----- Original Message ----- From: "robert baker" <robertmba...@gmail.com> To: "Hardened LFS Development List" <hlfs-dev@linuxfromscratch.org> Sent: Tuesday, June 29, 2010 9:33 PM Subject: Re: LFS-XML to hlfs patch.
> I have completed adding the additional package and patch entities to > the XML patch. The SBU entities for each package are not accurate yet. > Once the full system builds using jhalfs the SBU values can be > updated. > > You can find the patch here: > http://www.linuxfromscratch.org/~rbaker/hlfs-0.0.1-lfs-6.6.patch > > As I said I have been working with jhalfs to ensure the system build > can be automated. At the moment the system will download > everything and build through chapter 5. I haven't gotten the automated > kernel build working in chapter 5 yet. Just leave the kernel build > disabled for now. > > I have uploaded two additional files to aid in automated builds > through chapter 5. > > This file is lightly modified. It sets the HLFS environment variable > instead of LFS, and handles skipping the kernel build in chapter05 > when you don't select a config file. > http://www.linuxfromscratch.org/~rbaker/master.sh > > This file needed to have the diff file extension added to it so jhalfs > would download patches with the diff extension. > http://www.linuxfromscratch.org/~rbaker/urls.xsl > > The process I have been using to build using jhalfs is as follows. > > 1. Boot system using lfs live cd. (I generally use a vmware or vbox > virtual system) > 2. Setup disks partition/format/mount data and swap. > 3. Set jhalfs user and group as owners of the whole mounted data partition. > 4. Download jhalfs-2.3.2, LFS-6.6-XML, and the hlfs patch to the root > of the mounted data partition. > 5. Unpack LFS-6.6-XML and patch the LFS book > 6. Copy modified master.sh to jhalfs-2.3.2/LFS/ and urls to > jhalfs-2.3.2/common/. > 7. Change users to jhalfs and run make in the jhalfs2.3.2 directory. > 8. Use LFS as the build type, use the working copy option. (point to > the patched LFS-XML) Configure it to build the sources, and close the menu. > 9. Once the build begins delete the > jhalfs/lfs-commands/chapter0{6,7,8} so the build doesn't continue past > the temporary system phase. (I haven't changed any commands beyond > chapter > 5.) > > Some highlights of the changes to the book include the following: > Build order change to conform with HLFS. > Don't use a cross compiled build as it causes issues with HLFS build order. cross-compilation of the first part mean less dependencies from the host. I have one machine that had fail to compile chap5 until I implemented LFS cross-compilation. I am building like LFS on chap5 with only hardening (not all what HLFS do) applied starting from chap6. Basically I set starting from chap6 CFLAGS="-Os -march=${MACHINE} -mtune=pentium -pipe -fomit-frame-pointer -D_F ORTIFY_SOURCE=2 -fstack-protector-all -fPIE -Wl,-z,now" CXXFLAGS=${CFLAGS} LDFLAGS="-Wl,--hash-style=gnu" and glibc is at both chap5 and 6 build with sed -i 's|hash-style=both|hash-style=gnu|' Makeconfig and --enable-bind-now --enable-stackguard-randomization --enable-omitfp binutils, gcc are not build with hardened flags (I don't care that much for my application as they are not installed). I have only one error added by hardening (the know /usr/src/glibc-build/elf/check-localplt.out). Build on i686 and ppc, not yet tested x86_64. Gilles -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
