libcap

Robert Connolly robert at linuxfromscratch.org
Tue Feb 19 17:54:09 PST 2008


On Tuesday February 19 2008 11:26:08 am Jaap Struyk wrote:
> Robert Connolly schreef:
> > Coreutils supports attr without patches, but file capabilities depends on
> > Linux drivers marked as "experimental".
>
> So would pax if it was in vanilla kernel, sounds like a great plan,
> maybe at the end of the book and some setup to get rid of suid bins?
> I find it also a pity that additional software isn't in the hlfs book
> any more (like openntpd in the past was) maybe it's a plan to write an
> additional chapter containing specific hardened software/tricks/configs?

I don't know how to handle this yet. There are a lot of choices for dealing 
with bhlfs.

#1
One idea is to split chapter 6 into 'toolchain', 'system utilities and 
libraries' (coreutils, openssl), 'development' (make, perl), 'daemons and 
services' (sysklogd, shadow). The book is close to this now. This way 
everything has its place.

#2
Or add a new chapter for blfs packages. We did this before. I didn't update 
the packages often, because at the end of the book I forgot about them. It 
was eventually deleted.

Both of the above ideas have the problem of duplicating the blfs pages. It's 
inefficient.

#3
Or, use the blfs wiki. This idea has a lot of potential and is very flexable 
for everyone. There is one flaw, users have to follow the wiki link for every 
package. This can also be combined with #1.

#4
Ask blfs for bhlfs links, under their wiki url link on their package pages, to 
a bhlfs wiki. So hlfs users jump to the blfs book like normal, and they just 
need to keep an eye out for a second wiki link. This is also inefficient, but 
less inefficient than copying blfs pages.

And then there's the issue of how hlfs copies lfs pages. A solution to the 
libcap page might want to consider this too. The differences between h{,b}lfs 
and {,}blfs might be 10%, and is not expected to get significantly greater.

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20080219/8c0c04c8/attachment.sig>


More information about the hlfs-dev mailing list