Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 18 Aug 2015 21:49:03 -0400
From: "Anthony G. Basile" <basile@...nsource.dyc.edu>
To: musl@...ts.openwall.com
Subject: A full Gentoo desktop system built with musl

Hi everyone,

I want to announce to the list that I've built and will be maintaining 
three hardened, fully featured XFCE4 Gentoo desktop systems for amd64, 
each based on glibc, uClibc and musl respectively.     These are 
affectionately called Bluemoon (glibc), Lilblue (uClibc) and Bluedragon 
(musl) Gentoo Linux.  You can download them from the release site [1] 
where you'll find links to their home pages and how to install and 
maintain them.  Except for their libc and some minor details here and 
there, I've tried to make them as identical as possible.  They should 
not be thought of as embedded in that they do not use busybox to provide 
the system utilities.  Rather they employ all the usual packages you'd 
find on any regular Linux desktop.  The are also "hardened" meaning that 
they are built with our gcc specs which turn on ssp, pie, relro, bind 
now and stack check by default, and they use a PaX/Grsecurity patched 
kernel with all practical security features turned on.

In addition to the release tarballs, I'm also providing about 5000 extra 
packages.  Gentoo is a "from source" distribution and you can always try 
to build packages from source on your local system, but Gentoo also 
provides the possibility of using pre-compiled packages made available 
from a binary package host (BINHOST).  The package set for each system 
is at links [2], [3] and [4].  Also, these systems can be maintained 
like any other Gentoo system using portage and emerge, but I've also 
written a new release engineering tool that allows the end user to 
easily maintain each by tracking a "reference" system defined upstream. 
  You can read about the "Gentoo Reference System" suite at link [5]. 
Its a long document so you may want to read just the Intro and Quickstart.

The main reasons for building these systems was to 1) facilitate 
comparisons between the three libc's and 2) to push the limits of each 
to see what breaks, and then fix either the packages or the libc itself. 
  To this end, the GRS suite also acts like a poor-man's tinderbox and 
provides build logs for packages which have failed.  These can be seen 
at links [6], [7] and [8].  Nonetheless, the systems are "useful".  The 
release tarballs come with abiword, gnumeric, the gimp, eog, hexchat, 
mplayer and smplayer, midori web browser, claws-mail, and there are many 
more packages on the BINHOST.   The glibc and uClibc are polished and 
work pretty much bug free.  You'd expect that since the entire Gentoo 
community works with Gentoo+glibc, and I've been working at 
Gentoo+uClibc for a while fixing things.  However the musl desktop is 
the newest addition and it does have some issues.  In particular, the 
charset is messed up and I have yet to clean that up for the next 
release.   For reasons I don't understand yet I'm getting Japanese 
characters sometimes.

Contribute if you can.  You can open bugs on http://bugs.gentoo.org. 
Mention that you're working with musl and not glibc and ask that the bug 
be assigned to <blueness@...too.org>.


[1] http://releases.freeharbor.net/
[2] http://bluemoon.freeharbor.net
[3] http://lilblue.freeharbor.net
[4] http://bluedragon.freeharbor.net
[5] https://wiki.gentoo.org/wiki/Project:RelEng_GRS
[6] http://bluemoon-tinderbox.freeharbor.net
[7] http://lilblue-tinderbox.freeharbor.net
[8] http://bluedragon-tinderbox.freeharbor.net


-- 
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.