r7912 - in trunk/BOOK: . introduction/welcome postlfs/security

Wayne Blaszczyk wblaszcz at bigpond.net.au
Fri Jul 31 21:56:21 PDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Randy McMurchy wrote:
> wblaszcz at linuxfromscratch.org wrote these words on 07/31/09 09:13 CST:
>> Author: wblaszcz
>> Date: 2009-07-31 08:13:43 -0600 (Fri, 31 Jul 2009)
>> New Revision: 7912
>>
>> Added:
>>    trunk/BOOK/postlfs/security/policykit.xml
>> +    <bridgehead renderas="sect4">Required</bridgehead>
>> +    <para role="required"><xref linkend="glib2"/>,
>> +    <xref linkend="dbus-glib"/>,
>> +    <xref linkend="linux-pam"/>,
>> +    <xref linkend="intltool"/>, and
>> +    <xref linkend="docbook-xsl"/></para>
> 
> If dbus-glib is required, then you can remove glib2 as it is redundant.
Done.
> Additionally, could you double-check that intltool is actually required.
> I can't remember a package in quite a while where that wasn't built in
> and if you didn't have it installed, it used internal copy.
I've re-tested the installation, intltool is definitely required.
> 
>> +
>> +    <bridgehead renderas="sect4">Optional</bridgehead>
>> +    <para role="optional"><xref linkend="gtk-doc"/> and
>> +    <ulink url="http://blog.supportpro.com/2007/08/se-linux/">SELinux</ulink></para>
> 
> We have decided not to put SELinux as a dependency of any package.
> This was discussed in -dev quite a long time ago. You could check
> the archives and find the discussion fairly easy as SELinux just
> doesn't come up in the mailing lists that often.
Removed.
> 
> 
> 
>> +<screen><userinput>groupadd -g 26 polkit &&
>> +useradd -c "Policy Kit Daemon User" -d /dev/null \
>> +    -u 26 -g polkit -s /bin/false polkit &&
> 
> Typically (use apache as an example) we explain why a user/group
> is required, and do it before starting the installation. Since you
> don't do it before creating them, and there is nothing in the
> Command Explanations section, please do one or the other.
Added an explanation and step (root/unprivileged).

> 
>> +./configure --prefix=/usr --sysconfdir=/etc \
>> +    --libexecdir=/usr/lib/PolicyKit --localstatedir=/var \
>> +    --with-polkit-user=polkit --with-polkit-group=polkit &&
> 
> Seems I remember that polkit was the defaults if you didn't explicitly
> list it. I could be mistaken.
> 
Yes you are right. Changed the user and group from polkit to polkituser.
Thanks for your input.
Wayne.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFKc8r1hfgHoRhX2wIRAmhKAKDKK4uGi2l47t0yw2vJacGeW3WPywCggu7Z
tXIJ9om1QEKkDXu1fuuOCk4=
=OCBP
-----END PGP SIGNATURE-----



More information about the blfs-book mailing list