Below you will find my suggestions for the scope of the HLFS book. What we want to provide. - A base platform and build environment - A platform for building hardened servers, routers, and firewalls
Work needed to reach a release candidate - various package version bumps - frandom update - glibc-sanitize-env - grub2 - fortify source by default - test suite/sanity checks - x86_64 and i?86 build completion - multi-lib or pure64 or both - if pure64 is included patches or additional seds are needed - ssh daemon for bootable_temporary - libcap-ng (requires python) - completed book text In my oppinion HLFS-1.0 should be limited in scope to just the basic toolchain. Very few packages should be added beyond the scope of LFS. Those packages include libcap, (if we use libcap-ng we need Python too.) paxctl, and an ssh daemon for the bootable temporary tools. All other work should be focused on preparing the build environment and base install. HLFS-2.0 should be a more aggressive target. I would like to see the book include documentation on grsec's RBAC system. I would also like to see a full audit of posix capabilities on the binaries included in the base system. Some documentation on posix capabilities would also be a nice addition. Any additional packages that we agree should be in the book should be added for the 2.0 version. Any thoughts/comments/additions are welcome. RBaker -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
