This article is outdated and may not work correctly for current operating systems or software.
By default, the FreeBSD operating system utilizes the GENERIC
kernel; however, in this tutorial, we will recompile a FreeBSD kernel with a custom configuration known as: CUSTOM
.
1) To follow this tutorial, deploy the following instance:
2) Once your instance is deployed, install sudo
as the root user:
# pkg install -y sudo
3) Create a local user as a member of the wheel group and then issue a password:
# pw useradd test -g wheel
# passwd test
Changing local password for test
New Password:
Retype New Password:
4) Allow all members of the wheel group to execute any command
# visudo
Change:
# %wheel ALL=(ALL) ALL
To
%wheel ALL=(ALL) ALL
Save and exit by pressing the Esc
key followed by typing:wq!
5) Change to the new user's shell
# su test
$
In order to recompile the kernel, we must first obtain the source code from FreeBSD's version control system; in this case, subversion
$ sudo pkg install -y subversion
Password:
By default, the shell for new FreeBSD users is sh
; however, we will need to change this to csh
after installing subversion
1) Confirm the current user's shell:
$ echo $SHELL
/bin/sh
2) Change the current user's shell to csh
:
$ chsh -s /bin/csh
Password:
chsh: user information updated
3) Confirm the shell has changed for the current user:
$ grep test /etc/passwd
test:*:1001:0:User &:/home/test:/bin/csh
OR
$ echo $SHELL
/bin/csh
4) Now that the current user's shell is configured as csh
, we can now rehash
the directory tables:
$ rehash
5) Lastly, check out a copy of the latest stable branch to the /usr/src
directory:
$ sudo svn co --trust-server-cert --non-interactive https://svn0.us-east.freebsd.org/base/stable/11/ /usr/src
Password:
Checked out revision 317943.
CUSTOM
ConfigurationFor our CUSTOM
kernel configuration, we are going to copy the existing GENERIC
configuration.
1) Copy GENERIC
from the /usr/src/sys/amd64/conf/
directory as CUSTOM
:
$ sudo cp /usr/src/sys/amd64/conf/GENERIC /usr/src/sys/amd64/conf/CUSTOM
Password:
Within our CUSTOM
kernel configuration, we're going to make some changes.
2) Open /usr/src/sys/amd64/conf/CUSTOM
:
$ sudo vi /usr/src/sys/amd64/conf/CUSTOM
On line 22, you will see an ident
flag, line numbers can be seen in the vi
editor by pressing the Esc
key followed by typing:set nu
22 ident GENERIC
3) Change GENERIC
to the name of your custom kernel; in this case CUSTOM
:
22 ident CUSTOM
Moreover, at the bottom of the configuration, we're going to add the following:
options IPSEC
options TCP_SIGNATURE
Once you're satisfied with your changes, save and exit again by pressing the Esc
key followed by typing:wq!
Additional information for these various options can be found in the NOTES
file for each type of architecture within the /usr/src/sys/
directory.
Below are a few of the common architecture NOTES
location(s):
/usr/src/sys/amd64/conf/NOTES
/usr/src/sys/arm64/conf/NOTES
/usr/src/sys/i386/conf/NOTES
Architecture indepedent options can be referenced from /usr/src/sys/conf/NOTES
For further details, please see the FreeBSD Handbook.
CUSTOM
KernelWe will now compile the CUSTOM
kernel you've prepared.
1) Change to the /usr/src
directory and issue a make buildkernel
with the CUSTOM
configuration file:
$ cd /usr/src
$ sudo make buildkernel KERNCONF=CUSTOM
Password:
Your estimated time until completion will vary depending on your instance's amount of resources.
For this tutorial, we utilized the following:
CPU: 4 vCore
RAM: 8192 MB
Storage: 100 GB SSD
With these resources, we finished compiling our CUSTOM
kernel in ~ 4 hours:
--------------------------------------------------------------------
>>> Kernel build for CUSTOM completed on Sat May 6 00:24:37 UTC 2017
--------------------------------------------------------------------
2) Once your CUSTOM
kernel has finished compiling, you can install the configuration:
$ sudo make installkernel KERNCONF=CUSTOM
Password:
Installing should complete much faster than compiling.
3) Once its finishing installing, reboot your instance:
$ sudo shutdown -r now
Password:
Your instance will now begin to shutdown and reboot into your CUSTOM
kernel. You can login to your instance's console to observe the boot process.
4) Once your instance reboots, login and confirm that your CUSTOM
kernel is being utilized:
$ sysctl kern.conftxt | grep ident
ident CUSTOM
OR
$ uname -i
CUSTOM