Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 5 Jul 2015 10:28:42 +0200
From: bruno <br1.rdgz@...il.com>
To: John Spencer <maillist-musl@...fooze.de>
Cc: sabotage@...ts.openwall.com
Subject: Re: Introduction and some (little) problems (already
 solved :P )

On Mon, Jun 1, 2015 at 11:58 PM, John Spencer <maillist-musl@...fooze.de>
wrote:

> bruno wrote:
>
>> Hello!!
>>
>> My name is Bruno, and I got information about this distro thanks to
>> suckless.org... And I liked the idea, so I started installing it in a VM
>> (to check if I could do the same to bare metal). Yes, I know I could have
>> used an image, use the staged stuff or whatever... But the idea was
>> starting from scratch.
>>
>
> that's the right spirit.
>
>
BTW, I found everything simpler than an almost 10 years ago "gentoo install
from stage0", I don't know if it's because of what I've learnt this years
or because everything is getting easier :)


> ...
>> My second problem: the "butch install core" part didn't work, because of
>> libressl. The errors (sorry, I didn't keep the logs) were a bunch of
>> undefined references to stuff, like this
>>
>> undefined reference to `__stack_chk_fail_local'
>>
>
> interesting, i wasn't aware that this happens with current libressl on
> i386.
>
>
Mmm.. Just the day before you wrote your reply I install everything from
the last GIT revision of the scripts it doesn't happen anymore :)
I had some other problems when installing the last revision from scratch,
because of a comparison in a script. I'll check it again and try to fix it.


> ...
>> I also had a little problem with git installation, the LDFLAGS there
>> should
>> be set to:
>>
>> LDFLAGS="$optldflags -static-libgcc"
>>
>
> why ?


Again, right now it's working flawlessly, but by that time it failed during
the linking... I'm not totally sure why, I googled and found some people
having a similar problem. Probably it was not the best solution, but it
worked and I was impatient to have the core packages installed.

http://stackoverflow.com/questions/13187499/link-glibc-statically-but-some-other-library-dynamically-with-gcc


...
>
> sure, updated packages are always welcome (as long as they don't break
> other packages or pull in a mountain of new dependencies)
>
>
Good !!! I love the "simpler is better" approach, I hope I'm the right
place for that :)


>
>> Finally, the default kernel configuration is not that cool when it comes
>> about having a filesystem in ext4. It looks like a normal mkfs.ext4 sets
>> the option huge_files to the filesystem, and that needs the option "Enable
>> the block layer ---> Support for large (2TB+) block devices and files"
>> activated in the kernel. I read something about that here:
>>
>
> seems nobody used sabotage i386 (32bit) yet with huge harddisks
> (the kernel option depends on !64bit so it's probably a non-issue on
> x86_64)
> I guess it would be safe to enable CONFIG_LBDAF in the default kernel.


>

>> Thank you !!!
>>
>>
> thank you as well for your report!
> btw, you can open issues and pull requests on github as well (prefered).
>
> --JS


Thank you all for sharing your work !! I made a pull request with some pkg
files, just libotr and bitlbee (nice way to keep all jabber related
accounts there).
Sorry if they are a mess, I have to recognize it's my first pull request
and I was working on my local fork as if I was doing it for myself...

Thank you again,

Bruno

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ