1 on 1 ÷ blog» How-to: Compile a New Kernel on Debian Etch Linux

How-to: Compile a New Kernel on Debian Etch Linux

Written by Vlad

April 27 2008
In: Linux
Tags: compile, debian, kernel

I am currently taking care of 4 servers used in production, and 3 of them are running Debian Linux (version 4 – Etch). Since I upgraded to 4.0r2 I had a lot of new stability issues with varius servers and applications and it proved that the problems were generated by the kernel version bundled with the distribution (2.6.18-5-686).

The decision was to update the kernel with a locally compiled version from the official distribution website, and I chose the latest version available: 2.6.24.4. Compiling a kernel on Debian requires a few extra steps to build the kernel package, but all in all it is a very simple procedure.

I do not recommend to start compiling a kernel and install it right away if you have never done anything similar, as it might break your installation after reboot. It is advisable to do some reading about configuring the linux kernel before taking further steps.

The actual configure/compile/install procedure

Install the Debian-required kernel packages for building the kernel:
apt-get install kernel-package

Update the maintaner name and email in /etc/kernel-pkg.conf

Download the kernel package, unarchive and create all links in /usr/src:
cd /usr/src wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.24.4.tar.bz2 tar xjvf linux-2.6.24.4.tar.bz2 ln -s linux-2.6.24.4 linux cd linux

Copy the configuration from the Debian compiled kernel:
cp /boot/config-2.6.18-5-686 .config

Start the configuration, compile and create the .deb package:
make-kpkg --revision=LocalyCompiled --initrd kernel_image --config=menuconfig

After the compilation you will find a new kernel image linux-image-2.6.24.4_LocalyCompiled_i386.deb

To install the new kernel, install the .deb package, and reboot your sistem:
dpkg --install linux-image-2.6.24.4_ LocalyCompiled_i386.deb

Configuring the kernel

During the configuration of the new kernel, due to changes in the kernel internal architecture and in order to compile an optimized version, there are a few things that need to be changed from the initial 2.6.18-5-686 config:

CPU: Core 2
Memory Support: 64GB
Enable Serial ATA (prod) and Parallel ATA (experimental) drivers
Enable both SATA AHCI & Intel ICH
Network: remove e1000
Remove support for: 10 000Mbit Network Adapters, Firewire, ISDN, Telephony, Sound card, MMC/SD, and others
Enable CBQ, HTB
Netfilter: enable all that is required for iptables filtering

Extra security?

For this release of the custom-built kernel I also tried to bundle some extra security patches, from the grsecurity website but unfortunately there was no stable patch available for this particular kernel version. Watch the project’s website for updates that fit a more recent kernel version which matches with your needs.