aboutsummaryrefslogtreecommitdiffstats
path: root/chapter08
Commit message (Collapse)AuthorAgeFilesLines
* Typo in a commentPierre Labastie2022-09-111-1/+1
|
* Remove trailing spacesPierre Labastie2022-09-115-5/+5
|
* Replace tabs with spacesPierre Labastie2022-09-114-7/+8
|
* Comment on binutils test failures with pie/sspPierre Labastie2022-09-111-0/+4
|
* gcc: fix link to PIE & SSP noteXi Ruoyao2022-09-111-1/+2
| | | | | DocBook does not handle xref to note properly (#pie-ssp-info not generated).
* gcc: some reword of PIE/SSP/ASLR noteXi Ruoyao2022-09-111-7/+10
| | | | | | | | | | | | | | Expand tabs to 8 spaces like everywhere else in the book. Explain that shared libraries are already covered by ASLR, PIE expands the ASLR to cover the exetutables. In 2022, stack smashing attackings are mostly constructing a sequence of faked returning addresses to exectute a series of function already existing in the programs or libraries itself (ret2lib). Returning into the code injected by the attacker is almost impossible because on i686 (with a PAE/NX enabled kernel) or x86_64, running injected code needs W/X mappings and those are very rare these days.
* Document the --enable-default-pie/ssp optionsPierre Labastie2022-09-101-0/+21
| | | | Also document test failures in gcc chapter 8
* Use default-pie and default-ssp flags in gccPierre Labastie2022-09-091-0/+2
| | | | | | | | Committing only the commands for now, so that others can test the build. TODO: - add command explanations - add changelog - comment on failing tests in binutils and gcc
* some http -> https changesXi Ruoyao2022-09-051-2/+2
|
* groff: remove -j1Xi Ruoyao2022-09-011-3/+1
|
* python: supress "failed to check new pip version" or "a new pip version is ↵Xi Ruoyao2022-08-261-2/+14
| | | | | | available" warnings The non-text change during freeze is approved by bdubbs.
* grub: update description for grub-glue-efiXi Ruoyao2022-08-261-2/+1
| | | | | | | Text only change. Found out this utility also exists on ARM, so copied "grub-glue-efi --help" here, which does not mention "ia32" or "amd64".
* glibc: don't mention "/lib" as ld.so search path anymoreXi Ruoyao2022-08-241-4/+3
| | | | | | | | | Text change only. Since 11.0, /lib is a symlink to usr/lib. With libc_cv_slibdir=/usr/lib, /lib won't be searched by default anymore (if someone mess up the system by removing /lib symlink and create an real directory there, for example the initramfs before r10.1-439).
* glibc: update test statusXi Ruoyao2022-08-231-10/+6
| | | | | | | Text change only. Add tst-arc4random-thread failure recently reported to upstream, remove namespace related failures as they are UNSUPPORTED now in 2.36.
* Minor updatesBruce Dubbs2022-08-211-1/+1
|
* stripping: also mention symbol table bisides debug symbolsXi Ruoyao2022-08-211-3/+9
|
* Intermediate update prior to lfs-11.2-rc1Bruce Dubbs2022-08-202-3/+4
|
* Clean chapter 8 binutils xml and textPierre Labastie2022-08-141-20/+5
| | | | | | Remove old commented instructions Remove a sed and a test failure explanation: both have been fixed in binutils-2.39
* Merge branch 'trunk' of git.linuxfromscratch.org:lfs into trunkBruce Dubbs2022-08-091-1/+11
|\
| * binutils: add desc for gprofngXi Ruoyao2022-08-091-1/+11
| |
* | Tweak pip3 instructionsBruce Dubbs2022-08-094-6/+15
|/
* perl: remove outdated note regarding zlib versionXi Ruoyao2022-08-071-4/+0
| | | | Now perl-5.36 ships zlib-1.2.12, which is same as the book providing.
* Package updates.Bruce Dubbs2022-08-063-2/+11
| | | | | | | Update to binutils-2.38. Update to util-linux-2.38.1. Update to Python3-3.10.6. Update to glibc-2.36.
* another "obsoleted" -> "obsolete" fixXi Ruoyao2022-07-161-1/+1
|
* Package updates.Bruce Dubbs2022-07-161-2/+2
| | | | | | | | Update to meson-0.63.0. Update to kmod-30. Update to inetutils-2.3. Update to linux-5.18.9. Update to OpenSSL-3.0.5.
* SpellingBruce Dubbs2022-07-142-2/+2
|
* python: mention that --force-reinstall needs --no-depsXi Ruoyao2022-07-021-2/+3
|
* texinfo: remove unneeded sedXi Ruoyao2022-07-021-5/+0
| | | | | | | | | | | | | | | | | | | | It works out of box with glibc-2.35. I think this issue is already fixed at glibc side, by the commit: commit 0b5ca7c3e551e5502f3be3b06453324fe8604e82 Author: Paul Eggert <eggert@cs.ucla.edu> Date: Tue Sep 21 07:47:45 2021 -0700 regex: copy back from Gnulib Copy regex-related files back from Gnulib, to fix a problem with static checking of regex calls noted by Martin Sebor. This merges the following changes: * New macro __attribute_nonnull__ in misc/sys/cdefs.h, for use later when copying other files back from Gnulib. ... ... (unrelated things trimmed)
* Package updates.Bruce Dubbs2022-06-301-0/+6
| | | | | | | | | | Update to vim-9.0.0006. Update to iana-etc-20220610. Update to OpenSSL-3.0.4. Update to kbd-2.5.1. Update to linux-5.18.8. Update to bc-5.3.3. +
* Generate shared C++ bindings for ncursesPierre Labastie2022-06-291-13/+37
| | | | | | | | Presently we let the build system generate static C++ bindings, and then we remove them. Note that we could also prevent generating any C++ binding, since nothing in LFS/BLFS use them, but it seems to me that generating the shared ones is closer to what is done for other packages.
* grep: mark egrep and fgrep obsoleteXi Ruoyao2022-06-231-2/+4
| | | | | | | They are deprecated since 2007, and the next grep release (3.8 or 4.0) will print a warning if they are used. Url: https://git.savannah.gnu.org/cgit/grep.git/commit/?id=a951562
* openssl: mark c_rehash obsoleteXi Ruoyao2022-06-231-2/+5
| | | | | | | | | | | | | | The c_rehash script, shipped by OpenSSL versions in current LFS trunk and all previous LFS releases, is vulnerable to CVE-2022-2068. It's fixed in 3.0.4, but OpenSSL 3.0.4 is completely broken on CPU models with AVX-512 extension [1]. So we'd like to defer OpenSSL update and wait for upstream consensus about "would 3.0.5 be released in urgency". But, the upstream has announced that use of c_rehash is obsolete now [2]. So we can tell people not to use it. [1]: https://github.com/openssl/openssl/issues/18625 [2]: https://www.openssl.org/news/secadv/20220621.txt
* bc: enable readlineXi Ruoyao2022-06-221-4/+12
| | | | | | | | Using readline can improve line editing feature of bc, but it's not enabled by default. As readline is already installed before bc, let's pick up this improvement with no cost.
* document some newly reported test failuresXi Ruoyao2022-06-212-8/+17
|
* minor reword for glibc test failures on slow systemsXi Ruoyao2022-06-211-2/+3
| | | | | | I've observed some failures building LFS on my old i3-3217U (at 1.8 GHz with -j4), but forgot to update the book. Just got reminded by a lfs-support post.
* dbus: remove --with-console-auth-dirXi Ruoyao2022-06-101-9/+0
| | | | | | | | | BLFS no longer contains ConsoleKit, and ConsoleKit can be considered dead now (the ConsoleKit2 fork has no action in the recent year). In BLFS systemd (with PAM) or elogind provide a similar functionality. I can see no reason to mention ConsoleKit in the book now.
* systemd: disable systemd-sysupdateXi Ruoyao2022-05-291-0/+6
|
* systemd: use a better way to disable /usr/lib/pam.dXi Ruoyao2022-05-291-4/+8
|
* systemd: remove unnecessary optionsXi Ruoyao2022-05-291-4/+0
| | | | | -Dblkid is automatically detected, and other three options are meson defaults.
* update to systemd-251 (#5064)Xi Ruoyao2022-05-291-11/+3
|
* openssl: reword upgrading note for versioning scheme changeXi Ruoyao2022-05-281-5/+8
|
* check: remove reference to libcheck.aXi Ruoyao2022-05-281-1/+1
|
* stripping, chapter 8: prevent stripping ld-*.dbgPierre Labastie2022-05-221-2/+4
| | | | | | With the construct used in save_usrlib, if ld-linux-...dbg already exists, it is stripped again and a file ld-linux-...dbg.dbg is created. Prevent this by not listing files ending in "g".
* Document the test failure in coreutilsPierre Labastie2022-05-161-0/+3
| | | | | Seems to be fixed upstream, but adding a patch for just a test is overkill IMO.
* procps: fix typoXi Ruoyao2022-05-091-1/+1
| | | | How did I copied "FAIL:" along with the test name? :(
* Minor grammar fixPierre Labastie2022-05-081-1/+1
|
* util-linux: remove unnecessary test workaroundXi Ruoyao2022-05-071-8/+0
| | | | | | | According to upstream, this issue is fixed: https://github.com/util-linux/util-linux/issues/1635. Also tested by Pierre and me.
* procps: update testsuite statusXi Ruoyao2022-05-071-2/+9
|
* gcc-12: update test statusXi Ruoyao2022-05-071-6/+3
| | | | | | | The analyzer tests fixed at https://gcc.gnu.org/r12-7119. The PR100400 status is discussed in the thread started with https://gcc.gnu.org/pipermail/gcc-patches/2022-May/593931.html.
* gcc-12: remove unnecessary workaround for PR91085Xi Ruoyao2022-05-071-4/+2
| | | | Reference: https://gcc.gnu.org/r12-1924