Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4DD6CF4C.8050207@fsck-labs.exploits-bg.com>
Date: Fri, 20 May 2011 23:30:04 +0300
From: Georgi Geshev <root@...k-labs.exploits-bg.com>
To: owl-dev@...ts.openwall.com
Subject: Re: Owl test builds

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

On 5/19/2011 11:45 AM, Georgi Geshev wrote:
> 
> Hello Solar,
> 
> On 5/19/2011 7:38 AM, Solar Designer wrote:
>> Georgi,
> 
>> I've just setup the promised OpenVZ container for your test builds (sent
>> the details to you off-list).
> 
>> I suggest that you do your builds in two chroots, /owl32 and /owl64,
>> which you'll need to create.  Of course, I could create two OpenVZ
>> containers instead, but I think it's nice for you to have a clean system
>> and to experiment in chroots, which you can easily re-create on your own
>> (and you can also create more than two if needed).
> 
>> I suggest that you do something like:
> 
>> su - build
>> lftp http://mirrors.kernel.org
>> cd /openwall/Owl/current
>> get native.tar.gz
>> cd x86_64
>> mirror RPMS
>> exit # from lftp
>> tar xzf native.tar.gz
>> exit # from su
>> mkdir /owl
>> cd ~build
>> make installworld # installs 64-bit Owl userland under /owl
>> mv /owl /owl64
> 
>> Then maybe:
> 
>> useradd -m build32
>> su - build32
>> ...download for i686...
>> cp native/Owl/build/installworld.conf .
>> vi installworld.conf # edit HOME and ROOT
>> ...
>> mkdir /owl32
>> cd ~build
>> setarch i686 make installworld # installs 32-bit Owl userland under /owl32
> 
>> Of course, it's preferable to check signatures on stuff you download, as
>> described here: http://openwall.info/wiki/Owl/upgrade
> 
>> However, since this is for test builds only, which we're not going to
>> use directly (instead, we'd review and commit the resulting patches,
>> then do clean builds elsewhere), security of this setup is not terribly
>> important.  This is why I don't insist on you being more careful.
> 
>> For the actual test builds, you'd use:
> 
>> chroot /owl64
>> su - build
>> ...download stuff again (or copy from outside of chroot)...
>> make buildworld
> 
>> and:
> 
>> setarch i686 chroot /owl32
>> ...ditto...
> 
>> Please let me know if you have any questions or run into any issues.
>> For general Owl usage/build issues, please post in here.  For issues
>> specific to this server setup (e.g., connectivity), e-mail me off-list.
> 
>> Thanks,
> 
>> Alexander
> 
> 
> Thank you so much for all the detailed explanations.
> 
> Regards,
> Georgi

I've run into some trouble performing the actual test builds - I wasn't
able to `su' inside the chrooted environment -

root@gg1:~ # chroot /owl64
bash-3.1# su - build
su: exec failed
bash-3.1#

root@gg1:~ # setarch i686 chroot /owl32
bash-3.1# su - build
su: Insufficient credentials to access authentication data
bash-3.1#

Fortunately, Alex has already correctly suggested that there was an
obvious issue with the permissions and a simple `chmod 755 /' inside the
chroot would solve the problem.

Regards,
Georgi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)

iQEcBAEBAgAGBQJN1s9KAAoJECp4GRJNSNT5vqAH/j2FJy8L+vdZ49Q00CvL6YN6
fbFRIR5G9ZHLarOOgSeKcMlT/I3H7GsHaJbshAmxdeJJH6ZDftRk6Je0oJirgkug
jS48evj+ZqqZnanXDj2fj5zCiw+Oki0TXSv67JDvYj+4SbSxvUD46DbjdcpimEg1
whooY3034CEEn7x2DuCTmb4CaeXj8mvE15XnIquUwAuck/P/NA5ElvcoLKZ+H+fL
ga1MeWMDJeZXs+9Nw2eY0eR6Wf2G/cC9pg/oP7sgtL9nIUojMytWIYhDIq2sYhnL
d6i/p/iPoo98UVHYnirPtXxQiTLCq7ZSlVEOq9FBhKEj/of2s2Vo5gwiEV6zMK0=
=Fx34
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.