[blfs-book] r12447 - in trunk/BOOK: introduction/welcome postlfs/security

fernando at higgs.linuxfromscratch.org fernando at higgs.linuxfromscratch.org
Wed Dec 25 16:01:25 PST 2013


Author: fernando
Date: Wed Dec 25 16:01:25 2013
New Revision: 12447

Log:
Some fixes from received patch. Thanks.

Modified:
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/postlfs/security/iptables.xml
   trunk/BOOK/postlfs/security/libcap.xml
   trunk/BOOK/postlfs/security/linux-pam.xml

Modified: trunk/BOOK/introduction/welcome/changelog.xml
==============================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	Wed Dec 25 11:07:34 2013	(r12446)
+++ trunk/BOOK/introduction/welcome/changelog.xml	Wed Dec 25 16:01:25 2013	(r12447)
@@ -47,6 +47,12 @@
       <para>December 25th, 2013</para>
       <itemizedlist>
         <listitem>
+          <para>[fernando] - Some fixes. Mainly to fix shared library shebang
+          where unversioned so files are installed in /lib (see ticket 4426)
+          and simplification to iptables instructions.
+          Patch received, thanks.</para>
+        </listitem>
+        <listitem>
           <para>[igor] - Update to dovecot-2.2.10. Fixes
           <ulink url="&blfs-ticket-root;4469">#4469</ulink>.</para>
         </listitem>

Modified: trunk/BOOK/postlfs/security/iptables.xml
==============================================================================
--- trunk/BOOK/postlfs/security/iptables.xml	Wed Dec 25 11:07:34 2013	(r12446)
+++ trunk/BOOK/postlfs/security/iptables.xml	Wed Dec 25 16:01:25 2013	(r12447)
@@ -124,13 +124,10 @@
       commands:
     </para>
 
-<screen><userinput>./configure --prefix=/usr                          \
-            --exec-prefix=                         \
-            --bindir=/usr/bin                      \
-            --with-xtlibdir=/lib/xtables           \
-            --with-pkgconfigdir=/usr/lib/pkgconfig \
-            --enable-libipq                        \
-            --enable-devel &&
+<screen><userinput>./configure --prefix=/usr                \
+            --sbindir=/sbin              \
+            --with-xtlibdir=/lib/xtables \
+            --enable-libipq && <!-- enable-devel is enabled by default now -->
 make</userinput></screen>
 
     <para>This package does not come with a test suite.</para>
@@ -139,12 +136,10 @@
 
 <screen role="root"><userinput>make install &&
 ln -sfv ../../sbin/xtables-multi /usr/bin/iptables-xml &&
-for file in libip4tc libip6tc libipq libiptc libxtables
+for file in ip4tc ip6tc ipq iptc xtables
 do
-  ln -sfv ../../lib/`readlink /lib/${file}.so` /usr/lib/${file}.so &&
-  rm -v /lib/${file}.so &&
-  mv -v /lib/${file}.la /usr/lib &&
-  sed -i "s at libdir='@&/usr at g" /usr/lib/${file}.la
+  mv -v /usr/lib/lib${file}.so.* /lib &&
+  ln -sfv ../../lib/$(readlink /usr/lib/lib${file}.so) /usr/lib/lib${file}.so
 done</userinput></screen>
 
   </sect2>
@@ -153,42 +148,25 @@
     <title>Command Explanations</title>
 
     <para>
-      <parameter>--exec-prefix=</parameter>: Ensure all binaries and
-      libraries end up in <filename class="directory">/</filename>
-      directory tree.
-    </para>
-
-    <para>
       <parameter>--with-xtlibdir=/lib/xtables</parameter>: Ensure all
       <application>Iptables</application> modules are installed in the
       <filename class="directory">/lib/xtables</filename> directory.
     </para>
 
     <para>
-      <parameter>--with-pkgconfigdir=/usr/lib/pkgconfig</parameter>:
-      Ensure all the pkgconfig files are in the standard location.
-    </para>
-
-    <para>
       <option>--enable-libipq</option>: This switch enables building
       of <filename class="libraryfile">libipq.so</filename> which
       can be used by some packages outside of BLFS.
     </para>
 
     <para>
-      <option>--enable-devel</option>: This switch enables installation
-      of <application>Iptables</application> development headers that
-      can be used by some packages outside of BLFS.
-    </para>
-
-    <para>
       <option>--enable-nfsynproxy</option>: This switch enables installation
       of <application>nfsynproxy</application> SYNPROXY configuration tool.
     </para>
 
     <para>
       <command>ln -sfv ../../sbin/xtables-multi /usr/bin/iptables-xml</command>:
-      Ensure  the symbolic link for <command>iptables-xml</command> is relative.
+      Ensure the symbolic link for <command>iptables-xml</command> is relative.
     </para>
 
   </sect2>

Modified: trunk/BOOK/postlfs/security/libcap.xml
==============================================================================
--- trunk/BOOK/postlfs/security/libcap.xml	Wed Dec 25 11:07:34 2013	(r12446)
+++ trunk/BOOK/postlfs/security/libcap.xml	Wed Dec 25 16:01:25 2013	(r12447)
@@ -90,8 +90,10 @@
 
     <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>make RAISE_SETFCAP=no install &&
-chmod -v 755 /lib/libcap.so</userinput></screen>
+<screen role="root"><userinput>make RAISE_SETFCAP=no prefix=/usr install &&
+chmod -v 755 /usr/lib/libcap.so &&
+mv -v /usr/lib/libcap.so.* /lib &&
+ln -sfv ../../lib/libcap.so.2 /usr/lib/libcap.so</userinput></screen>
 
   </sect2>
 

Modified: trunk/BOOK/postlfs/security/linux-pam.xml
==============================================================================
--- trunk/BOOK/postlfs/security/linux-pam.xml	Wed Dec 25 11:07:34 2013	(r12446)
+++ trunk/BOOK/postlfs/security/linux-pam.xml	Wed Dec 25 16:01:25 2013	(r12447)
@@ -138,6 +138,8 @@
 
 <screen><userinput>./configure --prefix=/usr \
             --sysconfdir=/etc \
+            --libdir=/usr/lib \
+            --enable-securedir=/lib/security \
             --docdir=/usr/share/doc/Linux-PAM-&linux-pam-version; \
             --disable-nis &&
 make</userinput></screen>
@@ -177,13 +179,26 @@
     </para>
 
 <screen role="root"><userinput>make install &&
-chmod -v 4755 /sbin/unix_chkpwd</userinput></screen>
+chmod -v 4755 /sbin/unix_chkpwd &&
+
+for file in pam pam_misc pamc
+do
+  mv -v /usr/lib/lib${file}.so.* /lib &&
+  ln -sfv ../../lib/$(readlink /usr/lib/lib${file}.so) /usr/lib/lib${file}.so
+done</userinput></screen>
+
   </sect2>
 
   <sect2 role="commands">
     <title>Command Explanations</title>
 
     <para>
+      <parameter>--enable-securedir=/lib/security</parameter>:
+      This switch sets install location for the
+      <application>PAM</application> modules.
+    </para>
+
+    <para>
       <option>--disable-nis</option>: This switch disables building
       of the Network Information Service/Yellow Pages support in
       pam_unix and pam_access modules. Remove it if you have installed



More information about the blfs-book mailing list