LFS 6.3, BLFS 6.2/svn 6.3

Last modified: 2019-May-23, 00h34

Todo List

My old Ubuntu-server was doing some stuff, which my new LFS will also have to do:



  1. LFS Diary

  2. Todo List

  3. Index

  4. Foreword

  5. Why LFS?

  6. Caution: Alpha Version!

  7. Conventions

  8. Sunday, May 25, 2008

  9. How to resume work after reboot

  10. Book not good?

  11. How to unpack *.tar.gz files

  12. Keep or delete the build directory?

  13. Monday, May 26, 2008

  14. Timeout in the GCC test suite

  15. DHCP client suddenly starts requesting new IP address

  16. GCC-4.1.2, Pass 2: make -k check errors

  17. Wednesday, May 28, 2008

  18. Strange file name

  19. What files changed or are new after compile?

  20. Thurstday, May 29, 2008

  21. Strange problems with sshd

  22. Friday, May 30, 2008

  23. Saturday, May 31, 2008

  24. Sunday, June 1, 2008

  25. Monday, June 2, 2008

  26. Wednesday, June 4, 2008

  27. A Working Backup?

  28. backup.sh

  29. The correct way to reenter LFS for chapter 7

  30. Saturday, June 7, 2008

  31. Where the heck is sysklogd?

  32. Making the Kernel

  33. Something Really Weird Happened

  34. Reboot!

  35. Reboot №2

  36. Beyond Linux from Scratch!

  37. Sunday, June 8, 2008

  38. Feeding your LFS

  39. PuTTY (Windows) won't display /etc/issue.net :-(

  40. Customizing the Look'n'Feel

  41. How to use console fonts

  42. Make a kernel with boot prompt support for console fonts

  43. Configure grub for enabling console font by passing a boot parameter

  44. Disable font change while booting

  45. Where you find a list of fonts

  46. Some Enviroment Settings

  47. Files for placing enviroment settings

  48. Tuesday, June 10, 2008

  49. Monday, June 16, 2008

  50. Tuesday, June 17, 2008

  51. Additional entries for /etc/rc.d/rc.iptables

  52. Wednesday, June 18, 2008

  53. My new /etc/sysconfig/network-devices/services/pppoe

  54. Adjusting the MTU settings

  55. Thursday, June 19, 2008

  56. DHCP server up and running

  57. Do I really need BIND??

  58. Wrong BLFS Book!

  59. Friday, June 20, 2008

  60. USB not really explained?

  61. What configure --prefix= can do

  62. Creating a default and a real user

  63. Creating a shared ssh session with screen

  64. Basic screen usage

  65. Sunday, June 22, 2009

  66. PPPoE/MTU problem still persists

  67. Possible Solution

  68. Monday, June 23, 2008

  69. First steps towards USB

  70. Kernel crashes, when I plug in a USB device

  71. Kernel Does Magic

  72. Drivers for the webcam

  73. What configure --prefix= can't do

  74. Running the webcam

  75. Moving to a bigger hard drive

  76. Wednesday, June 25, 2008

  77. Strange Issue

  78. How to get more tty consoles

  79. How to let the log be output to it's own console

  80. Redirecting Apache logs to a special console

  81. Activating the PC Speaker

  82. Thursday, June 26, 2008

  83. List Sizes of all Subdirectories

  84. Wednesday, August 8, 2008

  85. The first working firewall

  86. Installing to a "fake root"

  87. Friday, August 8, 2008

  88. Strange dhclient incident

  89. Sunday, August 17, 2008

  90. make modules_install removes third party (non-kernel) modules

  91. Annoying messages output to the console and /proc/sys/kernel/printk

  92. Friday, October 24, 2008

  93. How to make gspca support two webcams on one USB bus,
    when gspca says "no space left on device"

  94. Dirty hack of gspcav1-20071224/gspca_core.c

  95. Getting rid of the gspca panic messages printed to the console

  96. After making and installing new kernel modules, gspca was gone

  97. The system on the mirror partition panics on boot

  98. Saturday, November 8, 2008

  99. Adding graphic capabilities to PHP

  100. Way Beyond Linux From Scratch

  101. Friday, November 14, 2008

  102. Saturday, November 15, 2008

  103. "Not interpreted issue"-bug

  104. Frame buffer configuration

  105. i2c not present but running

  106. New drive corrupted, too?

  107. Sunday, November 16, 2008

  108. More webcam scripts

  109. To be continued...


Why LFS?

After years of trying to find an alternative to MS Windows, I ended up frustrated. Years ago I started to use Linux as home server, but I did not learn much more than some basics. Then I discovered Ubuntu, which is quite nice, because you can actually use it without being an expert. But I still was unsatisfied. I want to have operating systems with sizes of some megabytes, not gigabytes (QNX fits on a single 1.44 MB floppy disk). In times of DOS I used to understand the whole system and I could do anything from configuring to manually repairing the file system with a hex editor. But things have changed. Current operating systems come with so much additional stuff, that I have difficulties to identify the basic programs on my hard drive. My actual Ubuntu server does some strange things, and I have not the slightest chance of tracking down the errors. So I finally decided to create my own Linux. Maybe I can get control back this way.

Caution: Alpha Version!

This document is in it's first phase. When I got my new LFS server fully functional the first time, I will have a route guide for repeating the whole process. Next time, I am going to expand and correct the explanations. At this time, there might be errors or not so clever suggestions in this document, so be careful!


The following conventions are not visible without CSS

Whenever I encounter a problem, I will try not only to complain, but also to provide you with the solutions I find. Blue boxes show the essence of the solution, which will be commands most of the time.

Sometimes I will give explanations to the solutions in boxes like this one.

Contents of files are displayed this way.

Cites are marked by a gray bar to the left.

End of conventions.

I started to follow the instructions of the LFS Book 6.3 (Local Copy). I soon found out, that there's much stuff, I do not understand, but I decided to go on for getting an opportunity to learn Linux from scratch. After some days of work, I additionally decided to start an LFS diary to summarize my expiriences and the problems I need to solve.

For you to keep track of where I was while writing the entries of this diary, I will link the corresponding chapters of The Book in headings like this one:

1. Introduction

For I never wrote software under unix, and Makefiles are known to me only by the basic concept, I expect to face some difficulties on my way. And all of you, who tried to read man pages and this stuff, they call "documentation", know the problem of circular reference well enough. You need to be a Unix expert before you can start studying Unix. But this time I intend to reach my goal.

Sunday, May 25, 2008

4. Final Preparations

The LFS book is really nice; It tells you quite exactly what to type, keystroke after keystroke. And more: Every command line switch is explained on the same page, which makes it easy to understand, what you're doing. Chapters one to four were really easy for me. I used the LFS Live CD and created two partitions, one for the extf3 file system (/dev/hdb1) and the other as swap (/dev/hdb2, there is only this hard drive in the LFS machine).

4.6. About the Test Suites

You will probably encounter some error messages. As long as they are just a few, ignore them.

How to resume work after reboot

I also easily found a web page, that explains how to resume the LFS creation process after a shutdown.

Book not good?

Other things in the LFS book are not so perfect: On one hand you get some super-simple instructions like mkdir ../gcc-build; Most of the text is more like a setup script than a book. On the other hand some things are not even mentioned, like how you uncompress the sources and that you need to cd sourcedir before calling ./configure. Allthough these things are not very important, they would fit nicely into the book due to it's overall high detail level.

The motto of the IRC channel:
Follow book, book good
is right - 5.1. Introduction said it. I was blind.


How to unpack *.tar.gz files

The commands you are looking for are:
gzip -cd filename.tar.gz | tar xvf -
bzip2 -cd filename.tar.bz2 | tar xvf -
Another way should be: tar -xf source.tar.gz and tar -xf source.tar.bz2, but I think, it didn't work when I used the tar from the /tools directory.
Gzip uncompresses the content of the file and writes it to STDOUT, which is usually the screen. Using a pipe (the pipe character "|") hands over the output of gzip to the tar program on its STDIN channel, which would normally be the input from the keyboard. (Read BASH Programming - Introduction HOW-TO for some bash basics.)
As mentioned in the man page of gzip, you get better compression when putting all small files together. This is done with tar ("Tape array"). Handing over the uncompressed data to tar makes it creating the original individual files:
gzip -c Write output on standard output
gzip -d Decompress.
tar -x  extract files from an archive
tar -f  use archive file or device (default "-", meaning stdin/stdout)
tar -v  verbosely list files processed
On http://www.tldp.org/HOWTO/Software-Building-HOWTO.html you find some hints about unpacking *.tar.gz files in Chapter 2 - Building and Installing Software Packages for Linux: Unpacking the Files.

Keep or delete the build directory?

5.4. GCC-4.1.2 - Pass 1

The book says, the build directories were temporal, and needed files are usually copied to some other directories. But in two cases links to files in these temporal folders are created, so I assume, I am not allowed to delete these directories now. See 5.3. Binutils-2.17 - Pass 1 (copy), 5.8 Tcl-8.4.15 (link to temp), and 5.4. GCC-4.1.2 - Pass 1 (link to temp), on the bottom of the pages.

Answer: You can delete them safely.
My mistake was to assume, that ln -s gcc /tools/bin/cc would create a link to the current working dir specified by the relative file name "gcc". In fact the created link points (if you use relative file names) from the location of the link itself. The above link would point to /tools/bin/gcc.
Sometimes you will be going to compile a certain package again; People on the IRC channel told me, that always re-extracting the sources is a good idea.

Monday, May 26, 2008

5.11. GCC-4.1.2 - Pass 2

Currently, I am still trying to do the second gcc pass, but several things are strange. When calling the non mandatory make -k check, an error occurs claiming autogen: command not found and I have no idea, what autogen is good for or if I can ignore this error safely. Neither the LFS book tells me anything about this error, nor does Google. In a mailing list I read, that make bootstrap could fix the problem, so I give it a try while I am going to do some other stuff. For my pitty, the LFS machine is very slow (450 MHz), so this will take a while.

Timeout in the GCC test suite

It seems, that such timeouts can be ignored.

The second problem is a timeout problem in the test suite. Someone wrote on his web page, that he solved it by reconfiguring something, but he didn't tell, what exactly was to be done. Great.

DHCP client suddenly starts requesting new IP address

The third problem is really weird, as it suddenly has started to occur after days without trouble: The network interface of my LFS machine resets and gets a new IP assigned by my DHCP server every 15 minutes or so. Very odd, I am using a live CD. Running cat /proc/kmsg tells me about link up on the ethernet device, but there is no link down event (which is shown, when I disconnect physically). I tried to use screen to regain access to lost SSH sessions, but when calling screen -R, it always claims, that there would be no windows to reconnect to. There were six instances of screen running, I have no clue what's wrong. Then I simply killed the DHCP client process, thus getting rid of the new behaviour. I really do wonder, what went wrong with screen, when I tried to reconnect after the IP address changed. Or did something else go wrong? A solar flare maybe? PEBCAK? Why do computers always invent new problems?? Call me newbie.

After make bootstrap just finished, make check still doesn't find autogen. Big surprise. I suppose, this autogen is the same as http://autogen.sourceforge.net/. I start make -k check now to find out, which scripts timed out some days ago. I wonder, if I should just skip the tests in this phase.

GCC-4.1.2, Pass 2: make -k check errors


After several hours of compiling, the next step (make install) did run very fast in comparison. Everything seems to be okay so far. I am ignoring the previous errors for now.

5.12. Binutils-2.17 - Pass 2

The next steps were too easy, not a single error message and only a few warnings, where even I knew why to ignore them.

5.14. Bash-3.2

Another occurance of a file that is linked from the build directory, bottom of the page... ( Already solved)

Wednesday, May 28, 2008

Woke up too early, even the sun is still asleep. Well, time to make some more new software for my LFS. Only decompressing and compiling stuff is a little bit boring. But I won't complain, i'd rather not wish to have some excitement here, because I know that wishes can come true.

Most of the next packages compiled without errors nor warnings:

5.24. Patch-2.5.4


5.26. Sed-4.1.5


5.29. Util-linux-2.12r


While calling strip (5.30. Stripping), the following warnings came up: 2008-05-28-B6.3-C5.30-strip-output.txt

Making a backup of the tools directory

The commands for making a backup as user "root" are:
tar -cf tools.tar /tools (Creating the archive)
tar -xf tools.tar (Retrieving the files)
tar also keeps permissions, ownership, group, aso.

So far, so simple and boring. I have no idea, how I should make the backup. What about the access rights? Would simply copying the files do it? As a first step, I am looking to the access rights of the files in /tools. Wow! That's a lot of files. Access rights differ, as expected. I presume, that the rights should be kept, so I will investigate how to do it. The backup page on TLDP is a bit too much. Better to take a closer look to the man pages of gzip and tar.

One hour later: I decided to ask on irc.linuxfromscratch.org#LFS-support for instructions on how to make a usable backup.

Strange file name

While testing the suggested backup commands, I found a file with a strange name: /tools/bin/[. Someone on IRC told me, that it would be correct. (the file /bin/[ is also known as test). Well... okay. I was thinking about restarting the whole process already. Scary thought. I also got the answer to the question, if the build directories should be kept due to links that seem to point into them.

Preparing Launch

6. Installing Basic System Software

After I made a backup of the /tools directory, I feel safe to continue with the next chapter. I am looking forward to booting my own LFS the first time.

6.2. Preparing Virtual Kernel File Systems

I am instructed to create "Device Nodes" and to mount "Virtual Kernel File Systems". I only have a vague idea, what's going on here. Maybe I find some nice web pages that explain the matter to beginners.

6.3. Package Management

The comments on this page makes me a little nervous. Not using a package manager will probably cause troubles? Hm. I'll take the hard approach and try keeping track of all the stuff by my own, for I planned to make only a minimalistic Linux server for my home network. I do not know exactly, which problems this will cause, but I am confident, that I will find out sooner or later.

I like the package-user approach, but at this time I can't tell, if it is a good method or not.

What files changed or are new after compile?

find / -xdev -cnewer <FILEBEFORE> \
     -and ! -cnewer <FILEAFTER> -printf "%t %s %p\n"

After I wrote some scripts, I feel prepared to continue. From now on I will always take a look, what changed while compiling. Someone on the IRC channel said, he would be looking to the output of make, but it looks like these outputs don't contain messages informing about file creation/modification clearly.

Thurstday, May 29, 2008

I am completely infected by this new virus they call LFS. For the first steps were easy, I am excitedly looking forward to the first boot. The folder /tools backed up, a steaming cup of coffee to my left hand and the mouse on my right hand make me feel like I can't be stopped anymore. Alright - what's next? Ah - the package management. I'll try the "It's all in my head"-Approach, so next is

6.4. Entering the Chroot Environment

6.7. Linux- API Headers


Ooops, it should be make headers_check! Pfew... no problem here. The next interesting step is 6.9. Glibc-2.5.1, which takes a while to compile. Meanwhile, I have changed my working dir to /BUILD. Grepping the output of make -k check gets me this:


I get [/BUILD/glibc-build/c++-types-check.out] Error 1 and I have no idea, if this is critical or just nothing. Guess it shouldn't be there. I'll be asking my new best friend IRC.

Strange problems with sshd

It got worse, while I was running make, I couldn't login via SSH nor could I su from user lfs to root. When the compiler finished, lfs could su again, but I still couldn't open an SSH connection. I found out, that /dev/urandom and other files were missing, which have been there before. When starting sshd, I get the message PRNG is not seeded. I suppose something went wrong, when I tried to undo the steps of chapter 6 some hours ago. After a while of investigating I gave up and shut down the machine.
Bed time.

Friday, May 30, 2008

After booting my LFS machine the strange new behaviour about DHCP addresses continues. Killed the client again. I'd rather like to know, why this is happening. I am about to restart with chapter 6. After mounting and chrooting I decided to restart completely, so I deleted the contents of the /BUILD directory. I am curious, if glibc will compile correctly this time.

6.9. Glibc-2.5.1

This time it worked. make -k check | grep Error shows only the errors mentioned in the book. For some reason, no timeout occured at all. There was not a single warning, too.

Saturday, May 31, 2008

Use time <command> to measure how long it takes to do something. Read more about it on the LFS SBU home page.

After finishing chapter 6.9, the tool chain is adjusted again. The process of creating a linux from scratch is quite complicated!

6.12. GCC-4.1.2

Now, as I am going to compile gcc, I will measure how long it takes to do it. I still have no clue, how long one SBU is on my LFS machine. time make resulted in:

real    80m31.307s
user    71m40.190s
sys     8m15.018s

Ah, here the timeouts come: make -k check. Alright, now I really need to find out, how to handle this.

90 minutes later: I have been searching the web intensively, but the only documents relating to these timeouts are questions of other clueless people asking for what to do about these timeouts. There are no answers? Seems a little strange. The ICR channel is deserted and I start getting frustrated.

As far as I can tell, DejaGnu is used to carry out the tests. The documentation does scare me a little, because the program is quite complex. I don't want to study DejaGnu for days before continuing on this test suite.

Sunday, June 1, 2008

Something's strange again. The make -k check-log no longer shows timeouts, but the four gcc.c-torture... errors still are there. They are the same that failed due to timeouts before. After comparing the results to the build logs on the LFS web site and with some hints from the IRC people, I decided to continue ignoring those failures. make install runs very quick:

real    0m45.535s
user    0m12.906s
sys     0m13.336s

6.13. Berkeley DB-4.5.20

I forgot to take the time of the test suite, so I still don't know my SBU. When creating Berkeley DB-4.5.20, the following times came up:

configure make make install Sum
real    1m36.975s  
user    0m56.820s
sys     0m37.361s

real    21m56.054s  
user    19m34.373s
sys     2m18.368s

real    0m9.550s  
user    0m5.396s
sys     0m4.033s

Real: 23'43"
User: 20'37"
Sys:   3'

Berkeley DB hase 1.2 SBUs, which makes 1 SBU ≈ 40 minutes on my machine.

6.15. E2fsprogs-1.40.2

Another nice table showing, what just has been installed. I feel urged to continue on the book, but I also know, that I should take a look. My efforts to find all newly created files after a compile have not yet led to a full success, so I appreciate the list very much.

Monday, June 2, 2008

6.16. Coreutils-6.9

While I was continuing to compile the programs of chapter 6, I tried to add a search function for info pages to this page. It's not so easy to find a web site actually providing the info pages themselves, when you google for "unix info"...

6.20. Ncurses-5.6

The book says: This package has a test suite, but it can only be run after the package has been installed. The tests reside in the test/ directory. See the README file in that directory for further details.. This README doesn't help much, it basically says "Yes, the following can be tested". I have no idea, how to run the tests.

Wednesday, June 4, 2008

6.57. Vim-7.1


Got a failure, when issuing make test. It says test3 FAILED. When searching the web, I found some mailing list entries talking about this particular error, which might have been to be expected. Someone on the IRC channel tried to reproduce this error - successfully. I am going to ignore that error.

6.58. About Debugging Symbols

Additional information on system optimization

6.59. Stripping Again

The book suggests to make a backup of the system. I don't know what I need to know for being able to make such a backup. I don't want to loose two weeks of work, so I try to get a backup done. After some experiments I used tar --exclude=/dev --exclude=/proc --exclude=/tmp --exclude=/sys -cf backup.tar /. I hope, it works. I should put in another hard drive and try a recovery, before continuing. Man- and info-pages don't help much here, they mainly list the options, but don't explain what I should be considering when making a backup. I couldn't find out what "PATTERN" has to look like, when using the --exclude switch with tar. Seems to work, if I enlist every directory separatedly.

I wonder, why debugging symbols are removed from binaries after they were compiled. I suppose, there must be some reason, maybe the packages can't be compiled without symbols? Nay... I can't believe that. I asked the people in the IRC chat, but nobody knew anything about this strange method. Why is the text about debugging symbols linked into the book at the end of the chapter? Do I have to recompile everything? Does it mean, I should use these optimizations only from now on?? The book is quite cool, but far from perfect for newbies like me.

I still hope, that I will understand some of the strange things after finishing my first LFS.

A Working Backup?

6.60. Cleaning Up

I still feel uncomfortable with the maybe-working-backup. I'll shut down the machine and verify the backup with a second hard drive.

After reboot and formatting the newly connected hard drive, I find, that it's not that simple. My tar command excluded the /dev directory, so I need to recreate this stuff. Maybe I need to do more, but I don't know. The instructions of http://www.linuxfromscratch.org/hints/downloads/files/stages-stop-and-resume.txt contain a line, which seems to be an error. At the bottom of the file there is an instruction to call /sbin/udevstart, which is not there. It's also not in /sbin of the live cd and people from the IRC channel tell me, that they don't have it, too. Someone suggested to call udevd --daemon.

I tried to recover the missing /dev entries without knowing, what exactly I was doing. It still didn't work. I continue trying. After a while I made a .tar-file, which seems to contain $LFS/dev/{console,null}.


tar --exclude='/mnt/*' --exclude='/proc/*' \
    --exclude='/dev/*' --exclude='/tmp/*' \
    --exclude='/sys/*' --exclude='/lost+found/*' \
    -cvzf /backup/lfs_smb.tar.gz /
The resulting tar file will not be suffucient to transfer the living system. You will need to re-create the device nodes /dev/{console,null}.

This time, the files $LFS/dev/{console,null} have been copied. I really don't see any difference to the way I did it before. I am slightly confused.

A while later, I tried to redo the steps from Chapter 6.2 and it still won't work.

Several hours later: With the aid of a nice #lfs-support member, I found out what was wrong after a long journey to get him access to my lfs box with me watching him using screen. The instructions of that stages-stop-and-resume.txt weren't appropriate for my situation, allthough they were linked in the book. Thanks to that very patient guy I also have a procedure for making a copy of my LFS partition now. We transfered the content to the new hard drive, $LFS resides on /dev/hda2 now. I chrooted and continued to create my new LFS.

The correct way to reenter LFS for chapter 7


export LFS
mount -t ext3 /dev/hdb1 $LFS
swapon /dev/hdb2


mount --bind /dev $LFS/dev
mount -vt tmpfs shm $LFS/dev/shm
mount -vt devpts devpts $LFS/dev/pts/
mount -vt proc proc $LFS/proc
mount -vt sysfs sysfs $LFS/sys


chroot "$LFS" /usr/bin/env -i \
    HOME=/root TERM="$TERM" PS1='\u:\w\$ ' \
    PATH=/bin:/usr/bin:/sbin:/usr/sbin \
    /bin/bash --login
There might be need to recreate two device nodes, too.

Set a colored prompt

export PS1='\[\e[1;34m\]\u\[\e[0;37m\]:\[\e[1;37m\]\w\[\e[0m\]\$ '
For a long time I had problems with colored prompts (see bad_colored_prompt.gif). After talking to the ICR people, I noticed that my LFS box doesn't do it on the console. I found out, that the PS1 string set by the live-CD had some unknown parts. Color codes apperently need to be encapsulated with \[ and \]!

7. Setting Up System Bootscripts

7.2. LFS-Bootscripts-6.3

It feels much better to work on that clone partition. I've set up the boot scripts and found something interesting, starting scripts in the shutdown or reboot runlevels:

root:/etc/rc.d# ls rc6.d/
K80network   S60sendsignals  S80swap      S99reboot
K90sysklogd  S70mountfs      S90localnet

The next pages of the book were more informative again. This is the first time, I am going to look closer into the mechanism behind device nodes.

Saturday, June 7, 2008

Patience is not my strength, it seems. I can't fully research all the topics, because I want to continue on my LFS. Guess I will set it up first and then use it as a playground for learning.

7.6. Configuring the Linux Console

Note to self: This chapter covers the settings for the keyboard.
Output is configured in chapter 7.9

Where the heck is sysklogd?

7.7. Configuring the sysklogd Script

To find a certain file issue: find <start-dir> -name <file-to-find>

I wonder about the shortness of this particular page. It seems, that everyone knows, where or what sysklogd is. I found the file in /etc/rc.d/init.d/sysklogd. Files in that directory are used to control daemons when the runlevel changes.

7.9. The Bash Shell Startup Files

When I booted from the live-CD, I selected german for having the appropriate keyboard drivers activated. The back side of this is, that some programs speak german to me, which I don't want. Now, that I have to configure language stuff for the bash, I am a little bit confused, what affects the keyboard and what the output. I will do some experiments. First I issue:


Okay... I might have skipped that locale thing. I am checking chapter 6 to find out.

Hmm... Still no idea what's wrong really. I tried another LC_ALL, this time not using the Euro extension thing:


Looks like the correct locale for a computer in Austria should be de_AT.ISO-8859-1 or de_AT@euro. I want my LFS to talk in english, so I am going to use en_GB.ISO-8859-1. anyhow.

7.12. Creating Custom Symlinks to Devices

After chewing this tasty chapter, I find no reason to do anything about the changing device nodes now. I might connect two webcams to my future server and I will deal with that particular situation later.

7.13. Configuring the network Script

Oookay. Guess I should look into the symlinks stuff right now:


Alright. The sed error seems to be okay. The file has been created and the content looks fine. The book could have warned me. Someone from IRC said, he never got such an error, another person told me, he had gotten it...

Note to self: My local network card is eth0, therefore my internet connection will be eth1.

I am a little unsure, what domain exactly means in /etc/resolv.conf. With or without the node's name? I decide to use the invented domain name sps.at without the node's name.

8. Making the LFS System Bootable

Hooray! The first boot is coming closer.

Ahaa! /dev/shm is "Shared Memory". Why didn't they tell me earlier? Remains only /dev/pts to be translated.

Making the Kernel

8.3. Linux-

Something Really Weird Happened

When going through the kernel make menuconfig options, I understood at least 75% of it!

The last time, I configured a kernel (some months ago), I had the impression, that 90% of the options were stuff I never heard of. My guess is, that this version of the kernel and the options is much less or somehow different to that last kernel, I made...

root:/BUILD/linux- time make
real    42m55.792s
user    39m31.075s
sys     2m58.695s

9.3. Rebooting the System


umount -v $LFS/dev/pts
umount -v $LFS/dev/shm
umount -v $LFS/dev
umount -v $LFS/proc
umount -v $LFS/sys
umount -v $LFS

The next little steps executed, I am about to reboot:


Warning: unable to open an initial console.

This console still loves me. Guess something about the cloning of the hard drive. I'll reboot to the live CD and investigate.

mknod -m 600 $LFS/dev/console c 5 1
mknod -m 666 $LFS/dev/null c 1 3

Reboot №2

After I created the two nodes (See 6.2. Preparing Virtual Kernel File Systems), the system did boot. I am glad, that it was this simple. But what now?

It might be a good idea get the sources for Samba-3.0.23d onto your LFS machine before rebooting, or you will have to transfer the 17 megabyte source via the Adidas network protocol.
A simpler solution to feed your LFS with new sources is using wget.

Beyond Linux from Scratch!

Sunday, June 8, 2008

Beyond Linux from Scratch 6.2.0

Suddently everything worked perfect and fast. Some hours after my first boot, I already mirrored the system to the other drive, installed Samba, configured the kernel and grub for VGA hires font, created alternative boot entries to boot from any of the two systems and made backups of the most essential stuff and tweaked some more unneccesary details. Next will be the SSH server for using copy & paste with the BLFS book.

Feeding your LFS


wget might be the better choice for downloading additional stuff.
In my first run I used Samba, because I was used to have a samba running on my linux box anyways.

chmod 000 /etc/rc.d/init.d/winbind
Typical RTFM: The book says If you also need the winbind script: make install-winbind ...

It seems that the daemon winbind is not needed to have an SMB running for the sole purpose of feeding the brand new LFS with additional sources. I disabled the daemon by setting its access rights to zero, so it can't be executed by init anymore. Gets me an ugly warning on the boot screen and a puzzled expression on my face, when I start thinking about how to cleanly uninstall that daemon... :-/

server string =
I have always wondered, why my linux computers show their names in such a strange way, when I open my work group in an MS-Explorer window. To get rid of that "PCName (PCName)" kind of listing, set server string in /etc/samba/smb.conf to nothing.

PuTTY (Windows) won't display /etc/issue.net :-(

50% workaround: Connect using ssh protocol v1 and preset the login name.
For some reason, PuTTY displays the /etc/issue.net it should be receiving from the beginning, when using ssh version 1. But (thats the 50%) the issue is only shown, after a user name has been typed in. Using the preset user name, you get the issue halfway as you wanted it.

Some time later I found myself researching the reason, why my Windows PuTTY won't display the /etc/issue.net. It's all properly set up and my Ubuntu ssh displays it. I have the same problem, when I try to login to my Ubuntu machine via PuTTY. According to www.cyberciti.biz, this might be just not possible with PuTTY.

Customizing the Look'n'Feel

How to use console fonts

Issue setfont iso01.08 to switch to a "highres console font" manually. setfont cp850-8x8 does even better: It enables the old MS-DOS style text mode "graphics" on my machine.

Something is very important to me, when I have to work on a linux console: I want to see more than the boring 80x25 characters on the screen. I remember, that there are many fonts for 80x50 characters and I am going to enable them.

But that's not all. I want the whole kernel boot messages to be displayed in that "hires"-font for two reasons: First the scrollback buffer gets cleared, when the /etc/sysconfig/console settings take effect and set a font. So we have to achieve three things:

Make a kernel with boot prompt support for console fonts

Issue make menuconfig and select Device DriversGraphics SupportConsole display driver supportVideo mode selection support

Configure grub for enabling console font by passing a boot parameter


title LFS 6.3 con:80x50 hda2
root (hd0,1)
kernel /boot/lfskernel- vga=extended root=/dev/hda2
If the font, that's being set in /etc/sysconfig/console, changes the resolution, the scrollback buffer may be cleared. To circumvent this, you can disable it (like shown below) and use setfont in /etc/profile or similar places.

Disable font change while booting


#FONT="lat0-16 -m 8859-15"

Where you find a list of fonts

ls /lib/kbd/consolefonts
setfont <fontname without .gz>

Some Enviroment Settings

Files for placing enviroment settings

The next steps will set the prompt and other enviroment variables.


export PS1='\t \[\e[1;31m\]\u\[\e[0;37m\]:\[\e[1;37m\]\w\[\e[0m\]\$ '
export PATH=$PATH:/root/bin
alias l='ls -l'
setterm -blank 0
setterm -blank 0 stops the power saver from turning your console to a black screen. Parameters may be 0 to 60.
alias l='ls -l' makes a new command "l", listing files in long format. You can now memorize "ls" as list short.
I extended the path for root to /root/bin, where I put some test scripts while I am developing new procedures.
To let a shell script change your enviroment, you need to call it via source <script_name> (At least, when you call it manually).

For the records: I moved my build directory again. /sources contains now at least these folders:

Tuesday, June 10, 2008

Damn... I want to continue on my LFS, but I am occupied with other activities. There's not much missing on my LFS box for being usable as my home server.

Note to self: Remember to sleep at least once every 26 hours.


ttpd: Could not reliably determine the server's fully qualified domain name, using for ServerName [ FAIL ]

I looked to /etc/hosts and found "conciliator.sps.at" there. Removed "sps.at" and Apache starts up. Why did I put this domain name there? Guess some script or the book asked me to, or the more likely: I believed the book was telling me to do so.

I wonder about a setting in /etc/apache/httpd.conf:

# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
ServerRoot "/usr"

I'd expect something like /usr/http, but this looks strange. I could do some research right now, but I am tired.

Monday, June 16, 2008


In the first run, I tried to install PHP without libxml2-2.6.26, and I used the switch to tell PHP-configure not to use the XML parser, but I got an error message of another module, that wanted to use that parser, so I installed the XML package, too. When running the test suite, I got two error messages relating to some XML stuff, but the message wasn't telling too much about the reason. It looks like my Apache/PHP does work well, so I am going to ignore yet another error:


Next step will be the PPPoE internet connection. I am not sure, if I need Libpcap-0.9.4, the book is talking about low level monitoring, which sounds useful.


The book says: "PPP support must be compiled into the kernel or available as a kernel module." - guess that means, I have to recompile my kernel.


I am sorry, but I still can not provide instructions on how to install PPPoE correctly. Read the next paragraphs to learn, what problems and maybe-solutions I found.

This is the second package, that comes broken from a link within the BLFS-book. But it was easy to find it somewhere else (http://www.roaringpenguin.com/files/download/rp-pppoe-3.8.tar.gz).

Device DriversNetwork Device Support → {PPP, PPP over Ethernet}

Hmm... I am not sure, if these options were available before installing PPP. When I rebooted the machine, I found myself in the linux on the other hard drive. I mixed something up with grub's menu.lst. Note to self: move bootloader to hda.


Another broken package linked there (I used http://mirror.hostfuss.com/isc/dhcp/dhcp-3.0.5.tar.gz). The instructions require an option to be compiled into the kernel. I found it also at a different location:

NetworkingNetworking OptionsPacket socket.

The Roaring Penguin pppoe software is a user mode program - it seems, that I won't need the kernel PPPoE stuff or I should skip this rp-pppoe. After 6 hours I didn't make my LFS machine connect to my ISP :-( It seems, that the dhcp client won't be needed.


I created /etc/ppp/peers/pppoe and managed to get my LFS online. Next I installed a very important program:

epic irc client

After the most important stuff is installed now, I can concentrate on NAT and firewalling. But meanwhile it's gotten late, so we need a new chapter in this diary:

Tuesday, June 17, 2008


Iptables wouldn't compile, complaining about:

Unable to resolve dependency on linux/netfilter_ipv4/ip_conntrack.h. Try  'make clean'.
Unable to resolve dependency on linux/netfilter_ipv4/ip_nat_rule.h. Try 'make clean'.

A post on mail-archive.com led me to Iptables-1.3.8 in another section of the book. I am a little surprised, maybe it will work now...

After I installed iptables, I dared to reboot which led to my very first kernel panic ever. When the init script tried to fire up the pppoe device, the system crashed not without being a little chatty. Of course I admired the dump and the address of where the exception has happened, but I decided to simply get my configuration from an earlier kernel back and rebuild it.

Gateway up!

I still didn't manage to make the pppoe connection work while booting, but I managed to establish a connection and make the NAT running. I used the basic example ip-tables script from the blfs-book, so I hope, I am secure enough until I reconfigure my firewall. Another issue is now the messages that appear on my console. I commented out the three logging rules in /etc/rc.d/rc.iptables and added two lines for getting access via ssh again, according to Setting Up a Network Firewall:

Additional entries for /etc/rc.d/rc.iptables

# Allow servers
iptables -A INPUT  -i ! ppp+ -j ACCEPT
iptables -A OUTPUT -o ! ppp+ -j ACCEPT

# Log everything for debugging
# (last of all rules, but before policy rules)
#iptables -A INPUT   -j LOG --log-prefix "FIREWALL:INPUT  "
#iptables -A FORWARD -j LOG --log-prefix "FIREWALL:FORWARD"
#iptables -A OUTPUT  -j LOG --log-prefix "FIREWALL:OUTPUT "

Does that mean, that my firewall is fully open now?

Wednesday, June 18, 2008

My LFS box couldn't access itself, while the neighbour PC could reach the services. I added the following just right after the two entries labeled "# Allow local connections", and now everything works:

iptables -A INPUT  -i ppp+ -j ACCEPT
iptables -A OUTPUT -o ppp+ -j ACCEPT

Guess my firewall is still more open than before.

I made my LFS machine boot with most of the desired features. First I tried creating an init script and made soft links in the run level directories, too, but it failed with a message about wrong (or wrongly existing) return value. I could have repaired this by looking to the other scripts, but I remembered, that I always got a [ FAIL ] message on the boot screen. I located the file, that tried to call pppoe-start and deleted all specific commands:

My new /etc/sysconfig/network-devices/services/pppoe


. /etc/sysconfig/rc
. $rc_functions

case "$2" in
                boot_mesg "Bringing up the PPPoE interface..."
                mknod /dev/ppp c 108 0
                ip link set eth$1 up
                /usr/sbin/pppd call pppoe

                boot_mesg "Bringing down the PPPoE interface..."
                /bin/killall pppd

                echo "Usage: $0 {up|down}"
                exit 1

Guess I should put in a test to the mknod, in case it already exists. I also fear, that I should not need to create this node manually, but fire up pppd in a later point in time of the init process.

Add the entry ppp_generic to your /etc/sysconfig/modules and remove the mknod from the script shown above.
If you get the message Linux kernel does not support PPPoE -- are you running 2.4.x?, then the ppp kernel module has not yet been loaded. It seems, that creating the device node via mknod /dev/ppp c 108 0 does the trick (Calling pppd without parameters displays a suggestion for issuing this command), but it is surely not the prefered way to do it. Who knows, what this kernel module does besides creating that node.
Chapter 7.4, section A kernel module is not loaded automatically, and Udev is not intended to load it explains, how to get a module loaded automatically. I don't know, if Udev is or isn't intended to load ppp_generic, but in my case editing /etc/sysconfig/modules did it.

There's still much to adjust. After I tried to open a link to the NASA web page, I rememberd, that I did not yet configure the appropriate MTU values.

Adjusting the MTU settings

See Possible Solution

I forgot, where I saw the instructions for adjusting the MTU, so I started a web search. Meanwhile the NASA web page opens again for some reason. I remember, that this particular web page would not show itself, when the MTU wasn't configured on my old Ubuntu server. The output of ifconfig (which I heard, "we" do not use in LFS) shows an MTU of 1500 for eth0 and eth1, but 1492 for the ppp0 device. I don't know, if it was just coincidence, that I couldn't load that web page before.

Thursday, June 19, 2008

I added two lines to /etc/ppp/options", and I hope, this is the correct solution:

logfile /var/log/pppd.log
mtu 1492
mru 1492

ping www.heise.de -f -l 1464 (Windows)

DHCP server up and running

Installed and configured the DHCP server. My Windows network doesn't like it. I never understood, why SMB networks are so fragile and slow. After several tries and reboots my Windows machines get their IP addresses, next I want a DNS server and I need my workgroups to function again. I still can access the SMB shares directly (\\hostname), but I cant open the folder showing all computers in my network (\\workgroup).

After the tenth or so reboot, my windows machine can list the nodes in the workgroup again. I have changed much, changed it back, restarted daemons and computers, and I still don't see a pattern.

Do I really need BIND??

I can't find an option, that tells dhcpd to use the current DNS server settings, the LFS machine got from the ISP. It seems, that I need to run my own DNS server and put the IP address of my LFS box into the dhcpd.conf. I don't like this very much. I could put the IP of my ISP's DNS into that configuration file, but what happens, if they change the DNS server's address, or if I change my ISP? I wish there was an command like option domain-name-servers send_resolv_conf_data_to_dhcp_clients...

I decided to let my LFS server act as a DNS, so my DHCP question is no longer an issue. But I still wonder, why there is no such option.


There seems to be an error in the BLFS book, the first command after make install

chmod 755 /usr/lib/{lib{bind9,isc{,cc,cfg},lwres,dns}.so.*.?.?}
should be
chmod 755 /usr/lib/lib{bind9,isc{,cc,cfg},lwres,dns}.so.*.?.?

Wrong BLFS Book!

I told the people on #lfs-support about this issue and they told me, I should use the SVN version of BLFS. I was using 6.2 because version 6.3 is not yet published.

Since I already issued make install, I asked the ICR people, how to proceed now. I've been told, that there is a good chance, that simply installing the newer BIND over the recently installed files will do:


This version of BIND takes much longer to compile than version 9.3.3...

Friday, June 20, 2008

The Book says:

The root.hints file is a list of root name servers. This file must be updated periodically with the dig utility. A current copy of root.hints can be obtained from ftp://rs.internic.net/domain/named.root. Consult the BIND 9 Administrator Reference Manual for details.

The difference between chached and uncached responses to an DNS request make me reconsider, how much I want BIND on my LFS box:


The book furthermore says:

Consult the BIND Administrator Reference Manual located at doc/arm/Bv9ARM.html in the package source tree, for further configuration options.

Hooray, BIND is up. Next is USB support...

USB not really explained?

I found a nice document about USB, but it's too large for studying it now. The BLFS book wasn't too informative about USB.

After some experiments with find it looks like I can find new/touched files reliably now, but I still need to elaborate a working keeptrack.sh.

What configure --prefix= can do

(4:32:39 AM) pdu: --prefix sets a top dir to install under
(4:32:57 AM) pdu: to if you use --prefix=/usr and a package creates a conf file under etc, the path will be /usr/etc
(4:33:17 AM) pdu: if you want a general prefix of /usr but want conf in /etc and logs in /var/log you can supply extra parameters
(4:33:32 AM) pdu: such as ./configure --prefix=/usr --sysconfdir=/etc --syslogdir=/var/log
(4:33:39 AM) iainK^: --sysconfdir=/etc is useful
(4:33:45 AM) pdu: ./configure --help |more
(4:33:47 AM) pdu: have fun :D

See What configure --prefix= can't do.

Creating a default and a real user

Configuring for Adding Users

A little late I am going to create a user for building not as root.

Hmm... I can't login via ssh localhost when logged in as user, and I don't know, why root can login via ssh, while /etd/ssh/sshd_conf contains the line PermitRootLogin no... I tried to create a user account, but I can't login from the outside, after entering my password, I get a simple Permission denied.

Creating a shared ssh session with screen


I want to create a user account that connects to a special "shared" screen session, but only if this session is already active. The idea is to let someone log into my server while and have him connected automatically to a shared screen, so that I can watch every step taken by the guest. Before I can achieve this goal, I need to get comfortable with using screen.

Basic screen usage

Command/Key Stroke Explanation
screen -S [<session-name>] Start a session [with a name]
^A, ^D Leave the session, without closing it (detatch)
screen -list List detatched sessions
screen -x [<session-name>] Reconnect to the session
screen -x [<username>/<session-name>] Connect to a session of another user
To let other users share the session, you need to tell screen before they can connect. To manually enable the multiuser mode, use:
^A :multiuser on [ENTER]
^A :acladd username [ENTER] (Where user name is the login of the user(s), who shall be allowed to connect to the session.)
If you want all your screen sessions in multi-user mode, you can add these commands to your ~/.screenrc file:
multiuser on
acladd oneuser
acladd anotheruser

Sunday, June 22, 2009

PPPoE/MTU problem still persists

After days I found a web page, that seems to be sucked by the wrong MTU setting: myspace.com. The last time, I had this problem, was with my faforite online dictionary http://dict.leo.org and certain NASA pages. Alright, this time its Myspace. I remember, that I had to disable the entry in /etc/rc.d/rc.iptables:

#iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

When I enable this line, I get the following message:

iptables: No chain/target/match by that name

Possible Solution

I guess, it's a kernel module missing. After several hours of research and browsing, I found the setting for "TCPMSS" in the kernel options, and it was not installed:

Networking → Networking options → Network packet filtering framework (Netfilters) → Core Netfilter Configuration → TCPMSS


modprobe xt_TCPMSS
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYS -j TCPMSS --clamp-mss-to-mptu
echo 1 > /proc/sys/net/ipv4/ip_forward
Now I can access Myspace from behind my LFS server. Guess the MTU problem is now solved.

Monday, June 23, 2008


Next time I will use wget to get stuff onto a new LFS instead of Samba. Btw., my SMB Windows/Linux network is still acting very strangely.

First steps towards USB

PCI Utilities-2.2.3

The book says, that update-pciids would need wget or lynx. Both are installed, but I still get an error message, that neither is found. I am surprised that I didn't expect that. Ah, it seems I need which to get this working.



Something went wrong with the script /usr/sbin/update-usbids, I found a line DEST=/usr/share//usr/share/usb.ids in it. I removed the leading /usr/share/ and it worked. I should check, if I was responsible for that wrong path or if there is a glitch in the book.

Kernel crashes, when I plug in a USB device

When I plug in either a webcam or my USB flash drive, the LFS machine locks up instantly. I tried tail -f /var/log/sys.log, but there was nothing output before the machine died. When I plug in the devices before I boot, I get them listed by lsusb. IRC people told me, I need LVM support. As usual, I got lost in the menu tree. LVM can be found in Device Drivers → Multi-device support (RAID and LVM). As far as I know, LVM can only be needed for flash disks, so I am sceptic.

Kernel Does Magic

After several tries and combinations, I completely removed USB support from the kernel. At least it didn't crash anymore, when I plugged in a device. Enabling USB again after this suddenly led to a functioning webcam. I can't even guess, what was causing this incident.

Here's a list of options, I have now enabled in the kernel:

Drivers for the webcam

My webcams work with the Spca5 drivers (List of supported cameras and driver download). The next thing would be a grabber tool that can store images to disk. For this purpose I used a program named "webcam" on my ubuntu server. This little thing is not easy to find on google, because there are loads of pages containing "linux" and "webcam". Finally I found out, that webcam is part of the xawtv package, so I installed it.

What configure --prefix= can't do

I was hoping to find all files of xawtv in /usr/local/, but it's not too easy; there are already several directories and files, so I can't blindly delete the new files. I will take care of cleaning up later.

(1:10:38 PM) EvanR: blfsnoob: make uninstall sometimes works
(1:11:11 PM) EvanR: if you want a simple but effective package manager, look at the paco hint on lfs website

See What configure --prefix= can do.

Running the webcam

It seems, I can't use two webcams on one USB controller at the same time, because the first webcam is consuming the whole bandwidth of that controller. I had the same problem with ubuntu, so I am continuing with only one camera active for now.

When I plug/unplug a device at the USB port, or when I start webcam, I get ugly messages output to the console. In an SSH terminal the command webcam > /dev/null 2&>1 hides the output, but the console shows:

spca_core.c: [spca5xx_set_light_freq:1932] Sensor currently not support light frequency banding filters.
/sources/BUILD/gspcav1-20071224/gspca_core.c: [gspca_set_isoc_ep:945] ISO EndPoint found 0x85 AlternateSet 8
/sources/BUILD/gspcav1-20071224/gspca_core.c: [spca5xx_set_light_freq:1932] Sensor currently not support light frequency banding filters.
/sources/BUILD/gspcav1-20071224/gspca_core.c: [gspca_set_isoc_ep:945] ISO EndPoint found 0x85 AlternateSet 8
/sources/BUILD/gspcav1-20071224/gspca_core.c: [spca5xx_set_light_freq:1932] Sensor currently not support light frequency banding filters.
/sources/BUILD/gspcav1-20071224/gspca_core.c: [gspca_set_isoc_ep:945] ISO EndPoint found 0x85 AlternateSet 8
/sources/BUILD/gspcav1-20071224/gspca_core.c: [spca5xx_do_ioctl:2124] Bridge PAC207BCA
/sources/BUILD/gspcav1-20071224/gspca_core.c: [gspca_set_isoc_ep:945] ISO EndPoint found 0x85 AlternateSet 8
/sources/BUILD/gspcav1-20071224/gspca_core.c: [gspca_set_isoc_ep:945] ISO EndPoint found 0x85 AlternateSet 8

Moving to a bigger hard drive

I want to move the home data from my windows to the LFS machine, which I installed it on two very old, tiny hard disks. I already moved the entire LFS system between disks, but I didn't touch grub, so I need to look at grub a little closer.

Wednesday, June 25, 2008

Strange Issue

I noticed a strange behaviour on my console login screen: When I make an unsuccessful login attempt, the content of /etc/issue is output without interpreting the escape commands (The codes are output themeselves like cat /etc/issue would do). I started to investigate this issue but found nothing so far. Well... nothing? No. Linux is my new Stumble-Upon-System: Now I have 11 consoles and tty12 is showing the output of the system log.

How to get more tty consoles



si::sysinit:/etc/rc.d/init.d/rc sysinit

l0:0:wait:/etc/rc.d/init.d/rc 0
l1:S1:wait:/etc/rc.d/init.d/rc 1
l2:2:wait:/etc/rc.d/init.d/rc 2
l3:3:wait:/etc/rc.d/init.d/rc 3
l4:4:wait:/etc/rc.d/init.d/rc 4
l5:5:wait:/etc/rc.d/init.d/rc 5
l6:6:wait:/etc/rc.d/init.d/rc 6

ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now


1:2345:respawn:/sbin/agetty tty1 9600
2:2345:respawn:/sbin/agetty tty2 9600
3:2345:respawn:/sbin/agetty tty3 9600
4:2345:respawn:/sbin/agetty tty4 9600
5:2345:respawn:/sbin/agetty tty5 9600
6:2345:respawn:/sbin/agetty tty6 9600
7:2345:respawn:/sbin/agetty tty7 9600
8:2345:respawn:/sbin/agetty tty8 9600
9:2345:respawn:/sbin/agetty tty9 9600
10:2345:respawn:/sbin/agetty tty10 9600
11:2345:respawn:/sbin/agetty tty11 9600

How to let the log be output to it's own console

Simply add *.* /dev/tty12 to your


auth,authpriv.* -/var/log/auth.log
*.*;auth,authpriv.none -/var/log/sys.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
*.emerg *

*.* /dev/tty12

Redirecting Apache logs to a special console


ErrorLog syslog:local1
<IfModule log_config_module>
  CustomLog /var/log/apache/access_log common
  CustomLog /dev/tty10 combined


auth,authpriv.* -/var/log/auth.log
*.*;auth,authpriv.none -/var/log/sys.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
*.emerg *

local0.* /dev/tty10
local1.* /dev/tty11
local1.* /var/log/apache/error_log
*.*;local0.none;local1.none /dev/tty12
I always got errors, when redirecting ErrorLog to any /dev/tty.
TODO: Check out about the - before the file names... may mean "append" (apache/error_log shouldnt be deleted on boot)

Activating the PC Speaker

Device Drivers → Input Device Support → Miscellaneous devices → PC Speaker support

Meanwhile, two friends came to visit me. One is making music and the other is also hacking on my LFS. A prototype "auto-login" user named "sharedscreen" is enabled already, but the guest still could open another screen without me noticing. The call of screen is done in .bash_profile, but I want to change the shell for that user to screen.

Thursday, June 26, 2008

I am about to move my current blfs to a bigger hard drive and take the small ones out. I booted from the live-cd and copied all neccessary directories to both hdc2 and hdc3. Then I rebooted, swapped the drives, and installed the boot loader to my new, big hda from the live-cd again:

u@h:~# grub
root (hd0,3)
setup (hd0)

A last reboot and my LFS system is online again and seems to work fully.

List Sizes of all Subdirectories

du -sh ./*

Wednesday, August 8, 2008

After a break of several weeks, I started to work on my LFS again. I played with OpenVPN and other stuff. My Samba server is still doing some interesting stuff (when I reboot my Windows machine it takes a very long time, until the network neighbourhood shows all computers) and I encountered a lockup of a single console session several times. I will run a RAM check sometime.

The first working firewall

Although this diary is no longer 100% accurate about my machines setup, the next real interesting step was the configuration of the firewall using netfilter. I finally found the inspiration to take a closer look to iptables and found out, why my configurations always led to a completely closed firewall. Not without making some additional mistakes, I managed to make it work as I wanted it to do, but I still want some expert to take a look at it, because this topic needs a lot of expirience, if you want to have a secure system. My current (working) configuration looks like this:


Still not finished

The last thing on my to-do list would be my webcam scripts, but I need another USB controller, before I can make my server handle two cams at a time: You seemingly can't take just single images from a camera, because the programs always open a stream, which again causes the bus to be too busy for allowing a second webcam to be accessed. Additionally, the webcam delivers very dark images in the first seconds after it is activated. It seems, that one can't simply grab one picture and close the connection for opening it again one second later...

I also need to check all PHP scripts in htdocs, because the current interpreter does certain things in a different way, than it used to be on my ex-ubuntu. I should have expected that...

Installing to a "fake root"

And, finally, I read this on the IRC channel:

16:08 Cosmo: hmw: you can use make DESTDIR='' install and then tgz it
16:11 Cosmo: hmw: by default DESTDIR would be /
16:12 Cosmo: so say make install installs a single binary to /usr/bin/foo
16:12 Cosmo: make install DESTDIR=/tmp
16:12 Cosmo: would be /tmp/usr/bin/foo
16:13 Cosmo: DESTDIR is like a fake root
16:13 Cosmo: it prefixes all the stuff that needs to be install
16:14 Cosmo: there is a patch you'll find useful
16:15 Cosmo: mkdir /tmp/binutils
16:15 Cosmo: make DESTDIR=/tmp/binutils install
16:15 Cosmo: cd /tmp/binutils
16:15 Cosmo: tar -cvf ../binutils.tar .
16:15 Cosmo: to install it you unpack it inside /
16:17 Cosmo: mktmp doesn't have DESTDIR, so that patch adds it
16:18 Cosmo: http://patches.bluesquarelinux.co.uk/mktemp-1.5-add_destdir-1.patch

Friday, August 8, 2008

Strange dhclient incident

When issuing dhclient -1 the new address was not applied to the DSL interface, but the local one instead. I thought, the LAN card would be static. The more I wonder, why my dsl address didn't change after all. Also very fascinating was the fact, that my windows clients seemed to got the new gateway address instantly, allthough they were configured statically, too...!?

After several /etc/rc.d/init.d/network restart for getting a new IP assigned from my ISP, the workstations suddenly were off line. I just issued ifconfig eth0 on the server and everything was fine again. I am still a little puzzled and will look into this a little closer, when I find time.

Sunday, August 17, 2008

make modules_install removes third party (non-kernel) modules

The adventure never ends. After installing the bridging abilities, my kernel panicked on reboot. But I can use bridging, when I install it as a loadable module. So far, so good, but suddenly my webcam grabber wasn't able to open /dev/video0 anymore. After doing some research, I found out, that the module gspca wasn't existing anymore - I had to call make install from within the gspca source directory to get my driver back. It seems, that issuing make modules_install removes any modules from the system, that are not present in the kernel configuration, including third party modules. Quite counter-intuitive.

Annoying messages output to the console and /proc/sys/kernel/printk

Initializing the webcam always generated unwanted debug output, which appeared on the currently active console. I found a first approach of getting rid of these messages:

echo 0 > /proc/sys/kernel/printk

This command tells the kernel, not to output anything to the console. The backdraw is, that real emergency messages are kept from being printed, too. I am going to investigate further for finding a better solution. For now, I was able to get my console back (it was unusable before, due to the flooding of the gspca driver and the VPN bridge, that displayed a lot of stuff, too).

Friday, October 24, 2008

How to make gspca support two webcams on one USB bus,
when gspca says "no space left on device"

After years, an old friend contacted me through my web page, and yesterday he finally payed me a visit. As he was a programmer in the old days already, so we were quickly drawn into talks about various computer related topics. Soon we were both sitting infront of a terminal each, hacking my LFS. He has had read this blog before, so he knew about my issues with the webcam and he came to my flat prepared. After a few minutes, the problem was identified an solved with a quick-and-dirty solution:

Dirty hack of gspcav1-20071224/gspca_core.c

gspca_init_transfert(struct usb_spca50x *spca50x)
        struct usb_host_endpoint *ep;
        struct usb_interface *intf;
        struct urb *urb;
        __u16 psize;
        int n, fx;
        struct usb_device *dev = spca50x->dev;
// struct usb_host_interface *altsetting = NULL;
        int error = -ENOSPC;
        int nbalt = 0;
        if (spca50x->streaming)
                return -EBUSY;
        intf = usb_ifnum_to_if(dev, spca50x->iface);
//ORIGINAL: nbalt = intf->num_altsetting - 1;
        nbalt = 4;  // hardcoded: use half of the bandwidth (autoselected value was 8)
The reason, why I couldn't use two webcams on one USB bus is caused by the fact, that the gspca driver reserves the complete bandwidth of the bus on startup by default, resulting in a message like "no space left on device", when requesting bandwidth for a second web cam. The output of the module says, that it was using an "alternate setting" of value 8. As it seems, this indicates the portion of bandwidth, that is used. When we did not find a way to tell the driver to behave, so we simply hardcoded the value 4 into the source of gspca, which solved the problem effectively.

Getting rid of the gspca panic messages printed to the console

When you start up a webcam program, gspca prints out a lot of annoying messages directly to the active console, using the kernel function printk(). This funtion is intended to be used to inform the administrator about a critical situation, that needs to be handled immediately. My nice driver printk's simple information like "I have started normally". This is really near to a kernel panic and needs immediate action. Gah.

If you're working via SSH or a terminal window in your desktop manager, you might not even know, that this is happening. But for a certain reason, this was making my LFS console unusable, and I work on the console often. For the gspca driver seems to crash very often, I simply wrote a little shell script, that calls the grabber program in a loop, so that it restarts after a crash and continues updating the webcam image in my web server's directory. Those crashes happened even more often, when I was using two cams on separate USB controllers on my previous Ubuntu, and so my console kept being filled with the highly important information about how the webcam has been initialized successfully, thus destroying whatever was being displayed at the moment (The driver outputs several lines of text on startup). Because kernel debug messages can't be redirected, there are only two ways of disabling them: Either you switch of the panic messages completely (/proc/sys/kernel/printk, Disabling printk() messages ), which would also disable really important messages, or you make your software behave. Fortunately with gspca this was very easy:

Simply comment out the following Define:


# Optional: Enable driver debugging

After making and installing new kernel modules, gspca was gone

I needed to add a kernel module for my firewall and issued make modules_install. A day later I noticed, that my devices /dev/video0 and /dev/video1 were gone, although the USB devices had been detected properly.

I simply had to reinstall gspca by issuing a make install from within the driver's source directory.
As it seems, a make modules_install simply empties the directory containing the .ko files, before copying all modules to that location again, thus deleting any third party kernel modules.

I am still unsure, if the module directory gets emtied by make modules_install. Hopefully I will remember to verify this the next time, I update some kernel modules.

The system on the mirror partition panics on boot

A couple of days ago my LFS suddenly crashed (froze). After some investigation I found out, that my hard drive seemed to be dieing, so I transferred the whole system to a new drive, again. I tried my luck and copied the whole (partially corrupted) partition to the new drive in the hope, that nothing important would be damaged. I was lucky: the only files that couldn't be read were two log files. The new system booted and seemd to be working fine. I also copied the system to a second partition on the new drive to have a rescue LFS handy. I have done this before, several times, too. After adjusting the entry for the root partition (which contains nearly everything) in /etc/fstab, I tried to boot the mirror system and got a kernel panic when the pppoe was loaded. I thought, the new drive may be corrupted too, so I simply disabled ppp and gave it another chance. This time another program crashed with a register dump. After deleting all files on the mirror partition and recopying them, the crash problem persists. I have no idea, what's wrong and will keep investigating.

Saturday, November 8, 2008

Adding graphic capabilities to PHP

Some of my old PHP scripts don't work anymore, because my current PHP doesn't support creating images. After reading some pages in the BLFS book and a short visit of www.libgd.org I was convinced, that my PHP contains all needed material. But as it seems, I was mistaken. ./configure ... --with-gd resulted in a message, that libpng wasn't found, so I downloaded and installed it from the new BLFS 6.3 book:


Now PHP doesn't complain anymore about a missing makefile, and my thumbnail.php is already working partially. I probably need a JPEG library, too:


To get support for processing images on my web pages, I needed to recompile PHP with two additional parameters:

./configure ... --width-jpeg-dir --with-gd
After several unsuccessful tries, I made PHP do as I wanted it to. For your inconvinience, I am not fully certain, which combination really did it. There are two points, that may be important, and you can safely follow these, to be sure:
and issuing
make clean
before recompiling PHP might help, too.

Way Beyond Linux From Scratch

My current LFS does not exactly have all the features, I had on my previous Ubuntu server, and I didn't check for the PHP webcam scripts yet. But as it seems, LFS is a never ending project, wherefore I decided to declare my LFS to be "finished".

Friday, November 14, 2008

I was unhappy with lynx due to some minor bugs and the missing capability of displaying graphics, so I decided to try using the frame buffer. First I had to enable some features of the kernel:

device drivers →
   I2C support →
       <*> I2C device interface
       I2C Hardware Bus support →
           <*> Intel 810/815
   Graphics support →
       <*> Support for framebuffer devices
           [*] Enable firmware EDID
           [*] Enable Tile Blitting Support
           <*> intel 810/815 support
           [*]   use VESA Generalized Timing Formula
           [*]     Enable DDC Support
           [*] Bootup logo → [...]
           Console display driver support →
               [*] Enable Scrollback Buffer in System RAM
               [*] Video mode selection support
               <*> Framebuffer Console support
To make the kernel run using the frame buffer device, I needed to tell it via boot parameters in



bpp=16 doesn't work, I always get 256 colors. I will have to do further investigations on this topic. The "@75" is ignored, I always get 85 Hz, supposedly due to EDID. Well, I won't complain about this one *g*.

Saturday, November 15, 2008

"Not interpreted issue"-bug

Comment out the line "ISSUE_FILE /etc/issue" in /etc/login.defs to supress the isssue file being written to the console after a wrong login.

Frame buffer configuration

After several hours of trying, I managed to get my console running at 1024×768×16@85Hz. Unlike the documentation is telling, the parameters need to be written in the following way:

kernel /boot/KERNEL video=i810fb:xres:1024,yres:768,bpp:16,accel,mtrr,hwcur root=PARTITION

Somehow setting the resolution doesn't work as expected; I tried to set 800×600 (to get a visual confirmation, if it worked after boot), which had no effect at all for most of the time. When I was using the different syntax (variable:value,variable:value), setting 800×600 resulted in a resolution of 1280×960 pixels. I hope, that I can find out more about this problem soon.

i2c not present but running

Another strange detail is the fact, that the i2c drivers is doing some stuff at boot time (taking over 10 seconds), although I unchecked all related stuff in the kernel configuration. I really would like to find out, what's going on here.

New drive corrupted, too?

While I was trying out different boot parameters, my root partition was fsck'ed and I had to reboot, due to errors, that were repaired. This also happened two days ago, so I think, my new drive also might be defect in some ways. An earlier run of fsck didn't show errors. Guess, I should move my system to another hard disk, (sigh) again.

Sunday, November 16, 2008

More webcam scripts

There is one last check point on my to-do-list: the PHP webcam control scripts. I allowed apache to access the scripts with visudo:


apache  ALL = NOPASSWD: /root/bin/start_webcam_loops
apache  ALL = NOPASSWD: /root/bin/stop_webcam_loops

Because the grabber constantly crashes (It looks like the v4l driver is giving up), I wrote a looping script to restart the webcam immediately:


echo "1" > /root/bin/webcam_loop1_is_active
while [ -e /root/bin/webcam_loop1_is_active ] ; do
  echo -e "\e[1A\e[1m"
  echo -e "\e[2A\e[0m"
  nice -n -1 webcam /root/.webcamrc.1
  sleep 5

To stop the webcams, I have to remove the signal file webcam_loopX_is_active and to kill the grabber, so that the looping scripts can terminate:


rm /root/bin/webcam_loop1_is_active
rm /root/bin/webcam_loop2_is_active
sleep 2
kill -SIGQUIT `ps f -A | grep '\_ webcam ' | grep -v grep | awk '{ print $1 }'`
cp /srv/www/htdocs/testbild.jpg /srv/www/htdocs/webcam1.jpg
cp /srv/www/htdocs/testbild.jpg /srv/www/htdocs/webcam2.jpg

Before I was using the SIGQUIT signal, I always got an unwanted output, showing me the PID was "terminated" and the code line of webcam_loop.X containing the nice command. After trying different things, I found, that the script kept silent (as I intended it to be), when I was using SIGQUIT. I suspect, that a SIGKILL causes an error code to be returned and the shell shows me the location of that "error".

A little while later, when my PHP script was already able to control the webcam, it suddenly stopped to function. Calling the stop-script failed, too. I tried to kill the grabber with SIGQUIT, and it just did neither stop the program nor output anything. I tried to figure out, what hidden mechanisms are at work, until I decided to reboot my machine. Now the whole thing works again. I am slightly confused. Once again *g*

To be continued...

I started a new LFS. Read more on http://harald.ist.org/LFS/lfs-diary-2.