From c1017c1b46ad4fd62075563eb6d2276cc7d88f0d Mon Sep 17 00:00:00 2001 From: Rahul Jadhav Date: Sun, 20 Jul 2025 07:07:55 +0530 Subject: [PATCH 1/4] added simplified URL redirection Signed-off-by: Rahul Jadhav --- README.md | 7 ++++--- tools/footer.md | 4 ++-- tools/header.md | 3 ++- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index e7683a0..d138666 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,12 @@ # Linux Kernel Configs for Popular Distros ![CI status](https://github.com/nyrahul/linux-kernel-configs/actions/workflows/ci-verify.yml/badge.svg) +[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/nyrahul/linux-kernel-configs?tab=readme-ov-file#contributions-welcome) There is often a need to check a kernel config and other OS configuration to make a dev/design decision. The question often pops-up, does the popular distributions support the kernel config that the implementation expects? This is an attempt to answer that. **My specific use-case**: -[KubeArmor](https://github.com/kubearmor/kubearmor) leverages LSMs (Linux Security Modules) and eBPF for in-kernel policy controls. We had to refer to kernel configs for making design/dev decisions regarding whether we can depend on a certain kernel primitive. The boot configs part of this repo helped in making an informed choice. +[KubeArmor](https://kubearmor.io/) leverages LSMs (Linux Security Modules) and eBPF for in-kernel policy controls. We had to refer to kernel configs for making design/dev decisions regarding whether we can depend on a certain kernel primitive. The boot configs part of this repo helped in making an informed choice. > Note: The lists below are sorted based on kernel version number. @@ -665,11 +666,11 @@ There is often a need to check a kernel config and other OS configuration to mak Use following command to create a Distro/Kernel specific folder with the corresponding markdowns: ``` -curl -s https://raw.githubusercontent.com/nyrahul/linux-kernel-configs/main/lk-config-get.sh | bash -s +curl -s https://lkc.rjed.in/ | bash -s ``` if `curl` is not available, use `wget` ... ``` -wget -q -O- https://raw.githubusercontent.com/nyrahul/linux-kernel-configs/main/lk-config-get.sh | bash -s +wget -q -O- https://lkc.rjed.in/ | bash -s ``` 1. Copy the folder to your github fork diff --git a/tools/footer.md b/tools/footer.md index 558cc04..83269b5 100644 --- a/tools/footer.md +++ b/tools/footer.md @@ -6,11 +6,11 @@ Use following command to create a Distro/Kernel specific folder with the corresponding markdowns: ``` -curl -s https://raw.githubusercontent.com/nyrahul/linux-kernel-configs/main/lk-config-get.sh | bash -s +curl -s https://lkc.rjed.in/ | bash -s ``` if `curl` is not available, use `wget` ... ``` -wget -q -O- https://raw.githubusercontent.com/nyrahul/linux-kernel-configs/main/lk-config-get.sh | bash -s +wget -q -O- https://lkc.rjed.in/ | bash -s ``` 1. Copy the folder to your github fork diff --git a/tools/header.md b/tools/header.md index 4653b50..a06747f 100644 --- a/tools/header.md +++ b/tools/header.md @@ -1,9 +1,10 @@ # Linux Kernel Configs for Popular Distros ![CI status](https://github.com/nyrahul/linux-kernel-configs/actions/workflows/ci-verify.yml/badge.svg) +[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/nyrahul/linux-kernel-configs?tab=readme-ov-file#contributions-welcome) There is often a need to check a kernel config and other OS configuration to make a dev/design decision. The question often pops-up, does the popular distributions support the kernel config that the implementation expects? This is an attempt to answer that. **My specific use-case**: -[KubeArmor](https://github.com/kubearmor/kubearmor) leverages LSMs (Linux Security Modules) and eBPF for in-kernel policy controls. We had to refer to kernel configs for making design/dev decisions regarding whether we can depend on a certain kernel primitive. The boot configs part of this repo helped in making an informed choice. +[KubeArmor](https://kubearmor.io/) leverages LSMs (Linux Security Modules) and eBPF for in-kernel policy controls. We had to refer to kernel configs for making design/dev decisions regarding whether we can depend on a certain kernel primitive. The boot configs part of this repo helped in making an informed choice. > Note: The lists below are sorted based on kernel version number. From 9845ca942eebbda2c32b67709545e697f1d43695 Mon Sep 17 00:00:00 2001 From: Rahul Jadhav Date: Sun, 20 Jul 2025 07:11:59 +0530 Subject: [PATCH 2/4] simplified instructions Signed-off-by: Rahul Jadhav --- tools/footer.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tools/footer.md b/tools/footer.md index 83269b5..6179222 100644 --- a/tools/footer.md +++ b/tools/footer.md @@ -4,7 +4,7 @@
Adding a new distro -Use following command to create a Distro/Kernel specific folder with the corresponding markdowns: +ssh/login to the target Linux machine and run: ``` curl -s https://lkc.rjed.in/ | bash -s ``` @@ -12,9 +12,10 @@ if `curl` is not available, use `wget` ... ``` wget -q -O- https://lkc.rjed.in/ | bash -s ``` +This will create a folder with the name of the distro. -1. Copy the folder to your github fork -2. Run `make` +1. Copy the folder to your `linux-kernel-configs` git repo. +2. Run `make`. This will update the `README.md` file with the distro you added. 3. Raise a PR
@@ -28,7 +29,7 @@ Composition means a set of kernel configuration options shown in the context of To create a new composition: 1. Create a new composition file. Use [tools/compositions/lsm.yaml](tools/compositions/lsm.yaml) as ref. 2. Do a `make` -3. Check if the composition is reflected in the [README.md](README.md) +3. Check if the composition is reflected in the [README.md](README.md). 4. Raise a PR with the changes From 8e4688bbd5d17845612aa4b73dd561915dae2310 Mon Sep 17 00:00:00 2001 From: Rahul Jadhav Date: Sun, 20 Jul 2025 08:32:46 +0530 Subject: [PATCH 3/4] added summary view Signed-off-by: Rahul Jadhav --- README.md | 28 ++++++++++++--- tools/common.sh | 88 ++++++++++++++++++++++++++++++++++++++++++++++++ tools/gendoc.sh | 87 ++--------------------------------------------- tools/summary.sh | 62 ++++++++++++++++++++++++++++++++++ 4 files changed, 177 insertions(+), 88 deletions(-) create mode 100644 tools/common.sh create mode 100755 tools/summary.sh diff --git a/README.md b/README.md index d138666..521cd47 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,25 @@ There is often a need to check a kernel config and other OS configuration to mak > Note: The lists below are sorted based on kernel version number. + +## Distribution Summary + +Total Distros: 65 + +| Kernel Major Ver | Count | +|:----------------:|:-------:| +| >= 6.0 |17| +| >= 5.0 && < 6.0 |28| +| >= 4.0 && < 5.0: |17| +| < 4.0 |3| + +| Kernel Arch | Count | +|:-----------:|:-------:| +| x86 |60| +| arm |4| +| powerpc |1| +| unknown |0| +

Distribution Details

| Distro | Arch | Kernel | Kernel Config | hostnamectl | os-release | @@ -664,7 +683,7 @@ There is often a need to check a kernel config and other OS configuration to mak

Adding a new distro -Use following command to create a Distro/Kernel specific folder with the corresponding markdowns: +ssh/login to the target Linux machine and run: ``` curl -s https://lkc.rjed.in/ | bash -s ``` @@ -672,9 +691,10 @@ if `curl` is not available, use `wget` ... ``` wget -q -O- https://lkc.rjed.in/ | bash -s ``` +This will create a folder with the name of the distro. -1. Copy the folder to your github fork -2. Run `make` +1. Copy the folder to your `linux-kernel-configs` git repo. +2. Run `make`. This will update the `README.md` file with the distro you added. 3. Raise a PR
@@ -688,7 +708,7 @@ Composition means a set of kernel configuration options shown in the context of To create a new composition: 1. Create a new composition file. Use [tools/compositions/lsm.yaml](tools/compositions/lsm.yaml) as ref. 2. Do a `make` -3. Check if the composition is reflected in the [README.md](README.md) +3. Check if the composition is reflected in the [README.md](README.md). 4. Raise a PR with the changes
diff --git a/tools/common.sh b/tools/common.sh new file mode 100644 index 0000000..4a73fa9 --- /dev/null +++ b/tools/common.sh @@ -0,0 +1,88 @@ +#!/usr/bin/env bash + +YQ=`dirname $0`/yq # Use yq.exe on windows +TMP_OSREL=temporary_osrel.txt +TMP_HOSTCTL=temporary_hostnamectl.txt +TMP_BOOTCFG=temporary_bootconfig.txt + +statusline() +{ + ORANGE="\033[0;33m" + RED="\033[0;31m" + GREEN="\033[0;32m" + CYAN="\033[0;36m" + NC="\033[0m" # No Color + + status=$1 + shift + [[ $status == AOK ]] || [[ $status == "0" ]] && + { + printf "[${GREEN}OK${NC}] $*\n" + return + } + [[ $status == WARN ]] && + { + printf "[${ORANGE}WARN${NC}] $*\n" + return + } + [[ $status == WAIT ]] && + { + printf "[${CYAN}..${NC}] $*\r" + return + } + printf "[${RED}FAIL${NC}] $*\n" + exit 1 +} + +getDistro() +{ + if [ -f "$TMP_OSREL" ]; then + . $TMP_OSREL + DISTRO_NAME=$PRETTY_NAME + return + fi + DISTRO_NAME=`grep "Operating System:" $TMP_HOSTCTL | sed 's/.*: //g'` +} + +getArchKrnVer() +{ + STR=`grep "^#.* Linux.*Kernel Configuration" $TMP_BOOTCFG | head -1 | awk '{print $2,$3}'` + ARCH=${STR/ */} + ARCH=${ARCH/*\//} + KRNVER=${STR/* /} +# KRNVER=${KRNVER/-*/} +} + +forEveryPlatform() +{ + [[ "$1" == "" ]] && statusline ERR "invalid use of forEveryPlatform" + while read line; do + rm -f $TMP_OSREL $TMP_HOSTCTL $TMP_BOOTCFG + line=`echo $line | sed 's/|/\//g'` + PLATFORM="$line" + PLATFORM_PATH="${line// /%20}" + BOOTCONFIG="$line/bootconfig.md" + [[ ! -f "$BOOTCONFIG" ]] && continue + awk '/\`\`\`/,/\`\`\`/' "$BOOTCONFIG" | grep -v "\`\`\`" > $TMP_BOOTCFG + + HOSTNAMECTL="$line/hostnamectl.md" + [[ -f "$HOSTNAMECTL" ]] && awk '/\`\`\`/,/\`\`\`/' "$HOSTNAMECTL" | grep -v "\`\`\`" > $TMP_HOSTCTL + OSREL="$line/os-release.md" + [[ -f "$OSREL" ]] && awk '/\`\`\`/,/\`\`\`/' "$OSREL" | grep -v "\`\`\`" > $TMP_OSREL + [[ ! -f "$TMP_OSREL" ]] && [[ ! -f "$TMP_HOSTCTL" ]] && + statusline WARN "neither os-release nor hostnamectl found for [$PLATFORM]" && continue + + getDistro + getArchKrnVer + $1 + done < <(find . -mindepth 2 -maxdepth 2 -type d | \grep ".*/.*/[0-9]\..*" | sed 's/\//|/g' | sort -k3 -t'|' -Vr) + #done < <(find . -mindepth 2 -maxdepth 2 -type d | sort) +} + +cleanup() +{ + rm -f $TMP_OSREL $TMP_HOSTCTL $TMP_BOOTCFG + statusline AOK "done with processing" +} + +export LC_ALL=en_US.UTF-8 diff --git a/tools/gendoc.sh b/tools/gendoc.sh index 793dee9..dbc86a7 100755 --- a/tools/gendoc.sh +++ b/tools/gendoc.sh @@ -1,42 +1,11 @@ #!/usr/bin/env bash -YQ=`dirname $0`/yq # Use yq.exe on windows HDR_MD=`dirname $0`/header.md FTR_MD=`dirname $0`/footer.md YAMLS="$*" -TMP_OSREL=temporary_osrel.txt -TMP_HOSTCTL=temporary_hostnamectl.txt -TMP_BOOTCFG=temporary_bootconfig.txt MD="README.md" -statusline() -{ - ORANGE="\033[0;33m" - RED="\033[0;31m" - GREEN="\033[0;32m" - CYAN="\033[0;36m" - NC="\033[0m" # No Color - - status=$1 - shift - [[ $status == AOK ]] || [[ $status == "0" ]] && - { - printf "[${GREEN}OK${NC}] $*\n" - return - } - [[ $status == WARN ]] && - { - printf "[${ORANGE}WARN${NC}] $*\n" - return - } - [[ $status == WAIT ]] && - { - printf "[${CYAN}..${NC}] $*\r" - return - } - printf "[${RED}FAIL${NC}] $*\n" - exit 1 -} +. `dirname $0`/common.sh prerequisites() { @@ -97,25 +66,6 @@ forEveryComposition() echo "$colstr" >> "$MD" } -getDistro() -{ - if [ -f "$TMP_OSREL" ]; then - . $TMP_OSREL - DISTRO_NAME=$PRETTY_NAME - return - fi - DISTRO_NAME=`grep "Operating System:" $TMP_HOSTCTL | sed 's/.*: //g'` -} - -getArchKrnVer() -{ - STR=`grep "^#.* Linux.*Kernel Configuration" $TMP_BOOTCFG | head -1 | awk '{print $2,$3}'` - ARCH=${STR/ */} - ARCH=${ARCH/*\//} - KRNVER=${STR/* /} -# KRNVER=${KRNVER/-*/} -} - addCommonEntry() { hoststr="NotAvailable" @@ -127,32 +77,6 @@ addCommonEntry() EOF } -forEveryPlatform() -{ - [[ "$1" == "" ]] && statusline ERR "invalid use of forEveryPlatform" - while read line; do - rm -f $TMP_OSREL $TMP_HOSTCTL $TMP_BOOTCFG - line=`echo $line | sed 's/|/\//g'` - PLATFORM="$line" - PLATFORM_PATH="${line// /%20}" - BOOTCONFIG="$line/bootconfig.md" - [[ ! -f "$BOOTCONFIG" ]] && continue - awk '/\`\`\`/,/\`\`\`/' "$BOOTCONFIG" | grep -v "\`\`\`" > $TMP_BOOTCFG - - HOSTNAMECTL="$line/hostnamectl.md" - [[ -f "$HOSTNAMECTL" ]] && awk '/\`\`\`/,/\`\`\`/' "$HOSTNAMECTL" | grep -v "\`\`\`" > $TMP_HOSTCTL - OSREL="$line/os-release.md" - [[ -f "$OSREL" ]] && awk '/\`\`\`/,/\`\`\`/' "$OSREL" | grep -v "\`\`\`" > $TMP_OSREL - [[ ! -f "$TMP_OSREL" ]] && [[ ! -f "$TMP_HOSTCTL" ]] && - statusline WARN "neither os-release nor hostnamectl found for [$PLATFORM]" && continue - - getDistro - getArchKrnVer - $1 - done < <(find . -mindepth 2 -maxdepth 2 -type d | \grep ".*/.*/[0-9]\..*" | sed 's/\//|/g' | sort -k3 -t'|' -Vr) - #done < <(find . -mindepth 2 -maxdepth 2 -type d | sort) -} - forEveryConfig() { for YAML in `echo $YAMLS`; do @@ -182,12 +106,6 @@ EOF done } -cleanup() -{ - rm -f $TMP_OSREL $TMP_HOSTCTL $TMP_BOOTCFG - statusline AOK "done with processing" -} - main() { trap cleanup EXIT @@ -197,6 +115,8 @@ main() `cat $HDR_MD` +`tools/summary.sh` +

Distribution Details

| Distro | Arch | Kernel | Kernel Config | hostnamectl | os-release | @@ -217,5 +137,4 @@ EOF EOF } -export LC_ALL=en_US.UTF-8 main diff --git a/tools/summary.sh b/tools/summary.sh new file mode 100755 index 0000000..50cbba8 --- /dev/null +++ b/tools/summary.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +. `dirname $0`/common.sh + +distcnt=0 + +krn_ge_6=0 +krn_ge_5=0 +krn_ge_4=0 +krn_lt_4=0 + +arch_x86=0 +arch_arm=0 +arch_ppc=0 +arch_unk=0 + +handlePlatform() +{ + krn_major=${KRNVER/\.*/} + case 1 in + $((krn_major >= 6))) ((krn_ge_6++));; + $((krn_major >= 5))) ((krn_ge_5++));; + $((krn_major >= 4))) ((krn_ge_4++));; + *) ((krn_lt_4++));; + esac + case "$ARCH" in + x86*) ((arch_x86++)) ;; + arm*) ((arch_arm++)) ;; + powerpc*) ((arch_ppc++)) ;; + *) ((arch_unk++)) ;; + esac + ((distcnt++)) +} + +main() +{ + distcnt=0 + forEveryPlatform handlePlatform + echo ; + cat <<-EOF +## Distribution Summary + +Total Distros: $distcnt + +| Kernel Major Ver | Count | +|:----------------:|:-------:| +| >= 6.0 |$krn_ge_6| +| >= 5.0 && < 6.0 |$krn_ge_5| +| >= 4.0 && < 5.0: |$krn_ge_4| +| < 4.0 |$krn_lt_4| + +| Kernel Arch | Count | +|:-----------:|:-------:| +| x86 |$arch_x86| +| arm |$arch_arm| +| powerpc |$arch_ppc| +| unknown |$arch_unk| + +EOF +} + +main From b6f743413f54b4e062a96548188c182369c8f88d Mon Sep 17 00:00:00 2001 From: Rahul Jadhav Date: Sun, 20 Jul 2025 08:38:44 +0530 Subject: [PATCH 4/4] updated summary view Signed-off-by: Rahul Jadhav --- README.md | 8 ++++++++ tools/summary.sh | 7 +++++++ 2 files changed, 15 insertions(+) diff --git a/README.md b/README.md index 521cd47..62f3d22 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,10 @@ There is often a need to check a kernel config and other OS configuration to mak Total Distros: 65 + + +
Kernel Major Kernel Arch
+ | Kernel Major Ver | Count | |:----------------:|:-------:| | >= 6.0 |17| @@ -22,6 +26,8 @@ Total Distros: 65 | >= 4.0 && < 5.0: |17| | < 4.0 |3| + + | Kernel Arch | Count | |:-----------:|:-------:| | x86 |60| @@ -29,6 +35,8 @@ Total Distros: 65 | powerpc |1| | unknown |0| +
+

Distribution Details

| Distro | Arch | Kernel | Kernel Config | hostnamectl | os-release | diff --git a/tools/summary.sh b/tools/summary.sh index 50cbba8..c51293c 100755 --- a/tools/summary.sh +++ b/tools/summary.sh @@ -42,6 +42,10 @@ main() Total Distros: $distcnt + + +
Kernel Major Kernel Arch
+ | Kernel Major Ver | Count | |:----------------:|:-------:| | >= 6.0 |$krn_ge_6| @@ -49,6 +53,8 @@ Total Distros: $distcnt | >= 4.0 && < 5.0: |$krn_ge_4| | < 4.0 |$krn_lt_4| + + | Kernel Arch | Count | |:-----------:|:-------:| | x86 |$arch_x86| @@ -56,6 +62,7 @@ Total Distros: $distcnt | powerpc |$arch_ppc| | unknown |$arch_unk| +
EOF }