Back in January last year, I made a proposal to add some discussion of vulnerabilities in the security chapter, and how to look at what the distros are doing to fix their builds (for vulnerabilities but also for when packages no longer build). There was some interest from users, but no comment from editors. At that time, I *thought* several editors were still active, but I was probably mistaken. My normal attitude is to not break things, and to follow the party line even if that means doing nothing. Je suis anarchiste bourgeois. [1]
I then went off in a huff, but had to come back because changes in LFS-7.0 (glibc and bootscripts) broke nfs. Since then, we've got a lot more active editors, but I think those proposed changes would still be useful - it's not as if we are on top of known vulnerabilites. Some of this proposal is updated and expanded. Additionally, I think that now is a suitable time to replace gnome-media with gvolwheel, and to add another lightweight window manager (icewm). When I started preparing this, my current BLFS version was 2012-06-23. You can find a rendered version of the changes, and a gzipped diff of the xml, at http://www.linuxfromscratch.org/~ken/tmp/ This contains the following changes: 1. new page in chapter 2 to explain static/shared libraries : in the book we now often use --disable-static but I don't think we've explained why. 2. add pointers to some distros in Beyond BLFS, change freshmeat.net to freecode.com, and add a link to a rpm2cpio script. Basically, as in last year's suggestion (the change to google/linux is no longer appropriate, that has become google/webhp and is not linux specific). 3. add a page about Vulnerabilities at the start of chapter 4. Reworked from last year's suggestion. 4. add IceWM as another window manager: Use the 1.3.7 development release (at the moment nothing is happening in development, so in some ways it is like mutt). Some seds are needed to get it to compile with current binutils and glib-2.32. Almost all of the distros have moved to 1.3 instead of 'stable' 1.2. I've been using 1.3 for years, and it works very well for me (there used to be a problem with resizing gtk+-3 windows in "minority" window managers, that problem is no longer present in icewm so I guess gtk3 was fixed). Configuration, and setting up the menus, are "different" so I've added explanations and some examples. 5. update the name of a kernel config option in alsa-lib 'Device Drivers -> Sound' is now '-> Sound card support'. Technically, I could just drop this part in without discussion, but I only noticed it while preparing the next item, and for me it makes sense to do them all together. 6. replace gnome-media by gvolwheel: I was keen to keep gnome-media for a time, because I'd been used to using it and assumed other people had used it too. It has been marked as "will be removed from the book in due course" since 24th December, I think it can go now - providing we add a replacement. During this time there have been links to volumecontrol and both the gtk2 and gtk3 versions of gvolwheel. I didn't like volumecontrol, and there are reports of people having difficulty with it, so I propose we use gvolwheel. Unfortunately, correctly configuring the current version (1.0) and the kernel will trip people up if they follow the ChangeLog in the package, so I've added the details. The link to sourceforge for gvolwheel is just weird : open it in a browser and you get a list of all the available versions instead of the one you asked for. Paste it to wget and it works. I don't see what else I can do for that, I've tried at least 6 variants based on what shows in the browser at differnet mirrors, but they all either gave a 404 or dropped me at the list of available versions. I'm open to discussion about the details. If nobody objects, I'll now regard that as "nobody cares, so do it". OTOH, if there are overwhelming objections I'll stop troubling you. ĸen 1. Sartre - Les mains sales -- das eine Mal als Tragödie, das andere Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
