r958 - branches/2.4-branch/BOOK branches/2.4-branch/BOOK/chapter01 branches/2.4-branch/BOOK/chapter04 branches/2.4-branch/BOOK/chapter06 trunk/BOOK trunk/BOOK/chapter01 trunk/BOOK/chapter04 trunk/BOOK/chapter06

robert at linuxfromscratch.org robert at linuxfromscratch.org
Wed Jan 3 18:32:53 PST 2007


Author: robert
Date: 2007-01-03 19:32:53 -0700 (Wed, 03 Jan 2007)
New Revision: 958

Modified:
   branches/2.4-branch/BOOK/chapter01/changelog.xml
   branches/2.4-branch/BOOK/chapter04/patches.xml
   branches/2.4-branch/BOOK/chapter06/coreutils.xml
   branches/2.4-branch/BOOK/chapter06/procps.xml
   branches/2.4-branch/BOOK/chapter06/shadow.xml
   branches/2.4-branch/BOOK/chapter06/util-linux.xml
   branches/2.4-branch/BOOK/general.ent
   branches/2.4-branch/BOOK/patches.ent
   trunk/BOOK/chapter01/changelog.xml
   trunk/BOOK/chapter04/patches.xml
   trunk/BOOK/chapter06/coreutils.xml
   trunk/BOOK/chapter06/procps.xml
   trunk/BOOK/chapter06/shadow.xml
   trunk/BOOK/chapter06/util-linux.xml
   trunk/BOOK/general.ent
   trunk/BOOK/patches.ent
Log:
Removed supress_uptime_kill_su Coreutils patch. Install Coreutils to DESTDIR to manipulate files before installing. Make uptime, kill, and su optional in Coreutils, Procfs, and Shadow. Update Procps.xml from LFS-svn. Remove Utils-Linux patch for nologin, because it is supplied by Shadow. Added 386 assembly language versions of true, and false to Coreutils.xml, and nologin to Shadow.xml.

Modified: branches/2.4-branch/BOOK/chapter01/changelog.xml
===================================================================
--- branches/2.4-branch/BOOK/chapter01/changelog.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/chapter01/changelog.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -110,6 +110,12 @@
 </listitem>
 -->
 
+<listitem><para>January 3rd, 2006 [Robert]: Removed supress_uptime_kill_su Coreutils
+patch. Install Coreutils to DESTDIR to manipulate files before installing. Make uptime,
+kill, and su optional in Coreutils, Procfs, and Shadow. Update Procps.xml from LFS-svn.
+Remove Utils-Linux patch for nologin, because it is supplied by Shadow. Added 386
+assembly language versions of true, and false to Coreutils.xml, and nologin to Shadow.xml.</para></listitem>
+
 <listitem><para>December 30th, 2006 [Robert]: Removed Sed fixes patch, it breaks 'sed'.</para></listitem>
 
 <listitem><para>December 30th, 2006 [Robert]: Update e2fsprogs.xml from LFS-svn.</para></listitem>

Modified: branches/2.4-branch/BOOK/chapter04/patches.xml
===================================================================
--- branches/2.4-branch/BOOK/chapter04/patches.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/chapter04/patches.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -91,14 +91,6 @@
     </varlistentry>
 
     <varlistentry>
-      <term>Coreutils Suppress Uptime, Kill, Su Patch - &coreutils-suppress_uptime_kill_su-patch-size;:</term>
-      <listitem>
-        <para>Download: <ulink url="&patches-root;&coreutils-suppress_uptime_kill_su-patch;"/></para>
-        <para>MD5 sum: <literal>&coreutils-suppress_uptime_kill_su-patch-md5;</literal></para>
-      </listitem>
-    </varlistentry>
-
-    <varlistentry>
       <term>Coreutils Uname patch - &coreutils-uname_PIC-patch-size;:</term>
       <listitem>
         <para>Download: <ulink url="&patches-root;&coreutils-uname_PIC-patch;"/></para>
@@ -379,14 +371,6 @@
     </varlistentry>
 
     <varlistentry>
-      <term>Util-linux Nologin Patch - &util-linux-nologin-patch-size;:</term>
-      <listitem>
-        <para>Download: <ulink url="&patches-root;&util-linux-nologin-patch;"/></para>
-        <para>MD5 sum: <literal>&util-linux-nologin-patch-md5;</literal></para>
-      </listitem>
-    </varlistentry>
-
-    <varlistentry>
       <term>Util-linux PIC Patch - &util-linux-PIC-patch-size;:</term>
       <listitem>
         <para>Download: <ulink url="&patches-root;&util-linux-PIC-patch;"/></para>

Modified: branches/2.4-branch/BOOK/chapter06/coreutils.xml
===================================================================
--- branches/2.4-branch/BOOK/chapter06/coreutils.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/chapter06/coreutils.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -38,15 +38,10 @@
     <para>A known issue with the <command>uname</command> program from
     this package is that the <parameter>-p</parameter> switch always
     returns <computeroutput>unknown</computeroutput>. The following patch
-    fixes this behavior for Intel architectures:</para>
+    fixes this behavior for i386 architectures:</para>
 
 <screen><userinput>patch -Np1 -i ../&coreutils-uname_PIC-patch;</userinput></screen>
 
-    <para>Prevent Coreutils from installing binaries that will be installed by
-    other packages later:</para>
-
-<screen><userinput>patch -Np1 -i ../&coreutils-suppress_uptime_kill_su-patch;</userinput></screen>
-
     <para>Now prepare Coreutils for compilation:</para>
 
 <screen><userinput>./configure --prefix=/usr</userinput></screen>
@@ -76,7 +71,7 @@
     program and only works on <systemitem class="filesystem">ext2</systemitem>
     and <systemitem class="filesystem">ext3</systemitem> filesystems.
     If your HLFS partition is formated with another filesystem, such as
-    <systemitem class="filesystem">reiserfs</systemitem>, the this
+    <systemitem class="filesystem">reiserfs</systemitem>, then this
     test will fail.</para>
 
     <para>Then run the remainder of the tests as the
@@ -88,16 +83,102 @@
 
 <screen><userinput>sed '/dummy/d' /etc/passwd -i /etc/group</userinput></screen>
 
-    <para>Install the package:</para>
+    <para>This package installs some programs we may not want, and programs
+    we do want in the wrong places. Install Coreutils to a temporary directory
+    so the files can be manipulated before they are installed:</para>
 
-<screen><userinput>make install</userinput></screen>
+<screen><userinput>make DESTDIR=$(pwd)/DESTDIR install</userinput></screen>
 
+    <para>If you choose to install the Coreutils versions of <command>uptime</command>,
+    <command>su</command>, or <command>kill</command>, you will have
+    opportunities later to not install conflicting versions from other packages.</para>
+
+    <para>The <command>uptime</command> program provided by the
+    <xref linkend="ch-system-procps"/> package has about 10 times less code
+    than the <command>uptime</command> program provided Coreutils, according
+    to the <command>size</command> utility, and they both provide identical
+    functionality. Most users and distributions favor the least bloated
+    version of programs which have identical features. Remove this
+    <command>uptime</command> with the following commands:</para>
+
+<screen><userinput>rm -v DESTDIR/usr/bin/uptime \
+    DESTDIR/usr/share/man/man1/uptime.1</userinput></screen>
+
+    <para>The <command>su</command> program provided by the
+    <xref linkend="ch-system-shadow"/> package has more features than the
+    version provided by Coreutils, such as
+    <ulink url="&blfs-root;view/svn/postlfs/linux-pam.html">Linux-PAM</ulink>
+    support. Most users and distributions favor the <command>su</command>
+    program from the <xref linkend="ch-system-shadow"/> package because
+    of the added features, and it is more widely used. There is a discussion
+    of the differences between the two versions here:
+    <ulink url="http://www.diy-linux.org/pipermail/diy-linux-dev/2005-August/000610.html"/>.
+    Remove this <command>su</command> with the following commands:</para>
+
+<screen><userinput>rm -v DESTDIR/usr/bin/su \
+    DESTDIR/usr/share/man/man1/su.1</userinput></screen>
+
+    <para>The <command>kill</command> program provided by the
+    <xref linkend="ch-system-procps"/> package has more options than the one
+    provided by Coreutils, and is favored by many users and distributions.
+    However, some other distributions believe this Coreutils version of
+    <command>kill</command> is written more cleanly. Whether you use it or
+    not is up to you. FIXME: -insert differences of the two versions here-.
+    Remove it with the following commands:</para>
+
+<screen><userinput>rm -v DESTDIR/usr/bin/kill \
+    DESTDIR/usr/share/man/man1/kill.1</userinput></screen>
+
+    <para>The <command>true</command> program provided by Coreutils provides
+    <option>--help</option> and <option>--version</option> options, and
+    has the overhead of the C library. The <command>true</command> program's
+    sole purpose is to return 0, and nothing else. Because this program is
+    often used for authentication and security sensitive tasks it is more
+    secure to use a version written in assembly language. A <command>true</command>
+    program written in assembly language will not only be smaller, but will
+    use far fewer syscalls than a C language version. The following program
+    is written in i386 assembly, and will only work on i386 (386, 486, and Pentium)
+    hardware. Replace the Coreutils <command>true</command> with an assembly
+    version with the following commands (we can keep the manual page):</para>
+
+<screen><userinput>cat > src/true.S << "EOF"
+/* Public Domain - i386 true.S */
+.global _start
+_start:
+movl    $0,%ebx
+movl    $1,%eax
+int     $0x80
+EOF
+
+rm -v DESTDIR/usr/bin/true
+gcc -nostdlib src/true.S -o DESTDIR/usr/bin/true</userinput></screen>
+
+    <para>The <command>false</command> program provided by Coreutils has
+    the same issues as the <command>true</command> program, but is moreso
+    depended on for authentication and security tasks. Replace the Coreutils
+    <command>false</command> program with an i386 assembly language version
+    with the following commands:</para>
+
+<screen><userinput>cat > src/false.S << "EOF"
+/* Public Domain - i386 false.S */
+.global _start
+_start:
+movl    $1,%ebx
+movl    $1,%eax
+int     $0x80
+EOF
+
+rm -v DESTDIR/usr/bin/false
+gcc -nostdlib src/false.S -o DESTDIR/usr/bin/false</userinput></screen>
+
     <para>Move programs to the locations specified by the FHS:</para>
 
-<screen><userinput>mv -v /usr/bin/{cat,chgrp,chmod,chown,cp,date,dd,df,echo} /bin
-mv -v /usr/bin/{false,hostname,ln,ls,mkdir,mknod,mv,pwd,rm} /bin
-mv -v /usr/bin/{rmdir,stty,sync,true,uname} /bin
-mv -v /usr/bin/chroot /usr/sbin</userinput></screen>
+<screen><userinput>install -vd DESTDIR/bin
+mv -v DESTDIR/usr/bin/{cat,chgrp,chmod,chown,cp,date,dd,df,echo} DESTDIR/bin
+mv -v DESTDIR/usr/bin/{false,hostname,ln,ls,mkdir,mknod,mv,pwd,rm} DESTDIR/bin
+mv -v DESTDIR/usr/bin/{rmdir,stty,sync,true,uname} DESTDIR/bin
+install -vd DESTDIR/usr/sbin
+mv -v DESTDIR/usr/bin/chroot DESTDIR/usr/sbin</userinput></screen>
 
     <para>Some of the scripts in the LFS-Bootscripts package depend on
     <command>head</command>, <command>sleep</command>, and
@@ -105,8 +186,20 @@
     may not be available during the early stages of booting, those binaries
     need to be on the root partition:</para>
 
-<screen><userinput>mv -v /usr/bin/{head,sleep,nice} /bin</userinput></screen>
+<screen><userinput>mv -v DESTDIR/usr/bin/{head,sleep,nice} DESTDIR/bin</userinput></screen>
 
+    <para>Note that the Coreutils info page has not been edited to respect
+    any of the programs you may have removed or replaced. You may want to
+    modify it yourself.</para>
+
+    <para>Now copy the files to the system:</para>
+
+<screen><userinput>cp -va DESTDIR/* /</userinput></screen>
+
+    <para><command>kill</command>, <command>true</command>, <command>false</command>,
+    and many others, are <command>bash</command> shell builtins. To use the ones
+    we just installed the full path must be given.</para>
+
   </sect2>
 
 

Modified: branches/2.4-branch/BOOK/chapter06/procps.xml
===================================================================
--- branches/2.4-branch/BOOK/chapter06/procps.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/chapter06/procps.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -1,193 +1,266 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+  "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
   <!ENTITY % general-entities SYSTEM "../general.ent">
   %general-entities;
 ]>
+
 <sect1 id="ch-system-procps" role="wrap">
-<title>Procps-&procps-version;</title>
-<?dbhtml filename="procps.html"?>
+  <?dbhtml filename="procps.html"?>
 
-<indexterm zone="ch-system-procps"><primary sortas="a-Procps">Procps</primary></indexterm>
+  <title>Procps-&procps-version;</title>
 
-<sect2 role="package"><title/>
-<para>The Procps package contains programs for monitoring processes.</para>
+  <indexterm zone="ch-system-procps">
+    <primary sortas="a-Procps">Procps</primary>
+  </indexterm>
 
-<segmentedlist>
-<segtitle>&buildtime;</segtitle>
-<segtitle>&diskspace;</segtitle>
-<seglistitem><seg>?? SBU</seg><seg>?? MB</seg></seglistitem>
-</segmentedlist>
+  <sect2 role="package">
+    <title/>
 
-<segmentedlist>
-<segtitle>&dependencies;</segtitle>
-<seglistitem><seg>Bash, Binutils, Coreutils, GCC, Glibc,
-Make, and Ncurses</seg></seglistitem>
-</segmentedlist>
-</sect2>
+    <para>The Procps package contains programs for monitoring processes.</para>
 
-<sect2 role="installation">
-<title>Installation of Procps</title>
+    <segmentedlist>
+      <segtitle>&buildtime;</segtitle>
+      <segtitle>&diskspace;</segtitle>
 
-<para>Compile the package:</para>
+      <seglistitem>
+        <seg>?? SBU</seg>
+        <seg>?? MB</seg>
+      </seglistitem>
+    </segmentedlist>
 
+  </sect2>
+
+  <sect2 role="installation">
+  <title>Installation of Procps</title>
+
+    <para>Compile the package:</para>
+
 <screen><userinput>make</userinput></screen>
 
-<para>Install the package:</para>
+    <para>This package does not come with a test suite.</para>
 
+    <important>
+    <para>This packages contains the <command>kill</command> and
+    <command>uptime</command> programs, which are also provided by
+    the <xref linkend="ch-system-coreutils"/>. If you installed
+    either of these programs from Coreutils, you should disable
+    their installation from this package. The following command will
+    disable the installation of both, adjust it to install one but
+    not the other:</para>
+
+<screen><userinput>make \
+ SKIP='$(bin)kill $(man1)kill.1 $(usr/bin)uptime $(man1)uptime.1' \
+  install</userinput></screen>
+    </important>
+
+    <para>Install the whole package with:</para>
+
 <screen><userinput>make install</userinput></screen>
 
-</sect2>
+  </sect2>
 
+  <sect2 id="contents-procps" role="content">
+    <title>Contents of Procps</title>
 
-<sect2 id="contents-procps" role="content"><title>Contents of Procps</title>
+    <segmentedlist>
+      <segtitle>Installed programs</segtitle>
+      <segtitle>Installed library</segtitle>
 
-<segmentedlist>
-<segtitle>Installed programs</segtitle>
-<segtitle>Installed library</segtitle>
-<seglistitem><seg>free, kill, pgrep, pkill,
-pmap, ps, skill, snice, sysctl, tload, top, uptime, vmstat, w, and watch</seg>
-<seg>libproc.so</seg></seglistitem>
-</segmentedlist>
+      <seglistitem>
+        <seg>free, kill, pgrep, pkill, pmap, ps, skill, slabtop, snice,
+        sysctl, tload, top, uptime, vmstat, w, and watch</seg>
+        <seg>libproc.so</seg>
+      </seglistitem>
+    </segmentedlist>
 
-<variablelist><bridgehead renderas="sect3">Short Descriptions</bridgehead>
-<?dbfo list-presentation="list"?>
-<?dbhtml list-presentation="table"?>
+    <variablelist>
+      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+      <?dbfo list-presentation="list"?>
+      <?dbhtml list-presentation="table"?>
 
-<varlistentry id="free">
-<term><command>free</command></term>
-<listitem>
-<para>Reports the amount of free and used memory (both physical and
-swap memory) in the system</para>
-<indexterm zone="ch-system-procps free"><primary sortas="b-free">free</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="free">
+        <term><command>free</command></term>
+        <listitem>
+          <para>Reports the amount of free and used memory (both physical and
+          swap memory) in the system</para>
+          <indexterm zone="ch-system-procps free">
+            <primary sortas="b-free">free</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="kill">
-<term><command>kill</command></term>
-<listitem>
-<para>Sends signals to processes</para>
-<indexterm zone="ch-system-procps kill"><primary sortas="b-kill">kill</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="kill">
+        <term><command>kill</command></term>
+        <listitem>
+          <para>Sends signals to processes</para>
+          <indexterm zone="ch-system-procps kill">
+            <primary sortas="b-kill">kill</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="pgrep">
-<term><command>pgrep</command></term>
-<listitem>
-<para>Looks up processes based on their name and other attributes</para>
-<indexterm zone="ch-system-procps pgrep"><primary sortas="b-pgrep">pgrep</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="pgrep">
+        <term><command>pgrep</command></term>
+        <listitem>
+          <para>Looks up processes based on their name and other attributes</para>
+          <indexterm zone="ch-system-procps pgrep">
+            <primary sortas="b-pgrep">pgrep</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="pkill">
-<term><command>pkill</command></term>
-<listitem>
-<para>Signals processes based on their name and other attributes</para>
-<indexterm zone="ch-system-procps pkill"><primary sortas="b-pkill">pkill</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="pkill">
+        <term><command>pkill</command></term>
+        <listitem>
+          <para>Signals processes based on their name and other attributes</para>
+          <indexterm zone="ch-system-procps pkill">
+            <primary sortas="b-pkill">pkill</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="pmap">
-<term><command>pmap</command></term>
-<listitem>
-<para>Reports the memory map of the given process</para>
-<indexterm zone="ch-system-procps pmap"><primary sortas="b-pmap">pmap</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="pmap">
+        <term><command>pmap</command></term>
+        <listitem>
+          <para>Reports the memory map of the given process</para>
+          <indexterm zone="ch-system-procps pmap">
+            <primary sortas="b-pmap">pmap</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="ps">
-<term><command>ps</command></term>
-<listitem>
-<para>Lists the current running processes</para>
-<indexterm zone="ch-system-procps ps"><primary sortas="b-ps">ps</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="ps">
+        <term><command>ps</command></term>
+        <listitem>
+          <para>Lists the current running processes</para>
+          <indexterm zone="ch-system-procps ps">
+            <primary sortas="b-ps">ps</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="skill">
-<term><command>skill</command></term>
-<listitem>
-<para>Sends signals to processes matching the given criteria</para>
-<indexterm zone="ch-system-procps skill"><primary sortas="b-skill">skill</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="skill">
+        <term><command>skill</command></term>
+        <listitem>
+          <para>Sends signals to processes matching the given criteria</para>
+          <indexterm zone="ch-system-procps skill">
+            <primary sortas="b-skill">skill</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="snice">
-<term><command>snice</command></term>
-<listitem>
-<para>Changes the scheduling priority of processes matching the given criteria</para>
-<indexterm zone="ch-system-procps snice"><primary sortas="b-snice">snice</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="slabtop">
+        <term><command>slabtop</command></term>
+        <listitem>
+          <para>Displays detailed kernel slap cache information in real time</para>
+          <indexterm zone="ch-system-procps slabtop">
+            <primary sortas="b-slabtop">slabtop</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="sysctl">
-<term><command>sysctl</command></term>
-<listitem>
-<para>Modifies kernel parameters at run time</para>
-<indexterm zone="ch-system-procps sysctl"><primary sortas="b-sysctl">sysctl</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="snice">
+        <term><command>snice</command></term>
+        <listitem>
+          <para>Changes the scheduling priority of processes matching the given
+          criteria</para>
+          <indexterm zone="ch-system-procps snice">
+            <primary sortas="b-snice">snice</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="tload">
-<term><command>tload</command></term>
-<listitem>
-<para>Prints a graph of the current system load average</para>
-<indexterm zone="ch-system-procps tload"><primary sortas="b-tload">tload</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="sysctl">
+        <term><command>sysctl</command></term>
+        <listitem>
+          <para>Modifies kernel parameters at run time</para>
+          <indexterm zone="ch-system-procps sysctl">
+            <primary sortas="b-sysctl">sysctl</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="top">
-<term><command>top</command></term>
-<listitem>
-<para>Displays the top CPU processes; it provides an ongoing look at
-processor activity in real time</para>
-<indexterm zone="ch-system-procps top"><primary sortas="b-top">top</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="tload">
+        <term><command>tload</command></term>
+        <listitem>
+          <para>Prints a graph of the current system load average</para>
+          <indexterm zone="ch-system-procps tload">
+            <primary sortas="b-tload">tload</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="uptime">
-<term><command>uptime</command></term>
-<listitem>
-<para>Reports how long the system has been running, how many users are
-logged on, and the system load averages</para>
-<indexterm zone="ch-system-procps uptime"><primary sortas="b-uptime">uptime</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="top">
+        <term><command>top</command></term>
+        <listitem>
+          <para>Displays a list of the most CPU intensive processes; it
+          provides an ongoing look at processor activity in real time</para>
+          <indexterm zone="ch-system-procps top">
+            <primary sortas="b-top">top</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="vmstat">
-<term><command>vmstat</command></term>
-<listitem>
-<para>Reports virtual memory statistics, giving information about
-processes, memory, paging, block Input/Output (IO), traps, and CPU activity</para>
-<indexterm zone="ch-system-procps vmstat"><primary sortas="b-vmstat">vmstat</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="uptime">
+        <term><command>uptime</command></term>
+        <listitem>
+          <para>Reports how long the system has been running, how many users are
+          logged on, and the system load averages</para>
+          <indexterm zone="ch-system-procps uptime">
+            <primary sortas="b-uptime">uptime</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="w">
-<term><command>w</command></term>
-<listitem>
-<para>Shows which users are currently logged on, where, and since when</para>
-<indexterm zone="ch-system-procps w"><primary sortas="b-w">w</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="vmstat">
+        <term><command>vmstat</command></term>
+        <listitem>
+          <para>Reports virtual memory statistics, giving information about
+          processes, memory, paging, block Input/Output (IO), traps, and CPU
+          activity</para>
+          <indexterm zone="ch-system-procps vmstat">
+            <primary sortas="b-vmstat">vmstat</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="watch">
-<term><command>watch</command></term>
-<listitem>
-<para>Runs a given command repeatedly, displaying the first screen-full of its
-output; this allows a user to watch the output change over time</para>
-<indexterm zone="ch-system-procps watch"><primary sortas="b-watch">watch</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="w">
+        <term><command>w</command></term>
+        <listitem>
+          <para>Shows which users are currently logged on, where, and since
+          when</para>
+          <indexterm zone="ch-system-procps w">
+            <primary sortas="b-w">w</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="libproc">
-<term><filename class="libraryfile">libproc</filename></term>
-<listitem>
-<para>Contains the functions used by most programs in this package</para>
-<indexterm zone="ch-system-procps libproc"><primary sortas="c-libproc">libproc</primary></indexterm>
-</listitem>
-</varlistentry>
-</variablelist>
+      <varlistentry id="watch">
+        <term><command>watch</command></term>
+        <listitem>
+          <para>Runs a given command repeatedly, displaying the first
+          screen-full of its output; this allows a user to watch the output
+          change over time</para>
+          <indexterm zone="ch-system-procps watch">
+            <primary sortas="b-watch">watch</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-</sect2>
+      <varlistentry id="libproc">
+        <term><filename class="libraryfile">libproc</filename></term>
+        <listitem>
+          <para>Contains the functions used by most programs in this
+          package</para>
+          <indexterm zone="ch-system-procps libproc">
+            <primary sortas="c-libproc">libproc</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
+    </variablelist>
+
+  </sect2>
+
 </sect1>
-

Modified: branches/2.4-branch/BOOK/chapter06/shadow.xml
===================================================================
--- branches/2.4-branch/BOOK/chapter06/shadow.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/chapter06/shadow.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -54,28 +54,6 @@
 
 <screen><userinput>patch -Np1 -i ../&shadow-useradd_fix-patch;</userinput></screen>
 
-    <para role="misc">The Shadow package contains several suid programs, which include
-    <command>chage</command>, <command>chfn</command>, <command>chsh</command>,
-    <command>expiry</command>, <command>gpasswd</command>, <command>newgrp</command>,
-    <command>passwd</command>, and <command>su</command>. These programs are also all
-    linked to <filename class="libraryfile">libshadow.so</filename>. All of these
-    programs and libraries can be linked to
-    <filename class="libraryfile">libmudflap.so</filename>, from the GCC package, to
-    have runtime bounds checking performed and reduce the likelihood of these programs
-    being exploited by unknown bugs. <filename class="libraryfile">libmudflap.so</filename>
-    will reduce the performance of anything linked to it, however none of the programs
-    in the Shadow package are daemons, and none are typically run very often, so the
-    reduced performance should not become a nuisance. To build the Shadow package with
-    libmudflap bounds checking use the following command:</para>
-
-    <para role="misc">HLFS-unstable note: I have not checked whether the MUDFLAP_OPTIONS
-    environment variable can be used to disable mudflap on suid programs. If it can
-    then libc needs to be modified to disallow it.</para>
-
-<screen role="misc"><userinput>find . -type f -name Makefile.in -exec \
-    sed -e 's/^CFLAGS =.*/& -fmudflap/' \
-    -e 's/^LDFLAGS =.*/& -lmudflap/' -i.orig {} \;</userinput></screen>
-
     <para>Prepare Shadow for compilation:</para>
 
 <screen><userinput>./configure --libdir=/lib --sysconfdir=/etc --enable-shared --without-selinux</userinput></screen>
@@ -122,10 +100,56 @@
 
 <screen><userinput>make</userinput></screen>
 
+    <important>
+    <para>The <command>nologin</command> program in this package suffers from
+    the same issues as <command>true</command> and <command>false</command>
+    from Coreutils. An assembly language version of <command>nologin</command>
+    is less vulnerable to issues with the C library. <command>nologin</command>
+    should be used in place of <command>false</command> in <filename>/etc/passwd</filename>
+    when adding new accounts, such as accounts for network services. The
+    following commands will build an assembly language version of
+    <command>nologin</command> which will be installed with this package:</para>
+
+<screen><userinput>cat > src/nologin.S << "EOF"
+/* Public Domain - i386 nologin.S */
+.section .data
+message:
+   .ascii "This account is not available.\n"
+   len = . - message
+.section .text
+.globl _start
+_start:
+   movl $4, %eax
+   movl $len, %edx
+   movl $message, %ecx
+   movl $1, %ebx /* Use "$2" to write to stderr,
+			 "$1" for stdout */
+   int $0x80
+   movl $1, %eax
+   movl $1, %ebx
+   int $0x80
+EOF
+
+rm -v src/nologin
+gcc -nostdlib src/nologin.S -o src/nologin</userinput></screen>
+    </important>
+
     <para>This package does not come with a test suite.</para>
 
-    <para>Install the package:</para>
+    <important>
+    <para>If you do not want to install the <command>su</command> from this
+    package, such as if you will be using the <command>su</command> from
+    <xref linkend="ch-system-coreutils"/>, then run the following commands
+    to install without <command>su</command> from this package:</para>
 
+<screen><userinput>make DESTDIR=$(pwd)/DESTDIR install
+find DESTDIR/ -name su.1 -exec rm -v {} \;
+rm -v DESTDIR/bin/su
+cp -va DESTDIR/* /</userinput></screen>
+    </important>
+
+    <para>To install the whole package, including <command>su</command>:</para>
+
 <screen><userinput>make install</userinput></screen>
 
     <para>Move a misplaced program to its proper location:</para>

Modified: branches/2.4-branch/BOOK/chapter06/util-linux.xml
===================================================================
--- branches/2.4-branch/BOOK/chapter06/util-linux.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/chapter06/util-linux.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -61,11 +61,6 @@
 
 <screen><userinput>patch -Np1 -i ../&util-linux-PIC-patch;</userinput></screen>
 
-    <para>This patch adds <command>/sbin/nologin</command>, which is a replacement for
-    <command>/bin/false</command>. It displays a polite reason for disallowing login:</para>
-
-<screen><userinput>patch -Np1 -i ../&util-linux-nologin-patch;</userinput></screen>
-
     <para>Util-linux fails to compile against newer versions of Linux kernel
     headers. The following patches properly fix the problems:</para>
 

Modified: branches/2.4-branch/BOOK/general.ent
===================================================================
--- branches/2.4-branch/BOOK/general.ent	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/general.ent	2007-01-04 02:32:53 UTC (rev 958)
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!ENTITY version "2.4-branch-20061230">
-<!ENTITY releasedate "December 30th, 2006">
+<!ENTITY version "2.4-branch-20070103">
+<!ENTITY releasedate "January 3rd, 2006">
 <!ENTITY milestone "1.0">
 
 <!ENTITY lfs-root "http://www.linuxfromscratch.org/">

Modified: branches/2.4-branch/BOOK/patches.ent
===================================================================
--- branches/2.4-branch/BOOK/patches.ent	2006-12-30 07:04:39 UTC (rev 957)
+++ branches/2.4-branch/BOOK/patches.ent	2007-01-04 02:32:53 UTC (rev 958)
@@ -38,10 +38,6 @@
 <!ENTITY bzip2-install_docs-patch-md5 "9e5dfbf4814b71ef986b872c9af84488">
 <!ENTITY bzip2-install_docs-patch-size "1.6 KB">
 
-<!ENTITY coreutils-suppress_uptime_kill_su-patch "coreutils-&coreutils-version;-suppress_uptime_kill_su-1.patch">
-<!ENTITY coreutils-suppress_uptime_kill_su-patch-md5 "835d62295b5278fd9fc4ee0766e068d4">
-<!ENTITY coreutils-suppress_uptime_kill_su-patch-size "16 KB">
-
 <!ENTITY coreutils-uname_PIC-patch "coreutils-&coreutils-version;-uname_PIC-1.patch">
 <!ENTITY coreutils-uname_PIC-patch-md5 "71bac5487a89cefcc0758f286b5200c4">
 <!ENTITY coreutils-uname_PIC-patch-size "8 KB">
@@ -186,10 +182,6 @@
 <!ENTITY util-linux-cramfs-patch-md5 "1c3f40b30e12738eb7b66a35b7374572">
 <!ENTITY util-linux-cramfs-patch-size "2.8 KB">
 
-<!ENTITY util-linux-nologin-patch "util-linux-&util-linux-version;-nologin-1.patch">
-<!ENTITY util-linux-nologin-patch-md5 "ccf05ed25b1452ff86494d55eb7c234f">
-<!ENTITY util-linux-nologin-patch-size "7.7 KB">
-
 <!ENTITY util-linux-PIC-patch "util-linux-&util-linux-version;-PIC-1.patch">
 <!ENTITY util-linux-PIC-patch-md5 "c85469f9da411b1c64c2b7fe71565d66">
 <!ENTITY util-linux-PIC-patch-size "2 KB">

Modified: trunk/BOOK/chapter01/changelog.xml
===================================================================
--- trunk/BOOK/chapter01/changelog.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/chapter01/changelog.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -112,6 +112,13 @@
 </listitem>
 -->
 
+<listitem><para>January 3rd, 2006 [Robert]: Removed supress_uptime_kill_su Coreutils
+patch. Install Coreutils to DESTDIR to manipulate files before installing. Make uptime,
+kill, and su optional in Coreutils, Procfs, and Shadow. Update Procps.xml from LFS-svn.
+Remove Utils-Linux patch for nologin, because it is supplied by Shadow. Added 386
+assembly language versions of true, and false to Coreutils.xml, and nologin to Shadow.xml.
+</para></listitem>
+
 <listitem><para>December 30th, 2006 [Robert]: Removed Sed fixes patch, it breaks 'sed'.</para></listitem>
 
 <listitem><para>December 30th, 2006 [Robert]: Update e2fsprogs.xml from LFS-svn.</para></listitem>

Modified: trunk/BOOK/chapter04/patches.xml
===================================================================
--- trunk/BOOK/chapter04/patches.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/chapter04/patches.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -91,14 +91,6 @@
     </varlistentry>
 
     <varlistentry>
-      <term>Coreutils Suppress Uptime, Kill, Su Patch - &coreutils-suppress_uptime_kill_su-patch-size;:</term>
-      <listitem>
-        <para>Download: <ulink url="&patches-root;&coreutils-suppress_uptime_kill_su-patch;"/></para>
-        <para>MD5 sum: <literal>&coreutils-suppress_uptime_kill_su-patch-md5;</literal></para>
-      </listitem>
-    </varlistentry>
-
-    <varlistentry>
       <term>Coreutils Uname patch - &coreutils-uname_PIC-patch-size;:</term>
       <listitem>
         <para>Download: <ulink url="&patches-root;&coreutils-uname_PIC-patch;"/></para>
@@ -387,14 +379,6 @@
     </varlistentry>
 
     <varlistentry>
-      <term>Util-linux Nologin Patch - &util-linux-nologin-patch-size;:</term>
-      <listitem>
-        <para>Download: <ulink url="&patches-root;&util-linux-nologin-patch;"/></para>
-        <para>MD5 sum: <literal>&util-linux-nologin-patch-md5;</literal></para>
-      </listitem>
-    </varlistentry>
-
-    <varlistentry>
       <term>Util-linux PIC Patch - &util-linux-PIC-patch-size;:</term>
       <listitem>
         <para>Download: <ulink url="&patches-root;&util-linux-PIC-patch;"/></para>

Modified: trunk/BOOK/chapter06/coreutils.xml
===================================================================
--- trunk/BOOK/chapter06/coreutils.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/chapter06/coreutils.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -38,15 +38,10 @@
     <para>A known issue with the <command>uname</command> program from
     this package is that the <parameter>-p</parameter> switch always
     returns <computeroutput>unknown</computeroutput>. The following patch
-    fixes this behavior for Intel architectures:</para>
+    fixes this behavior for i386 architectures:</para>
 
 <screen><userinput>patch -Np1 -i ../&coreutils-uname_PIC-patch;</userinput></screen>
 
-    <para>Prevent Coreutils from installing binaries that will be installed by
-    other packages later:</para>
-
-<screen><userinput>patch -Np1 -i ../&coreutils-suppress_uptime_kill_su-patch;</userinput></screen>
-
     <para>Now prepare Coreutils for compilation:</para>
 
 <screen><userinput>./configure --prefix=/usr</userinput></screen>
@@ -76,7 +71,7 @@
     program and only works on <systemitem class="filesystem">ext2</systemitem>
     and <systemitem class="filesystem">ext3</systemitem> filesystems.
     If your HLFS partition is formated with another filesystem, such as
-    <systemitem class="filesystem">reiserfs</systemitem>, the this
+    <systemitem class="filesystem">reiserfs</systemitem>, then this
     test will fail.</para>
 
     <para>Then run the remainder of the tests as the
@@ -88,16 +83,102 @@
 
 <screen><userinput>sed '/dummy/d' /etc/passwd -i /etc/group</userinput></screen>
 
-    <para>Install the package:</para>
+    <para>This package installs some programs we may not want, and programs
+    we do want in the wrong places. Install Coreutils to a temporary directory
+    so the files can be manipulated before they are installed:</para>
 
-<screen><userinput>make install</userinput></screen>
+<screen><userinput>make DESTDIR=$(pwd)/DESTDIR install</userinput></screen>
 
+    <para>If you choose to install the Coreutils versions of <command>uptime</command>,
+    <command>su</command>, or <command>kill</command>, you will have
+    opportunities later to not install conflicting versions from other packages.</para>
+
+    <para>The <command>uptime</command> program provided by the
+    <xref linkend="ch-system-procps"/> package has about 10 times less code
+    than the <command>uptime</command> program provided Coreutils, according
+    to the <command>size</command> utility, and they both provide identical
+    functionality. Most users and distributions favor the least bloated
+    version of programs which have identical features. Remove this
+    <command>uptime</command> with the following commands:</para>
+
+<screen><userinput>rm -v DESTDIR/usr/bin/uptime \
+    DESTDIR/usr/share/man/man1/uptime.1</userinput></screen>
+
+    <para>The <command>su</command> program provided by the
+    <xref linkend="ch-system-shadow"/> package has more features than the
+    version provided by Coreutils, such as
+    <ulink url="&blfs-root;view/svn/postlfs/linux-pam.html">Linux-PAM</ulink>
+    support. Most users and distributions favor the <command>su</command>
+    program from the <xref linkend="ch-system-shadow"/> package because
+    of the added features, and it is more widely used. There is a discussion
+    of the differences between the two versions here:
+    <ulink url="http://www.diy-linux.org/pipermail/diy-linux-dev/2005-August/000610.html"/>.
+    Remove this <command>su</command> with the following commands:</para>
+
+<screen><userinput>rm -v DESTDIR/usr/bin/su \
+    DESTDIR/usr/share/man/man1/su.1</userinput></screen>
+
+    <para>The <command>kill</command> program provided by the
+    <xref linkend="ch-system-procps"/> package has more options than the one
+    provided by Coreutils, and is favored by many users and distributions.
+    However, some other distributions believe this Coreutils version of
+    <command>kill</command> is written more cleanly. Whether you use it or
+    not is up to you. FIXME: -insert differences of the two versions here-.
+    Remove it with the following commands:</para>
+
+<screen><userinput>rm -v DESTDIR/usr/bin/kill \
+    DESTDIR/usr/share/man/man1/kill.1</userinput></screen>
+
+    <para>The <command>true</command> program provided by Coreutils provides
+    <option>--help</option> and <option>--version</option> options, and
+    has the overhead of the C library. The <command>true</command> program's
+    sole purpose is to return 0, and nothing else. Because this program is
+    often used for authentication and security sensitive tasks it is more
+    secure to use a version written in assembly language. A <command>true</command>
+    program written in assembly language will not only be smaller, but will
+    use far fewer syscalls than a C language version. The following program
+    is written in i386 assembly, and will only work on i386 (386, 486, and Pentium)
+    hardware. Replace the Coreutils <command>true</command> with an assembly
+    version with the following commands (we can keep the manual page):</para>
+
+<screen><userinput>cat > src/true.S << "EOF"
+/* Public Domain - i386 true.S */
+.global _start
+_start:
+movl    $0,%ebx
+movl    $1,%eax
+int     $0x80
+EOF
+
+rm -v DESTDIR/usr/bin/true
+gcc -nostdlib src/true.S -o DESTDIR/usr/bin/true</userinput></screen>
+
+    <para>The <command>false</command> program provided by Coreutils has
+    the same issues as the <command>true</command> program, but is moreso
+    depended on for authentication and security tasks. Replace the Coreutils
+    <command>false</command> program with an i386 assembly language version
+    with the following commands:</para>
+
+<screen><userinput>cat > src/false.S << "EOF"
+/* Public Domain - i386 false.S */
+.global _start
+_start:
+movl    $1,%ebx
+movl    $1,%eax
+int     $0x80
+EOF
+
+rm -v DESTDIR/usr/bin/false
+gcc -nostdlib src/false.S -o DESTDIR/usr/bin/false</userinput></screen>
+
     <para>Move programs to the locations specified by the FHS:</para>
 
-<screen><userinput>mv -v /usr/bin/{cat,chgrp,chmod,chown,cp,date,dd,df,echo} /bin
-mv -v /usr/bin/{false,hostname,ln,ls,mkdir,mknod,mv,pwd,rm} /bin
-mv -v /usr/bin/{rmdir,stty,sync,true,uname} /bin
-mv -v /usr/bin/chroot /usr/sbin</userinput></screen>
+<screen><userinput>install -vd DESTDIR/bin
+mv -v DESTDIR/usr/bin/{cat,chgrp,chmod,chown,cp,date,dd,df,echo} DESTDIR/bin
+mv -v DESTDIR/usr/bin/{false,hostname,ln,ls,mkdir,mknod,mv,pwd,rm} DESTDIR/bin
+mv -v DESTDIR/usr/bin/{rmdir,stty,sync,true,uname} DESTDIR/bin
+install -vd DESTDIR/usr/sbin
+mv -v DESTDIR/usr/bin/chroot DESTDIR/usr/sbin</userinput></screen>
 
     <para>Some of the scripts in the LFS-Bootscripts package depend on
     <command>head</command>, <command>sleep</command>, and
@@ -105,8 +186,20 @@
     may not be available during the early stages of booting, those binaries
     need to be on the root partition:</para>
 
-<screen><userinput>mv -v /usr/bin/{head,sleep,nice} /bin</userinput></screen>
+<screen><userinput>mv -v DESTDIR/usr/bin/{head,sleep,nice} DESTDIR/bin</userinput></screen>
 
+    <para>Note that the Coreutils info page has not been edited to respect
+    any of the programs you may have removed or replaced. You may want to
+    modify it yourself.</para>
+
+    <para>Now copy the files to the system:</para>
+
+<screen><userinput>cp -va DESTDIR/* /</userinput></screen>
+
+    <para><command>kill</command>, <command>true</command>, <command>false</command>,
+    and many others, are <command>bash</command> shell builtins. To use the ones
+    we just installed the full path must be given.</para>
+
   </sect2>
 
 

Modified: trunk/BOOK/chapter06/procps.xml
===================================================================
--- trunk/BOOK/chapter06/procps.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/chapter06/procps.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -1,193 +1,266 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+  "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
   <!ENTITY % general-entities SYSTEM "../general.ent">
   %general-entities;
 ]>
+
 <sect1 id="ch-system-procps" role="wrap">
-<title>Procps-&procps-version;</title>
-<?dbhtml filename="procps.html"?>
+  <?dbhtml filename="procps.html"?>
 
-<indexterm zone="ch-system-procps"><primary sortas="a-Procps">Procps</primary></indexterm>
+  <title>Procps-&procps-version;</title>
 
-<sect2 role="package"><title/>
-<para>The Procps package contains programs for monitoring processes.</para>
+  <indexterm zone="ch-system-procps">
+    <primary sortas="a-Procps">Procps</primary>
+  </indexterm>
 
-<segmentedlist>
-<segtitle>&buildtime;</segtitle>
-<segtitle>&diskspace;</segtitle>
-<seglistitem><seg>?? SBU</seg><seg>?? MB</seg></seglistitem>
-</segmentedlist>
+  <sect2 role="package">
+    <title/>
 
-<segmentedlist>
-<segtitle>&dependencies;</segtitle>
-<seglistitem><seg>Bash, Binutils, Coreutils, GCC, Glibc,
-Make, and Ncurses</seg></seglistitem>
-</segmentedlist>
-</sect2>
+    <para>The Procps package contains programs for monitoring processes.</para>
 
-<sect2 role="installation">
-<title>Installation of Procps</title>
+    <segmentedlist>
+      <segtitle>&buildtime;</segtitle>
+      <segtitle>&diskspace;</segtitle>
 
-<para>Compile the package:</para>
+      <seglistitem>
+        <seg>?? SBU</seg>
+        <seg>?? MB</seg>
+      </seglistitem>
+    </segmentedlist>
 
+  </sect2>
+
+  <sect2 role="installation">
+  <title>Installation of Procps</title>
+
+    <para>Compile the package:</para>
+
 <screen><userinput>make</userinput></screen>
 
-<para>Install the package:</para>
+    <para>This package does not come with a test suite.</para>
 
+    <important>
+    <para>This packages contains the <command>kill</command> and
+    <command>uptime</command> programs, which are also provided by
+    the <xref linkend="ch-system-coreutils"/>. If you installed
+    either of these programs from Coreutils, you should disable
+    their installation from this package. The following command will
+    disable the installation of both, adjust it to install one but
+    not the other:</para>
+
+<screen><userinput>make \
+ SKIP='$(bin)kill $(man1)kill.1 $(usr/bin)uptime $(man1)uptime.1' \
+  install</userinput></screen>
+    </important>
+
+    <para>Install the whole package with:</para>
+
 <screen><userinput>make install</userinput></screen>
 
-</sect2>
+  </sect2>
 
+  <sect2 id="contents-procps" role="content">
+    <title>Contents of Procps</title>
 
-<sect2 id="contents-procps" role="content"><title>Contents of Procps</title>
+    <segmentedlist>
+      <segtitle>Installed programs</segtitle>
+      <segtitle>Installed library</segtitle>
 
-<segmentedlist>
-<segtitle>Installed programs</segtitle>
-<segtitle>Installed library</segtitle>
-<seglistitem><seg>free, kill, pgrep, pkill,
-pmap, ps, skill, snice, sysctl, tload, top, uptime, vmstat, w, and watch</seg>
-<seg>libproc.so</seg></seglistitem>
-</segmentedlist>
+      <seglistitem>
+        <seg>free, kill, pgrep, pkill, pmap, ps, skill, slabtop, snice,
+        sysctl, tload, top, uptime, vmstat, w, and watch</seg>
+        <seg>libproc.so</seg>
+      </seglistitem>
+    </segmentedlist>
 
-<variablelist><bridgehead renderas="sect3">Short Descriptions</bridgehead>
-<?dbfo list-presentation="list"?>
-<?dbhtml list-presentation="table"?>
+    <variablelist>
+      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+      <?dbfo list-presentation="list"?>
+      <?dbhtml list-presentation="table"?>
 
-<varlistentry id="free">
-<term><command>free</command></term>
-<listitem>
-<para>Reports the amount of free and used memory (both physical and
-swap memory) in the system</para>
-<indexterm zone="ch-system-procps free"><primary sortas="b-free">free</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="free">
+        <term><command>free</command></term>
+        <listitem>
+          <para>Reports the amount of free and used memory (both physical and
+          swap memory) in the system</para>
+          <indexterm zone="ch-system-procps free">
+            <primary sortas="b-free">free</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="kill">
-<term><command>kill</command></term>
-<listitem>
-<para>Sends signals to processes</para>
-<indexterm zone="ch-system-procps kill"><primary sortas="b-kill">kill</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="kill">
+        <term><command>kill</command></term>
+        <listitem>
+          <para>Sends signals to processes</para>
+          <indexterm zone="ch-system-procps kill">
+            <primary sortas="b-kill">kill</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="pgrep">
-<term><command>pgrep</command></term>
-<listitem>
-<para>Looks up processes based on their name and other attributes</para>
-<indexterm zone="ch-system-procps pgrep"><primary sortas="b-pgrep">pgrep</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="pgrep">
+        <term><command>pgrep</command></term>
+        <listitem>
+          <para>Looks up processes based on their name and other attributes</para>
+          <indexterm zone="ch-system-procps pgrep">
+            <primary sortas="b-pgrep">pgrep</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="pkill">
-<term><command>pkill</command></term>
-<listitem>
-<para>Signals processes based on their name and other attributes</para>
-<indexterm zone="ch-system-procps pkill"><primary sortas="b-pkill">pkill</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="pkill">
+        <term><command>pkill</command></term>
+        <listitem>
+          <para>Signals processes based on their name and other attributes</para>
+          <indexterm zone="ch-system-procps pkill">
+            <primary sortas="b-pkill">pkill</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="pmap">
-<term><command>pmap</command></term>
-<listitem>
-<para>Reports the memory map of the given process</para>
-<indexterm zone="ch-system-procps pmap"><primary sortas="b-pmap">pmap</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="pmap">
+        <term><command>pmap</command></term>
+        <listitem>
+          <para>Reports the memory map of the given process</para>
+          <indexterm zone="ch-system-procps pmap">
+            <primary sortas="b-pmap">pmap</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="ps">
-<term><command>ps</command></term>
-<listitem>
-<para>Lists the current running processes</para>
-<indexterm zone="ch-system-procps ps"><primary sortas="b-ps">ps</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="ps">
+        <term><command>ps</command></term>
+        <listitem>
+          <para>Lists the current running processes</para>
+          <indexterm zone="ch-system-procps ps">
+            <primary sortas="b-ps">ps</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="skill">
-<term><command>skill</command></term>
-<listitem>
-<para>Sends signals to processes matching the given criteria</para>
-<indexterm zone="ch-system-procps skill"><primary sortas="b-skill">skill</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="skill">
+        <term><command>skill</command></term>
+        <listitem>
+          <para>Sends signals to processes matching the given criteria</para>
+          <indexterm zone="ch-system-procps skill">
+            <primary sortas="b-skill">skill</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="snice">
-<term><command>snice</command></term>
-<listitem>
-<para>Changes the scheduling priority of processes matching the given criteria</para>
-<indexterm zone="ch-system-procps snice"><primary sortas="b-snice">snice</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="slabtop">
+        <term><command>slabtop</command></term>
+        <listitem>
+          <para>Displays detailed kernel slap cache information in real time</para>
+          <indexterm zone="ch-system-procps slabtop">
+            <primary sortas="b-slabtop">slabtop</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="sysctl">
-<term><command>sysctl</command></term>
-<listitem>
-<para>Modifies kernel parameters at run time</para>
-<indexterm zone="ch-system-procps sysctl"><primary sortas="b-sysctl">sysctl</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="snice">
+        <term><command>snice</command></term>
+        <listitem>
+          <para>Changes the scheduling priority of processes matching the given
+          criteria</para>
+          <indexterm zone="ch-system-procps snice">
+            <primary sortas="b-snice">snice</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="tload">
-<term><command>tload</command></term>
-<listitem>
-<para>Prints a graph of the current system load average</para>
-<indexterm zone="ch-system-procps tload"><primary sortas="b-tload">tload</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="sysctl">
+        <term><command>sysctl</command></term>
+        <listitem>
+          <para>Modifies kernel parameters at run time</para>
+          <indexterm zone="ch-system-procps sysctl">
+            <primary sortas="b-sysctl">sysctl</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="top">
-<term><command>top</command></term>
-<listitem>
-<para>Displays the top CPU processes; it provides an ongoing look at
-processor activity in real time</para>
-<indexterm zone="ch-system-procps top"><primary sortas="b-top">top</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="tload">
+        <term><command>tload</command></term>
+        <listitem>
+          <para>Prints a graph of the current system load average</para>
+          <indexterm zone="ch-system-procps tload">
+            <primary sortas="b-tload">tload</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="uptime">
-<term><command>uptime</command></term>
-<listitem>
-<para>Reports how long the system has been running, how many users are
-logged on, and the system load averages</para>
-<indexterm zone="ch-system-procps uptime"><primary sortas="b-uptime">uptime</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="top">
+        <term><command>top</command></term>
+        <listitem>
+          <para>Displays a list of the most CPU intensive processes; it
+          provides an ongoing look at processor activity in real time</para>
+          <indexterm zone="ch-system-procps top">
+            <primary sortas="b-top">top</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="vmstat">
-<term><command>vmstat</command></term>
-<listitem>
-<para>Reports virtual memory statistics, giving information about
-processes, memory, paging, block Input/Output (IO), traps, and CPU activity</para>
-<indexterm zone="ch-system-procps vmstat"><primary sortas="b-vmstat">vmstat</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="uptime">
+        <term><command>uptime</command></term>
+        <listitem>
+          <para>Reports how long the system has been running, how many users are
+          logged on, and the system load averages</para>
+          <indexterm zone="ch-system-procps uptime">
+            <primary sortas="b-uptime">uptime</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="w">
-<term><command>w</command></term>
-<listitem>
-<para>Shows which users are currently logged on, where, and since when</para>
-<indexterm zone="ch-system-procps w"><primary sortas="b-w">w</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="vmstat">
+        <term><command>vmstat</command></term>
+        <listitem>
+          <para>Reports virtual memory statistics, giving information about
+          processes, memory, paging, block Input/Output (IO), traps, and CPU
+          activity</para>
+          <indexterm zone="ch-system-procps vmstat">
+            <primary sortas="b-vmstat">vmstat</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="watch">
-<term><command>watch</command></term>
-<listitem>
-<para>Runs a given command repeatedly, displaying the first screen-full of its
-output; this allows a user to watch the output change over time</para>
-<indexterm zone="ch-system-procps watch"><primary sortas="b-watch">watch</primary></indexterm>
-</listitem>
-</varlistentry>
+      <varlistentry id="w">
+        <term><command>w</command></term>
+        <listitem>
+          <para>Shows which users are currently logged on, where, and since
+          when</para>
+          <indexterm zone="ch-system-procps w">
+            <primary sortas="b-w">w</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-<varlistentry id="libproc">
-<term><filename class="libraryfile">libproc</filename></term>
-<listitem>
-<para>Contains the functions used by most programs in this package</para>
-<indexterm zone="ch-system-procps libproc"><primary sortas="c-libproc">libproc</primary></indexterm>
-</listitem>
-</varlistentry>
-</variablelist>
+      <varlistentry id="watch">
+        <term><command>watch</command></term>
+        <listitem>
+          <para>Runs a given command repeatedly, displaying the first
+          screen-full of its output; this allows a user to watch the output
+          change over time</para>
+          <indexterm zone="ch-system-procps watch">
+            <primary sortas="b-watch">watch</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
-</sect2>
+      <varlistentry id="libproc">
+        <term><filename class="libraryfile">libproc</filename></term>
+        <listitem>
+          <para>Contains the functions used by most programs in this
+          package</para>
+          <indexterm zone="ch-system-procps libproc">
+            <primary sortas="c-libproc">libproc</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
 
+    </variablelist>
+
+  </sect2>
+
 </sect1>
-

Modified: trunk/BOOK/chapter06/shadow.xml
===================================================================
--- trunk/BOOK/chapter06/shadow.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/chapter06/shadow.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -122,10 +122,56 @@
 
 <screen><userinput>make</userinput></screen>
 
+    <important>
+    <para>The <command>nologin</command> program in this package suffers from
+    the same issues as <command>true</command> and <command>false</command>
+    from Coreutils. An assembly language version of <command>nologin</command>
+    is less vulnerable to issues with the C library. <command>nologin</command>
+    should be used in place of <command>false</command> in <filename>/etc/passwd</filename>
+    when adding new accounts, such as accounts for network services. The
+    following commands will build an assembly language version of
+    <command>nologin</command> which will be installed with this package:</para>
+
+<screen><userinput>cat > src/nologin.S << "EOF"
+/* Public Domain - i386 nologin.S */
+.section .data
+message:
+   .ascii "This account is not available.\n"
+   len = . - message
+.section .text
+.globl _start
+_start:
+   movl $4, %eax
+   movl $len, %edx
+   movl $message, %ecx
+   movl $1, %ebx /* Use "$2" to write to stderr,
+			 "$1" for stdout */
+   int $0x80
+   movl $1, %eax
+   movl $1, %ebx
+   int $0x80
+EOF
+
+rm -v src/nologin
+gcc -nostdlib src/nologin.S -o src/nologin</userinput></screen>
+    </important>
+
     <para>This package does not come with a test suite.</para>
 
-    <para>Install the package:</para>
+    <important>
+    <para>If you do not want to install the <command>su</command> from this
+    package, such as if you will be using the <command>su</command> from
+    <xref linkend="ch-system-coreutils"/>, then run the following commands
+    to install without <command>su</command> from this package:</para>
 
+<screen><userinput>make DESTDIR=$(pwd)/DESTDIR install
+find DESTDIR/ -name su.1 -exec rm -v {} \;
+rm -v DESTDIR/bin/su
+cp -va DESTDIR/* /</userinput></screen>
+    </important>
+
+    <para>To install the whole package, including <command>su</command>:</para>
+
 <screen><userinput>make install</userinput></screen>
 
     <para>Move a misplaced program to its proper location:</para>

Modified: trunk/BOOK/chapter06/util-linux.xml
===================================================================
--- trunk/BOOK/chapter06/util-linux.xml	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/chapter06/util-linux.xml	2007-01-04 02:32:53 UTC (rev 958)
@@ -61,11 +61,6 @@
 
 <screen><userinput>patch -Np1 -i ../&util-linux-PIC-patch;</userinput></screen>
 
-    <para>This patch adds <command>/sbin/nologin</command>, which is a replacement for
-    <command>/bin/false</command>. It displays a polite reason for disallowing login:</para>
-
-<screen><userinput>patch -Np1 -i ../&util-linux-nologin-patch;</userinput></screen>
-
     <para>Util-linux fails to compile against newer versions of Linux kernel
     headers. The following patches properly fix the problems:</para>
 

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/general.ent	2007-01-04 02:32:53 UTC (rev 958)
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!ENTITY version "SVN-20061230">
-<!ENTITY releasedate "December 30th, 2006">
+<!ENTITY version "SVN-20070103">
+<!ENTITY releasedate "January 3rd, 2007">
 <!ENTITY milestone "1.1">
 
 <!ENTITY lfs-root "http://www.linuxfromscratch.org/">

Modified: trunk/BOOK/patches.ent
===================================================================
--- trunk/BOOK/patches.ent	2006-12-30 07:04:39 UTC (rev 957)
+++ trunk/BOOK/patches.ent	2007-01-04 02:32:53 UTC (rev 958)
@@ -38,10 +38,6 @@
 <!ENTITY bzip2-install_docs-patch-md5 "9e5dfbf4814b71ef986b872c9af84488">
 <!ENTITY bzip2-install_docs-patch-size "1.6 KB">
 
-<!ENTITY coreutils-suppress_uptime_kill_su-patch "coreutils-&coreutils-version;-suppress_uptime_kill_su-1.patch">
-<!ENTITY coreutils-suppress_uptime_kill_su-patch-md5 "835d62295b5278fd9fc4ee0766e068d4">
-<!ENTITY coreutils-suppress_uptime_kill_su-patch-size "16 KB">
-
 <!ENTITY coreutils-uname_PIC-patch "coreutils-&coreutils-version;-uname_PIC-1.patch">
 <!ENTITY coreutils-uname_PIC-patch-md5 "71bac5487a89cefcc0758f286b5200c4">
 <!ENTITY coreutils-uname_PIC-patch-size "8 KB">
@@ -186,10 +182,6 @@
 <!ENTITY util-linux-lseek-patch-md5 "5d6c86321c1ea74d7ed7cf57861da423">
 <!ENTITY util-linux-lseek-patch-size "12 KB">
 
-<!ENTITY util-linux-nologin-patch "util-linux-&util-linux-version;-nologin-1.patch">
-<!ENTITY util-linux-nologin-patch-md5 "ccf05ed25b1452ff86494d55eb7c234f">
-<!ENTITY util-linux-nologin-patch-size "7.7 KB">
-
 <!ENTITY util-linux-PIC-patch "util-linux-&util-linux-version;-PIC-1.patch">
 <!ENTITY util-linux-PIC-patch-md5 "c85469f9da411b1c64c2b7fe71565d66">
 <!ENTITY util-linux-PIC-patch-size "2 KB">




More information about the hlfs-book mailing list