Robert Connolly cendres at
Wed Mar 10 06:56:33 PST 2004

On March 10, 2004 09:15 am, LuCKy wrote:
> I'm trying to patch coreutils with selinux but what's this version 5.0.39
> of coreutils that seems to be required by the patch ?
> I wasn't able to find it browsing the GNU ftp ..
This is based on redhat coreutils-5.0-39. The 39 is redhat's release number. 
Redhat added PAM support to coreutils su(), lfs uses su() from shadow. The 
NSA patched on top of redhat's PAM patches. To take advantage of selinux su 
we need pam support in coreutils. To get redhat's pam support in coreutils 
you need to install most of their patches. This is what gentoo does, and 
debian does pretty much the same. Their patches also require 
automake/autoconf, which we try to avoid. I think its best to strip their 
patches of anything we dont need, and re-sort them so they are smaller and 
dont need autoconf. I'm waiting for fedora or Russell Coker to make 
coreutils-5.2 patches because they will probably be cleaner then redhat's 
39th 5.0 release. Its not a fun job, will take many hours to do, and oddly 
enough could lead to keeping shadow's su.

If you want to use selinux coreutils on lfs without rewritting the patch then 
use most of the redhat patches in the srpm. Read the coreutils.specs file for 
more details, and try not to overwrite su with shadow.

More information about the hlfs-dev mailing list