On Tuesday, 11 September 2018 10:48:59 BST Stefan G. Weichinger wrote: > I got the job to admin a gentoo server that was configured and setup by > a former admin. > > No surprise that it is outdated ... > > It runs with profile "hardened/linux/amd64" and kernel 4.1.15-gentoo-r1
This is a rather old kernel. > That kernel does not have the necessary flags enabled to support EXT4 > ACLs ... Among many other changes that have taken place since that kernel version. > At first I emerged latest stable gentoo-sources, enabled these flags and > compiled ... but the lpfc module didn't detect the SAN devices > correctly, so I switched back to 4.1.15 (mark this as another todo here > ... sooner or later I want a more recent kernel working with lpfc ... I > have no clue about multipath so far) > > - > > Right now I always get this when I run "make bzImage" ( > > # make bzImage > CHK include/config/kernel.release > CHK include/generated/uapi/linux/version.h > CHK include/generated/utsrelease.h > CC kernel/bounds.s > kernel/bounds.c:1:0: error: code model kernel does not support PIC mode > /* > > make[1]: *** [Kbuild:44: kernel/bounds.s] Error 1 > make: *** [Makefile:990: prepare0] Error 2 > > Why? > Because the gcc has flags enabled? Probably because you need a later version of gcc to compile the newer kernel with. > I am not insisting on hardened profile but want to avoid bigger issues > when switching profiles without thinking ... > > - > > Basically I only need: > > CONFIG_EXT4_FS_SECURITY=y > CONFIG_EXT4_FS_POSIX_ACL=y > > in my kernel ;-) Have you tried to enable these in the current kernel version and while running with the same gcc configuration? > But this leads into these new areas of learning ... > > greets, Stefan This is how I would approach this task, but it's not a 5 minute effort. LONG WINDED APPROACH ==================== 1. Update your system: emerge -uaNDv system Assuming there are no major blockers which you will need to resolve one at a time, update your profile, switch your gcc to a newer version and continue with building a newer kernel. 2. Copy the current kernel's .config file to the latest stable. Change the / usr/src/linux/ symlink to point to the latest linux kernel source. Run 'make oldconfig' and go through all the changes as required. Then 'make clean, && make && make modules_install' and copy over the bzImage, .config and System files of the new kernel to /boot. Leave the old files in /boot intact. Update grub config and reboot. 3. Assuming all went fine, update your @world. WARNING: I would NOT try anything like this on a production system, but use a cloned fs to do all this work offline. Once I get something booting successfully I would then copy over binary packages and update the production system with them. SHORTER AND RECOMMENDED WAY =========================== There have been many changes with gcc and gentoo profiles since kernel-4.1.15- gentoo-r1. This is why I would recommend you reinstall using a stage 3 for an easier life. Keep your /etc, kernel .config and /var/lib/portage/world files from the existing installation, so you have minimal configuration changes to perform, following reinstallation. Also keep the old kernel image in /boot in case you struggle getting a newer kernel to boot immediately. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
