Showing posts with label kernel. Show all posts
Showing posts with label kernel. Show all posts

Monday, August 22, 2022

Debian: Possible missing firmware

If you encounter issue like the following, you need to download/update firmware files. 
W: Possible missing firmware /lib/firmware/i915
Read more »
Posted by Andriy Kornatskyy at 10:58 AM 0 comments
Labels: ,

Wednesday, December 15, 2010

How to disable ipv6 in Debian

Here are simple steps to disable ipv6 in Debian:
  1. Comment out anything related to ipv6 in /etc/hosts
  2. SSH. Ensure AddressFamily inet is set in /etc/ssh/sshd_config. Restart ssh.
  3. BIND. Ensure listen-on-v6 { none; }; in /etc/bind/named.conf.options. Restart bind9.
  4. NTP. Ensure -4 option is set in /etc/default/ntp (e.g. NTPD_OPTS='-4 -g'). Restart ntp.
  5. APACHE2. Ensure Listen 0.0.0.0:80 in /etc/apache2/ports.conf file. Restart apache2.
  6. RPCBIND (rpc.statd, rpc.mountd). Comment out the appropriate entries in /etc/netconfig: 
    udp        tpi_clts      v     inet     udp     - -
tcp        tpi_cots_ord  v     inet     tcp     - -
#udp6       tpi_clts      v     inet6    udp    - -
#tcp6       tpi_cots_ord  v     inet6    tcp    - -
rawip      tpi_raw       -     inet      -      - -
local      tpi_cots_ord  -     loopback  -      - -
unix       tpi_cots_ord  -     loopback  -      - -
  7. PostgreSQL 9. Ensure ipv4 in listen_addresses (file /etc/postgresql/9.1/main/postgresql.conf): 
    # - Connection Settings
listen_addresses = '0.0.0.0'
    Comment out lines related to ipv6 (file /etc/postgresql/9.1/main/pg_hba.conf): 
    # IPv6 local connections:
#host  all     all     ::1/128   md5
    Restart postgresql.
  8. Disable ipv6 in kernel: 
    echo net.ipv6.conf.all.disable_ipv6=1 \
> /etc/sysctl.d/disableipv6.conf
  9. Disable ipv6 in kernel modules (file /etc/modprobe.d/aliases.conf): 
    # alias net-pf-10 ipv6
alias net-pf-10 off
alias ipv6 off
The next time the system boots it will have ipv6 disabled. Let verify it with: 
netstat -tunlp
Here is a sample output: 
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 192.168.10.2:53         0.0.0.0:*               LISTEN      895/named       
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      895/named       
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      734/sshd        
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      895/named       
udp        0      0 192.168.10.2:53         0.0.0.0:*                           895/named       
udp        0      0 127.0.0.1:53            0.0.0.0:*                           895/named
Read more about ipv6 here.
Posted by Andriy Kornatskyy at 9:00 PM 8 comments
Labels: , ,

Wednesday, November 24, 2010

How to Compile a Kernel in Debian

Here you will see how to build Debian deb package for linux kernel source.

Install Tools

First of all install few tools: 
apt-get install kernel-package libncurses5-dev fakeroot bzip2 build-essential

Prepare Working Directory

  1. Add users to group src: 
    usermod -a -G src user1
  2. Ensure group src is the owner of /usr/src: 
    chgrp -R src /usr/src
chmod g+s /usr/src
chmod -R g+w /usr/src

Download Kernel Source

  1. Change your working directory to /usr/src/: 
    cd /usr/src
  2. Download kernel source from kernel.org: 
    wget -c http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.36.tar.bz2
  3. Decompress kernel source and create a symbolic link: 
    tar xjf linux-2.6.36.tar.bz2
test -L linux && rm linux 
ln -s linux-2.6.36 linux
cd linux

Configure Kernel

  1. Let use existing kernel configuration as a start point: 
    cp /boot/config-`uname -r` /usr/src/linux/.config
  2. Launch kernel configuration tool: 
    make menuconfig
  3. Start kernel build (this may take from 20 mins to few hours depending on your hardware and number of CPUs): 
    time fakeroot make-kpkg -j 2 --initrd --append-to-version=-custom kernel_image kernel_headers
  4. Once build finishes you should get two .deb files in parent directory: 
    deby01:/usr/src$ ls -l *.deb

linux-headers-2.6.36-custom_2.6.36-custom-10.00.Custom_amd64.deb
linux-image-2.6.36-custom_2.6.36-custom-10.00.Custom_amd64.deb

Install Kernel

  1. Install linux kernel and image deb packages by issuing the following command: 
    dpkg -i *.deb
  2. Restart your computer: 
    shutdown -r now
  3. Once it restarts check the kernel version you are using: 
    deby01:~$ uname -r
2.6.36-custom
Enjoy your custom kernel.
Posted by Andriy Kornatskyy at 8:00 PM 0 comments
Labels: ,

Thursday, April 29, 2010

Suppress kernel talkativness

Kernel log levels (defined in linux/kernel.h): 
#define KERN_EMERG    "<0>"  /* system is unusable               */
#define KERN_ALERT    "<1>"  /* action must be taken immediately */
#define KERN_CRIT     "<2>"  /* critical conditions              */
#define KERN_ERR      "<3>"  /* error conditions                 */
#define KERN_WARNING  "<4>"  /* warning conditions               */
#define KERN_NOTICE   "<5>"  /* normal but significant condition */
#define KERN_INFO     "<6>"  /* informational                    */
#define KERN_DEBUG    "<7>"  /* debug-level messages             */
Check the current log level: 
deby:~# cat /proc/sys/kernel/printk
7 4 1 7

sysctl.conf

Ensure you have the following in /etc/sysctl.conf: 
# The four values in printk denote: 
# console_loglevel, default_message_loglevel,
# minimum_console_loglevel, default_console_loglevel
#
# Uncomment the following to stop low-level messages on console
kernel.printk = 4 4 1 6
These changes become effective after reboot. But you might need changes take place immediately: 
echo "4 4 1 6" > /proc/sys/kernel/printk

grub

You can pass quiet parameter during kernel boot in /boot/grub/menu.list in order to suppress logs during boot: 
kernel /boot/vmlinuz-2.6.26-2-686 root=/dev/sda1 ro quiet panic=0
Please note that after kernel upgrade the above changes to grub will be lost, so take this into account or add another section to your grub loader as shown below. 
# Put static boot stanzas before and/or after AUTOMAGIC KERNEL LIST
title    Debian GNU/Linux, kernel 2.6.26-2-686 (quiet)
root     (hd0,0)
kernel   /boot/vmlinuz-2.6.26-2-686 root=/dev/sda1 ro quiet panic=0
initrd   /boot/initrd.img-2.6.26-2-686

### BEGIN AUTOMAGIC KERNELS LIST
## lines between the AUTOMAGIC KERNELS LIST markers will be modified
## by the debian update-grub script except for the default options 
## below
Posted by Andriy Kornatskyy at 11:00 PM 0 comments
Labels: , , ,

Wednesday, April 28, 2010

Error: Driver 'pcspkr' is already registered, aborting...

If you are experiencing the following complain during the boot (see /var/log/kern.log): 
Dec 14 17:08:40 deby kernel: [    5.973561] Error: 
Driver 'pcspkr' is already registered, aborting...
Issue the following command and reboot: 
echo 'blacklist snd-pcsp' >> \
    /etc/modprobe.d/blacklist.conf
Posted by Andriy Kornatskyy at 11:00 PM 0 comments
Labels: ,

Tuesday, April 27, 2010

Secure network with kernel features

You can configure /etc/sysctl.conf to enable certain kernel options that will help your network be more secure: 
# Ignore ICMP broadcasts
net.ipv4.icmp_echo_ignore_broadcasts = 1
#
# Ignore bogus ICMP errors
net.ipv4.icmp_ignore_bogus_error_responses = 1
#
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
#
# Do not send ICMP redirects (we are not a router)
net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not
# a router)
net.ipv4.conf.all.accept_source_route = 0
Posted by Andriy Kornatskyy at 10:00 PM 0 comments
Labels: , , ,

Monday, April 26, 2010

Disable reboot continuously on kernel panic

In order to disable reboot continuously on kernel panic add panic=0 to the kernel boot options in /boot/grub/menu.list: 
kernel /boot/vmlinuz-2.6.26-2-686 root=/dev/sda1 ro quiet panic=0
Posted by Andriy Kornatskyy at 1:09 PM 2 comments
Labels: , , ,
Subscribe to: Posts ( Atom )