Alix.3d3でNanoBSDを動かす(4) ~CFイメージ(slim)の作成~

なんとか、ちゃんとブートするCFイメージが作れるようになったので、次はカーネルや、インストールされるツールから出来る限り不要なものを削ったものを作ります。
CFは4GBの大きさがあるので、容量的にはいろいろ削る必要性は無いのですが、セキュリティ上のリスクを軽減したり、実メモリを有効活用するりはカーネルやインストールされるツールを削減する必要があると思って、出来る限りスリムなイメージファイルを作ることにしました。
今回使ったカーネルコンフィグファイルは以下の通り。

cpu        I586_CPU
cpu        I686_CPU
options        CPU_GEODE
ident        ALIX3D3

options     SCHED_ULE        # ULE scheduler
options     PREEMPTION        # Enable kernel thread preemption
options     INET            # InterNETworking
options     INET6            # IPv6 communications protocols
options     FFS            # Berkeley Fast Filesystem
options     SOFTUPDATES        # Enable FFS soft updates support
options     UFS_ACL            # Support for access control lists
options     UFS_DIRHASH        # Improve performance on big directories
options     UFS_GJOURNAL        # Enable gjournal-based UFS journaling
options     MD_ROOT            # MD is a potential root device
options     PROCFS            # Process filesystem (requires PSEUDOFS)
options     PSEUDOFS        # Pseudo-filesystem framework
options     GEOM_PART_GPT        # GUID Partition Tables.
options     GEOM_LABEL        # Provides labelization
options     COMPAT_43TTY        # BSD 4.3 TTY compat (sgtty)
options     COMPAT_FREEBSD4        # Compatible with FreeBSD4
options     COMPAT_FREEBSD5        # Compatible with FreeBSD5
options     COMPAT_FREEBSD6        # Compatible with FreeBSD6
options     COMPAT_FREEBSD7        # Compatible with FreeBSD7
options     SCSI_DELAY=5000        # Delay (in ms) before probing SCSI
options     KTRACE            # ktrace(1) support
options     STACK            # stack(9) support
options     SYSVSHM            # SYSV-style shared memory
options     SYSVMSG            # SYSV-style message queues
options     SYSVSEM            # SYSV-style semaphores
options     P1003_1B_SEMAPHORES    # POSIX-style semaphores
options     _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options     PRINTF_BUFR_SIZE=128    # Prevent printf output being interspersed.
options     KBD_INSTALL_CDEV    # install a CDEV entry in /dev
options     HWPMC_HOOKS        # Necessary kernel hooks for hwpmc(4)
options     AUDIT            # Security event auditing
options     MAC            # TrustedBSD MAC Framework
options        FLOWTABLE        # per-cpu routing cache

# CPU frequency control
device        cpufreq

# Bus support.
device        pci

# ATA and ATAPI devices
device        ata
device        atadisk        # ATA disk drives
options     ATA_STATIC_ID    # Static device numbering

# atkbdc0 controls both the keyboard and the PS/2 mouse
device        atkbdc        # AT keyboard controller
device        atkbd        # AT keyboard

device        kbdmux        # keyboard multiplexer

device        vga        # VGA video card driver

device        splash        # Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device        sc

# Power management support (see NOTES for more options)
device        apm
device        apm_saver

# Add suspend/resume support for the i8254.
device        pmtimer

# Serial (COM) ports
device        uart        # Generic UART driver

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device        miibus        # MII bus support
device        vr        # VIA Rhine, Rhine II

# Pseudo devices.
device        loop        # Network loopback
device        random        # Entropy device
device        ether        # Ethernet support
device        tun        # Packet tunnel.
device        pty        # BSD-style compatibility pseudo ttys
device        md        # Memory "disks"
device        gif        # IPv6 and IPv4 tunneling
device        faith        # IPv6-to-IPv4 relaying (translation)
device        firmware    # firmware assist module

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device        bpf        # Berkeley packet filter

# USB support
device        uhci        # UHCI PCI->USB interface
device        ohci        # OHCI PCI->USB interface
device        ehci        # EHCI PCI->USB interface (USB 2.0)
device        usb        # USB Bus (required)
device        uhid        # "Human Interface Devices"
device        ukbd        # Keyboard

そして、NanoBSDのBuildに使ったコンフィグファイルは以下の通り。

NANO_NAME=alix3d3
NANO_KERNEL=ALIX3D3
NANO_MEDIASIZE=7835184
NANO_HEADS=16
NANO_SECTS=63
NANO_BOOT0CFG="-o nopacket -s 1 -m 3"
NANO_BOOTLOADER="boot/boot0"

CONF_WORLD='
WITHOUT_ACCT=YES
WITHOUT_ACPI=YES
WITHOUT_AMD=YES
WITHOUT_ATM=YES
WITHOUT_BLUETOOTH=YES
WITHOUT_CALENDAR=YES
WITHOUT_CTM=YES
WITHOUT_CVS=YES
WITHOUT_DICT=YES
WITHOUT_EXAMPLES=YES
WITHOUT_FLOPPY=YES
WITHOUT_FREEBSD_UPDATE=YES
WITHOUT_GAMES=YES
WITHOUT_GCOV=YES
WITHOUT_GDB=YES
WITHOUT_GPIB=YES
WITHOUT_GROFF=YES
WITHOUT_HTML=YES
WITHOUT_INFO=YES
WITHOUT_IPFILTER=YES
WITHOUT_IPFW=YES
WITHOUT_IPX=YES
WITHOUT_IPX_SUPPORT=YES
WITHOUT_NCP=YES
WITHOUT_LOCALES=YES
WITHOUT_LOCATE=YES
WITHOUT_LPR=YES
WITHOUT_MAIL=YES
WITHOUT_MAILWRAPPER=YES
WITHOUT_SENDMAIL=YES
WITHOUT_MAKE=YES
WITHOUT_MAN=YES
WITHOUT_NDIS=YES
WITHOUT_NETCAT=YES
WITHOUT_NETGRAPH=YES
WITHOUT_NETGRAPH_SUPPORT=YES
WITHOUT_NIS=YES
WITHOUT_OBJC=YES
WITHOUT_PF=YES
WITHOUT_AUTHPF=YES
WITHOUT_PKGTOOLS=YES
WITHOUT_PORTSNAP=YES
WITHOUT_PPP=YES
WITHOUT_PROFILE=YES
WITHOUT_QUOTAS=YES
WITHOUT_RCS=YES
WITHOUT_ROUTED=YES
WITHOUT_SHAREDOCS=YES
WITHOUT_SYSINSTALL=YES
WITHOUT_WIRELESS=YES
WITHOUT_WIRELESS_SUPPORT=YES
WITHOUT_ZFS=YES
'

CONF_INSTALL='
WITHOUT_CXX=YES
WITHOUT_TOOLCHAIN=YES
WITHOUT_INSTALLLIB=YES
'
customize_cmd cust_install_files