I'm new to embedded Linux, and wish to put an openVPN server in flash memory. The goal is to achieve an absolute minimum application footprint on the file system.
In the Windows world that I'm familiar with I could use a 'dependency walker' to see what libraries the application needed, or use Sysinternals 'filemon' program to see what files the program accessed.
I would appreciate any tips or techniques on how to best accomplish this in a Linux environment (Kernel is 2.6, probably close to a Fedora type distribution).
Both can be done in linux using lsof - Both the libs used by the process and its open files can be shown at runtime. The number of dependencies for a vpn server is likely to be small.
Start by setting the vpn up on a full system - once your happy start again with a bare minimum and add back in only the needed components. Plenty of firewall/vpn images exist already, sure you not re-inventing what you could just download ?
Thanks for taking time to reply. I will investigate the utility that you mentioned.
I sure could be working harder than smarter!
I have found great repositories of RPM's, but I'm not quite sure what you mean by an image and how to search for it. I'm installing RPM's on a Mac iBook (power pc based) running Fedora core 4 and moving files onto the NFS mount for the power pc based single board computer. It is running, but I'm sure I have bloat. I'm also sure that an experienced person may approach things more efficiently.
Nahh, sounds like a good way to me. Its a nice idea to start with just kernel+bash and work out, but its by far the slowest way to build something as you tend to be missing tools needed for NFS, ssh, compiler,editor etc - adding them in one layer at a time sucks ! Its just as valid to start with an installed O/S and then remove unused bits, just not as 'pure'.
With rpm you can rpm -q to get a list of packages then rpm -e them working out the correct order of removal to leave just a minimum working system, be careful to backup what you have first - i've had this process end badly ! . If it fits the media just stick with it unless its a product for production.
Image refers to a filesystem in its raw form, so an ISO file is just one type of image, but any filesystem can be imaged. High level O/S tend to be installed, but most embedded products are just produced from an image (pattern) via some kind of hardware to write the media. Thats network install, or copy onto a card from a PC, maybe even writing a flash chip with a programmer ... That way you can bang out as many of your product as you need without worrying about installing each one.
A raw image would be to 'dd' the card to a file, often a bad idea in reality. Card or CD images exist for intel PCs and arm based routers/vpns, but I suspect PPC images are rarer.
Well, the easy/hard way is to build a crosstool chain (even if you're on the same architecture), and copy only a minimum set of libs - glibc, ld.so, so on. Then build the kernel and busybox, install busybox to the target, and presto! Minimal functioning system.
Now add your one app - openVPN - build it using the toolchain, and install to the target.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.