How to "make modules_install" from cross-build environment to target? (ipset source package)
Hello,
I'm trying to install the "ipset" command to a target device from a cross-build environment on my PC (Ubuntu 18.0.4 on VirtualBox hosted by Windows 11). According to the README file included in the extracted ipset-7.17.tar.bz2 package, I need to run % ./autogen.sh % ./configure % make % make modules % make install % make modules_install Under my cross-build environment (after executing "source /opt/pxc/sdk/EPC1502/2022.0/environment-setup-corei7-64-pxc-linux", it was the toolchain directory provided by the target device vendor), * "./autogen.sh" was completed, * "./configure --host x86_64-pxc-linux" was completed (x86_64-pxc-linux was my target prefix), * "make" was completed, * "make modules" was completed, * "sudo make install DESTDIR=/tmp/mydest/" was completed, I compressed /tmp/mydest/ into mydest.tgz, put mydest.tgz into the target device by sfpt, and extracted mydest.tgz over the root directory of the target machine. I added options "--host ~~~" of "configure" and "DESTDIR=~~~" of "make install," as it was cross-build. Finally, I wanted to "sudo make modules_install DESTDIR=/tmp/mydest", like "make install", but it didn't work well. "INSTALL_MOD_PATH=/tmp make modules_install" failed too. The error messages are as follows, ( "x)" is the line number of the message) 1) make -C /lib/modules/`uname -r`/build M=$PWD/kernel/net \ 2) KDIR=$PWD/kernel modules_install 3) make[1]: Entering directory '/usr/src/linux-headers-5.4.0-137-generic' 4) INSTALL /home/yumoto/ipset_exp/ipset-7.17/kernel/net/netfilter/ipset/ip_set.ko 5) At main.c:160: 6) - SSL error:02001002:system library:fopen:No such file or directory: ../crypto/bio/bss_file.c:72 7) - SSL error:2006D080:BIO routines:BIO_new_file:no such file: ../crypto/bio/bss_file.c:79 8) sign-file: certs/signing_key.pem: No such file or directory (and similar messages repeated.) Then, I have these questions, Q1. As a result of `uname -r`, kernel version 5.4.0-137-generic was used in 3), but the target kernel was 5.4.47-rt28-pxc. Is it OK, or do I need to add something option to "make modules_install"? Q2. From 6), 7), and 8), it seemed that I should have prepared additional files. Searching for these error messages on the Internet, I found articles about something called "sign make," but I have not understood yet. Do I need to "apt install" additional something into my cross-build environment? *Cross build environment is on Ubuntu 18.0.4 on VirtualBox hosted by Windows 11, *Target device is EPC 1502 of Phoenix Contact, YOCTO Linux based system with customized and patched kernel "5.4.47-rt28-pxc", *Toolchain is PLCnext_Toolchain_Linux_2022.0.sh provided by the vendor (Phoenix Contact), *SDK is pxc-glibc-x86_64-epc1502-image-sdk-corei7-64-epc1500-64-toolchain-2022.0.sh provided by the vendor (Phoenix Contact). Any advice would be greatly appreciated. Thanks. |
Unless you add signing and verifications to the modules, they are just static files built into the default location directory. You can take those files(compress that folder) and use them.
Not sure how you build modules to another location though, but I'm fairly sure it is an option in the Kernel config itself. I vaguely remember having seen such a thing in there. |
Thanks for your advice. > zeebra
When I checked /proc/config.gz on the target device, I could not find any ipset-related items as follows, root@epc1502:/proc# zcat /proc/config.gz | grep IPTABLE CONFIG_IP_NF_IPTABLES=y CONFIG_IP6_NF_IPTABLES=m root@epc1502:/proc# zcat /proc/config.gz | grep -i IPSET root@epc1502:/proc# I guessed it meant the kernel did not support ipset; was it correct? |
Quote:
I would check it manually if I was you, or find that website to verify the names of the modules. |
I found this site, a kind of Linux Kernel Driver Database,
https://cateee.net/lkddb/format.html According to the site, the items related to ipset are CONFIG_NET_EMATCH_IPSET CONFIG_IP_SET CONFIG_IP_SET_BITMAP_IP CONFIG_IP_SET_BITMAP_IPMAC CONFIG_IP_SET_BITMAP_PORT CONFIG_IP_SET_HASH_IP CONFIG_IP_SET_HASH_IPMAC CONFIG_IP_SET_HASH_IPMARK CONFIG_IP_SET_HASH_IPPORT CONFIG_IP_SET_HASH_IPPORTIP CONFIG_IP_SET_HASH_IPPORTNET CONFIG_IP_SET_HASH_MAC CONFIG_IP_SET_HASH_NET CONFIG_IP_SET_HASH_NETIFACE CONFIG_IP_SET_HASH_NETNET CONFIG_IP_SET_HASH_NETPORT CONFIG_IP_SET_HASH_NETPORTNET CONFIG_IP_SET_LIST_SET So I should search for "IPSET" and "IP_SET" from /proc/config.gz. Then, I found only a comment, "# CONFIG_IP_SET is not set" as below, root@epc1502:~# zcat /proc/config.gz | grep -i IPSET root@epc1502:~# zcat /proc/config.gz | grep -i IP_SET # CONFIG_IP_SET is not set root@epc1502:~# It seems that I can't use ipset unless the kernel is rebuilt with any option to enable ipset. But the vendor doesn't provide any kernel rebuilding way. I believe this is because they tuned the product strictly for real-time factory automation control. So, in this case, I should give up using ipset with this device. |
Quote:
Yup. IP_SET, not IPSET. Always a surprise in store. You have to rebuild it with IP_SET to use it yes, but if the situation doesn't allow that, then, well.. But never say never, but I don't know another way, but perhaps there is one. |
All times are GMT -5. The time now is 12:36 PM. |