On Fri, 2006-05-26 at 18:40 -0400, Robert Connolly wrote: > On May 26, 2006 01:35 pm, George Boudreau wrote: > > If Robert says he has built a > > hlfs(svn)-> hlfs(svn) then that is the end of the story and I will look > > at my setup. > > I have, but it was quite a while ago. Most of my builds are with uclibc. I > think I did rebuild hlfs glibc, from hlfs, but I may have rebooted with some > or all of the grsecurity options disabled. I noticed there is a > glibc-localedef-segfault patch in the patch repository, but I haven't tried > it. localedef was crashing when I rebuilt glibc on hlfs, which is maybe why I > disabled grsecurity. So many things have changed since then, its hard to say > why you are having difficulties.
This is my experience.
HLFS(security enabled) will build uclibc(bog standard build), with the
exceptions of
1. The 2.6.14.6 kernel patch for frandom.c is broken. NO boot
2. The enclosed set of issues, which is the output of
grep -e 'Error' -e 'Permission' $HLFS/jhalfs/logs > file
3. The 2.6.12.0 kernel headers are becoming increasingly out of date.
4. I only had toolset checking set, so test results are not exhaustive.
You will see that in ncurses, in chapter 5, user lfs is running ldconfig
in the main system. I don't like the perl failures, as I found the perl
from lfs-5.0 (The last one I tested exhaustively) to be flawed in that
'spamassassin -r', for instance, failed to find things it should have.
I think some of those guys run perl suid root, however, so it could be
their testing.
HLFS(security enabled) will _not_ build the glibc version, as glibc
breaks if you have sensible options set up. The particular options
relate to the kernel's making up it's mind about a program's use of ram.
As i read it, the mechanism of attack was often
Buffer overrun --> 2. overwrite pointers --> 3. point to hacker code in
ram
Kernel & gcc patches and options that stop 2 & 3 above break localedef.
The hlfs book highlighted one (CONFIG_PAX_EMUTRAMP), but reconfiguring a
2.6.14.3 kernel with that disabled did not help localedef.
Give me a link to the patch, and I'll build once more, before I go away
and try 90% on the hlfs-svn/uclibc build with newer headers and maybe
gcc ('The gospel according to Kevin Day':).
--
With Best Regards,
Declan Moriarty.
standard.uclibc.probs.bz2
Description: application/bzip
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
