On 07/11/2015 13:59, Fernando de Oliveira wrote:
> Em 07-11-2015 05:52, Pierre Labastie escreveu:
>> On 07/11/2015 02:41, Bruce Dubbs wrote:
>>> Ken Moffat wrote:
>>>> On Sat, Nov 07, 2015 at 01:10:53AM +0100, Tim Tassonis wrote:
>>>>> Hi all
>>>>>
>>>>> I just read that in order to sign modules in the latest 4.3 kernel, one
>>>>> has
>>>>> to have openssl installed.
>>>>>
>>>>> I just wondered if it would be an idea to move openssl from blfs to lfs?
>>>>> Not
>>>>> that I personally need this feature urgently or really want to advocate
>>>>> the
>>>>> change.
>>>>>
>>>>> But since openssl probably already is one of the first blfs packages
>>>>> people
>>>>> install (to get remote ssh access via openssh), it also wouldn't harm much
>>>>> moving it to lfs.
>>>
>>>> I think most LFS builders do not need to sign kernel modules, indeed
>>>> some LFS users try to avoid modules altogether. I really do not
>>>> think that many of our (LFS,BLFS) users will get any benefit from
>>>> signng their modules.
>>>>
>>>> Also, while people building {.B}LFS on servers or firewalls are likely
>>>> to use ssh, I suspect that the proportion of our desktop builders who
>>>> use openssh is below 50%.
>>>
>>> I agree with you Ken that LFS users don't really have a need to sign (or
>>> use)
>>> modules. However, I would think that desktop users would want ssh too.
>>> Even
>>> if a build is in a virtual system, ssh makes it very easy to build where
>>> copy/paste is not always easy directly into a virtual system.
>>>
>>> I think one of the hardest parts of building a desktop is between the end of
>>> LFS and when Xorg is completed with a decent graphical browser. I know it
>>> can
>>> be done in chroot, but I don't think that is the easiest way.
>>>
>>
>> I try to avoid chroot as soon as possible, and the survival kit for that, in
>> the absence of X, is gpm (for copy-paste), wget (for downloading tarballs)
>> and
>> lynx (for reading the book and browsing). But owing to the number of https
>> adresses on the internet nowadays, openssl needs to be built in the last two.
>>
>> Not sure it justifies having openssl in LFS, though.
>>
>> Pierre
>>
>
> MIT Kerberos V5-1.13.2 is an optional dependency.
>
> There are also two circular dependencies:
>
> {{{
> Most users will want to install Certificate Authority Certificates for
> validation of downloaded certificates. For example, these certificates
> can be used by git-2.6.0, cURL-7.45.0 or Wget-1.16.3 when accessing
> secure (https protocol) sites. To do this, follow the instructions from
> the Certificate Authority Certificates page.
> }}
>
> I think this a package for BLFS.
>
We did not say it the same way, but I think we agree...
Pierre
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
