On 03/12/2018 04:30 PM, Pierre Labastie wrote:
On 12/03/2018 22:19, Pierre Labastie wrote:
In order to move to the Maven build system, I tried to rebuild an OpenJDK JVM
in a fresh LFS sytem (in a VM). There are a few problems:
- The jtreg file is updated every few days on the ci.adoptjk.net site. Result:
the MD5sum in the book is obsolete. I suggest removing the MD5sum, there is
no real security threat in a testsuite, is there?
Probably not, but we could host a snapshot to keep the md5sum constant.
- We pass "--with-cacerts-file=/etc/ssl/java/cacerts.jks" to configure, but if
this is the first build of OpenJDK, it is perfectly possible that this file
does not exist, and then the build fails. I would suggest to build it just
after the Java binary installation.
Or we could just 'touch' it into existence. Then the user could build
it at their convenience.
- When running /usr/sbin/make-ca --force at the end, there is no reason that
the certdata.txt file be in the current directory. I would suggest to add
the -g option to the command.
- Not tried yet but the last instructions should be
"bin/keytool -list -keystore /opt/jdk/lib/security/cacerts" (in order to
check that the JVM install is OK). And if we want to test the one in /etc,
it should be "bin/keytool -list -keystore /etc/ssl/java/cacerts.jks" (.jks
added at the end).
Actually, the real test is "bin/keytool -list -cacerts"
May I do that?
Sure. If there are issues then we just make any appropriate changes.
Unsubscribe: See the above information page