose to do this, you will need to mount the separate partition, move all files in the current /boot directory (e.g. the linux kernel you just built in the previous section) to the new partition. You will then need to unmount the partition and remount it as /boot. If you do this, be sure to update /etc/fstab.

Using the current lfs partition will also work, but configuration for multiple systems is more difficult.

Using the above information, determine the appropriate designator for the root partition (or boot partition, if a separate one is used). For the following example, it is assumed that the root (or separate boot) partition is sda2.

Install the GRUB files into /boot/grub and set up the boot track:

Warning

The following command will overwrite the current boot loader. Do not run the command if this is not desired, for example, if using a third party boot manager to manage the Master Boot Record (MBR).

grub-install /dev/sda

Note

If the system has been booted using UEFI, grub-install will try to install files for the x86_64-efi target, but those files have not been installed in chapter 6. If this is the case, add --target i386-pc to the command above.

Creating the GRUB Configuration File

Generate /boot/grub/grub.cfg:

cat > /boot/grub/grub.cfg << "EOF"
# Begin /boot/grub/grub.cfg
set default=0
set timeout=5

insmod ext2
set root=(hd0,2)

menuentry "GNU/Linux, Linux 4.20.12-lfs-8.4-systemd" {
        linux   /boot/vmlinuz-4.20.12-lfs-8.4-systemd root=/dev/sda2 ro
}
EOF

Note

From GRUB's perspective, the kernel files are relative to the partition used. If you used a separate /boot partition, remove /boot from the above linux line. You will also need to change the set root line to point to the boot partition.

GRUB is an extremely powerful program and it provides a tremendous number of options for booting from a wide variety of devices, operating systems, and partition types. There are also many options for customization such as graphical splash screens, playing sounds, mouse input, etc. The details of these options are beyond the scope of this introduction.

Caution

There is a command, grub-mkconfig, that can write a configuration file automatically. It uses a set of scripts in /etc/grub.d/ and will destroy any customizations that you make. These scripts are designed primarily for non-source distributions and are not recommended for LFS. If you install a commercial Linux distribution, there is a good chance that this program will be run. Be sure to back up your grub.cfg file.

The End

Table of Contents

• The End
• Get Counted
• Rebooting the System
• What Now?

The End

Well done! The new LFS system is installed! We wish you much success with your shiny new custom-built Linux system.

Create an /etc/os-release file required by systemd:

cat > /etc/os-release << "EOF"
NAME="Linux From Scratch"
VERSION="8.4-systemd"
ID=lfs
PRETTY_NAME="Linux From Scratch 8.4-systemd"
VERSION_CODENAME="<your name here>"
EOF

Creating the file /etc/lfs-release is recommended for compatibility with the non-systemd branch. By having this file, it is very easy for you (and for us if you need to ask for help at some point) to find out which LFS version is installed on the system. Create this file by running:

echo 8.4-systemd > /etc/lfs-release

It is also a good idea to create a file to show the status of your new system with respect to the Linux Standards Base (LSB). To create this file, run:

cat > /etc/lsb-release << "EOF"
DISTRIB_ID="Linux From Scratch"
DISTRIB_RELEASE="8.4-systemd"
DISTRIB_CODENAME="<your name here>"
DISTRIB_DESCRIPTION="Linux From Scratch"
EOF

Be sure to put some sort of customization for the field 'DISTRIB_CODENAME' to make the system uniquely yours.

Get Counted

Now that you have finished the book, do you want to be counted as an LFS user? Head over to here and register as an LFS user by entering your name and the first LFS version you have used.

Let's reboot into LFS now.

Rebooting the System

Now that all of the software has been installed, it is time to reboot your computer. However, you should be aware of a few things. The system you have created in this book is quite minimal, and most likely will not have the functionality you would need to be able to continue forward. By installing a few extra packages from the BLFS book while still in our current chroot environment, you can leave yourself in a much better position to continue on once you reboot into your new LFS installation. Here are some suggestions:

• A text mode browser such as Lynx will allow you to easily view the BLFS book in one virtual terminal, while building packages in another.

• The GPM package will allow you to perform copy/paste actions in your virtual terminals.

• If you are in a situation where static IP configuration does not meet your networking requirements, installing a package such as dhcpcd or the client portion of dhcp may be useful.

• Installing sudo may be useful for building packages as a non-root user and easily installing the resulting packages in your new system.

• If you want to access your new system from a remote system within a comfortable GUI environment, install openssh.

• To make fetching files over the internet easier, install wget.

• If one or more of your disk drives have a GUID partition table (GPT), either gptfdisk or parted will be useful.

• Finally, a review of the following configuration files is also appropriate at this point.

  • /etc/bashrc
  • /etc/dircolors
  • /etc/fstab
  • /etc/hosts
  • /etc/inputrc
  • /etc/profile
  • /etc/resolv.conf
  • /etc/vimrc
  • /root/.bash_profile
  • /root/.bashrc

Now that we have said that, let's move on to booting our shiny new LFS installation for the first time! First exit from the chroot environment:

logout

Then unmount the virtual file systems:

umount -v $LFS/dev/pts
umount -v $LFS/dev
umount -v $LFS/run
umount -v $LFS/proc
umount -v $LFS/sys

Unmount the LFS file system itself:

umount -v $LFS

If multiple partitions were created, unmount the other partitions before unmounting the main one, like this:

umount -v $LFS/usr
umount -v $LFS/home
umount -v $LFS

Now, reboot the system with:

shutdown -r now

Assuming the GRUB boot loader was set up as outlined earlier, the menu is set to boot LFS 8.4 automatically.

When the reboot is complete, the LFS system is ready for use and more software may be added to suit your needs.

What Now?

Thank you for reading this LFS book. We hope that you have found this book helpful and have learned more about the system creation process.

Now that the LFS system is installed, you may be wondering “What next?” To answer that question, we have compiled a list of resources for you.