Host system requirements
robert at linuxfromscratch.org
Tue Jun 3 19:27:27 PDT 2008
To use Libcap2/fcaps we need linux-2.6.24 with the capabilities module loaded,
and ext2/ext3/reiserfs filesystem, on the host system... if the /bin/passwd
program is using capabilities, then the host needs linux-2.6.24 capabilities
or we can't set the root password before rebooting. To use grsec rbac we need
a grsec kernel... to set grsec rbac rules as packages are installed.
I would like to keep hlfs designed to be hardened on the first boot, and not
designed to be set up with grsec rules after first boot.
This will screw using knoppix or the lfs-livecd as a host system, while having
the side effect of forcing new users to have some advance knowledge of what
they're getting into and how to set it up. The main disadvantage is that I
don't know of any live-cd that meets these requirements, so installing on a
brand new system would be impossible.
It's a catch22. Ideally you should trust the host system, and you can only
really do that with an LFS host system. On the other hand, it's unfair to
expect everyone with a brand new system to install LFS before HLFS.
Without distributing an hlfs-live-cd I don't see a way around this. Even if we
find workarounds for these two issues (someone-elses livecd), it wouldn't
account for future issues of the same nature.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: not available
More information about the hlfs-dev