Build Runlevel

Bruce Dubbs bruce.dubbs at gmail.com
Tue Jun 8 09:35:29 PDT 2010


Paul Rogers wrote:
> I don't recall the book saying anything about it, possibly runlevel
> 3 is so typical it has never come up, but as I mentioned a week ago
> or so, I think there would be an advantage to building LFS within
> runlevel 2--where there's no network running, no chance of some
> external attack on a vulnerable system midstream.  It's easier than
> "pulling the plug."  Last night I discovered the perl tests really
> don't like that!  Some want to ping localhost, etc.  I suppose it's
> legitimate to expect the host to provide a protected environment,
> but that newly minted LFS system really shouldn't be connected to
> a network until it's "armored-up".

I understand your concern, but "armored-up" is really not necessary.  In 
order to make any type of connection to the new system, a process must 
be listening to a port.  There are no such processes in lfs.  The ping 
of localhost is not technically a TCP/IP process.  It never goes "on the 
wire".

After boot, the telnet, ftp, and some other clients are available, but 
we specifically --disable-servers in inetutils.

   -- Bruce




More information about the lfs-support mailing list