cvs commit: ALFS/profiles/BLFS/chapter04 cracklib.xml tripwire.xml gnupg.xml iptables.xml linuxpam.xml shadow.xml

thomasp at linuxfromscratch.org thomasp at linuxfromscratch.org
Sat May 15 19:14:13 PDT 2004


thomasp     04/05/15 20:14:13

  Modified:    profiles/BLFS BLFS.xml packages.ent
               profiles/BLFS/chapter04 gnupg.xml iptables.xml linuxpam.xml
                        shadow.xml
  Added:       profiles/BLFS/chapter04 cracklib.xml tripwire.xml
  Log:
  Chapter 4 Updated
  
  Revision  Changes    Path
  1.24      +2 -1      ALFS/profiles/BLFS/BLFS.xml
  
  Index: BLFS.xml
  ===================================================================
  RCS file: /home/cvsroot/ALFS/profiles/BLFS/BLFS.xml,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- BLFS.xml	15 May 2004 08:06:30 -0000	1.23
  +++ BLFS.xml	16 May 2004 02:14:12 -0000	1.24
  @@ -92,6 +92,7 @@
   
   </stage>
   
  +<!--
   <stage name="Chapter 8 (General Libraries)">
   
       &openssl;
  @@ -136,7 +137,7 @@
       &imlib2;
   
   </stage>
  -
  +-->
   
   <stage name="Chapter 10 (General Utilities)">
   
  
  
  
  1.31      +55 -53    ALFS/profiles/BLFS/packages.ent
  
  Index: packages.ent
  ===================================================================
  RCS file: /home/cvsroot/ALFS/profiles/BLFS/packages.ent,v
  retrieving revision 1.30
  retrieving revision 1.31
  diff -u -r1.30 -r1.31
  --- packages.ent	15 May 2004 07:20:24 -0000	1.30
  +++ packages.ent	16 May 2004 02:14:13 -0000	1.31
  @@ -15,7 +15,7 @@
   <!ENTITY linuxpam-package   "Linux-PAM-&linuxpam-version;.tar.bz2">
   <!ENTITY linuxpam-directory "Linux-PAM-&linuxpam-version;">
   
  -<!ENTITY linuxpam-linkage-patch "Linux-PAM-&linuxpam-version;-linkage-2.patch">
  +<!ENTITY linuxpam-linkage-patch "Linux-PAM-&linuxpam-version;-linkage-3.patch">
   
   <!ENTITY shadow-version   "4.0.4.1">
   <!ENTITY shadow-package   "shadow-&shadow-version;.tar.bz2">
  @@ -39,6 +39,10 @@
   <!-- the content of the following entity should be the name of your policy file for tripwire -->
   <!--<!ENTITY tripwire-policy-file "tripwire-policy.txt">-->
   <!ENTITY tripwire-policy-file "twpol-all.txt">
  +<!ENTITY tripwire-mail-domain "mail.domain.com">
  +<!ENTITY tripwire-smtp-port "25">
  +<!ENTITY tripwire-sitepassphrase "blahville">
  +<!ENTITY tripwire-localpassphrase "blahville2">
   
   
   <!--************* packages for chapter 5 *************-->
  @@ -88,99 +92,97 @@
   
   <!--************* packages for chapter 8 *************-->
   
  -<!ENTITY openssl-version   "0.9.7c">
  -<!ENTITY openssl-package   "openssl-0.9.7c.tar.gz">
  -<!ENTITY openssl-directory "openssl-0.9.7c">
  -
  -<!ENTITY openssl-patch     "openssl-0.9.7c-manpages.patch">
  +<!ENTITY openssl-version   "0.9.7d">
  +<!ENTITY openssl-package   "openssl-&openssl-version;.tar.gz">
  +<!ENTITY openssl-directory "openssl-&openssl-version;">
   
   <!ENTITY pcre-version   "4.5">
  -<!ENTITY pcre-package   "pcre-4.5.tar.bz2">
  -<!ENTITY pcre-directory "pcre-4.5">
  +<!ENTITY pcre-package   "pcre-&pcre-version;.tar.bz2">
  +<!ENTITY pcre-directory "pcre-&pcre-version;">
   
   <!ENTITY popt-version   "1.7">
  -<!ENTITY popt-package   "popt-1.7.tar.gz">
  -<!ENTITY popt-directory "popt-1.7">
  +<!ENTITY popt-package   "popt-&popt-version;.tar.gz">
  +<!ENTITY popt-directory "popt-&popt-version;">
   
   <!ENTITY slang-version   "1.4.9">
  -<!ENTITY slang-package   "slang-1.4.9.tar.bz2">
  -<!ENTITY slang-directory "slang-1.4.9">
  +<!ENTITY slang-package   "slang-&slang-version;.tar.bz2">
  +<!ENTITY slang-directory "slang-&slang-version;">
   
  -<!ENTITY libfam-version   "2.6.10">
  -<!ENTITY libfam-package   "fam-2.6.10.tar.gz">
  -<!ENTITY libfam-directory "fam-2.6.10">
  +<!ENTITY libfam-version   "2.7.0">
  +<!ENTITY libfam-package   "fam-&fam-version;.tar.gz">
  +<!ENTITY libfam-directory "fam-&fam-version;">
   
  -<!ENTITY libfam-patch     "fam-2.6.10-dnotify.patch">
  +<!ENTITY libfam-patch     "fam-&fam-version;-dnotify.patch">
   
   <!ENTITY libxml-version   "1.8.17">
  -<!ENTITY libxml-package   "libxml-1.8.17.tar.gz">
  -<!ENTITY libxml-directory "libxml-1.8.17">
  +<!ENTITY libxml-package   "libxml-&libxml-version;.tar.gz">
  +<!ENTITY libxml-directory "libxml-&libxml-version;">
   
  -<!ENTITY libxml2-version   "2.6.6">
  -<!ENTITY libxml2-package   "libxml2-2.6.6.tar.bz2">
  -<!ENTITY libxml2-directory "libxml2-2.6.6">
  -
  -<!ENTITY libxslt-version   "1.1.4">
  -<!ENTITY libxslt-package   "libxslt-1.1.4.tar.bz2">
  -<!ENTITY libxslt-directory "libxslt-1.1.4">
  +<!ENTITY libxml2-version   "2.6.9">
  +<!ENTITY libxml2-package   "libxml2-&libxml2-version;.tar.bz2">
  +<!ENTITY libxml2-directory "libxml2-&libxml2-version;">
  +
  +<!ENTITY libxslt-version   "1.1.6">
  +<!ENTITY libxslt-package   "libxslt-&libsxlt-version;.tar.bz2">
  +<!ENTITY libxslt-directory "libxslt-&libxslt-version;">
   
   <!ENTITY readline-version   "4.3">
  -<!ENTITY readline-package   "readline-4.3.tar.gz">
  -<!ENTITY readline-directory "readline-4.3">
  +<!ENTITY readline-package   "readline-&readline-version;.tar.gz">
  +<!ENTITY readline-directory "readline-&readline-version;">
   
   <!ENTITY gmp-version   "4.1.2">
  -<!ENTITY gmp-package   "gmp-4.1.2.tar.bz2">
  -<!ENTITY gmp-directory "gmp-4.1.2">
  +<!ENTITY gmp-package   "gmp-&gmp-version;.tar.bz2">
  +<!ENTITY gmp-directory "gmp-&gmp-version;">
   
   <!ENTITY gdbm-version   "1.8.3">
  -<!ENTITY gdbm-package   "gdbm-1.8.3.tar.gz">
  -<!ENTITY gdbm-directory "gdbm-1.8.3">
  +<!ENTITY gdbm-package   "gdbm-&gdbm-version;.tar.gz">
  +<!ENTITY gdbm-directory "gdbm-&gdbm-version;">
   
   <!ENTITY glib-version   "1.2.10">
  -<!ENTITY glib-package   "glib-1.2.10.tar.gz">
  -<!ENTITY glib-directory "glib-1.2.10">
  +<!ENTITY glib-package   "glib-&glib-version;.tar.gz">
  +<!ENTITY glib-directory "glib-&glib-version;">
   
  -<!ENTITY glib2-version   "2.3.1">
  -<!ENTITY glib2-package   "glib-2.3.1.tar.bz2">
  -<!ENTITY glib2-directory "glib-2.3.1">
  +<!ENTITY glib2-version   "2.4.0">
  +<!ENTITY glib2-package   "glib-&glib2-version;.tar.bz2">
  +<!ENTITY glib2-directory "glib-&glib2-version;">
   
   <!ENTITY expat-version   "1.95.7">
  -<!ENTITY expat-package   "expat-1.95.7.tar.gz">
  -<!ENTITY expat-directory "expat-1.95.7">
  +<!ENTITY expat-package   "expat-&expat-version;.tar.gz">
  +<!ENTITY expat-directory "expat-&expat-version;">
   
   <!ENTITY expat-patch     "expat-1.95.6-fix-declaration-order.patch">
   
   <!ENTITY libesmtp-version   "1.0.2">
  -<!ENTITY libesmtp-package   "libesmtp-1.0.2.tar.bz2">
  -<!ENTITY libesmtp-directory "libesmtp-1.0.2">
  +<!ENTITY libesmtp-package   "libesmtp-&libesmtp-version;.tar.bz2">
  +<!ENTITY libesmtp-directory "libesmtp-&libesmtp-version;">
   
   <!ENTITY aspell-version   "0.50.5">
  -<!ENTITY aspell-package   "aspell-0.50.5.tar.gz">
  -<!ENTITY aspell-directory "aspell-0.50.5">
  +<!ENTITY aspell-package   "aspell-&aspell-version;.tar.gz">
  +<!ENTITY aspell-directory "aspell-&aspell-version;">
   
   <!ENTITY ispell-version   "3.2.06.epa7">
  -<!ENTITY ispell-package   "ispell-3.2.06.epa7.tar.bz2">
  -<!ENTITY ispell-directory "ispell-3.2.06.epa7">
  +<!ENTITY ispell-package   "ispell-&ispell-version;.tar.bz2">
  +<!ENTITY ispell-directory "ispell-&ispell-version;">
   
   <!ENTITY guile-version   "1.6.4">
  -<!ENTITY guile-package   "guile-1.6.4.tar.gz">
  -<!ENTITY guile-directory "guile-1.6.4">
  +<!ENTITY guile-package   "guile-&guile-version;.tar.gz">
  +<!ENTITY guile-directory "guile-&guile-version;">
   
   <!ENTITY slib-version   "2d6">
  -<!ENTITY slib-package   "slib2d6.tar.gz">
  +<!ENTITY slib-package   "slib&slib-version;.tar.gz">
   <!ENTITY slib-directory "slib">
   
   <!ENTITY g-wrap-version   "1.3.4">
  -<!ENTITY g-wrap-package   "g-wrap-1.3.4.tar.gz">
  -<!ENTITY g-wrap-directory "g-wrap-1.3.4">
  +<!ENTITY g-wrap-package   "g-wrap-&g-wrap-version;.tar.gz">
  +<!ENTITY g-wrap-directory "g-wrap-&g-wrap-version;">
   
   <!ENTITY lzo-version       "1.08">
  -<!ENTITY lzo-package       "lzo-1.08.tar.gz">
  -<!ENTITY lzo-directory     "lzo-1.08">
  +<!ENTITY lzo-package       "lzo-&lzo-version;.tar.gz">
  +<!ENTITY lzo-directory     "lzo-&lzo-version;">
   
   <!ENTITY libpcap-version    "0.8.1">
  -<!ENTITY libpcap-package    "libpcap-0.8.1.tar.gz">
  -<!ENTITY libpcap-directory  "libpcap-0.8.1">
  +<!ENTITY libpcap-package    "libpcap-&libpcap-version;.tar.gz">
  +<!ENTITY libpcap-directory  "libpcap-&libpcap-version;">
   
   <!--************* packages for chapter 9 *************-->
   
  
  
  
  1.2       +4 -0      ALFS/profiles/BLFS/chapter04/gnupg.xml
  
  Index: gnupg.xml
  ===================================================================
  RCS file: /home/cvsroot/ALFS/profiles/BLFS/chapter04/gnupg.xml,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- gnupg.xml	29 Sep 2003 18:11:25 -0000	1.1
  +++ gnupg.xml	16 May 2004 02:14:13 -0000	1.2
  @@ -1,5 +1,9 @@
   <package name="gnupg" version="&gnupg-version;">
   
  +	<packageinfo>
  +		<utilizes><name>openldap</name></utilizes>
  +	</packageinfo>
  +
   	<stage name="Unpacking a package.">
   		<unpack>
   			<archive>&packages_dir;/&gnupg-package;</archive>
  
  
  
  1.3       +89 -85    ALFS/profiles/BLFS/chapter04/iptables.xml
  
  Index: iptables.xml
  ===================================================================
  RCS file: /home/cvsroot/ALFS/profiles/BLFS/chapter04/iptables.xml,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- iptables.xml	16 Nov 2003 22:55:23 -0000	1.2
  +++ iptables.xml	16 May 2004 02:14:13 -0000	1.3
  @@ -14,10 +14,14 @@
   
   		<make>
   		        <param>PREFIX=/usr</param>
  +			<param>LIBDIR=/usr</param>
  +			<param>BINDIR=/sbin</param>
   		</make>
   
   		<make>
   		        <param>PREFIX=/usr</param>
  +			<param>LIBDIR=/usr</param>
  +			<param>BINDIR=/sbin</param>
   			<param>install</param>
   		</make>
   
  @@ -25,91 +29,91 @@
   	<!-- set-up for personnal firewall -->
   	<!-- other set-ups are available in the Book -->
   
  -	<textdump base="/etc/rc.d/init.d">
  -	<file>firewall</file>
  -	<content>
  -	=#!/bin/sh
  -	=
  -	=# Begin $rc_base/init.d/firewall
  -	=
  -	=# Insert connection-tracking modules (not needed if built into the kernel).
  -	=modprobe ip_tables
  -	=modprobe iptable_filter
  -	=modprobe ip_conntrack
  -	=modprobe ip_conntrack_ftp
  -	=modprobe ipt_state
  -	=modprobe ipt_LOG
  -	=
  -	=# allow local-only connections
  -	=iptables -A INPUT  -i lo -j ACCEPT
  -	=# free output on any interface to any ip for any service (equal to -P ACCEPT)
  -	=iptables -A OUTPUT -j ACCEPT
  -	=
  -	=# permit answers on already established connections
  -	=# and permit new connections related to established ones (eg active-ftp)
  -	=iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  -	=
  -	=# Log everything else:  What's Windows' latest exploitable vulnerability?
  -	=iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT "
  -	=
  -	=# set a sane policy:    everything not accepted > /dev/null
  -	=iptables -P INPUT    DROP
  -	=iptables -P FORWARD  DROP
  -	=iptables -P OUTPUT   DROP
  -	=
  -	=# be verbose on dynamic ip-addresses     (not needed in case of static IP)
  -	=echo 2 > /proc/sys/net/ipv4/ip_dynaddr
  -	=
  -	=# disable ExplicitCongestionNotification - too many routers are still ignorant
  -	=echo 0 > /proc/sys/net/ipv4/tcp_ecn
  -	=
  -	=# End $rc_base/init.d/firewall
  -	</content>
  -	</textdump>
  -
  -	<textdump base="/etc/rc.d/init.d">
  -	<file>firewall.status</file>
  -	<content>
  -	=#!/bin/sh
  -	=
  -	=# Begin $rc_base/init.d/firewall.status
  -	=
  -	=echo "iptables.mangling:"
  -	=iptables -t mangle  -v -L -n --line-numbers
  -	=
  -	=echo
  -	=echo "iptables.nat:"
  -	=iptables -t nat	    -v -L -n --line-numbers
  -	=
  -	=echo
  -	=echo "iptables.filter:"
  -	=iptables	    -v -L -n --line-numbers
  -	</content>
  -	</textdump>
  -
  -	<textdump base="/etc/rc.d/init.d">
  -	<file>firewall.status</file>
  -	<content>
  -	=#!/bin/sh
  -	=
  -	=# Being $rc_base/init.d/firewall.stop
  -	=
  -	=# deactivate IP-Forwarding 
  -	=echo 0 > /proc/sys/net/ipv4/ip_forward
  -	=
  -	=iptables -Z
  -	=iptables -F
  -	=iptables -t nat         -F PREROUTING
  -	=iptables -t nat         -F OUTPUT
  -	=iptables -t nat         -F POSTROUTING
  -	=iptables -t mangle      -F PREROUTING
  -	=iptables -t mangle      -F OUTPUT
  -	=iptables -X
  -	=iptables -P INPUT       ACCEPT
  -	=iptables -P FORWARD     ACCEPT
  -	=iptables -P OUTPUT      ACCEPT
  -	</content>
  -	</textdump>
  +		<textdump base="/etc/rc.d/init.d">
  +			<file>firewall</file>
  +			<content>
  +			=#!/bin/sh
  +			=
  +			=# Begin $rc_base/init.d/firewall
  +			=
  +			=# Insert connection-tracking modules (not needed if built into the kernel).
  +			=modprobe ip_tables
  +			=modprobe iptable_filter
  +			=modprobe ip_conntrack
  +			=modprobe ip_conntrack_ftp
  +			=modprobe ipt_state
  +			=modprobe ipt_LOG
  +			=
  +			=# allow local-only connections
  +			=iptables -A INPUT  -i lo -j ACCEPT
  +			=# free output on any interface to any ip for any service (equal to -P ACCEPT)
  +			=iptables -A OUTPUT -j ACCEPT
  +			=
  +			=# permit answers on already established connections
  +			=# and permit new connections related to established ones (eg active-ftp)
  +			=iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  +			=
  +			=# Log everything else:  What's Windows' latest exploitable vulnerability?
  +			=iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT "
  +			=
  +			=# set a sane policy:    everything not accepted > /dev/null
  +			=iptables -P INPUT    DROP
  +			=iptables -P FORWARD  DROP
  +			=iptables -P OUTPUT   DROP
  +			=
  +			=# be verbose on dynamic ip-addresses     (not needed in case of static IP)
  +			=echo 2 > /proc/sys/net/ipv4/ip_dynaddr
  +			=
  +			=# disable ExplicitCongestionNotification - too many routers are still ignorant
  +			=echo 0 > /proc/sys/net/ipv4/tcp_ecn
  +			=
  +			=# End $rc_base/init.d/firewall
  +			</content>
  +		</textdump>
  +
  +		<textdump base="/etc/rc.d/init.d">
  +			<file>firewall.status</file>
  +			<content>
  +			=#!/bin/sh
  +			=
  +			=# Begin $rc_base/init.d/firewall.status
  +			=
  +			=echo "iptables.mangling:"
  +			=iptables -t mangle  -v -L -n --line-numbers
  +			=
  +			=echo
  +			=echo "iptables.nat:"
  +			=iptables -t nat	    -v -L -n --line-numbers
  +			=
  +			=echo
  +			=echo "iptables.filter:"
  +			=iptables	    -v -L -n --line-numbers
  +			</content>
  +		</textdump>
  +
  +		<textdump base="/etc/rc.d/init.d">
  +			<file>firewall.stop</file>
  +			<content>
  +			=#!/bin/sh
  +			=
  +			=# Being $rc_base/init.d/firewall.stop
  +			=
  +			=# deactivate IP-Forwarding 
  +			=echo 0 > /proc/sys/net/ipv4/ip_forward
  +			=
  +			=iptables -Z
  +			=iptables -F
  +			=iptables -t nat         -F PREROUTING
  +			=iptables -t nat         -F OUTPUT
  +			=iptables -t nat         -F POSTROUTING
  +			=iptables -t mangle      -F PREROUTING
  +			=iptables -t mangle      -F OUTPUT
  +			=iptables -X
  +			=iptables -P INPUT       ACCEPT
  +			=iptables -P FORWARD     ACCEPT
  +			=iptables -P OUTPUT      ACCEPT
  +			</content>
  +		</textdump>
   
   	</stage>
   
  
  
  
  1.5       +6 -4      ALFS/profiles/BLFS/chapter04/linuxpam.xml
  
  Index: linuxpam.xml
  ===================================================================
  RCS file: /home/cvsroot/ALFS/profiles/BLFS/chapter04/linuxpam.xml,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- linuxpam.xml	15 May 2004 08:06:33 -0000	1.4
  +++ linuxpam.xml	16 May 2004 02:14:13 -0000	1.5
  @@ -1,7 +1,7 @@
   <package name="linuxpam" version="&linuxpam-version;">
   
           <packageinfo>
  -                <requires><name>cracklib</name></requires>
  +                <utilizes><name>cracklib</name></utilizes>
           </packageinfo>
   
   	<stage name="Unpacking a package.">
  @@ -27,6 +27,8 @@
   			<param>-i ../&linuxpam-linkage-patch;</param>
   		</patch>
   
  +		<execute command="autoconf" />
  +
   		<configure>
   		        <param>--enable-static-libpam</param>
   		        <param>--with-mailspool=/var/mail</param>
  @@ -50,19 +52,19 @@
   
   		<link>
   		        <option>force</option>
  -			<target>../../lib/libpam.so.0.77</target>
  +			<target>../../lib/libpam.so.&linuxpam-version;</target>
   			<name>/usr/lib/libpam.so</name>
   		</link>
   
   		<link>
   		        <option>force</option>
  -			<target>../../lib/libpam_misc.so.0.77</target>
  +			<target>../../lib/libpam_misc.so.&linuxpam-version;</target>
   			<name>/usr/lib/libpam_misc.so</name>
   		</link>
   
   		<link>
   		        <option>force</option>
  -			<target>../../lib/libpamc.so.0.77</target>
  +			<target>../../lib/libpamc.so.&linuxpam-version;</target>
   			<name>/usr/lib/libpamc.so</name>
   		</link>
   
  
  
  
  1.4       +17 -23    ALFS/profiles/BLFS/chapter04/shadow.xml
  
  Index: shadow.xml
  ===================================================================
  RCS file: /home/cvsroot/ALFS/profiles/BLFS/chapter04/shadow.xml,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- shadow.xml	15 May 2004 08:06:33 -0000	1.3
  +++ shadow.xml	16 May 2004 02:14:13 -0000	1.4
  @@ -28,32 +28,37 @@
   		</patch>
   
   		<configure>
  -			<param>--prefix=/usr</param>
  +			<prefix>LIBS="-lpam -lpam_misc"</prefix>
   			<param>--libdir=/usr/lib</param>
   			<param>--enable-shared</param>
   			<param>--with-libpam</param>
  +			<param>--without-libcrack</param>
   		</configure>
   
  +		<textdump mode="append">
  +			<file>config.h</file>
  +			<content>
  +			=#define HAVE_SETLOCALE 1
  +			</content>
  +		</textdump>
  +
   		<make/>
   
   		<make>
   			<param>install</param>
   		</make>
   
  -		<link>
  -		       <option>force</option>
  -		       <target>vipw</target>
  -		       <name>/usr/sbin/vigr</name>
  -		</link>
  -
  -		<remove>/bin/vipw</remove>
  -
   		<move>
  -		        <source>/bin/sg</source>
  +			<source>/bin/sg</source>
   			<destination>/usr/bin</destination>
   		</move>
   
   		<move>
  +			<source>/bin/vigr</source>
  +			<destination>/usr/sbin</destination>
  +		</move>
  +
  +		<move>
   		        <source>/usr/lib/lib{misc,shadow}.so.0*</source>
   			<destination>/lib</destination>
   		</move>
  @@ -70,11 +75,6 @@
   		       <name>/usr/lib/libmisc.so</name>
   		</link>
   
  -		<copy>
  -		       <source>debian/securetty</source>
  -		       <destination>/etc/securetty</destination>
  -		</copy>
  -
   
   		<textdump base="/etc/pam.d">
   		       <file>login</file>
  @@ -191,12 +191,6 @@
   
   		<search_replace base="/etc">
   		        <file>/etc/login.defs</file>
  -			<find>DIALUPS_CHECK_ENAB</find>
  -			<replace>#DIALUPS_CHECK_ENAB</replace>
  -		</search_replace>
  -
  -		<search_replace base="/etc">
  -		        <file>/etc/login.defs</file>
   			<find>LASTLOG_ENAB</find>
   			<replace>#LASTLOG_ENAB</replace>
   		</search_replace>
  @@ -215,8 +209,8 @@
   
   		<search_replace base="/etc">
   		        <file>/etc/login.defs</file>
  -			<find>#CONSOLE</find>
  -			<replace>CONSOLE</replace>
  +			<find>CONSOLE</find>
  +			<replace>#CONSOLE</replace>
   		</search_replace>
   
   		<search_replace base="/etc">
  
  
  
  1.1                  ALFS/profiles/BLFS/chapter04/cracklib.xml
  
  Index: cracklib.xml
  ===================================================================
  <package name="cracklib" version="&cracklib-version;">
  
  	<stage name="Unpacking a package.">
  		<unpack>
  			<archive>&packages_dir;/&cracklib-package;</archive>
  			<destination>&build_dir;</destination>
  		</unpack>
  
  		<copy>
  		        <source>&packages_dir;/&cracklib-wordlist;</source>
  			<source>&packages_dir;/&cracklib-blfs-patch;</source>
  			<destination>&build_dir;</destination>
  		</copy>
  	</stage>
  
  	<stage name="Installing a package.">
  		<stageinfo>
  			<base>&build_dir;/&cracklib-directory;</base>
  		</stageinfo>
  
  		<mkdir>
  			<option>parents</option>
  			<name>/usr/share/dict</name>
  		</mkdir>
  
  		<permissions mode="0755">
  			<name>/usr/share/dict</name>
  		</permissions>
  
  		<copy>
  		        <source>&build_dir;/&cracklib-wordlist;</source>
  			<destination>/usr/share/dict</destination>
  		</copy>
  
  		<permissions mode="644">
  			<name>/usr/share/dict/&cracklib-wordlist;</name>
  		</permissions>
  
  		<link base="/usr/share/dict">
  		        <option>force</option>
  		        <target>&cracklib-wordlist;</target>
  			<name>words</name>
  		</link>
  
  
  		<execute command="echo">
  			<param>$(hostname)</param>
  			<param>>></param>
  			<param>/usr/share/dict/extra.words</param>
  		</execute>
  
  		<patch>
  			<param>-N</param>
  			<param>-p1</param>
  			<param>-i ../&cracklib-blfs-patch;</param>
  		</patch>
  
  		<make>
  			<param>install</param>
  		</make>
  
  
  	</stage>
  
  	<stage name="Clean-up.">
  		<remove>&build_dir;/&cracklib-directory;</remove>
  		<remove>&build_dir;/&cracklib-wordlist;</remove>
  		<remove>&build_dir;/&cracklib-blfs-patch;</remove>
  	</stage>
  
  </package>
  
  
  
  1.1                  ALFS/profiles/BLFS/chapter04/tripwire.xml
  
  Index: tripwire.xml
  ===================================================================
  <package name="tripwire" version="&tripwire-version;">
  
  	<stage name="Unpacking">
  		<unpack>
  			<archive>&packages_dir;/&tripwire-package;</archive>
  			<destination>&build_dir;</destination>
  		</unpack>
  
  		<copy>
  			<source>&packages_dir;/&tripwire-gcc-patch;</source>
  			<source>&packages_dir;/&tripwire-policy-file;</source>
  			<destination>&build_dir;</destination>
  		</copy>
  
  	</stage>
  
  	<stage name="Installing">
  		<stageinfo>
  			<base>&build_dir;/&tripwire-directory;</base>
  		</stageinfo>
  	
  		<patch>
  			<param>-N</param>
  			<param>-p1</param>
  			<param>-i ../&tripwire-gcc-patch;</param>
  		</patch>
  
  		<make>
  			<param>-C</param>
  			<param>src</param>
  			<param>release</param>
  		</make>
  
  		<copy>
  			<source>install/install.{sh,cfg}</source>
  			<destination>.</destination>
  		</copy>
  
  		<!--The default configuration is to use a local MTA. If you don't have a MTA
                  installed and have no wish to install one, modify the install.cfg to use an SMTP server
  		instead.-->
  
  		<!-- the following commands are for automating the build of tripwire, these command are not in the book -->
  
  		<execute command="sed -i 's%TWMAILMETHOD=SENDMAIL%#&%' install.cfg" />
  		<execute command="sed -i 's%TWMAILPROGRAM%#&%' install.cfg" />
  
  		<execute command="sed -i 's%# TWMAILMETHOD=SMTP%TWMAILMETHOD=SMTP%' install.cfg" />
  		<execute command="sed -i 's%# TWSMTPHOST="mail.domain.com"%TWSMTPHOST="&tripwire-mail-domain;"%' install.cfg" />
  		<execute command="sed -i 's%# TWSMTPPORT=25%TWSMTPPORT=&tripwire-smtp-port;%' install.cfg" />
  
  		<execute command="./install.sh -n -s "&tripwire-sitepassphrase;" -l "&tripwire-localpassphrase;"" />
  	
  		<copy>
  			<source>/etc/tripwire/tw.cfg</source>
  			<destination>/usr/sbin</destination>
  		</copy>
  
  		<copy>
  			<source>policy/*.txt</source>
  			<destination>/usr/share/doc/tripwire</destination>
  		</copy>
  
  		<copy>
  			<source>&build_dir;/&tripwire-policy-file;</source>
  			<destination>/etc/tripwire</destination>
  		</copy>
  
  		<execute command="twadmin">
  			<param>-m P -Q &tripwire-sitepassphrase; /etc/tripwire/&tripwire-policy-file;</param>
  		</execute>
  
  		<execute command="tripwire">
  			<param>-m i -P &tripwire-localpassphrase;</param>
  		</execute>
  
  	</stage>
  
  
  	<stage name="Clean-Up">
  		<remove>&build_dir;/&tripwire-package;</remove>
  		<remove>&build_dir;/&tripwire-gcc-patch;</remove>
  		<remove>&build_dir;/&tripwire-policy-file;</remove>
  	</stage>
  
  </package>
  
  
  
  



More information about the alfs-log mailing list