La page demandée n'existe pas.
Ceci est une ancienne révision du document !
Table des matières
Version : 2022.01
Last updated : 2022/06/05 17:56
LCE602 - Compiling the Kernel and Managing Quotas
Contents
- LCE602 - Compiling the Kernel and Managing Quotas
- Contents
- The Linux Kernel
- LAB #1 - Modules
- LAB #2 - Compiling and Installing a Kernel and Modules
- 2.1 - Move /home
- 2.2 - Preparing the Environment
- 2.3 - Preparing the Kernel Source Tree
- The .config file
- The Makefile file
- 2.4 - Configuring the Kernel
- 2.5 - Compiling the Kernel
- 2.6 - Installing the Kernel
- LAB #3 - Managing Quotas
- 3.1 - The quotacheck Command
- 3.2 - The edquota Command
- 3.3 - The quotaon Command
- 3.4 - The repquota Command
- 3.5 - The quota Command
- 3.6 - The warnquota Command
The Linux Kernel
The Kernel is the part of the OS that is responsible for managing peripherals' I/O. Sometimes it is necessary to recompile the Kernel in very specific scenarios:
- reducing the Kernel footprint,
- supporting new peripherals,
- adding new functionalities,
- optimising code,
- correcting bugs,
- using experimental functions.
Start by updating CentOS 8:
[root@centos8 ~]# dnf update ... [root@centos8 ~]# reboot
Now identifiy the current Linux kernel:
[root@centos8 ~]# uname -r 4.18.0-305.7.1.el8_4.x86_64
LAB #1 - Modules
Under normal circumstances it is however preferable to make use of the Kernel modules as opposed to recompiling the Kernel. Kernel modules can be found in the /lib/modules/<kernel-version> directory:
[root@centos8 ~]# ls /lib/modules/`uname -r`/ bls.conf modules.builtin modules.networking System.map build modules.builtin.bin modules.order updates config modules.dep modules.softdep vdso kernel modules.dep.bin modules.symbols vmlinuz modules.alias modules.devname modules.symbols.bin weak-updates modules.alias.bin modules.drm source modules.block modules.modesetting symvers.gz
Commands used to manage modules are:
- insmod
- rmmod
- lsmod
- modprobe
For example :
[root@centos8 ~]# lsmod Module Size Used by xt_CHECKSUM 16384 1 ipt_MASQUERADE 16384 3 xt_conntrack 16384 1 ipt_REJECT 16384 2 nft_compat 20480 16 nf_nat_tftp 16384 0 nft_objref 16384 1 nf_conntrack_tftp 16384 3 nf_nat_tftp nft_counter 16384 33 tun 53248 1 bridge 192512 0 stp 16384 1 bridge llc 16384 2 bridge,stp nft_fib_inet 16384 1 nft_fib_ipv4 16384 1 nft_fib_inet nft_fib_ipv6 16384 1 nft_fib_inet nft_fib 16384 3 nft_fib_ipv6,nft_fib_ipv4,nft_fib_inet nft_reject_inet 16384 5 nf_reject_ipv4 16384 2 nft_reject_inet,ipt_REJECT nf_reject_ipv6 16384 1 nft_reject_inet nft_reject 16384 1 nft_reject_inet nft_ct 20480 19 nf_tables_set 49152 21 nft_chain_nat 16384 12 nf_nat 45056 3 ipt_MASQUERADE,nf_nat_tftp,nft_chain_nat nf_conntrack 172032 6 xt_conntrack,nf_nat,nf_conntrack_tftp,nft_ct,ipt_MASQUERADE,nf_nat_tftp nf_defrag_ipv6 20480 1 nf_conntrack nf_defrag_ipv4 16384 1 nf_conntrack ip_set 49152 0 nf_tables 172032 414 nft_ct,nft_compat,nft_reject_inet,nft_fib_ipv6,nft_objref,nft_fib_ipv4,nft_counter,nft_chain_nat,nf_tables_set,nft_reject,nft_fib,nft_fib_inet nfnetlink 16384 4 nft_compat,nf_tables,ip_set sunrpc 540672 1 ext4 761856 1 mbcache 16384 1 ext4 jbd2 131072 1 ext4 virtio_balloon 20480 0 pcspkr 16384 0 i2c_piix4 24576 0 joydev 24576 0 ip_tables 28672 0 xfs 1515520 1 libcrc32c 16384 4 nf_conntrack,nf_nat,nf_tables,xfs sr_mod 28672 0 sd_mod 53248 3 cdrom 65536 1 sr_mod t10_pi 16384 1 sd_mod sg 40960 0 ata_generic 16384 0 bochs_drm 16384 1 drm_vram_helper 28672 1 bochs_drm drm_kms_helper 233472 4 drm_vram_helper,bochs_drm syscopyarea 16384 1 drm_kms_helper sysfillrect 16384 1 drm_kms_helper sysimgblt 16384 1 drm_kms_helper fb_sys_fops 16384 1 drm_kms_helper drm_ttm_helper 16384 1 drm_vram_helper ttm 114688 2 drm_vram_helper,drm_ttm_helper drm 569344 7 drm_kms_helper,drm_vram_helper,bochs_drm,drm_ttm_helper,ttm ahci 40960 2 libahci 40960 1 ahci virtio_net 53248 0 net_failover 24576 1 virtio_net ata_piix 36864 0 serio_raw 16384 0 failover 16384 1 net_failover libata 270336 4 ata_piix,libahci,ahci,ata_generic dm_mirror 28672 0 dm_region_hash 20480 1 dm_mirror dm_log 20480 2 dm_region_hash,dm_mirror dm_mod 151552 8 dm_log,dm_mirror fuse 151552 3
To add a module, you can use either the insmod or the modprobe command. The latter also manages the dependencies of the to-be-installed module:
[root@centos8 ~]# modprobe bonding [root@centos8 ~]# lsmod | more Module Size Used by bonding 196608 0 xt_CHECKSUM 16384 1 ipt_MASQUERADE 16384 3 xt_conntrack 16384 1 ipt_REJECT 16384 2 nft_compat 20480 16 nf_nat_tftp 16384 0 nft_objref 16384 1 nf_conntrack_tftp 16384 3 nf_nat_tftp nft_counter 16384 33 tun 53248 1 bridge 192512 0 stp 16384 1 bridge llc 16384 2 bridge,stp nft_fib_inet 16384 1 nft_fib_ipv4 16384 1 nft_fib_inet nft_fib_ipv6 16384 1 nft_fib_inet nft_fib 16384 3 nft_fib_ipv6,nft_fib_ipv4,nft_fib_inet nft_reject_inet 16384 5 nf_reject_ipv4 16384 2 nft_reject_inet,ipt_REJECT nf_reject_ipv6 16384 1 nft_reject_inet --More--
To delete a module, you can use either the rmmod command or the modprobe -r command. The latter also deletes any unused dependencies of the deleted module:
[root@centos8 ~]# modprobe -r bonding [root@centos8 ~]# lsmod | more Module Size Used by xt_CHECKSUM 16384 1 ipt_MASQUERADE 16384 3 xt_conntrack 16384 1 ipt_REJECT 16384 2 nft_compat 20480 16 nf_nat_tftp 16384 0 nft_objref 16384 1 nf_conntrack_tftp 16384 3 nf_nat_tftp nft_counter 16384 33 tun 53248 1 bridge 192512 0 stp 16384 1 bridge llc 16384 2 bridge,stp nft_fib_inet 16384 1 nft_fib_ipv4 16384 1 nft_fib_inet nft_fib_ipv6 16384 1 nft_fib_inet nft_fib 16384 3 nft_fib_ipv6,nft_fib_ipv4,nft_fib_inet nft_reject_inet 16384 5 nf_reject_ipv4 16384 2 nft_reject_inet,ipt_REJECT nf_reject_ipv6 16384 1 nft_reject_inet nft_reject 16384 1 nft_reject_inet --More--
Module dependencies are resolved by the modprobe command by using the /lib/modules/<kernel-version>/modules.dep file. This latter can be created by using the depmod command:
[root@centos8 ~]# more /lib/modules/`uname -r`/modules.dep kernel/arch/x86/events/amd/power.ko.xz: kernel/arch/x86/events/intel/intel-uncore.ko.xz: kernel/arch/x86/events/intel/intel-cstate.ko.xz: kernel/arch/x86/events/rapl.ko.xz: kernel/arch/x86/kernel/cpu/mce/mce-inject.ko.xz: kernel/arch/x86/crypto/des3_ede-x86_64.ko.xz: kernel/crypto/des_generic.ko.xz kernel/arch/x86/crypto/camellia-x86_64.ko.xz: kernel/arch/x86/crypto/blowfish-x86_64.ko.xz: kernel/crypto/blowfish_common.ko.xz kernel/arch/x86/crypto/twofish-x86_64.ko.xz: kernel/crypto/twofish_common.ko.xz kernel/arch/x86/crypto/twofish-x86_64-3way.ko.xz: kernel/arch/x86/crypto/twofish-x86_64.ko. xz kernel/crypto/twofish_common.ko.xz kernel/arch/x86/crypto/chacha20-x86_64.ko.xz: kernel/crypto/chacha20_generic.ko.xz kernel/arch/x86/crypto/serpent-sse2-x86_64.ko.xz: kernel/crypto/serpent_generic.ko.xz kernel/arch/x86/crypto/ghash-clmulni-intel.ko.xz: kernel/arch/x86/crypto/crc32c-intel.ko.xz: kernel/arch/x86/crypto/crc32-pclmul.ko.xz: kernel/arch/x86/crypto/sha512-ssse3.ko.xz: kernel/crypto/sha512_generic.ko.xz kernel/arch/x86/crypto/crct10dif-pclmul.ko.xz: kernel/arch/x86/crypto/poly1305-x86_64.ko.xz: kernel/crypto/poly1305_generic.ko.xz kernel/arch/x86/crypto/camellia-aesni-avx-x86_64.ko.xz: kernel/arch/x86/crypto/camellia-x86 _64.ko.xz kernel/arch/x86/crypto/cast5-avx-x86_64.ko.xz: kernel/crypto/cast5_generic.ko.xz kernel/cry --More--(0%)
To see information about a specific module, use the modinfo command:
[root@centos8 ~]# modinfo bonding
filename: /lib/modules/4.18.0-305.7.1.el8_4.x86_64/kernel/drivers/net/bonding/bonding.ko.xz
author: Thomas Davis, tadavis@lbl.gov and many others
description: Ethernet Channel Bonding Driver
license: GPL
alias: rtnl-link-bond
rhelversion: 8.4
srcversion: 445F4CC9A2F7E64E3A87FD0
depends:
intree: Y
name: bonding
vermagic: 4.18.0-305.7.1.el8_4.x86_64 SMP mod_unload modversions
sig_id: PKCS#7
signer: CentOS kernel signing key
sig_key: 3B:5A:0A:B8:8E:4A:51:C0:AA:FF:97:FD:CB:94:D6:B6:D2:46:B8:17
sig_hashalgo: sha256
signature: B2:3A:20:BE:2B:F3:E0:5A:1A:74:0E:69:76:40:2A:D4:80:10:2C:5A:
B7:F1:1E:7A:71:13:29:F0:0A:4A:28:EE:81:33:C8:C2:5C:BD:FF:E4:
3F:A9:15:A3:9A:0E:A7:98:9E:99:06:23:10:47:D3:B2:48:B3:F1:61:
BE:4B:B0:FC:62:B9:3B:D6:64:CC:E3:29:01:4D:91:92:32:FD:EB:54:
44:F1:2C:1B:23:30:F1:3E:EE:69:EA:94:54:D9:A0:8D:16:53:F5:20:
DE:38:A0:13:E8:2F:89:66:CB:11:D7:AA:30:37:7B:EC:DF:A1:69:29:
7F:4E:80:4D:34:6E:F2:07:01:FA:18:23:94:58:10:C6:97:27:68:B9:
D8:08:5E:9D:00:17:F4:1B:48:BE:CA:BF:5C:5A:A8:6D:36:EE:3F:95:
BA:BE:59:82:EE:7B:CA:BB:32:1E:E3:05:ED:C9:C2:C8:10:64:B9:29:
B8:09:4B:79:42:65:1A:FA:99:96:BA:7E:2D:6E:75:F1:91:0E:F4:9A:
8F:11:10:9F:70:BD:35:06:BE:F0:4C:D8:AB:D5:C4:E1:B3:A2:2A:CA:
58:CA:9E:16:1D:0C:BE:9C:37:A1:82:20:6F:24:CD:23:63:F7:F5:BC:
6E:81:14:F0:52:DA:04:0E:9D:CC:17:60:2D:B0:D8:BD:6E:2C:AD:E7:
50:48:49:B6:57:96:AC:FD:A4:29:33:01:43:92:32:88:A2:AC:CB:93:
2F:C3:29:F3:01:77:84:00:AB:AA:C8:59:43:F1:DA:90:7B:5F:9A:A9:
CA:60:97:34:85:5E:98:56:73:03:0D:D7:8D:A6:AB:51:D4:8C:92:91:
0C:0A:BA:6B:92:01:16:FE:8B:86:80:11:5F:8E:21:BD:C2:2F:02:58:
A6:CF:6C:E3:87:28:8B:4D:CE:54:8C:00:B3:F7:AE:9E:01:81:1E:83:
AE:6D:58:B0:10:98:36:D9:69:76:E2:C0:E2:15:94:3B:D4:14:19:D9:
59:86:75:31
parm: max_bonds:Max number of bonded devices (int)
parm: tx_queues:Max number of transmit queues (default = 16) (int)
parm: num_grat_arp:Number of peer notifications to send on failover event (alias of num_unsol_na) (int)
parm: num_unsol_na:Number of peer notifications to send on failover event (alias of num_grat_arp) (int)
parm: miimon:Link check interval in milliseconds (int)
parm: updelay:Delay before considering link up, in milliseconds (int)
parm: downdelay:Delay before considering link down, in milliseconds (int)
parm: use_carrier:Use netif_carrier_ok (vs MII ioctls) in miimon; 0 for off, 1 for on (default) (int)
parm: mode:Mode of operation; 0 for balance-rr, 1 for active-backup, 2 for balance-xor, 3 for broadcast, 4 for 802.3ad, 5 for balance-tlb, 6 for balance-alb (charp)
parm: primary:Primary network device to use (charp)
parm: primary_reselect:Reselect primary slave once it comes up; 0 for always (default), 1 for only if speed of primary is better, 2 for only on active slave failure (charp)
parm: lacp_rate:LACPDU tx rate to request from 802.3ad partner; 0 for slow, 1 for fast (charp)
parm: ad_select:802.3ad aggregation selection logic; 0 for stable (default), 1 for bandwidth, 2 for count (charp)
parm: min_links:Minimum number of available links before turning on carrier (int)
parm: xmit_hash_policy:balance-alb, balance-tlb, balance-xor, 802.3ad hashing method; 0 for layer 2 (default), 1 for layer 3+4, 2 for layer 2+3, 3 for encap layer 2+3, 4 for encap layer 3+4, 5 for vlan+srcmac (charp)
parm: arp_interval:arp interval in milliseconds (int)
parm: arp_ip_target:arp targets in n.n.n.n form (array of charp)
parm: arp_validate:validate src/dst of ARP probes; 0 for none (default), 1 for active, 2 for backup, 3 for all (charp)
parm: arp_all_targets:fail on any/all arp targets timeout; 0 for any (default), 1 for all (charp)
parm: fail_over_mac:For active-backup, do not set all slaves to the same MAC; 0 for none (default), 1 for active, 2 for follow (charp)
parm: all_slaves_active:Keep all frames received on an interface by setting active flag for all slaves; 0 for never (default), 1 for always. (int)
parm: resend_igmp:Number of IGMP membership reports to send on link failure (int)
parm: packets_per_slave:Packets to send per slave in balance-rr mode; 0 for a random slave, 1 packet per slave (default), >1 packets per slave. (int)
parm: lp_interval:The number of seconds between instances where the bonding driver sends learning packets to each slaves peer switch. The default is 1. (uint)
Finally, files in the /etc/modprobe.d directory are used to specify certain options to be passed to modules when they are loaded and also any aliases used to refer to modules:
[root@centos8 ~]# ls /etc/modprobe.d firewalld-sysctls.conf lockd.conf nvdimm-security.conf tuned.conf kvm.conf mlx4.conf truescale.conf vhost.conf [root@centos8 ~]# cat /etc/modprobe.d/kvm.conf # Setting modprobe kvm_intel/kvm_amd nested = 1 # only enables Nested Virtualization until the next reboot or # module reload. Uncomment the option applicable # to your system below to enable the feature permanently. # # User changes in this file are preserved across upgrades. # # For Intel #options kvm_intel nested=1 # # For AMD #options kvm_amd nested=1
LAB #2 - Compiling and Installing a Kernel and Modules
Firstly, activate the CentOS-Linux-PowerTools repository by setting the enabled directive to 1:
[root@centos8 ~]# vi /etc/yum.repos.d/CentOS-Linux-PowerTools.repo [root@centos8 ~]# cat /etc/yum.repos.d/CentOS-Linux-PowerTools.repo # CentOS-Linux-PowerTools.repo # # The mirrorlist system uses the connecting IP address of the client and the # update status of each mirror to pick current mirrors that are geographically # close to the client. You should use this for CentOS updates unless you are # manually picking other mirrors. # # If the mirrorlist does not work for you, you can try the commented out # baseurl line instead. [powertools] name=CentOS Linux $releasever - PowerTools mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=PowerTools&infra=$infra #baseurl=http://mirror.centos.org/$contentdir/$releasever/PowerTools/$basearch/os/ gpgcheck=1 enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Now install the package group “Development Tools” and the packages required for compiling the Kernel:
[root@centos8 ~]# dnf groupinstall "Development Tools" ... [root@centos8 ~]# dnf install asciidoc audit-libs-devel bash bc binutils binutils-devel bison diffutils elfutils elfutils-devel elfutils-libelf-devel findutils flex gawk gcc gettext gzip hmaccalc hostname make module-init-tools ncurses-devel net-tools newt-devel numactl-devel openssl patch pciutils-devel perl perl-ExtUtils-Embed pesign redhat-rpm-config rpm-build rpmdevtools sh-utils tar xmlto xz zlib-devel ...
2.1 - Move /home
Important - You should not compile a Kernel as the root user for security reasons. To compile a Kernel a user requires at least 20 GB of free disk space in their home directory.
To do - Log out of your CentOS8_SSH_10.0.2.45 session and open a new session using the CentOS8_ROOT_10.0.2.45 connection.
Create a partition on /dev/sdc :
[root@centos8 ~]# fdisk /dev/sdc
Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xc321702b.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p):
Using default response p.
Partition number (1-4, default 1):
First sector (2048-41943039, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-41943039, default 41943039):
Created a new partition 1 of type 'Linux' and of size 20 GiB.
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
Now create an ext4 filesystem on /dev/sdc1 :
[root@centos8 ~]# mkfs.ext4 /dev/sdc1
mke2fs 1.45.6 (20-Mar-2020)
Discarding device blocks: done
Creating filesystem with 16776960 4k blocks and 4194304 inodes
Filesystem UUID: dc92c0d7-919b-4fff-8719-53e9e7e628dd
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424
Allocating group tables: done
Writing inode tables: done
Creating journal (65536 blocks): done
Writing superblocks and filesystem accounting information: done
Mount /dev/sdc1 on /mnt :
[root@centos8 ~]# mount /dev/sdc1 /mnt
Copy the content of /home to /mnt :
[root@centos8 ~]# cp -a /home/* /mnt
Unmount /dev/sdc1 and move /home to /root :
[root@centos8 ~]# umount /mnt [root@centos8 ~]# mv /home /root
Get the UUID of /dev/sdc1 :
[root@centos8 ~]# ls -l /dev/disk/by-uuid/ | grep sdc1 lrwxrwxrwx. 1 root root 10 Jul 19 12:02 f76d6b66-985b-4a91-af9c-4987e8c1443c -> ../../sdc [root@centos8 ~]#
Edit the /etc/fstab file add a line for /dev/sdc1:
[root@centos8 ~]# vi /etc/fstab [root@centos8 ~]# cat /etc/fstab # # /etc/fstab # Created by anaconda on Wed Jun 16 06:21:32 2021 # # Accessible filesystems, by reference, are maintained under '/dev/disk/'. # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info. # # After editing this file, run 'systemctl daemon-reload' to update systemd # units generated from this file. # /dev/mapper/cl_centos8-root / xfs defaults 0 0 UUID=1c04981e-5317-4b73-9695-3ce25246835d /boot ext4 defaults 1 2 /dev/mapper/cl_centos8-swap swap swap defaults 0 0 UUID=f76d6b66-985b-4a91-af9c-4987e8c1443c /home ext4 defaults 1 2
Create a new mount point foe /home:
[root@centos8 ~]# mkdir /home
Mount /dev/sdc1 :
[root@centos8 ~]# mount -a [root@centos8 ~]# mount sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=1882880k,nr_inodes=470720,mode=755) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755) tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,seclabel,mode=755) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd) pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime,seclabel) bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700) cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,hugetlb) cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,memory) cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,cpu,cpuacct) cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,rdma) cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,pids) cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,cpuset) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,perf_event) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,freezer) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,blkio) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,net_cls,net_prio) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,devices) none on /sys/kernel/tracing type tracefs (rw,relatime,seclabel) configfs on /sys/kernel/config type configfs (rw,relatime) /dev/mapper/cl_centos8-root on / type xfs (rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota) selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime) mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel) hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel,pagesize=2M) debugfs on /sys/kernel/debug type debugfs (rw,relatime,seclabel) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=40,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=6022) fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime) /dev/sda1 on /boot type ext4 (rw,relatime,seclabel) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=382500k,mode=700,uid=1000,gid=1000) tmpfs on /run/user/42 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=382500k,mode=700,uid=42,gid=42) gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000) tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=382500k,mode=700) gvfsd-fuse on /run/user/0/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=0,group_id=0) /dev/sdc1 on /home type ext4 (rw,relatime,seclabel)
Check the current size of /home :
[root@centos8 ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 1.8G 0 1.8G 0% /dev tmpfs 1.9G 0 1.9G 0% /dev/shm tmpfs 1.9G 9.4M 1.9G 1% /run tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup /dev/mapper/cl_centos8-root 28G 5.2G 23G 19% / /dev/sda1 976M 289M 620M 32% /boot tmpfs 374M 16K 374M 1% /run/user/1000 tmpfs 374M 1.2M 373M 1% /run/user/42 /dev/sdc1 63G 67M 60G 1% /home
To do - Log out of your CentOS8_ROOT_10.0.2.45 session and open a new session using the CentOS8_SSH_10.0.2.45 connection.
2.2 - Preparing the Environment
To create the Kernel Source Tree in /home/trainee, use the rpmdev-setuptree command:
[trainee@centos8 ~]$ rpmdev-setuptree ...> [trainee@centos8 ~]$ ls -laR rpmbuild/ rpmbuild/: total 28 drwxrwxr-x. 7 trainee trainee 4096 Jul 19 12:10 . drwxr-xr-x. 17 trainee trainee 4096 Jul 19 12:10 .. drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 BUILD drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 RPMS drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 SOURCES drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 SPECS drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 SRPMS rpmbuild/BUILD: total 8 drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 . drwxrwxr-x. 7 trainee trainee 4096 Jul 19 12:10 .. rpmbuild/RPMS: total 8 drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 . drwxrwxr-x. 7 trainee trainee 4096 Jul 19 12:10 .. rpmbuild/SOURCES: total 8 drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 . drwxrwxr-x. 7 trainee trainee 4096 Jul 19 12:10 .. rpmbuild/SPECS: total 8 drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 . drwxrwxr-x. 7 trainee trainee 4096 Jul 19 12:10 .. rpmbuild/SRPMS: total 8 drwxrwxr-x. 2 trainee trainee 4096 Jul 19 12:10 . drwxrwxr-x. 7 trainee trainee 4096 Jul 19 12:10 ..
Download the Kernel source RPM:
[trainee@centos8 ~]$ uname -a Linux centos8.ittraining.loc 4.18.0-305.7.1.el8_4.x86_64 #1 SMP Tue Jun 29 21:55:12 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux [trainee@centos8 ~]$ cat /etc/centos-release CentOS Linux release 8.4.2105 [trainee@centos8 ~]$ wget https://vault.centos.org/8.4.2105/BaseOS/Source/SPackages/kernel-4.18.0-305.7.1.el8_4.src.rpm --2021-07-14 02:54:14-- https://vault.centos.org/8.4.2105/BaseOS/Source/SPackages/kernel-4.18.0-305.7.1.el8_4.src.rpm Resolving vault.centos.org (vault.centos.org)... 81.171.33.194, 2a05:d014:10:7803:4af1:9320:7050:d28e Connecting to vault.centos.org (vault.centos.org)|81.171.33.194|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 123000617 (117M) [application/x-rpm] Saving to: ‘kernel-4.18.0-305.7.1.el8_4.src.rpm’ kernel-4.18.0-305.7.1. 100%[===========================>] 117.30M 1.49MB/s in 79s 2021-07-14 02:55:33 (1.49 MB/s) - ‘kernel-4.18.0-305.7.1.el8_4.src.rpm’ saved [123000617/123000617]
Now install the required dependencies:
[trainee@centos8 ~]$ su - Mot de passe : fenestros [root@centos8 ~]# dnf install yum-utils ... [root@centos8 ~]# yum-builddep /home/trainee/kernel-4.18.0-305.7.1.el8_4.src.rpm ...
Install the kernel-4.18.0-305.7.1.el8_4.src.rpm package:
[root@centos8 ~]# exit logout [trainee@centos8 ~]$ rpm -Uvh kernel-4.18.0-305.7.1.el8_4.src.rpm Updating / installing... 1:kernel-4.18.0-305.7.1.el8_4 warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root ################################# [100%] warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root warning: user mockbuild does not exist - using root warning: group mockbuild does not exist - using root
Important - Note that the errors are not important.
2.3 - Preparing the Kernel Source Tree
Move to the ~/rpmbuild/SPECS directory and use the rpmbuild command to create the Kernel Source Tree:
[trainee@centos7 ~]$ cd ~/rpmbuild/SPECS [trainee@centos7 SPECS]$ rpmbuild -bp --target=$(uname -m) kernel.spec ...
At the end of the process, check what has been created:
[trainee@centos8 SPECS]$ ls -la ~/rpmbuild/BUILD/kernel-4.18.0-305.7.1.el8_4/linux-4.18.0-305.7.1.el8.x86_64/ total 812 drwxr-xr-x. 26 trainee trainee 4096 Jul 14 03:13 . drwxr-xr-x. 3 trainee trainee 4096 Jul 14 03:12 .. drwxr-xr-x. 27 trainee trainee 4096 Jul 14 03:13 arch drwxr-xr-x. 3 trainee trainee 4096 Jun 14 10:33 block drwxr-xr-x. 2 trainee trainee 4096 Jul 14 03:13 certs -rw-r--r--. 1 trainee trainee 13079 Jun 14 10:33 .clang-format -rw-r--r--. 1 trainee trainee 59 Jun 14 10:33 .cocciconfig drwxr-xr-x. 2 trainee trainee 4096 Jul 14 03:13 configs -rw-r--r--. 1 trainee trainee 423 Jun 14 10:33 COPYING-4.18.0 -rw-r--r--. 1 trainee trainee 98651 Jun 14 10:33 CREDITS drwxr-xr-x. 4 trainee trainee 4096 Jun 14 10:33 crypto drwxr-xr-x. 119 trainee trainee 4096 Jul 14 03:13 Documentation drwxr-xr-x. 137 trainee trainee 4096 Jun 14 10:33 drivers drwxr-xr-x. 2 trainee trainee 4096 Jul 14 03:13 firmware drwxr-xr-x. 73 trainee trainee 4096 Jun 14 10:33 fs -rw-r--r--. 1 trainee trainee 68 Jun 14 10:33 .get_maintainer.conf -rw-r--r--. 1 trainee trainee 31 Jun 14 10:33 .get_maintainer.ignore -rw-r--r--. 1 trainee trainee 76 Jun 14 10:33 .gitattributes -rw-r--r--. 1 trainee trainee 1639 Jun 14 10:33 .gitlab-ci-private.yml -rw-r--r--. 1 trainee trainee 1668 Jun 14 10:33 .gitlab-ci.yml drwxr-xr-x. 30 trainee trainee 4096 Jun 14 10:33 include drwxr-xr-x. 2 trainee trainee 4096 Jun 14 10:33 init drwxr-xr-x. 2 trainee trainee 4096 Jun 14 10:33 ipc -rw-r--r--. 1 trainee trainee 2245 Jun 14 10:33 Kbuild -rw-r--r--. 1 trainee trainee 575 Jun 14 10:33 Kconfig drwxr-xr-x. 19 trainee trainee 4096 Jul 14 03:13 kernel drwxr-xr-x. 20 trainee trainee 12288 Jul 14 03:13 lib drwxr-xr-x. 5 trainee trainee 4096 Jun 14 10:33 LICENSES -rw-r--r--. 1 trainee trainee 9559 Jun 14 10:33 .mailmap -rw-r--r--. 1 trainee trainee 471696 Jun 14 10:33 MAINTAINERS -rw-r--r--. 1 trainee trainee 61558 Jun 14 10:33 Makefile -rw-r--r--. 1 trainee trainee 1324 Jun 14 10:33 Makefile.rhelver -rw-r--r--. 1 trainee trainee 0 Jul 14 03:13 .mismatches drwxr-xr-x. 3 trainee trainee 4096 Jun 14 10:33 mm drwxr-xr-x. 72 trainee trainee 4096 Jun 14 10:33 net -rw-r--r--. 1 trainee trainee 800 Jun 14 10:33 README drwxr-xr-x. 28 trainee trainee 4096 Jun 14 10:33 samples -rw-r--r--. 1 trainee trainee 0 Jul 14 03:12 .scmversion drwxr-xr-x. 14 trainee trainee 4096 Jul 14 03:13 scripts drwxr-xr-x. 10 trainee trainee 4096 Jun 14 10:33 security drwxr-xr-x. 26 trainee trainee 4096 Jun 14 10:33 sound drwxr-xr-x. 33 trainee trainee 4096 Jun 14 10:33 tools drwxr-xr-x. 2 trainee trainee 4096 Jul 14 03:13 usr drwxr-xr-x. 4 trainee trainee 4096 Jun 14 10:33 virt
The .config File
Move to ~/rpmbuild/BUILD/kernel-*/linux-*/:
[trainee@centos8 SPECS]$ cd ~/rpmbuild/BUILD/kernel-*/linux-*/
Copy the configs/kernel-4.18.0-`uname -m`.config file to .config in the current working directory:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ cp configs/kernel-4.18.0-`uname -m`.config .config
Update the .config file with the configuration Kernel settings:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ make oldconfig scripts/kconfig/conf --oldconfig Kconfig # # configuration written to .config #
Important - The above command reads the .config file of the current Kernel and compares the contents with the new configuration. In the case where there are any new configurations that are required, the command asks for the relevant information.
The .config file is generated by one of three binaries and should not be edited manually:
- make config
- make menuconfig
- make xconfig
Run the make menuconfig command:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ make menuconfig UPD scripts/kconfig/.mconf-cfg HOSTCC scripts/kconfig/mconf.o HOSTCC scripts/kconfig/lxdialog/checklist.o HOSTCC scripts/kconfig/lxdialog/inputbox.o HOSTCC scripts/kconfig/lxdialog/menubox.o HOSTCC scripts/kconfig/lxdialog/textbox.o HOSTCC scripts/kconfig/lxdialog/util.o HOSTCC scripts/kconfig/lxdialog/yesno.o HOSTLD scripts/kconfig/mconf scripts/kconfig/mconf Kconfig # # using defaults found in /boot/config-4.18.0-305.7.1.el8_4.x86_64 #
Looking at the interface, you will see lines used to configure the Kernel. In the case a letter is used, these are:
- y,
- the configuration is included in the Kernel,
- m,
- the configuration is not included in the Kernel but in a Kernel module,
- n,
- the configuration is neither included in the Kernel nor in a Kernel module.
At this stage, simply save the configuration and exit the interface:
*** End of the configuration. *** Execute 'make' to start the build or try 'make help'.
Check the presence of the .config file:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ ls -a . certs configs Documentation .get_maintainer.conf .gitlab-ci.yml Kbuild LICENSES Makefile.rhelver README security virt .. .clang-format COPYING-4.18.0 drivers .get_maintainer.ignore include Kconfig .mailmap .mismatches samples sound arch .cocciconfig CREDITS firmware .gitattributes init kernel MAINTAINERS mm .scmversion tools block .config crypto fs .gitlab-ci-private.yml ipc lib Makefile net scripts usr
Lokk at the contents of the .config file:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ more .config # # Automatically generated file; DO NOT EDIT. # Linux/x86 4.18.0 Kernel Configuration # # # Compiler: gcc (GCC) 8.4.1 20200928 (Red Hat 8.4.1-1) # CONFIG_64BIT=y CONFIG_X86_64=y CONFIG_X86=y CONFIG_INSTRUCTION_DECODER=y CONFIG_OUTPUT_FORMAT="elf64-x86-64" CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" CONFIG_LOCKDEP_SUPPORT=y CONFIG_STACKTRACE_SUPPORT=y CONFIG_MMU=y CONFIG_ARCH_MMAP_RND_BITS_MIN=28 CONFIG_ARCH_MMAP_RND_BITS_MAX=32 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 CONFIG_GENERIC_ISA_DMA=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y CONFIG_GENERIC_HWEIGHT=y CONFIG_ARCH_MAY_HAVE_PC_FDC=y CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_ARCH_HAS_CPU_RELAX=y CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y CONFIG_ARCH_HAS_FILTER_PGPROT=y CONFIG_HAVE_SETUP_PER_CPU_AREA=y CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y CONFIG_ARCH_HIBERNATION_POSSIBLE=y CONFIG_ARCH_SUSPEND_POSSIBLE=y CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y CONFIG_ARCH_WANT_GENERAL_HUGETLB=y CONFIG_ZONE_DMA32=y CONFIG_AUDIT_ARCH=y CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y --More--(0%)
The Makefile File
The Makefile contains the Kernel name and the following information:
- VERSION,
- PATCHLEVEL,
- SUBLEVEL,
- EXTRAVERSION.
Values for the first three directives are managed directly by kernel.org and Linus Torvalds whilst the EXTRAVERSION is managed by Red Hat:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ more Makefile # SPDX-License-Identifier: GPL-2.0 VERSION = 4 PATCHLEVEL = 18 SUBLEVEL = 0 EXTRAVERSION = NAME = Merciless Moray # # DRM backport version # RHEL_DRM_VERSION = 5 RHEL_DRM_PATCHLEVEL = 9 RHEL_DRM_SUBLEVEL = 14 # *DOCUMENTATION* # To see a list of typical targets execute "make help" # More info can be located in ./README # Comments in this file are targeted only to the developer, do not # expect to learn how to build the kernel reading this file. # That's our default target when none is given on the command line PHONY := _all _all: # o Do not use make's built-in rules and variables # (this increases performance and avoids hard-to-debug behaviour); # o Look for make include files relative to root of kernel src MAKEFLAGS += -rR --include-dir=$(CURDIR) # Avoid funny character set dependencies unexport LC_ALL LC_COLLATE=C LC_NUMERIC=C export LC_COLLATE LC_NUMERIC # Avoid interference with shell env settings unexport GREP_OPTIONS # Set RHEL variables # Use this spot to avoid future merge conflicts include Makefile.rhelver # We are using a recursive build, so we need to do a little thinking --Plus--(2%)
Important - The 2.6 version of the Linux Kernel came into being in 2003. Version 3.0 came out on the 20th anniversary of the Linux Kernel.
2.4 - Configuring the Kernel
Add the value shown by the uname -i command to the first line of the .config file:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ uname -i x86_64 [trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ vi .config [trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ head .config # x86_64 # # Automatically generated file; DO NOT EDIT. # Linux/x86 4.18.0 Kernel Configuration # # # Compiler: gcc (GCC) 8.4.1 20200928 (Red Hat 8.4.1-1) # CONFIG_64BIT=y
Rename the .config file and place it in the ~/rpmbuild/SOURCES/ directory:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ cp .config ~/rpmbuild/SOURCES/config-`uname -m`-generic [trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ ls ~/rpmbuild/SOURCES centos-ca-secureboot.der cpupower.config filter-x86_64.sh kernel-s390x.config mod-extra.list Module.kabi_s390x centos-dup.x509 cpupower.service generate_all_configs.sh kernel-s390x-debug.config mod-internal.list Module.kabi_x86_64 centos-kpatch.x509 debrand-rh-i686-cpu.patch generate_bls_conf.sh kernel-s390x-zfcpdump.config mod-sign.sh parallel_xz.sh centos.pem debrand-rh_taint.patch kernel-aarch64.config kernel-x86_64.config Module.kabi_aarch64 process_configs.sh centossecureboot001.der debrand-single-cpu.patch kernel-aarch64-debug.config kernel-x86_64-debug.config Module.kabi_dup_aarch64 x509.genkey centossecureboot201.der filter-aarch64.sh kernel-abi-stablelists-4.18.0-305.tar.bz2 kvm_stat.logrotate Module.kabi_dup_ppc64le centossecurebootca2.der filter-modules.sh kernel-kabi-dw-4.18.0-305.tar.bz2 linux-4.18.0-305.7.1.el8_4.tar.xz Module.kabi_dup_s390x check-kabi filter-ppc64le.sh kernel-ppc64le.config linux-kernel-test.patch Module.kabi_dup_x86_64 config-x86_64-generic filter-s390x.sh kernel-ppc64le-debug.config mod-blacklist.sh Module.kabi_ppc64le
Copy the entire contents of the configs directory to the ~/rpmbuild/SOURCES/ directory:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ cp configs/* ~/rpmbuild/SOURCES/
Edit the buildid directive in the ~/rpmbuild/SPECS/kernel.spec file in order to distinguish the future newly compiled Kernel from the current Kernel:
[trainee@centos8 linux-4.18.0-305.7.1.el8.x86_64]$ cd ~/rpmbuild/SPECS
[trainee@centos8 SPECS]$ vi kernel.spec
[trainee@centos8 SPECS]$ head -n 50 kernel.spec
# We have to override the new %%install behavior because, well... the kernel is special.
%global __spec_install_pre %{___build_pre}
# At the time of this writing (2019-03), RHEL8 packages use w2.xzdio
# compression for rpms (xz, level 2).
# Kernel has several large (hundreds of mbytes) rpms, they take ~5 mins
# to compress by single-threaded xz. Switch to threaded compression,
# and from level 2 to 3 to keep compressed sizes close to "w2" results.
#
# NB: if default compression in /usr/lib/rpm/redhat/macros ever changes,
# this one might need tweaking (e.g. if default changes to w3.xzdio,
# change below to w4T.xzdio):
%define _binary_payload w3T.xzdio
# For a kernel released for public testing, released_kernel should be 1.
# For internal testing builds during development, it should be 0.
%global released_kernel 1
%global distro_build 305
# Sign the x86_64 kernel for secure boot authentication
%ifarch x86_64 aarch64
%global signkernel 1
%else
%global signkernel 0
%endif
# Sign modules on all arches
%global signmodules 1
# Compress modules only for architectures that build modules
%ifarch noarch
%global zipmodules 0
%else
%global zipmodules 1
%endif
%if %{zipmodules}
%global zipsed -e 's/\.ko$/\.ko.xz/'
%endif
%define buildid .i2tch
%define rpmversion 4.18.0
%define pkgrelease 305.7.1.el8_4
# allow pkg_release to have configurable %%{?dist} tag
%define specrelease 305.7.1%{?dist}
%define pkg_release %{specrelease}%{?buildid}
2.5 - Compiling the Kernel
Compiling the Kernel can take a long time (~5 heures). Execute the following command:
[trainee@centos7 SPECS]$ rpmbuild -bb --target=`uname -m` kernel.spec 2> build-err.log | tee build-out.log &
Important - Once you are sure that the compilation process has started without errors, stop it using ^C. Stop the virtual machine and ask the Instructor to start the virtual machine in which the Kernel has already been compiled.
When the compilation has finished, you would see the following output:
... Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-headers-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-cross-headers-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debuginfo-common-x86_64-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/perf-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/perf-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/python3-perf-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/python3-perf-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-tools-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-tools-libs-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-tools-libs-devel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-tools-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/bpftool-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/bpftool-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-selftests-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-core-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-devel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-modules-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-modules-extra-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-modules-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debug-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-core-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-devel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-modules-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-modules-extra-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-modules-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Wrote: /home/trainee/rpmbuild/RPMS/x86_64/kernel-ipaclones-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.rkOgfs [1]+ Done rpmbuild -bb --target=`uname -m` kernel.spec 2> build-err.log | tee build-out.log
The installable RPMs can be found in the /home/trainee/rpmbuild/RPMS/x86_64/ directory:
[trainee@centos8 SPECS]$ cd ../RPMS [trainee@centos8 RPMS]$ ls x86_64 [trainee@centos8 RPMS]$ cd x86_64/ [trainee@centos8 x86_64]$ ls bpftool-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-selftests-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm bpftool-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-modules-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-tools-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-core-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-modules-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-tools-libs-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-cross-headers-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-devel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-headers-4.18.0-305.7.1.el8.i2tch.x86_64.rpm perf-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-core-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-ipaclones-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm perf-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-modules-4.18.0-305.7.1.el8.i2tch.x86_64.rpm python3-perf-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debug-devel-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-modules-extra-4.18.0-305.7.1.el8.i2tch.x86_64.rpm python3-perf-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64.rpm kernel-modules-internal-4.18.0-305.7.1.el8.i2tch.x86_64.rpm
Note that the compilation has consumed over 20 GB of disk space:
[trainee@centos8 x86_64]$ df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 1.8G 0 1.8G 0% /dev tmpfs 1.9G 0 1.9G 0% /dev/shm tmpfs 1.9G 9.4M 1.9G 1% /run tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup /dev/mapper/cl_centos8-root 28G 5.5G 23G 20% / /dev/sda1 976M 289M 620M 32% /boot tmpfs 374M 24K 374M 1% /run/user/1000 tmpfs 374M 1.2M 373M 1% /run/user/42 /dev/sdc1 63G 21G 39G 35% /home
2.6 - Installing the Kernel
Now install the new Kernel. Installing the new Kernel can take a long time (~2 heures). Use the following command:
[root@centos8 x86_64]# dnf localinstall kernel-*.rpm Last metadata expiration check: 2:25:32 ago on Tue 20 Jul 2021 08:37:00 EDT. Dependencies resolved. =============================================================================================================================================================================================================== Package Architecture Version Repository Size =============================================================================================================================================================================================================== Installing: kernel x86_64 4.18.0-305.7.1.el8.i2tch @commandline 5.9 M kernel-core x86_64 4.18.0-305.7.1.el8.i2tch @commandline 36 M kernel-cross-headers x86_64 4.18.0-305.7.1.el8.i2tch @commandline 11 M kernel-debug x86_64 4.18.0-305.7.1.el8.i2tch @commandline 5.9 M kernel-debug-core x86_64 4.18.0-305.7.1.el8.i2tch @commandline 63 M kernel-debug-debuginfo x86_64 4.18.0-305.7.1.el8.i2tch @commandline 683 M kernel-debug-devel x86_64 4.18.0-305.7.1.el8.i2tch @commandline 19 M kernel-debug-modules x86_64 4.18.0-305.7.1.el8.i2tch @commandline 54 M kernel-debug-modules-extra x86_64 4.18.0-305.7.1.el8.i2tch @commandline 7.2 M kernel-debug-modules-internal x86_64 4.18.0-305.7.1.el8.i2tch @commandline 6.3 M kernel-debuginfo x86_64 4.18.0-305.7.1.el8.i2tch @commandline 570 M kernel-debuginfo-common-x86_64 x86_64 4.18.0-305.7.1.el8.i2tch @commandline 75 M kernel-devel x86_64 4.18.0-305.7.1.el8.i2tch @commandline 18 M kernel-ipaclones-internal x86_64 4.18.0-305.7.1.el8.i2tch @commandline 20 M kernel-modules x86_64 4.18.0-305.7.1.el8.i2tch @commandline 28 M kernel-modules-extra x86_64 4.18.0-305.7.1.el8.i2tch @commandline 6.5 M kernel-modules-internal x86_64 4.18.0-305.7.1.el8.i2tch @commandline 6.1 M kernel-selftests-internal x86_64 4.18.0-305.7.1.el8.i2tch @commandline 19 M kernel-tools-debuginfo x86_64 4.18.0-305.7.1.el8.i2tch @commandline 6.2 M kernel-tools-libs-devel x86_64 4.18.0-305.7.1.el8.i2tch @commandline 5.9 M Downgrading: kernel-headers x86_64 4.18.0-305.7.1.el8.i2tch @commandline 7.1 M kernel-tools x86_64 4.18.0-305.7.1.el8.i2tch @commandline 6.1 M kernel-tools-libs x86_64 4.18.0-305.7.1.el8.i2tch @commandline 5.9 M Transaction Summary =============================================================================================================================================================================================================== Install 20 Packages Downgrade 3 Packages Total size: 1.6 G Is this ok [y/N]: y
When all is installed, re-start the virtual machine:
[root@centos7 ~]# reboot
Open a session as trainee and become root. List the installed Kernels:
[root@centos8 ~]# rpm -qa | grep kernel kernel-modules-4.18.0-305.3.1.el8.x86_64 kernel-tools-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-headers-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debug-core-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-modules-internal-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-modules-4.18.0-305.7.1.el8_4.x86_64 kernel-debug-modules-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-devel-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-tools-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-tools-libs-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debug-modules-internal-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-cross-headers-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-core-4.18.0-305.7.1.el8_4.x86_64 kernel-devel-4.18.0-305.7.1.el8_4.x86_64 kernel-debuginfo-common-x86_64-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debug-modules-extra-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debug-devel-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-tools-libs-devel-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-modules-extra-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-4.18.0-305.7.1.el8_4.x86_64 kernel-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-core-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-selftests-internal-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debug-debuginfo-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-debug-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-4.18.0-305.3.1.el8.x86_64 kernel-core-4.18.0-305.3.1.el8.x86_64 kernel-modules-4.18.0-305.7.1.el8.i2tch.x86_64 kernel-ipaclones-internal-4.18.0-305.7.1.el8.i2tch.x86_64
Check the saved-entry from the /boot/grub2/grubenv file:
[root@centos8 ~]# grep i2tch /boot/grub2/grubenv saved_entry=95bd69e34a7444a7b58cb74fbfb86df2-4.18.0-305.7.1.el8.i2tch.x86_64
Finally, check the output of the uname -r command:
[root@centos8 ~]# uname -r 4.18.0-305.7.1.el8.i2tch.x86_64
LAB #3 - Managing Quotas
User and group disk quotas can be placed on partitions only.
To do - Log out of your CentOS8_SSH_10.0.2.45 session and open a new session using the CentOS8_ROOT_10.0.2.45 connection.
Before configuring the quotas, set SELINUX to permissive mode for the current session:
[root@centos8 ~]# getenforce Enforcing [root@centos8 ~]# setenforce permissive [root@centos8 ~]# getenforce Permissive [root@centos8 ~]#
Edit the /etc/sysconfig/selinux file:
[root@centos8 ~]# vi /etc/sysconfig/selinux [root@centos8 ~]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
Now check that the quota package is installed:
[root@centos8 ~]# rpm -qa | grep quota quota-4.04-12.el8.x86_64 quota-nls-4.04-12.el8.noarch
Edit the /etc/fstab file and add the usrquota and grpquota options to the /home line:
[root@centos8 ~]# vi /etc/fstab [root@centos8 ~]# cat /etc/fstab # # /etc/fstab # Created by anaconda on Wed Jun 16 06:21:32 2021 # # Accessible filesystems, by reference, are maintained under '/dev/disk/'. # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info. # # After editing this file, run 'systemctl daemon-reload' to update systemd # units generated from this file. # /dev/mapper/cl_centos8-root / xfs defaults 0 0 UUID=1c04981e-5317-4b73-9695-3ce25246835d /boot ext4 defaults 1 2 /dev/mapper/cl_centos8-swap swap swap defaults 0 0 UUID=f76d6b66-985b-4a91-af9c-4987e8c1443c /home ext4 defaults,usrquota,grpquota 1 2
Restart the virtual machine:
[root@centos8 ~]# reboot
To do - Open a new session using the CentOS8_ROOT_10.0.2.45 connection.
Check that the usrquota and grpquota options have been activated on /home:
[root@centos8 ~]# cat /etc/mtab | grep /home /dev/sdc1 /home ext4 rw,seclabel,relatime,quota,usrquota,grpquota 0 0
3.1 - The quotacheck Command
To activate the quotas on /home, use the quotacheck command:
[root@centos8 ~]# quotacheck -cugvm -f /dev/sdc1 quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown. quotacheck: Scanning /dev/sdc1 [/home] done quotacheck: Cannot stat old user quota file /home/aquota.user: No such file or directory. Usage will not be subtracted. quotacheck: Cannot stat old group quota file /home/aquota.group: No such file or directory. Usage will not be subtracted. quotacheck: Cannot stat old user quota file /home/aquota.user: No such file or directory. Usage will not be subtracted. quotacheck: Cannot stat old group quota file /home/aquota.group: No such file or directory. Usage will not be subtracted. quotacheck: Checked 6763 directories and 129772 files quotacheck: Old file not found. quotacheck: Old file not found.
The command line switches of the quotacheck command are as follows:
[root@centos8 ~]# quotacheck --help
Utility for checking and repairing quota files.
quotacheck [-gucbfinvdmMR] [-F <quota-format>] filesystem|-a
-u, --user check user files
-g, --group check group files
-c, --create-files create new quota files
-b, --backup create backups of old quota files
-f, --force force check even if quotas are enabled
-i, --interactive interactive mode
-n, --use-first-dquot use the first copy of duplicated structure
-v, --verbose print more information
-d, --debug print even more messages
-m, --no-remount do not remount filesystem read-only
-M, --try-remount try remounting filesystem read-only,
continue even if it fails
-R, --exclude-root exclude root when checking all filesystems
-F, --format=formatname check quota files of specific format
-a, --all check all filesystems
-h, --help display this message and exit
-V, --version display version information and exit
Bugs to jack@suse.cz
Two files, aquota.user and aquota.group are created in /home:
[root@centos8 ~]# ls -la /home total 40 drwxr-xr-x. 4 root root 4096 Jul 21 11:27 . dr-xr-xr-x. 17 root root 224 Jul 19 12:05 .. -rw-------. 1 root root 7168 Jul 21 11:27 aquota.group -rw-------. 1 root root 7168 Jul 21 11:27 aquota.user drwx------. 2 root root 16384 Jul 19 12:02 lost+found drwxr-xr-x. 17 trainee trainee 4096 Jul 21 11:22 trainee
Now create a user called fenestros having a password fenestros :
[root@centos8 ~]# groupadd fenestros && useradd fenestros -c FenestrOs -d /home/fenestros -g fenestros -s /bin/bash [root@centos8 ~]# passwd fenestros Changing password for user fenestros. New password: BAD PASSWORD: The password contains the user name in some form Retype new password: passwd: all authentication tokens updated successfully.
3.2 - The edquota Command
Set a 10Mo quota for the fenestros user:
[root@centos8 ~]# edquota -u fenestros -f /home
The vi editor launches and you will see the following output:
Disk quotas for user fenestros (uid 1001): Filesystem blocks soft hard inodes soft hard /dev/sdc1 0 0 0 0 0 0
Change the file as follows:
Disk quotas for user fenestros (uid 1001): Filesystem blocks soft hard inodes soft hard /dev/sdc1 0 8000 10000 0 0 0
Important - This sets a soft quota of 8 000 KB and a hard quota of 10 000 KB for the fenestros user. When fenestros goes over the soft limit, he/she will recieve a warning message. Going over the hard limit means thet he/she can no longer save files to /home/fenestros. Note that you can set a quota by size or by the number of inodes.
Save and quit the file.
The command line switches of the edquota command are as follows:
[root@centos8 ~]# edquota --help
edquota: Usage:
edquota [-rm] [-u] [-F formatname] [-p username] [-f filesystem] username ...
edquota [-rm] -g [-F formatname] [-p groupname] [-f filesystem] groupname ...
edquota [-rm] -P [-F formatname] [-p projectname] [-f filesystem] projectname ...
edquota [-u|g|-P] [-F formatname] [-f filesystem] -t
edquota [-u|g|-P] [-F formatname] [-f filesystem] -T username|groupname|projectname ...
-u, --user edit user data
-g, --group edit group data
-P, --project edit project data
-r, --remote edit remote quota (via RPC)
-m, --no-mixed-pathnames trim leading slashes from NFSv4 mountpoints
-F, --format=formatname edit quotas of a specific format
-p, --prototype=name copy data from a prototype user/group
--always-resolve always try to resolve name, even if it is
composed only of digits
-f, --filesystem=filesystem edit data only on a specific filesystem
-t, --edit-period edit grace period
-T, --edit-times edit grace time of a user/group
-h, --help display this help text and exit
-V, --version display version information and exit
Bugs to: jack@suse.cz
Important - The procedure is similar in the case that you specify a group quota. In this case, use the -g switch of the edquota command.
3.3 - The quotaon Command
Now apply the quotas :
[root@centos8 ~]# quotaon -a
The command line switches of the quotaon command are as follows:
[root@centos8 ~]# quotaon --help
quotaon: Usage:
quotaon [-guPvp] [-F quotaformat] [-x state] -a
quotaon [-guPvp] [-F quotaformat] [-x state] filesys ...
-a, --all turn quotas on for all filesystems
-f, --off turn quotas off
-u, --user operate on user quotas
-g, --group operate on group quotas
-P, --project operate on project quotas
-p, --print-state print whether quotas are on or off
-x, --xfs-command=cmd perform XFS quota command
-F, --format=formatname operate on specific quota format
-v, --verbose print more messages
-h, --help display this help text and exit
-V, --version display version information and exit
important - To turn off quotas, use the quotaoff command.
3.4 - The repquota Command
To see quotas, use the repquota command:
[root@centos8 ~]# repquota /home
*** Report for user quotas on device /dev/sdc1
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
----------------------------------------------------------------------
root -- 20 0 0 2 0 0
trainee -- 21495888 0 0 136532 0 0
Important - Note that fenestros is not visible in this list. With RHEL / CentOS, quotas are not visible until the user has connected for the first time.
The command line switches of the repquota command are as follows:
[root@centos8 ~]# repquota --help repquota: Utility for reporting quotas. Usage: repquota [-vugsi] [-c|C] [-t|n] [-F quotaformat] [-O (default | xml | csv)] (-a | mntpoint) -v, --verbose display also users/groups without any usage -u, --user display information about users -g, --group display information about groups -P, --project display information about projects -s, --human-readable show numbers in human friendly units (MB, GB, ...) -t, --truncate-names truncate names to 9 characters -p, --raw-grace print grace time in seconds since epoch -n, --no-names do not translate uid/gid to name -i, --no-autofs avoid autofs mountpoints -c, --cache translate big number of ids at once -C, --no-cache translate ids one by one -F, --format=formatname report information for specific format -O, --output=format format output as xml or csv -a, --all report information for all mount points with quotas -h, --help display this help message and exit -V, --version display version information and exit Bugs to jack@suse.cz
3.5 - The quota Command
To see quotas for a specific user, use the quota command:
[root@centos8 ~]# quota fenestros
Disk quotas for user fenestros (uid 1001): no limited resources used
[root@centos8 ~]# su - fenestros
[fenestros@centos8 ~]$ touch test
[fenestros@centos8 ~]$ exit
logout
[root@centos8 ~]# quota fenestros
Disk quotas for user fenestros (uid 1001):
Filesystem blocks quota limit grace files quota limit grace
/dev/sdc1 8 8000 10000 3 0 0
The command line switches of the quota command are as follows:
[root@centos8 ~]# quota --help
quota: Usage: quota [-guPqvswim] [-l | [-Q | -A]] [-F quotaformat]
quota [-qvswim] [-l | [-Q | -A]] [-F quotaformat] -u username ...
quota [-qvswim] [-l | [-Q | -A]] [-F quotaformat] -g groupname ...
quota [-qvswugPQm] [-F quotaformat] -f filesystem ...
-u, --user display quota for user
-g, --group display quota for group
-P, --project display quota for project
-q, --quiet print more terse message
-v, --verbose print more verbose message
-s, --human-readable display numbers in human friendly units (MB, GB...)
--always-resolve always try to translate name to id, even if it is
composed of only digits
-w, --no-wrap do not wrap long lines
-p, --raw-grace print grace time in seconds since epoch
-l, --local-only do not query NFS filesystems
-Q, --quiet-refuse do not print error message when NFS server does
not respond
-i, --no-autofs do not query autofs mountpoints
-F, --format=formatname display quota of a specific format
-f, --filesystem-list display quota information only for given filesystems
-A, --all-nfs display quota for all NFS mountpoints
-m, --no-mixed-pathnames trim leading slashes from NFSv4 mountpoints
--show-mntpoint show mount point of the file system in output
--hide-device do not show file system device in output
-h, --help display this help message and exit
-V, --version display version information and exit
Bugs to: jack@suse.cz
3.6 - The warnquota Command
The warnquota command checks user and group disk usage and sends out messages when the soft limit is reached. This command is normally called by a cron job however it is possible to use it interactively. With RHEL/CentOS, warnquota is not installd by default:
[root@centos8 ~]# which warnquota /usr/bin/which: no warnquota in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
Install the quota-warnquota package:
[root@centos7 ~]# dnf install quota-warnquota ...
The command line switches of the warnquota command are as follows:
[root@centos8 ~]# warnquota --help warnquota: Usage: warnquota [-ugsid] [-F quotaformat] [-c configfile] [-q quotatabfile] [-a adminsfile] [filesystem...] -u, --user warn users -g, --group warn groups -s, --human-readable send information in more human friendly units -i, --no-autofs avoid autofs mountpoints -d, --no-details do not send quota information itself -F, --format=formatname use quotafiles of specific format -c, --config=config-file non-default config file -q, --quota-tab=quotatab-file non-default quotatab -a, --admins-file=admins-file non-default admins file -h, --help display this help message and exit -v, --version display version information and exit warnquota: Bugs to jack@suse.cz
Copyright © 2021 Hugh Norris.
