r126 - in trunk: BOOK text text/chapter01 text/chapter03 text/chapter05 text/chapter06 text/chapter06/10-libc text/chapter09

robert at linuxfromscratch.org robert at linuxfromscratch.org
Wed Jan 26 11:55:26 PST 2005


Author: robert
Date: 2005-01-26 12:55:25 -0700 (Wed, 26 Jan 2005)
New Revision: 126

Added:
   trunk/text/chapter06/54-util-linux.txt
   trunk/text/chapter06/55-libol.txt
   trunk/text/chapter06/56-syslog-ng.txt
   trunk/text/chapter06/57-sysvinit.txt
   trunk/text/chapter06/58-tar.txt
   trunk/text/chapter06/59-udev.txt
Removed:
   trunk/text/chapter06/54-libol.txt
   trunk/text/chapter06/55-syslog-ng.txt
   trunk/text/chapter06/56-sysvinit.txt
   trunk/text/chapter06/57-tar.txt
   trunk/text/chapter06/58-udev.txt
   trunk/text/chapter06/59-util-linux.txt
Modified:
   trunk/BOOK/general.ent
   trunk/text/README.txt
   trunk/text/chapter01/changelog.txt
   trunk/text/chapter03/patches.txt
   trunk/text/chapter05/07-adjusting.txt
   trunk/text/chapter05/33-stripping.txt
   trunk/text/chapter06/10-libc/10-glibc.txt
   trunk/text/chapter06/10-libc/10-uclibc.txt
   trunk/text/chapter06/11-adjusting.txt
   trunk/text/chapter06/12-binutils.txt
   trunk/text/chapter06/13-gcc.txt
   trunk/text/chapter06/14-coreutils.txt
   trunk/text/chapter06/15-zlib.txt
   trunk/text/chapter06/20-ncurses.txt
   trunk/text/chapter06/21-readline.txt
   trunk/text/chapter06/24-bison.txt
   trunk/text/chapter06/28-flex.txt
   trunk/text/chapter06/29-gettext.txt
   trunk/text/chapter06/32-perl.txt
   trunk/text/chapter06/37-file.txt
   trunk/text/chapter06/38-libtool.txt
   trunk/text/chapter06/39-bzip2.txt
   trunk/text/chapter06/42-e2fsprogs.txt
   trunk/text/chapter06/49-module-init-tools.txt
   trunk/text/chapter06/53-shadow.txt
   trunk/text/chapter06/60-stripping.txt
   trunk/text/chapter09/03-openntpd.txt
Log:
Removed most static libs from chapter 6. Added nologin patch to util-linux.

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/BOOK/general.ent	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!ENTITY version "SVN-20050122">
-<!ENTITY releasedate "January 22nd, 2005">
+<!ENTITY version "SVN-20050126">
+<!ENTITY releasedate "January 26th, 2005">
 <!ENTITY milestone "0.2">
 
 <!ENTITY lfs-root "http://www.linuxfromscratch.org/">

Modified: trunk/text/README.txt
===================================================================
--- trunk/text/README.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/README.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -34,6 +34,11 @@
 are suitable. Coreutils' uname(1), because of non-pic assembly code, and Grub
 are also exceptions to -pie/relro/now.
 
+The pages after autoconf in chapter 6 are no longer alphabetical. Syslog-ng
+now depends on util-linux for /sbin/nologin.
+
+Syslog-ng is using privilege seperation now. Logs are owned by user 'syslog'.
+
 If you plan to use Iptables with Grsecurity go to:
 http://www.grsecurity.net/download.php
 and use the Iptables patch.

Modified: trunk/text/chapter01/changelog.txt
===================================================================
--- trunk/text/chapter01/changelog.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter01/changelog.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -24,3 +24,9 @@
 Replaced syslog-ng with sysklogd from lfs-5.1.1; with patches for root priv
 drop. Revert to syslog-ng, it has priv sep too.
 
+January 26rd, 2005 [Robert]
+Took most of the static libs out of chapter 6. Added /sbin/nologin patch to
+util-linux. Moved util-linux before libol in chapter 6, so syslog-ng can use
+/sbin/nologin for a shell. Added patches for coreutils and module-init-utils
+so they can build without static libs.
+

Modified: trunk/text/chapter03/patches.txt
===================================================================
--- trunk/text/chapter03/patches.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter03/patches.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -3,7 +3,7 @@
 http://www.linuxfromscratch.org/patches/downloads/hlfs/binutils-2.15.94.0.2-pt_pax-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/binutils-2.15.94.0.2-uClibc_conf-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/blfs-bootscripts-hlfs-2.patch
-http://www.linuxfromscratch.org/patches/downloads/hlfs/coreutils-5.2.1-static_uname-1.patch
+http://www.linuxfromscratch.org/patches/downloads/hlfs/coreutils-5.2.1-nopie_uname-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/coreutils-5.2.1-suppress_uptime_kill_su-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/coreutils-5.2.1-uname-2.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/expect-5.42.1-spawn-1.patch
@@ -29,6 +29,7 @@
 http://www.grsecurity.net/linux-2.6.10-secfix-200501071130.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/linux-libc-headers-2.6-frandom-2.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/mktemp-1.5-add_tempfile-1.patch
+http://www.linuxfromscratch.org/patches/downloads/hlfs/module-init-tools-3.1-nostatic-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/perl-5.8.6-libc-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/perl-5.8.6-uClibc-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/readline-5.0-fixes-1.patch
@@ -37,5 +38,6 @@
 http://www.linuxfromscratch.org/patches/downloads/hlfs/uClibc-0.9.27-ssp-2.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/util-linux-2.12p-fPIC-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/util-linux-2.12p-cramfs-1.patch
+http://www.linuxfromscratch.org/patches/downloads/hlfs/util-linux-2.12p-nologin-1.patch
 http://www.linuxfromscratch.org/patches/downloads/hlfs/vim-6.3-security_fix-1.patch
 

Modified: trunk/text/chapter05/07-adjusting.txt
===================================================================
--- trunk/text/chapter05/07-adjusting.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter05/07-adjusting.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -2,7 +2,8 @@
 
 # Go back in the binutils-build directory.
 
-make -C ld install
+install ld/ld-new /tools/bin/${target}-ld &&
+ln -f /tools/bin/${target}-ld /tools/${target}/bin/ld
 
 # The normal link test we do here won't work because our ${target}-gcc is
 # only building with static linking. We can do this test later in this

Modified: trunk/text/chapter05/33-stripping.txt
===================================================================
--- trunk/text/chapter05/33-stripping.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter05/33-stripping.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,8 +1,8 @@
 - Chapter 5 - Stripping
 
-# Using --strip-unneeded may break some programs with uClibc.
-
-find /tools/{sbin,bin,lib} -type f \
-   -exec /tools/bin/strip --strip-debug '{}' ';' &&
+find /tools/lib -type f \
+        -exec /tools/bin/strip --strip-debug '{}' ';' &&
+find /tools/{bin,sbin,libexec} -type f \
+        -exec /tools/bin/strip --strip-all '{}' ';' &&
 rm -rf /tools/{,share/}{doc,info,man}
 

Modified: trunk/text/chapter06/10-libc/10-glibc.txt
===================================================================
--- trunk/text/chapter06/10-libc/10-glibc.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/10-libc/10-glibc.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -42,6 +42,15 @@
 touch /etc/ld.so.conf &&
 make install
 
+# Remove the static libs. GCC seems to need libc_nonshared.a to compile.
+# libpthread_nonshared.a it needed to be able to reinstall Glibc in the
+# future. libc.a is needed for GCC's test suite, and can be removed later.
+
+rm /usr/lib/{libBrokenLocale,libanl,libbsd-compat}.a &&
+rm /usr/lib/{libcrypt,libdl,libg,libieee}.a &&
+rm /usr/lib/{libm,libmcheck,libnsl,libpthread,libresolv}.a &&
+rm /usr/lib/{librt,libutil,librpcsvc}.a
+
 # To install all the locales use "make localedata/install-locales". To install
 # just what the GCC tests need use the following commands.
 
@@ -90,7 +99,7 @@
 # Create /etc/localtime. Substitute the zoneinfo path for your location.
 
 cp --remove-destination /usr/share/zoneinfo/Canada/Eastern \
-    /etc/localtime
+	/etc/localtime
 
 # And finally create a dynamic loader configuration file.
 

Modified: trunk/text/chapter06/10-libc/10-uclibc.txt
===================================================================
--- trunk/text/chapter06/10-libc/10-uclibc.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/10-libc/10-uclibc.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -53,6 +53,16 @@
 make install &&
 make -C utils install
 
+# Then remove the static libs. Save libc.a for GCC's tests.
+
+rm /usr/lib/{libcrypt,libdl,libm,libnsl,libpthread}.a &&
+rm /usr/lib/{libresolv,librt,libutil}.a
+
+# And these symlinks.
+
+rm /usr/lib/{libc_pic,libcrypt_pic,libdl_pic,libm_pic,libnsl_pic}.a &&
+rm /usr/lib/{libpthread_pic,libresolv_pic,librt_pic,libutil_pic}.a
+
 # Then install /etc/ld.so.conf.
 
 cat > ld.so.conf.new << "EOF"

Modified: trunk/text/chapter06/11-adjusting.txt
===================================================================
--- trunk/text/chapter06/11-adjusting.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/11-adjusting.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -2,7 +2,7 @@
 
 # Change into the binutils-build directory.
 
-make -C ld INSTALL=/tools/bin/install install
+install ld/ld-new /tools/bin/ld
 
 # Adjust GCC's linking spec.
 

Modified: trunk/text/chapter06/12-binutils.txt
===================================================================
--- trunk/text/chapter06/12-binutils.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/12-binutils.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -11,7 +11,7 @@
 cd ../binutils-build &&
 ../binutils-2.15.94.0.2/configure --prefix=/usr \
 	--host=${target} --build=${target} --target=${target} \
-	--enable-shared ${disable_nls} &&
+	--enable-shared --disable-static ${disable_nls} &&
 make tooldir=/usr
 
 # Run the test suite if you like.
@@ -35,5 +35,9 @@
 make tooldir=/usr install &&
 install -m644 ../binutils-2.15.94.0.2/include/libiberty.h /usr/include
 
+# Remove a static lib installed by Binutils.
+
+rm /usr/lib/libiberty.a
+
 # This is the final install of Binutils, this source can be removed.
 

Modified: trunk/text/chapter06/13-gcc.txt
===================================================================
--- trunk/text/chapter06/13-gcc.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/13-gcc.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -53,3 +53,12 @@
 
 /tools/bin/hardened-specs.sh
 
+# Remove the static libs installed by GCC.
+
+rm /usr/lib/{libsupc++,libstdc++,libstdc++_pic}.a &&
+rm /usr/lib/gcc/${target}/3.4.3/libgcov.a
+
+# libc.a can be removed now too.
+
+rm /usr/lib/libc.a
+

Modified: trunk/text/chapter06/14-coreutils.txt
===================================================================
--- trunk/text/chapter06/14-coreutils.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/14-coreutils.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -7,7 +7,7 @@
 # mind that uname is static in case you upgrade libc in the future.
 
 patch -Np1 -i ../coreutils-5.2.1-uname-2.patch &&
-patch -Np1 -i ../coreutils-5.2.1-static_uname-1.patch &&
+patch -Np1 -i ../coreutils-5.2.1-nopie_uname-1.patch &&
 patch -Np1 -i ../coreutils-5.2.1-suppress_uptime_kill_su-1.patch
 
 # Configure and make Coreutils.

Modified: trunk/text/chapter06/15-zlib.txt
===================================================================
--- trunk/text/chapter06/15-zlib.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/15-zlib.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,13 +1,10 @@
 - Chapter 6 - Installing Zlib 1.2.2
 
+# Only install the shared lib.
+
 ./configure --prefix=/usr --shared --libdir=/lib &&
 make &&
 make install &&
 rm /lib/libz.so &&
-ln -sf ../../lib/libz.so.1.2.2 /usr/lib/libz.so &&
-make clean &&
-./configure --prefix=/usr &&
-make &&
-make install &&
-chmod 644 /usr/lib/libz.a
+ln -sf ../../lib/libz.so.1.2.2 /usr/lib/libz.so
 

Modified: trunk/text/chapter06/20-ncurses.txt
===================================================================
--- trunk/text/chapter06/20-ncurses.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/20-ncurses.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,12 +1,15 @@
 - Chapter 6 - Installing Ncurses 5.4
 
 ./configure --prefix=/usr --with-shared --without-debug \
-	${disable_nls} &&
+	--without-normal ${disable_nls} &&
 make &&
 make install &&
 chmod 755 /usr/lib/*.5.4 &&
-chmod 644 /usr/lib/libncurses++.a &&
 mv /usr/lib/libncurses.so.5* /lib &&
 ln -sf ../../lib/libncurses.so.5 /usr/lib/libncurses.so &&
 ln -sf libncurses.so /usr/lib/libcurses.so
 
+# Then remove the static libs.
+
+rm /usr/lib/libncurses++.a
+

Modified: trunk/text/chapter06/21-readline.txt
===================================================================
--- trunk/text/chapter06/21-readline.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/21-readline.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,11 +1,11 @@
 - Chapter 6 - Installing Readline 5.0
 
 patch -Np1 -i ../readline-5.0-fixes-1.patch &&
-./configure --prefix=/usr --libdir=/lib &&
+./configure --prefix=/usr --libdir=/lib \
+	--disable-static &&
 make SHLIB_XLDFLAGS=-lncurses &&
 make install &&
 chmod 755 /lib/lib{readline,history}.so* &&
-mv /lib/lib{readline,history}.a /usr/lib &&
 rm /lib/lib{readline,history}.so &&
 ln -sf ../../lib/libreadline.so.5 /usr/lib/libreadline.so &&
 ln -sf ../../lib/libhistory.so.5 /usr/lib/libhistory.so

Modified: trunk/text/chapter06/24-bison.txt
===================================================================
--- trunk/text/chapter06/24-bison.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/24-bison.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -11,3 +11,7 @@
 
 make install
 
+# Then remove the static lib.
+
+rm /usr/lib/liby.a
+

Modified: trunk/text/chapter06/28-flex.txt
===================================================================
--- trunk/text/chapter06/28-flex.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/28-flex.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -9,7 +9,8 @@
 
 make check
 
-# Then install Flex.
+# Then install Flex. Some programs, like Syslog-ng, need the static versions
+# of libflex.
 
 make install &&
 ln -s libfl.a /usr/lib/libl.a

Modified: trunk/text/chapter06/29-gettext.txt
===================================================================
--- trunk/text/chapter06/29-gettext.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/29-gettext.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -2,7 +2,8 @@
 
 # Remember for uClibc or disable-nls this package can be skipped.
 
-./configure --prefix=/usr ${disable_nls} &&
+./configure --prefix=/usr ${disable_nls} \
+	--disable-static &&
 make
 
 # Run the tests if you want.

Modified: trunk/text/chapter06/32-perl.txt
===================================================================
--- trunk/text/chapter06/32-perl.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/32-perl.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -4,9 +4,11 @@
 
 patch -Np1 -i ../perl-5.8.6-uClibc-1.patch
 
-# Configure and make Perl with these commands.
+# Configure and make Perl. The -Duseshrplib tells Perl to make libperl.so
+# instead of libperl.a.
 
-./configure.gnu --prefix=/usr -Dpager="/bin/less -isR" &&
+./configure.gnu --prefix=/usr -Dpager="/bin/less -isR" \
+	-Duseshrplib &&
 make
 
 # /etc/hosts is needed for the test suite. Run this even if you do

Modified: trunk/text/chapter06/37-file.txt
===================================================================
--- trunk/text/chapter06/37-file.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/37-file.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,6 +1,7 @@
 - Chapter 6 - Installing File 4.12
 
-./configure --prefix=/usr ${disable_nls} &&
+./configure --prefix=/usr ${disable_nls} \
+	--disable-static &&
 make &&
 make install
 

Modified: trunk/text/chapter06/38-libtool.txt
===================================================================
--- trunk/text/chapter06/38-libtool.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/38-libtool.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,6 +1,7 @@
 - Chapter 6 - Installing Libtool 1.5.10
 
-./configure --prefix=/usr ${disable_nls} &&
+./configure --prefix=/usr ${disable_nls} \
+	--disable-static &&
 make
 
 # Run the test suite if you like. All tests should pass.

Modified: trunk/text/chapter06/39-bzip2.txt
===================================================================
--- trunk/text/chapter06/39-bzip2.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/39-bzip2.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -11,3 +11,7 @@
 ln -s bzip2 /bin/bunzip2 &&
 ln -s bzip2 /bin/bzcat
 
+# Remove the static lib.
+
+rm /usr/lib/libbz2.a
+

Modified: trunk/text/chapter06/42-e2fsprogs.txt
===================================================================
--- trunk/text/chapter06/42-e2fsprogs.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/42-e2fsprogs.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -7,7 +7,8 @@
 cd build &&
 ../configure --prefix=/usr --with-root-prefix="" \
 	--enable-elf-shlibs --disable-evms \
-	--with-gnu-ld ${disable_nls} &&
+	--with-gnu-ld ${disable_nls} \
+	--enable-dynamic-e2fsck &&
 make
 
 # Run the test suite if you like. All the tests should pass.
@@ -19,3 +20,7 @@
 make install &&
 make install-libs
 
+# Then remove the static libs.
+
+rm /usr/lib/{libcom_err,libss,libe2p,libext2fs,libuuid,libblkid}.a
+

Modified: trunk/text/chapter06/49-module-init-tools.txt
===================================================================
--- trunk/text/chapter06/49-module-init-tools.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/49-module-init-tools.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,5 +1,6 @@
 - Chapter 6 - Module-Init-Tools 3.1
 
+patch -Np1 -i ../module-init-tools-3.1-nostatic-1.patch &&
 ./configure --prefix="" --enable-zlib ${disable_nls} &&
 make DOCBOOKTOMAN=""
 

Modified: trunk/text/chapter06/53-shadow.txt
===================================================================
--- trunk/text/chapter06/53-shadow.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/53-shadow.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -6,7 +6,8 @@
 
 #
 
-./configure --libdir=/lib --enable-shared ${disable_nls} &&
+./configure --libdir=/lib --enable-shared \
+	--disable-static ${disable_nls} &&
 sed -i 's/groups$(EXEEXT) //' src/Makefile &&
 sed -i '/groups/d' man/Makefile &&
 make &&
@@ -17,7 +18,6 @@
 	< etc/login.defs.linux > etc/login.defs.new &&
 install -m644 etc/login.defs.new /etc/login.defs &&
 mv /usr/bin/passwd /bin &&
-mv /lib/libshadow.*a /usr/lib &&
 rm /lib/libshadow.so &&
 ln -sf ../../lib/libshadow.so.0 /usr/lib/libshadow.so &&
 install -d /etc/default

Deleted: trunk/text/chapter06/54-libol.txt
===================================================================
--- trunk/text/chapter06/54-libol.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/54-libol.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,6 +0,0 @@
-- Chapter 6 - Libol 0.3.14
-
-./configure --prefix=/usr &&
-make &&
-make install
-

Copied: trunk/text/chapter06/54-util-linux.txt (from rev 125, trunk/text/chapter06/59-util-linux.txt)
===================================================================
--- trunk/text/chapter06/59-util-linux.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/54-util-linux.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -0,0 +1,33 @@
+- Chapter 6 - Installing Util-linux 2.12p
+
+# First apply this patch. This is needed regardless whether you will
+# link Util-linux statically or not because our GCC compiles PIC by
+# default. Also reset the path to 'adjtime' and create the directory.
+
+patch -Np1 -i ../util-linux-2.12p-fPIC-1.patch &&
+sed -i 's at etc/adjtime at var/lib/hwclock/adjtime at g' hwclock/hwclock.c &&
+install -d /var/lib/hwclock
+
+# This patch fixes a problem util-linux has with newer libc-linux-headers.
+
+patch -Np1 -i ../util-linux-2.12p-cramfs-1.patch
+
+# This patch adds /sbin/nologin, which is a replacement for /bin/false. It
+# displays a polite reason for disallowing login.
+
+patch -Np1 -i ../util-linux-2.12p-nologin-1.patch
+
+# Configure make make util-linux.
+
+./configure &&
+make HAVE_KILL=yes HAVE_SLN=yes
+
+# Then install util-linux.
+
+make HAVE_KILL=yes HAVE_SLN=yes install
+
+# The /sbin/nologin program can read /etc/nologin.txt to display the message
+# in it. If this file does not exist it will use a hardcoded message instead.
+
+echo "This account is currently not available." > /etc/nologin.txt
+

Copied: trunk/text/chapter06/55-libol.txt (from rev 125, trunk/text/chapter06/54-libol.txt)
===================================================================
--- trunk/text/chapter06/54-libol.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/55-libol.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -0,0 +1,6 @@
+- Chapter 6 - Libol 0.3.14
+
+./configure --prefix=/usr --disable-static &&
+make &&
+make install
+

Deleted: trunk/text/chapter06/55-syslog-ng.txt
===================================================================
--- trunk/text/chapter06/55-syslog-ng.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/55-syslog-ng.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,109 +0,0 @@
-- Chapter 6 - Syslog-ng 1.6.5
-
-# We are using syslog-ng's privilege drop, so it will run as an unprivileged
-# user.
-
-groupadd syslog &&
-useradd -g syslog -s /bin/false -d /var/log -c 'Syslog daemon' syslog
-
-# Syslog-ng likes to have its own directory in /etc, but its only for one
-# file. This command will get rid of the syslog-ng sub-directory in /etc
-# so that we can just use /etc/syslog-ng.conf instead of
-# /etc/syslog-ng/syslog-ng.conf.
-
-sed -i 's|/syslog-ng||' configure
-
-# Then build and install Syslog-ng.
-
-./configure --prefix=/usr --sysconfdir=/etc &&
-make &&
-make install
-
-# The syslog user will need permission to write to the logs. They must be
-# created in advance.
-
-touch /var/log/{auth,cron,daemon,kern,lpr,mail,news,syslog}.log &&
-touch /var/log/{user,uucp,local,critical,alert,emergency,messages}.log &&
-chown syslog /var/log/{auth,cron,daemon,kern,lpr,mail,news,syslog}.log &&
-chown syslog /var/log/{user,uucp,local,critical,alert,emergency,messages}.log
-
-# Then create a config file for Syslog-ng. Please note some configurations
-# log everything to /dev/tty12. If you wish to do this then /var/log/dev
-# should be a 4-8KB tmpfs mount in /etc/fstab, tty12 should be added to
-# /etc/sysconfig/createfiles, and tty12 will need to be writtable by user
-# syslog. Logging emergancy messages to root's usertty will still work
-# without any special configuration.
-
-cat > syslog-ng.conf.new << "EOF"
-# Global options
-	options {
-	sync (0);
-	time_reopen (10);
-	log_fifo_size (1000);
-	long_hostnames(off);
-	use_dns (no);
-	use_fqdn (no);
-	create_dirs (no);
-	keep_hostname (yes);
-	};
-# Declare what syslog-ng be listening to
-	source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
-# Declare the filters
-# Filtering on the facility
-	filter f_auth { facility(auth, authpriv) and not level(debug); };
-	filter f_cron { facility(cron) and not level(debug, info, notice); };
-	filter f_daemon { facility(daemon) and not level(debug, info); };
-	filter f_kernel { facility(kern) and not level(debug); };
-	filter f_lpr { facility(lpr); };
-	filter f_mail { facility(mail) and not level(debug, info); };
-	filter f_news { facility(news); };
-	filter f_syslog { facility(syslog); };
-	filter f_user { facility(user) and not level(debug, info); };
-	filter f_uucp { facility(uucp); };
-	filter f_local { facility(local0,local1,local2,local3,local4,
-                                  local5,local6,local7); };
-# Filtering on the level
-	filter f_critical { level(crit); };
-	filter f_alert { level(alert); };
-	filter f_emergency { level(emerg); };
-# Creating a global filter for messages
-	filter f_messages { level(info..emerg); };
-# Declare the destination
-	destination auth { file("auth.log"); };
-	destination cron { file("cron.log"); };
-	destination daemon { file("daemon.log"); };
-	destination kernel { file("kern.log"); };
-	destination lpr { file("lpr.log"); };
-	destination mail { file("mail.log"); };
-	destination news { file("news.log"); };
-	destination syslog { file("syslog.log"); };
-	destination user { file("user.log"); };
-	destination uucp { file("uucp.log"); };
-	destination local { file("local.log"); };
-	destination critical { file("critical.log"); };
-	destination alert { file("alert.log"); };
-	destination emergency { usertty(*); file("emergency.log"); };
-	destination messages { file("messages.log"); };
-	destination console { usertty("root"); };
-# If a message comes in from source "foo", and matches filter "bar",
-# then send the message to destination "foobar"
-	log { source(src); filter(f_auth); destination(auth); };
-	log { source(src); filter(f_cron); destination(cron); };
-	log { source(src); filter(f_daemon); destination(daemon); };
-	log { source(src); filter(f_kernel); destination(kernel); };
-	log { source(src); filter(f_lpr); destination(lpr); };
-	log { source(src); filter(f_mail); destination(mail); };
-	log { source(src); filter(f_news); destination(news); };
-	log { source(src); filter(f_syslog); destination(syslog); };
-	log { source(src); filter(f_user); destination(user); };
-	log { source(src); filter(f_uucp); destination(uucp); };
-	log { source(src); filter(f_local); destination(local); };
-	log { source(src); filter(f_critical); destination(critical); };
-	log { source(src); filter(f_alert); destination(alert); };
-	log { source(src); filter(f_emergency); destination(emergency); };
-	log { source(src); filter(f_messages); destination(messages); };
-	log { source(src); filter(f_emergency); destination(console); };
-EOF
-
-install -m 644 syslog-ng.conf.new /etc/syslog-ng.conf
-

Copied: trunk/text/chapter06/56-syslog-ng.txt (from rev 125, trunk/text/chapter06/55-syslog-ng.txt)
===================================================================
--- trunk/text/chapter06/55-syslog-ng.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/56-syslog-ng.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -0,0 +1,114 @@
+- Chapter 6 - Syslog-ng 1.6.5
+
+# We are using syslog-ng's privilege drop, so it will run as an unprivileged
+# user.
+
+groupadd syslog &&
+useradd -g syslog -s /sbin/nologin -d /var/log -c 'Syslog daemon' syslog
+
+# Syslog-ng likes to have its own directory in /etc, but its only for one
+# file. This command will get rid of the syslog-ng sub-directory in /etc
+# so that we can just use /etc/syslog-ng.conf instead of
+# /etc/syslog-ng/syslog-ng.conf.
+
+sed 's|/syslog-ng||' -i configure
+
+# Make Syslog-ng use Libol's shared libs.
+
+sed -e 's/--static-libs/--libs/g' \
+	-e 's/--local-static-libs/--libs/g' -i configure
+
+# Then build and install Syslog-ng.
+
+./configure --prefix=/usr --sysconfdir=/etc &&
+make &&
+make install
+
+# The syslog user will need permission to write to the logs. They must be
+# created in advance.
+
+touch /var/log/{auth,cron,daemon,kern,lpr,mail,news,syslog}.log &&
+touch /var/log/{user,uucp,local,critical,alert,emergency,messages}.log &&
+chown syslog /var/log/{auth,cron,daemon,kern,lpr,mail,news,syslog}.log &&
+chown syslog /var/log/{user,uucp,local,critical,alert,emergency,messages}.log
+
+# Then create a config file for Syslog-ng. Please note some configurations
+# log everything to /dev/tty12. If you wish to do this then /var/log/dev
+# should be a 4-8KB tmpfs mount in /etc/fstab, tty12 should be added to
+# /etc/sysconfig/createfiles, and tty12 will need to be writtable by user
+# syslog. Logging emergancy messages to root's usertty will still work
+# without any special configuration.
+
+cat > syslog-ng.conf.new << "EOF"
+# Global options
+	options {
+	sync (0);
+	time_reopen (10);
+	log_fifo_size (1000);
+	long_hostnames(off);
+	use_dns (no);
+	use_fqdn (no);
+	create_dirs (no);
+	keep_hostname (yes);
+	};
+# Declare what syslog-ng be listening to
+	source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
+# Declare the filters
+# Filtering on the facility
+	filter f_auth { facility(auth, authpriv) and not level(debug); };
+	filter f_cron { facility(cron) and not level(debug, info, notice); };
+	filter f_daemon { facility(daemon) and not level(debug, info); };
+	filter f_kernel { facility(kern) and not level(debug); };
+	filter f_lpr { facility(lpr); };
+	filter f_mail { facility(mail) and not level(debug, info); };
+	filter f_news { facility(news); };
+	filter f_syslog { facility(syslog); };
+	filter f_user { facility(user) and not level(debug, info); };
+	filter f_uucp { facility(uucp); };
+	filter f_local { facility(local0,local1,local2,local3,local4,
+                                  local5,local6,local7); };
+# Filtering on the level
+	filter f_critical { level(crit); };
+	filter f_alert { level(alert); };
+	filter f_emergency { level(emerg); };
+# Creating a global filter for messages
+	filter f_messages { level(info..emerg); };
+# Declare the destination
+	destination auth { file("auth.log"); };
+	destination cron { file("cron.log"); };
+	destination daemon { file("daemon.log"); };
+	destination kernel { file("kern.log"); };
+	destination lpr { file("lpr.log"); };
+	destination mail { file("mail.log"); };
+	destination news { file("news.log"); };
+	destination syslog { file("syslog.log"); };
+	destination user { file("user.log"); };
+	destination uucp { file("uucp.log"); };
+	destination local { file("local.log"); };
+	destination critical { file("critical.log"); };
+	destination alert { file("alert.log"); };
+	destination emergency { usertty(*); file("emergency.log"); };
+	destination messages { file("messages.log"); };
+	destination console { usertty("root"); };
+# If a message comes in from source "foo", and matches filter "bar",
+# then send the message to destination "foobar"
+	log { source(src); filter(f_auth); destination(auth); };
+	log { source(src); filter(f_cron); destination(cron); };
+	log { source(src); filter(f_daemon); destination(daemon); };
+	log { source(src); filter(f_kernel); destination(kernel); };
+	log { source(src); filter(f_lpr); destination(lpr); };
+	log { source(src); filter(f_mail); destination(mail); };
+	log { source(src); filter(f_news); destination(news); };
+	log { source(src); filter(f_syslog); destination(syslog); };
+	log { source(src); filter(f_user); destination(user); };
+	log { source(src); filter(f_uucp); destination(uucp); };
+	log { source(src); filter(f_local); destination(local); };
+	log { source(src); filter(f_critical); destination(critical); };
+	log { source(src); filter(f_alert); destination(alert); };
+	log { source(src); filter(f_emergency); destination(emergency); };
+	log { source(src); filter(f_messages); destination(messages); };
+	log { source(src); filter(f_emergency); destination(console); };
+EOF
+
+install -m 644 syslog-ng.conf.new /etc/syslog-ng.conf
+

Deleted: trunk/text/chapter06/56-sysvinit.txt
===================================================================
--- trunk/text/chapter06/56-sysvinit.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/56-sysvinit.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,42 +0,0 @@
-- Chapter 6 - Installing Sysvinit 2.86
-
-sed -i 's at Sending processes@& started by init at g' \
-    src/init.c &&
-make -C src CC="gcc -pie -fPIE" &&
-make -C src install
-
-# Then create a configuration file.
-
-cat > inittab.new << "EOF"
-# Begin /etc/inittab
-
-id:3:initdefault:
-
-si::sysinit:/etc/rc.d/init.d/rc sysinit
-
-l0:0:wait:/etc/rc.d/init.d/rc 0
-l1:S1:wait:/etc/rc.d/init.d/rc 1
-l2:2:wait:/etc/rc.d/init.d/rc 2
-l3:3:wait:/etc/rc.d/init.d/rc 3
-l4:4:wait:/etc/rc.d/init.d/rc 4
-l5:5:wait:/etc/rc.d/init.d/rc 5
-l6:6:wait:/etc/rc.d/init.d/rc 6
-
-ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
-
-su:S016:once:/sbin/sulogin
-
-1:2345:respawn:/sbin/agetty -I '\033(K' tty1 9600
-2:2345:respawn:/sbin/agetty -I '\033(K' tty2 9600
-3:2345:respawn:/sbin/agetty -I '\033(K' tty3 9600
-4:2345:respawn:/sbin/agetty -I '\033(K' tty4 9600
-5:2345:respawn:/sbin/agetty -I '\033(K' tty5 9600
-6:2345:respawn:/sbin/agetty -I '\033(K' tty6 9600
-
-# End /etc/inittab
-EOF
-
-# Then install the configuration file.
-
-install -m644 inittab.new /etc/inittab
-

Copied: trunk/text/chapter06/57-sysvinit.txt (from rev 125, trunk/text/chapter06/56-sysvinit.txt)
===================================================================
--- trunk/text/chapter06/56-sysvinit.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/57-sysvinit.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -0,0 +1,48 @@
+- Chapter 6 - Installing Sysvinit 2.86
+
+# Tell Sysvinit to use libcrypt.so for sulogin.
+
+sed -e 's/libcrypt.a/libcrypt.so/' -i src/Makefile
+
+# Then build Sysvinit.
+
+sed -i 's at Sending processes@& started by init at g' \
+    src/init.c &&
+make -C src CC="gcc -pie -fPIE" &&
+make -C src install
+
+# Then create a configuration file.
+
+cat > inittab.new << "EOF"
+# Begin /etc/inittab
+
+id:3:initdefault:
+
+si::sysinit:/etc/rc.d/init.d/rc sysinit
+
+l0:0:wait:/etc/rc.d/init.d/rc 0
+l1:S1:wait:/etc/rc.d/init.d/rc 1
+l2:2:wait:/etc/rc.d/init.d/rc 2
+l3:3:wait:/etc/rc.d/init.d/rc 3
+l4:4:wait:/etc/rc.d/init.d/rc 4
+l5:5:wait:/etc/rc.d/init.d/rc 5
+l6:6:wait:/etc/rc.d/init.d/rc 6
+
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+su:S016:once:/sbin/sulogin
+
+1:2345:respawn:/sbin/agetty -I '\033(K' tty1 9600
+2:2345:respawn:/sbin/agetty -I '\033(K' tty2 9600
+3:2345:respawn:/sbin/agetty -I '\033(K' tty3 9600
+4:2345:respawn:/sbin/agetty -I '\033(K' tty4 9600
+5:2345:respawn:/sbin/agetty -I '\033(K' tty5 9600
+6:2345:respawn:/sbin/agetty -I '\033(K' tty6 9600
+
+# End /etc/inittab
+EOF
+
+# Then install the configuration file.
+
+install -m644 inittab.new /etc/inittab
+

Deleted: trunk/text/chapter06/57-tar.txt
===================================================================
--- trunk/text/chapter06/57-tar.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/57-tar.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,15 +0,0 @@
-- Chapter 6 - Installing Tar 1.15.1
-
-env CC="gcc -pie -fPIE" \
-./configure --prefix=/usr --bindir=/bin \
-	--libexecdir=/usr/sbin ${disable_nls} &&
-make
-
-# Run the test suite if you like.
-
-make check
-
-# Then install Tar.
-
-make install
-

Copied: trunk/text/chapter06/58-tar.txt (from rev 125, trunk/text/chapter06/57-tar.txt)

Deleted: trunk/text/chapter06/58-udev.txt
===================================================================
--- trunk/text/chapter06/58-udev.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/58-udev.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,17 +0,0 @@
-- Chapter 6 - Installing Udev 050
-
-# Build Udev.
-
-make udevdir=/dev
-
-# Then install Udev.
-
-make udevdir=/dev install &&
-install -m644 ../udev-config-2.permissions \
-	/etc/udev/permissions.d/25-lfs.permissions &&
-install -m644 ../udev-config-1.rules /etc/udev/rules.d/25-lfs.rules
-
-# Then start the program to set up /dev.
-
-/sbin/udevstart
-

Copied: trunk/text/chapter06/59-udev.txt (from rev 125, trunk/text/chapter06/58-udev.txt)

Deleted: trunk/text/chapter06/59-util-linux.txt
===================================================================
--- trunk/text/chapter06/59-util-linux.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/59-util-linux.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -1,23 +0,0 @@
-- Chapter 6 - Installing Util-linux 2.12p
-
-# First apply this patch. This is needed regardless whether you will
-# link Util-linux statically or not because our GCC compiles PIC by
-# default. Also reset the path to 'adjtime' and create the directory.
-
-patch -Np1 -i ../util-linux-2.12p-fPIC-1.patch &&
-sed -i 's at etc/adjtime at var/lib/hwclock/adjtime at g' hwclock/hwclock.c &&
-install -d /var/lib/hwclock
-
-# This patch fixes a problem util-linux has with newer libc-linux-headers.
-
-patch -Np1 -i ../util-linux-2.12p-cramfs-1.patch
-
-# Configure make make util-linux.
-
-./configure &&
-make HAVE_KILL=yes HAVE_SLN=yes
-
-# Then install util-linux.
-
-make HAVE_KILL=yes HAVE_SLN=yes install
-

Modified: trunk/text/chapter06/60-stripping.txt
===================================================================
--- trunk/text/chapter06/60-stripping.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter06/60-stripping.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -11,7 +11,8 @@
 	PATH=/bin:/usr/bin:/sbin:/usr/sbin \
 	/tools/bin/bash --login
 
-# Strip the libraries.
+# Strip the libraries. Remember, stripping unneeded or all from libraries
+# will destroy them.
 
 /tools/bin/find /{,usr}/lib -type f \
 	-exec /tools/bin/strip --strip-debug '{}' ';'

Modified: trunk/text/chapter09/03-openntpd.txt
===================================================================
--- trunk/text/chapter09/03-openntpd.txt	2005-01-24 12:03:21 UTC (rev 125)
+++ trunk/text/chapter09/03-openntpd.txt	2005-01-26 19:55:25 UTC (rev 126)
@@ -21,7 +21,7 @@
 
 install -o root -g sys -d /var/empty &&
 groupadd ntp &&
-useradd -g ntp -s /bin/false -d /var/empty -c 'OpenNTP daemon' ntp
+useradd -g ntp -s /sbin/nologin -d /var/empty -c 'OpenNTP daemon' ntp
 
 # Then configure and install OpenNTPD.
 




More information about the hlfs-dev mailing list