[转]根据FreeBSD 7.x做一个精简版的FreeBSD(miniBSD)
网上有使用FreeBSD 4.x , FreeBSD 5.x , FreeBSD 6.x 制作miniBSD的具体方法(miniBSD from FreeBSD 4.x), 但我手头只有FreeBSD 7.0r,所以参照FreeBSD 6.x的方法作了一个尝试,原文是刷到CF卡里的,但我没有CF卡,但有U盘,所以刷到了U盘里,可是用U盘启动总是显示出所有寄存器的值之后报BTX halted错误。最后只好使用vmware虚拟出一块ide硬盘测试从FreeBSD 7.0制作的miniBSD。
1.安装FreeBSD 7.0
这个不用多说,你有盘装起来应该不成问题,选择minimal安装即可。
2.安装jail
2.1安装jail软件包
sysinstall进入到配置里,先进入Options,把Install Root改成/usr/jail
然后进入Custom里的Distributions,选中minimal,之后commit安装。
2.2复制文件到jail里
#cp /etc/resolv.conf /usr/jail/etc/resolv.conf
#cp /boot/kernel/kernel /usr/jail/boot/kernel/kernel
#cp /boot/defaults/loader.conf /usr/jail/boot/defaults/loader.conf
#cp /etc/localtime /usr/jail/etc/localtime
#cp /etc/wall_cmos_clock /usr/jail/etc/wall_cmos_clock
3.进入jail
3.1.设置prompt变量,否则你进入到jail之后自己也不知道有没有退出。
编辑/usr/jail/root/.cshrc文件,在最后加上
set prompt = ” miniBSD %~ %# ”
3.2.挂载dev并进入jail
#mount -t devfs devfs /usr/jail/dev
#chroot /usr/jail /bin/csh
此时命令提示符就变成之前设置的miniBSD#了,这样就知道自己在jail里。
4.创建文件夹
这一步可以自己创建,也可以使用脚本文件(脚本文件的原作者在脚本中有注明)。create-minibsd-dirs.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | #!/bin/sh
#
# http://www.freedot.org/
# E-Mail Contact: brian@freedot.org
#
MINIBSD_DIR=/usr/minibsd ;
if [ -d $MINIBSD_DIR ] ; then
echo ;
echo "$MINIBSD_DIR already exists. Remove the directory" ;
echo "before running this script." ;
echo ;
echo "Exiting..." ;
echo ;
exit ;
fi ;
mkdir $MINIBSD_DIR ;
cd $MINIBSD_DIR ;
mkdir bin ;
mkdir boot ;
mkdir boot/defaults ;
mkdir dev ;
mkdir etc ;
mkdir etc/defaults ;
mkdir etc/mtree ;
mkdir lib ;
mkdir libexec ;
mkdir mnt ;
mkdir -m 0555 proc ;
mkdir -m 0700 root ;
mkdir sbin ;
mkdir usr ;
mkdir usr/bin ;
mkdir usr/lib ;
mkdir usr/lib/aout ;
mkdir usr/libexec ;
mkdir usr/local ;
mkdir usr/sbin ;
mkdir usr/share ;
mkdir usr/share/misc ;
mkdir var ;
mkdir var/tmp ;
ln -s /var/tmp tmp |
5.复制boot里的文件和binary
5.1.复制loader
#cd /boot
#cp -r loader /usr/minibsd/boot/
#cp beastie.4th /usr/minibsd/boot/
#cp frames.4th /usr/minibsd/boot/
#cp screen.4th /usr/minibsd/boot/
#cp defaults/loader.conf /usr/minibsd/boot/defaults/
5.2.复制工具binary
使用一个脚本,mkmini.sh 参数为minibsd6.files
mkmini.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | #!/bin/sh
#
# http://www.freedot.org/
# E-Mail Contact: brian@freedot.org
#
if [ ! $1 ] ; then
echo ;
echo "Syntax : mkmini.sh <input file>" ;
echo "Example: mkmini.sh /root/minibsd6.files" ;
echo ;
exit ;
fi ;
MINIBSDFILES="$1" ;
MINIBSDDIR="/usr/minibsd" ;
# Thanks to Nate Nielsen for this!
sed -nE -e 's/^ *([^ #]+) */\1/p' < $MINIBSDFILES | tr ':' '\n' | tar -C / -cvf - -T - | tar -C $MINIBSDDIR -x -f - |
minibsd6.files
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 | # minibsd.files
# by Manuel Kasper <mk@neon1.net>
# List of files required for a very minimal FreeBSD system,
# intended to be parsed by mkmini.pl
#
# Modified by David Courtney <minibsd@ultradesic.com>
# - sbin/rcorder is required for FreeBSD 5.x
# - bin/kenv is required for FreeBSD 6.x
# - Removed ssh files out of the default minibsd6.files
# - Removed named files out of the default minibsd6.files
# - Removed ppp files out of the default minibsd6.files
# - Removed usr/sbin/ndc
# - Removed usr/sbin/ipsend
# - Added usr/bin/cut
# - Added sbin/mount_mfs
# - Added sbin/nextboot
# - Removed the usr/sbin/tset hard link to usr/bin/reset
#
# Lines with colons (':') in them list files that should be hard-linked
# to each other, e.g.
# bin/link:bin/ln
# instructs mkmini.pl to copy over bin/link, then hard link ln to it.
# contents of /boot
boot/boot0
boot/boot1
boot/boot2
boot/defaults/loader.conf
boot/device.hints
boot/loader
boot/loader.4th
boot/loader.help
boot/loader.rc
boot/mbr
boot/support.4th
# contents of /libexec
libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
# contents of /bin
bin/[:bin/test
bin/cat
bin/chflags
bin/chio
bin/chmod
bin/cp
bin/csh:bin/tcsh
bin/date
bin/dd
bin/df
bin/domainname
bin/echo
bin/ed:bin/red
bin/expr
bin/hostname
bin/kenv
bin/kill
bin/link:bin/ln
bin/ls
bin/mkdir
bin/mv
bin/pax
bin/ps
bin/pwd
bin/realpath
bin/rm:bin/unlink
bin/rmdir
bin/sh
bin/sleep
bin/stty
bin/sync
# contents of /sbin
sbin/adjkerntz
sbin/comcontrol
sbin/dhclient
sbin/dhclient-script
sbin/disklabel
sbin/dmesg
sbin/fastboot:sbin/fasthalt:sbin/halt:sbin/reboot
sbin/fsck
sbin/fsck_ufs:sbin/fsck_ffs:sbin/fsck_4.2bsd
sbin/ifconfig
sbin/init
sbin/ipfw
sbin/kldconfig
sbin/kldload
sbin/kldstat
sbin/kldunload
sbin/ldconfig
sbin/md5
sbin/mdconfig
sbin/mknod
sbin/mdmfs
sbin/mount
sbin/mount_devfs:sbin/mount_fdescfs:sbin/mount_linprocfs:sbin/mount_procfs:sbin/mount_std
sbin/mount_mfs
sbin/mount_nullfs
sbin/mount_umapfs
sbin/mount_unionfs
sbin/natd
sbin/newfs
sbin/nextboot
sbin/nologin
sbin/nos-tun
sbin/rcorder
sbin/ping
sbin/route
sbin/setkey
sbin/shutdown
sbin/slattach
sbin/swapon
sbin/sysctl
sbin/umount
# contents of /usr/sbin
usr/bin/at:usr/bin/atq:usr/bin/atrm:usr/bin/batch
usr/bin/awk
usr/bin/basename
usr/bin/bunzip2:usr/bin/bzcat:usr/bin/bzip2
usr/bin/chat
usr/bin/chfn:usr/bin/chpass:usr/bin/chsh
usr/bin/chgrp
usr/bin/cksum
usr/bin/clear
usr/bin/cmp
usr/bin/compress:usr/bin/uncompress
usr/bin/cpio
usr/bin/crontab
usr/bin/cu
usr/bin/cut
usr/bin/dig
usr/bin/dirname
usr/bin/du
usr/bin/ee
usr/bin/egrep:usr/bin/fgrep:usr/bin/grep
usr/bin/env
usr/bin/false
usr/bin/fetch
usr/bin/find
usr/bin/finger
usr/bin/fstat
usr/bin/fsync
usr/bin/ftp
usr/bin/gunzip:usr/bin/gzcat:usr/bin/gzip
usr/bin/gzexe
usr/bin/head
usr/bin/hexdump
usr/bin/id:usr/bin/whoami
usr/bin/ident
usr/bin/killall
usr/bin/last
usr/bin/less:usr/bin/more
usr/bin/limits
usr/bin/lock
usr/bin/lockf
usr/bin/logger
usr/bin/login
usr/bin/logname
usr/bin/mesg
usr/bin/minigzip
usr/bin/mkfifo
usr/bin/mktemp
usr/bin/msgs
usr/bin/netstat
usr/bin/nice
usr/bin/nohup
usr/bin/objformat
usr/bin/openssl
usr/bin/passwd
usr/bin/printf
usr/bin/renice
usr/bin/reset
usr/bin/script
usr/bin/sed
usr/bin/shar
usr/bin/sort
usr/bin/split
usr/bin/su
usr/bin/tail
usr/bin/tar
usr/bin/tee
usr/bin/telnet
usr/bin/tftp
usr/bin/time
usr/bin/top
usr/bin/touch
usr/bin/tput
usr/bin/tr
usr/bin/true
usr/bin/tty
usr/bin/uname
usr/bin/uptime:usr/bin/w
usr/bin/users
usr/bin/uudecode
usr/bin/uuencode
usr/bin/vi
usr/bin/vmstat
usr/bin/wall
usr/bin/who
usr/bin/whois
usr/bin/write
usr/bin/yes
# contents of usr/sbin
usr/sbin/arp
usr/sbin/boot0cfg
usr/sbin/chown
usr/sbin/chroot
usr/sbin/cron
usr/sbin/idprio:usr/sbin/rtprio
usr/sbin/inetd
usr/sbin/iostat
usr/sbin/kbdcontrol
usr/sbin/lastlogin
usr/sbin/memcontrol
usr/sbin/mtree
usr/sbin/newsyslog
usr/sbin/ngctl
usr/sbin/nghook
usr/sbin/ntpdate
usr/sbin/pciconf
usr/sbin/pw
usr/sbin/pwd_mkdb
usr/sbin/slstat
usr/sbin/syslogd
usr/sbin/tcpdchk
usr/sbin/tcpdmatch
usr/sbin/tcpdump
usr/sbin/traceroute
usr/sbin/vidcontrol
usr/sbin/vipw
usr/sbin/vnconfig
usr/sbin/watch
# contents of /usr/libexec
usr/libexec/atrun
usr/libexec/ftpd
usr/libexec/getty
usr/libexec/telnetd
usr/libexec/tftpd
# contents of /usr/share
usr/share/misc/termcap |
6.定制kernel
我直接用了general的,省时省力,等boot miniBSD成功之后再定制也不迟,呵呵。
最好把kernel压缩一下,这样可以节省空间。
#cp /boot/kernel/kernel /usr/minibsd/boot/kernel/
#cd /usr/minibsd/boot/kernel
#gzip -9 kernel
7.复制lib
mklibs.sh
1 2 3 4 5 6 7 8 9 | #!/bin/sh # # http://www.freedot.org/ # E-Mail Contact: brian@freedot.org # MINIBSDDIR="/usr/minibsd" ; find -X $MINIBSDDIR ! -name "*.ko" -and -type f -and -perm +111 | xargs ldd -f "%p\n" 2> /dev/null | sort | uniq | sed 's|^/||' |
用脚本根据复制的binary来复制lib之后,还差几个lib需要复制。
#cp -p /usr/lib/pam* /usr/minibsd/usr/lib/
8.复制/etc里的配置文件
8.1.设置密码
因为密码文件是由passwd命令产生的,所以先在jail里把密码用passwd设置好,然后再把密码文件复制到miniBSD里。
8.2.复制/etc
这个是原本是freebsd6的,7里面我已经修改过了。
copy-etc-6.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 | #!/bin/sh
#
# http://www.freedot.org/
# E-Mail Contact: brian@freedot.org
#
DEST=/usr/minibsd/etc ;
if [ ! -d $DEST ] ; then
echo ;
echo "$DEST does not exist.";
echo "For safety reasons, this script will not create the" ;
echo "directory for you. Make sure you are running this script" ;
echo "from *within* your FreeBSD jail!" ;
echo ;
echo "If you know you are in the right place, type the following:" ;
echo ;
echo "mkdir $DEST" ;
echo ;
echo "...and then run this script again."
echo ;
echo "Exiting..." ;
echo ;
exit ;
fi ;
if [ -f $DEST/auth.conf ] ; then
echo ;
echo "It appears as though the files may have already been" ;
echo "copied. For safety reasons, the script will now exit." ;
echo "If you want to run this script, you'll need to delete" ;
echo "the files in $DEST first." ;
echo ;
echo "Exiting..." ;
echo ;
exit ;
fi ;
cp /etc/auth.conf $DEST
cp /etc/crontab $DEST
cp /etc/defaults/devfs.rules $DEST/defaults
cp /etc/defaults/periodic.conf $DEST/defaults
cp /etc/defaults/rc.conf $DEST/defaults
#cp /etc/disktab $DEST
if [ ! -f /etc/fstab ] ; then
touch /etc/fstab ;
fi ;
cp /etc/fstab $DEST
#cp /etc/ftpusers $DEST
cp /etc/gettytab $DEST
cp /etc/group $DEST
if [ ! -f /etc/host.conf ] ; then
cd $DEST ;
ln -s /tmp/host.conf ;
else
cp /etc/host.conf $DEST ;
fi ;
cp /etc/hosts $DEST
cp /etc/hosts.allow $DEST
#cp /etc/hosts.equiv $DEST
#cp /etc/hosts.lpd $DEST
cp /etc/inetd.conf $DEST
cp /etc/localtime $DEST
cp /etc/login.access $DEST
cp /etc/login.conf $DEST
cp /etc/master.passwd $DEST
cp /etc/mtree/BSD.include.dist $DEST/mtree
cp /etc/mtree/BSD.local.dist $DEST/mtree
cp /etc/mtree/BSD.root.dist $DEST/mtree
cp /etc/mtree/BSD.sendmail.dist $DEST/mtree
cp /etc/mtree/BSD.usr.dist $DEST/mtree
cp /etc/mtree/BSD.var.dist $DEST/mtree
cp /etc/mtree/BSD.x11-4.dist $DEST/mtree
cp /etc/mtree/BSD.x11.dist $DEST/mtree
#cp /etc/namedb/PROTO.localhost.rev $DEST/namedb
#cp /etc/namedb/make-localhost $DEST/namedb
#cp /etc/namedb/named.conf $DEST/namedb
#cp /etc/namedb/named.root $DEST/namedb
cp /etc/network.subr $DEST
cp /etc/networks $DEST
cp /etc/newsyslog.conf $DEST
if [ ! -f /etc/nsswitch.conf ] ; then
cd $DEST ;
ln -s /tmp/nsswitch.conf ;
else
cp /etc/nsswitch.conf $DEST ;
fi ;
cp -R /etc/pam.d $DEST
cp /etc/passwd $DEST
cp /etc/profile $DEST
cp /etc/protocols $DEST
cp /etc/pwd.db $DEST
cp /etc/rc $DEST
if [ -f /etc/rc.conf ] ; then
cp /etc/rc.conf $DEST ;
fi ;
cp -R /etc/rc.d $DEST
cp /etc/rc.firewall $DEST
#cp /etc/rc.i368 $DEST
#cp /etc/rc.local $DEST
#cp /etc/rc.network $DEST
#cp /etc/rc.serial $DEST
cp /etc/rc.shutdown $DEST
cp /etc/rc.subr $DEST
cp /etc/resolv.conf $DEST
#cp /etc/security $DEST
cp /etc/services $DEST
cp /etc/shells $DEST
#cp /etc/skeykeys $DEST
cp /etc/spwd.db $DEST
#cp /etc/ssh/primes $DEST/ssh
#cp /etc/ssh/ssh_config $DEST/ssh
#cp /etc/ssh/ssh_host_dsa_key $DEST/ssh
#cp /etc/ssh/ssh_host_dsa_key.pub $DEST/ssh
#cp /etc/ssh/ssh_host_key $DEST/ssh
#cp /etc/ssh/ssh_host_key.pub $DEST/ssh
#cp /etc/ssh/sshd_config $DEST/ssh
#cp /etc/ssl/openssl.cnf $DEST/ssl
cp /etc/sysctl.conf $DEST
cp /etc/syslog.conf $DEST
if [ ! -f $DEST/termcap ] ; then
ln -s /usr/share/misc/termcap $DEST/termcap ;
fi ;
cp /etc/ttys $DEST
if [ -f /etc/wall_cmos_clock ] ; then
cp /etc/wall_cmos_clock $DEST ;
fi ; |
9.设置配置文件
9.1.把/usr/minibsd/etc/fstab作一下修改,因为当用硬盘启动miniBSD的时候,硬盘是被认作ad0的,设置成只读,这样对于CF卡之类有好处,不至于卡很快报废,呵呵。内容如下:
/dev/ad0s1a / ufs ro 1 1
9.2.对于/usr/minibsd/etc/rc.conf需要进行设置,根据自己实际情况设置,
因为没有swap,所以dumpdev=”NO”,另外要使用到内存盘,因为我们的/文件系统是read only的。这里可以使用rc.diskless2,有空我研究一下。我的内容如下:
hostname=”jojo.minibsd”
sshd_enabled=”NO”
usbd_enabled=”NO”
sendmail_enabled=”NO”
inetd_enabled=”NO”
portmap_enabled=”NO”
update_motd=”NO”
varsize=8192
varmfs=”YES”
tmpmfs=”YES”
tmpsize=8192
dumpdev=”NO”
9.3.为了跳过启动时的十秒等待,可以编辑/usr/minibsd/boot/boot.rc这个文件,加入如下这行:
autoboot 0
10.打包miniBSD
#cd /usr/minibsd
#tar cfvz /usr/minibsd-7.tar.gz *
11.把miniBSD复制到硬盘(CF卡或者U盘)上(如果你想用dd命令把磁盘文件直接刷到硬盘上,直接跳到12)
因为我的主板USB启动有些问题,可能是FreeBSD的loader跟我的主板不兼容,所以我使用IDE硬盘,如果你是U盘的话,下面的ad1和ad0都改成da0即可。
10.1.格式化硬盘,因为ad0是第一块IDE,所以新接上去的这里是ad1。
#fdisk -BI /dev/ad1
11.2.创建一个slice,使用整个硬盘空间。
#bsdlabel -B -w ad1s1
11.3.创建filesystem。
#newfs -U /dev/ad1s1a
11.4.挂载到/mnt。
#mount /dev/ad1s1a /mnt
11.5.把刚才打包的miniBSD全解包到/mnt目录。
#cd /mnt
#tar xfvzP /usr/minibsd-7.tar.gz
11.6.设置成可引导,即把boot0程序写进硬盘的mbr
#boot0cfg -v -B ad1
11.7.跳到13
12.把miniBSD刷到硬盘(CF卡或者U盘)上
12.1首先获得要刷的磁盘大小
#bsdlabel -w -An-B ad1 auto | grep sectors/unit
得到一个sector的数量。
12.2创建磁盘文件(内容用零填充),[number of sector]就是刚才得到的数字
#dd if=/dev/zero of=/usr/minibsd-disk.bin bs=512 count=[number of sector]
12.3创建一个minibsd-disk.bin文件的vnode
#mdconfig -f /usr/minibsd-disk.bin -u 0
12.4现在我们对/dev/md0这个vnode的操作就等于是对磁盘文件minbsd-disk.bin的操作了。
#fdisk -BI /dev/md0
#bsdlabel -B -w md0s1
#newfs -U md0s1a
#mount /dev/md0s1a /mnt
这几步格式化了vnode,创建了一个slice和一个ufs文件系统,并挂载到/mnt目录下。
12.5把我们的minibsd解包到/mnt
#cd /mnt
#tar xfvzP /usr/minibsd-7.tar.gz
12.6对vnode的操作结束,清理一下
#cd /
#umount /mnt
#mdconfig -d -u 0
12.7现在可以用dd命令把装有miniBSD的minibsd-disk.bin文件刷到硬盘上了
#dd if=/usr/minibsd-disk.bin of=/dev/ad1 bs=8k
13.用装好的minibsd引导
把这块装有miniBSD的硬盘接到电脑上启动吧。
我这样做出来的miniBSD打包后9M,这样的一个精简的Freebsd能干什么呢?加入自己想要的,像m0n0wall和pfSense一样做个路由不错。不过这可是DIY的哦。
