many questions

Marc Müller marc.icq at gmx.de
Tue Jul 20 04:42:32 PDT 2004


I have successfully built the HLFS system, the only thing I have changed
was the binutils package (binutils-2.15.91.0.1). I have also checked
http://pax.grsecurity.net/ for the newest binutils patch.

1.) PaX: Everything went fine, but when I try to enable
CONFIG_PAX_NOELFRELOCS in the kernel, some binaries don't work. gzip for
example. "readelf -d /bin/gzip | grep TEXTREL" showed that is wasn't
completely position independent. I have recompiled the whole package and
added something like "-fPIE" to the CFLAGS in the Makefile and "--pic-
executable" to the linker, but there was still the same problem. gzip
still had the TEXTREL in its binary.
So I have written a little script (textrel) and tested the most
important paths. gzip was not the only binary. I have attached the log
file (textrel.log)
What can I do to make them position independent?

2.) audio-entropyd: I have two computers running the audio-entropyd. How
often should the daemon make a new entropy credit? One computer updates
every 2 minutes... the other one doesn't seem to update at all!

3.) selinux: I have read in the wiki that selinux support is planned for
HLFS... Is that true?

4.) pam-files: Perhaps it would be better if we create a /etc/pam.d/
system-auth and include it in the other files with the pam_stack.so
service=system-auth. It makes the pam-files more compatible with other
linux distributions...

5.) chkrootkit: (http://www.chkrootkit.org/) The chkrootkit script
detects an infected netstat program... Some programs, like asterisk,
also hide some of their threads... they are not shown with ps ax and
they are also not listed in the /proc directory (cd /proc && ls -l)... I
haven't had these problems with my prior installation, it is, of course,
no trojan or a worm, the computer was not connected to the internet...
Can that come from some specific things from the hlfs installation?

Sorry for the many questions...

greetings
Marc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: textrel
Type: application/x-shellscript
Size: 346 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040720/8eff94b2/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: textrel.log
Type: text/x-log
Size: 261 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040720/8eff94b2/attachment-0001.bin>


More information about the hlfs-dev mailing list