当前位置：首页 → 问答吧 → 利用LFS SVN20090601打造强大的WEB服务器

利用LFS SVN20090601打造强大的WEB服务器

时间：2009-06-09

来源：互联网

最近因为工作需要加上个人兴趣，重做了一次LFS，这次利用SVN20090601最新版本，从头编译。
宿主系统是UBUNTU9服务器版，基本系统编译完成之后，加上了一些自己的设置，另外，加入了BLFS里面的一些软件包，例如：openssl，openssh，wget，unzip，以及一些常用工具命令，最主要的，是在此基础上，利用nginx/0.7.59，用FAST-CGI的方式，部署一个高性能的web服务器！

以下分享一下整个编译过程（这个过程根据人品好坏，需要花费的时间也不尽相同，不过一般至少需要花费2-3天以上。）
革命尚未成功，就不要放弃哦，哈哈！

ubuntu9 Server，用163的升级镜像apt-get upgrade一下。安装LAMP服务器，因为我本身要在宿主系统上做php测试。
先安装个gd支持，嘿嘿。
apt-get install php5-gd

安装编译lfs必须的工具
apt-get install diff gawk glibc m4 make texinfo autoconf g++ gcc bison gawk

mkdir /opt/work && cd /opt/work

///////////////// 检查环境 /////////////////

cat > version-check.sh << "EOF"
#!/bin/bash
export LC_ALL=C

# Simple script to list version numbers of critical development tools

bash --version | head -n1 | cut -d" " -f2-4
echo "/bin/sh -> `readlink -f /bin/sh`"
echo -n "Binutils: "; ld --version | head -n1 | cut -d" " -f3-
bison --version | head -n1
if [ -e /usr/bin/yacc ];
then echo "/usr/bin/yacc -> `readlink -f /usr/bin/yacc`";
else echo "yacc not found"; fi
bzip2 --version 2>&1 < /dev/null | head -n1 | cut -d" " -f1,6-
echo -n "Coreutils: "; chown --version | head -n1 | cut -d")" -f2
diff --version | head -n1
find --version | head -n1
gawk --version | head -n1
if [ -e /usr/bin/awk ];
then echo "/usr/bin/awk -> `readlink -f /usr/bin/awk`";
else echo "awk not found"; fi
gcc --version | head -n1
/lib/libc.so.6 | head -n1 | cut -d" " -f1-7
grep --version | head -n1
gzip --version | head -n1
cat /proc/version
m4 --version | head -n1
make --version | head -n1
patch --version | head -n1
echo Perl `perl -V:version`
sed --version | head -n1
tar --version | head -n1
makeinfo --version | head -n1
echo 'main(){}' > dummy.c && gcc -o dummy dummy.c
if [ -x dummy ]; then echo "Compilation OK";
else echo "Compilation failed"; fi
rm -f dummy.c dummy

EOF

bash version-check.sh

export LFS=/mnt/lfs
mkdir -pv $LFS
mount -v -t ext3 /dev/sda3 $LFS
mkdir -v $LFS/sources
chmod -v a+wt $LFS/sources
cd $LFS/sources

下载源码包
使用一个脚本，多线程下载
#!/bin/sh

if [ -z "$1" -o -z "$2" ]; then
echo "Usage: $0 <destination_dir> <url file>"
exit 1
fi

wget -N -r -nd -P $1 -i $2 -o wget.lfs.log

或者直接下载
wget -i /opt/work/wget-list

echo $LFS
如果路径不对，则重新设置
export LFS=/mnt/lfs

创建工具链路径
mkdir -v $LFS/tools

建立符号链接到宿主系统更目录
ln -sv $LFS/tools /

为了安全，建立编译lfs的用户和组
groupadd lfs
useradd -s /bin/bash -g lfs -m -k /dev/null lfs

设置lfs用户密码为“lfs”
passwd lfs

修改tools和sources目录权限
chown -v lfs $LFS/tools
chown -v lfs $LFS/sources

为lfs用户创建一个全新的shell环境
su - lfs

设置lfs的用户环境
cat > ~/.bash_profile << "EOF"
exec env -i HOME=$HOME TERM=$TERM PS1='\u:\w\$ ' /bin/bash
EOF

cat > ~/.bashrc << "EOF"
set +h
umask 022
LFS=/mnt/lfs
LC_ALL=POSIX
LFS_TGT=$(uname -m)-lfs-linux-gnu
PATH=/tools/bin:/bin:/usr/bin
export LFS LC_ALL LFS_TGT PATH
EOF

命令 exec env -i HOME=$HOME TERM=$TERM PS1='\u:\w\$ ' /bin/bash ，创建新的Bash实例，并保证这个实例的环境是完全干净的，除了设置 HOME，TERM，PS1几个变量以外。这能保证，我们的编译环境不被主系统中可能存在的环境变量所污染。我们使用的方法不太正规，但能完成任务。要深入地解释起来，最初的shell是 login(登陆) shell，读取 .bash_profile文件，而新的shell实例是non-login(非登陆) shell，它只读取.bashrc文件(随后创建的那一个).

set +h 关掉bash的 "hash"功能。hash 通常是一个有用的特性，这时 bash 使用 hash 表(哈希表)来记住可执行文件的完整路径，以避免为了找到同一个文件而进行多次 `PATH' 搜索。然而，我们希望立刻就能使用新安装的工具。关掉hash功能，那些交互的命令(make,patch, sed,cp 等等)将总是使用新的程序。

把用户文件创建掩码(umask)设置为 022，保证新创建的文件和目录只能被文件的所有者执行写操作，而能被所有人读和执行。

LFS 变量自然要设置成你加载 LFS 分区的位置。

LC_ALL 变量控制某些软件包的本地化，使它们输出的信息遵守指定国家的规范。当你的主系统glibc版本低于2.2.4时，如果在第五章中把$LC_ALL设置成 "POSIX" 或 "C" 以外的值，当你退出第六章的chroot环境后，要再次进入就会有麻烦。设置成 "POSIX" (或"C"，它们俩是相同的)我们保证在chroot环境中不会出现任何问题。

我们把 /tools/bin 附加到标准路径前面，是为了在安装过程中，总是能用到已经安装了的临时工具。

CC, CXX, CPP, LD_LIBRARY_PATH 和 LD_PRELOAD 环境变量都有可能破坏我们的第五章工具链，因此这里取消它们的设置，以预防可能的问题。

下面source刚才准备的用户配置文件，准备开始编译临时工具链。

source ~/.bash_profile

cd $LFS/sources

开始编译工具链！先检查一下$LFS环境变量。
echo $LFS

5.4. 编译binutils-2.19.1
----------------------------------------------

tar -jxvf binutils-2.19.1.tar.bz2
cd binutils-2.19.1
mkdir -v ../binutils-build
cd ../binutils-build

../binutils-2.19.1/configure --target=$LFS_TGT --prefix=/tools --disable-nls --disable-werror

--target=$LFS_TGT: 因为LFS_TGT变量里面的机器描述和config.guess脚本返回的的稍微不同，这个开关告诉configure脚本来修正binutils构建交叉工具链。
--prefix=/tools: 准备把Binutils程序安装到/tools目录。
--disable-nls: 这个参数禁止了国际化(通常简称i18n)。我们的静态程序不需要国际化的特性，并且在静态连接时nls常常引起错误。
--disable-werror: 避免当宿主系统编译器出现警告信息时导致编译停止。

编译
make

如果宿主系统是64位，创建一条链接，以保证工具链的稳健
case $(uname -m) in
x86_64) mkdir -v /tools/lib && ln -sv lib /tools/lib64 ;;
esac

安装binutils包
make install

5.5. 编译GCC-4.4.0
----------------------------------------------

另开一个终端，用root先行编译gmp和mpfr到宿主系统，因为gcc4.4依赖这两个东东！

../gcc-4.4.0/configure \
--target=$LFS_TGT --prefix=/tools \
--disable-nls --disable-shared --disable-multilib \
--disable-decimal-float --disable-threads \
--disable-libmudflap --disable-libssp \
--disable-libgomp --enable-languages=c

因为Glibc编译的时候依赖libgcc_eh.a这个库，所以需要建个软链接。

ln -vs libgcc.a `$LFS_TGT-gcc -print-libgcc-file-name | sed 's/libgcc/&_eh/'`

`/mnt/lfs/tools/bin/../lib/gcc/i686-lfs-linux-gnu/4.4.0/libgcc_eh.a' -> `libgcc.a'

也就是增加一个软链接
/mnt/lfs/tools/lib/gcc/i686-lfs-linux-gnu/4.4.0/libgcc_eh.a到相同目录下的libgcc.a

5.6. 编译Linux-2.6.29.4头文件
----------------------------------------------

Linux内核需要提供一些API给Glibc使用。

tar -jxvf tar/linux-2.6.29.4.tar.bz2
cd linux-2.6.29.4/

make mrproper

make headers_check
make INSTALL_HDR_PATH=dest headers_install
cp -rv dest/include/* /tools/include

5.7. Glibc-2.10.1
----------------------------------------------

tar -jxvf tar/glibc-2.10.1.tar.bz2
cd glibc-2.10.1/
mkdir -v ../glibc-build
cd ../glibc-build

../glibc-2.10.1/configure --prefix=/tools \
--host=$LFS_TGT --build=$(../glibc-2.10.1/scripts/config.guess) \
--disable-profile --enable-add-ons \
--enable-kernel=2.6.0 --with-headers=/tools/include \
libc_cv_forced_unwind=yes libc_cv_c_cleanup=yes

make && make install

5.8. 调整工具链
----------------------------------------------

5.9. Binutils-2.19.1 第二遍
----------------------------------------------

mv binutils-build binutils-build-1
cd binutils-2.19.1/
mkdir -v ../binutils-build
cd ../binutils-build

CC="$LFS_TGT-gcc -B/tools/lib/" \
AR=$LFS_TGT-ar RANLIB=$LFS_TGT-ranlib \
../binutils-2.19.1/configure --prefix=/tools \
--disable-nls --with-lib-path=/tools/lib

make && make install

下面还要调整工具链，做些准备。
make -C ld clean
make -C ld LIB_PATH=/usr/lib:/lib
cp -v ld/ld-new /tools/bin

-C ld clean 表示清除ld目录编译后的文件
make -C ld LIB_PATH=/usr/lib:/lib 表示使用新的lib路径，重新编译ld目录的代码。

5.10. GCC-4.4.0 第二遍
----------------------------------------------

cd gcc-4.4.0/
patch -Np1 -i ../patch/gcc-4.4.0-startfiles_fix-1.patch
patching file gcc/gcc.c
Hunk #1 succeeded at 6467 (offset 97 lines).

cp -v gcc/Makefile.in{,.orig}
sed 's@\./fixinc\.sh@-c true@' gcc/Makefile.in.orig > gcc/Makefile.in

cp -v gcc/Makefile.in{,.tmp}
sed 's/^XCFLAGS =$/& -fomit-frame-pointer/' gcc/Makefile.in.tmp \
> gcc/Makefile.in

for file in \
$(find gcc/config -name linux64.h -o -name linux.h -o -name sysv4.h)
do
cp -uv $file{,.orig}
sed -e 's@/lib$64$\?$32$\?/ld@/tools&@g' \
-e 's@/usr@/tools@g' $file.orig > $file
echo '
#undef STANDARD_INCLUDE_DIR
#define STANDARD_INCLUDE_DIR 0
#define STANDARD_STARTFILE_PREFIX_1 ""
#define STANDARD_STARTFILE_PREFIX_2 ""' >> $file
touch $file.orig
done

准备mpfr-2.4.1和gmp-4.3.1目录。

tar -jxvf ../tar/mpfr-2.4.1.tar.bz2
mv -v mpfr-2.4.1 mpfr
tar -jxvf ../tar/gmp-4.3.1.tar.bz2
mv gmp-4.3.1 gmp

保存gcc第一次编译的目录
move -v ../gcc-build ../gcc-build-1

新建一个gcc编译目录
mkdir -v ../gcc-build
cd ../gcc-build

这次编译gcc之前，先重设所有变量，替换默认值。

CC="$LFS_TGT-gcc -B/tools/lib/" \
AR=$LFS_TGT-ar RANLIB=$LFS_TGT-ranlib \
../gcc-4.4.0/configure --prefix=/tools \
--with-local-prefix=/tools --enable-clocale=gnu \
--enable-shared --enable-threads=posix \
--enable-__cxa_atexit --enable-languages=c,c++ \
--disable-libstdcxx-pch --disable-multilib \
--disable-bootstrap

make && make install

为了兼容使用cc命令，做个软链接

ln -vs gcc /tools/bin/cc

检测一下工具链是不是已经换过来了：

echo 'main(){}' > dummy.c
cc dummy.c
readelf -l a.out | grep ': /tools'

如果没问题，会有下面的输出
[Requesting program interpreter:
/tools/lib/ld-linux.so.2]

删掉刚刚的调试文件：
rm -v dummy.c a.out

5.11. Tcl-8.5.7
----------------------------------------------

tar -zxvf tar/tcl8.5.7-src.tar.gz

cd tcl8.5.7/
cd unix
./configure --prefix=/tools
make
TZ=UTC make test
make install

令以安装的共享库可写，以便调试标记以后能够被移除。
chmod -v u+w /tools/lib/libtcl8.5.so

安装tcl头文件，下一个包expect需要它们来编译。
make install-private-headers

再做一个必要的符号链接
ln -sv tclsh8.5 /tools/bin/tclsh

5.12. Expect-5.43.0
----------------------------------------------

cd $LFS/sources
tar -zxvf tar/expect-5.43.0.tar.gz
cd expect-5.43/

首先，打个补丁，否则会导致gcc测试单元失败。
patch -Np1 -i ../patch/expect-5.43.0-spawn-1.patch

再修复一个漏洞，是针对tcl最近修改的。
patch -Np1 -i ../patch/expect-5.43.0-tcl_8.5.5_fix-1.patch

接下来，强制要求configure脚本使用/bin/stty替代/usr/local/bin/stty,因为它存在于宿主系统。
确保我们的测试单元工具到最后的工具链编译还是健全的。

准备Expect的编译

./configure --prefix=/tools --with-tcl=/tools/lib \
--with-tclinclude=/tools/include --with-x=no

make
make test
注：众所周知，Expect测试单元在某种宿主状态下通常可能失败，这不在我们的控制范围。
因此，这里的测试单元失败，不用感到吃惊，也不是什么关键问题。

make SCRIPTS="" install

libexpect-5.43.a 提供函数，使得Expect能够被当作Tcl的扩展，或者让Expect基于c/c++直接使用。

5.13. DejaGNU-1.4.4
----------------------------------------------

cd $LFS/sources
tar -zxvf tar/dejagnu-1.4.4.tar.gz
cd dejagnu-1.4.4/
./configure --prefix=/tools
make install

测试
make check

5.14. Ncurses-5.7
----------------------------------------------

cd $LFS/sources
tar -zxvf tar/ncurses-5.7.tar.gz

./configure --prefix=/tools --with-shared \
--without-debug --without-ada --enable-overwrite

--without-ada 确保Ncurses不会编译对Ada编译器的支持。
因为它存在宿主系统上，但一旦我们进入chroot环境就不可用了。

--enable-overwrite 告诉Ncurses安装他的头文件到/tools/include，替换/tools/include/ncurses。
确保其他包能够顺利找到Ncurses的头文件。

make
make install

5.15. Bash-4.0
----------------------------------------------

cd $LFS/sources
tar -zxvf tar/bash-4.0.tar.gz
cd bash-4.0/

打补丁，bash4出来之后发现的一些问题
patch -Np1 -i ../patch/bash-4.0-fixes-2.patch

./configure --prefix=/tools --without-bash-malloc

make
make tests
make install
ln -vs bash /tools/bin/sh

5.16. Bzip2-1.0.5
----------------------------------------------

cd $LFS/sources
tar -zxvf tar/bzip2-1.0.5.tar.gz
cd bzip2-1.0.5/
make
make PREFIX=/tools install

5.17. Coreutils-7.4
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/coreutils-7.4.tar.gz
cd coreutils-7.4/
./configure --prefix=/tools --enable-install-program=hostname
make
make RUN_EXPENSIVE_TESTS=yes check
make install
cp -v src/su /tools/bin/su-tools

5.18. Diffutils-2.8.1
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/diffutils-2.8.1.tar.gz
cd diffutils-2.8.1/

./configure --prefix=/tools
make && make install

5.19. E2fsprogs-1.41.5
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/e2fsprogs-1.41.5.tar.gz
cd e2fsprogs-1.41.5/
mkdir -v build
cd build
../configure --prefix=/tools
make
make install-libs

chmod -v u+w \
/tools/lib/{libblkid,libcom_err,libe2p,libext2fs,libss,libuuid}.a

5.20. Findutils-4.4.1
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/findutils-4.4.1.tar.gz
cd findutils-4.4.1/
./configure --prefix=/tools
make
make check
make install

5.21. Gawk-3.1.6
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/gawk-3.1.6.tar.bz2
cd gawk-3.1.6/
./configure --prefix=/tools ac_cv_func_working_mktime=yes
make
make check
make install

5.22. Gettext-0.17
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/gettext-0.17.tar.gz
cd gettext-0.17/
cd gettext-tools
./configure --prefix=/tools --disable-shared

make -C gnulib-lib
make -C src msgfmt

cp -v src/msgfmt /tools/bin

5.23. Grep-2.5.4
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/grep-2.5.4.tar.bz2
cd grep-2.5.4/

./configure --prefix=/tools \
--disable-perl-regexp \
--without-included-regex

make
make check
make install

5.24. Gzip-1.3.12
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/gzip-1.3.12.tar.gz
cd gzip-1.3.12/

for file in gzip.c lib/utimens.{c,h} ; do \
cp -v $file{,.orig}
sed 's/futimens/gl_&/' $file.orig > $file
done

./configure --prefix=/tools

make
make check
make install

5.25. M4-1.4.13
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/m4-1.4.13.tar.bz2
cd m4-1.4.13/
./configure --prefix=/tools
make
make check
make install

5.26. Make-3.81
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/make-3.81.tar.bz2
cd make-3.81/
./configure --prefix=/tools
make
make check
make install

5.27. Patch-2.5.9
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/patch-2.5.9.tar.gz
cd patch-2.5.9/
patch -Np1 -i ../patch/patch-2.5.9-fixes-1.patch
./configure --prefix=/tools
make
make install

5.28. Perl-5.10.0
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/perl-5.10.0.tar.gz
cd perl-5.10.0/
patch -Np1 -i ../patch/perl-5.10.0-consolidated-1.patch

sh Configure -des -Dprefix=/tools \
-Dstatic_ext='Data/Dumper Fcntl IO POSIX'

make perl utilities ext/Errno/pm_to_blib

cp -v perl pod/pod2man /tools/bin
mkdir -pv /tools/lib/perl5/5.10.0
cp -Rv lib/* /tools/lib/perl5/5.10.0

5.29. Sed-4.2
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/sed-4.2.tar.bz2
cd sed-4.2/

./configure --prefix=/tools
make
make check
make install

5.30. Tar-1.22
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/tar-1.22.tar.bz2
cd tar-1.22/

./configure --prefix=/tools
make
make check
make install

5.31. Texinfo-4.13a
---------------------------------------------

cd $LFS/sources
tar -zxvf tar/texinfo-4.13a.tar.gz
cd texinfo-4.13/

./configure --prefix=/tools
make
make check
make install

5.32. Util-linux-ng-2.14.2
---------------------------------------------

cd $LFS/sources
tar -jxvf tar/util-linux-ng-2.14.2.tar.bz2
cd util-linux-ng-2.14.2/

./configure --prefix=/tools

make -C disk-utils mkswap
make -C mount mount umount
make -C text-utils more

cp -v disk-utils/mkswap mount/{,u}mount text-utils/more /tools/bin

5.33. Stripping
---------------------------------------------

strip --strip-debug /tools/lib/*
strip --strip-unneeded /tools/{,s}bin/*

rm -rf /tools/{info,man}

5.34. Changing Ownership
---------------------------------------------
exit
退出lfs用户shell环境

更改tools工具链的所有权为root，以免将来工具链被恶意提升权限。
chown -R root:root $LFS/tools

tools在lfs编译完成后可以被删除，但还是可以用来编译相同版本的lfs程序
如何保存工具链，全凭个人爱好！

作者: thatday 发布时间: 2009-06-09

继续,LFS第六章

构建LFS系统

6.1. 尽量简单的编译一个LFS系统雏形，尽量不要使用编译器优化参数，因为这带来的速度提升几乎可以忽略不计，但带来的坏处，可能导致程序运行不稳定。不要同时编译几个包，因为这样可能产生硬链接到/tools，如果tools目录被删除，可能会出现问题。

6.2. 准备虚拟内核文件系统

export LFS=/mnt/lfs
mkdir -pv $LFS/{dev,proc,sys}

建立初始设备节点（console和null设备）
mknod -m 600 $LFS/dev/console c 5 1
mknod -m 666 $LFS/dev/null c 1 3

挂载并绑定设备目录
mount -v --bind /dev $LFS/dev

挂载虚拟内核文件系统
mount -vt devpts devpts $LFS/dev/pts
mount -vt tmpfs shm $LFS/dev/shm
mount -vt proc proc $LFS/proc
mount -vt sysfs sysfs $LFS/sys

6.3. 包管理
集中流行的包管理思想，LFS不提供包管理系统

6.4. 进入Chroot环境
chroot "$LFS" /tools/bin/env -i \
HOME=/root TERM="$TERM" PS1='\u:\w\$ ' \
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/tools/bin \
/tools/bin/bash --login +h

用env -i 表示清空所有环境变量，只重设后面的几个。在这里也可以设置CFLAGS或者CXXFLAGS
进入chroot环境后，由于还没建立/etc/passwd 文件，所以shell提示符前面为：
I have no name!:/#

到了这点上面，$LFS变量就可以不管了，因为接下来所有的工作都被限制在LFS文件系统里面了。
Bash已经把$LFS当作root (/) 目录来处理了。

6.5. 增加目录

增加文件结构

mkdir -pv /{bin,boot,etc/opt,home,lib,mnt,opt}
mkdir -pv /{media/{floppy,cdrom},sbin,srv,var}
install -dv -m 0750 /root
install -dv -m 1777 /tmp /var/tmp
mkdir -pv /usr/{,local/}{bin,include,lib,sbin,src}
mkdir -pv /usr/{,local/}share/{doc,info,locale,man}
mkdir -v /usr/{,local/}share/{misc,terminfo,zoneinfo}
mkdir -pv /usr/{,local/}share/man/man{1..8}
for dir in /usr /usr/local; do
ln -sv share/{man,doc,info} $dir
done
case $(uname -m) in
x86_64) ln -sv lib /lib64 && ln -sv lib /usr/lib64 ;;
esac
mkdir -v /var/{lock,log,mail,run,spool}
mkdir -pv /var/{opt,cache,lib/{misc,locate},local}

以上文件夹结构，遵循Filesystem Hierarchy Standard (FHS)
http://www.pathname.com/fhs/

6.6. 增加必要的文件和软链接

ln -sv /tools/bin/{bash,cat,echo,pwd,stty} /bin
ln -sv /tools/bin/perl /usr/bin
ln -sv /tools/lib/libgcc_s.so{,.1} /usr/lib
ln -sv /tools/lib/libstdc++.so{,.6} /usr/lib
ln -sv bash /bin/sh

touch /etc/mtab

cat > /etc/passwd << "EOF"
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/dev/null:/bin/false
nobody:x:99:99:Unprivileged User:/dev/null:/bin/false
EOF

cat > /etc/group << "EOF"
root:x:0:
bin:x:1:
sys:x:2:
kmem:x:3:
tty:x:4:
tape:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
usb:x:14:
cdrom:x:15:
mail:x:34:
nogroup:x:99:
EOF

完整的glibc安装好之后，passwd和group文件已经建立，现在用户名和组可以生效了。
exec /tools/bin/bash --login +h
使用+h参数，屏蔽bash的内部路径哈希。避免bash使用旧的文件路径，能够保证新编译的代码马上可以被利用。

建立一些空文件并赋予它们写权限，以便login, agetty, init以及其他一些程序能够记录系统日志及登陆信息
touch /var/run/utmp /var/log/{btmp,lastlog,wtmp}
chgrp -v utmp /var/run/utmp /var/log/lastlog
chmod -v 664 /var/run/utmp /var/log/lastlog

注：
/var/run/utmp 记录已经登陆的用户信息， /var/log/wtmp 记录所有登陆及注销信息，
/var/log/lastlog 记录每个用户的最后登陆时间， /var/log/btmp 记录登陆失败信息。

6.7. Linux-2.6.29.4 API Headers

cd /sources
cd linux-2.6.29.4/
make mrproper

make headers_check
make INSTALL_HDR_PATH=dest headers_install
cp -rv dest/include/* /usr/include

6.8. Man-pages-3.21

cd /sources
tar -jxvf tar/man-pages-3.21.tar.bz2
cd man-pages-3.21/
make install

6.9. Glibc-2.10.1

cd /sources/glibc-2.10.1/
tar -jxvf ../tar/glibc-libidn-2.10.1.tar.bz2
mv glibc-libidn-2.10.1 libidn

当执行glibc的make install的时候，会调用一个perl脚本进行测试，
现在的工具链还是指向/tools，测试会针对以前编译的glibc，
以下脚本可以让测试指向刚刚编译的glibc

DL=$(readelf -l /bin/sh | sed -n 's@.*interpret.*/tools$.*$]$@\1@p')
sed -i "s|libs -o|libs -L/usr/lib -Wl,-dynamic-linker=$DL -o|" \
scripts/test-installation.pl
unset DL

ldd命令自带了bash的特殊语法，为了避免其他的/bin/sh对ldd的影响，
最好把默认解释器改成/bin/bash，关于这个鸟问题，在BLFS 这本破书的shell章节中也提到了

sed -i 's|@BASH@|/bin/bash|' elf/ldd.bash.in

修复一个make check可能出现的错误

sed -i s/utf8/UTF-8/ libio/tst-fgetwc.c
sed -i '/tst-fgetws-ENV/ a\
tst-fgetwc-ENV = LOCPATH=$(common-objpfx)localedata' libio/Makefile

mkdir -v ../glibc-build
cd ../glibc-build

为x86机器增加必要的CFLAGS编译参数，-pipe加速编译，-O3提高程序的性能。

case `uname -m` in
i?86) echo "CFLAGS += -march=i686 -mtune=native -O3 -pipe" > configparms ;;
esac

准备编译
../glibc-2.10.1/configure --prefix=/usr \
--disable-profile --enable-add-ons \
--enable-kernel=2.6.0 --libexecdir=/usr/lib/glibc

开始编译，等N久！
make

为防止编译测试的几个失败可能，从源码目录拷贝一个东东。
cp -v ../glibc-2.10.1/iconvdata/gconv-modules iconvdata
make -k check 2>&1 | tee glibc-check-log
grep Error glibc-check-log
在测试posix/annexc的时候，有一个可忽略的错误。
这和宿主系统有关，这里不用理它。

虽然无关紧要，为了防止glibc安装阶段报错缺少说ld.so.conf，还是touch一个吧
touch /etc/ld.so.conf

make install

定义locale集合

mkdir -pv /usr/lib/locale
localedef -i cs_CZ -f UTF-8 cs_CZ.UTF-8
localedef -i de_DE -f ISO-8859-1 de_DE
localedef -i de_DE@euro -f ISO-8859-15 de_DE@euro
localedef -i de_DE -f UTF-8 de_DE.UTF-8
localedef -i en_HK -f ISO-8859-1 en_HK
localedef -i en_PH -f ISO-8859-1 en_PH
localedef -i en_US -f ISO-8859-1 en_US
localedef -i en_US -f UTF-8 en_US.UTF-8
localedef -i es_MX -f ISO-8859-1 es_MX
localedef -i fa_IR -f UTF-8 fa_IR
localedef -i fr_FR -f ISO-8859-1 fr_FR
localedef -i fr_FR@euro -f ISO-8859-15 fr_FR@euro
localedef -i fr_FR -f UTF-8 fr_FR.UTF-8
localedef -i it_IT -f ISO-8859-1 it_IT
localedef -i ja_JP -f EUC-JP ja_JP
localedef -i tr_TR -f UTF-8 tr_TR.UTF-8
localedef -i zh_CN -f GB18030 zh_CN.GB18030

其实这里我只要三个就可以了
localedef -i en_US -f ISO-8859-1 en_US
localedef -i en_US -f UTF-8 en_US.UTF-8
localedef -i zh_CN -f GB18030 zh_CN.GB18030

安装其他没有执行localedef定义的语言包（可选）
make localedata/install-locales

配置glibc
尽管当nsswitch.conf不存在或非法时，Glibc会默认产生，但在网络环境下，可能不是很理想。
所以还是创建一个吧，另外，时区也应该配置了。

cat > /etc/nsswitch.conf << "EOF"
# Begin /etc/nsswitch.conf

passwd: files
group: files
shadow: files

hosts: files dns
networks: files

protocols: files
services: files
ethers: files
rpc: files

# End /etc/nsswitch.conf
EOF

选择时区
tzselect

这里最后应该是 TZ='Asia/Shanghai';

增加/etc/localtime

cp -v --remove-destination /usr/share/zoneinfo/Asia/Shanghai \
/etc/localtime

配置动态加载
cat > /etc/ld.so.conf << "EOF"
# Begin /etc/ld.so.conf

/usr/local/lib
/opt/lib

# End /etc/ld.so.conf
EOF

6.10. 重新调整工具链

先备份，然后用第五章里面调整过的工具链替换。
mv -v /tools/bin/{ld,ld-old}
mv -v /tools/$(gcc -dumpmachine)/bin/{ld,ld-old}
mv -v /tools/bin/{ld-new,ld}
ln -sv /tools/bin/ld /tools/$(gcc -dumpmachine)/bin/ld

接下来，调整gcc的spec文件，以便指向新的动态链接库。

gcc -dumpspecs | sed -e 's@/tools@@g' \
-e '/\*startfile_prefix_spec:/{n;s@.*@/usr/lib/ @}' \
-e '/\*cpp:/{n;s@$@ -isystem /usr/include@}' > \
`dirname $(gcc --print-libgcc-file-name)`/specs

最好仔细检查一下specs文件是不是真的修改了。

测试一下新的工具链
echo 'main(){}' > dummy.c
cc dummy.c -v -Wl,--verbose &> dummy.log
readelf -l a.out | grep ': /lib'

应该出现以下提示
[Requesting program interpreter: /lib/ld-linux.so.2]

grep -o '/usr/lib.*/crt[1in].*succeeded' dummy.log
应该出现
/usr/lib/crt1.o succeeded
/usr/lib/crti.o succeeded
/usr/lib/crtn.o succeeded

确保编译器使用了正确的头文件
grep -B1 '^ /usr/include' dummy.log

应该输出
#include <...> search starts here:
/usr/include

再看看新的编译器是否使用了正确的查找路径
grep 'SEARCH.*/usr/lib' dummy.log |sed 's|; |\n|g'

应该输出
SEARCH_DIR("/tools/i686-pc-linux-gnu/lib")
SEARCH_DIR("/usr/lib")
SEARCH_DIR("/lib");

再检查是不是使用了正确的libc
grep "/lib.*/libc.so.6 " dummy.log

应该输出
attempt to open /lib/libc.so.6 succeeded

最后一点，确认gcc使用了正确的动态链接器
grep found dummy.log

应该输出
found ld-linux.so.2 at /lib/ld-linux.so.2

如果一切都没问题，那么清楚测试文件
rm -v dummy.c a.out dummy.log

6.11. Zlib-1.2.3

cd /sources
tar -xvf tar/zlib-1.2.3.tar.bz2
cd zlib-1.2.3/

./configure --prefix=/usr --shared --libdir=/lib

make
make check
make install

刚才的命令安装了一个.so文件在/lib目录，我们将它移动并重新链接到/usr/lib

rm -v /lib/libz.so
ln -sfv ../../lib/libz.so.1.2.3 /usr/lib/libz.so

编译静态链接库

make clean
./configure --prefix=/usr
make

make check
make install

修正静态链接库的权限
chmod -v 644 /usr/lib/libz.a

6.12. Binutils-2.19.1

cd /sources/binutils-2.19.1/

验证新的chroot环境内，PTYs工作是否正常
expect -c "spawn ls"

正常应该输出
spawn ls

rm -fv etc/standards.info
sed -i.bak '/^INFO/s/standards.info //' etc/Makefile.in

sed -i -e 's/getline/get_line/' libiberty/testsuite/test-demangle.c

mkdir -v ../binutils-build
cd ../binutils-build

../binutils-2.19.1/configure --prefix=/usr \
--enable-shared

make tooldir=/usr
make check
make tooldir=/usr install
cp -v ../binutils-2.19.1/include/libiberty.h /usr/include

6.13. GMP-4.3.1

cd /sources
tar -xvf tar/gmp-4.3.1.tar.bz2
cd gmp-4.3.1/

./configure --prefix=/usr --enable-cxx --enable-mpbsd
make
make check 2>&1 | tee gmp-check-log
awk '/tests passed/{total+=$2} ; END{print total}' gmp-check-log
make install

mkdir -v /usr/share/doc/gmp-4.3.1
cp -v doc/{isa_abi_headache,configuration} doc/*.html \
/usr/share/doc/gmp-4.3.1

6.14. MPFR-2.4.1

cd /sources
tar -xvf tar/mpfr-2.4.1.tar.bz2
cd mpfr-2.4.1/

./configure --prefix=/usr --enable-thread-safe

make
make check
make install

安装帮助文档
make html
mkdir -p /usr/share/doc/mpfr-2.4.1
find . -name \*.html -type f -exec cp -v \{} /usr/share/doc/mpfr-2.4.1 \;

6.15. GCC-4.4.0 （第三次编译gcc-4.4.0）

为了防止重复修改源码导致编译出错，删除以前的源码目录，重新弄一个！
rm -rf /sources/gcc-4.4.0/

cd /sources
tar -jxvf tar/gcc-4.4.0.tar.bz2
cd gcc-4.4.0

sed -i 's/install_to_$(INSTALL_DEST) //' libiberty/Makefile.in

在5.1.0 gcc4 第二遍的时候
case `uname -m` in
i?86) sed -i 's/^XCFLAGS =$/& -fomit-frame-pointer/' \
gcc/Makefile.in ;;
esac

这里也要做一次，呵呵。

sed -i 's@\./fixinc\.sh@-c true@' gcc/Makefile.in

mkdir -v ../gcc-build
cd ../gcc-build

../gcc-4.4.0/configure --prefix=/usr \
--libexecdir=/usr/lib --enable-shared \
--enable-threads=posix --enable-__cxa_atexit \
--enable-clocale=gnu --enable-languages=c,c++ \
--disable-multilib --disable-bootstrap

make
make -k check

../gcc-4.4.0/contrib/test_summary

make install

兼容链接
ln -sv ../usr/bin/cpp /lib
ln -sv gcc /usr/bin/cc

测试工具链
echo 'main(){}' > dummy.c
cc dummy.c -v -Wl,--verbose &> dummy.log
readelf -l a.out | grep ': /lib'

正确输出
[Requesting program interpreter: /lib/ld-linux.so.2]

grep -o '/usr/lib.*/crt[1in].*succeeded' dummy.log
正确输出
/usr/lib/gcc/i686-pc-linux-gnu/4.4.0/../../../crt1.o succeeded
/usr/lib/gcc/i686-pc-linux-gnu/4.4.0/../../../crti.o succeeded
/usr/lib/gcc/i686-pc-linux-gnu/4.4.0/../../../crtn.o succeeded

检查是否调用正确的头文件
grep -B4 '^ /usr/include' dummy.log

正确应该有以下输出
#include <...> search starts here:
/usr/local/include
/usr/lib/gcc/x86_64-unknown-linux-gnu/4.4.0/include
/usr/lib/gcc/i686-pc-linux-gnu/4.4.0/include-fixed
/usr/include

检查搜索路径是否正确
grep 'SEARCH.*/usr/lib' dummy.log |sed 's|; |\n|g'

正常会输出
SEARCH_DIR("/usr/i686-pc-linux-gnu/lib")
SEARCH_DIR("/usr/local/lib")
SEARCH_DIR("/lib")
SEARCH_DIR("/usr/lib");

64位系统会输出
SEARCH_DIR("/usr/x86_64-unknown-linux-gnu/lib64")
SEARCH_DIR("/usr/local/lib64")
SEARCH_DIR("/lib64")
SEARCH_DIR("/usr/lib64")
SEARCH_DIR("/usr/x86_64-unknown-linux-gnu/lib")
SEARCH_DIR("/usr/local/lib")
SEARCH_DIR("/lib")
SEARCH_DIR("/usr/lib");

检查libc调用
grep "/lib.*/libc.so.6 " dummy.log
正确输出
attempt to open /lib/libc.so.6 succeeded

检查动态链接库
grep found dummy.log
正确输出
found ld-linux.so.2 at /lib/ld-linux.so.2

删除测试文件
rm -v dummy.c a.out dummy.log

6.16. Berkeley DB-4.7.25

cd /sources/
tar -xvf tar/db-4.7.25.tar.gz
cd db-4.7.25/
patch -Np1 -i ../patch/db-4.7.25-upstream_fixes-1.patch

cd build_unix
../dist/configure --prefix=/usr --enable-compat185 --enable-cxx

make
make docdir=/usr/share/doc/db-4.7.25 install

修复文档的所有权
chown -Rv root:root /usr/share/doc/db-4.7.25

6.17. Sed-4.2

cd /sources/
rm -rf sed-4.2/

tar -xvf tar/sed-4.2.tar.bz2
cd sed-4.2/
./configure --prefix=/usr --bindir=/bin --enable-html

make
make check
make install

6.18. E2fsprogs-1.41.5

sed -i 's@/bin/rm@/tools&@' lib/blkid/test_probe.in
mkdir -v build
cd build

../configure --prefix=/usr --with-root-prefix="" \
--enable-elf-shlibs

make
make check
make install
make install-libs

chmod -v u+w /usr/lib/{libblkid,libcom_err,libe2p,libext2fs,libss,libuuid}.a

gunzip -v /usr/share/info/libext2fs.info.gz
install-info --dir-file=/usr/share/info/dir \
/usr/share/info/libext2fs.info

makeinfo -o doc/com_err.info ../lib/et/com_err.texinfo
install -v -m644 doc/com_err.info /usr/share/info
install-info --dir-file=/usr/share/info/dir \
/usr/share/info/com_err.info

install -v -m644 -D ../doc/libblkid.txt \
/usr/share/doc/e2fsprogs-1.41.5/libblkid.txt

6.19. Coreutils-7.4

Intel硬件系统里面，当使用uname -p参数时，经常返回unknown，下面打个补丁。

case `uname -m` in
i?86 | x86_64) patch -Np1 -i ../patch/coreutils-7.4-uname-1.patch ;;
esac

POSIX标准需要coreutils程序识别多字节语言的字符边界效验。
patch -Np1 -i ../patch/coreutils-7.4-i18n-1.patch

准备编译
./configure --prefix=/usr \
--enable-no-install-program=kill,uptime

make

make NON_ROOT_USERNAME=nobody check-root

准备用nobody用户完成下面的测试，这里建立一个临时组，将nobody加入这个组，进行测试
echo "dummy:x:1000:nobody" >> /etc/group

修正权限
chown -Rv nobody config.log {gnulib-tests,lib,src}/.deps

用nobody用户运行测试程序
su-tools nobody -s /bin/bash -c "make RUN_EXPENSIVE_TESTS=yes check" || true

删除临时组
sed -i '/dummy/d' /etc/group

安装coreutils包
make install

将下面的命令移动到基于FHS的路径
mv -v /usr/bin/{cat,chgrp,chmod,chown,cp,date,dd,df,echo} /bin
mv -v /usr/bin/{false,ln,ls,mkdir,mknod,mv,pwd,rm} /bin
mv -v /usr/bin/{rmdir,stty,sync,true,uname} /bin
mv -v /usr/bin/chroot /usr/sbin

LFS-Bootscripts包里的某些脚本，依赖于head,sleep和nice
/usr目录在系统启动初期可能不可用，这些二进制文件需要放在root分区
mv -v /usr/bin/{head,sleep,nice} /bin

6.20. Iana-Etc-2.30

cd /sources/
tar -xvf tar/iana-etc-2.30.tar.bz2
cd iana-etc-2.30/
make && make install

6.21. M4-1.4.13

./configure --prefix=/usr
make
make check
make install

6.22. Bison-2.4.1

tar -xvf tar/bison-2.4.1.tar.bz2
cd bison-2.4.1/
./configure --prefix=/usr

echo '#define YYENABLE_NLS 1' >> config.h
make
make check
make install

6.23. Ncurses-5.7

./configure --prefix=/usr --with-shared --without-debug --enable-widec
make
make install

mv -v /usr/lib/libncursesw.so.5* /lib
ln -sfv ../../lib/libncursesw.so.5 /usr/lib/libncursesw.so

for lib in ncurses form panel menu ; do \
rm -vf /usr/lib/lib${lib}.so ; \
echo "INPUT(-l${lib}w)" >/usr/lib/lib${lib}.so ; \
ln -sfv lib${lib}w.a /usr/lib/lib${lib}.a ; \
done
ln -sfv libncurses++w.a /usr/lib/libncurses++.a

rm -vf /usr/lib/libcursesw.so
echo "INPUT(-lncursesw)" >/usr/lib/libcursesw.so
ln -sfv libncurses.so /usr/lib/libcurses.so
ln -sfv libncursesw.a /usr/lib/libcursesw.a
ln -sfv libncurses.a /usr/lib/libcurses.a

mkdir -v /usr/share/doc/ncurses-5.7
cp -v -R doc/* /usr/share/doc/ncurses-5.7

Note
The instructions above don't create non-wide-character Ncurses libraries since no package installed by compiling from sources would link against them at runtime. If you must have such libraries because of some binary-only application, build them with the following commands:

make distclean
./configure --prefix=/usr --with-shared --without-normal \
--without-debug --without-cxx-binding
make sources libs
cp -av lib/lib*.so.5* /usr/lib

6.24. Procps-3.2.8

patch -Np1 -i ../patch/procps-3.2.8-watch_unicode-1.patch

make
make install

6.25. Grep-2.5.4

patch -Np1 -i ../patch/grep-2.5.4-debian_fixes-1.patch

./configure --prefix=/usr \
--bindir=/bin \
--without-included-regex

make
make check || true
make install

6.26. Readline-6.0

sed -i '/MV.*old/d' Makefile.in
sed -i '/{OLDSUFF}/c:' support/shlib-install

./configure --prefix=/usr --libdir=/lib

make SHLIB_LIBS=-lncurses

make install

mv -v /lib/lib{readline,history}.a /usr/lib

rm -v /lib/lib{readline,history}.so
ln -sfv ../../lib/libreadline.so.6 /usr/lib/libreadline.so
ln -sfv ../../lib/libhistory.so.6 /usr/lib/libhistory.so

mkdir -v /usr/share/doc/readline-6.0
install -v -m644 doc/*.{ps,pdf,html,dvi} \
/usr/share/doc/readline-6.0

6.27. Bash-4.0

patch -Np1 -i ../patch/bash-4.0-fixes-2.patch

./configure --prefix=/usr --bindir=/bin \
--htmldir=/usr/share/doc/bash-4.0 --without-bash-malloc \
--with-installed-readline

make

sed -i 's/LANG/LC_ALL/' tests/intl.tests
sed -i 's@tests@& </dev/tty@' tests/run-test
chown -Rv nobody ./

su-tools nobody -s /bin/bash -c "make tests"

make install

exec /bin/bash --login +h

6.28. Libtool-2.2.6a

./configure --prefix=/usr
make
make check
make install

6.29. Inetutils-1.6

patch -Np1 -i ../patch/inetutils-1.6-no_server_man_pages-1.patch

./configure --prefix=/usr --libexecdir=/usr/sbin \
--localstatedir=/var --disable-ifconfig \
--disable-logger --disable-syslogd --disable-whois \
--disable-servers

make
make install
mv -v /usr/bin/ping /bin

6.30. Perl-5.10.0

echo "127.0.0.1 localhost $(hostname)" > /etc/hosts

patch -Np1 -i ../patch/perl-5.10.0-consolidated-1.patch

sed -i -e "s|BUILD_ZLIB\s*= True|BUILD_ZLIB = False|" \
-e "s|INCLUDE\s*= ./zlib-src|INCLUDE = /usr/include|" \
-e "s|LIB\s*= ./zlib-src|LIB = /usr/lib|" \
ext/Compress/Raw/Zlib/config.in

sh Configure -des -Dprefix=/usr \
-Dvendorprefix=/usr \
-Dman1dir=/usr/share/man/man1 \
-Dman3dir=/usr/share/man/man3 \
-Dpager="/usr/bin/less -isR"

make
make test
make install

6.31. Autoconf-2.63

./configure --prefix=/usr

make
make check
make install

6.32. Automake-1.11

./configure --prefix=/usr --docdir=/usr/share/doc/automake-1.11

make
make check
要check好久好久：（

make install

6.33. Bzip2-1.0.5

patch -Np1 -i ../patch/bzip2-1.0.5-install_docs-1.patch

sed -i 's@$ln -s -f $$(PREFIX)/bin/@\1@' Makefile

make -f Makefile-libbz2_so
make clean

make
make PREFIX=/usr install

cp -v bzip2-shared /bin/bzip2
cp -av libbz2.so* /lib
ln -sv ../../lib/libbz2.so.1.0 /usr/lib/libbz2.so
rm -v /usr/bin/{bunzip2,bzcat,bzip2}
ln -sv bzip2 /bin/bunzip2
ln -sv bzip2 /bin/bzcat

第六章需要做的工作太多了，下面继续！

作者: thatday 发布时间: 2009-06-09

继续第六章

6.34. Diffutils-2.8.1

patch -Np1 -i ../patch/diffutils-2.8.1-i18n-1.patch

touch man/diff.1
./configure --prefix=/usr
make
make install

6.35. File-5.00

sed -i -e '197,+1d' \
-e '189,+1d' \
-e 's/token$/tokens/' doc/file.man

./configure --prefix=/usr

make
make check
make install

6.36. Gawk-3.1.6

./configure --prefix=/usr --libexecdir=/usr/lib \
ac_cv_func_working_mktime=yes

make
make check
make install

mkdir -v /usr/share/doc/gawk-3.1.6
cp -v doc/{awkforai.txt,*.{eps,pdf,jpg}} \
/usr/share/doc/gawk-3.1.6

6.37. GDBM-1.8.3

./configure --prefix=/usr

make
make install
make install-compat

6.38. Findutils-4.4.1

./configure --prefix=/usr --libexecdir=/usr/lib/findutils \
--localstatedir=/var/lib/locate

make
make check
make install

mv -v /usr/bin/find /bin
sed -i 's/find:=${BINDIR}/find:=\/bin/' /usr/bin/updatedb

6.39. Flex-2.5.35

patch -Np1 -i ../patch/flex-2.5.35-gcc44-1.patch

./configure --prefix=/usr

make
make check
make install

ln -sv libfl.a /usr/lib/libl.a

cat > /usr/bin/lex << "EOF"
#!/bin/sh
# Begin /usr/bin/lex

exec /usr/bin/flex -l "$@"

# End /usr/bin/lex
EOF
chmod -v 755 /usr/bin/lex

mkdir -v /usr/share/doc/flex-2.5.35
cp -v doc/flex.pdf \
/usr/share/doc/flex-2.5.35

6.40. Gettext-0.17

patch -Np1 -i ../patch/gettext-0.17-upstream_fixes-2.patch

./configure --prefix=/usr \
--docdir=/usr/share/doc/gettext-0.17

make
make check
make install

6.41. Groff-1.20.1

PAGE=A4 ./configure --prefix=/usr

make
make docdir=/usr/share/doc/groff-1.20.1 install

ln -sv eqn /usr/bin/geqn
ln -sv tbl /usr/bin/gtbl

6.42. Gzip-1.3.12

sed -i 's/futimens/gl_&/' gzip.c lib/utimens.{c,h}
sed -i 's/5 -)/5 - >\&3)/' zdiff.in

./configure --prefix=/usr --bindir=/bin

make
make check
make install

mv -v /bin/{gzexe,uncompress,zcmp,zdiff,zegrep} /usr/bin
mv -v /bin/{zfgrep,zforce,zgrep,zless,zmore,znew} /usr/bin

6.43. IPRoute2-2.6.29-1

make DESTDIR=

make DESTDIR= SBINDIR=/sbin MANDIR=/usr/share/man \
DOCDIR=/usr/share/doc/iproute2-2.6.29-1 install

mv -v /sbin/arpd /usr/sbin

6.44. Kbd-1.15

patch -Np1 -i ../patch/kbd-1.15-backspace-1.patch

sed -i -e '1i KEYCODES_PROGS = @KEYCODES_PROGS@' \
-e '1i RESIZECONS_PROGS = @RESIZECONS_PROGS@' src/Makefile.in

var=OPTIONAL_PROGS
sed -i "s/ifdef $var/ifeq (\$($var),yes)/" man/Makefile.in
unset var

./configure --prefix=/usr --datadir=/lib/kbd

make
make install

mv -v /usr/bin/{kbd_mode,loadkeys,openvt,setfont} /bin

mkdir -v /usr/share/doc/kbd-1.15
cp -R -v doc/* \
/usr/share/doc/kbd-1.15

6.45. Less-429

./configure --prefix=/usr --sysconfdir=/etc

make
make install

6.46. Make-3.81

./configure --prefix=/usr

make
make check
make install

6.47. Man-DB-2.5.5

patch -Np1 -i ../patch/man-db-2.5.5-fix_testsuite-1.patch

./configure --prefix=/usr --libexecdir=/usr/lib \
--sysconfdir=/etc --disable-setuid \
--with-browser=/usr/bin/lynx --with-col=/usr/bin/col \
--with-vgrind=/usr/bin/vgrind --with-grap=/usr/bin/grap

make
make check
make install

6.48. Module-Init-Tools-3.8

./configure
make check
make clean

./configure --prefix=/ --enable-zlib --mandir=/usr/share/man

make
make INSTALL=install install

6.49. Patch-2.5.9

patch -Np1 -i ../patch/patch-2.5.9-fixes-1.patch

./configure --prefix=/usr

make
make install

6.50. Psmisc-22.7

./configure --prefix=/usr --exec-prefix=""

make
make install

mv -v /bin/pstree* /usr/bin
ln -sv killall /bin/pidof

6.51. Shadow-4.1.4.1

sed -i 's/groups$(EXEEXT) //' src/Makefile.in
find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \;

sed -i -e 's/ ko//' -e 's/ zh_CN zh_TW//' man/Makefile.in

sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD MD5@' \
-e 's@/var/spool/mail@/var/mail@' etc/login.defs

Note
If you chose to build Shadow with Cracklib support, run the following:

sed -i 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' \
etc/login.defs

./configure --sysconfdir=/etc

make
make install
mv -v /usr/bin/passwd /bin

pwconv
grpconv

passwd root

6.52. Sysklogd-1.5

make
make BINDIR=/sbin install

cat > /etc/syslog.conf << "EOF"
# Begin /etc/syslog.conf

auth,authpriv.* -/var/log/auth.log
*.*;auth,authpriv.none -/var/log/sys.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
*.emerg *

# End /etc/syslog.conf
EOF

6.53. Sysvinit-2.86

sed -i 's@Sending processes@& configured via /etc/inittab@g' \
src/init.c

sed -i -e 's/utmpdump wall/utmpdump/' \
-e 's/mountpoint.1 wall.1/mountpoint.1/' src/Makefile

make -C src
make -C src install

cat > /etc/inittab << "EOF"
# Begin /etc/inittab

id:3:initdefault:

si::sysinit:/etc/rc.d/init.d/rc sysinit

l0:0:wait:/etc/rc.d/init.d/rc 0
l1:S1:wait:/etc/rc.d/init.d/rc 1
l2:2:wait:/etc/rc.d/init.d/rc 2
l3:3:wait:/etc/rc.d/init.d/rc 3
l4:4:wait:/etc/rc.d/init.d/rc 4
l5:5:wait:/etc/rc.d/init.d/rc 5
l6:6:wait:/etc/rc.d/init.d/rc 6

ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now

su:S016:once:/sbin/sulogin

1:2345:respawn:/sbin/agetty tty1 9600
2:2345:respawn:/sbin/agetty tty2 9600
3:2345:respawn:/sbin/agetty tty3 9600
4:2345:respawn:/sbin/agetty tty4 9600
5:2345:respawn:/sbin/agetty tty5 9600
6:2345:respawn:/sbin/agetty tty6 9600

# End /etc/inittab
EOF

6.54. Tar-1.22

./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/sbin

make
make check
make install

6.55. Texinfo-4.13a

./configure --prefix=/usr

make
make check
make install
make TEXMF=/usr/share/texmf install-tex

cd /usr/share/info
rm dir
for f in *
do install-info $f dir 2>/dev/null
done

6.56. Udev-142

tar -xvf ../tar/udev-config-20090523.tar.bz2

install -dv /lib/{firmware,udev/devices/{pts,shm}}
mknod -m0666 /lib/udev/devices/null c 1 3
mknod -m0600 /lib/udev/devices/kmsg c 1 11
ln -sv /proc/self/fd /lib/udev/devices/fd
ln -sv /proc/self/fd/0 /lib/udev/devices/stdin
ln -sv /proc/self/fd/1 /lib/udev/devices/stdout
ln -sv /proc/self/fd/2 /lib/udev/devices/stderr
ln -sv /proc/kcore /lib/udev/devices/core

./configure --prefix=/usr \
--exec-prefix= \
--sysconfdir=/etc

make
make install

install -m644 -v rules/packages/64-*.rules \
/lib/udev/rules.d/

install -m644 -v rules/packages/40-pilot-links.rules \
/lib/udev/rules.d/

install -m644 -v rules/packages/40-isdn.rules \
/lib/udev/rules.d/

cd udev-config-20090523
make install

make install-doc

make install-extra-doc

cd ..
install -m644 -v -D docs/writing_udev_rules/index.html \
/usr/share/doc/udev-142/index.html

6.57. Util-linux-ng-2.14.2

sed -e 's@etc/adjtime@var/lib/hwclock/adjtime@g' \
-i $(grep -rl '/etc/adjtime' .)
mkdir -pv /var/lib/hwclock

./configure --enable-arch --enable-partx --enable-write

make
make install

6.58. Vim-7.2

patch -Np1 -i ../patch/vim-7.2-fixes-4.patch

echo '#define SYS_VIMRC_FILE "/etc/vimrc"' >> src/feature.h

./configure --prefix=/usr --enable-multibyte

make
make test
make install

ln -sv vim /usr/bin/vi
for L in /usr/share/man/{,*/}man1/vim.1; do
ln -sv vim.1 $(dirname $L)/vi.1
done

ln -sv ../vim/vim72/doc /usr/share/doc/vim-7.2

cat > /etc/vimrc << "EOF"
" Begin /etc/vimrc

set nocompatible
set backspace=2
syntax on
if (&term == "iterm") || (&term == "putty")
set background=dark
endif

" End /etc/vimrc
EOF

6.59. About Debugging Symbols

调试符号优化
http://www.linuxfromscratch.org/hint...imization.txt.

6.60. Stripping Again

logout

chroot $LFS /tools/bin/env -i \
HOME=/root TERM=$TERM PS1='\u:\w\$ ' \
PATH=/bin:/usr/bin:/sbin:/usr/sbin \
/tools/bin/bash --login

/tools/bin/find /{,usr/}{bin,lib,sbin} -type f \
-exec /tools/bin/strip --strip-debug '{}' ';'

6.61. Cleaning Up

/tools目录不再需要了，可以删除。

作者: thatday 发布时间: 2009-06-09

工具链利用完毕，现在开始进入干净的LFS ”临时“ 系统！

chroot "$LFS" /usr/bin/env -i \
HOME=/root TERM="$TERM" PS1='\u:\w\$ ' \
PATH=/bin:/usr/bin:/sbin:/usr/sbin \
/bin/bash --login

7.2. LFS-Bootscripts-20090523

tar -xvf tar/lfs-bootscripts-20090523.tar.bz2
cd lfs-bootscripts-20090523/

make install

7.4. Configuring the setclock Script

cat > /etc/sysconfig/clock << "EOF"
# Begin /etc/sysconfig/clock

UTC=1

# Set this to any options you might need to give to hwclock,
# such as machine hardware clock type for Alphas.
CLOCKPARAMS=

# End /etc/sysconfig/clock
EOF

7.5. Configuring the Linux Console

cat > /etc/sysconfig/console << "EOF"
# Begin /etc/sysconfig/console

#KEYMAP=""
#FONT=""

# End /etc/sysconfig/console
EOF

7.7. Creating the /etc/inputrc File

cat > /etc/inputrc << "EOF"
# Begin /etc/inputrc
# Modified by Chris Lynn <[email protected]>

# Allow the command prompt to wrap to the next line
set horizontal-scroll-mode Off

# Enable 8bit input
set meta-flag On
set input-meta On

# Turns off 8th bit stripping
set convert-meta Off

# Keep the 8th bit for display
set output-meta On

# none, visible or audible
set bell-style none

# All of the following map the escape sequence of the value
# contained in the 1st argument to the readline specific functions
"\eOd": backward-word
"\eOc": forward-word

# for linux console
"\e[1~": beginning-of-line
"\e[4~": end-of-line
"\e[5~": beginning-of-history
"\e[6~": end-of-history
"\e[3~": delete-char
"\e[2~": quoted-insert

# for xterm
"\eOH": beginning-of-line
"\eOF": end-of-line

# for Konsole
"\e[H": beginning-of-line
"\e[F": end-of-line

# End /etc/inputrc
EOF

cat > /etc/profile << "EOF"
# Begin /etc/profile

export LANG=en_US.UTF-8

# End /etc/profile
EOF

echo "HOSTNAME=LFS61" > /etc/sysconfig/network

cat > /etc/hosts << "EOF"
# Begin /etc/hosts (network card version)

127.0.0.1 localhost
10.10.10.8 LFS61

# End /etc/hosts (network card version)
EOF

for NIC in /sys/class/net/* ; do
INTERFACE=${NIC##*/} udevadm test --action=add $NIC
done

cat /etc/udev/rules.d/70-persistent-net.rules

cd /etc/sysconfig/network-devices
mkdir -v ifconfig.eth0
cat > ifconfig.eth0/ipv4 << "EOF"
ONBOOT=yes
SERVICE=ipv4-static
IP=10.10.10.8
GATEWAY=10.10.10.7
PREFIX=24
BROADCAST=10.10.0.255
EOF

cat > /etc/resolv.conf << "EOF"
# Begin /etc/resolv.conf

domain gelin.com
nameserver 202.96.128.68
nameserver 202.96.128.166

# End /etc/resolv.conf
EOF

cat > /etc/fstab << "EOF"
# Begin /etc/fstab

# file system mount-point type options dump fsck
# order

/dev/sda3 / ext3 defaults 1 1
#/dev/<yyy> swap swap pri=1 0 0
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults 0 0
devpts /dev/pts devpts gid=4,mode=620 0 0
tmpfs /dev/shm tmpfs defaults 0 0
# End /etc/fstab
EOF

cat > /etc/bashrc << "EOF"
# Begin /etc/bashrc
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>
# updated by Bruce Dubbs <[email protected]>

# System wide aliases and functions.

# System wide environment variables and startup programs should go into
# /etc/profile. Personal environment variables and startup programs
# should go into ~/.bash_profile. Personal aliases and functions should
# go into ~/.bashrc

# Provides a colored /bin/ls command. Used in conjunction with code in
# /etc/profile.

alias ls='ls --color=auto'

# Provides prompt for non-login shells, specifically shells started
# in the X environment. [Review the LFS archive thread titled
# PS1 Environment Variable for a great case study behind this script
# addendum.]

NORMAL="\[\e[0m\]"
GRAY="\[\e[1;30m\]"
GREEN="\[\e[1;32m\]"
if [[ $EUID == 0 ]] ; then
PS1="$GRAY[\u@\h $NORMAL\w$GRAY]# $NORMAL"
else
PS1="$GREEN[\u@\h $NORMAL\w$GREEN]\$ $NORMAL"
fi

# End /etc/bashrc
EOF

cat .bash_profile
source ~/.bashrc

[root@LFS61 ~]# cat .bashrc
# Begin ~/.bashrc
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>

# Personal aliases and functions.

# Personal environment variables and startup programs should go in
# ~/.bash_profile. System wide environment variables and startup
# programs are in /etc/profile. System wide aliases and functions are
# in /etc/bashrc.

if [ -f "/etc/bashrc" ] ; then
source /etc/bashrc
fi

alias ll='ls -l'
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# End ~/.bashrc

编译安装hdparm

cd /mnt/lfs/sources/
wget http://nchc.dl.sourceforge.net/sourc...arm-9.6.tar.gz

make
make binprefix=/usr install

编译内核

内核编译，我是利用了ubuntu9的最新内核配置文件，在此基础上精简编译的。关于内核的裁减和优化编译，这又是另外一个课题了，有兴趣的朋友，可以一起探讨

安装grub

由于我的系统引导，是利用ubuntu安装的grub，所以这次我就没再安装grub了，关于grub的安装，请参考LFS6.3等类似手册，这里不再多说了。

退出chroot环境

logout

卸载虚拟文件系统
umount -v $LFS/dev/pts
umount -v $LFS/dev/shm
umount -v $LFS/dev
umount -v $LFS/proc
umount -v $LFS/sys

如果挂载了其他分区，要先卸载他们，再卸载LFS文件系统本身

umount -v $LFS/usr
umount -v $LFS/home
umount -v $LFS

最后卸载LFS文件系统本身
umount -v $LFS

重启系统
shutdown -r now

作者: thatday 发布时间: 2009-06-09

下面进入BLFS的课题，接下来的工作，可以根据自己的需求，编译一些软件包。我需要远程配置，所以先安装openSSH，而openSSH依赖于openssl，所以先弄上她，呵呵。

安装openssl-0.9.8k
http://www.linuxfromscratch.org/blfs...s/openssl.html

http://www.openssl.org/source/openssl-0.9.8k.tar.gz
http://anduin.linuxfromscratch.org/f...090409.tar.bz2
http://www.linuxfromscratch.org/patc...npages-1.patch

patch -Np1 -i ../openssl-0.9.8k-fix_manpages-1.patch
tar -vxf ../BLFS-ca-bundle-20090409.tar.bz2
./config --prefix=/usr --openssldir=/etc/ssl shared zlib-dynamic
make

make MANDIR=/usr/share/man install

cp -v -r certs /etc/ssl

install -v -d -m755 /usr/share/doc/openssl-0.9.8k

cp -v -r doc/{HOWTO,README,*.{txt,html,gif}} \
/usr/share/doc/openssl-0.9.8k

for pem in /etc/ssl/certs/*.pem
do
cat $pem
echo ""
done > /etc/ssl/ca-bundle.crt

openssh

http://sunsite.ualberta.ca/pub/OpenB...h-5.1p1.tar.gz

install -v -m700 -d /var/lib/sshd
chown -v root:sys /var/lib/sshd
groupadd -g 50 sshd
useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \
-s /bin/false -u 50 sshd

sed -i 's@-lcrypto@/usr/lib/libcrypto.a -ldl@' configure

./configure --prefix=/usr --sysconfdir=/etc/ssh --datadir=/usr/share/sshd \
--libexecdir=/usr/lib/openssh --with-md5-passwords \
--with-privsep-path=/var/lib/sshd

make

make tests 2>&1 | tee check.log
grep FATAL check.log

make install

install -v -m755 -d /usr/share/doc/openssh-5.1p1

install -v -m644 INSTALL LICENCE OVERVIEW README* WARNING.RNG \
/usr/share/doc/openssh-5.1p1

echo "PermitRootLogin yes" >> /etc/ssh/sshd_config

sed 's@d/login@d/sshd@g' /etc/pam.d/login > /etc/pam.d/sshd

chmod 644 /etc/pam.d/sshd

http://www.linuxfromscratch.org/blfs...090302.tar.bz2

make install-sshd

root:/sources/blfs-bootscripts-20090302# make install-sshd
install -d -m 755 /etc/rc.d/rc{0,1,2,3,4,5,6,sysinit}.d
install -d -m 755 /etc/rc.d/init.d
install -d -m 755 /etc/sysconfig
install -m 754 blfs/init.d/sshd /etc/rc.d/init.d/
ln -sf ../init.d/sshd /etc/rc.d/rc0.d/K30sshd
ln -sf ../init.d/sshd /etc/rc.d/rc1.d/K30sshd
ln -sf ../init.d/sshd /etc/rc.d/rc2.d/K30sshd
ln -sf ../init.d/sshd /etc/rc.d/rc3.d/S30sshd
ln -sf ../init.d/sshd /etc/rc.d/rc4.d/S30sshd
ln -sf ../init.d/sshd /etc/rc.d/rc5.d/S30sshd
ln -sf ../init.d/sshd /etc/rc.d/rc6.d/K30sshd

安装unzip
http://downloads.sourceforge.net/inf...nzip552.tar.gz
http://www.linuxfromscratch.org/patc...ty_fix-1.patch
http://www.linuxfromscratch.org/patc...ty_fix-2.patch

tar -xvf unzip552.tar.gz
cd unzip552/
patch -Np1 -i ../unzip-5.52-security_fix-1.patch
patch -Np1 -i ../unzip-5.52-security_fix-2.patch

make -f unix/Makefile LOCAL_UNZIP=-D_FILE_OFFSET_BITS=64 linux
make prefix=/usr install

安装wget
http://www.linuxfromscratch.org/blfs...cnet/wget.html

http://ftp.gnu.org/gnu/wget/wget-1.11.4.tar.bz2

./configure --prefix=/usr --sysconfdir=/etc
make
make install
install-info --info-dir=/usr/share/info /usr/share/info/wget.info

作者: thatday 发布时间: 2009-06-09

最后，进入我们的应用阶段——编译安装nginx和fast-cgi，打造一个高性能的php运行环境（相同配置，比apache效率至少高3倍以上，这是我的测试结论，希望大家有兴趣的做完之后，也来测试测试。）

安装ngnix
先备份lfs基本系统
tar --exclude=/sources --exclude=/proc --exclude=/sys \
--create --absolute-names --preserve-permissions --bzip2 \
--verbose --totals \
--file /sources/lfs-stage4.$(date +%Y%m%d%s).tar.bz2 /

cd /sources

mkdir lnmp

一、下载软件
cat > soft-list << "EOF"
http://sysoev.ru/nginx/nginx-0.7.59.tar.gz
http://www.php.net/get/php-5.2.9.tar...om/this/mirror
http://www.libgd.org/releases/gd-2.0.35.tar.bz2
ftp://xmlsoft.org/libxml2/libxml2-2.6.32.tar.gz
ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.gz
ftp://ftp.simplesystems.org/pub/libp...1.2.37.tar.bz2
http://ftp.twaren.net/Unix/NonGNU/fr...e-2.3.9.tar.gz
http://dev.mysql.com/get/Downloads/M...r.redwire.net/
http://ftp.gnu.org/pub/gnu/libiconv/...nv-1.13.tar.gz
http://downloads.sourceforge.net/mcr...0&big_mirror=0
http://downloads.sourceforge.net/mcr...3&big_mirror=0
http://pecl.php.net/get/memcache-2.2.5.tgz
http://downloads.sourceforge.net/mha...3&big_mirror=0
ftp://ftp.csx.cam.ac.uk/pub/software...cre-7.8.tar.gz
http://bart.eaccelerator.net/source/....9.5.3.tar.bz2
http://pecl.php.net/get/PDO_MYSQL-1.0.2.tgz
http://blog.s135.com/soft/linux/ngin...eMagick.tar.gz
http://pecl.php.net/get/imagick-2.2.2.tgz
EOF

wget -N -r -nd -P . -i soft-list -o wget.lnmp.log

二、安装PHP 5.2.8（FastCGI模式）
　　1、编译安装PHP 5.2.8所需的支持库：

tar zxvf libiconv-1.13.tar.gz
cd libiconv-1.13/
./configure --prefix=/usr/local
make
make install
cd ../

tar -zxvf freetype-2.3.9.tar.gz
cd freetype-2.3.9/
./configure --prefix=/opt/lnmp/freetype2
make
make install
cd ../

tar -jxvf libpng-1.2.37.tar.bz2
cd libpng-1.2.37/
./configure --prefix=/opt/lnmp/libpng
make
make install
cd ../

tar zxvf jpegsrc.v6b.tar.gz
cd jpeg-6b/
./configure --enable-static --enable-shared --prefix=/opt/lnmp/jpeg-6b
mkdir -pv /opt/lnmp/jpeg-6b/include
mkdir -pv /opt/lnmp/jpeg-6b/lib
mkdir -pv /opt/lnmp/jpeg-6b/bin/
mkdir -pv /opt/lnmp/jpeg-6b/man/man1
make
make install
make install-lib
cd ../

tar -zxvf libxml2-2.7.3.tar.gz
cd libxml2-2.7.3
./configure --prefix=/opt/lnmp/libxml
make
make install
cd ../

tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../

tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../

ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1

tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure --with-libmcrypt-prefix=/usr/local/
make
make install
cd ../

tar -jxvf gd-2.0.35.tar.bz2
cd gd-2.0.35
./configure --prefix=/opt/lnmp/gd2 --with-jpeg=/opt/lnmp/jpeg-6b --with-png=/opt/lnmp/libpng --with-freetype=/opt/lnmp/freetype2
make

make报错
说缺少png.h
在Makefile里面，CPPFLAGS最后，加上-I/opt/lnmp/libpng/include

CPPFLAGS = -I/opt/lnmp/freetype2/include/freetype2 -I/opt/lnmp/freetype2/include -I/opt/lnmp/freetype2/include -I/opt/lnmp/jpeg-6b/include -I/opt/lnmp/libpng/include

再make

make install
cd ../

2、编译安装MySQL 5.1.33

/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql
unzip mysql-5.1.33.zip
cd mysql-5.1.33/
./configure --prefix=/opt/lnmp/mysql/ --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile --with-plugins=innobase
make && make install
chmod +w /opt/lnmp/mysql
chown -R mysql:mysql /opt/lnmp/mysql
cp support-files/my-medium.cnf /opt/lnmp/mysql/my.cnf
cd ../

①、以mysql用户帐号的身份建立数据表：

/opt/lnmp/mysql/bin/mysql_install_db --basedir=/opt/lnmp/mysql --datadir=/opt/lnmp/mysql/data --user=mysql

②、启动MySQL（最后的&表示在后台运行）

/opt/lnmp/mysql/bin/mysqld_safe --defaults-file=/opt/lnmp/mysql/my.cnf &

注！！

MySQL编译安装，初始化数据库的时候出现：
unknown option '--skip-federated' 错误。

#vi /etc/my.cnf
#skip-federated 将此行注释掉
即可。
或者编译的时候加上如下参数：
--with-plugins=all

3、编译安装PHP（FastCGI模式）

tar zxvf php-5.2.9.tar.gz
cd php-5.2.9/

./configure --prefix=/opt/lnmp/php --with-config-file-path=/opt/lnmp/php/etc --with-mysql=/opt/lnmp/mysql --with-mysqli=/opt/lnmp/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir=/opt/lnmp/freetype2 --with-jpeg-dir=/opt/lnmp/jpeg-6b --with-png-dir=/opt/lnmp/libpng --with-zlib-dir=/usr --with-gd=/opt/lnmp/gd2 --enable-gd-native-ttf --with-openssl --with-mhash --with-mcrypt --with-libxml-dir=/opt/lnmp/libxml --with-xmlrpc --enable-ftp --enable-sockets --enable-mbstring=all --enable-mbregex --enable-fastcgi --enable-force-cgi-redirect

make ZEND_EXTRA_LIBS='-liconv'
make install
cp php.ini-dist /opt/lnmp/php/etc/php.ini
cd ext/gd

./configure --with-jpeg-dir=/opt/lnmp/jpeg-6b/ --with-png-dir=/opt/lnmp/libpng/ --with-zlib-dir --with-ttf --with-freetype-dir=/opt/lnmp/freetype2/ --with-php-config=/opt/lnmp/php/bin/php-config

--------------------------------------------------------------------------------

　　4、编译安装PHP5扩展模块

tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/opt/lnmp/php/bin/phpize
./configure --with-php-config=/opt/lnmp/php/bin/php-config
make
make install
cd ../

tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/opt/lnmp/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/opt/lnmp/php/bin/php-config
make
make install
cd ../

tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/opt/lnmp/php/bin/phpize
./configure --with-php-config=/opt/lnmp/php/bin/php-config --with-pdo-mysql=/opt/lnmp/mysql
make
make install
cd ../

tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
./configure --prefix=/opt/lnmp/imagemagick
make
make install
cd ../

tar zxvf imagick-2.2.2.tgz
cd imagick-2.2.2/
/opt/lnmp/php/bin/phpize
./configure --with-imagick=/opt/lnmp/imagemagick --with-php-config=/opt/lnmp/php/bin/php-config
make
make install
cd ../

5、修改php.ini文件
手工修改：查找/opt/lnmp/php/etc/php.ini中的extension_dir = "./"
修改为extension_dir = "/opt/lnmp/php/lib/php/extensions/no-debug-non-zts-20060613/"
并在此行后增加以下几行，然后保存：

extension = "memcache.so"
　　extension = "pdo_mysql.so"
　　extension = "imagick.so"
extension = "gd.so"

再查找output_buffering = Off
修改为output_buffering = On

6、配置eAccelerator加速PHP：

mkdir -p /opt/lnmp/eaccelerator_cache
vi /opt/lnmp/php/etc/php.ini

按shift+g键跳到配置文件的最末尾，加上以下配置信息：

引用
[eaccelerator]
zend_extension="/opt/lnmp/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="128"
eaccelerator.cache_dir="/opt/lnmp/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="300"
eaccelerator.shm_prune_period="120"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

修改配置文件：

vi /etc/sysctl.conf

输入以下内容：

引用
kernel.shmmax = 134217728
kernel.shmmax = 134217728
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000

然后执行以下命令使配置生效：

/sbin/sysctl -p

--------------------------------------------------------------------------------

7、创建www用户和组，以及供222.222.222.222和http://www.test.com两个虚拟主机使用的目录：

/usr/sbin/groupadd www
/usr/sbin/useradd -g www www
mkdir -p /opt/webroot/mypic
chmod +w /opt/webroot/mypic
chown -R www:www /opt/webroot/mypic
mkdir -p /opt/webroot/www
chmod +w /opt/webroot/www
chown -R www:www /opt/webroot/www

三、安装Nginx 0.7.59
　　1、安装Nginx所需的pcre库：

tar zxvf pcre-7.8.tar.gz
cd pcre-7.8/
./configure --prefix=/opt/lnmp/pcre
make && make install
cd ../

2、安装Nginx
cp -R /sources/lnmp/pcre-7.8 /opt/lnmp/pcre-7.8
tar -zxvf nginx-0.7.59.tar.gz
cd nginx-0.7.59/
./configure --user=www --group=www --prefix=/opt/lnmp/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre=/opt/lnmp/pcre-7.8/
make && make install
cd ../

3、创建Nginx日志目录

mkdir -p /opt/webroot/logs
chmod +w /opt/webroot/logs
chown -R www:www /opt/webroot/logs

4、创建Nginx配置文件

①、在/opt/lnmp/nginx/conf/目录中创建nginx.conf文件：

rm -f /opt/lnmp/nginx/conf/nginx.conf

vi /opt/lnmp/nginx/conf/nginx.conf

user www www;
worker_processes 8;
error_log /opt/webroot/logs/nginx_error.log crit;
pid /opt/lnmp/nginx/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
{
use epoll;
worker_connections 51200;
}

http
{
include mime.types;
default_type application/octet-stream;

#charset gb2312;

server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;

sendfile on;
tcp_nopush on;

keepalive_timeout 60;

tcp_nodelay on;

fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;

#limit_zone crawler $binary_remote_addr 10m;

server
{
listen 80;
server_name 222.222.222.222;
index index.html index.htm index.php;
root /opt/webroot/mypic;

#limit_conn crawler 20;

location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:10080;
fastcgi_index index.php;
include fcgi.conf;
}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}

location ~ .*\.(js|css)?$
{
expires 1h;
}

log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /opt/webroot/logs/access.log access;
}

server
{
listen 80;
server_name http://www.test.com;
index index.html index.htm index.php;
root /opt/webroot/www;

location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:10080;
fastcgi_index index.php;
include fcgi.conf;
}

log_format wwwlogs '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /opt/webroot/logs/wwwlogs.log wwwlogs;
}

server
{
listen 80;
server_name status.test.com;

location / {
stub_status on;
access_log off;
}
}
}

wget http://www.lighttpd.net/download/spa...i-1.6.2.tar.gz
tar -zxf spawn-fcgi-1.6.2.tar.gz
cd spawn-fcgi-1.6.2/
./configure --prefix=/opt/lnmp/fastcgi
make && make install

启动php-cgi进程，监听127.0.0.1的10080端口，进程数为64（如果服务器内存小于3GB，可以只开启25个进程），用户为www：

/opt/lnmp/fastcgi/bin/spawn-fcgi -a 127.0.0.1 -p 10080 -C 64 -u www -f /opt/lnmp/php/bin/php-cgi

vi /opt/lnmp/nginx/conf/fcgi.conf

fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;

fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;

fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

5、启动Nginx

ulimit -SHn 51200
/opt/lnmp/nginx/sbin/nginx

六、在不停止Nginx服务的情况下平滑变更Nginx配置
　　1、修改/opt/lnmp/nginx/conf/nginx.conf配置文件后，请执行以下命令检查配置文件是否正确：

/opt/lnmp/nginx/sbin/nginx -t

　　如果屏幕显示以下两行信息，说明配置文件正确：
　　the configuration file /opt/lnmp/nginx/conf/nginx.conf syntax is ok
　　the configuration file /opt/lnmp/nginx/conf/nginx.conf was tested successfully

　　2、这时，输入以下命令查看Nginx主进程号：

ps -ef | grep "nginx: master process" | grep -v "grep" | awk -F ' ' '{print $2}'

　　屏幕显示的即为Nginx主进程号，例如：
　　6302
　　这时，执行以下命令即可使修改过的Nginx配置文件生效：

kill -HUP 6302

　　或者无需这么麻烦，找到Nginx的Pid文件：

kill -HUP `cat /opt/lnmp/nginx/nginx.pid`

将以下命令加入启动脚本

ulimit -SHn 51200
/opt/lnmp/fastcgi/bin/spawn-fcgi -a 127.0.0.1 -p 10080 -C 64 -u www -f /opt/lnmp/php/bin/php-cgi
/opt/lnmp/nginx/sbin/nginx

/sbin/sysctl -p

为了方便大家阅读，附上笔记！

作者: thatday 发布时间: 2009-06-09

由于是subversion的开发者版本，所以官方几乎每天都有更新
地址是http://www.linuxfromscratch.org/lfs/...ent/index.html

上传的附件

LFS+NGINX.rar (22.6 KB, 9 次查看)

作者: thatday 发布时间: 2009-06-09

我装的是LIGHTY 请教几个问题

SVN版相比较6.3版除了各个包的版本之外还有什么比较大的区别吗？
如果做64位服务器需要怎样？
如果想添加HLFS的特性需要怎样？

谢谢～

作者: yarx 发布时间: 2009-06-09

SVN版本除了包比较新之外，软件本身的bug也比较少，patch也比较完善，做64位的服务器，可以参考LFS手册，相应的编译参数和库，使用64的就行啦。我对64位的系统目前还比较保守，其实32位效率也未必就低。

HLFS相对比较保守，相对LFS,软件包的版本应该没那么新。看个人需求了。

作者: thatday 发布时间: 2009-06-09

支持原创，鄙视刷屏。

作者: zhou3345 发布时间: 2009-06-09

不會是完全按照手冊一些安全補丁也沒打來打造WEB服务器吧
若果是這樣汗一個
手冊上並不 fix 某些bug

libiconv-1.13.tar.gz 也安不怕和 glibc 衝突 ? 幸好是 --prefix=/usr/local
否則 glibc 中的 iconv.h 被 libiconv 覆蓋

作者: RTL 发布时间: 2009-06-09

LFS+张宴

作者: 飞龙在天发布时间: 2009-06-10

找个快点服务器，1天就可以全部搞定了。

作者: echo 发布时间: 2009-06-10

引用:

作者: RTL

是按照手册来的，新的软件版本，本身就已经修复了之前的一些bug，再加上patch，编译出来的系统非常稳定。

作者: thatday 发布时间: 2009-06-10

嗯，nginx是好东西
支持原创

作者: slackcode 发布时间: 2009-06-10

标题党！
抱歉楼主，您有必要降降温。

您自己玩的话，随便。

如果是生产环境，您已犯多项大忌。
最基本的，您不应保留工具链在服务器上。
再一个，缺乏基本的安全管理，无防火墙，无系统校验方案。
稍微多疑些的人，都会把 web 服务器放到 chroot jail 中运行。