Details on this package are located in Section 8.20.2, “Contents of Binutils.”
Copyright © 1999-2024 Gerard Beekmans
Copyright © 1999-2024, Gerard Beekmans
All rights reserved.
This book is licensed under a Creative Commons License.
Computer instructions may be extracted from the book under the MIT License.
Linux® is a registered trademark of Linus Torvalds.
My journey to learn and better understand Linux began back in 1998. I had just installed my first Linux distribution and had quickly become intrigued with the whole concept and philosophy behind Linux.
There are always many ways to accomplish a single task. The same can be said about Linux distributions. A great many have existed over the years. Some still exist, some have morphed into something else, yet others have been relegated to our memories. They all do things differently to suit the needs of their target audience. Because so many different ways to accomplish the same end goal exist, I began to realize I no longer had to be limited by any one implementation. Prior to discovering Linux, we simply put up with issues in other Operating Systems as you had no choice. It was what it was, whether you liked it or not. With Linux, the concept of choice began to emerge. If you didn't like something, you were free, even encouraged, to change it.
I tried a number of distributions and could not decide on any one. They were great systems in their own right. It wasn't a matter of right and wrong anymore. It had become a matter of personal taste. With all that choice available, it became apparent that there would not be a single system that would be perfect for me. So I set out to create my own Linux system that would fully conform to my personal preferences.
To truly make it my own system, I resolved to compile everything from source code instead of using pre-compiled binary packages. This “perfect” Linux system would have the strengths of various systems without their perceived weaknesses. At first, the idea was rather daunting. I remained committed to the idea that such a system could be built.
After sorting through issues such as circular dependencies and compile-time errors, I finally built a custom-built Linux system. It was fully operational and perfectly usable like any of the other Linux systems out there at the time. But it was my own creation. It was very satisfying to have put together such a system myself. The only thing better would have been to create each piece of software myself. This was the next best thing.
As I shared my goals and experiences with other members of the Linux community, it became apparent that there was a sustained interest in these ideas. It quickly became plain that such custom-built Linux systems serve not only to meet user specific requirements, but also serve as an ideal learning opportunity for programmers and system administrators to enhance their (existing) Linux skills. Out of this broadened interest, the Linux From Scratch Project was born.
This Linux From Scratch book is the central core around that project. It provides the background and instructions necessary for you to design and build your own system. While this book provides a template that will result in a correctly working system, you are free to alter the instructions to suit yourself, which is, in part, an important part of this project. You remain in control; we just lend a helping hand to get you started on your own journey.
I sincerely hope you will have a great time working on your own Linux From Scratch system and enjoy the numerous benefits of having a system that is truly your own.
--
Gerard Beekmans
gerard AT linuxfromscratch D0T org
There are many reasons why you would want to read this book. One of the questions many people raise is, “why go through all the hassle of manually building a Linux system from scratch when you can just download and install an existing one?”
One important reason for this project's existence is to help you learn how a Linux system works from the inside out. Building an LFS system helps demonstrate what makes Linux tick, and how things work together and depend on each other. One of the best things this learning experience can provide is the ability to customize a Linux system to suit your own unique needs.
Another key benefit of LFS is that it gives you control of the system without relying on someone else's Linux implementation. With LFS, you are in the driver's seat. You dictate every aspect of your system.
LFS allows you to create very compact Linux systems. With other distributions you are often forced to install a great many programs you neither use nor understand. These programs waste resources. You may argue that with today's hard drives and CPUs, wasted resources are no longer a consideration. Sometimes, however, you are still constrained by the system's size, if nothing else. Think about bootable CDs, USB sticks, and embedded systems. Those are areas where LFS can be beneficial.
Another advantage of a custom built Linux system is security. By compiling the entire system from source code, you are empowered to audit everything and apply all the security patches you want. You don't have to wait for somebody else to compile binary packages that fix a security hole. Unless you examine the patch and implement it yourself, you have no guarantee that the new binary package was built correctly and adequately fixes the problem.
The goal of Linux From Scratch is to build a complete and usable foundation-level system. If you do not wish to build your own Linux system from scratch, you may nevertheless benefit from the information in this book.
There are too many good reasons to build your own LFS system to list them all here. In the end, education is by far the most important reason. As you continue your LFS experience, you will discover the power that information and knowledge can bring.
The primary target architectures of LFS are the AMD/Intel x86 (32-bit) and x86_64 (64-bit) CPUs. On the other hand, the instructions in this book are also known to work, with some modifications, with the Power PC and ARM CPUs. To build a system that utilizes one of these alternative CPUs, the main prerequisite, in addition to those on the next page, is an existing Linux system such as an earlier LFS installation, Ubuntu, Red Hat/Fedora, SuSE, or some other distribution that targets that architecture. (Note that a 32-bit distribution can be installed and used as a host system on a 64-bit AMD/Intel computer.)
The gain from building on a 64-bit system, as compared to a 32-bit system, is minimal. For example, in a test build of LFS-9.1 on a Core i7-4790 CPU based system, using 4 cores, the following statistics were measured:
Architecture Build Time Build Size
32-bit 239.9 minutes 3.6 GB
64-bit 233.2 minutes 4.4 GB
As you can see, on the same hardware, the 64-bit build is only 3% faster (and 22% larger) than the 32-bit build. If you plan to use LFS as a LAMP server, or a firewall, a 32-bit CPU may be good enough. On the other hand, several packages in BLFS now need more than 4 GB of RAM to be built and/or to run; if you plan to use LFS as a desktop, the LFS authors recommend building a 64-bit system.
The default 64-bit build that results from LFS is a “pure” 64-bit system. That is, it supports 64-bit executables only. Building a “multi-lib” system requires compiling many applications twice, once for a 32-bit system and once for a 64-bit system. This is not directly supported in LFS because it would interfere with the educational objective of providing the minimal instructions needed for a basic Linux system. Some of the LFS/BLFS editors maintain a multilib fork of LFS, accessible at https://www.linuxfromscratch.org/~thomas/multilib/index.html. But that's an advanced topic.
Building an LFS system is not a simple task. It requires a certain level of existing knowledge of Unix system administration in order to resolve problems and correctly execute the commands listed. In particular, as an absolute minimum, you should already know how to use the command line (shell) to copy or move files and directories, list directory and file contents, and change the current directory. It is also expected that you know how to use and install Linux software.
Because the LFS book assumes at least this basic level of skill, the various LFS support forums are unlikely to provide you with much assistance in these areas. You will find that your questions regarding such basic knowledge will likely go unanswered (or you will simply be referred to the LFS essential pre-reading list).
Before building an LFS system, we urge you to read these articles:
Software-Building-HOWTO https://tldp.org/HOWTO/Software-Building-HOWTO.html
This is a comprehensive guide to building and installing “generic” Unix software packages under Linux. Although it was written some time ago, it still provides a good summary of the basic techniques used to build and install software.
Beginner's Guide to Installing from Source https://moi.vonos.net/linux/beginners-installing-from-source/
This guide provides a good summary of the basic skills and techniques needed to build software from source code.
The structure of LFS follows Linux standards as closely as possible. The primary standards are:
Linux Standard Base (LSB) Version 5.0 (2015)
The LSB has four separate specifications: Core, Desktop, Runtime Languages, and Imaging. Some parts of Core and Desktop specifications are architecture specific. There are also two trial specifications: Gtk3 and Graphics. LFS attempts to conform to the LSB specifications for the IA32 (32-bit x86) or AMD64 (x86_64) architectures discussed in the previous section.
Many people do not agree with these requirements. The main purpose of the LSB is to ensure that proprietary software can be installed and run on a compliant system. Since LFS is source based, the user has complete control over what packages are desired; you may choose not to install some packages that are specified by the LSB.
While it is possible to create a complete system that will pass the LSB certification tests “from scratch,” this can't be done without many additional packages that are beyond the scope of the LFS book. Installation instructions for these additional packages can be found in BLFS.
LSB Core: |
Bash, Bc, Binutils, Coreutils, Diffutils, File, Findutils, Gawk, Grep, Gzip, M4, Man-DB, Ncurses, Procps, Psmisc, Sed, Shadow, Tar, Util-linux, Zlib |
LSB Desktop: |
None |
LSB Runtime Languages: |
Perl, Python |
LSB Imaging: |
None |
LSB Gtk3 and LSB Graphics (Trial Use): |
None |
LSB Core: |
At, Batch (a part of At), Cpio, Ed, Fcrontab, LSB-Tools, NSPR, NSS, PAM, Pax, Sendmail (or Postfix or Exim), time |
LSB Desktop: |
Alsa, ATK, Cairo, Desktop-file-utils, Freetype, Fontconfig, Gdk-pixbuf, Glib2, GTK+2, Icon-naming-utils, Libjpeg-turbo, Libpng, Libtiff, Libxml2, MesaLib, Pango, Xdg-utils, Xorg |
LSB Runtime Languages: |
Libxml2, Libxslt |
LSB Imaging: |
CUPS, Cups-filters, Ghostscript, SANE |
LSB Gtk3 and LSB Graphics (Trial Use): |
GTK+3 |
The goal of LFS is to build a complete and usable foundation-level system—including all the packages needed to replicate itself—and providing a relatively minimal base from which to customize a more complete system based on the user's choices. This does not mean that LFS is the smallest system possible. Several important packages are included that are not, strictly speaking, required. The list below documents the reasons each package in the book has been included.
Acl
This package contains utilities to administer Access Control Lists, which are used to define fine-grained discretionary access rights for files and directories.
Attr
This package contains programs for managing extended attributes on file system objects.
Autoconf
This package supplies programs for producing shell scripts that can automatically configure source code from a developer's template. It is often needed to rebuild a package after the build procedure has been updated.
Automake
This package contains programs for generating Make files from a template. It is often needed to rebuild a package after the build procedure has been updated.
Bash
This package satisfies an LSB core requirement to provide a Bourne Shell interface to the system. It was chosen over other shell packages because of its common usage and extensive capabilities.
Bc
This package provides an arbitrary precision numeric processing language. It satisfies a requirement for building the Linux kernel.
Binutils
This package supplies a linker, an assembler, and other tools for handling object files. The programs in this package are needed to compile most of the packages in an LFS system.
Bison
This package contains the GNU version of yacc (Yet Another Compiler Compiler) needed to build several of the LFS programs.
Bzip2
This package contains programs for compressing and decompressing files. It is required to decompress many LFS packages.
Check
This package provides a test harness for other programs.
Coreutils
This package contains a number of essential programs for viewing and manipulating files and directories. These programs are needed for command line file management, and are necessary for the installation procedures of every package in LFS.
D-Bus
This package contains programs to implement a message bus system, a simple way for applications to talk to one another.
DejaGNU
This package supplies a framework for testing other programs.
Diffutils
This package contains programs that show the differences between files or directories. These programs can be used to create patches, and are also used in many packages' build procedures.
E2fsprogs
This package supplies utilities for handling the ext2, ext3 and ext4 file systems. These are the most common and thoroughly tested file systems that Linux supports.
Expat
This package yields a relatively small XML parsing library. It is required by the XML::Parser Perl module.
Expect
This package contains a program for carrying out scripted dialogues with other interactive programs. It is commonly used for testing other packages.
File
This package contains a utility for determining the type of a given file or files. A few packages need it in their build scripts.
Findutils
This package provides programs to find files in a file system. It is used in many packages' build scripts.
Flex
This package contains a utility for generating programs that recognize patterns in text. It is the GNU version of the lex (lexical analyzer) program. It is required to build several LFS packages.
Gawk
This package supplies programs for manipulating text files. It is the GNU version of awk (Aho-Weinberg-Kernighan). It is used in many other packages' build scripts.
GCC
This is the Gnu Compiler Collection. It contains the C and C++ compilers as well as several others not built by LFS.
GDBM
This package contains the GNU Database Manager library. It is used by one other LFS package, Man-DB.
Gettext
This package provides utilities and libraries for the internationalization and localization of many packages.
Glibc
This package contains the main C library. Linux programs will not run without it.
GMP
This package supplies math libraries that provide useful functions for arbitrary precision arithmetic. It is needed to build GCC.
Gperf
This package produces a program that generates a perfect hash function from a set of keys. It is required by Systemd.
Grep
This package contains programs for searching through files. These programs are used by most packages' build scripts.
Groff
This package contributes programs for processing and formatting text. One important function of these programs is to format man pages.
GRUB
This is the Grand Unified Boot Loader. It is the most flexible of several boot loaders available.
Gzip
This package contains programs for compressing and decompressing files. It is needed to decompress many packages in LFS.
Iana-etc
This package provides data for network services and protocols. It is needed to enable proper networking capabilities.
Inetutils
This package supplies programs for basic network administration.
Intltool
This package contributes tools for extracting translatable strings from source files.
IProute2
This package contains programs for basic and advanced IPv4 and IPv6 networking. It was chosen over the other common network tools package (net-tools) for its IPv6 capabilities.
Jinja2
This package is a Python module for text templating. It's required to build Systemd.
Kbd
This package produces key-table files, keyboard utilities for non-US keyboards, and a number of console fonts.
Kmod
This package supplies programs needed to administer Linux kernel modules.
Less
This package contains a very nice text file viewer that allows scrolling up or down when viewing a file. Many packages use it for paging the output.
Libcap
This package implements the userspace interfaces to the POSIX 1003.1e capabilities available in Linux kernels.
Libelf
The elfutils project provides libraries and tools for ELF files and DWARF data. Most utilities in this package are available in other packages, but the library is needed to build the Linux kernel using the default (and most efficient) configuration.
Libffi
This package implements a portable, high level programming interface to various calling conventions. Some programs may not know at the time of compilation what arguments are to be passed to a function. For instance, an interpreter may be told at run-time about the number and types of arguments used to call a given function. Libffi can be used in such programs to provide a bridge from the interpreter program to compiled code.
Libpipeline
The Libpipeline package supplies a library for manipulating pipelines of subprocesses in a flexible and convenient way. It is required by the Man-DB package.
Libtool
This package contains the GNU generic library support script. It wraps the complexity of using shared libraries into a consistent, portable interface. It is needed by the test suites in other LFS packages.
Libxcrypt
This package provides the libcrypt
library needed by various
packages (notably, Shadow) for hashing passwords. It
replaces the obsolete libcrypt
implementation in Glibc.
Linux Kernel
This package is the Operating System. It is the Linux in the GNU/Linux environment.
M4
This package provides a general text macro processor useful as a build tool for other programs.
Make
This package contains a program for directing the building of packages. It is required by almost every package in LFS.
MarkupSafe
This package is a Python module for processing strings in HTML/XHTML/XML safely. Jinja2 requires this package.
Man-DB
This package contains programs for finding and viewing man pages. It was chosen instead of the man package because of its superior internationalization capabilities. It supplies the man program.
Man-pages
This package provides the actual contents of the basic Linux man pages.
Meson
This package provides a software tool for automating the building of software. The main goal of Meson is to minimize the amount of time that software developers need to spend configuring a build system. It's required to build Systemd, as well as many BLFS packages.
MPC
This package supplies arithmetic functions for complex numbers. It is required by GCC.
MPFR
This package contains functions for multiple precision arithmetic. It is required by GCC.
Ninja
This package furnishes a small build system with a focus on speed. It is designed to have its input files generated by a higher-level build system, and to run builds as fast as possible. This package is required by Meson.
Ncurses
This package contains libraries for terminal-independent handling of character screens. It is often used to provide cursor control for a menuing system. It is needed by a number of the packages in LFS.
Openssl
This package provides management tools and libraries relating to cryptography. These supply cryptographic functions to other packages, including the Linux kernel.
Patch
This package contains a program for modifying or creating files by applying a patch file typically created by the diff program. It is needed by the build procedure for several LFS packages.
Perl
This package is an interpreter for the runtime language PERL. It is needed for the installation and test suites of several LFS packages.
Pkgconf
This package contains a program which helps to configure compiler and linker flags for development libraries. The program can be used as a drop-in replacement of pkg-config, which is needed by the building system of many packages. It's maintained more actively and slightly faster than the original Pkg-config package.
Procps-NG
This package contains programs for monitoring processes. These programs are useful for system administration, and are also used by the LFS Bootscripts.
Psmisc
This package produces programs for displaying information about running processes. These programs are useful for system administration.
Python 3
This package provides an interpreted language that has a design philosophy emphasizing code readability.
Readline
This package is a set of libraries that offer command-line editing and history capabilities. It is used by Bash.
Sed
This package allows editing of text without opening it in a text editor. It is also needed by many LFS packages' configure scripts.
Shadow
This package contains programs for handling passwords securely.
Systemd
This package provides an init program and several additional boot and system control capabilities as an alternative to SysVinit. It is used by many Linux distributions.
Tar
This package provides archiving and extraction capabilities of virtually all the packages used in LFS.
Tcl
This package contains the Tool Command Language used in many test suites.
Texinfo
This package supplies programs for reading, writing, and converting info pages. It is used in the installation procedures of many LFS packages.
Util-linux
This package contains miscellaneous utility programs. Among them are utilities for handling file systems, consoles, partitions, and messages.
Vim
This package provides an editor. It was chosen because of its compatibility with the classic vi editor and its huge number of powerful capabilities. An editor is a very personal choice for many users. Any other editor can be substituted, if you wish.
Wheel
This package supplies a Python module that is the reference implementation of the Python wheel packaging standard.
XML::Parser
This package is a Perl module that interfaces with Expat.
XZ Utils
This package contains programs for compressing and decompressing files. It provides the highest compression generally available and is useful for decompressing packages in XZ or LZMA format.
Zlib
This package contains compression and decompression routines used by some programs.
Zstd
This package supplies compression and decompression routines used by some programs. It provides high compression ratios and a very wide range of compression / speed trade-offs.
To make things easier to follow, there are a few typographical conventions used throughout this book. This section contains some examples of the typographical format found throughout Linux From Scratch.
./configure --prefix=/usr
This form of text is designed to be typed exactly as seen unless otherwise noted in the surrounding text. It is also used in the explanation sections to identify which of the commands is being referenced.
In some cases, a logical line is extended to two or more physical lines with a backslash at the end of the line.
CC="gcc -B/usr/bin/" ../binutils-2.18/configure \ --prefix=/tools --disable-nls --disable-werror
Note that the backslash must be followed by an immediate return. Other whitespace characters like spaces or tab characters will create incorrect results.
install-info: unknown option '--dir-file=/mnt/lfs/usr/info/dir'
This form of text (fixed-width text) shows screen output, usually
as the result of commands issued. This format is also used to
show filenames, such as /etc/ld.so.conf
.
Please configure your browser to display fixed-width text with
a good monospaced font, with which you can distinguish the
glyphs of Il1
or O0
clearly.
Emphasis
This form of text is used for several purposes in the book. Its main purpose is to emphasize important points or items.
https://www.linuxfromscratch.org/
This format is used for hyperlinks both within the LFS community and to external pages. It includes HOWTOs, download locations, and websites.
cat > $LFS/etc/group << "EOF"
root:x:0:
bin:x:1:
......
EOF
This format is used when creating configuration files. The first
command tells the system to create the file $LFS/etc/group
from whatever is typed on the
following lines until the sequence End Of File (EOF) is
encountered. Therefore, this entire section is generally typed as
seen.
<REPLACED TEXT>
This format is used to encapsulate text that is not to be typed as seen or for copy-and-paste operations.
[OPTIONAL TEXT]
This format is used to encapsulate text that is optional.
This format is used to refer to a specific manual (man) page. The
number inside parentheses indicates a specific section inside the
manuals. For example, passwd has two man pages. Per
LFS installation instructions, those two man pages will be
located at /usr/share/man/man1/passwd.1
and /usr/share/man/man5/passwd.5
. When the book
uses passwd(5) it is
specifically referring to /usr/share/man/man5/passwd.5
. man passwd will print the first
man page it finds that matches “passwd,” which will be /usr/share/man/man1/passwd.1
. For this example,
you will need to run man 5
passwd in order to read the page being specified.
Note that most man pages do not have duplicate page names in
different sections. Therefore, man
<program
name>
is generally sufficient. In
the LFS book these references to man pages are also hyperlinks,
so clicking on such a reference will open the man page rendered
in HTML from Arch Linux manual pages.
This book is divided into the following parts.
Part I explains a few important notes on how to proceed with the LFS installation. This section also provides meta-information about the book.
Part II describes how to prepare for the building process—making a partition, downloading the packages, and compiling temporary tools.
Part III provides instructions for building the tools needed for constructing the final LFS system.
Part IV guides the reader through the building of the LFS system—compiling and installing all the packages one by one, setting up the boot scripts, and installing the kernel. The resulting Linux system is the foundation on which other software can be built to expand the system as desired. At the end of this book, there is an easy to use reference listing all of the programs, libraries, and important files that have been installed.
Part V provides information about the book itself including acronyms and terms, acknowledgments, package dependencies, a listing of LFS boot scripts, licenses for the distribution of the book, and a comprehensive index of packages, programs, libraries, and scripts.
The software used to create an LFS system is constantly being updated and enhanced. Security warnings and bug fixes may become available after the LFS book has been released. To check whether the package versions or instructions in this release of LFS need any modifications—to repair security vulnerabilities or to fix other bugs—please visit https://www.linuxfromscratch.org/lfs/errata/12.2-systemd/ before proceeding with your build. You should note any changes shown and apply them to the relevant sections of the book as you build the LFS system.
In addition, the Linux From Scratch editors maintain a list of security vulnerabilities discovered after a book has been released. To read the list, please visit https://www.linuxfromscratch.org/lfs/advisories/ before proceeding with your build. You should apply the changes suggested by the advisories to the relevant sections of the book as you build the LFS system. And, if you will use the LFS system as a real desktop or server system, you should continue to consult the advisories and fix any security vulnerabilities, even when the LFS system has been completely constructed.
The LFS system will be built by using an already installed Linux distribution (such as Debian, OpenMandriva, Fedora, or openSUSE). This existing Linux system (the host) will be used as a starting point to provide necessary programs, including a compiler, linker, and shell, to build the new system. Select the “development” option during the distribution installation to include these tools.
There are many ways to install a Linux distribution and the defaults are usually not optimal for building an LFS system. For suggestions on setting up a commercial distribution see: https://www.linuxfromscratch.org/hints/downloads/files/partitioning-for-lfs.txt.
As an alternative to installing a separate distribution on your machine, you may wish to use a LiveCD from a commercial distribution.
Chapter 2 of this book describes how to create a new Linux native partition and file system, where the new LFS system will be compiled and installed. Chapter 3 explains which packages and patches must be downloaded to build an LFS system, and how to store them on the new file system. Chapter 4 discusses the setup of an appropriate working environment. Please read Chapter 4 carefully as it explains several important issues you should be aware of before you begin to work your way through Chapter 5 and beyond.
Chapter 5 explains the installation of the initial tool chain, (binutils, gcc, and glibc) using cross-compilation techniques to isolate the new tools from the host system.
Chapter 6 shows you how to cross-compile basic utilities using the just built cross-toolchain.
Chapter 7 then enters a "chroot" environment, where we use the new tools to build all the rest of the tools needed to create the LFS system.
This effort to isolate the new system from the host distribution may seem excessive. A full technical explanation as to why this is done is provided in Toolchain Technical Notes.
In Chapter 8 the full-blown LFS system is built. Another advantage provided by the chroot environment is that it allows you to continue using the host system while LFS is being built. While waiting for package compilations to complete, you can continue using your computer as usual.
To finish the installation, the basic system configuration is set up in Chapter 9, and the kernel and boot loader are created in Chapter 10. Chapter 11 contains information on continuing the LFS experience beyond this book. After the steps in this chapter have been implemented, the computer is ready to boot into the new LFS system.
This is the process in a nutshell. Detailed information on each step is presented in the following chapters. Items that seem complicated now will be clarified, and everything will fall into place as you commence your LFS adventure.
Here is a list of the packages updated since the previous release of LFS.
Upgraded to:
Automake-1.17
Bash-5.2.32
Bc-6.7.6
Binutils-2.43.1
Coreutils-9.5
E2fsprogs-1.47.1
Expat-2.6.2
Findutils-4.10.0
GCC-14.2.0
GDBM-1.24
Gettext-0.22.5
Glibc-2.40
Iana-Etc-20240806
IPRoute2-6.10.0
Jinja2-3.1.4
Kmod-33
Less-661
Libcap-2.70
Libelf from Elfutils-0.191
Libffi-3.4.6
Linux-6.10.5
Lz4-1.10.0
Man-DB-2.12.1
Man-pages-6.9.1
Meson-1.5.1
Ncurses-6.5
Ninja-1.12.1
OpenSSL-3.3.1
Perl-5.40.0
Pkgconf-2.3.0
Psmisc-23.7
Python-3.12.5
Readline-8.2.13
Setuptools-72.2.0
Shadow-4.16.0
Systemd-256.4
Tcl-8.6.14
Util-linux-2.40.2
Vim-9.1.0660
Wheel-0.44.0
Xz-5.6.2
Zstd-1.5.6
Added:
Lz4-1.10.0
Removed:
bash-5.2.21-upstream_fixes-1.patch
readline-8.2-upstream_fixes-3.patch
This is version 12.2-systemd of the Linux From Scratch book, dated September 1st, 2024. If this book is more than six months old, a newer and better version is probably already available. To find out, please check one of the mirrors via https://www.linuxfromscratch.org/mirrors.html.
Below is a list of changes made since the previous release of the book.
Changelog Entries:
2024-09-01
[bdubbs] - LFS-12.2 released.
2024-08-17
2024-08-15
2024-08-05
[bdubbs] - Update to bash-5.2.32. Fixes #5532.
[bdubbs] - Update to iana-etc-20240801. Addresses #5006.
[bdubbs] - Update to vim-9.1.0660. Addresses #4500.
[bdubbs] - Update to binutils-2.43. Fixes #5535.
[bdubbs] - Update to linux-6.10.3. Fixes #5534.
[bdubbs] - Update to readline-8.2.13. Fixes #5533.
[bdubbs] - Update to wheel-0.44.0. Fixes #5536.
2024-08-01
[bdubbs] - Update to gcc-14.2.0. Fixes #5530.
[bdubbs] - Update to iana-etc-20240723. Addresses #5006.
[bdubbs] - Update to glibc-2.40. Fixes #5529.
[bdubbs] - Update to iproute2-6.10.0. Fixes #5523.
[bdubbs] - Update to linux-6.10.2. Fixes #5521.
[bdubbs] - Update to lz4-1.10.0. Fixes #5526.
[bdubbs] - Update to meson-1.5.1. Fixes #5527.
[bdubbs] - Update to setuptools-72.1.0. Fixes #5531.
[bdubbs] - Update to systemd-256.4. Fixes #5518.
2024-07-15
[bdubbs] - Update to iana-etc-20240701. Addresses #5006.
[bdubbs] - Update to vim-9.1.0580. Addresses #4500.
[bdubbs] - Update to automake-1.17. Fixes #5520.
[bdubbs] - Update to gdbm-1.24. Fixes #5515.
[bdubbs] - Update to linux-6.9.9. Fixes #5517.
[bdubbs] - Update to less-661. Fixes #5513.
[bdubbs] - Update to meson-1.5.0. Fixes #5519.
[bdubbs] - Update to setuptools-70.3.0. Fixes #5514.
[bdubbs] - Update to util-linux-2.40.2. Fixes #5516.
2024-07-01
[bdubbs] - Update to iana-etc-20240612. Addresses #5006.
[bdubbs] - Update to bc-6.7.6. Fixes #5506.
[bdubbs] - Update to man-pages-6.9.1. Fixes #5507.
[bdubbs] - Update to linux-6.9.7. Fixes #5508.
[bdubbs] - Update to shadow-4.16.0. Fixes #5510.
[bdubbs] - Update to systemd-256.1. Fixes #5511.
[bdubbs] - Update to setuptools-70.1.1. Fixes #5512.
2024-06-15
[bdubbs] - Update to vim-9.1.0478. Addresses #4500.
[bdubbs] - Update to iana-etc-20240607. Addresses #5006.
[bdubbs] - Update to systemd-256. Fixes #5504.
[bdubbs] - Update to python3-3.12.4. Fixes #5502.
[bdubbs] - Update to perl-5.40.0. Fixes #5503.
[bdubbs] - Update to openssl-3.3.1 (Security fix). Fixes #5500.
[bdubbs] - Update to linux-6.9.4. Fixes #5505.
[bdubbs] - Update to findutils-4.10.0. Fixes #5499.
2024-05-31
[bdubbs] - Update to meson-1.4.1. Fixes #5498.
[bdubbs] - Update to xz-5.6.2. Fixes #5471.
[bdubbs] - Add linux-6.9.x compatibility instructions to systemd . Fixes #5496.
[bdubbs] - Update to setuptools-70.0.0 (python module). Fixes #5491.
[bdubbs] - Update to ninja-1.12.1. Fixes #5489.
[bdubbs] - Update to man-pages-6.8. Fixes #5494.
[bdubbs] - Update to linux-6.9.3. Fixes #5491.
[bdubbs] - Update to libcap-2.70. Fixes #5493.
[bdubbs] - Update to iproute2-6.9.0. Fixes #5492.
[bdubbs] - Update to e2fsprogs-1.47.1. Fixes #5495.
2024-05-13
[xry111] - Synchronize coreutils i18n patch from Fedora to fix a build failure on 32-bit x86 and an alarming compiler warning on both 32-bit x86 and x86_64 with GCC 14.1 or later.
2024-05-11
[bdubbs] - Update to vim-9.1.0405. Addresses #4500.
[bdubbs] - Update to util-linux-2.40.1. Fixes #5482.
[bdubbs] - Update to linux-6.8.9. Fixes #5484.
[bdubbs] - Update to jinja2-3.1.4 (Python module). Fixes #5485.
[bdubbs] - Update to iana-etc-20240502. Addresses #5006.
[bdubbs] - Update to gcc-14.1.0. Fixes #5486.
2024-05-01
2024-04-16
[bdubbs] - Make minor change to ifup script output text.
2024-04-15
[bdubbs] - Update to setuptools-69.5.1. Fixes #5478.
[bdubbs] - Update to python3-3.12.3. Fixes #5476.
[bdubbs] - Update to openssl-3.3.0. Fixes #5475.
[bdubbs] - Update to ninja-1.12.0. Fixes #5477.
[bdubbs] - Update to man-db-2.12.1. Fixes #5474.
[bdubbs] - Update to linux-6.8.6. Fixes #5472.
[bdubbs] - Update to iana-etc-20240412. Addresses #5006.
[bdubbs] - Update to vim-9.1.0330. Addresses #4500.
2024-03-31
[bdubbs] - Update to iana-etc-20240318. Addresses #5006.
[bdubbs] - Update to zstd-1.5.6. Fixes #5468.
[bdubbs] - Update to util-linux-2.40. Fixes #5430.
[bdubbs] - Update to shadow-4.15.1. Fixes #5465.
[bdubbs] - Update to pkgconf-2.2.0. Fixes #5469.
[bdubbs] - Update to linux-6.8.2. Fixes #5467.
[bdubbs] - Update to coreutils-9.5. Fixes #5470.
2024-03-29
[bdubbs] - Revert to xz-5.4.6 due to upstream compromise.
2024-03-19
2024-03-15
[bdubbs] - Update to wheel-0.43.0. Fixes #5459.
[bdubbs] - Update to setuptools-69.2.0 (Python module). Fixes #5462.
[bdubbs] - Update to meson-1.4.0. Fixes #5460.
[bdubbs] - Update to expat-2.6.2 (Security fix). Fixes #5461.
[bdubbs] - Update to iana-etc-20240305. Addresses #5006.
[bdubbs] - Update to vim-9.1.0161. Addresses #4500.
[bdubbs] - Update to xz-5.6.1. Fixes #5457.
[bdubbs] - Update to shadow-4.15.0. Fixes #5456.
[bdubbs] - Update to psmisc-23.7. Fixes #5454.
[bdubbs] - Update to kmod-32. Fixes #5455.
[bdubbs] - Update to elfutils-0.191. Fixes #5451.
2024-03-02
[bdubbs] - Update to iana-etc-20240222. Addresses #5006.
[bdubbs] - Update to vim-9.1.0145. Addresses #4500.
[bdubbs] - Update to xz-5.6.0. Fixes #5447.
[bdubbs] - Update to tcl-8.6.14. Fixes #5448.
[bdubbs] - Update to shadow-4.14.6. Fixes #5450.
[bdubbs] - Update to setuptools-69.1.1. Fixes #5446.
[bdubbs] - Update to linux-6.7.7. Fixes #5444.
[bdubbs] - Update to libffi-3.4.6. Fixes #5443.
[bdubbs] - Update to gettext-0.22.5. Fixes #5445.
[bdubbs] - Update to expat-2.6.1. Fixes #5449.
2024-03-01
[bdubbs] - LFS-12.1 released.
If during the building of the LFS system you encounter any errors, have any questions, or think there is a typo in the book, please start by consulting the list of Frequently Asked Questions (FAQ), located at https://www.linuxfromscratch.org/faq/.
The linuxfromscratch.org
server hosts a number of mailing lists used for the
development of the LFS project. These lists include the main
development and support lists, among others. If you cannot
find an answer to your problem on the FAQ page, the next step
would be to search the mailing lists at https://www.linuxfromscratch.org/search.html.
For information on the different lists, how to subscribe, archive locations, and additional information, visit https://www.linuxfromscratch.org/mail.html.
Several members of the LFS community offer assistance via
Internet Relay Chat (IRC). Before using this support, please
make sure your question is not already answered in the LFS
FAQ or the mailing list archives. You can find the IRC
network at irc.libera.chat
.
The support channel is named #lfs-support.
The LFS project has a number of world-wide mirrors to make accessing the website and downloading the required packages more convenient. Please visit the LFS website at https://www.linuxfromscratch.org/mirrors.html for a list of current mirrors.
In case you've hit an issue building one package with the LFS instruction, we strongly discourage posting the issue directly onto the upstream support channel before discussing via a LFS support channel listed in Section 1.4, “Resources.” Doing so is often quite inefficient because the upstream maintainers are rarely familiar with LFS building procedure. Even if you've really hit an upstream issue, the LFS community can still help to isolate the information wanted by the upstream maintainers and make a proper report.
If you must ask a question directly via an upstream support channel, you shall at least note that many upstream projects have the support channels separated from the bug tracker. The “bug” reports for asking questions are considered invalid and may annoy upstream developers for these projects.
If an issue or a question is encountered while working through this book, please check the FAQ page at https://www.linuxfromscratch.org/faq/#generalfaq. Questions are often already answered there. If your question is not answered on that page, try to find the source of the problem. The following hint will give you some guidance for troubleshooting: https://www.linuxfromscratch.org/hints/downloads/files/errors.txt.
If you cannot find your problem listed in the FAQ, search the mailing lists at https://www.linuxfromscratch.org/search.html.
We also have a wonderful LFS community that is willing to offer assistance through the mailing lists and IRC (see the Section 1.4, “Resources” section of this book). However, we get several support questions every day, and many of them could have been easily answered by going to the FAQ or by searching the mailing lists first. So, for us to offer the best assistance possible, you should first do some research on your own. That allows us to focus on the more unusual support needs. If your searches do not produce a solution, please include all the relevant information (mentioned below) in your request for help.
Apart from a brief explanation of the problem being experienced, any request for help should include these essential things:
The version of the book being used (in this case 12.2-systemd)
The host distribution and version being used to create LFS
The output from the Host System Requirements script
The package or section the problem was encountered in
The exact error message, or a clear description of the problem
Note whether you have deviated from the book at all
Deviating from this book does not mean that we will not help you. After all, LFS is about personal preference. Being up-front about any changes to the established procedure helps us evaluate and determine possible causes of your problem.
If something goes wrong while running the configure script, review
the config.log
file. This file
may contain errors encountered during configure which were not
printed to the screen. Include the relevant lines if you need to ask
for help.
Both the screen output and the contents of various files are useful in determining the cause of compilation problems. The screen output from the configure script and the make run can be helpful. It is not necessary to include the entire output, but do include all of the relevant information. Here is an example of the type of information to include from the make screen output.
gcc -D ALIASPATH=\"/mnt/lfs/usr/share/locale:.\"
-D LOCALEDIR=\"/mnt/lfs/usr/share/locale\"
-D LIBDIR=\"/mnt/lfs/usr/lib\"
-D INCLUDEDIR=\"/mnt/lfs/usr/include\" -D HAVE_CONFIG_H -I. -I.
-g -O2 -c getopt1.c
gcc -g -O2 -static -o make ar.o arscan.o commands.o dir.o
expand.o file.o function.o getopt.o implicit.o job.o main.o
misc.o read.o remake.o rule.o signame.o variable.o vpath.o
default.o remote-stub.o version.o opt1.o
-lutil job.o: In function `load_too_high':
/lfs/tmp/make-3.79.1/job.c:1565: undefined reference
to `getloadavg'
collect2: ld returned 1 exit status
make[2]: *** [make] Error 1
make[2]: Leaving directory `/lfs/tmp/make-3.79.1'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/lfs/tmp/make-3.79.1'
make: *** [all-recursive-am] Error 2
In this case, many people would just include the bottom section:
make [2]: *** [make] Error 1
This is not enough information to diagnose the problem, because it only notes that something went wrong, not what went wrong. The entire section, as in the example above, is what should be saved because it includes the command that was executed and all the associated error messages.
An excellent article about asking for help on the Internet is available online at http://catb.org/~esr/faqs/smart-questions.html. Read this document, and follow the hints. Doing so will increase the likelihood of getting the help you need.
In this chapter, the host tools needed for building LFS are checked and, if necessary, installed. Then a partition which will host the LFS system is prepared. We will create the partition itself, create a file system on it, and mount it.
The LFS editors recommend that the system CPU have at least four cores and that the system have at least 8 GB of memory. Older systems that do not meet these requirements will still work, but the time to build packages will be significantly longer than documented.
Your host system should have the following software with the
minimum versions indicated. This should not be an issue for
most modern Linux distributions. Also note that many
distributions will place software headers into separate
packages, often in the form of
or <package-name>
-devel
.
Be sure to install those if your distribution provides them.
<package-name>
-dev
Earlier versions of the listed software packages may work, but have not been tested.
Bash-3.2 (/bin/sh should be a symbolic or hard link to bash)
Binutils-2.13.1 (Versions greater than 2.43.1 are not recommended as they have not been tested)
Bison-2.7 (/usr/bin/yacc should be a link to bison or a small script that executes bison)
Coreutils-8.1
Diffutils-2.8.1
Findutils-4.2.31
Gawk-4.0.1 (/usr/bin/awk should be a link to gawk)
GCC-5.2 including the C++ compiler, g++ (Versions greater than 14.2.0 are not recommended as they have not been tested). C and C++ standard libraries (with headers) must also be present so the C++ compiler can build hosted programs
Grep-2.5.1a
Gzip-1.3.12
Linux Kernel-4.19
The reason for the kernel version requirement is that we specify that version when building glibc in Chapter 5 and Chapter 8, so the workarounds for older kernels are not enabled and the compiled glibc is slightly faster and smaller. As at Feb 2024, 4.19 is the oldest kernel release still supported by the kernel developers. Some kernel releases older than 4.19 may be still supported by third-party teams, but they are not considered official upstream kernel releases; read https://kernel.org/category/releases.html for the details.
If the host kernel is earlier than 4.19 you will need to replace the kernel with a more up-to-date version. There are two ways you can go about this. First, see if your Linux vendor provides a 4.19 or later kernel package. If so, you may wish to install it. If your vendor doesn't offer an acceptable kernel package, or you would prefer not to install it, you can compile a kernel yourself. Instructions for compiling the kernel and configuring the boot loader (assuming the host uses GRUB) are located in Chapter 10.
We require the host kernel to support UNIX 98 pseudo
terminal (PTY). It should be enabled on all desktop or
server distros shipping Linux 4.19 or a newer kernel.
If you are building a custom host kernel, ensure
CONFIG_UNIX98_PTYS
is set
to y
in the kernel
configuration.
M4-1.4.10
Make-4.0
Patch-2.5.4
Perl-5.8.8
Python-3.4
Sed-4.1.5
Tar-1.22
Texinfo-5.0
Xz-5.0.0
Note that the symlinks mentioned above are required to build an LFS system using the instructions contained within this book. Symlinks that point to other software (such as dash, mawk, etc.) may work, but are not tested or supported by the LFS development team, and may require either deviation from the instructions or additional patches to some packages.
To see whether your host system has all the appropriate versions, and the ability to compile programs, run the following commands:
cat > version-check.sh << "EOF"
#!/bin/bash
# A script to list version numbers of critical development tools
# If you have tools installed in other directories, adjust PATH here AND
# in ~lfs/.bashrc (section 4.4) as well.
LC_ALL=C
PATH=/usr/bin:/bin
bail() { echo "FATAL: $1"; exit 1; }
grep --version > /dev/null 2> /dev/null || bail "grep does not work"
sed '' /dev/null || bail "sed does not work"
sort /dev/null || bail "sort does not work"
ver_check()
{
if ! type -p $2 &>/dev/null
then
echo "ERROR: Cannot find $2 ($1)"; return 1;
fi
v=$($2 --version 2>&1 | grep -E -o '[0-9]+\.[0-9\.]+[a-z]*' | head -n1)
if printf '%s\n' $3 $v | sort --version-sort --check &>/dev/null
then
printf "OK: %-9s %-6s >= $3\n" "$1" "$v"; return 0;
else
printf "ERROR: %-9s is TOO OLD ($3 or later required)\n" "$1";
return 1;
fi
}
ver_kernel()
{
kver=$(uname -r | grep -E -o '^[0-9\.]+')
if printf '%s\n' $1 $kver | sort --version-sort --check &>/dev/null
then
printf "OK: Linux Kernel $kver >= $1\n"; return 0;
else
printf "ERROR: Linux Kernel ($kver) is TOO OLD ($1 or later required)\n" "$kver";
return 1;
fi
}
# Coreutils first because --version-sort needs Coreutils >= 7.0
ver_check Coreutils sort 8.1 || bail "Coreutils too old, stop"
ver_check Bash bash 3.2
ver_check Binutils ld 2.13.1
ver_check Bison bison 2.7
ver_check Diffutils diff 2.8.1
ver_check Findutils find 4.2.31
ver_check Gawk gawk 4.0.1
ver_check GCC gcc 5.2
ver_check "GCC (C++)" g++ 5.2
ver_check Grep grep 2.5.1a
ver_check Gzip gzip 1.3.12
ver_check M4 m4 1.4.10
ver_check Make make 4.0
ver_check Patch patch 2.5.4
ver_check Perl perl 5.8.8
ver_check Python python3 3.4
ver_check Sed sed 4.1.5
ver_check Tar tar 1.22
ver_check Texinfo texi2any 5.0
ver_check Xz xz 5.0.0
ver_kernel 4.19
if mount | grep -q 'devpts on /dev/pts' && [ -e /dev/ptmx ]
then echo "OK: Linux Kernel supports UNIX 98 PTY";
else echo "ERROR: Linux Kernel does NOT support UNIX 98 PTY"; fi
alias_check() {
if $1 --version 2>&1 | grep -qi $2
then printf "OK: %-4s is $2\n" "$1";
else printf "ERROR: %-4s is NOT $2\n" "$1"; fi
}
echo "Aliases:"
alias_check awk GNU
alias_check yacc Bison
alias_check sh Bash
echo "Compiler check:"
if printf "int main(){}" | g++ -x c++ -
then echo "OK: g++ works";
else echo "ERROR: g++ does NOT work"; fi
rm -f a.out
if [ "$(nproc)" = "" ]; then
echo "ERROR: nproc is not available or it produces empty output"
else
echo "OK: nproc reports $(nproc) logical cores are available"
fi
EOF
bash version-check.sh
LFS is designed to be built in one session. That is, the instructions assume that the system will not be shut down during the process. This does not mean that the system has to be built in one sitting. The issue is that certain procedures must be repeated after a reboot when resuming LFS at different points.
These chapters run commands on the host system. When restarting, be certain of one thing:
Procedures performed as the root
user after Section 2.4 must
have the LFS environment variable set FOR THE ROOT USER.
The /mnt/lfs partition must be mounted.
These two chapters must be done as user
lfs
. A su - lfs command must
be issued before performing any task in these chapters.
If you don't do that, you are at risk of installing
packages to the host, and potentially rendering it
unusable.
The procedures in General Compilation Instructions are critical. If there is any doubt a package has been installed correctly, ensure the previously expanded tarball has been removed, then re-extract the package, and complete all the instructions in that section.
The /mnt/lfs partition must be mounted.
A few operations, from “Changing
Ownership” to “Entering the Chroot
Environment,” must be done as the
root
user, with the LFS
environment variable set for the root
user.
When entering chroot, the LFS environment variable must
be set for root
. The
LFS variable is not used after the chroot environment
has been entered.
The virtual file systems must be mounted. This can be
done before or after entering chroot by changing to a
host virtual terminal and, as root
, running the commands in
Section 7.3.1,
“Mounting and Populating /dev” and Section 7.3.2,
“Mounting Virtual Kernel File Systems.”
Like most other operating systems, LFS is usually installed on a dedicated partition. The recommended approach to building an LFS system is to use an available empty partition or, if you have enough unpartitioned space, to create one.
A minimal system requires a partition of around 10 gigabytes (GB). This is enough to store all the source tarballs and compile the packages. However, if the LFS system is intended to be the primary Linux system, additional software will probably be installed which will require additional space. A 30 GB partition is a reasonable size to provide for growth. The LFS system itself will not take up this much room. A large portion of this requirement is to provide sufficient free temporary storage as well as for adding additional capabilities after LFS is complete. Additionally, compiling packages can require a lot of disk space which will be reclaimed after the package is installed.
Because there is not always enough Random Access Memory (RAM)
available for compilation processes, it is a good idea to use a
small disk partition as swap
space. This is used by the kernel to store seldom-used data and
leave more memory available for active processes. The
swap
partition for an LFS
system can be the same as the one used by the host system, in
which case it is not necessary to create another one.
Start a disk partitioning program such as cfdisk or fdisk with a command line
option naming the hard disk on which the new partition will be
created—for example /dev/sda
for
the primary disk drive. Create a Linux native partition and a
swap
partition, if needed.
Please refer to cfdisk(8) or
fdisk(8) if you do
not yet know how to use the programs.
For experienced users, other partitioning schemes are possible. The new LFS system can be on a software RAID array or an LVM logical volume. However, some of these options require an initramfs, which is an advanced topic. These partitioning methodologies are not recommended for first time LFS users.
Remember the designation of the new partition (e.g.,
sda5
). This book will refer to
this as the LFS partition. Also remember the designation of the
swap
partition. These names
will be needed later for the /etc/fstab
file.
Requests for advice on system partitioning are often posted on the LFS mailing lists. This is a highly subjective topic. The default for most distributions is to use the entire drive with the exception of one small swap partition. This is not optimal for LFS for several reasons. It reduces flexibility, makes sharing of data across multiple distributions or LFS builds more difficult, makes backups more time consuming, and can waste disk space through inefficient allocation of file system structures.
A root LFS partition (not to be confused with the
/root
directory) of twenty
gigabytes is a good compromise for most systems. It
provides enough space to build LFS and most of BLFS, but is
small enough so that multiple partitions can be easily
created for experimentation.
Most distributions automatically create a swap partition. Generally the recommended size of the swap partition is about twice the amount of physical RAM, however this is rarely needed. If disk space is limited, hold the swap partition to two gigabytes and monitor the amount of disk swapping.
If you want to use the hibernation feature (suspend-to-disk) of Linux, it writes out the contents of RAM to the swap partition before turning off the machine. In this case the size of the swap partition should be at least as large as the system's installed RAM.
Swapping is never good. For mechanical hard drives you can generally tell if a system is swapping by just listening to disk activity and observing how the system reacts to commands. With an SSD you will not be able to hear swapping, but you can tell how much swap space is being used by running the top or free programs. Use of an SSD for a swap partition should be avoided if possible. The first reaction to swapping should be to check for an unreasonable command such as trying to edit a five gigabyte file. If swapping becomes a normal occurrence, the best solution is to purchase more RAM for your system.
If the boot disk has been partitioned with a GUID Partition Table (GPT), then a small, typically 1 MB, partition must be created if it does not already exist. This partition is not formatted, but must be available for GRUB to use during installation of the boot loader. This partition will normally be labeled 'BIOS Boot' if using fdisk or have a code of EF02 if using the gdisk command.
The Grub Bios partition must be on the drive that the BIOS uses to boot the system. This is not necessarily the drive that holds the LFS root partition. The disks on a system may use different partition table types. The necessity of the Grub Bios partition depends only on the partition table type of the boot disk.
There are several other partitions that are not required, but should be considered when designing a disk layout. The following list is not comprehensive, but is meant as a guide.
/boot – Highly recommended. Use this partition to store kernels and other booting information. To minimize potential boot problems with larger disks, make this the first physical partition on your first disk drive. A partition size of 200 megabytes is adequate.
/boot/efi – The EFI System Partition, which is needed for booting the system with UEFI. Read the BLFS page for details.
/home – Highly recommended. Share your home directory and user customization across multiple distributions or LFS builds. The size is generally fairly large and depends on available disk space.
/usr – In LFS, /bin
,
/lib
, and /sbin
are symlinks to their
counterparts in /usr
.
So /usr
contains all
the binaries needed for the system to run. For LFS a
separate partition for /usr
is normally not needed. If you
create it anyway, you should make a partition large
enough to fit all the programs and libraries in the
system. The root partition can be very small (maybe
just one gigabyte) in this configuration, so it's
suitable for a thin client or diskless workstation
(where /usr
is mounted
from a remote server). However, you should be aware
that an initramfs (not covered by LFS) will be needed
to boot a system with a separate /usr
partition.
/opt – This directory is most useful for BLFS, where multiple large packages like KDE or Texlive can be installed without embedding the files in the /usr hierarchy. If used, 5 to 10 gigabytes is generally adequate.
/tmp – By default, systemd mounts a tmpfs
here. If you want to
override that behavior, follow Section 9.10.3,
“Disabling tmpfs for /tmp” when configuring the
LFS system.
/usr/src – This partition is very useful for providing a location to store BLFS source files and share them across LFS builds. It can also be used as a location for building BLFS packages. A reasonably large partition of 30-50 gigabytes provides plenty of room.
Any separate partition that you want automatically mounted
when the system starts must be specified in the
/etc/fstab
file. Details
about how to specify partitions will be discussed in
Section 10.2,
“Creating the /etc/fstab File”.
A partition is just a range of sectors on a disk drive, delimited by boundaries set in a partition table. Before the operating system can use a partition to store any files, the partition must be formatted to contain a file system, typically consisting of a label, directory blocks, data blocks, and an indexing scheme to locate a particular file on demand. The file system also helps the OS keep track of free space on the partition, reserve the needed sectors when a new file is created or an existing file is extended, and recycle the free data segments created when files are deleted. It may also provide support for data redundancy, and for error recovery.
LFS can use any file system recognized by the Linux kernel, but the most common types are ext3 and ext4. The choice of the right file system can be complex; it depends on the characteristics of the files and the size of the partition. For example:
is suitable for small partitions that are updated infrequently such as /boot.
is an upgrade to ext2 that includes a journal to help recover the partition's status in the case of an unclean shutdown. It is commonly used as a general purpose file system.
is the latest version of the ext family of file systems. It provides several new capabilities including nano-second timestamps, creation and use of very large files (up to 16 TB), and speed improvements.
Other file systems, including FAT32, NTFS, JFS, and XFS are useful for specialized purposes. More information about these file systems, and many others, can be found at https://en.wikipedia.org/wiki/Comparison_of_file_systems.
LFS assumes that the root file system (/) is of type ext4. To
create an ext4
file system on
the LFS partition, issue the following command:
mkfs -v -t ext4 /dev/<xxx>
Replace <xxx>
with the name of the LFS partition.
If you are using an existing swap
partition, there is no need to format
it. If a new swap
partition was
created, it will need to be initialized with this command:
mkswap /dev/<yyy>
Replace <yyy>
with the name of the swap
partition.
Throughout this book, the environment variable LFS
will be used several times. You should
ensure that this variable is always defined throughout the LFS
build process. It should be set to the name of the directory
where you will be building your LFS system - we will use
/mnt/lfs
as an example, but you
may choose any directory name you want. If you are building LFS
on a separate partition, this directory will be the mount point
for the partition. Choose a directory location and set the
variable with the following command:
export LFS=/mnt/lfs
Having this variable set is beneficial in that commands such as mkdir -v $LFS/tools can be typed literally. The shell will automatically replace “$LFS” with “/mnt/lfs” (or whatever value the variable was set to) when it processes the command line.
Do not forget to check that LFS
is
set whenever you leave and reenter the current working
environment (such as when doing a su to root
or another user). Check that the
LFS
variable is set up properly
with:
echo $LFS
Make sure the output shows the path to your LFS system's
build location, which is /mnt/lfs
if the provided example was
followed. If the output is incorrect, use the command given
earlier on this page to set $LFS
to the correct directory name.
One way to ensure that the LFS
variable is always set is to edit the .bash_profile
file in both your personal
home directory and in /root/.bash_profile
and enter the export
command above. In addition, the shell specified in the
/etc/passwd
file for all users
that need the LFS
variable must be
bash to ensure that the /root/.bash_profile
file is incorporated as
a part of the login process.
Another consideration is the method that is used to log into
the host system. If logging in through a graphical display
manager, the user's .bash_profile
is not normally used when a
virtual terminal is started. In this case, add the export
command to the .bashrc
file for
the user and root
. In
addition, some distributions use an "if" test, and do not run
the remaining .bashrc
instructions for a non-interactive bash invocation. Be sure
to place the export command ahead of the test for
non-interactive use.
Now that a file system has been created, the partition must be
mounted so the host system can access it. This book assumes
that the file system is mounted at the directory specified by
the LFS
environment variable
described in the previous section.
Strictly speaking, one cannot “mount a partition.” One mounts the file system embedded in that partition. But since a single partition can't contain more than one file system, people often speak of the partition and the associated file system as if they were one and the same.
Create the mount point and mount the LFS file system with these commands:
mkdir -pv $LFS
mount -v -t ext4 /dev/<xxx>
$LFS
Replace <xxx>
with the name of the LFS partition.
If you are using multiple partitions for LFS (e.g., one for
/
and another for /home
), mount them like this:
mkdir -pv $LFS mount -v -t ext4 /dev/<xxx>
$LFS mkdir -v $LFS/home mount -v -t ext4 /dev/<yyy>
$LFS/home
Replace <xxx>
and <yyy>
with
the appropriate partition names.
Ensure that this new partition is not mounted with permissions
that are too restrictive (such as the nosuid
or nodev
options). Run the mount command without any
parameters to see what options are set for the mounted LFS
partition. If nosuid
and/or
nodev
are set, the partition must
be remounted.
The above instructions assume that you will not restart your
computer throughout the LFS process. If you shut down your
system, you will either need to remount the LFS partition
each time you restart the build process, or modify the host
system's /etc/fstab
file to
automatically remount it when you reboot. For example, you
might add this line to your /etc/fstab
file:
/dev/<xxx>
/mnt/lfs ext4 defaults 1 1
If you use additional optional partitions, be sure to add them also.
If you are using a swap
partition, ensure that it is enabled using the swapon command:
/sbin/swapon -v /dev/<zzz>
Replace <zzz>
with the name of the swap
partition.
Now that the new LFS partition is open for business, it's time to download the packages.
This chapter includes a list of packages that need to be downloaded in order to build a basic Linux system. The listed version numbers correspond to versions of the software that are known to work, and this book is based on their use. We highly recommend against using different versions, because the build commands for one version may not work with a different version, unless the different version is specified by an LFS erratum or security advisory. The newest package versions may also have problems that require work-arounds. These work-arounds will be developed and stabilized in the development version of the book.
For some packages, the release tarball and the (Git or SVN) repository snapshot tarball for that release may be published with similar file names. A release tarball contains generated files (for example, a configure script generated by autoconf), in addition to the contents of the corresponding repository snapshot. The book uses release tarballs whenever possible. Using a repository snapshot instead of a release tarball specified by the book will cause problems.
Download locations may not always be accessible. If a download location has changed since this book was published, Google (https://www.google.com/) provides a useful search engine for most packages. If this search is unsuccessful, try one of the alternative means of downloading at https://www.linuxfromscratch.org/lfs/mirrors.html#files.
Downloaded packages and patches will need to be stored
somewhere that is conveniently available throughout the entire
build. A working directory is also required to unpack the
sources and build them. $LFS/sources
can be used both as the place to
store the tarballs and patches and as a working directory. By
using this directory, the required elements will be located on
the LFS partition and will be available during all stages of
the building process.
To create this directory, execute the following command, as
user root
, before starting the
download session:
mkdir -v $LFS/sources
Make this directory writable and sticky. “Sticky” means that even if multiple users have write permission on a directory, only the owner of a file can delete the file within a sticky directory. The following command will enable the write and sticky modes:
chmod -v a+wt $LFS/sources
There are several ways to obtain all the necessary packages and patches to build LFS:
The files can be downloaded individually as described in the next two sections.
For stable versions of the book, a tarball of all the needed files can be downloaded from one of the mirror sites listed at https://www.linuxfromscratch.org/mirrors.html#files.
The files can be downloaded using wget and a wget-list as described below.
To download all of the packages and patches by using wget-list-systemd as an input to the wget command, use:
wget --input-file=wget-list-systemd --continue --directory-prefix=$LFS/sources
Additionally, starting with LFS-7.0, there is a separate file,
md5sums, which can be
used to verify that all the correct packages are available
before proceeding. Place that file in $LFS/sources
and run:
pushd $LFS/sources md5sum -c md5sums popd
This check can be used after retrieving the needed files with any of the methods listed above.
If the packages and patches are downloaded as a
non-root
user, these files will
be owned by the user. The file system records the owner by its
UID, and the UID of a normal user in the host distro is not
assigned in LFS. So the files will be left owned by an unnamed
UID in the final LFS system. If you won't assign the same UID
for your user in the LFS system, change the owners of these
files to root
now to avoid this
issue:
chown root:root $LFS/sources/*
Read the security advisories before downloading packages to figure out if a newer version of any package should be used to avoid security vulnerabilities.
The upstream sources may remove old releases, especially when those releases contain a security vulnerability. If one URL below is not reachable, you should read the security advisories first to figure out if a newer version (with the vulnerability fixed) should be used. If not, try to download the removed package from a mirror. Although it's possible to download an old release from a mirror even if this release has been removed because of a vulnerability, it's not a good idea to use a release known to be vulnerable when building your system.
Download or otherwise obtain the following packages:
Home page: https://savannah.nongnu.org/projects/acl
Download: https://download.savannah.gnu.org/releases/acl/acl-2.3.2.tar.xz
MD5 sum: 590765dee95907dbc3c856f7255bd669
Home page: https://savannah.nongnu.org/projects/attr
Download: https://download.savannah.gnu.org/releases/attr/attr-2.5.2.tar.gz
MD5 sum: 227043ec2f6ca03c0948df5517f9c927
Home page: https://www.gnu.org/software/autoconf/
Download: https://ftp.gnu.org/gnu/autoconf/autoconf-2.72.tar.xz
MD5 sum: 1be79f7106ab6767f18391c5e22be701
Home page: https://www.gnu.org/software/automake/
Download: https://ftp.gnu.org/gnu/automake/automake-1.17.tar.xz
MD5 sum: 7ab3a02318fee6f5bd42adfc369abf10
Home page: https://www.gnu.org/software/bash/
Download: https://ftp.gnu.org/gnu/bash/bash-5.2.32.tar.gz
MD5 sum: f204835b2e06c06e37b5ad776ff907f4
Home page: https://git.gavinhoward.com/gavin/bc
Download: https://github.com/gavinhoward/bc/releases/download/6.7.6/bc-6.7.6.tar.xz
MD5 sum: a47aa5e4e7395fbcd159a9228613b97b
Home page: https://www.gnu.org/software/binutils/
Download: https://sourceware.org/pub/binutils/releases/binutils-2.43.1.tar.xz
MD5 sum: 9202d02925c30969d1917e4bad5a2320
Home page: https://www.gnu.org/software/bison/
Download: https://ftp.gnu.org/gnu/bison/bison-3.8.2.tar.xz
MD5 sum: c28f119f405a2304ff0a7ccdcc629713
Download: https://www.sourceware.org/pub/bzip2/bzip2-1.0.8.tar.gz
MD5 sum: 67e051268d0c475ea773822f7500d0e5
Home page: https://libcheck.github.io/check
Download: https://github.com/libcheck/check/releases/download/0.15.2/check-0.15.2.tar.gz
MD5 sum: 50fcafcecde5a380415b12e9c574e0b2
Home page: https://www.gnu.org/software/coreutils/
Download: https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz
MD5 sum: e99adfa059a63db3503cc71f3d151e31
Home page: https://www.freedesktop.org/wiki/Software/dbus
Download: https://dbus.freedesktop.org/releases/dbus/dbus-1.14.10.tar.xz
MD5 sum: 46070a3487817ff690981f8cd2ba9376
Home page: https://www.gnu.org/software/dejagnu/
Download: https://ftp.gnu.org/gnu/dejagnu/dejagnu-1.6.3.tar.gz
MD5 sum: 68c5208c58236eba447d7d6d1326b821
Home page: https://www.gnu.org/software/diffutils/
Download: https://ftp.gnu.org/gnu/diffutils/diffutils-3.10.tar.xz
MD5 sum: 2745c50f6f4e395e7b7d52f902d075bf
Home page: https://e2fsprogs.sourceforge.net/
Download: https://downloads.sourceforge.net/project/e2fsprogs/e2fsprogs/v1.47.1/e2fsprogs-1.47.1.tar.gz
MD5 sum: 75e6d1353cbe6d5728a98fb0267206cb
Home page: https://sourceware.org/elfutils/
Download: https://sourceware.org/ftp/elfutils/0.191/elfutils-0.191.tar.bz2
MD5 sum: 636547248fb3fae58ec48030298d3ef7
Home page: https://libexpat.github.io/
Download: https://prdownloads.sourceforge.net/expat/expat-2.6.2.tar.xz
MD5 sum: 0cb75c8feb842c0794ba89666b762a2d
Home page: https://core.tcl.tk/expect/
Download: https://prdownloads.sourceforge.net/expect/expect5.45.4.tar.gz
MD5 sum: 00fce8de158422f5ccd2666512329bd2
Home page: https://www.darwinsys.com/file/
Download: https://astron.com/pub/file/file-5.45.tar.gz
MD5 sum: 26b2a96d4e3a8938827a1e572afd527a
Home page: https://www.gnu.org/software/findutils/
Download: https://ftp.gnu.org/gnu/findutils/findutils-4.10.0.tar.xz
MD5 sum: 870cfd71c07d37ebe56f9f4aaf4ad872
Home page: https://github.com/westes/flex
Download: https://github.com/westes/flex/releases/download/v2.6.4/flex-2.6.4.tar.gz
MD5 sum: 2882e3179748cc9f9c23ec593d6adc8d
Home page: https://pypi.org/project/flit-core/
Download: https://pypi.org/packages/source/f/flit-core/flit_core-3.9.0.tar.gz
MD5 sum: 3bc52f1952b9a78361114147da63c35b
Home page: https://www.gnu.org/software/gawk/
Download: https://ftp.gnu.org/gnu/gawk/gawk-5.3.0.tar.xz
MD5 sum: 97c5a7d83f91a7e1b2035ebbe6ac7abd
Home page: https://gcc.gnu.org/
Download: https://ftp.gnu.org/gnu/gcc/gcc-14.2.0/gcc-14.2.0.tar.xz
MD5 sum: 2268420ba02dc01821960e274711bde0
Home page: https://www.gnu.org/software/gdbm/
Download: https://ftp.gnu.org/gnu/gdbm/gdbm-1.24.tar.gz
MD5 sum: c780815649e52317be48331c1773e987
Home page: https://www.gnu.org/software/gettext/
Download: https://ftp.gnu.org/gnu/gettext/gettext-0.22.5.tar.xz
MD5 sum: 3ae5580599d84be93e6213930facb2db
Home page: https://www.gnu.org/software/libc/
Download: https://ftp.gnu.org/gnu/glibc/glibc-2.40.tar.xz
MD5 sum: b390feef233022114950317f10c4fa97
The Glibc developers maintain a Git branch containing patches considered worthy for Glibc-2.40 but unfortunately developed after Glibc-2.40 release. The LFS editors will issue a security advisory if any security fix is added into the branch, but no actions will be taken for other newly added patches. You may review the patches yourself and incorporate some patches if you consider them important.
Home page: https://www.gnu.org/software/gmp/
Download: https://ftp.gnu.org/gnu/gmp/gmp-6.3.0.tar.xz
MD5 sum: 956dc04e864001a9c22429f761f2c283
Home page: https://www.gnu.org/software/gperf/
Download: https://ftp.gnu.org/gnu/gperf/gperf-3.1.tar.gz
MD5 sum: 9e251c0a618ad0824b51117d5d9db87e
Home page: https://www.gnu.org/software/grep/
Download: https://ftp.gnu.org/gnu/grep/grep-3.11.tar.xz
MD5 sum: 7c9bbd74492131245f7cdb291fa142c0
Home page: https://www.gnu.org/software/groff/
Download: https://ftp.gnu.org/gnu/groff/groff-1.23.0.tar.gz
MD5 sum: 5e4f40315a22bb8a158748e7d5094c7d
Home page: https://www.gnu.org/software/grub/
Download: https://ftp.gnu.org/gnu/grub/grub-2.12.tar.xz
MD5 sum: 60c564b1bdc39d8e43b3aab4bc0fb140
Home page: https://www.gnu.org/software/gzip/
Download: https://ftp.gnu.org/gnu/gzip/gzip-1.13.tar.xz
MD5 sum: d5c9fc9441288817a4a0be2da0249e29
Home page: https://www.iana.org/protocols
Download: https://github.com/Mic92/iana-etc/releases/download/20240806/iana-etc-20240806.tar.gz
MD5 sum: ea3c37c00d22f1159fc3b7d988de8476
Home page: https://www.gnu.org/software/inetutils/
Download: https://ftp.gnu.org/gnu/inetutils/inetutils-2.5.tar.xz
MD5 sum: 9e5a6dfd2d794dc056a770e8ad4a9263
Home page: https://freedesktop.org/wiki/Software/intltool
Download: https://launchpad.net/intltool/trunk/0.51.0/+download/intltool-0.51.0.tar.gz
MD5 sum: 12e517cac2b57a0121cda351570f1e63
Home page: https://www.kernel.org/pub/linux/utils/net/iproute2/
Download: https://www.kernel.org/pub/linux/utils/net/iproute2/iproute2-6.10.0.tar.xz
MD5 sum: 6282e47de9c5b230e83537fba7181c9c
Home page: https://jinja.palletsprojects.com/en/3.1.x/
Download: https://pypi.org/packages/source/J/Jinja2/jinja2-3.1.4.tar.gz
MD5 sum: 02ca9a6364c92e83d14b037bef4732bc
Home page: https://kbd-project.org/
Download: https://www.kernel.org/pub/linux/utils/kbd/kbd-2.6.4.tar.xz
MD5 sum: e2fd7adccf6b1e98eb1ae8d5a1ce5762
Home page: https://github.com/kmod-project/kmod
Download: https://www.kernel.org/pub/linux/utils/kernel/kmod/kmod-33.tar.xz
MD5 sum: c451c4aa61521adbe8af147f498046f8
Home page: https://www.greenwoodsoftware.com/less/
Download: https://www.greenwoodsoftware.com/less/less-661.tar.gz
MD5 sum: 44f54b6313c5d71fa1ac224d8d84766a
Home page: https://sites.google.com/site/fullycapable/
Download: https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-2.70.tar.xz
MD5 sum: df0e20c6eeca849347b87d5d6a8870c0
Home page: https://sourceware.org/libffi/
Download: https://github.com/libffi/libffi/releases/download/v3.4.6/libffi-3.4.6.tar.gz
MD5 sum: b9cac6c5997dca2b3787a59ede34e0eb
Home page: https://libpipeline.nongnu.org/
Download: https://download.savannah.gnu.org/releases/libpipeline/libpipeline-1.5.7.tar.gz
MD5 sum: 1a48b5771b9f6c790fb4efdb1ac71342
Home page: https://www.gnu.org/software/libtool/
Download: https://ftp.gnu.org/gnu/libtool/libtool-2.4.7.tar.xz
MD5 sum: 2fc0b6ddcd66a89ed6e45db28fa44232
Home page: https://github.com/besser82/libxcrypt/
Download: https://github.com/besser82/libxcrypt/releases/download/v4.4.36/libxcrypt-4.4.36.tar.xz
MD5 sum: b84cd4104e08c975063ec6c4d0372446
Home page: https://www.kernel.org/
Download: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.10.5.tar.xz
MD5 sum: 276ef1f11ed3713ec5d6f506ff55ac12
The Linux kernel is updated quite frequently, many times due to discoveries of security vulnerabilities. The latest available stable kernel version may be used, unless the errata page says otherwise.
For users with limited speed or expensive bandwidth who wish to update the Linux kernel, a baseline version of the package and patches can be downloaded separately. This may save some time or cost for a subsequent patch level upgrade within a minor release.
Home page: https://lz4.org/
Download: https://github.com/lz4/lz4/releases/download/v1.10.0/lz4-1.10.0.tar.gz
MD5 sum: dead9f5f1966d9ae56e1e32761e4e675
Home page: https://www.gnu.org/software/m4/
Download: https://ftp.gnu.org/gnu/m4/m4-1.4.19.tar.xz
MD5 sum: 0d90823e1426f1da2fd872df0311298d
Home page: https://www.gnu.org/software/make/
Download: https://ftp.gnu.org/gnu/make/make-4.4.1.tar.gz
MD5 sum: c8469a3713cbbe04d955d4ae4be23eeb
Home page: https://www.nongnu.org/man-db/
Download: https://download.savannah.gnu.org/releases/man-db/man-db-2.12.1.tar.xz
MD5 sum: 7b044e5020aab89db41ac7ee59d6d84a
Home page: https://www.kernel.org/doc/man-pages/
Download: https://www.kernel.org/pub/linux/docs/man-pages/man-pages-6.9.1.tar.xz
MD5 sum: 4d56775b6cce4edf1e496249e7c01c1a
Home page: https://palletsprojects.com/p/markupsafe/
Download: https://pypi.org/packages/source/M/MarkupSafe/MarkupSafe-2.1.5.tar.gz
MD5 sum: 8fe7227653f2fb9b1ffe7f9f2058998a
Home page: https://mesonbuild.com
Download: https://github.com/mesonbuild/meson/releases/download/1.5.1/meson-1.5.1.tar.gz
MD5 sum: c4f2b3e5ea632685f61ba1b833c4905c
Home page: https://www.multiprecision.org/
Download: https://ftp.gnu.org/gnu/mpc/mpc-1.3.1.tar.gz
MD5 sum: 5c9bc658c9fd0f940e8e3e0f09530c62
Home page: https://www.mpfr.org/
Download: https://ftp.gnu.org/gnu/mpfr/mpfr-4.2.1.tar.xz
MD5 sum: 523c50c6318dde6f9dc523bc0244690a
Home page: https://www.gnu.org/software/ncurses/
Download: https://invisible-mirror.net/archives/ncurses/ncurses-6.5.tar.gz
MD5 sum: ac2d2629296f04c8537ca706b6977687
Home page: https://ninja-build.org/
Download: https://github.com/ninja-build/ninja/archive/v1.12.1/ninja-1.12.1.tar.gz
MD5 sum: 6288992b05e593a391599692e2f7e490
Home page: https://www.openssl.org/
Download: https://www.openssl.org/source/openssl-3.3.1.tar.gz
MD5 sum: 8a4342b399c18f870ca6186299195984
Home page: https://savannah.gnu.org/projects/patch/
Download: https://ftp.gnu.org/gnu/patch/patch-2.7.6.tar.xz
MD5 sum: 78ad9937e4caadcba1526ef1853730d5
Home page: https://www.perl.org/
Download: https://www.cpan.org/src/5.0/perl-5.40.0.tar.xz
MD5 sum: cfe14ef0709b9687f9c514042e8e1e82
Home page: https://github.com/pkgconf/pkgconf
Download: https://distfiles.ariadne.space/pkgconf/pkgconf-2.3.0.tar.xz
MD5 sum: 833363e77b5bed0131c7bc4cc6f7747b
Home page: https://gitlab.com/procps-ng/procps/
Download: https://sourceforge.net/projects/procps-ng/files/Production/procps-ng-4.0.4.tar.xz
MD5 sum: 2f747fc7df8ccf402d03e375c565cf96
Home page: https://gitlab.com/psmisc/psmisc
Download: https://sourceforge.net/projects/psmisc/files/psmisc/psmisc-23.7.tar.xz
MD5 sum: 53eae841735189a896d614cba440eb10
Home page: https://www.python.org/
Download: https://www.python.org/ftp/python/3.12.5/Python-3.12.5.tar.xz
MD5 sum: 02c7d269e077f4034963bba6befdc715
Download: https://www.python.org/ftp/python/doc/3.12.5/python-3.12.5-docs-html.tar.bz2
MD5 sum: 52274d813236ca4a972fb6988480dc56
Home page: https://tiswww.case.edu/php/chet/readline/rltop.html
Download: https://ftp.gnu.org/gnu/readline/readline-8.2.13.tar.gz
MD5 sum: 05080bf3801e6874bb115cd6700b708f
Home page: https://www.gnu.org/software/sed/
Download: https://ftp.gnu.org/gnu/sed/sed-4.9.tar.xz
MD5 sum: 6aac9b2dbafcd5b7a67a8a9bcb8036c3
Home page: https://pypi.org/project/setuptools/
Download: https://pypi.org/packages/source/s/setuptools/setuptools-72.2.0.tar.gz
MD5 sum: 2e0ffd0f6fc632a11442b79d9b1c68bd
Home page: https://github.com/shadow-maint/shadow/
Download: https://github.com/shadow-maint/shadow/releases/download/4.16.0/shadow-4.16.0.tar.xz
MD5 sum: eb70bad3316d08f0d3bb3d4bbeccb3b4
Home page: https://www.freedesktop.org/wiki/Software/systemd/
Download: https://github.com/systemd/systemd/archive/v256.4/systemd-256.4.tar.gz
MD5 sum: 03bd1ff158ec0bc55428c77a8f8495bd
Home page: https://www.freedesktop.org/wiki/Software/systemd/
Download: https://anduin.linuxfromscratch.org/LFS/systemd-man-pages-256.4.tar.xz
MD5 sum: 8dbcf0ff0d8e5e9d3565f9d2fc153310
The Linux From Scratch team generates its own tarball of the man pages using the systemd source. This is done in order to avoid unnecessary dependencies.
Home page: https://www.gnu.org/software/tar/
Download: https://ftp.gnu.org/gnu/tar/tar-1.35.tar.xz
MD5 sum: a2d8042658cfd8ea939e6d911eaf4152
Home page: https://tcl.sourceforge.net/
Download: https://downloads.sourceforge.net/tcl/tcl8.6.14-src.tar.gz
MD5 sum: c30b57c6051be28fa928d09aca82841e
Download: https://downloads.sourceforge.net/tcl/tcl8.6.14-html.tar.gz
MD5 sum: 5467198f8d57c54835bf80b98ffb0170
Home page: https://www.gnu.org/software/texinfo/
Download: https://ftp.gnu.org/gnu/texinfo/texinfo-7.1.tar.xz
MD5 sum: edd9928b4a3f82674bcc3551616eef3b
Home page: https://www.iana.org/time-zones
Download: https://www.iana.org/time-zones/repository/releases/tzdata2024a.tar.gz
MD5 sum: 2349edd8335245525cc082f2755d5bf4
Home page: https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/
Download: https://www.kernel.org/pub/linux/utils/util-linux/v2.40/util-linux-2.40.2.tar.xz
MD5 sum: 88faefc8fefced097e58142077a3d14e
Home page: https://www.vim.org
Download: https://github.com/vim/vim/archive/v9.1.0660/vim-9.1.0660.tar.gz
MD5 sum: c512a99b3704f193be1a181cc644b2b2
The version of vim changes daily. To get the latest version, go to https://github.com/vim/vim/tags.
Home page: https://pypi.org/project/wheel/
Download: https://pypi.org/packages/source/w/wheel/wheel-0.44.0.tar.gz
MD5 sum: 440ff4fe51579b7ed16f02af8f8d9494
Home page: https://github.com/chorny/XML-Parser
Download: https://cpan.metacpan.org/authors/id/T/TO/TODDR/XML-Parser-2.47.tar.gz
MD5 sum: 89a8e82cfd2ad948b349c0a69c494463
Home page: https://tukaani.org/xz
Download: https://github.com//tukaani-project/xz/releases/download/v5.6.2/xz-5.6.2.tar.xz
MD5 sum: bbf73fb28425cebb854328599f85c4cf
Home page: https://zlib.net/
Download: https://zlib.net/fossils/zlib-1.3.1.tar.gz
MD5 sum: 9855b6d802d7fe5b7bd5b196a2271655
Home page: https://facebook.github.io/zstd/
Download: https://github.com/facebook/zstd/releases/download/v1.5.6/zstd-1.5.6.tar.gz
MD5 sum: 5a473726b3445d0e5d6296afd1ab6854
Total size of these packages: about 517 MB
In addition to the packages, several patches are also required. These patches correct any mistakes in the packages that should be fixed by the maintainer. The patches also make small modifications to make the packages easier to work with. The following patches will be needed to build an LFS system:
Download: https://www.linuxfromscratch.org/patches/lfs/12.2/bzip2-1.0.8-install_docs-1.patch
MD5 sum: 6a5ac7e89b791aae556de0f745916f7f
Download: https://www.linuxfromscratch.org/patches/lfs/12.2/coreutils-9.5-i18n-2.patch
MD5 sum: 58961caf5bbdb02462591fa506c73b6d
Download: https://www.linuxfromscratch.org/patches/lfs/12.2/expect-5.45.4-gcc14-1.patch
MD5 sum: 0b8b5ac411d011263ad40b0664c669f0
Download: https://www.linuxfromscratch.org/patches/lfs/12.2/glibc-2.40-fhs-1.patch
MD5 sum: 9a5997c3452909b1769918c759eff8a2
Download: https://www.linuxfromscratch.org/patches/lfs/12.2/kbd-2.6.4-backspace-1.patch
MD5 sum: f75cca16a38da6caa7d52151f7136895
Total size of these patches: about 188.2 KB
In addition to the above required patches, there exist a number of optional patches created by the LFS community. These optional patches solve minor problems or enable functionality that is not enabled by default. Feel free to peruse the patches database located at https://www.linuxfromscratch.org/patches/downloads/ and acquire any additional patches to suit your system needs.
In this chapter, we will perform a few additional tasks to
prepare for building the temporary system. We will create a set
of directories in $LFS
(in which
we will install the temporary tools), add an unprivileged user,
and create an appropriate build environment for that user. We
will also explain the units of time (“SBUs”) we use to
measure how long it takes to build LFS packages, and provide
some information about package test suites.
In this section, we begin populating the LFS filesystem with the pieces that will constitute the final Linux system. The first step is to create a limited directory hierarchy, so that the programs compiled in Chapter 6 (as well as glibc and libstdc++ in Chapter 5) can be installed in their final location. We do this so those temporary programs will be overwritten when the final versions are built in Chapter 8.
Create the required directory layout by issuing the following
commands as root
:
mkdir -pv $LFS/{etc,var} $LFS/usr/{bin,lib,sbin} for i in bin lib sbin; do ln -sv usr/$i $LFS/$i done case $(uname -m) in x86_64) mkdir -pv $LFS/lib64 ;; esac
Programs in Chapter 6
will be compiled with a cross-compiler (more details can be
found in section Toolchain Technical Notes).
This cross-compiler will be installed in a special directory,
to separate it from the other programs. Still acting as
root
, create that directory
with this command:
mkdir -pv $LFS/tools
The LFS editors have deliberately decided not to use a
/usr/lib64
directory. Several
steps are taken to be sure the toolchain will not use it. If
for any reason this directory appears (either because you
made an error in following the instructions, or because you
installed a binary package that created it after finishing
LFS), it may break your system. You should always be sure
this directory does not exist.
When logged in as user root
,
making a single mistake can damage or destroy a system.
Therefore, the packages in the next two chapters are built as
an unprivileged user. You could use your own user name, but to
make it easier to set up a clean working environment, we will
create a new user called lfs
as
a member of a new group (also named lfs
) and run commands as lfs
during the installation process. As
root
, issue the following
commands to add the new user:
groupadd lfs useradd -s /bin/bash -g lfs -m -k /dev/null lfs
This is what the command line options mean:
-s
/bin/bash
This makes bash the default shell
for user lfs
.
-g
lfs
This option adds user lfs
to group lfs
.
-m
This creates a home directory for lfs
.
-k
/dev/null
This parameter prevents possible copying of files from a
skeleton directory (the default is /etc/skel
) by changing the input
location to the special null device.
lfs
This is the name of the new user.
If you want to log in as lfs
or
switch to lfs
from a
non-root
user (as opposed to
switching to user lfs
when
logged in as root
, which does
not require the lfs
user to
have a password), you need to set a password for lfs
. Issue the following command as the
root
user to set the password:
passwd lfs
Grant lfs
full access to all
the directories under $LFS
by
making lfs
the owner:
chown -v lfs $LFS/{usr{,/*},lib,var,etc,bin,sbin,tools} case $(uname -m) in x86_64) chown -v lfs $LFS/lib64 ;; esac
In some host systems, the following su command does not
complete properly and suspends the login for the lfs
user to the background. If the prompt
"lfs:~$" does not appear immediately, entering the
fg command will
fix the issue.
Next, start a shell running as user lfs
. This can be done by logging in as
lfs
on a virtual console, or
with the following substitute/switch user command:
su - lfs
The “-
” instructs
su to start a
login shell as opposed to a non-login shell. The difference
between these two types of shells is described in detail in
bash(1) and
info bash.
Set up a good working environment by creating two new startup
files for the bash shell. While logged in
as user lfs
, issue the
following command to create a new .bash_profile
:
cat > ~/.bash_profile << "EOF"
exec env -i HOME=$HOME TERM=$TERM PS1='\u:\w\$ ' /bin/bash
EOF
When logged on as user lfs
, or
when switched to the lfs
user
using an su
command with the “-
” option, the
initial shell is a login
shell which reads the /etc/profile
of the host (probably containing
some settings and environment variables) and then .bash_profile
. The exec env -i.../bin/bash
command in the .bash_profile
file
replaces the running shell with a new one with a completely
empty environment, except for the HOME
, TERM
, and
PS1
variables. This ensures that no
unwanted and potentially hazardous environment variables from
the host system leak into the build environment.
The new instance of the shell is a non-login shell, which does not
read, and execute, the contents of the /etc/profile
or .bash_profile
files, but rather reads, and
executes, the .bashrc
file
instead. Create the .bashrc
file
now:
cat > ~/.bashrc << "EOF"
set +h
umask 022
LFS=/mnt/lfs
LC_ALL=POSIX
LFS_TGT=$(uname -m)-lfs-linux-gnu
PATH=/usr/bin
if [ ! -L /bin ]; then PATH=/bin:$PATH; fi
PATH=$LFS/tools/bin:$PATH
CONFIG_SITE=$LFS/usr/share/config.site
export LFS LC_ALL LFS_TGT PATH CONFIG_SITE
EOF
The meaning of the settings in .bashrc
set
+h
The set +h
command turns off bash's hash function.
Hashing is ordinarily a useful feature—bash uses a hash table
to remember the full path to executable files to avoid
searching the PATH
time and
again to find the same executable. However, the new tools
should be used as soon as they are installed. Switching
off the hash function forces the shell to search the
PATH
whenever a program is to
be run. As such, the shell will find the newly compiled
tools in $LFS/tools/bin
as
soon as they are available without remembering a previous
version of the same program provided by the host distro,
in /usr/bin
or /bin
.
umask
022
Setting the user file-creation mask (umask) to 022 ensures that newly created files and directories are only writable by their owner, but are readable and executable by anyone (assuming default modes are used by the open(2) system call, new files will end up with permission mode 644 and directories with mode 755).
LFS=/mnt/lfs
The LFS
variable should be set
to the chosen mount point.
LC_ALL=POSIX
The LC_ALL
variable controls
the localization of certain programs, making their
messages follow the conventions of a specified country.
Setting LC_ALL
to “POSIX” or
“C”
(the two are equivalent) ensures that everything will
work as expected in the cross-compilation environment.
LFS_TGT=$(uname
-m)-lfs-linux-gnu
The LFS_TGT
variable sets a
non-default, but compatible machine description for use
when building our cross-compiler and linker and when
cross-compiling our temporary toolchain. More information
is provided by Toolchain Technical
Notes.
PATH=/usr/bin
Many modern Linux distributions have merged /bin
and /usr/bin
. When this is the case, the
standard PATH
variable should
be set to /usr/bin/
for the
Chapter 6
environment. When this is not the case, the following
line adds /bin
to the path.
if [ ! -L
/bin ]; then PATH=/bin:$PATH; fi
If /bin
is not a symbolic
link, it must be added to the PATH
variable.
PATH=$LFS/tools/bin:$PATH
By putting $LFS/tools/bin
ahead of the standard PATH
,
the cross-compiler installed at the beginning of
Chapter 5
is picked up by the shell immediately after its
installation. This, combined with turning off hashing,
limits the risk that the compiler from the host is used
instead of the cross-compiler.
CONFIG_SITE=$LFS/usr/share/config.site
In Chapter 5
and
Chapter 6, if this variable is not set,
configure
scripts may attempt to load configuration items specific
to some distributions from /usr/share/config.site
on the host
system. Override it to prevent potential contamination
from the host.
export
...
While the preceding commands have set some variables, in order to make them visible within any sub-shells, we export them.
Several commercial distributions add an undocumented
instantiation of /etc/bash.bashrc
to the initialization of
bash. This file
has the potential to modify the lfs
user's environment in ways that can
affect the building of critical LFS packages. To make sure
the lfs
user's environment is
clean, check for the presence of /etc/bash.bashrc
and, if present, move it
out of the way. As the root
user, run:
[ ! -e /etc/bash.bashrc ] || mv -v /etc/bash.bashrc /etc/bash.bashrc.NOUSE
When the lfs
user is no
longer needed (at the beginning of
Chapter 7), you may safely restore /etc/bash.bashrc
(if desired).
Note that the LFS Bash package we will build in Section 8.36, “Bash-5.2.32”
is not configured to load or execute /etc/bash.bashrc
, so this file is useless
on a completed LFS system.
For many modern systems with multiple processors (or cores) the
compilation time for a package can be reduced by performing a
"parallel make" by telling the make program how many processors
are available via a command line option or an environment
variable. For instance, an Intel Core i9-13900K processor has 8
P (performance) cores and 16 E (efficiency) cores, and a P core
can simultaneously run two threads so each P core are modeled
as two logical cores by the Linux kernel. As the result there
are 32 logical cores in total. One obvious way to use all these
logical cores is allowing make to spawn up to 32 build
jobs. This can be done by passing the -j32
option to make:
make -j32
Or set the MAKEFLAGS
environment
variable and its content will be automatically used by
make as command
line options:
export MAKEFLAGS=-j32
Never pass a -j
option without a number to make or set such an option
in MAKEFLAGS
. Doing so will allow
make to spawn
infinite build jobs and cause system stability problems.
To use all logical cores available for building packages in
Chapter 5
and Chapter 6,
set MAKEFLAGS
now in .bashrc
:
cat >> ~/.bashrc << "EOF"
export MAKEFLAGS=-j$(nproc)
EOF
Replace $(nproc)
with
the number of logical cores you want to use if you don't want
to use all the logical cores.
Finally, to ensure the environment is fully prepared for building the temporary tools, force the bash shell to read the new user profile:
source ~/.bash_profile
Many people would like to know beforehand approximately how long it takes to compile and install each package. Because Linux From Scratch can be built on many different systems, it is impossible to provide absolute time estimates. The biggest package (gcc) will take approximately 5 minutes on the fastest systems, but could take days on slower systems! Instead of providing actual times, the Standard Build Unit (SBU) measure will be used instead.
The SBU measure works as follows. The first package to be compiled is binutils in Chapter 5. The time it takes to compile using one core is what we will refer to as the Standard Build Unit or SBU. All other compile times will be expressed in terms of this unit of time.
For example, consider a package whose compilation time is 4.5 SBUs. This means that if your system took 4 minutes to compile and install the first pass of binutils, it will take approximately 18 minutes to build the example package. Fortunately, most build times are shorter than one SBU.
SBUs are not entirely accurate because they depend on many factors, including the host system's version of GCC. They are provided here to give an estimate of how long it might take to install a package, but the numbers can vary by as much as dozens of minutes in some cases.
On some newer systems, the motherboard is capable of controlling the system clock speed. This can be controlled with a command such as powerprofilesctl. This is not available in LFS, but may be available on the host distro. After LFS is complete, it can be added to a system with the procedures at the BLFS power-profiles-daemon page. Before measuring the build time of any package it is advisable to use a system power profile set for maximum performance (and maximum power consumption). Otherwise the measured SBU value may be inaccurate because the system may react differently when building binutils-pass1 or other packages. Be aware that a significant inaccuracy can still show up even if the same profile is used for both packages because the system may respond slower if the system is idle when starting the build procedure. Setting the power profile to “performance” will minimize this problem. And obviously doing so will also make the system build LFS faster.
If powerprofilesctl is
available, issue the powerprofilesctl set
performance command to select the performance
profile. Some distros provides the
tuned-adm command
for managing the profiles instead of powerprofilesctl, on these
distros issue the tuned-adm
profile throughput-performance command to
select the throughput-performance
profile.
When multiple processors are used in this way, the SBU units in the book will vary even more than they normally would. In some cases, the make step will simply fail. Analyzing the output of the build process will also be more difficult because the lines from different processes will be interleaved. If you run into a problem with a build step, revert to a single processor build to properly analyze the error messages.
The times presented here for all packages (except binutils-pass1 which is based on one core) are based upon using four cores (-j4). The times in Chapter 8 also include the time to run the regression tests for the package unless specified otherwise.
Most packages provide a test suite. Running the test suite for a newly built package is a good idea because it can provide a “sanity check” indicating that everything compiled correctly. A test suite that passes its set of checks usually proves that the package is functioning as the developer intended. It does not, however, guarantee that the package is totally bug free.
Some test suites are more important than others. For example, the test suites for the core toolchain packages—GCC, binutils, and glibc—are of the utmost importance due to their central role in a properly functioning system. The test suites for GCC and glibc can take a very long time to complete, especially on slower hardware, but are strongly recommended.
Running the test suites in Chapter 5 and Chapter 6 is pointless; since the test programs are compiled with a cross-compiler, they probably can't run on the build host.
A common issue with running the test suites for binutils and
GCC is running out of pseudo terminals (PTYs). This can result
in a large number of failing tests. This may happen for several
reasons, but the most likely cause is that the host system does
not have the devpts
file system
set up correctly. This issue is discussed in greater detail at
https://www.linuxfromscratch.org/lfs/faq.html#no-ptys.
Sometimes package test suites will fail for reasons which the developers are aware of and have deemed non-critical. Consult the logs located at https://www.linuxfromscratch.org/lfs/build-logs/12.2/ to verify whether or not these failures are expected. This site is valid for all test suites throughout this book.
This part is divided into three stages: first, building a cross compiler and its associated libraries; second, using this cross toolchain to build several utilities in a way that isolates them from the host distribution; and third, entering the chroot environment (which further improves host isolation) and constructing the remaining tools needed to build the final system.
This is where the real work of building a new system begins. Be very careful to follow the instructions exactly as the book shows them. You should try to understand what each command does, and no matter how eager you are to finish your build, you should refrain from blindly typing the commands as shown. Read the documentation when there is something you do not understand. Also, keep track of your typing and of the output of commands, by using the tee utility to send the terminal output to a file. This makes debugging easier if something goes wrong.
The next section is a technical introduction to the build process, while the following one presents very important general instructions.
This section explains some of the rationale and technical details behind the overall build method. Don't try to immediately understand everything in this section. Most of this information will be clearer after performing an actual build. Come back and re-read this chapter at any time during the build process.
The overall goal of Chapter 5 and Chapter 6 is to produce a temporary area containing a set of tools that are known to be good, and that are isolated from the host system. By using the chroot command, the compilations in the remaining chapters will be isolated within that environment, ensuring a clean, trouble-free build of the target LFS system. The build process has been designed to minimize the risks for new readers, and to provide the most educational value at the same time.
This build process is based on cross-compilation. Cross-compilation is normally used to build a compiler and its associated toolchain for a machine different from the one that is used for the build. This is not strictly necessary for LFS, since the machine where the new system will run is the same as the one used for the build. But cross-compilation has one great advantage: anything that is cross-compiled cannot depend on the host environment.
The LFS book is not (and does not contain) a general tutorial to build a cross- (or native) toolchain. Don't use the commands in the book for a cross-toolchain for some purpose other than building LFS, unless you really understand what you are doing.
Cross-compilation involves some concepts that deserve a section of their own. Although this section may be omitted on a first reading, coming back to it later will help you gain a fuller understanding of the process.
Let us first define some terms used in this context.
is the machine where we build programs. Note that this machine is also referred to as the “host.”
is the machine/system where the built programs will run. Note that this use of “host” is not the same as in other sections.
is only used for compilers. It is the machine the compiler produces code for. It may be different from both the build and the host.
As an example, let us imagine the following scenario (sometimes referred to as “Canadian Cross”). We have a compiler on a slow machine only, let's call it machine A, and the compiler ccA. We also have a fast machine (B), but no compiler for (B), and we want to produce code for a third, slow machine (C). We will build a compiler for machine C in three stages.
Stage | Build | Host | Target | Action |
---|---|---|---|---|
1 | A | A | B | Build cross-compiler cc1 using ccA on machine A. |
2 | A | B | C | Build cross-compiler cc2 using cc1 on machine A. |
3 | B | C | C | Build compiler ccC using cc2 on machine B. |
Then, all the programs needed by machine C can be compiled using cc2 on the fast machine B. Note that unless B can run programs produced for C, there is no way to test the newly built programs until machine C itself is running. For example, to run a test suite on ccC, we may want to add a fourth stage:
Stage | Build | Host | Target | Action |
---|---|---|---|---|
4 | C | C | C | Rebuild and test ccC using ccC on machine C. |
In the example above, only cc1 and cc2 are cross-compilers, that is, they produce code for a machine different from the one they are run on. The other compilers ccA and ccC produce code for the machine they are run on. Such compilers are called native compilers.
All the cross-compiled packages in this book use an autoconf-based building system. The autoconf-based building system accepts system types in the form cpu-vendor-kernel-os, referred to as the system triplet. Since the vendor field is often irrelevant, autoconf lets you omit it.
An astute reader may wonder why a “triplet” refers
to a four component name. The kernel field and the os field
began as a single “system” field. Such a three-field
form is still valid today for some systems, for example,
x86_64-unknown-freebsd
. But
two systems can share the same kernel and still be too
different to use the same triplet to describe them. For
example, Android running on a mobile phone is completely
different from Ubuntu running on an ARM64 server, even
though they are both running on the same type of CPU
(ARM64) and using the same kernel (Linux).
Without an emulation layer, you cannot run an executable
for a server on a mobile phone or vice versa. So the
“system” field has been divided into
kernel and os fields, to designate these systems
unambiguously. In our example, the Android system is
designated aarch64-unknown-linux-android
, and the
Ubuntu system is designated aarch64-unknown-linux-gnu
.
The word “triplet” remains embedded in the
lexicon. A simple way to determine your system triplet is
to run the config.guess script that
comes with the source for many packages. Unpack the
binutils sources, run the script ./config.guess
, and note
the output. For example, for a 32-bit Intel processor the
output will be i686-pc-linux-gnu. On a 64-bit
system it will be x86_64-pc-linux-gnu. On most
Linux systems the even simpler gcc -dumpmachine command
will give you similar information.
You should also be aware of the name of the platform's
dynamic linker, often referred to as the dynamic loader
(not to be confused with the standard linker ld that is part of
binutils). The dynamic linker provided by package glibc
finds and loads the shared libraries needed by a program,
prepares the program to run, and then runs it. The name of
the dynamic linker for a 32-bit Intel machine is
ld-linux.so.2
; it's
ld-linux-x86-64.so.2
on
64-bit systems. A sure-fire way to determine the name of
the dynamic linker is to inspect a random binary from the
host system by running: readelf -l <name of binary> | grep
interpreter
and noting the output. The
authoritative reference covering all platforms is in
a Glibc wiki
page.
In order to fake a cross-compilation in LFS, the name of the
host triplet is slightly adjusted by changing the "vendor"
field in the LFS_TGT
variable so
it says "lfs". We also use the --with-sysroot
option when
building the cross-linker and cross-compiler, to tell them
where to find the needed host files. This ensures that none
of the other programs built in Chapter 6
can link to libraries on the build machine. Only two stages
are mandatory, plus one more for tests.
Stage | Build | Host | Target | Action |
---|---|---|---|---|
1 | pc | pc | lfs | Build cross-compiler cc1 using cc-pc on pc. |
2 | pc | lfs | lfs | Build compiler cc-lfs using cc1 on pc. |
3 | lfs | lfs | lfs | Rebuild and test cc-lfs using cc-lfs on lfs. |
In the preceding table, “on pc” means the commands are run on a machine using the already installed distribution. “On lfs” means the commands are run in a chrooted environment.
This is not yet the end of the story. The C language is not merely a compiler; it also defines a standard library. In this book, the GNU C library, named glibc, is used (there is an alternative, "musl"). This library must be compiled for the LFS machine; that is, using the cross-compiler cc1. But the compiler itself uses an internal library providing complex subroutines for functions not available in the assembler instruction set. This internal library is named libgcc, and it must be linked to the glibc library to be fully functional. Furthermore, the standard library for C++ (libstdc++) must also be linked with glibc. The solution to this chicken and egg problem is first to build a degraded cc1-based libgcc, lacking some functionalities such as threads and exception handling, and then to build glibc using this degraded compiler (glibc itself is not degraded), and also to build libstdc++. This last library will lack some of the functionality of libgcc.
The upshot of the preceding paragraph is that cc1 is unable to build a fully functional libstdc++ with the degraded libgcc, but cc1 is the only compiler available for building the C/C++ libraries during stage 2. There are two reasons we don't immediately use the compiler built in stage 2, cc-lfs, to build those libraries.
Generally speaking, cc-lfs cannot run on pc (the host system). Even though the triplets for pc and lfs are compatible with each other, an executable for lfs must depend on glibc-2.40; the host distro may utilize either a different implementation of libc (for example, musl), or a previous release of glibc (for example, glibc-2.13).
Even if cc-lfs can run on pc, using it on pc would create a risk of linking to the pc libraries, since cc-lfs is a native compiler.
So when we build gcc stage 2, we instruct the building system to rebuild libgcc and libstdc++ with cc1, but we link libstdc++ to the newly rebuilt libgcc instead of the old, degraded build. This makes the rebuilt libstdc++ fully functional.
In Chapter 8 (or “stage 3”), all the packages needed for the LFS system are built. Even if a package has already been installed into the LFS system in a previous chapter, we still rebuild the package. The main reason for rebuilding these packages is to make them stable: if we reinstall an LFS package on a completed LFS system, the reinstalled content of the package should be the same as the content of the same package when first installed in Chapter 8. The temporary packages installed in Chapter 6 or Chapter 7 cannot satisfy this requirement, because some of them are built without optional dependencies, and autoconf cannot perform some feature checks in Chapter 6 because of cross-compilation, causing the temporary packages to lack optional features, or use suboptimal code routines. Additionally, a minor reason for rebuilding the packages is to run the test suites.
The cross-compiler will be installed in a separate
$LFS/tools
directory, since it
will not be part of the final system.
Binutils is installed first because the configure runs of both gcc and glibc perform various feature tests on the assembler and linker to determine which software features to enable or disable. This is more important than one might realize at first. An incorrectly configured gcc or glibc can result in a subtly broken toolchain, where the impact of such breakage might not show up until near the end of the build of an entire distribution. A test suite failure will usually highlight this error before too much additional work is performed.
Binutils installs its assembler and linker in two locations,
$LFS/tools/bin
and $LFS/tools/$LFS_TGT/bin
. The tools in one
location are hard linked to the other. An important facet of
the linker is its library search order. Detailed information
can be obtained from ld by passing it the
--verbose
flag. For
example, $LFS_TGT-ld --verbose
| grep SEARCH will illustrate the current
search paths and their order. (Note that this example can be
run as shown only while logged in as user lfs
. If you come back to this page later,
replace $LFS_TGT-ld with
ld).
The next package installed is gcc. An example of what can be seen during its run of configure is:
checking what assembler to use... /mnt/lfs/tools/i686-lfs-linux-gnu/bin/as
checking what linker to use... /mnt/lfs/tools/i686-lfs-linux-gnu/bin/ld
This is important for the reasons mentioned above. It also demonstrates that gcc's configure script does not search the PATH directories to find which tools to use. However, during the actual operation of gcc itself, the same search paths are not necessarily used. To find out which standard linker gcc will use, run: $LFS_TGT-gcc -print-prog-name=ld. (Again, remove the $LFS_TGT- prefix if coming back to this later.)
Detailed information can be obtained from gcc by passing it the
-v
command line
option while compiling a program. For example, $LFS_TGT-gcc -v example.c
(or
without $LFS_TGT- if coming back
later) will show detailed information about the preprocessor,
compilation, and assembly stages, including gcc's search paths for
included headers and their order.
Next up: sanitized Linux API headers. These allow the standard C library (glibc) to interface with features that the Linux kernel will provide.
Next comes glibc. The most important considerations for
building glibc are the compiler, binary tools, and kernel
headers. The compiler and binary tools are generally not an
issue since glibc will always those relating to the
--host
parameter
passed to its configure script; e.g., in our case, the
compiler will be $LFS_TGT-gcc and the
readelf tool
will be $LFS_TGT-readelf. The
kernel headers can be a bit more complicated. Therefore, we
take no risks and use the available configure switch to
enforce the correct selection. After the run of configure, check the
contents of the config.make
file in the build
directory for
all important details. These items highlight an important
aspect of the glibc package—it is very self-sufficient in
terms of its build machinery, and generally does not rely on
toolchain defaults.
As mentioned above, the standard C++ library is compiled
next, followed in Chapter 6
by other programs that must be cross-compiled to break
circular dependencies at build time. The install step of all
those packages uses the DESTDIR
variable to force installation in the LFS filesystem.
At the end of Chapter 6
the native LFS compiler is installed. First binutils-pass2 is
built, in the same DESTDIR
directory as the other programs, then the second pass of gcc
is constructed, omitting some non-critical libraries. Due to
some weird logic in gcc's configure script, CC_FOR_TARGET
ends up as cc when the host is the
same as the target, but different from the build system. This
is why CC_FOR_TARGET=$LFS_TGT-gcc
is
declared explicitly as one of the configuration options.
Upon entering the chroot environment in Chapter 7, the temporary installations of programs needed for the proper operation of the toolchain are performed. From this point onwards, the core toolchain is self-contained and self-hosted. In Chapter 8, final versions of all the packages needed for a fully functional system are built, tested, and installed.
During a development cycle of LFS, the instructions in the book are often modified to adapt for a package update or take the advantage of new features from updated packages. Mixing up the instructions of different versions of the LFS book can cause subtle breakages. This kind of issue is generally a result from reusing some script created for a prior LFS release. Such a reuse is strongly discouraged. If you are reusing scripts for a prior LFS release for any reason, you'll need to be very careful to update the scripts to match current version of the LFS book.
Here are some things you should know about building each package:
Several packages are patched before compilation, but only when the patch is needed to circumvent a problem. A patch is often needed in both the current and the following chapters, but sometimes, when the same package is built more than once, the patch is not needed right away. Therefore, do not be concerned if instructions for a downloaded patch seem to be missing. Warning messages about offset or fuzz may also be encountered when applying a patch. Do not worry about these warnings; the patch was still successfully applied.
During the compilation of most packages, some warnings will scroll by on the screen. These are normal and can safely be ignored. These warnings are usually about deprecated, but not invalid, use of the C or C++ syntax. C standards change fairly often, and some packages have not yet been updated. This is not a serious problem, but it does cause the warnings to appear.
Check one last time that the LFS
environment variable is set up
properly:
echo $LFS
Make sure the output shows the path to the LFS
partition's mount point, which is /mnt/lfs
, using our example.
Finally, two important items must be emphasized:
The build instructions assume that the Host System Requirements, including symbolic links, have been set properly:
bash is the shell in use.
sh is a symbolic link to bash.
/usr/bin/awk is a symbolic link to gawk.
/usr/bin/yacc is a symbolic link to bison, or to a small script that executes bison.
Here is a synopsis of the build process.
Place all the sources and patches in a directory
that will be accessible from the chroot
environment, such as /mnt/lfs/sources/
.
Change to the /mnt/lfs/sources/
directory.
Using the tar program, extract the package to be built. In Chapter 5 and Chapter 6, ensure you are the lfs user when extracting the package.
Do not use any method except the tar command to extract the source code. Notably, using the cp -R command to copy the source code tree somewhere else can destroy timestamps in the source tree, and cause the build to fail.
Change to the directory created when the package was extracted.
Follow the instructions for building the package.
Change back to the sources directory when the build is complete.
Delete the extracted source directory unless instructed otherwise.
This chapter shows how to build a cross-compiler and its associated tools. Although here cross-compilation is faked, the principles are the same as for a real cross-toolchain.
The programs compiled in this chapter will be installed under
the $LFS/tools
directory to keep
them separate from the files installed in the following
chapters. The libraries, on the other hand, are installed into
their final place, since they pertain to the system we want to
build.
The Binutils package contains a linker, an assembler, and other tools for handling object files.
Go back and re-read the notes in the section titled General Compilation Instructions. Understanding the notes labeled important can save you a lot of problems later.
It is important that Binutils be the first package compiled because both Glibc and GCC perform various tests on the available linker and assembler to determine which of their own features to enable.
The Binutils documentation recommends building Binutils in a dedicated build directory:
mkdir -v build cd build
In order for the SBU values listed in the rest of the book
to be of any use, measure the time it takes to build this
package from the configuration, up to and including the
first install. To achieve this easily, wrap the commands in
a time
command like this: time {
../configure ... && make && make install;
}
.
Now prepare Binutils for compilation:
../configure --prefix=$LFS/tools \ --with-sysroot=$LFS \ --target=$LFS_TGT \ --disable-nls \ --enable-gprofng=no \ --disable-werror \ --enable-new-dtags \ --enable-default-hash-style=gnu
The meaning of the configure options:
--prefix=$LFS/tools
This tells the configure script to prepare to install
the Binutils programs in the $LFS/tools
directory.
--with-sysroot=$LFS
For cross compilation, this tells the build system to look in $LFS for the target system libraries as needed.
--target=$LFS_TGT
Because the machine description in the LFS_TGT
variable is slightly different
than the value returned by the config.guess script,
this switch will tell the configure script to
adjust binutil's build system for building a cross
linker.
--disable-nls
This disables internationalization as i18n is not needed for the temporary tools.
--enable-gprofng=no
This disables building gprofng which is not needed for the temporary tools.
--disable-werror
This prevents the build from stopping in the event that there are warnings from the host's compiler.
--enable-new-dtags
This makes the linker use the “runpath” tag for embedding library search paths into executables and shared libraries, instead of the traditional “rpath” tag. It makes debugging dynamically linked executables easier and works around potential issues in the test suite of some packages.
--enable-default-hash-style=gnu
By default, the linker would generate both the GNU-style hash table and the classic ELF hash table for shared libraries and dynamically linked executables. The hash tables are only intended for a dynamic linker to perform symbol lookup. On LFS the dynamic linker (provided by the Glibc package) will always use the GNU-style hash table which is faster to query. So the classic ELF hash table is completely useless. This makes the linker only generate the GNU-style hash table by default, so we can avoid wasting time to generate the classic ELF hash table when we build the packages, or wasting disk space to store it.
Continue with compiling the package:
make
Install the package:
make install
Details on this package are located in Section 8.20.2, “Contents of Binutils.”
The GCC package contains the GNU compiler collection, which includes the C and C++ compilers.
GCC requires the GMP, MPFR and MPC packages. As these packages may not be included in your host distribution, they will be built with GCC. Unpack each package into the GCC source directory and rename the resulting directories so the GCC build procedures will automatically use them:
There are frequent misunderstandings about this chapter. The procedures are the same as every other chapter, as explained earlier (Package build instructions). First, extract the gcc-14.2.0 tarball from the sources directory, and then change to the directory created. Only then should you proceed with the instructions below.
tar -xf ../mpfr-4.2.1.tar.xz mv -v mpfr-4.2.1 mpfr tar -xf ../gmp-6.3.0.tar.xz mv -v gmp-6.3.0 gmp tar -xf ../mpc-1.3.1.tar.gz mv -v mpc-1.3.1 mpc
On x86_64 hosts, set the default directory name for 64-bit libraries to “lib”:
case $(uname -m) in x86_64) sed -e '/m64=/s/lib64/lib/' \ -i.orig gcc/config/i386/t-linux64 ;; esac
The GCC documentation recommends building GCC in a dedicated build directory:
mkdir -v build cd build
Prepare GCC for compilation:
../configure \ --target=$LFS_TGT \ --prefix=$LFS/tools \ --with-glibc-version=2.40 \ --with-sysroot=$LFS \ --with-newlib \ --without-headers \ --enable-default-pie \ --enable-default-ssp \ --disable-nls \ --disable-shared \ --disable-multilib \ --disable-threads \ --disable-libatomic \ --disable-libgomp \ --disable-libquadmath \ --disable-libssp \ --disable-libvtv \ --disable-libstdcxx \ --enable-languages=c,c++
The meaning of the configure options:
--with-glibc-version=2.40
This option specifies the version of Glibc which will be used on the target. It is not relevant to the libc of the host distro because everything compiled by pass1 GCC will run in the chroot environment, which is isolated from libc of the host distro.
--with-newlib
Since a working C library is not yet available, this ensures that the inhibit_libc constant is defined when building libgcc. This prevents the compiling of any code that requires libc support.
--without-headers
When creating a complete cross-compiler, GCC requires standard headers compatible with the target system. For our purposes these headers will not be needed. This switch prevents GCC from looking for them.
--enable-default-pie and
--enable-default-ssp
Those switches allow GCC to compile programs with some hardening security features (more information on those in the note on PIE and SSP in chapter 8) by default. They are not strictly needed at this stage, since the compiler will only produce temporary executables. But it is cleaner to have the temporary packages be as close as possible to the final ones.
--disable-shared
This switch forces GCC to link its internal libraries statically. We need this because the shared libraries require Glibc, which is not yet installed on the target system.
--disable-multilib
On x86_64, LFS does not support a multilib configuration. This switch is harmless for x86.
--disable-threads, --disable-libatomic,
--disable-libgomp, --disable-libquadmath,
--disable-libssp, --disable-libvtv,
--disable-libstdcxx
These switches disable support for threading, libatomic, libgomp, libquadmath, libssp, libvtv, and the C++ standard library respectively. These features may fail to compile when building a cross-compiler and are not necessary for the task of cross-compiling the temporary libc.
--enable-languages=c,c++
This option ensures that only the C and C++ compilers are built. These are the only languages needed now.
Compile GCC by running:
make
Install the package:
make install
This build of GCC has installed a couple of internal system
headers. Normally one of them, limits.h
, would in turn include the
corresponding system limits.h
header, in this case, $LFS/usr/include/limits.h
. However, at the
time of this build of GCC $LFS/usr/include/limits.h
does not exist,
so the internal header that has just been installed is a
partial, self-contained file and does not include the
extended features of the system header. This is adequate for
building Glibc, but the full internal header will be needed
later. Create a full version of the internal header using a
command that is identical to what the GCC build system does
in normal circumstances:
The command below shows an example of nested command
substitution using two methods: backquotes and a
$()
construct. It could be
rewritten using the same method for both substitutions, but
is shown this way to demonstrate how they can be mixed.
Generally the $()
method is
preferred.
cd .. cat gcc/limitx.h gcc/glimits.h gcc/limity.h > \ `dirname $($LFS_TGT-gcc -print-libgcc-file-name)`/include/limits.h
Details on this package are located in Section 8.29.2, “Contents of GCC.”
The Linux API Headers (in linux-6.10.5.tar.xz) expose the kernel's API for use by Glibc.
The Linux kernel needs to expose an Application Programming Interface (API) for the system's C library (Glibc in LFS) to use. This is done by way of sanitizing various C header files that are shipped in the Linux kernel source tarball.
Make sure there are no stale files embedded in the package:
make mrproper
Now extract the user-visible kernel headers from the source.
The recommended make target “headers_install” cannot be used,
because it requires rsync,
which may not be available. The headers are first placed in
./usr
, then copied to the
needed location.
make headers find usr/include -type f ! -name '*.h' -delete cp -rv usr/include $LFS/usr
The Linux API ASM Headers |
|
The Linux API ASM Generic Headers |
|
The Linux API DRM Headers |
|
The Linux API Linux Headers |
|
The Linux API Miscellaneous Headers |
|
The Linux API MTD Headers |
|
The Linux API RDMA Headers |
|
The Linux API SCSI Headers |
|
The Linux API Sound Headers |
|
The Linux API Video Headers |
|
The Linux API Xen Headers |
The Glibc package contains the main C library. This library provides the basic routines for allocating memory, searching directories, opening and closing files, reading and writing files, string handling, pattern matching, arithmetic, and so on.
First, create a symbolic link for LSB compliance. Additionally, for x86_64, create a compatibility symbolic link required for proper operation of the dynamic library loader:
case $(uname -m) in i?86) ln -sfv ld-linux.so.2 $LFS/lib/ld-lsb.so.3 ;; x86_64) ln -sfv ../lib/ld-linux-x86-64.so.2 $LFS/lib64 ln -sfv ../lib/ld-linux-x86-64.so.2 $LFS/lib64/ld-lsb-x86-64.so.3 ;; esac
The above command is correct. The ln command has several syntactic versions, so be sure to check info coreutils ln and ln(1) before reporting what may appear to be an error.
Some of the Glibc programs use the non-FHS-compliant
/var/db
directory to store
their runtime data. Apply the following patch to make such
programs store their runtime data in the FHS-compliant
locations:
patch -Np1 -i ../glibc-2.40-fhs-1.patch
The Glibc documentation recommends building Glibc in a dedicated build directory:
mkdir -v build cd build
Ensure that the ldconfig and sln utilities are installed
into /usr/sbin
:
echo "rootsbindir=/usr/sbin" > configparms
Next, prepare Glibc for compilation:
../configure \ --prefix=/usr \ --host=$LFS_TGT \ --build=$(../scripts/config.guess) \ --enable-kernel=4.19 \ --with-headers=$LFS/usr/include \ --disable-nscd \ libc_cv_slibdir=/usr/lib
The meaning of the configure options:
--host=$LFS_TGT,
--build=$(../scripts/config.guess)
The combined effect of these switches is that Glibc's
build system configures itself to be cross-compiled,
using the cross-linker and cross-compiler in
$LFS/tools
.
--enable-kernel=4.19
This tells Glibc to compile the library with support for 4.19 and later Linux kernels. Workarounds for older kernels are not enabled.
--with-headers=$LFS/usr/include
This tells Glibc to compile itself against the headers recently installed to the $LFS/usr/include directory, so that it knows exactly what features the kernel has and can optimize itself accordingly.
libc_cv_slibdir=/usr/lib
This ensures that the library is installed in /usr/lib instead of the default /lib64 on 64-bit machines.
--disable-nscd
Do not build the name service cache daemon which is no longer used.
During this stage the following warning might appear:
configure: WARNING: *** These auxiliary programs are missing or *** incompatible versions: msgfmt *** some features will be disabled. *** Check the INSTALL file for required versions.
The missing or incompatible msgfmt program is generally harmless. This msgfmt program is part of the Gettext package, which the host distribution should provide.
There have been reports that this package may fail when
building as a “parallel make.” If that occurs, rerun
the make command with the -j1
option.
Compile the package:
make
Install the package:
If LFS
is not properly set, and
despite the recommendations, you are building as
root
, the next command will
install the newly built Glibc to your host system, which
will almost certainly render it unusable. So double-check
that the environment is correctly set, and that you are not
root
, before running the
following command.
make DESTDIR=$LFS install
The meaning of the make install option:
DESTDIR=$LFS
The DESTDIR
make variable is
used by almost all packages to define the location
where the package should be installed. If it is not
set, it defaults to the root (/
) directory. Here we specify that
the package is installed in $LFS
, which will become the root
directory in Section 7.4,
“Entering the Chroot Environment”.
Fix a hard coded path to the executable loader in the ldd script:
sed '/RTLDLIST=/s@/usr@@g' -i $LFS/usr/bin/ldd
At this point, it is imperative to stop and ensure that the basic functions (compiling and linking) of the new toolchain are working as expected. To perform a sanity check, run the following commands:
echo 'int main(){}' | $LFS_TGT-gcc -xc - readelf -l a.out | grep ld-linux
If everything is working correctly, there should be no errors, and the output of the last command will be of the form:
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
Note that for 32-bit machines, the interpreter name will be
/lib/ld-linux.so.2
.
If the output is not as shown above, or there is no output at all, then something is wrong. Investigate and retrace the steps to find out where the problem is and correct it. This issue must be resolved before continuing.
Once all is well, clean up the test file:
rm -v a.out
Building the packages in the next chapter will serve as an additional check that the toolchain has been built properly. If some package, especially Binutils-pass2 or GCC-pass2, fails to build, it is an indication that something has gone wrong with the preceding Binutils, GCC, or Glibc installations.
Details on this package are located in Section 8.5.3, “Contents of Glibc.”
Libstdc++ is the standard C++ library. It is needed to compile C++ code (part of GCC is written in C++), but we had to defer its installation when we built gcc-pass1 because Libstdc++ depends on Glibc, which was not yet available in the target directory.
Libstdc++ is part of the
GCC sources. You should first unpack the GCC tarball and
change to the gcc-14.2.0
directory.
Create a separate build directory for Libstdc++ and enter it:
mkdir -v build cd build
Prepare Libstdc++ for compilation:
../libstdc++-v3/configure \ --host=$LFS_TGT \ --build=$(../config.guess) \ --prefix=/usr \ --disable-multilib \ --disable-nls \ --disable-libstdcxx-pch \ --with-gxx-include-dir=/tools/$LFS_TGT/include/c++/14.2.0
The meaning of the configure options:
--host=...
Specifies that the cross-compiler we have just built
should be used instead of the one in /usr/bin
.
--disable-libstdcxx-pch
This switch prevents the installation of precompiled include files, which are not needed at this stage.
--with-gxx-include-dir=/tools/$LFS_TGT/include/c++/14.2.0
This specifies the installation directory for include
files. Because Libstdc++ is the standard C++ library
for LFS, this directory should match the location where
the C++ compiler ($LFS_TGT-g++) would
search for the standard C++ include files. In a normal
build, this information is automatically passed to the
Libstdc++ configure options
from the top level directory. In our case, this
information must be explicitly given. The C++ compiler
will prepend the sysroot path $LFS
(specified when building
GCC-pass1) to the include file search path, so it will
actually search in $LFS/tools/$LFS_TGT/include/c++/14.2.0
.
The combination of the DESTDIR
variable (in the
make
install command below) and this switch
causes the headers to be installed there.
Compile Libstdc++ by running:
make
Install the library:
make DESTDIR=$LFS install
Remove the libtool archive files because they are harmful for cross-compilation:
rm -v $LFS/usr/lib/lib{stdc++{,exp,fs},supc++}.la
Details on this package are located in Section 8.29.2, “Contents of GCC.”
This chapter shows how to cross-compile basic utilities using the just built cross-toolchain. Those utilities are installed into their final location, but cannot be used yet. Basic tasks still rely on the host's tools. Nevertheless, the installed libraries are used when linking.
Using the utilities will be possible in the next chapter after entering the “chroot” environment. But all the packages built in the present chapter need to be built before we do that. Therefore we cannot be independent of the host system yet.
Once again, let us recall that improper setting of LFS
together with building as root
, may render your computer unusable.
This whole chapter must be done as user lfs
, with the environment as described in
Section 4.4,
“Setting Up the Environment.”
The M4 package contains a macro processor.
Prepare M4 for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.13.2, “Contents of M4.”
The Ncurses package contains libraries for terminal-independent handling of character screens.
First, ensure that gawk is found first during configuration:
sed -i s/mawk// configure
Then, run the following commands to build the “tic” program on the build host:
mkdir build pushd build ../configure make -C include make -C progs tic popd
Prepare Ncurses for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(./config.guess) \ --mandir=/usr/share/man \ --with-manpage-format=normal \ --with-shared \ --without-normal \ --with-cxx-shared \ --without-debug \ --without-ada \ --disable-stripping
The meaning of the new configure options:
--with-manpage-format=normal
This prevents Ncurses from installing compressed manual pages, which may happen if the host distribution itself has compressed manual pages.
--with-shared
This makes Ncurses build and install shared C libraries.
--without-normal
This prevents Ncurses from building and installing static C libraries.
--without-debug
This prevents Ncurses from building and installing debug libraries.
--with-cxx-shared
This makes Ncurses build and install shared C++ bindings. It also prevents it building and installing static C++ bindings.
--without-ada
This ensures that Ncurses does not build support for the Ada compiler, which may be present on the host but will not be available once we enter the chroot environment.
--disable-stripping
This switch prevents the building system from using the strip program from the host. Using host tools on cross-compiled programs can cause failure.
Compile the package:
make
Install the package:
make DESTDIR=$LFS TIC_PATH=$(pwd)/build/progs/tic install ln -sv libncursesw.so $LFS/usr/lib/libncurses.so sed -e 's/^#if.*XOPEN.*$/#if 1/' \ -i $LFS/usr/include/curses.h
The meaning of the install options:
TIC_PATH=$(pwd)/build/progs/tic
We need to pass the path of the newly built tic program that runs on the building machine, so the terminal database can be created without errors.
The libncurses.so
library
is needed by a few packages we will build soon. We
create this symlink to use libncursesw.so
as a replacement.
The header file curses.h
contains the definition of various Ncurses data
structures. With different preprocessor macro
definitions two different sets of the data structure
definition may be used: the 8-bit definition is
compatible with libncurses.so
and the wide-character
definition is compatible with libncursesw.so
. Since we are using
libncursesw.so
as a
replacement of libncurses.so
, edit the header file
so it will always use the wide-character data structure
definition compatible with libncursesw.so
.
Details on this package are located in Section 8.30.2, “Contents of Ncurses.”
The Bash package contains the Bourne-Again Shell.
Prepare Bash for compilation:
./configure --prefix=/usr \ --build=$(sh support/config.guess) \ --host=$LFS_TGT \ --without-bash-malloc \ bash_cv_strtold_broken=no
The meaning of the configure options:
--without-bash-malloc
This option turns off the use of Bash's memory
allocation (malloc
)
function which is known to cause segmentation faults.
By turning this option off, Bash will use the
malloc
functions from
Glibc which are more stable.
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Make a link for the programs that use sh for a shell:
ln -sv bash $LFS/bin/sh
Details on this package are located in Section 8.36.2, “Contents of Bash.”
The Coreutils package contains the basic utility programs needed by every operating system.
Prepare Coreutils for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(build-aux/config.guess) \ --enable-install-program=hostname \ --enable-no-install-program=kill,uptime
The meaning of the configure options:
--enable-install-program=hostname
This enables the hostname binary to be built and installed – it is disabled by default but is required by the Perl test suite.
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Move programs to their final expected locations. Although this is not necessary in this temporary environment, we must do so because some programs hardcode executable locations:
mv -v $LFS/usr/bin/chroot $LFS/usr/sbin mkdir -pv $LFS/usr/share/man/man8 mv -v $LFS/usr/share/man/man1/chroot.1 $LFS/usr/share/man/man8/chroot.8 sed -i 's/"1"/"8"/' $LFS/usr/share/man/man8/chroot.8
Details on this package are located in Section 8.58.2, “Contents of Coreutils.”
The Diffutils package contains programs that show the differences between files or directories.
Prepare Diffutils for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(./build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.60.2, “Contents of Diffutils.”
The File package contains a utility for determining the type of a given file or files.
The file command on the build host needs to be the same version as the one we are building in order to create the signature file. Run the following commands to make a temporary copy of the file command:
mkdir build pushd build ../configure --disable-bzlib \ --disable-libseccomp \ --disable-xzlib \ --disable-zlib make popd
The meaning of the new configure option:
--disable-*
The configuration script attempts to use some packages from the host distribution if the corresponding library files exist. It may cause compilation failure if a library file exists, but the corresponding header files do not. These options prevent using these unneeded capabilities from the host.
Prepare File for compilation:
./configure --prefix=/usr --host=$LFS_TGT --build=$(./config.guess)
Compile the package:
make FILE_COMPILE=$(pwd)/build/src/file
Install the package:
make DESTDIR=$LFS install
Remove the libtool archive file because it is harmful for cross compilation:
rm -v $LFS/usr/lib/libmagic.la
Details on this package are located in Section 8.11.2, “Contents of File.”
The Findutils package contains programs to find files. Programs are provided to search through all the files in a directory tree and to create, maintain, and search a database (often faster than the recursive find, but unreliable unless the database has been updated recently). Findutils also supplies the xargs program, which can be used to run a specified command on each file selected by a search.
Prepare Findutils for compilation:
./configure --prefix=/usr \ --localstatedir=/var/lib/locate \ --host=$LFS_TGT \ --build=$(build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.62.2, “Contents of Findutils.”
The Gawk package contains programs for manipulating text files.
First, ensure some unneeded files are not installed:
sed -i 's/extras//' Makefile.in
Prepare Gawk for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.61.2, “Contents of Gawk.”
The Grep package contains programs for searching through the contents of files.
Prepare Grep for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(./build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.35.2, “Contents of Grep.”
The Gzip package contains programs for compressing and decompressing files.
Prepare Gzip for compilation:
./configure --prefix=/usr --host=$LFS_TGT
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.65.2, “Contents of Gzip.”
The Make package contains a program for controlling the generation of executables and other non-source files of a package from source files.
Prepare Make for compilation:
./configure --prefix=/usr \ --without-guile \ --host=$LFS_TGT \ --build=$(build-aux/config.guess)
The meaning of the new configure option:
--without-guile
Although we are cross-compiling, configure tries to use guile from the build host if it finds it. This makes compilation fail, so this switch prevents using it.
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.69.2, “Contents of Make.”
The Patch package contains a program for modifying or creating files by applying a “patch” file typically created by the diff program.
Prepare Patch for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.70.2, “Contents of Patch.”
The Sed package contains a stream editor.
Prepare Sed for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(./build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.31.2, “Contents of Sed.”
The Tar package provides the ability to create tar archives as well as perform various other kinds of archive manipulation. Tar can be used on previously created archives to extract files, to store additional files, or to update or list files which were already stored.
Prepare Tar for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(build-aux/config.guess)
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Details on this package are located in Section 8.71.2, “Contents of Tar.”
The Xz package contains programs for compressing and decompressing files. It provides capabilities for the lzma and the newer xz compression formats. Compressing text files with xz yields a better compression percentage than with the traditional gzip or bzip2 commands.
Prepare Xz for compilation:
./configure --prefix=/usr \ --host=$LFS_TGT \ --build=$(build-aux/config.guess) \ --disable-static \ --docdir=/usr/share/doc/xz-5.6.2
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Remove the libtool archive file because it is harmful for cross compilation:
rm -v $LFS/usr/lib/liblzma.la
Details on this package are located in Section 8.8.2, “Contents of Xz.”
The Binutils package contains a linker, an assembler, and other tools for handling object files.
Binutils building system relies on an shipped libtool copy to link against internal static libraries, but the libiberty and zlib copies shipped in the package do not use libtool. This inconsistency may cause produced binaries mistakenly linked against libraries from the host distro. Work around this issue:
sed '6009s/$add_dir//' -i ltmain.sh
Create a separate build directory again:
mkdir -v build cd build
Prepare Binutils for compilation:
../configure \ --prefix=/usr \ --build=$(../config.guess) \ --host=$LFS_TGT \ --disable-nls \ --enable-shared \ --enable-gprofng=no \ --disable-werror \ --enable-64-bit-bfd \ --enable-new-dtags \ --enable-default-hash-style=gnu
The meaning of the new configure options:
--enable-shared
Builds libbfd
as a shared
library.
--enable-64-bit-bfd
Enables 64-bit support (on hosts with smaller word sizes). This may not be needed on 64-bit systems, but it does no harm.
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
Remove the libtool archive files because they are harmful for cross compilation, and remove unnecessary static libraries:
rm -v $LFS/usr/lib/lib{bfd,ctf,ctf-nobfd,opcodes,sframe}.{a,la}
Details on this package are located in Section 8.20.2, “Contents of Binutils.”
The GCC package contains the GNU compiler collection, which includes the C and C++ compilers.
As in the first build of GCC, the GMP, MPFR, and MPC packages are required. Unpack the tarballs and move them into the required directories:
tar -xf ../mpfr-4.2.1.tar.xz mv -v mpfr-4.2.1 mpfr tar -xf ../gmp-6.3.0.tar.xz mv -v gmp-6.3.0 gmp tar -xf ../mpc-1.3.1.tar.gz mv -v mpc-1.3.1 mpc
If building on x86_64, change the default directory name for 64-bit libraries to “lib”:
case $(uname -m) in x86_64) sed -e '/m64=/s/lib64/lib/' \ -i.orig gcc/config/i386/t-linux64 ;; esac
Override the building rule of libgcc and libstdc++ headers, to allow building these libraries with POSIX threads support:
sed '/thread_header =/s/@.*@/gthr-posix.h/' \ -i libgcc/Makefile.in libstdc++-v3/include/Makefile.in
Create a separate build directory again:
mkdir -v build cd build
Before starting to build GCC, remember to unset any environment variables that override the default optimization flags.
Now prepare GCC for compilation:
../configure \ --build=$(../config.guess) \ --host=$LFS_TGT \ --target=$LFS_TGT \ LDFLAGS_FOR_TARGET=-L$PWD/$LFS_TGT/libgcc \ --prefix=/usr \ --with-build-sysroot=$LFS \ --enable-default-pie \ --enable-default-ssp \ --disable-nls \ --disable-multilib \ --disable-libatomic \ --disable-libgomp \ --disable-libquadmath \ --disable-libsanitizer \ --disable-libssp \ --disable-libvtv \ --enable-languages=c,c++
The meaning of the new configure options:
--with-build-sysroot=$LFS
Normally, using --host
ensures that a
cross-compiler is used for building GCC, and that
compiler knows that it has to look for headers and
libraries in $LFS
. But
the build system for GCC uses other tools, which are
not aware of this location. This switch is needed so
those tools will find the needed files in $LFS
, and not on the host.
--target=$LFS_TGT
We are cross-compiling GCC, so it's impossible to build
target libraries (libgcc
and libstdc++
) with the
GCC binaries compiled in this pass—those binaries won't
run on the host. The GCC build system will attempt to
use the host's C and C++ compilers as a workaround by
default. Building the GCC target libraries with a
different version of GCC is not supported, so using the
host's compilers may cause the build to fail. This
parameter ensures the libraries are built by GCC pass
1.
LDFLAGS_FOR_TARGET=...
Allow libstdc++
to use
the libgcc
being built in
this pass, instead of the previous version built in
gcc-pass1. The
previous version cannot properly support C++ exception
handling because it was built without libc support.
--disable-libsanitizer
Disable GCC sanitizer runtime libraries. They are not
needed for the temporary installation. In gcc-pass1 it was
implied by --disable-libstdcxx
, and
now we can explicitly pass it.
Compile the package:
make
Install the package:
make DESTDIR=$LFS install
As a finishing touch, create a utility symlink. Many programs and scripts run cc instead of gcc, which is used to keep programs generic and therefore usable on all kinds of UNIX systems where the GNU C compiler is not always installed. Running cc leaves the system administrator free to decide which C compiler to install:
ln -sv gcc $LFS/usr/bin/cc
Details on this package are located in Section 8.29.2, “Contents of GCC.”
This chapter shows how to build the last missing bits of the temporary system: the tools needed to build the various packages. Now that all circular dependencies have been resolved, a “chroot” environment, completely isolated from the host operating system (except for the running kernel), can be used for the build.
For proper operation of the isolated environment, some communication with the running kernel must be established. This is done via the so-called Virtual Kernel File Systems, which will be mounted before entering the chroot environment. You may want to verify that they are mounted by issuing the findmnt command.
Until Section 7.4,
“Entering the Chroot Environment”, the commands must be run
as root
, with the LFS
variable set. After entering chroot, all
commands are run as root
,
fortunately without access to the OS of the computer you built
LFS on. Be careful anyway, as it is easy to destroy the whole
LFS system with bad commands.
The commands in the remainder of this book must be performed
while logged in as user root
and no longer as user lfs
.
Also, double check that $LFS
is
set in root
's environment.
Currently, the whole directory hierarchy in $LFS
is owned by the user lfs
, a user that exists only on the host
system. If the directories and files under $LFS
are kept as they are, they will be owned
by a user ID without a corresponding account. This is dangerous
because a user account created later could get this same user
ID and would own all the files under $LFS
, thus exposing these files to possible
malicious manipulation.
To address this issue, change the ownership of the $LFS/*
directories to user root
by running the following command:
chown --from lfs -R root:root $LFS/{usr,lib,var,etc,bin,sbin,tools} case $(uname -m) in x86_64) chown --from lfs -R root:root $LFS/lib64 ;; esac
Applications running in userspace utilize various file systems created by the kernel to communicate with the kernel itself. These file systems are virtual: no disk space is used for them. The content of these file systems resides in memory. These file systems must be mounted in the $LFS directory tree so the applications can find them in the chroot environment.
Begin by creating the directories on which these virtual file systems will be mounted:
mkdir -pv $LFS/{dev,proc,sys,run}
During a normal boot of an LFS system, the kernel
automatically mounts the devtmpfs
file system on the /dev
directory; the kernel creates device
nodes on that virtual file system during the boot process, or
when a device is first detected or accessed. The udev daemon
may change the ownership or permissions of the device nodes
created by the kernel, and create new device nodes or
symlinks, to ease the work of distro maintainers and system
administrators. (See Section 9.3.2.2,
“Device Node Creation” for details.) If the host kernel
supports devtmpfs
, we can
simply mount a devtmpfs
at
$LFS/dev
and rely on the kernel
to populate it.
But some host kernels lack devtmpfs
support; these host distros use
different methods to create the content of /dev
. So the only host-agnostic way to
populate the $LFS/dev
directory
is by bind mounting the host system's /dev
directory. A bind mount is a special
type of mount that makes a directory subtree or a file
visible at some other location. Use the following command to
do this.
mount -v --bind /dev $LFS/dev
Now mount the remaining virtual kernel file systems:
mount -vt devpts devpts -o gid=5,mode=0620 $LFS/dev/pts mount -vt proc proc $LFS/proc mount -vt sysfs sysfs $LFS/sys mount -vt tmpfs tmpfs $LFS/run
The meaning of the mount options for devpts:
gid=5
This ensures that all devpts-created device nodes are
owned by group ID 5. This is the ID we will use later
on for the tty
group.
We use the group ID instead of a name, since the host
system might use a different ID for its tty
group.
mode=0620
This ensures that all devpts-created device nodes have mode 0620 (user readable and writable, group writable). Together with the option above, this ensures that devpts will create device nodes that meet the requirements of grantpt(), meaning the Glibc pt_chown helper binary (which is not installed by default) is not necessary.
In some host systems, /dev/shm
is a symbolic link to a directory, typically /run/shm
. The /run tmpfs was mounted above
so in this case only a directory needs to be created with the
correct permissions.
In other host systems /dev/shm
is a mount point for a tmpfs. In that case the mount of /dev
above will only create /dev/shm as a directory in the chroot
environment. In this situation we must explicitly mount a
tmpfs:
if [ -h $LFS/dev/shm ]; then install -v -d -m 1777 $LFS$(realpath /dev/shm) else mount -vt tmpfs -o nosuid,nodev tmpfs $LFS/dev/shm fi
Now that all the packages which are required to build the rest
of the needed tools are on the system, it is time to enter the
chroot environment and finish installing the temporary tools.
This environment will also be used to install the final system.
As user root
, run the following
command to enter the environment that is, at the moment,
populated with nothing but temporary tools:
chroot "$LFS" /usr/bin/env -i \ HOME=/root \ TERM="$TERM" \ PS1='(lfs chroot) \u:\w\$ ' \ PATH=/usr/bin:/usr/sbin \ MAKEFLAGS="-j$(nproc)
" \ TESTSUITEFLAGS="-j$(nproc)
" \ /bin/bash --login
If you don't want to use all available logical cores, replace
$(nproc)
with the
number of logical cores you want to use for building packages
in this chapter and the following chapters. The test suites of
some packages (notably Autoconf, Libtool, and Tar) in Chapter 8
are not affected by MAKEFLAGS
, they
use a TESTSUITEFLAGS
environment
variable instead. We set that here as well for running these
test suites with multiple cores.
The -i
option given to
the env command
will clear all the variables in the chroot environment. After
that, only the HOME
, TERM
, PS1
, and
PATH
variables are set again. The
TERM=$TERM
construct
sets the TERM
variable inside chroot
to the same value as outside chroot. This variable is needed so
programs like vim
and less can
operate properly. If other variables are desired, such as
CFLAGS
or CXXFLAGS
, this is a good place to set them.
From this point on, there is no need to use the LFS
variable any more because all work will be
restricted to the LFS file system; the chroot command runs the Bash
shell with the root (/
) directory
set to $LFS
.
Notice that /tools/bin
is not in
the PATH
. This means that the cross
toolchain will no longer be used.
Also note that the bash prompt will say
I have no name!
This is
normal because the /etc/passwd
file has not been created yet.
It is important that all the commands throughout the remainder of this chapter and the following chapters are run from within the chroot environment. If you leave this environment for any reason (rebooting for example), ensure that the virtual kernel filesystems are mounted as explained in Section 7.3.1, “Mounting and Populating /dev” and Section 7.3.2, “Mounting Virtual Kernel File Systems” and enter chroot again before continuing with the installation.
It is time to create the full directory structure in the LFS file system.
Some of the directories mentioned in this section may have already been created earlier with explicit instructions, or when installing some packages. They are repeated below for completeness.
Create some root-level directories that are not in the limited set required in the previous chapters by issuing the following command:
mkdir -pv /{boot,home,mnt,opt,srv}
Create the required set of subdirectories below the root-level by issuing the following commands:
mkdir -pv /etc/{opt,sysconfig} mkdir -pv /lib/firmware mkdir -pv /media/{floppy,cdrom} mkdir -pv /usr/{,local/}{include,src} mkdir -pv /usr/lib/locale mkdir -pv /usr/local/{bin,lib,sbin} mkdir -pv /usr/{,local/}share/{color,dict,doc,info,locale,man} mkdir -pv /usr/{,local/}share/{misc,terminfo,zoneinfo} mkdir -pv /usr/{,local/}share/man/man{1..8} mkdir -pv /var/{cache,local,log,mail,opt,spool} mkdir -pv /var/lib/{color,misc,locate} ln -sfv /run /var/run ln -sfv /run/lock /var/lock install -dv -m 0750 /root install -dv -m 1777 /tmp /var/tmp
Directories are, by default, created with permission mode 755,
but this is not desirable everywhere. In the commands above,
two changes are made—one to the home directory of user
root
, and another to the
directories for temporary files.
The first mode change ensures that not just anybody can enter
the /root
directory—just like a
normal user would do with his or her own home directory. The
second mode change makes sure that any user can write to the
/tmp
and /var/tmp
directories, but cannot remove
another user's files from them. The latter is prohibited by the
so-called “sticky
bit,” the highest bit (1) in the 1777 bit mask.
This directory tree is based on the Filesystem Hierarchy
Standard (FHS) (available at https://refspecs.linuxfoundation.org/fhs.shtml).
The FHS also specifies the optional existence of additional
directories such as /usr/local/games
and /usr/share/games
. In LFS, we create only
the directories that are really necessary. However, feel free
to create more directories, if you wish.
The FHS does not mandate the existence of the directory
/usr/lib64
, and the LFS
editors have decided not to use it. For the instructions in
LFS and BLFS to work correctly, it is imperative that this
directory be non-existent. From time to time you should
verify that it does not exist, because it is easy to create
it inadvertently, and this will probably break your system.
Historically, Linux maintained a list of the mounted file
systems in the file /etc/mtab
.
Modern kernels maintain this list internally and expose it to
the user via the /proc
filesystem. To satisfy utilities that expect to find
/etc/mtab
, create the following
symbolic link:
ln -sv /proc/self/mounts /etc/mtab
Create a basic /etc/hosts
file to
be referenced in some test suites, and in one of Perl's
configuration files as well:
cat > /etc/hosts << EOF
127.0.0.1 localhost $(hostname)
::1 localhost
EOF
In order for user root
to be
able to login and for the name “root” to be
recognized, there must be relevant entries in the /etc/passwd
and /etc/group
files.
Create the /etc/passwd
file by
running the following command:
cat > /etc/passwd << "EOF"
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/dev/null:/usr/bin/false
daemon:x:6:6:Daemon User:/dev/null:/usr/bin/false
messagebus:x:18:18:D-Bus Message Daemon User:/run/dbus:/usr/bin/false
systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/usr/bin/false
systemd-journal-remote:x:74:74:systemd Journal Remote:/:/usr/bin/false
systemd-journal-upload:x:75:75:systemd Journal Upload:/:/usr/bin/false
systemd-network:x:76:76:systemd Network Management:/:/usr/bin/false
systemd-resolve:x:77:77:systemd Resolver:/:/usr/bin/false
systemd-timesync:x:78:78:systemd Time Synchronization:/:/usr/bin/false
systemd-coredump:x:79:79:systemd Core Dumper:/:/usr/bin/false
uuidd:x:80:80:UUID Generation Daemon User:/dev/null:/usr/bin/false
systemd-oom:x:81:81:systemd Out Of Memory Daemon:/:/usr/bin/false
nobody:x:65534:65534:Unprivileged User:/dev/null:/usr/bin/false
EOF
The actual password for root
will be set later.
Create the /etc/group
file by
running the following command:
cat > /etc/group << "EOF"
root:x:0:
bin:x:1:daemon
sys:x:2:
kmem:x:3:
tape:x:4:
tty:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
cdrom:x:15:
adm:x:16:
messagebus:x:18:
systemd-journal:x:23:
input:x:24:
mail:x:34:
kvm:x:61:
systemd-journal-gateway:x:73:
systemd-journal-remote:x:74:
systemd-journal-upload:x:75:
systemd-network:x:76:
systemd-resolve:x:77:
systemd-timesync:x:78:
systemd-coredump:x:79:
uuidd:x:80:
systemd-oom:x:81:
wheel:x:97:
users:x:999:
nogroup:x:65534:
EOF
The created groups are not part of any standard—they are groups
decided on in part by the requirements of the Udev
configuration in Chapter 9, and in part by common conventions
employed by a number of existing Linux distributions. In
addition, some test suites rely on specific users or groups.
The Linux Standard Base (LSB, available at https://refspecs.linuxfoundation.org/lsb.shtml)
only recommends that, besides the group root
with a Group ID (GID) of 0, a group
bin
with a GID of 1 be present.
The GID of 5 is widely used for the tty
group, and the number 5 is also used in
systemd for the devpts
filesystem. All other group names
and GIDs can be chosen freely by the system administrator since
well-written programs do not depend on GID numbers, but rather
use the group's name.
The ID 65534 is used by the kernel for NFS and separate user
namespaces for unmapped users and groups (those exist on the
NFS server or the parent user namespace, but “do not exist” on the
local machine or in the separate namespace). We assign
nobody
and nogroup
to avoid an unnamed ID. But other
distros may treat this ID differently, so any portable program
should not depend on this assignment.
Some packages need a locale.
localedef -i C -f UTF-8 C.UTF-8
Some tests in Chapter 8 need a regular user. We add this user here and delete this account at the end of that chapter.
echo "tester:x:101:101::/home/tester:/bin/bash" >> /etc/passwd echo "tester:x:101:" >> /etc/group install -o tester -d /home/tester
To remove the “I have
no name!” prompt, start a new shell. Since the
/etc/passwd
and /etc/group
files have been created, user name
and group name resolution will now work:
exec /usr/bin/bash --login
The login, agetty, and init programs (and others) use a number of log files to record information such as who was logged into the system and when. However, these programs will not write to the log files if they do not already exist. Initialize the log files and give them proper permissions:
touch /var/log/{btmp,lastlog,faillog,wtmp} chgrp -v utmp /var/log/lastlog chmod -v 664 /var/log/lastlog chmod -v 600 /var/log/btmp
The /var/log/wtmp
file records
all logins and logouts. The /var/log/lastlog
file records when each user
last logged in. The /var/log/faillog
file records failed login
attempts. The /var/log/btmp
file
records the bad login attempts.
The wtmp
, btmp
, and lastlog
files use 32-bit integers for
timestamps and they'll be fundamentally broken after year
2038. Many packages have stopped using them and other
packages are going to stop using them. It is probably best to
consider them deprecated.
The Gettext package contains utilities for internationalization and localization. These allow programs to be compiled with NLS (Native Language Support), enabling them to output messages in the user's native language.
For our temporary set of tools, we only need to install three programs from Gettext.
Prepare Gettext for compilation:
./configure --disable-shared
The meaning of the configure option:
--disable-shared
We do not need to install any of the shared Gettext libraries at this time, therefore there is no need to build them.
Compile the package:
make
Install the msgfmt, msgmerge, and xgettext programs:
cp -v gettext-tools/src/{msgfmt,msgmerge,xgettext} /usr/bin
Details on this package are located in Section 8.33.2, “Contents of Gettext.”
The Bison package contains a parser generator.
Prepare Bison for compilation:
./configure --prefix=/usr \ --docdir=/usr/share/doc/bison-3.8.2
The meaning of the new configure option:
--docdir=/usr/share/doc/bison-3.8.2
This tells the build system to install bison documentation into a versioned directory.
Compile the package:
make
Install the package:
make install
Details on this package are located in Section 8.34.2, “Contents of Bison.”
The Perl package contains the Practical Extraction and Report Language.
Prepare Perl for compilation:
sh Configure -des \ -D prefix=/usr \ -D vendorprefix=/usr \ -D useshrplib \ -D privlib=/usr/lib/perl5/5.40/core_perl \ -D archlib=/usr/lib/perl5/5.40/core_perl \ -D sitelib=/usr/lib/perl5/5.40/site_perl \ -D sitearch=/usr/lib/perl5/5.40/site_perl \ -D vendorlib=/usr/lib/perl5/5.40/vendor_perl \ -D vendorarch=/usr/lib/perl5/5.40/vendor_perl
The meaning of the Configure options:
-des
This is a combination of three options: -d uses defaults for all items; -e ensures completion of all tasks; -s silences non-essential output.
-D
vendorprefix=/usr
This ensures perl knows how to tell packages where they should install their Perl modules.
-D
useshrplib
Build libperl
needed by
some Perl modules as a shared library, instead of a
static library.
-D
privlib,-D archlib,-D sitelib,...
These settings define where Perl looks for installed modules. The LFS editors chose to put them in a directory structure based on the MAJOR.MINOR version of Perl (5.40) which allows upgrading Perl to newer patch levels (the patch level is the last dot separated part in the full version string like 5.40.0) without reinstalling all of the modules.
Compile the package:
make
Install the package:
make install
Details on this package are located in Section 8.43.2, “Contents of Perl.”
The Python 3 package contains the Python development environment. It is useful for object-oriented programming, writing scripts, prototyping large programs, and developing entire applications. Python is an interpreted computer language.
There are two package files whose name starts with the
“python” prefix. The one to extract
from is Python-3.12.5.tar.xz
(notice the uppercase first letter).
Prepare Python for compilation:
./configure --prefix=/usr \ --enable-shared \ --without-ensurepip
The meaning of the configure option:
--enable-shared
This switch prevents installation of static libraries.
--without-ensurepip
This switch disables the Python package installer, which is not needed at this stage.
Compile the package:
make
Some Python 3 modules can't be built now because the
dependencies are not installed yet. For the ssl
module, a message Python requires a OpenSSL 1.1.1 or
newer
is outputted. The message should be ignored.
Just make sure the toplevel make command has not
failed. The optional modules are not needed now and they
will be built in Chapter 8.
Install the package:
make install
Details on this package are located in Section 8.52.2, “Contents of Python 3.”
The Texinfo package contains programs for reading, writing, and converting info pages.
Prepare Texinfo for compilation:
./configure --prefix=/usr
Compile the package:
make
Install the package:
make install
Details on this package are located in Section 8.72.2, “Contents of Texinfo.”
The Util-linux package contains miscellaneous utility programs.
The FHS recommends using the /var/lib/hwclock
directory instead of the
usual /etc
directory as the
location for the adjtime
file.
Create this directory with:
mkdir -pv /var/lib/hwclock
Prepare Util-linux for compilation:
./configure --libdir=/usr/lib \ --runstatedir=/run \ --disable-chfn-chsh \ --disable-login \ --disable-nologin \ --disable-su \ --disable-setpriv \ --disable-runuser \ --disable-pylibmount \ --disable-static \ --disable-liblastlog2 \ --without-python \ ADJTIME_PATH=/var/lib/hwclock/adjtime \ --docdir=/usr/share/doc/util-linux-2.40.2
The meaning of the configure options:
ADJTIME_PATH=/var/lib/hwclock/adjtime
This sets the location of the file recording information about the hardware clock in accordance to the FHS. This is not strictly needed for this temporary tool, but it prevents creating a file at another location, which would not be overwritten or removed when building the final util-linux package.
--libdir=/usr/lib
This switch ensures the .so
symlinks targeting the shared
library file in the same directory (/usr/lib
) directly.
--disable-*
These switches prevent warnings about building components that require packages not in LFS or not installed yet.
--without-python
This switch disables using Python. It avoids trying to build unneeded bindings.
runstatedir=/run
This switch sets the location of the socket used by
uuidd and
libuuid
correctly.
Compile the package:
make
Install the package:
make install
Details on this package are located in Section 8.80.2, “Contents of Util-linux.”
First, remove the currently installed documentation files to prevent them from ending up in the final system, and to save about 35 MB:
rm -rf /usr/share/{info,man,doc}/*
Second, on a modern Linux system, the libtool .la files are only useful for libltdl. No libraries in LFS are loaded by libltdl, and it's known that some .la files can cause BLFS package failures. Remove those files now:
find /usr/{lib,libexec} -name \*.la -delete
The current system size is now about 3 GB, however the /tools directory is no longer needed. It uses about 1 GB of disk space. Delete it now:
rm -rf /tools
At this point the essential programs and libraries have been created and your current LFS system is in a good state. Your system can now be backed up for later reuse. In case of fatal failures in the subsequent chapters, it often turns out that removing everything and starting over (more carefully) is the best way to recover. Unfortunately, all the temporary files will be removed, too. To avoid spending extra time to redo something which has been done successfully, creating a backup of the current LFS system may prove useful.
All the remaining steps in this section are optional. Nevertheless, as soon as you begin installing packages in Chapter 8, the temporary files will be overwritten. So it may be a good idea to do a backup of the current system as described below.
The following steps are performed from outside the chroot
environment. That means you have to leave the chroot
environment first before continuing. The reason for that is
to get access to file system locations outside of the chroot
environment to store/read the backup archive, which ought not
be placed within the $LFS
hierarchy.
If you have decided to make a backup, leave the chroot environment:
exit
All of the following instructions are executed by
root
on your host system.
Take extra care about the commands you're going to run as
mistakes made here can modify your host system. Be aware
that the environment variable LFS
is set for user lfs
by default but may not be set for root
.
Whenever commands are to be executed by root
, make sure you have set
LFS
.
This has been discussed in Section 2.6, “Setting The $LFS Variable.”
Before making a backup, unmount the virtual file systems:
mountpoint -q $LFS/dev/shm && umount $LFS/dev/shm umount $LFS/dev/pts umount $LFS/{sys,proc,run,dev}
Make sure you have at least 1 GB free disk space (the source tarballs will be included in the backup archive) on the file system containing the directory where you create the backup archive.
Note that the instructions below specify the home directory
of the host system's root
user, which is typically found on the root file system.
Replace $HOME
by a directory of
your choice if you do not want to have the backup stored in
root
's home directory.
Create the backup archive by running the following command:
Because the backup archive is compressed, it takes a relatively long time (over 10 minutes) even on a reasonably fast system.
cd $LFS tar -cJpf $HOME/lfs-temp-tools-12.2-systemd.tar.xz .
If continuing to chapter 8, don't forget to reenter the chroot environment as explained in the “Important” box below.
In case some mistakes have been made and you need to start
over, you can use this backup to restore the system and save
some recovery time. Since the sources are located under
$LFS
, they are included in the
backup archive as well, so they do not need to be downloaded
again. After checking that $LFS
is
set properly, you can restore the backup by executing the
following commands:
The following commands are extremely dangerous. If you run
rm -rf ./* as
the root
user and you do
not change to the $LFS directory or the LFS
environment variable is not set for the
root
user, it will destroy
your entire host system. YOU ARE WARNED.
cd $LFS
rm -rf ./*
tar -xpf $HOME/lfs-temp-tools-12.2-systemd.tar.xz
Again, double check that the environment has been set up properly and continue building the rest of the system.
If you left the chroot environment to create a backup or restart building using a restore, remember to check that the virtual file systems are still mounted (findmnt | grep $LFS). If they are not mounted, remount them now as described in Section 7.3, “Preparing Virtual Kernel File Systems” and re-enter the chroot environment (see Section 7.4, “Entering the Chroot Environment”) before continuing.
In this chapter, we start constructing the LFS system in earnest.
The installation of this software is straightforward. Although in many cases the installation instructions could be made shorter and more generic, we have opted to provide the full instructions for every package to minimize the possibilities for mistakes. The key to learning what makes a Linux system work is to know what each package is used for and why you (or the system) may need it.
We do not recommend using customized optimizations. They can
make a program run slightly faster, but they may also cause
compilation difficulties, and problems when running the
program. If a package refuses to compile with a customized
optimization, try to compile it without optimization and see if
that fixes the problem. Even if the package does compile when
using a customized optimization, there is the risk it may have
been compiled incorrectly because of the complex interactions
between the code and the build tools. Also note that the
-march
and -mtune
options using values not specified in
the book have not been tested. This may cause problems with the
toolchain packages (Binutils, GCC and Glibc). The small
potential gains achieved by customizing compiler optimizations
are often outweighed by the risks. First-time builders of LFS
are encouraged to build without custom optimizations.
On the other hand, we keep the optimizations enabled by the
default configuration of the packages. In addition, we
sometimes explicitly enable an optimized configuration provided
by a package but not enabled by default. The package
maintainers have already tested these configurations and
consider them safe, so it's not likely they would break the
build. Generally the default configuration already enables
-O2
or -O3
, so the resulting system will still run
very fast without any customized optimization, and be stable at
the same time.
Before the installation instructions, each installation page provides information about the package, including a concise description of what it contains, approximately how long it will take to build, and how much disk space is required during this building process. Following the installation instructions, there is a list of programs and libraries (along with brief descriptions) that the package installs.
The SBU values and required disk space include test suite data for all applicable packages in Chapter 8. SBU values have been calculated using four CPU cores (-j4) for all operations unless specified otherwise.
In general, the LFS editors discourage building and installing static libraries. Most static libraries have been made obsolete in a modern Linux system. In addition, linking a static library into a program can be detrimental. If an update to the library is needed to remove a security problem, every program that uses the static library will need to be relinked with the new library. Since the use of static libraries is not always obvious, the relevant programs (and the procedures needed to do the linking) may not even be known.
The procedures in this chapter remove or disable installation
of most static libraries. Usually this is done by passing a
--disable-static
option to
configure. In
other cases, alternate means are needed. In a few cases,
especially Glibc and GCC, the use of static libraries remains
an essential feature of the package building process.
For a more complete discussion of libraries, see Libraries: Static or shared? in the BLFS book.
Package Management is an often requested addition to the LFS Book. A Package Manager tracks the installation of files, making it easier to remove and upgrade packages. A good package manager will also handle the configuration files specially to keep the user configuration when the package is reinstalled or upgraded. Before you begin to wonder, NO—this section will not talk about nor recommend any particular package manager. What it does provide is a roundup of the more popular techniques and how they work. The perfect package manager for you may be among these techniques, or it may be a combination of two or more of these techniques. This section briefly mentions issues that may arise when upgrading packages.
Some reasons why no package manager is mentioned in LFS or BLFS include:
Dealing with package management takes the focus away from the goals of these books—teaching how a Linux system is built.
There are multiple solutions for package management, each having its strengths and drawbacks. Finding one solution that satisfies all audiences is difficult.
There are some hints written on the topic of package management. Visit the Hints Project and see if one of them fits your needs.
A Package Manager makes it easy to upgrade to newer versions when they are released. Generally the instructions in the LFS and BLFS books can be used to upgrade to the newer versions. Here are some points that you should be aware of when upgrading packages, especially on a running system.
If the Linux kernel needs to be upgraded (for example, from 5.10.17 to 5.10.18 or 5.11.1), nothing else needs to be rebuilt. The system will keep working fine thanks to the well-defined interface between the kernel and userspace. Specifically, Linux API headers need not be upgraded along with the kernel. You will merely need to reboot your system to use the upgraded kernel.
If Glibc needs to be upgraded to a newer version, (e.g., from Glibc-2.36 to Glibc-2.40), some extra steps are needed to avoid breaking the system. Read Section 8.5, “Glibc-2.40” for details.
If a package containing a shared library is updated,
and if the name of the library changes, then any
packages dynamically linked to the library must be
recompiled, to link against the newer library. (Note
that there is no correlation between the package
version and the name of the library.) For example,
consider a package foo-1.2.3 that installs a shared
library with the name libfoo.so.1
. Suppose you upgrade the
package to a newer version foo-1.2.4 that installs a
shared library with the name libfoo.so.2
. In this case, any
packages that are dynamically linked to libfoo.so.1
need to be recompiled to
link against libfoo.so.2
in order to use the new library version. You should not
remove the old libraries until all the dependent
packages have been recompiled.
If a package is (directly or indirectly) linked to both
the old and new names of a shared library (for example,
the package links to both libfoo.so.2
and libbar.so.1
, while the latter links
to libfoo.so.3
), the
package may malfunction because the different revisions
of the shared library present incompatible definitions
for some symbol names. This can be caused by
recompiling some, but not all, of the packages linked
to the old shared library after the package providing
the shared library is upgraded. To avoid the issue,
users will need to rebuild every package linked to a
shared library with an updated revision (e.g.
libfoo.so.2 to libfoo.so.3) as soon as possible.
If a package containing a shared library is updated,
and the name of the library doesn't change, but the
version number of the library file decreases (for
example, the library is still named libfoo.so.1
, but the name of the
library file is changed from libfoo.so.1.25
to libfoo.so.1.24
), you should remove
the library file from the previously installed version
(libfoo.so.1.25
in this
case). Otherwise, a ldconfig command
(invoked by yourself from the command line, or by the
installation of some package) will reset the symlink
libfoo.so.1
to point to
the old library file because it seems to be a
“newer” version; its version
number is larger. This situation may arise if you have
to downgrade a package, or if the authors change the
versioning scheme for library files.
If a package containing a shared library is updated,
and the name of the library doesn't change, but a
severe issue (especially, a security vulnerability) is
fixed, all running programs linked to the shared
library should be restarted. The following command, run
as root
after the
update is complete, will list which processes are using
the old versions of those libraries (replace libfoo
with the name of
the library):
grep -l 'libfoo
.*deleted' /proc/*/maps | tr -cd 0-9\\n | xargs -r ps u
If OpenSSH is being used to access the system and it is linked to the updated library, you must restart the sshd service, then logout, login again, and run the preceding command again to confirm that nothing is still using the deleted libraries.
If the systemd daemon
(running as PID 1) is linked to the updated library,
you can restart it without rebooting by running
systemctl
daemon-reexec as the root
user.
If an executable program or a shared library is overwritten, the processes using the code or data in that program or library may crash. The correct way to update a program or a shared library without causing the process to crash is to remove it first, then install the new version. The install command provided by coreutils has already implemented this, and most packages use that command to install binary files and libraries. This means that you won't be troubled by this issue most of the time. However, the install process of some packages (notably SpiderMonkey in BLFS) just overwrites the file if it exists; this causes a crash. So it's safer to save your work and close unneeded running processes before updating a package.
The following are some common package management techniques. Before making a decision on a package manager, do some research on the various techniques, particularly the drawbacks of each particular scheme.
Yes, this is a package management technique. Some folks do not need a package manager because they know the packages intimately and know which files are installed by each package. Some users also do not need any package management because they plan on rebuilding the entire system whenever a package is changed.
This is a simplistic package management technique that does
not need a special program to manage the packages. Each
package is installed in a separate directory. For example,
package foo-1.1 is installed in /opt/foo-1.1
and a symlink is made from
/opt/foo
to /opt/foo-1.1
. When a new version foo-1.2
comes along, it is installed in /opt/foo-1.2
and the previous symlink is
replaced by a symlink to the new version.
Environment variables such as PATH
, MANPATH
,
INFOPATH
, PKG_CONFIG_PATH
, CPPFLAGS
, LDFLAGS
, and the configuration file
/etc/ld.so.conf
may need to
be expanded to include the corresponding subdirectories in
/opt/foo-x.y
.
This scheme is used by the BLFS book to install some very large packages to make it easier to upgrade them. If you install more than a few packages, this scheme becomes unmanageable. And some packages (for example Linux API headers and Glibc) may not work well with this scheme. Never use this scheme system-wide.
This is a variation of the previous package management
technique. Each package is installed as in the previous
scheme. But instead of making the symlink via a generic
package name, each file is symlinked into the /usr
hierarchy. This removes the need to
expand the environment variables. Though the symlinks can
be created by the user, many package managers use this
approach, and automate the creation of the symlinks. A few
of the popular ones include Stow, Epkg, Graft, and Depot.
The installation script needs to be fooled, so the package
thinks it is installed in /usr
though in reality it is installed in
the /usr/pkg
hierarchy.
Installing in this manner is not usually a trivial task.
For example, suppose you are installing a package
libfoo-1.1. The following instructions may not install the
package properly:
./configure --prefix=/usr/pkg/libfoo/1.1 make make install
The installation will work, but the dependent packages may
not link to libfoo as you would expect. If you compile a
package that links against libfoo, you may notice that it
is linked to /usr/pkg/libfoo/1.1/lib/libfoo.so.1
instead of /usr/lib/libfoo.so.1
as you would expect.
The correct approach is to use the DESTDIR
variable to direct the installation.
This approach works as follows:
./configure --prefix=/usr make make DESTDIR=/usr/pkg/libfoo/1.1 install
Most packages support this approach, but there are some
which do not. For the non-compliant packages, you may
either need to install the package manually, or you may
find that it is easier to install some problematic packages
into /opt
.
In this technique, a file is timestamped before the installation of the package. After the installation, a simple use of the find command with the appropriate options can generate a log of all the files installed after the timestamp file was created. A package manager that uses this approach is install-log.
Though this scheme has the advantage of being simple, it has two drawbacks. If, during installation, the files are installed with any timestamp other than the current time, those files will not be tracked by the package manager. Also, this scheme can only be used when packages are installed one at a time. The logs are not reliable if two packages are installed simultaneously from two different consoles.
In this approach, the commands that the installation scripts perform are recorded. There are two techniques that one can use:
The LD_PRELOAD
environment
variable can be set to point to a library to be preloaded
before installation. During installation, this library
tracks the packages that are being installed by attaching
itself to various executables such as cp, install, mv and tracking the
system calls that modify the filesystem. For this approach
to work, all the executables need to be dynamically linked
without the suid or sgid bit. Preloading the library may
cause some unwanted side-effects during installation.
Therefore, it's a good idea to perform some tests to ensure
that the package manager does not break anything, and that
it logs all the appropriate files.
Another technique is to use strace, which logs all the system calls made during the execution of the installation scripts.
In this scheme, the package installation is faked into a separate tree as previously described in the symlink style package management section. After the installation, a package archive is created using the installed files. This archive is then used to install the package on the local machine or even on other machines.
This approach is used by most of the package managers found in the commercial distributions. Examples of package managers that follow this approach are RPM (which, incidentally, is required by the Linux Standard Base Specification), pkg-utils, Debian's apt, and Gentoo's Portage system. A hint describing how to adopt this style of package management for LFS systems is located at https://www.linuxfromscratch.org/hints/downloads/files/fakeroot.txt.
The creation of package files that include dependency information is complex, and beyond the scope of LFS.
Slackware uses a tar-based system for package archives. This system purposely does not handle package dependencies as more complex package managers do. For details of Slackware package management, see https://www.slackbook.org/html/package-management.html.
This scheme, unique to LFS, was devised by Matthias Benkmann, and is available from the Hints Project. In this scheme, each package is installed as a separate user into the standard locations. Files belonging to a package are easily identified by checking the user ID. The features and shortcomings of this approach are too complex to describe in this section. For the details please see the hint at https://www.linuxfromscratch.org/hints/downloads/files/more_control_and_pkg_man.txt.
One of the advantages of an LFS system is that there are no
files that depend on the position of files on a disk system.
Cloning an LFS build to another computer with the same
architecture as the base system is as simple as using
tar on the LFS
partition that contains the root directory (about 900MB
uncompressed for a basic LFS build), copying that file via
network transfer or CD-ROM / USB stick to the new system, and
expanding it. After that, a few configuration files will have
to be changed. Configuration files that may need to be
updated include: /etc/hosts
,
/etc/fstab
, /etc/passwd
, /etc/group
, /etc/shadow
, and
/etc/ld.so.conf
.
A custom kernel may be needed for the new system, depending on differences in system hardware and the original kernel configuration.
There have been some reports of issues when copying between similar but not identical architectures. For instance, the instruction set for an Intel system is not identical with the AMD processor's instructions, and later versions of some processors may provide instructions that are unavailable with earlier versions.
Finally, the new system has to be made bootable via Section 10.4, “Using GRUB to Set Up the Boot Process”.
The Man-pages package contains over 2,400 man pages.
Remove two man pages for password hashing functions. Libxcrypt will provide a better version of these man pages:
rm -v man3/crypt*
Install Man-pages by running:
make prefix=/usr install
The Iana-Etc package provides data for network services and protocols.
For this package, we only need to copy the files into place:
cp services protocols /etc
The Glibc package contains the main C library. This library provides the basic routines for allocating memory, searching directories, opening and closing files, reading and writing files, string handling, pattern matching, arithmetic, and so on.
Some of the Glibc programs use the non-FHS compliant
/var/db
directory to store
their runtime data. Apply the following patch to make such
programs store their runtime data in the FHS-compliant
locations:
patch -Np1 -i ../glibc-2.40-fhs-1.patch
The Glibc documentation recommends building Glibc in a dedicated build directory:
mkdir -v build cd build
Ensure that the ldconfig and sln utilities will be
installed into /usr/sbin
:
echo "rootsbindir=/usr/sbin" > configparms
Prepare Glibc for compilation:
../configure --prefix=/usr \ --disable-werror \ --enable-kernel=4.19 \ --enable-stack-protector=strong \ --disable-nscd \ libc_cv_slibdir=/usr/lib
The meaning of the configure options:
--disable-werror
This option disables the -Werror option passed to GCC. This is necessary for running the test suite.
--enable-kernel=4.19
This option tells the build system that this Glibc may be used with kernels as old as 4.19. This means generating workarounds in case a system call introduced in a later version cannot be used.
--enable-stack-protector=strong
This option increases system security by adding extra
code to check for buffer overflows, such as stack
smashing attacks. Note that Glibc always explicitly
overrides the default of GCC, so this option is still
needed even though we've already specified --enable-default-ssp
for GCC.
--disable-nscd
Do not build the name service cache daemon which is no longer used.
libc_cv_slibdir=/usr/lib
This variable sets the correct library for all systems. We do not want lib64 to be used.
Compile the package:
make
In this section, the test suite for Glibc is considered critical. Do not skip it under any circumstance.
Generally a few tests do not pass. The test failures listed below are usually safe to ignore.
make check
You may see some test failures. The Glibc test suite is somewhat dependent on the host system. A few failures out of over 5000 tests can generally be ignored. This is a list of the most common issues seen for recent versions of LFS:
io/tst-lchmod is known to fail in the LFS chroot environment.
Some tests, for example nss/tst-nss-files-hosts-multi and nptl/tst-thread-affinity* are known to fail due to a timeout (especially when the system is relatively slow and/or running the test suite with multiple parallel make jobs). These tests can be identified with:
grep "Timed out" $(find -name \*.out)
It's possible to re-run a single test with enlarged
timeout with TIMEOUTFACTOR=<factor>
make
test t=<test
name>
. For example,
TIMEOUTFACTOR=10 make
test t=nss/tst-nss-files-hosts-multi
will re-run nss/tst-nss-files-hosts-multi
with ten times the original timeout.
Additionally, some tests may fail with a relatively old CPU model (for example elf/tst-cpu-features-cpuinfo) or host kernel version (for example stdlib/tst-arc4random-thread).
Though it is a harmless message, the install stage of Glibc
will complain about the absence of /etc/ld.so.conf
. Prevent this warning with:
touch /etc/ld.so.conf
Fix the Makefile to skip an outdated sanity check that fails with a modern Glibc configuration:
sed '/test-installation/s@$(PERL)@echo not running@' -i ../Makefile
If upgrading Glibc to a new minor version (for example, from Glibc-2.36 to Glibc-2.40) on a running LFS system, you need to take some extra precautions to avoid breaking the system:
Upgrading Glibc on a LFS system prior to 11.0 (exclusive) is not supported. Rebuild LFS if you are running such an old LFS system but you need a newer Glibc.
If upgrading on a LFS system prior to 12.0
(exclusive), install Libxcrypt following Section 8.27,
“Libxcrypt-4.4.36.” In addition to a normal
Libxcrypt
installation, you MUST
follow the note in Libxcrypt section to install
libcrypt.so.1*
(replacing libcrypt.so.1
from the prior Glibc
installation).
If upgrading on a LFS system prior to 12.1 (exclusive), remove the nscd program:
rm -f /usr/sbin/nscd
If this system (prior to LFS 12.1, exclusive) is based on Systemd, it's also needed to disable and stop the nscd service now:
systemctl disable --now nscd
Upgrade the kernel and reboot if it's older than 4.19 (check the current version with uname -r) or if you want to upgrade it anyway, following Section 10.3, “Linux-6.10.5.”
Upgrade the kernel API headers if it's older than
4.19 (check the current version with cat
/usr/include/linux/version.h) or if
you want to upgrade it anyway, following Section 5.4,
“Linux-6.10.5 API Headers” (but removing
$LFS
from the cp command).
Perform a DESTDIR
installation and upgrade the Glibc shared libraries
on the system using one single install command:
make DESTDIR=$PWD/dest install install -vm755 dest/usr/lib/*.so.* /usr/lib
It's imperative to strictly follow these steps above unless you completely understand what you are doing. Any unexpected deviation may render the system completely unusable. YOU ARE WARNED.
Then continue to run the make
install command, the sed command against
/usr/bin/ldd
, and the
commands to install the locales. Once they are finished,
reboot the system immediately.
Install the package:
make install
Fix a hardcoded path to the executable loader in the ldd script:
sed '/RTLDLIST=/s@/usr@@g' -i /usr/bin/ldd
Next, install the locales that can make the system respond in a different language. None of these locales are required, but if some of them are missing, the test suites of some packages will skip important test cases.
Individual locales can be installed using the localedef program. E.g.,
the second localedef command below
combines the /usr/share/i18n/locales/cs_CZ
charset-independent locale definition with the /usr/share/i18n/charmaps/UTF-8.gz
charmap
definition and appends the result to the /usr/lib/locale/locale-archive
file. The
following instructions will install the minimum set of
locales necessary for the optimal coverage of tests:
localedef -i C -f UTF-8 C.UTF-8 localedef -i cs_CZ -f UTF-8 cs_CZ.UTF-8 localedef -i de_DE -f ISO-8859-1 de_DE localedef -i de_DE@euro -f ISO-8859-15 de_DE@euro localedef -i de_DE -f UTF-8 de_DE.UTF-8 localedef -i el_GR -f ISO-8859-7 el_GR localedef -i en_GB -f ISO-8859-1 en_GB localedef -i en_GB -f UTF-8 en_GB.UTF-8 localedef -i en_HK -f ISO-8859-1 en_HK localedef -i en_PH -f ISO-8859-1 en_PH localedef -i en_US -f ISO-8859-1 en_US localedef -i en_US -f UTF-8 en_US.UTF-8 localedef -i es_ES -f ISO-8859-15 es_ES@euro localedef -i es_MX -f ISO-8859-1 es_MX localedef -i fa_IR -f UTF-8 fa_IR localedef -i fr_FR -f ISO-8859-1 fr_FR localedef -i fr_FR@euro -f ISO-8859-15 fr_FR@euro localedef -i fr_FR -f UTF-8 fr_FR.UTF-8 localedef -i is_IS -f ISO-8859-1 is_IS localedef -i is_IS -f UTF-8 is_IS.UTF-8 localedef -i it_IT -f ISO-8859-1 it_IT localedef -i it_IT -f ISO-8859-15 it_IT@euro localedef -i it_IT -f UTF-8 it_IT.UTF-8 localedef -i ja_JP -f EUC-JP ja_JP localedef -i ja_JP -f SHIFT_JIS ja_JP.SJIS 2> /dev/null || true localedef -i ja_JP -f UTF-8 ja_JP.UTF-8 localedef -i nl_NL@euro -f ISO-8859-15 nl_NL@euro localedef -i ru_RU -f KOI8-R ru_RU.KOI8-R localedef -i ru_RU -f UTF-8 ru_RU.UTF-8 localedef -i se_NO -f UTF-8 se_NO.UTF-8 localedef -i ta_IN -f UTF-8 ta_IN.UTF-8 localedef -i tr_TR -f UTF-8 tr_TR.UTF-8 localedef -i zh_CN -f GB18030 zh_CN.GB18030 localedef -i zh_HK -f BIG5-HKSCS zh_HK.BIG5-HKSCS localedef -i zh_TW -f UTF-8 zh_TW.UTF-8
In addition, install the locale for your own country, language and character set.
Alternatively, install all the locales listed in the
glibc-2.40/localedata/SUPPORTED
file (it includes every locale listed above and many more) at
once with the following time-consuming command:
make localedata/install-locales
Then use the localedef command to create
and install locales not listed in the glibc-2.40/localedata/SUPPORTED
file when
you need them. For instance, the following two locales are
needed for some tests later in this chapter:
localedef -i C -f UTF-8 C.UTF-8 localedef -i ja_JP -f SHIFT_JIS ja_JP.SJIS 2> /dev/null || true
Glibc now uses libidn2 when resolving internationalized domain names. This is a run time dependency. If this capability is needed, the instructions for installing libidn2 are in the BLFS libidn2 page.
The /etc/nsswitch.conf
file
needs to be created because the Glibc defaults do not work
well in a networked environment.
Create a new file /etc/nsswitch.conf
by running the
following:
cat > /etc/nsswitch.conf << "EOF"
# Begin /etc/nsswitch.conf
passwd: files systemd
group: files systemd
shadow: files systemd
hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns
networks: files
protocols: files
services: files
ethers: files
rpc: files
# End /etc/nsswitch.conf
EOF
Install and set up the time zone data with the following:
tar -xf ../../tzdata2024a.tar.gz ZONEINFO=/usr/share/zoneinfo mkdir -pv $ZONEINFO/{posix,right} for tz in etcetera southamerica northamerica europe africa antarctica \ asia australasia backward; do zic -L /dev/null -d $ZONEINFO ${tz} zic -L /dev/null -d $ZONEINFO/posix ${tz} zic -L leapseconds -d $ZONEINFO/right ${tz} done cp -v zone.tab zone1970.tab iso3166.tab $ZONEINFO zic -d $ZONEINFO -p America/New_York unset ZONEINFO
The meaning of the zic commands:
zic -L
/dev/null ...
This creates posix time zones without any leap
seconds. It is conventional to put these in both
zoneinfo
and
zoneinfo/posix
. It is
necessary to put the POSIX time zones in zoneinfo
, otherwise various test
suites will report errors. On an embedded system,
where space is tight and you do not intend to ever
update the time zones, you could save 1.9 MB by not
using the posix
directory, but some applications or test suites might
produce some failures.
zic -L
leapseconds ...
This creates right time zones, including leap
seconds. On an embedded system, where space is tight
and you do not intend to ever update the time zones,
or care about the correct time, you could save 1.9MB
by omitting the right
directory.
zic ...
-p ...
This creates the posixrules
file. We use New York
because POSIX requires the daylight saving time rules
to be in accordance with US rules.
One way to determine the local time zone is to run the following script:
tzselect
After answering a few questions about the location, the
script will output the name of the time zone (e.g.,
America/Edmonton).
There are also some other possible time zones listed in
/usr/share/zoneinfo
such as
Canada/Eastern or
EST5EDT that are not
identified by the script but can be used.
Then create the /etc/localtime
file by running:
ln -sfv /usr/share/zoneinfo/<xxx>
/etc/localtime
Replace <xxx>
with the name
of the time zone selected (e.g., Canada/Eastern).
By default, the dynamic loader (/lib/ld-linux.so.2
) searches through
/usr/lib
for dynamic
libraries that are needed by programs as they are run.
However, if there are libraries in directories other than
/usr/lib
, these need to be
added to the /etc/ld.so.conf
file in order for the dynamic loader to find them. Two
directories that are commonly known to contain additional
libraries are /usr/local/lib
and /opt/lib
, so add those
directories to the dynamic loader's search path.
Create a new file /etc/ld.so.conf
by running the following:
cat > /etc/ld.so.conf << "EOF"
# Begin /etc/ld.so.conf
/usr/local/lib
/opt/lib
EOF
If desired, the dynamic loader can also search a directory and include the contents of files found there. Generally the files in this include directory are one line specifying the desired library path. To add this capability run the following commands:
cat >> /etc/ld.so.conf << "EOF"
# Add an include directory
include /etc/ld.so.conf.d/*.conf
EOF
mkdir -pv /etc/ld.so.conf.d
Generates message catalogues |
|
Displays the system configuration values for file system specific variables |
|
Gets entries from an administrative database |
|
Performs character set conversion |
|
Creates fastloading iconv module configuration files |
|
Configures the dynamic linker runtime bindings |
|
Reports which shared libraries are required by each given program or shared library |
|
Assists ldd with object files. It does not exist on newer architectures like x86_64 |
|
Prints various information about the current locale |
|
Compiles locale specifications |
|
Creates a simple database from textual input |
|
Reads and interprets a memory trace file and displays a summary in human-readable format |
|
Dump information generated by PC profiling |
|
Lists dynamic shared objects used by running processes |
|
A statically linked ln program |
|
Traces shared library procedure calls of a specified command |
|
Reads and displays shared object profiling data |
|
Asks the user about the location of the system and reports the corresponding time zone description |
|
Traces the execution of a program by printing the currently executed function |
|
The time zone dumper |
|
The time zone compiler |
|
The helper program for shared library executables |
|
Used internally by Glibc as a gross hack to get
broken programs (e.g., some Motif applications)
running. See comments in |
|
Dummy library containing no functions. Previously
was the asynchronous name lookup library, whose
functions are now in |
|
The main C library |
|
Turns on memory allocation checking when preloaded |
|
Dummy library containing no functions. Previously
was the dynamic linking interface library, whose
functions are now in |
|
Dummy library containing no functions. Previously was a runtime library for g++ |
|
The mathematical library |
|
The vector math library, linked in as needed when
|
|
Turns on memory allocation checking when linked to |
|
Used by memusage to help collect information about the memory usage of a program |
|
The network services library, now deprecated |
|
The Name Service Switch modules, containing
functions for resolving host names, user names,
group names, aliases, services, protocols, etc.
Loaded by |
|
Can be preloaded to PC profile an executable |
|
Dummy library containing no functions. Previously
contained functions providing most of the
interfaces specified by the POSIX.1c Threads
Extensions and the semaphore interfaces specified
by the POSIX.1b Real-time Extensions, now the
functions are in |
|
Contains functions for creating, sending, and interpreting packets to the Internet domain name servers |
|
Contains functions providing most of the interfaces specified by the POSIX.1b Real-time Extensions |
|
Contains functions useful for building debuggers for multi-threaded programs |
|
Dummy library containing no functions. Previously
contained code for “standard”
functions used in many different Unix utilities.
These functions are now in |
The Zlib package contains compression and decompression routines used by some programs.
Prepare Zlib for compilation:
./configure --prefix=/usr
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
Remove a useless static library:
rm -fv /usr/lib/libz.a
The Bzip2 package contains programs for compressing and decompressing files. Compressing text files with bzip2 yields a much better compression percentage than with the traditional gzip.
Apply a patch that will install the documentation for this package:
patch -Np1 -i ../bzip2-1.0.8-install_docs-1.patch
The following command ensures installation of symbolic links are relative:
sed -i 's@\(ln -s -f \)$(PREFIX)/bin/@\1@' Makefile
Ensure the man pages are installed into the correct location:
sed -i "s@(PREFIX)/man@(PREFIX)/share/man@g" Makefile
Prepare Bzip2 for compilation with:
make -f Makefile-libbz2_so make clean
The meaning of the make parameter:
-f
Makefile-libbz2_so
This will cause Bzip2 to be built using a different
Makefile
file, in this
case the Makefile-libbz2_so
file, which
creates a dynamic libbz2.so
library and links the Bzip2
utilities against it.
Compile and test the package:
make
Install the programs:
make PREFIX=/usr install
Install the shared library:
cp -av libbz2.so.* /usr/lib ln -sv libbz2.so.1.0.8 /usr/lib/libbz2.so
Install the shared bzip2 binary into the
/usr/bin
directory, and replace
two copies of bzip2 with symlinks:
cp -v bzip2-shared /usr/bin/bzip2 for i in /usr/bin/{bzcat,bunzip2}; do ln -sfv bzip2 $i done
Remove a useless static library:
rm -fv /usr/lib/libbz2.a
Decompresses bzipped files |
|
Decompresses to standard output |
|
Runs cmp on bzipped files |
|
Runs diff on bzipped files |
|
Runs egrep on bzipped files |
|
Runs fgrep on bzipped files |
|
Runs grep on bzipped files |
|
Compresses files using the Burrows-Wheeler block sorting text compression algorithm with Huffman coding; the compression rate is better than that achieved by more conventional compressors using “Lempel-Ziv” algorithms, like gzip |
|
Tries to recover data from damaged bzipped files |
|
Runs less on bzipped files |
|
Runs more on bzipped files |
|
The library implementing lossless, block-sorting data compression, using the Burrows-Wheeler algorithm |
The Xz package contains programs for compressing and decompressing files. It provides capabilities for the lzma and the newer xz compression formats. Compressing text files with xz yields a better compression percentage than with the traditional gzip or bzip2 commands.
Prepare Xz for compilation with:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/xz-5.6.2
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
Decompresses to standard output |
|
Runs cmp on LZMA compressed files |
|
Runs diff on LZMA compressed files |
|
Runs egrep on LZMA compressed files |
|
Runs fgrep on LZMA compressed files |
|
Runs grep on LZMA compressed files |
|
Runs less on LZMA compressed files |
|
Compresses or decompresses files using the LZMA format |
|
A small and fast decoder for LZMA compressed files |
|
Shows information stored in the LZMA compressed file header |
|
Runs more on LZMA compressed files |
|
Decompresses files using the LZMA format |
|
Decompresses files using the XZ format |
|
Compresses or decompresses files using the XZ format |
|
Decompresses to standard output |
|
Runs cmp on XZ compressed files |
|
A small and fast decoder for XZ compressed files |
|
Runs diff on XZ compressed files |
|
Runs egrep on XZ compressed files |
|
Runs fgrep on XZ compressed files |
|
Runs grep on XZ compressed files |
|
Runs less on XZ compressed files |
|
Runs more on XZ compressed files |
|
The library implementing lossless, block-sorting data compression, using the Lempel-Ziv-Markov chain algorithm |
Lz4 is a lossless compression algorithm, providing compression speed greater than 500 MB/s per core. It features an extremely fast decoder, with speed in multiple GB/s per core. Lz4 can work with Zstandard to allow both algorithms to compress data faster.
Compile the package:
make BUILD_STATIC=no PREFIX=/usr
To test the results, issue:
make -j1 check
Install the package:
make BUILD_STATIC=no PREFIX=/usr install
Zstandard is a real-time compression algorithm, providing high compression ratios. It offers a very wide range of compression / speed trade-offs, while being backed by a very fast decoder.
Compile the package:
make prefix=/usr
In the test output there are several places that indicate 'failed'. These are expected and only 'FAIL' is an actual test failure. There should be no test failures.
To test the results, issue:
make check
Install the package:
make prefix=/usr install
Remove the static library:
rm -v /usr/lib/libzstd.a
The File package contains a utility for determining the type of a given file or files.
Prepare File for compilation:
./configure --prefix=/usr
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
The Readline package is a set of libraries that offer command-line editing and history capabilities.
Reinstalling Readline will cause the old libraries to be moved to <libraryname>.old. While this is normally not a problem, in some cases it can trigger a linking bug in ldconfig. This can be avoided by issuing the following two seds:
sed -i '/MV.*old/d' Makefile.in sed -i '/{OLDSUFF}/c:' support/shlib-install
Prevent hard coding library search paths (rpath) into the shared libraries. This package does not need rpath for an installation into the standard location, and rpath may sometimes cause unwanted effects or even security issues:
sed -i 's/-Wl,-rpath,[^ ]*//' support/shobj-conf
Prepare Readline for compilation:
./configure --prefix=/usr \ --disable-static \ --with-curses \ --docdir=/usr/share/doc/readline-8.2.13
The meaning of the new configure option:
--with-curses
This option tells Readline that it can find the termcap
library functions in the curses library, not a separate
termcap library. This will generate the correct
readline.pc
file.
Compile the package:
make SHLIB_LIBS="-lncursesw"
The meaning of the make option:
SHLIB_LIBS="-lncursesw"
This option forces Readline to link against the
libncursesw
library.
This package does not come with a test suite.
Install the package:
make SHLIB_LIBS="-lncursesw" install
If desired, install the documentation:
install -v -m644 doc/*.{ps,pdf,html,dvi} /usr/share/doc/readline-8.2.13
The M4 package contains a macro processor.
Prepare M4 for compilation:
./configure --prefix=/usr
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
Copies the given files while expanding the macros that they contain. These macros are either built-in or user-defined and can take any number of arguments. Besides performing macro expansion, m4 has built-in functions for including named files, running Unix commands, performing integer arithmetic, manipulating text, recursion, etc. The m4 program can be used either as a front end to a compiler or as a macro processor in its own right |
The Bc package contains an arbitrary precision numeric processing language.
Prepare Bc for compilation:
CC=gcc ./configure --prefix=/usr -G -O3 -r
The meaning of the configure options:
CC=gcc
This parameter specifies the compiler to use.
-G
Omit parts of the test suite that won't work until the bc program has been installed.
-O3
Specify the optimization to use.
-r
Enable the use of Readline to improve the line editing feature of bc.
Compile the package:
make
To test bc, run:
make test
Install the package:
make install
The Flex package contains a utility for generating programs that recognize patterns in text.
Prepare Flex for compilation:
./configure --prefix=/usr \ --docdir=/usr/share/doc/flex-2.6.4 \ --disable-static
Compile the package:
make
To test the results (about 0.5 SBU), issue:
make check
Install the package:
make install
A few programs do not know about flex yet and try to run its
predecessor, lex. To support those
programs, create a symbolic link named lex
that runs flex
in lex emulation mode, and
also create the man page of lex as a symlink:
ln -sv flex /usr/bin/lex ln -sv flex.1 /usr/share/man/man1/lex.1
A tool for generating programs that recognize patterns in text; it allows for the versatility to specify the rules for pattern-finding, eradicating the need to develop a specialized program |
|
An extension of flex, is used for generating C++ code and classes. It is a symbolic link to flex |
|
A symbolic link that runs flex in lex emulation mode |
|
The |
The Tcl package contains the Tool Command Language, a robust general-purpose scripting language. The Expect package is written in Tcl (pronounced "tickle").
This package and the next two (Expect and DejaGNU) are installed to support running the test suites for Binutils, GCC and other packages. Installing three packages for testing purposes may seem excessive, but it is very reassuring, if not essential, to know that the most important tools are working properly.
Prepare Tcl for compilation:
SRCDIR=$(pwd) cd unix ./configure --prefix=/usr \ --mandir=/usr/share/man \ --disable-rpath
The meaning of the new configure parameters:
--disable-rpath
This parameter prevents hard coding library search paths (rpath) into the binary executable files and shared libraries. This package does not need rpath for an installation into the standard location, and rpath may sometimes cause unwanted effects or even security issues.
Build the package:
make sed -e "s|$SRCDIR/unix|/usr/lib|" \ -e "s|$SRCDIR|/usr/include|" \ -i tclConfig.sh sed -e "s|$SRCDIR/unix/pkgs/tdbc1.1.7|/usr/lib/tdbc1.1.7|" \ -e "s|$SRCDIR/pkgs/tdbc1.1.7/generic|/usr/include|" \ -e "s|$SRCDIR/pkgs/tdbc1.1.7/library|/usr/lib/tcl8.6|" \ -e "s|$SRCDIR/pkgs/tdbc1.1.7|/usr/include|" \ -i pkgs/tdbc1.1.7/tdbcConfig.sh sed -e "s|$SRCDIR/unix/pkgs/itcl4.2.4|/usr/lib/itcl4.2.4|" \ -e "s|$SRCDIR/pkgs/itcl4.2.4/generic|/usr/include|" \ -e "s|$SRCDIR/pkgs/itcl4.2.4|/usr/include|" \ -i pkgs/itcl4.2.4/itclConfig.sh unset SRCDIR
The various “sed” instructions after the “make” command remove references to the build directory from the configuration files and replace them with the install directory. This is not mandatory for the remainder of LFS, but may be needed if a package built later uses Tcl.
To test the results, issue:
make test
Install the package:
make install
Make the installed library writable so debugging symbols can be removed later:
chmod -v u+w /usr/lib/libtcl8.6.so
Install Tcl's headers. The next package, Expect, requires them.
make install-private-headers
Now make a necessary symbolic link:
ln -sfv tclsh8.6 /usr/bin/tclsh
Rename a man page that conflicts with a Perl man page:
mv /usr/share/man/man3/{Thread,Tcl_Thread}.3
Optionally, install the documentation by issuing the following commands:
cd .. tar -xf ../tcl8.6.14-html.tar.gz --strip-components=1 mkdir -v -p /usr/share/doc/tcl-8.6.14 cp -v -r ./html/* /usr/share/doc/tcl-8.6.14
The Expect package contains tools for automating, via scripted dialogues, interactive applications such as telnet, ftp, passwd, fsck, rlogin, and tip. Expect is also useful for testing these same applications as well as easing all sorts of tasks that are prohibitively difficult with anything else. The DejaGnu framework is written in Expect.
Expect needs PTYs to work. Verify that the PTYs are working properly inside the chroot environment by performing a simple test:
python3 -c 'from pty import spawn; spawn(["echo", "ok"])'
This command should output ok
. If, instead, the output includes
OSError: out of pty
devices
, then the environment is not set up for proper
PTY operation. You need to exit from the chroot environment,
read Section 7.3,
“Preparing Virtual Kernel File Systems” again, and ensure
the devpts
file system (and
other virtual kernel file systems) mounted correctly. Then
reenter the chroot environment following Section 7.4,
“Entering the Chroot Environment”. This issue needs to be
resolved before continuing, or the test suites requiring
Expect (for example the test suites of Bash, Binutils, GCC,
GDBM, and of course Expect itself) will fail
catastrophically, and other subtle breakages may also happen.
Now, make some changes to allow the package with gcc-14.1 or later:
patch -Np1 -i ../expect-5.45.4-gcc14-1.patch
Prepare Expect for compilation:
./configure --prefix=/usr \ --with-tcl=/usr/lib \ --enable-shared \ --disable-rpath \ --mandir=/usr/share/man \ --with-tclinclude=/usr/include
The meaning of the configure options:
--with-tcl=/usr/lib
This parameter is needed to tell configure where the tclConfig.sh script is located.
--with-tclinclude=/usr/include
This explicitly tells Expect where to find Tcl's internal headers.
Build the package:
make
To test the results, issue:
make test
Install the package:
make install ln -svf expect5.45.4/libexpect5.45.4.so /usr/lib
The DejaGnu package contains a framework for running test suites on GNU tools. It is written in expect, which itself uses Tcl (Tool Command Language).
The upstream recommends building DejaGNU in a dedicated build directory:
mkdir -v build cd build
Prepare DejaGNU for compilation:
../configure --prefix=/usr makeinfo --html --no-split -o doc/dejagnu.html ../doc/dejagnu.texi makeinfo --plaintext -o doc/dejagnu.txt ../doc/dejagnu.texi
To test the results, issue:
make check
Install the package:
make install install -v -dm755 /usr/share/doc/dejagnu-1.6.3 install -v -m644 doc/dejagnu.{html,txt} /usr/share/doc/dejagnu-1.6.3
The pkgconf package is a successor to pkg-config and contains a tool for passing the include path and/or library paths to build tools during the configure and make phases of package installations.
Prepare Pkgconf for compilation:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/pkgconf-2.3.0
Compile the package:
make
Install the package:
make install
To maintain compatibility with the original Pkg-config create two symlinks:
ln -sv pkgconf /usr/bin/pkg-config ln -sv pkgconf.1 /usr/share/man/man1/pkg-config.1
The Binutils package contains a linker, an assembler, and other tools for handling object files.
The Binutils documentation recommends building Binutils in a dedicated build directory:
mkdir -v build cd build
Prepare Binutils for compilation:
../configure --prefix=/usr \ --sysconfdir=/etc \ --enable-gold \ --enable-ld=default \ --enable-plugins \ --enable-shared \ --disable-werror \ --enable-64-bit-bfd \ --enable-new-dtags \ --with-system-zlib \ --enable-default-hash-style=gnu
The meaning of the new configure parameters:
--enable-gold
Build the gold linker and install it as ld.gold (alongside the default linker).
--enable-ld=default
Build the original bfd linker and install it as both ld (the default linker) and ld.bfd.
--enable-plugins
Enables plugin support for the linker.
--with-system-zlib
Use the installed zlib library instead of building the included version.
Compile the package:
make tooldir=/usr
The meaning of the make parameter:
tooldir=/usr
Normally, the tooldir (the directory where the
executables will ultimately be located) is set to
$(exec_prefix)/$(target_alias)
. For
example, x86_64 machines would expand that to
/usr/x86_64-pc-linux-gnu
.
Because this is a custom system, this target-specific
directory in /usr
is not
required. $(exec_prefix)/$(target_alias)
would
be used if the system were used to cross-compile (for
example, compiling a package on an Intel machine that
generates code that can be executed on PowerPC
machines).
The test suite for Binutils in this section is considered critical. Do not skip it under any circumstances.
Test the results:
make -k check
For a list of failed tests, run:
grep '^FAIL:' $(find -name '*.log')
Twelve tests fail in the gold test suite when the
--enable-default-pie
and
--enable-default-ssp
options are
passed to GCC.
Install the package:
make tooldir=/usr install
Remove useless static libraries:
rm -fv /usr/lib/lib{bfd,ctf,ctf-nobfd,gprofng,opcodes,sframe}.a
Translates program addresses to file names and line numbers; given an address and the name of an executable, it uses the debugging information in the executable to determine which source file and line number are associated with the address |
|
Creates, modifies, and extracts from archives |
|
An assembler that assembles the output of gcc into object files |
|
Used by the linker to de-mangle C++ and Java symbols and to keep overloaded functions from clashing |
|
The DWARF packaging utility |
|
Updates the ELF headers of ELF files |
|
Displays call graph profile data |
|
Gathers and analyzes performance data |
|
A linker that combines a number of object and archive files into a single file, relocating their data and tying up symbol references |
|
A cut down version of ld that only supports the elf object file format |
|
A hard link to ld |
|
Lists the symbols occurring in a given object file |
|
Translates one type of object file into another |
|
Displays information about the given object file, with options controlling the particular information to display; the information shown is useful to programmers who are working on the compilation tools |
|
Generates an index of the contents of an archive and stores it in the archive; the index lists all of the symbols defined by archive members that are relocatable object files |
|
Displays information about ELF type binaries |
|
Lists the section sizes and the total size for the given object files |
|
Outputs, for each given file, the sequences of printable characters that are of at least the specified length (defaulting to four); for object files, it prints, by default, only the strings from the initializing and loading sections while for other types of files, it scans the entire file |
|
Discards symbols from object files |
|
The Binary File Descriptor library |
|
The Compat ANSI-C Type Format debugging support library |
|
A libctf variant which does not use libbfd functionality |
|
A library containing most routines used by gprofng |
|
A library for dealing with opcodes—the “readable text” versions of instructions for the processor; it is used for building utilities like objdump |
|
A library to support online backtracing using a simple unwinder |
The GMP package contains math libraries. These have useful functions for arbitrary precision arithmetic.
If you are building for 32-bit x86, but you have a CPU
which is capable of running 64-bit code and you have specified
CFLAGS
in the environment, the
configure script will attempt to configure for 64-bits and
fail. Avoid this by invoking the configure command below
with
ABI=32
./configure ...
The default settings of GMP produce libraries optimized for
the host processor. If libraries suitable for processors
less capable than the host's CPU are desired, generic
libraries can be created by appending the --host=none-linux-gnu
option to the
configure
command.
Prepare GMP for compilation:
./configure --prefix=/usr \ --enable-cxx \ --disable-static \ --docdir=/usr/share/doc/gmp-6.3.0
The meaning of the new configure options:
--enable-cxx
This parameter enables C++ support
--docdir=/usr/share/doc/gmp-6.3.0
This variable specifies the correct place for the documentation.
Compile the package and generate the HTML documentation:
make make html
The test suite for GMP in this section is considered critical. Do not skip it under any circumstances.
Test the results:
make check 2>&1 | tee gmp-check-log
The code in gmp is highly optimized for the processor where
it is built. Occasionally, the code that detects the
processor misidentifies the system capabilities and there
will be errors in the tests or other applications using the
gmp libraries with the message Illegal instruction
. In this case,
gmp should be reconfigured with the option --host=none-linux-gnu
and rebuilt.
Ensure that at least 199 tests in the test suite passed. Check the results by issuing the following command:
awk '/# PASS:/{total+=$3} ; END{print total}' gmp-check-log
Install the package and its documentation:
make install make install-html
The MPFR package contains functions for multiple precision math.
Prepare MPFR for compilation:
./configure --prefix=/usr \ --disable-static \ --enable-thread-safe \ --docdir=/usr/share/doc/mpfr-4.2.1
Compile the package and generate the HTML documentation:
make make html
The test suite for MPFR in this section is considered critical. Do not skip it under any circumstances.
Test the results and ensure that all 198 tests passed:
make check
Install the package and its documentation:
make install make install-html
The MPC package contains a library for the arithmetic of complex numbers with arbitrarily high precision and correct rounding of the result.
Prepare MPC for compilation:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/mpc-1.3.1
Compile the package and generate the HTML documentation:
make make html
To test the results, issue:
make check
Install the package and its documentation:
make install make install-html
The Attr package contains utilities to administer the extended attributes of filesystem objects.
Prepare Attr for compilation:
./configure --prefix=/usr \ --disable-static \ --sysconfdir=/etc \ --docdir=/usr/share/doc/attr-2.5.2
Compile the package:
make
The tests must be run on a filesystem that supports extended attributes such as the ext2, ext3, or ext4 filesystems. To test the results, issue:
make check
Install the package:
make install
The Acl package contains utilities to administer Access Control Lists, which are used to define fine-grained discretionary access rights for files and directories.
Prepare Acl for compilation:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/acl-2.3.2
Compile the package:
make
The Acl tests must be run on a filesystem that supports access controls, but not until the Coreutils package has been built, using the Acl libraries. If desired, return to this package and run make check after the Coreutils package has been built.
Install the package:
make install
The Libcap package implements the userspace interface to the POSIX 1003.1e capabilities available in Linux kernels. These capabilities partition the all-powerful root privilege into a set of distinct privileges.
Prevent static libraries from being installed:
sed -i '/install -m.*STA/d' libcap/Makefile
Compile the package:
make prefix=/usr lib=lib
The meaning of the make option:
lib=lib
This parameter sets the library directory to
/usr/lib
rather than
/usr/lib64
on x86_64. It
has no effect on x86.
To test the results, issue:
make test
Install the package:
make prefix=/usr lib=lib install
A shell wrapper to explore and constrain capability support |
|
Examines file capabilities |
|
Displays the capabilities of the queried process(es) |
|
Sets file capabilities |
|
Contains the library functions for manipulating POSIX 1003.1e capabilities |
|
Contains functions to support POSIX semantics for syscalls associated with the pthread library |
The Libxcrypt package contains a modern library for one-way hashing of passwords.
Prepare Libxcrypt for compilation:
./configure --prefix=/usr \ --enable-hashes=strong,glibc \ --enable-obsolete-api=no \ --disable-static \ --disable-failure-tokens
The meaning of the new configure options:
--enable-hashes=strong,glibc
Build strong hash algorithms recommended for security
use cases, and the hash algorithms provided by
traditional Glibc libcrypt
for compatibility.
--enable-obsolete-api=no
Disable obsolete API functions. They are not needed for a modern Linux system built from source.
--disable-failure-tokens
Disable failure token feature. It's needed for compatibility with the traditional hash libraries of some platforms, but a Linux system based on Glibc does not need it.
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
The instructions above disabled obsolete API functions since no package installed by compiling from sources would link against them at runtime. However, the only known binary-only applications that link against these functions require ABI version 1. If you must have such functions because of some binary-only application or to be compliant with LSB, build the package again with the following commands:
make distclean ./configure --prefix=/usr \ --enable-hashes=strong,glibc \ --enable-obsolete-api=glibc \ --disable-static \ --disable-failure-tokens make cp -av --remove-destination .libs/libcrypt.so.1* /usr/lib
The Shadow package contains programs for handling passwords in a secure way.
If you've installed Linux-PAM, you should follow the BLFS shadow page instead of this page to build (or, rebuild or upgrade) shadow.
If you would like to enforce the use of strong passwords,
refer to
https://www.linuxfromscratch.org/blfs/view/stable-systemd/postlfs/cracklib.html
for installing CrackLib prior to building Shadow. Then add
--with-libcrack
to
the configure
command below.
Disable the installation of the groups program and its man pages, as Coreutils provides a better version. Also, prevent the installation of manual pages that were already installed in Section 8.3, “Man-pages-6.9.1”:
sed -i 's/groups$(EXEEXT) //' src/Makefile.in find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \; find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \; find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;
Instead of using the default
crypt method, use the
much more secure YESCRYPT method of password
encryption, which also allows passwords longer than 8
characters. It is also necessary to change the obsolete
/var/spool/mail
location for
user mailboxes that Shadow uses by default to the
/var/mail
location used
currently. And, remove /bin
and
/sbin
from the PATH
, since they are simply symlinks to their
counterparts in /usr
.
If you wish to include /bin
and/or /sbin
in the
PATH
for some reason, modify the
PATH
in .bashrc
after LFS has been built.
sed -e 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD YESCRYPT:' \ -e 's:/var/spool/mail:/var/mail:' \ -e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \ -i etc/login.defs
If you chose to build Shadow with Cracklib support, issue this command:
sed -i 's:DICTPATH.*:DICTPATH\t/lib/cracklib/pw_dict:' etc/login.defs
Prepare Shadow for compilation:
touch /usr/bin/passwd ./configure --sysconfdir=/etc \ --disable-static \ --with-{b,yes}crypt \ --without-libbsd \ --with-group-name-max-length=32
The meaning of the new configuration options:
The file /usr/bin/passwd
needs to exist because its location is hardcoded in
some programs; if it does not already exist, the
installation script will create it in the wrong place.
--with-{b,yes}crypt
The shell expands this to two switches, --with-bcrypt
and
--with-yescrypt
. They
allow shadow to use the Bcrypt and Yescrypt algorithms
implemented by Libxcrypt for hashing passwords.
These algorithms are more secure (in particular, much
more resistant to GPU-based attacks) than the
traditional SHA algorithms.
--with-group-name-max-length=32
The longest permissible user name is 32 characters. Make the maximum length of a group name the same.
--without-libbsd
Do not use the readpassphrase function from libbsd which is not in LFS. Use the internal copy instead.
Compile the package:
make
This package does not come with a test suite.
Install the package:
make exec_prefix=/usr install make -C man install-man
This package contains utilities to add, modify, and delete
users and groups; set and change their passwords; and perform
other administrative tasks. For a full explanation of what
password shadowing
means, see the doc/HOWTO
file
within the unpacked source tree. If you use Shadow support,
keep in mind that programs which need to verify passwords
(display managers, FTP programs, pop3 daemons, etc.) must be
Shadow-compliant. That is, they must be able to work with
shadowed passwords.
To enable shadowed passwords, run the following command:
pwconv
To enable shadowed group passwords, run:
grpconv
Shadow's default configuration for the useradd utility needs some
explanation. First, the default action for the useradd utility is to
create the user and a group with the same name as the user.
By default the user ID (UID) and group ID (GID) numbers will
begin at 1000. This means if you don't pass extra parameters
to useradd,
each user will be a member of a unique group on the system.
If this behavior is undesirable, you'll need to pass either
the -g
or -N
parameter to useradd, or else change the
setting of USERGROUPS_ENAB
in /etc/login.defs
. See useradd(8) for
more information.
Second, to change the default parameters, the file
/etc/default/useradd
must be
created and tailored to suit your particular needs. Create it
with:
mkdir -p /etc/default useradd -D --gid 999
/etc/default/useradd
parameter explanations
GROUP=999
This parameter sets the beginning of the group numbers
used in the /etc/group
file. The particular value 999 comes from the
--gid
parameter
above. You may set it to any desired value. Note that
useradd
will never reuse a UID or GID. If the number identified
in this parameter is used, it will use the next
available number. Note also that if you don't have a
group with an ID equal to this number on your system,
then the first time you use useradd without the
-g
parameter,
an error message will be generated—useradd: unknown GID 999
, even
though the account has been created correctly. That is
why we created the group users
with this group ID in
Section 7.6,
“Creating Essential Files and Symlinks.”
CREATE_MAIL_SPOOL=yes
This parameter causes useradd to create a
mailbox file for each new user. useradd will assign
the group ownership of this file to the mail
group with 0660 permissions.
If you would rather not create these files, issue the
following command:
sed -i '/MAIL/s/yes/no/' /etc/default/useradd
Choose a password for user root and set it by running:
passwd root
Used to change the maximum number of days between obligatory password changes |
|
Used to change a user's full name and other information |
|
Used to update group passwords in batch mode |
|
Used to update user passwords in batch mode |
|
Used to change a user's default login shell |
|
Checks and enforces the current password expiration policy |
|
Is used to examine the log of login failures, to set a maximum number of failures before an account is blocked, and to reset the failure count |
|
Is used to list the subordinate id ranges for a user |
|
Is used to add and delete members and administrators to groups |
|
Creates a group with the given name |
|
Deletes the group with the given name |
|
Allows a user to administer his/her own group membership list without the requirement of super user privileges. |
|
Is used to modify the given group's name or GID |
|
Verifies the integrity of the group files
|
|
Creates or updates the shadow group file from the normal group file |
|
Updates |
|
Is used by the system to let users sign on |
|
Is a daemon used to enforce restrictions on log-on time and ports |
|
Is used to set the gid mapping of a user namespace |
|
Is used to change the current GID during a login session |
|
Is used to set the uid mapping of a user namespace |
|
Is used to create or update an entire series of user accounts |
|
Displays a message saying an account is not available; it is designed to be used as the default shell for disabled accounts |
|
Is used to change the password for a user or group account |
|
Verifies the integrity of the password files
|
|
Creates or updates the shadow password file from the normal password file |
|
Updates |
|
Executes a given command while the user's GID is set to that of the given group |
|
Runs a shell with substitute user and group IDs |
|
Creates a new user with the given name, or updates the default new-user information |
|
Deletes the specified user account |
|
Is used to modify the given user's login name, user identification (UID), shell, initial group, home directory, etc. |
|
Edits the |
|
Edits the |
|
library to handle subordinate id ranges for users and groups |
The GCC package contains the GNU compiler collection, which includes the C and C++ compilers.
If building on x86_64, change the default directory name for 64-bit libraries to “lib”:
case $(uname -m) in x86_64) sed -e '/m64=/s/lib64/lib/' \ -i.orig gcc/config/i386/t-linux64 ;; esac
The GCC documentation recommends building GCC in a dedicated build directory:
mkdir -v build cd build
Prepare GCC for compilation:
../configure --prefix=/usr \ LD=ld \ --enable-languages=c,c++ \ --enable-default-pie \ --enable-default-ssp \ --enable-host-pie \ --disable-multilib \ --disable-bootstrap \ --disable-fixincludes \ --with-system-zlib
GCC supports seven different computer languages, but the prerequisites for most of them have not yet been installed. See the BLFS Book GCC page for instructions on how to build all of GCC's supported languages.
The meaning of the new configure parameters:
LD=ld
This parameter makes the configure script use the ld program installed by the Binutils package built earlier in this chapter, rather than the cross-built version which would otherwise be used.
--disable-fixincludes
By default, during the installation of GCC some system headers would be “fixed” to be used with GCC. This is not necessary for a modern Linux system, and potentially harmful if a package is reinstalled after installing GCC. This switch prevents GCC from “fixing” the headers.
--with-system-zlib
This switch tells GCC to link to the system installed copy of the Zlib library, rather than its own internal copy.
PIE (position-independent executables) are binary programs that can be loaded anywhere in memory. Without PIE, the security feature named ASLR (Address Space Layout Randomization) can be applied for the shared libraries, but not for the executables themselves. Enabling PIE allows ASLR for the executables in addition to the shared libraries, and mitigates some attacks based on fixed addresses of sensitive code or data in the executables.
SSP (Stack Smashing Protection) is a technique to ensure that the parameter stack is not corrupted. Stack corruption can, for example, alter the return address of a subroutine, thus transferring control to some dangerous code (existing in the program or shared libraries, or injected by the attacker somehow).
Compile the package:
make
In this section, the test suite for GCC is considered important, but it takes a long time. First-time builders are encouraged to run the test suite. The time to run the tests can be reduced significantly by adding -jx to the make -k check command below, where x is the number of CPU cores on your system.
GCC may need more stack space compiling some extremely complex code patterns. As a precaution for the host distros with a tight stack limit, explicitly set the stack size hard limit to infinite. On most host distros (and the final LFS system) the hard limit is infinite by default, but there is no harm done by setting it explicitly. It's not necessary to change the stack size soft limit because GCC will automatically set it to an appropriate value, as long as the value does not exceed the hard limit:
ulimit -s -H unlimited
Now remove/fix several known test failures:
sed -e '/cpython/d' -i ../gcc/testsuite/gcc.dg/plugin/plugin.exp sed -e 's/no-pic /&-no-pie /' -i ../gcc/testsuite/gcc.target/i386/pr113689-1.c sed -e 's/300000/(1|300000)/' -i ../libgomp/testsuite/libgomp.c-c++-common/pr109062.c sed -e 's/{ target nonpic } //' \ -e '/GOTPCREL/d' -i ../gcc/testsuite/gcc.target/i386/fentryname3.c
Test the results as a non-privileged user, but do not stop at errors:
chown -R tester . su tester -c "PATH=$PATH make -k check"
To extract a summary of the test suite results, run:
../contrib/test_summary
To filter out only the summaries, pipe the output through
grep -A7
Summ
.
Results can be compared with those located at https://www.linuxfromscratch.org/lfs/build-logs/12.2/ and https://gcc.gnu.org/ml/gcc-testresults/.
A few unexpected failures cannot always be avoided. In some cases test failures depend on the specific hardware of the system. Unless the test results are vastly different from those at the above URL, it is safe to continue.
Install the package:
make install
The GCC build directory is owned by tester
now, and the ownership of the
installed header directory (and its content) is incorrect.
Change the ownership to the root
user and group:
chown -v -R root:root \ /usr/lib/gcc/$(gcc -dumpmachine)/14.2.0/include{,-fixed}
Create a symlink required by the FHS for "historical" reasons.
ln -svr /usr/bin/cpp /usr/lib
Many packages use the name cc to call the C compiler. We've already created cc as a symlink in gcc-pass2, create its man page as a symlink as well:
ln -sv gcc.1 /usr/share/man/man1/cc.1
Add a compatibility symlink to enable building programs with Link Time Optimization (LTO):
ln -sfv ../../libexec/gcc/$(gcc -dumpmachine)/14.2.0/liblto_plugin.so \ /usr/lib/bfd-plugins/
Now that our final toolchain is in place, it is important to again ensure that compiling and linking will work as expected. We do this by performing some sanity checks:
echo 'int main(){}' > dummy.c cc dummy.c -v -Wl,--verbose &> dummy.log readelf -l a.out | grep ': /lib'
There should be no errors, and the output of the last command will be (allowing for platform-specific differences in the dynamic linker name):
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
Now make sure that we're set up to use the correct start files:
grep -E -o '/usr/lib.*/S?crt[1in].*succeeded' dummy.log
The output of the last command should be:
/usr/lib/gcc/x86_64-pc-linux-gnu/14.2.0/../../../../lib/Scrt1.o succeeded
/usr/lib/gcc/x86_64-pc-linux-gnu/14.2.0/../../../../lib/crti.o succeeded
/usr/lib/gcc/x86_64-pc-linux-gnu/14.2.0/../../../../lib/crtn.o succeeded
Depending on your machine architecture, the above may differ
slightly. The difference will be the name of the directory
after /usr/lib/gcc
. The
important thing to look for here is that gcc has found all three
crt*.o
files under the
/usr/lib
directory.
Verify that the compiler is searching for the correct header files:
grep -B4 '^ /usr/include' dummy.log
This command should return the following output:
#include <...> search starts here:
/usr/lib/gcc/x86_64-pc-linux-gnu/14.2.0/include
/usr/local/include
/usr/lib/gcc/x86_64-pc-linux-gnu/14.2.0/include-fixed
/usr/include
Again, the directory named after your target triplet may be different than the above, depending on your system architecture.
Next, verify that the new linker is being used with the correct search paths:
grep 'SEARCH.*/usr/lib' dummy.log |sed 's|; |\n|g'
References to paths that have components with '-linux-gnu' should be ignored, but otherwise the output of the last command should be:
SEARCH_DIR("/usr/x86_64-pc-linux-gnu/lib64")
SEARCH_DIR("/usr/local/lib64")
SEARCH_DIR("/lib64")
SEARCH_DIR("/usr/lib64")
SEARCH_DIR("/usr/x86_64-pc-linux-gnu/lib")
SEARCH_DIR("/usr/local/lib")
SEARCH_DIR("/lib")
SEARCH_DIR("/usr/lib");
A 32-bit system may use a few other directories. For example, here is the output from an i686 machine:
SEARCH_DIR("/usr/i686-pc-linux-gnu/lib32")
SEARCH_DIR("/usr/local/lib32")
SEARCH_DIR("/lib32")
SEARCH_DIR("/usr/lib32")
SEARCH_DIR("/usr/i686-pc-linux-gnu/lib")
SEARCH_DIR("/usr/local/lib")
SEARCH_DIR("/lib")
SEARCH_DIR("/usr/lib");
Next make sure that we're using the correct libc:
grep "/lib.*/libc.so.6 " dummy.log
The output of the last command should be:
attempt to open /usr/lib/libc.so.6 succeeded
Make sure GCC is using the correct dynamic linker:
grep found dummy.log
The output of the last command should be (allowing for platform-specific differences in dynamic linker name):
found ld-linux-x86-64.so.2 at /usr/lib/ld-linux-x86-64.so.2
If the output does not appear as shown above or is not received at all, then something is seriously wrong. Investigate and retrace the steps to find out where the problem is and correct it. Any issues should be resolved before continuing with the process.
Once everything is working correctly, clean up the test files:
rm -v dummy.c a.out dummy.log
Finally, move a misplaced file:
mkdir -pv /usr/share/gdb/auto-load/usr/lib mv -v /usr/lib/*gdb.py /usr/share/gdb/auto-load/usr/lib
The C++ compiler |
|
The C compiler |
|
The C preprocessor; it is used by the compiler to expand the #include, #define, and similar directives in the source files |
|
The C++ compiler |
|
The C compiler |
|
A wrapper around ar that adds a plugin to the command line. This program is only used to add "link time optimization" and is not useful with the default build options. |
|
A wrapper around nm that adds a plugin to the command line. This program is only used to add "link time optimization" and is not useful with the default build options. |
|
A wrapper around ranlib that adds a plugin to the command line. This program is only used to add "link time optimization" and is not useful with the default build options. |
|
A coverage testing tool; it is used to analyze programs to determine where optimizations will have the greatest effect |
|
Offline gcda and gcno profile dump tool |
|
Offline gcda profile processing tool |
|
Tool for dumping object files produced by GCC with LTO enabled |
|
The Address Sanitizer runtime library |
|
GCC atomic built-in runtime library |
|
A library that allows GDB to make use of GCC |
|
Contains run-time support for gcc |
|
This library is linked into a program when GCC is instructed to enable profiling |
|
GNU implementation of the OpenMP API for multi-platform shared-memory parallel programming in C/C++ and Fortran |
|
The Hardware-assisted Address Sanitizer runtime library |
|
The GNU transactional memory library |
|
The Leak Sanitizer runtime library |
|
GCC's LTO plugin allows Binutils to process object files produced by GCC with LTO enabled |
|
GCC Quad Precision Math Library API |
|
Contains routines supporting GCC's stack-smashing protection functionality. Normally it is not used, because Glibc also provides those routines. |
|
The standard C++ library |
|
Experimental C++ Contracts library |
|
ISO/IEC TS 18822:2015 Filesystem library |
|
Provides supporting routines for the C++ programming language |
|
The Thread Sanitizer runtime library |
|
The Undefined Behavior Sanitizer runtime library |
The Ncurses package contains libraries for terminal-independent handling of character screens.
Prepare Ncurses for compilation:
./configure --prefix=/usr \ --mandir=/usr/share/man \ --with-shared \ --without-debug \ --without-normal \ --with-cxx-shared \ --enable-pc-files \ --with-pkg-config-libdir=/usr/lib/pkgconfig
The meaning of the new configure options:
--with-shared
This makes Ncurses build and install shared C libraries.
--without-normal
This prevents Ncurses building and installing static C libraries.
--without-debug
This prevents Ncurses building and installing debug libraries.
--with-cxx-shared
This makes Ncurses build and install shared C++ bindings. It also prevents it building and installing static C++ bindings.
--enable-pc-files
This switch generates and installs .pc files for pkg-config.
Compile the package:
make
This package has a test suite, but it can only be run after
the package has been installed. The tests reside in the
test/
directory. See the
README
file in that directory
for further details.
The installation of this package will overwrite libncursesw.so.6.5
in-place. It may crash
the shell process which is using code and data from the
library file. Install the package with DESTDIR
, and replace the library file
correctly using install command (the header
curses.h
is also edited to
ensure the wide-character ABI to be used as what we've done
in Section 6.3, “Ncurses-6.5”):
make DESTDIR=$PWD/dest install install -vm755 dest/usr/lib/libncursesw.so.6.5 /usr/lib rm -v dest/usr/lib/libncursesw.so.6.5 sed -e 's/^#if.*XOPEN.*$/#if 1/' \ -i dest/usr/include/curses.h cp -av dest/* /
Many applications still expect the linker to be able to find
non-wide-character Ncurses libraries. Trick such applications
into linking with wide-character libraries by means of
symlinks (note that the .so
links are only safe with curses.h
edited to always use the
wide-character ABI):
for lib in ncurses form panel menu ; do ln -sfv lib${lib}w.so /usr/lib/lib${lib}.so ln -sfv ${lib}w.pc /usr/lib/pkgconfig/${lib}.pc done
Finally, make sure that old applications that look for
-lcurses
at build time are
still buildable:
ln -sfv libncursesw.so /usr/lib/libcurses.so
If desired, install the Ncurses documentation:
cp -v -R doc -T /usr/share/doc/ncurses-6.5
The instructions above don't create non-wide-character Ncurses libraries since no package installed by compiling from sources would link against them at runtime. However, the only known binary-only applications that link against non-wide-character Ncurses libraries require version 5. If you must have such libraries because of some binary-only application or to be compliant with LSB, build the package again with the following commands:
make distclean ./configure --prefix=/usr \ --with-shared \ --without-normal \ --without-debug \ --without-cxx-binding \ --with-abi-version=5 make sources libs cp -av lib/lib*.so.5* /usr/lib
Converts a termcap description into a terminfo description |
|
Clears the screen, if possible |
|
Compares or prints out terminfo descriptions |
|
Converts a terminfo description into a termcap description |
|
Provides configuration information for ncurses |
|
Reinitializes a terminal to its default values |
|
Clears and sets tab stops on a terminal |
|
The terminfo entry-description compiler that translates a terminfo file from source format into the binary format needed for the ncurses library routines [A terminfo file contains information on the capabilities of a certain terminal.] |
|
Lists all available terminal types, giving the primary name and description for each |
|
Makes the values of terminal-dependent capabilities available to the shell; it can also be used to reset or initialize a terminal or report its long name |
|
Can be used to initialize terminals |
|
Contains functions to display text in many complex ways on a terminal screen; a good example of the use of these functions is the menu displayed during the kernel's make menuconfig |
|
Contains C++ binding for other libraries in this package |
|
Contains functions to implement forms |
|
Contains functions to implement menus |
|
Contains functions to implement panels |
The Sed package contains a stream editor.
Prepare Sed for compilation:
./configure --prefix=/usr
Compile the package and generate the HTML documentation:
make make html
To test the results, issue:
chown -R tester . su tester -c "PATH=$PATH make check"
Install the package and its documentation:
make install install -d -m755 /usr/share/doc/sed-4.9 install -m644 doc/sed.html /usr/share/doc/sed-4.9
The Psmisc package contains programs for displaying information about running processes.
Prepare Psmisc for compilation:
./configure --prefix=/usr
Compile the package:
make
To run the test suite, run:
make check
Install the package:
make install
Reports the Process IDs (PIDs) of processes that use the given files or file systems |
|
Kills processes by name; it sends a signal to all processes running any of the given commands |
|
Peek at file descriptors of a running process, given its PID |
|
Prints information about a process |
|
Reports current logs path of a process |
|
Displays running processes as a tree |
|
Same as pstree, except that it waits for confirmation before exiting |
The Gettext package contains utilities for internationalization and localization. These allow programs to be compiled with NLS (Native Language Support), enabling them to output messages in the user's native language.
Prepare Gettext for compilation:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/gettext-0.22.5
Compile the package:
make
To test the results (this takes a long time, around 3 SBUs), issue:
make check
Install the package:
make install chmod -v 0755 /usr/lib/preloadable_libintl.so
Copies standard Gettext infrastructure files into a source package |
|
Substitutes environment variables in shell format strings |
|
Translates a natural language message into the user's language by looking up the translation in a message catalog |
|
Primarily serves as a shell function library for gettext |
|
Copies all standard Gettext files into the given top-level directory of a package to begin internationalizing it |
|
Filters the messages of a translation catalog according to their attributes and manipulates the attributes |
|
Concatenates and merges the given |
|
Compares two |
|
Finds the messages that are common to the given
|
|
Converts a translation catalog to a different character encoding |
|
Creates an English translation catalog |
|
Applies a command to all translations of a translation catalog |
|
Applies a filter to all translations of a translation catalog |
|
Generates a binary message catalog from a translation catalog |
|
Extracts all messages of a translation catalog that match a given pattern or belong to some given source files |
|
Creates a new |
|
Combines two raw translations into a single file |
|
Decompiles a binary message catalog into raw translation text |
|
Unifies duplicate translations in a translation catalog |
|
Displays native language translations of a textual message whose grammatical form depends on a number |
|
Recodes Serbian text from Cyrillic to Latin script |
|
Extracts the translatable message lines from the given source files to make the first translation template |
|
Defines the autosprintf class, which makes C formatted output routines usable in C++ programs, for use with the <string> strings and the <iostream> streams |
|
Contains common routines used by the various Gettext programs; these are not intended for general use |
|
Used to write specialized programs that process
|
|
Provides common routines used by the various Gettext programs; these are not intended for general use |
|
Text styling library |
|
A library, intended to be used by LD_PRELOAD, that
helps |
The Bison package contains a parser generator.
Prepare Bison for compilation:
./configure --prefix=/usr --docdir=/usr/share/doc/bison-3.8.2
Compile the package:
make
To test the results (about 5.5 SBU), issue:
make check
Install the package:
make install
Generates, from a series of rules, a program for analyzing the structure of text files; Bison is a replacement for Yacc (Yet Another Compiler Compiler) |
|
A wrapper for bison, meant for
programs that still call yacc instead of
bison; it calls
bison
with the |
|
The Yacc library containing implementations of
Yacc-compatible |
The Grep package contains programs for searching through the contents of files.
First, remove a warning about using egrep and fgrep that makes tests on some packages fail:
sed -i "s/echo/#echo/" src/egrep.sh
Prepare Grep for compilation:
./configure --prefix=/usr
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
The Bash package contains the Bourne-Again Shell.
Prepare Bash for compilation:
./configure --prefix=/usr \ --without-bash-malloc \ --with-installed-readline \ bash_cv_strtold_broken=no \ --docdir=/usr/share/doc/bash-5.2.32
The meaning of the new configure option:
--with-installed-readline
This option tells Bash to use the readline
library that is already
installed on the system rather than using its own
readline version.
Compile the package:
make
Skip down to “Install the package” if not running the test suite.
To prepare the tests, ensure that the tester
user can write to the sources
tree:
chown -R tester .
The test suite of this package is designed to be run as a
non-root
user who owns the
terminal connected to standard input. To satisfy the
requirement, spawn a new pseudo terminal using Expect and run the tests as the
tester
user:
su -s /usr/bin/expect tester << "EOF" set timeout -1 spawn make tests expect eof lassign [wait] _ _ _ value exit $value EOF
The test suite uses diff to detect the
difference between test script output and the expected
output. Any output from diff (prefixed with
<
and >
) indicates a test failure,
unless there is a message saying the difference can be
ignored. One test named run-builtins
is known to fail on some host
distros with a difference on the first line of the output.
Install the package:
make install
Run the newly compiled bash program (replacing the one that is currently being executed):
exec /usr/bin/bash --login
A widely-used command interpreter; it performs many types of expansions and substitutions on a given command line before executing it, thus making this interpreter a powerful tool |
|
A shell script to help the user compose and mail standard formatted bug reports concerning bash |
|
A symlink to the bash program; when invoked as sh, bash tries to mimic the startup behavior of historical versions of sh as closely as possible, while conforming to the POSIX standard as well |
The Libtool package contains the GNU generic library support script. It makes the use of shared libraries simpler with a consistent, portable interface.
Prepare Libtool for compilation:
./configure --prefix=/usr
Compile the package:
make
To test the results, issue:
make -k check
Five tests are known to fail in the LFS build environment due to a circular dependency, but these tests pass if rechecked after automake has been installed. Additionally, with grep-3.8 or newer, two tests will trigger a warning for non-POSIX regular expressions and fail.
Install the package:
make install
Remove a useless static library:
rm -fv /usr/lib/libltdl.a
The GDBM package contains the GNU Database Manager. It is a library of database functions that uses extensible hashing and works like the standard UNIX dbm. The library provides primitives for storing key/data pairs, searching and retrieving the data by its key and deleting a key along with its data.
Prepare GDBM for compilation:
./configure --prefix=/usr \ --disable-static \ --enable-libgdbm-compat
The meaning of the configure option:
--enable-libgdbm-compat
This switch enables building the libgdbm compatibility library. Some packages outside of LFS may require the older DBM routines it provides.
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
Gperf generates a perfect hash function from a key set.
Prepare Gperf for compilation:
./configure --prefix=/usr --docdir=/usr/share/doc/gperf-3.1
Compile the package:
make
The tests are known to fail if running multiple simultaneous tests (-j option greater than 1). To test the results, issue:
make -j1 check
Install the package:
make install
The Expat package contains a stream oriented C library for parsing XML.
Prepare Expat for compilation:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/expat-2.6.2
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
If desired, install the documentation:
install -v -m644 doc/*.{html,css} /usr/share/doc/expat-2.6.2
The Inetutils package contains programs for basic networking.
First, make the package build with gcc-14.1 or later::
sed -i 's/def HAVE_TERMCAP_TGETENT/ 1/' telnet/telnet.c
Prepare Inetutils for compilation:
./configure --prefix=/usr \ --bindir=/usr/bin \ --localstatedir=/var \ --disable-logger \ --disable-whois \ --disable-rcp \ --disable-rexec \ --disable-rlogin \ --disable-rsh \ --disable-servers
The meaning of the configure options:
--disable-logger
This option prevents Inetutils from installing the logger program, which is used by scripts to pass messages to the System Log Daemon. Do not install it because Util-linux installs a more recent version.
--disable-whois
This option disables the building of the Inetutils whois client, which is out of date. Instructions for a better whois client are in the BLFS book.
--disable-r*
These parameters disable building obsolete programs that should not be used due to security issues. The functions provided by these programs can be provided by the openssh package in the BLFS book.
--disable-servers
This disables the installation of the various network servers included as part of the Inetutils package. These servers are deemed not appropriate in a basic LFS system. Some are insecure by nature and are only considered safe on trusted networks. Note that better replacements are available for many of these servers.
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install
Move a program to the proper location:
mv -v /usr/{,s}bin/ifconfig
Show the system's DNS domain name |
|
Is the file transfer protocol program |
|
Reports or sets the name of the host |
|
Manages network interfaces |
|
Sends echo-request packets and reports how long the replies take |
|
A version of ping for IPv6 networks |
|
Is used to chat with another user |
|
An interface to the TELNET protocol |
|
A trivial file transfer program |
|
Traces the route your packets take from the host you are working on to another host on a network, showing all the intermediate hops (gateways) along the way |
The Less package contains a text file viewer.
Prepare Less for compilation:
./configure --prefix=/usr --sysconfdir=/etc
The meaning of the configure options:
--sysconfdir=/etc
This option tells the programs created by the package
to look in /etc
for the
configuration files.
Compile the package:
make
To test the results, issue:
make check
Install the package:
make install