Re: Custom kernel to match chroot, efistub for embedded bootloader and RO sandbox for root not home (using respin))
Posted: Wed Mar 12, 2025 11:11 pm
Searching for info on that source tarball, I found this on a older kernel.
https://debian-handbook.info/browse/sta ... ation.html
What I see there is running me in circles with commands to make that tarball, and are something similar to what I have in the gentoo ebuild.
I dont see the boot part but this is what I have in the ebuild
So whats in this, is made with ebuild. So though is to make a addition to it, so that it will make this tarball of image.
Then have MX linux run "make deb-pkg" on that tarball, to make this .deb. Am I correct on this path to get the custom kernel, or is there something I missing here?
This is in the debian patch tarball
So is this needed in the .config, to go with that?
EDIT: Im seeing this looking more into it.
https://www.dwarmstrong.org/kernel/
Its making the .deb off the unpacked source that the ebuild makes and uses this command to do so.
Then says this symlink string should do this
Then this to install.
EDIT:EDIT:
Was looking over the gentoo patches that came with the ebuild, to see what sets it for use on gentoo and found this.
https://github.com/1mouse3/liguros-xxx/ ... nfig.patch
Looking in the debian patch tarball and found this python scripte to make the same.
https://debian-handbook.info/browse/sta ... ation.html
What I see there is running me in circles with commands to make that tarball, and are something similar to what I have in the gentoo ebuild.
Code: Select all
restore_config .config
emake ${MAKECONF[@]} olddefconfig
emake ${MAKECONF[@]} bzImage
emake ${MAKECONF[@]} modules_prepare modules
emake ${MAKECONF[@]} all
make prepare
make scripts
installkernel ${KERNELTAGS} ${S}/arch/x86/boot/bzImage ${S}/System.map ${D}/boot/
sbsing --key /root/secureboot/MOK.key --cert /root/secureboot/MOK.crt /boot/vmlinuz-${KERNELTAGS}
rsync -ar /usr/src/linux-${KERNELTAGS}/video/ ${image}/lib/modules/${KERNELTAGS}/video
depmod -b ${D} -ae -F System.map ${KERNELTAGS}Code: Select all
emake ${MAKECONF[@]} install INSTALL_PATH=${D}/boot/
emake ${MAKECONF[@]} ${TARGETS[@]} INSTALL_MOD_PATH=${D} INSTALL_PATH=${D}/boot/Code: Select all
linux-source-6.1.tar.xzCode: Select all
linux-source-6.1_6.1.124-1_all.debCode: Select all
Missing debian/certs/debian-uefi-certs.pemCode: Select all
#
# Certificates for signature checking
#
CONFIG_MODULE_SIG_KEY=""
CONFIG_SYSTEM_TRUSTED_KEYRING=y
CONFIG_SYSTEM_TRUSTED_KEYS="debian/certs/debian-uefi-certs.pem"
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
CONFIG_SECONDARY_TRUSTED_KEYRING=y
CONFIG_SYSTEM_BLACKLIST_KEYRING=y
CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
# end of Certificates for signature checkinghttps://www.dwarmstrong.org/kernel/
Its making the .deb off the unpacked source that the ebuild makes and uses this command to do so.
Code: Select all
make deb-pkg LOCALVERSION=-customCode: Select all
$ ls -l ../*.deb
../linux-headers-6.1.124-custom-6.1.124-custom-1_amd64.deb
../linux-image-6.1.124-custom-6.1.124-custom-1_amd64.deb
../linux-libc-dev_6.1.124-custom-1_amd64.debCode: Select all
$ sudo dpkg -i ../linux-image-6.1.124-custom_6.1.124-custom-1_amd64.deb
$ sudo dpkg -i ../linux-headers-6.1.124-custom_6.1.124-custom-1_amd64.debEDIT:EDIT:
Was looking over the gentoo patches that came with the ebuild, to see what sets it for use on gentoo and found this.
https://github.com/1mouse3/liguros-xxx/ ... nfig.patch
Looking in the debian patch tarball and found this python scripte to make the same.
Code: Select all
from collections import OrderedDict
__all__ = (
"KconfigFile",
)
class KConfigEntry(object):
__slots__ = 'name', 'value', 'comments'
def __init__(self, name, value, comments=None):
self.name, self.value = name, value
self.comments = comments or []
def __eq__(self, other):
return self.name == other.name and self.value == other.value
def __hash__(self):
return hash(self.name) | hash(self.value)
def __repr__(self):
return ('<{}({!r}, {!r}, {!r})>'
.format(self.__class__.__name__, self.name, self.value,
self.comments))
def __str__(self):
return 'CONFIG_{}={}'.format(self.name, self.value)
def write(self):
for comment in self.comments:
yield '#. ' + comment
yield str(self)
class KConfigEntryTristate(KConfigEntry):
__slots__ = ()
VALUE_NO = False
VALUE_YES = True
VALUE_MOD = object()
def __init__(self, name, value, comments=None):
if value == 'n' or value is None:
value = self.VALUE_NO
elif value == 'y':
value = self.VALUE_YES
elif value == 'm':
value = self.VALUE_MOD
else:
raise NotImplementedError
super(KConfigEntryTristate, self).__init__(name, value, comments)
def __str__(self):
if self.value is self.VALUE_MOD:
return 'CONFIG_{}=m'.format(self.name)
if self.value:
return 'CONFIG_{}=y'.format(self.name)
return '# CONFIG_{} is not set'.format(self.name)
class KconfigFile(OrderedDict):
def __str__(self):
ret = []
for i in self.str_iter():
ret.append(i)
return '\n'.join(ret) + '\n'
def read(self, f):
for line in iter(f.readlines()):
line = line.strip()
if line.startswith("CONFIG_"):
i = line.find('=')
option = line[7:i]
value = line[i + 1:]
self.set(option, value)
elif line.startswith("# CONFIG_"):
option = line[9:-11]
self.set(option, 'n')
elif line.startswith("#") or not line:
pass
else:
raise RuntimeError("Can't recognize %s" % line)
def set(self, key, value):
if value in ('y', 'm', 'n'):
entry = KConfigEntryTristate(key, value)
else:
entry = KConfigEntry(key, value)
self[key] = entry
def str_iter(self):
for key, value in self.items():
yield str(value)