Goals

Robert Connolly robert at linuxfromscratch.org
Fri Mar 7 16:48:12 PST 2008


My todo list, in no particular order:

Add notes to packages about the P_tmpdir macro, or whatever it is named, and 
where it points to (/var/tmp or /tmp). Also grep for file opening 
permissions. These two things can almost be automated. A couple commands 
could identify functions, like mktemp, open/O_CREAT in any package. 
Identifying and modifying them is usually trivial, so it should also work in 
blfs. Make man pages match any modifications. Document any particular 
abnormalities in how files are handled. Splint might do this better.

Fix tar's extraction permissions so restoring uid/gid and mode permissions is 
not the default for root. The current behavior is practically useless.

FIPS test erandom, frandom, arc4random, maybe urandom too. Add tests to 
arc4random patched packages, like Bash's; resubmit.

Strace/gdb (from /tools) programs to verify where entropy is coming from, for 
arc4random, ssp, etc. This can be performed on installed programs. Find more 
uses for strace and gdb.

Patch Gawk for arc4random (see OpenBSD's source), for awk's random function. 
Looks straight forward. It behaves like Bash's rnd.

Modify Coreutils mktemp, shred, sort, and friends, to use arc4random instead 
of gettimeofday/getpid. Maybe forget random.c all together, and 
s/get_random/arc4random()/ in the rest of the source.

binutils ld/sha1.c, Coreutils sha1.c, etc, could use openssl.

Borrow the Diffutils, File, and Patch testsuite from openbsd/netbsd. The 
command options, and small details need modifications to work with gnu, but 
the tests are still good. Maybe submit it to maintainers after.

Valgrind tests for various packages. Check we're using libc's malloc, and not 
the one included in the package, due to ./configure errors. Devise other 
tests.

Install shared version of libiberty.

Fix Coreutils test suite (skipped tests). This is fixed in lfs-svn.

Add rbac rules to sysklogd.

Add libcap to sysklogd, inetutils, and maybe shadow.

None of these todo's are new features, they're all bugs. New things to add are 
infinite. lfs-dev is discussing changing to something other than xml, so the 
books can be integrated. I want to see what happens there before adding stuff 
like ntpd.

I feel like things are getting done, but in no particular order or direction.

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20080307/a22363b1/attachment.sig>


More information about the hlfs-dev mailing list