On Wed, Feb 07, 2018 at 10:50:57AM +0100, Pierre Labastie wrote:
> On 07/02/2018 06:36, Bruce Dubbs wrote:
> > Ken Moffat wrote:
> >> On Tue, Feb 06, 2018 at 07:06:22PM -0500, Ryan Marsaw wrote:
> >>> On Tue, 6 Feb 2018, hykw...@sina.com wrote:
> >>>
> >>>>> On Mon, 5 Feb 2018, hykw...@sina.com wrote:
> >>>>>> I got the following message when I built the Linux kernel 4.15:
> >>>>>>
> >>>>>> fatal error: openssl/bio.h: No such file or directory
> >> [...]
> >>> OK. I believe I've figured this out.
> >>>
> >>> [...] Interesting and clever stuff
> >> Thanks for the investigation - on one of my machines The first
> >> kernel I built in chroot (before any of BLFS) was 4.15.0-rc4 on 22nd
> >> December, so the dependency seems to have sneaked in after that (to fix
> >> wireless regulatory problems, according to that link).
> >>
> >> Bad news for those of us with machines which do not have wireless
> >> connections :-(
>
> Nope. The faulty switch is not selected if "Wireless" is not selected (in
> "Networking support" menu. That's why I haven't seen the dependency on openssl
> although I have gone through a lot of LFS builds lately (for testing jhalfs),
> with 4.15{,.1} kernels.
>
Agreed - on my .config I can still build 4.5.2 in chroot without
needing openssl, so I retract the false statement that this sneaked
in after -rc4.
> >>
> >> I do build openssl before I boot, but adding it seems like a
> >> sledgehammer to crack a kernel config problem.
> >
> > I agree. I read the link above and the patch was rejected, but I also
> > found:
> >
> > https://cateee.net/lkddb/web-lkddb/CFG80211_CERTIFICATION_ONUS.html
> >
> > It says:
> >
> > "You should disable this option unless you are both capable and willing to
> > ensure your system will remain regulatory compliant with the features
> > available under this option. "
>
> Hmm: I understand it says "don't change the defaults" that become visible if
> that option is selected.
>
> >
> >
> > I think it should be disabled for LFS users and it is disabled by default.
> >
> > The "option" CFG80211_REQUIRE_SIGNED_REGDB seems to the problem.
> >
> > Turning it off is difficult. It requires enabling CONFIG_EXPERT:
> >
> > General setup --->
> > Configure standard kernel features (expert users)
> >
> > But that also says: "Only use this if you really know what you are doing."
> >
> > It also turns on a lot of options we do not want, e.g. Kernel debugging
> > which
> > we can't otherwise turn off.
> >
> > The only options I can see for us is to either:
> >
> > sed -e '/regdb signature/{N;s/y/CFG80211_CERTIFICATION_ONUS/}' \
> > -i net/wireless/Kconfig
> >
> > before menuconfig OR
> >
> > sed -e '/REQUIRE_SIGNED_REGDB/s/y/n/' \
> > -i .config
> >
>
> Or build openssl in LFS. I've done some testing with the new jhalfs-blfs
> dependency engine: when you select almost any package with optional
> dependencies (which as a rule brings in half of the BLFS packages), openssl
> appears among the first ten built packages... To me, it means it is a
> requirement for almost anything in BLFS.
>
> And IIUC, if I had a wireless card on my system, I wouldn't like this option
> being turned off, since it would allow regulatory databases to be loaded
> without checking their authenticity...
>
> Regards
> Pierre
>
BUT - if I was building for the first time, I don't think *any*
wireless actually *works* without significant other items from BLFS
?
If somebody has already built LFS before, I suppose I expect them to
know what parts of BLFS are needed, and therefore what might be
needed to bring the new system up (e.g. some means of downloading
packages in the minimal case). The only part-comparable things I can
come up with for *my* use case (I don't have a laptop powerful enough
to build recent LFS, my netbook never leaves the house now and gets
very restricted use/updates) are:
radeon firmware - I add this to new systems on desktops with radeon
video
nfs - I have a lot of my files on nfs, so I build this before
booting
So I'm reluctant to see openssl added to LFS, but if we add it then
perhaps we ought to add a big chunk of BLFS to get working wifi ?
Or do we just need to point out that people building wireless
drivers will need to add *at least* openssl before building the
kernel ?
For a working wifi connection firmware is probably needed as well
as a choice of the tool to bring the connection up. For *working*
openssl, at least the certificates are needed.
ĸen
--
Truth, in front of her huge walk-in wardrobe, selected black leather
boots with stiletto heels for such a barefaced truth.
- Unseen Academicals
--
http://lists.linuxfromscratch.org/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
