tag:blogger.com,1999:blog-4088979.post115879930363876521..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Multiple Kernels on FreeBSDRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-4088979.post-49069568409636749072012-09-24T13:46:58.751-04:002012-09-24T13:46:58.751-04:00I realize this post is old, but it was able to get...I realize this post is old, but it was able to get me along into the process as well. However, I'd like to know if there can be a menu item added to the beastie when a system boots.<br /><br />Here is my scenario...I would like to have 2 kernels installed. The default kernel is intended to be the production run-time kernel and the 2nd is a debug kernel with DDB enabled.<br /><br />If a system kernel panics, it will reboot and boot into the default kernel. What if I want to choose the menu option to boot into this debug kernel in case it panics again relatively soon after rebooting?Ricknoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-68579873440065119372009-02-10T03:41:00.000-05:002009-02-10T03:41:00.000-05:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1162565141156921642006-11-03T09:45:00.000-05:002006-11-03T09:45:00.000-05:00You can run freebsd-update on a box with a custom ...You can run freebsd-update on a box with a custom kernel. freebsd-update will say the kernel is not GENERIC, but it will then update the userland without a problem.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1162486695283114272006-11-02T11:58:00.000-05:002006-11-02T11:58:00.000-05:00Can this method be used in conjunction with freebs...Can this method be used in conjunction with freebsd-update?<BR/><BR/>I'm currently running a custom 6.0 kernel (turned on IPFilter). <BR/><BR/>## I want to move to freebsd-update to take care of 6.0 > 6.1 and security patches.<BR/>First I restore GENERIC kernel:<BR/>cd /usr/src<BR/>make buildkernel KERNCONF=GENERIC<BR/>make installkernel KERNCONF=GENERIC<BR/><BR/>I have not (that I recall) updated any kernel sources.<BR/><BR/>Next I use freebsd-update (installed from ports) according to its man page.<BR/><BR/>## I want to use the above method to extend the GENERIC kernel without modifying it.<BR/>Implement GENERIC.FIREWALL to add in IPFilter (later pfSense).<BR/><BR/>Am I correct in assuming that you only revert to GENERIC when using freebsd-update, then once the binary update is complete, you recompile with GENERIC.SECURITY?<BR/><BR/>Thanks for any response.<BR/><BR/>PS I tried to post this comment in Camino 1.0.3 (cookies off), I could not see the word for verification; so I used Safari.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1158895826474636122006-09-21T23:30:00.000-04:002006-09-21T23:30:00.000-04:00joe,FreeBSD Update will be supporting AMD64 soon. ...joe,<BR/><BR/>FreeBSD Update will be supporting AMD64 soon. I've talked to someone who will be providing the hardware needed -- my understanding is that we're just waiting for someone at the datacentre to add it to the FreeBSD cluster.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1158833271435798292006-09-21T06:07:00.000-04:002006-09-21T06:07:00.000-04:00Hi Joe,In this example I built GENERIC.SECURITY ma...Hi Joe,<BR/><BR/>In this example I built GENERIC.SECURITY mainly as an example. When I get a chance to blog again I am going to contrast performance of GENERIC.SECURITY with GENERIC.POLLING. I'll build GENERIC.POLLING using the method in this post.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1158818707455835702006-09-21T02:05:00.000-04:002006-09-21T02:05:00.000-04:00This is helpful to me since I am running on amd64 ...This is helpful to me since I am running on amd64 and freebsd update does not provide updates for !i386. Perhaps I need to donate more money to Colin...?<BR/><BR/>One question, since you are on i386, why not just use freebsd-update to upate the kernel with a binary update on the slow boxes? I noticed you wanted to keep the default kernel. Any reason for this?Anonymousnoreply@blogger.com