On 03/12/2018 04:30 PM, Pierre Labastie wrote:
On 12/03/2018 22:19, Pierre Labastie wrote:

In order to move to the Maven build system, I tried to rebuild an OpenJDK JVM
in a fresh LFS sytem (in a VM). There are a few problems:
- The jtreg file is updated every few days on the ci.adoptjk.net site. Result:
   the MD5sum in the book is obsolete. I suggest removing the MD5sum, there is
   no real security threat in a testsuite, is there?

Probably not, but we could host a snapshot to keep the md5sum constant.

- We pass "--with-cacerts-file=/etc/ssl/java/cacerts.jks" to configure, but if
   this is the first build of OpenJDK, it is perfectly possible that this file
   does not exist, and then the build fails. I would suggest to build it just
   after the Java binary installation.

Or we could just 'touch' it into existence. Then the user could build it at their convenience.

- When running /usr/sbin/make-ca --force at the end, there is no reason that
   the certdata.txt file be in the current directory. I would suggest to add
   the -g option to the command.

Seems reasonable.

- Not tried yet but the last instructions should be
   "bin/keytool -list -keystore /opt/jdk/lib/security/cacerts" (in order to
   check that the JVM install is OK). And if we want to test the one in /etc,
   it should be "bin/keytool -list -keystore /etc/ssl/java/cacerts.jks" (.jks
   added at the end).

Actually, the real test is "bin/keytool -list -cacerts"

May I do that?

Sure.  If there are issues then we just make any appropriate changes.

  -- Bruce

FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to