Em 07-11-2015 11:30, Pierre Labastie escreveu:
> On 07/11/2015 13:59, Fernando de Oliveira wrote:
>> Em 07-11-2015 05:52, Pierre Labastie escreveu:
>>> On 07/11/2015 02:41, Bruce Dubbs wrote:
>>>> Ken Moffat wrote:
>>>>> On Sat, Nov 07, 2015 at 01:10:53AM +0100, Tim Tassonis wrote:
>>>>>> Hi all
>>>>>>
>>>>>> I just read that in order to sign modules in the latest 4.3 kernel, one
>>>>>> has
>>>>>> to have openssl installed.
>>>>>>
>>>>>> I just wondered if it would be an idea to move openssl from blfs to lfs?
>>>>>> Not
>>>>>> that I personally need this feature urgently or really want to advocate
>>>>>> the
>>>>>> change.
>>>>>>
>>>>>> But since openssl probably already is one of the first blfs packages
>>>>>> people
>>>>>> install (to get remote ssh access via openssh), it also wouldn't harm
>>>>>> much
>>>>>> moving it to lfs.
>>>>
>>>>> I think most LFS builders do not need to sign kernel modules, indeed
>>>>> some LFS users try to avoid modules altogether. I really do not
>>>>> think that many of our (LFS,BLFS) users will get any benefit from
>>>>> signng their modules.
>>>>>
>>>>> Also, while people building {.B}LFS on servers or firewalls are likely
>>>>> to use ssh, I suspect that the proportion of our desktop builders who
>>>>> use openssh is below 50%.
>>>>
>>>> I agree with you Ken that LFS users don't really have a need to sign (or
>>>> use)
>>>> modules. However, I would think that desktop users would want ssh too.
>>>> Even
>>>> if a build is in a virtual system, ssh makes it very easy to build where
>>>> copy/paste is not always easy directly into a virtual system.
>>>>
>>>> I think one of the hardest parts of building a desktop is between the end
>>>> of
>>>> LFS and when Xorg is completed with a decent graphical browser. I know it
>>>> can
>>>> be done in chroot, but I don't think that is the easiest way.
>>>>
>>>
>>> I try to avoid chroot as soon as possible, and the survival kit for that, in
>>> the absence of X, is gpm (for copy-paste), wget (for downloading tarballs)
>>> and
>>> lynx (for reading the book and browsing). But owing to the number of https
>>> adresses on the internet nowadays, openssl needs to be built in the last
>>> two.
>>>
>>> Not sure it justifies having openssl in LFS, though.
>>>
>>> Pierre
>>>
>>
>> MIT Kerberos V5-1.13.2 is an optional dependency.
>>
>> There are also two circular dependencies:
>>
>> {{{
>> Most users will want to install Certificate Authority Certificates for
>> validation of downloaded certificates. For example, these certificates
>> can be used by git-2.6.0, cURL-7.45.0 or Wget-1.16.3 when accessing
>> secure (https protocol) sites. To do this, follow the instructions from
>> the Certificate Authority Certificates page.
>> }}
>>
>> I think this a package for BLFS.
s/this/this is/
>
> We did not say it the same way, but I think we agree...
> Pierre
>
Yes, thanks. Was trying to be more assertive, so there was no doubt
about it.
--
[]s,
Fernando, aka SÃsifo
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
