upcomming 0.2 release

Robert Connolly robert at linuxfromscratch.org
Sat Jan 8 11:45:32 PST 2005


On January 8, 2005 10:26 am, Archaic wrote:
> On Sat, Jan 08, 2005 at 08:22:33AM -0500, Robert Connolly wrote:
> > uClibc still has its advantages. You can install just want you need
> > with uClibc, where as with Glibc you need to install everything.
> > uClibc was made to be small while supporting almost everything. This
> > causes both advantages and disadvantages.
>
> But we should seriously considering weighing the goals of writing a book
> with the goals of producing super customized, highly individualized
> operating system.

I don't think anyone here wants it to get out of hand. We are trying to escape 
the bloat of distributions, not make another one. But, that said, the uClibc 
folks aren't providing a way to hardened their buildroot, they're leaving it 
up to someone else. Selinux doesn't maintain patches anymore, they are making 
distributors do it. To an extent I think this is the void we were trying to 
fill.

> > Until then I would like to add as much as we can.. selinux patches,
> > blowfish passwords, etc, optionally of course.
>
> At some point we have to solidify what the base will be so we can start
> actually making the system useful, i.e. server applications.

RBAC is another thing we have choices for. Since the kernel is already being 
patched with Grsec, its seems logical to use Grsec's rbac too. But Grsec's 
rbac can be applied to beyond-hlfs, while selinux needs to be patched into 
several core applications. Selinux is the one people will need the most help 
with. I would rather do this before services because it affects how services 
are installed.

To encourage people to join in and help I'm trying to do things that people 
request. The uClibc addition was a popular idea. There have been several 
requests for selinux in the passed year. If there are more urgent things to 
do I would like to know what they are and I'll try to do them next instead.

robert



More information about the hlfs-dev mailing list