Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Carl Anthony-Uzoeto (carlzeto.net)
Date: Fri Jun 01 2001 - 15:15:52 CDT
A million thanks for the clarification -- you have really saved me hours of
Carl Anthony-Uzoeto wrote:
> This is great. Thanks for the quick responses. Rest of my comments are in-line
> Crispin Cowan wrote:
> > > -- I need to buld/install some other linux packages. Are
> > > there any known issues, gotchas, etc that I ought to know
> > > about?
> > I believe all of the known "gotchas" are in the README.Immunix file in /
> > on the CD. To summarize:
> I read & re-read, then printed the README.Immunix file, but it didn't clarify
> the issues for me. I guess because I have the green CD, some things seem to be
> different. It was probably really intended for the RNA market. For instance,
> of all the tools listed in the README under the section titled "Packages needed
> to begin protecting RedHat 7.0 with stackguard and FormatGuard ...", none of
> the packages with stout in their names is included on the CD. Neither is the
> glibc_devel or glibc-profile packages installed. In fact, out of this list,
> only glibc-2.2-12_imnx_7.i386.rpm, libstdc++<blah>, and nscd<blah> are
> In other words, no compilers have been installed (stackguarded or not), and much
> of the pkgs required for stackguarding other RedHat 7.0 pkgs were not there.
> Hence, my confusion.
> I made an assumption about the egcs under extras/egcs/clean being stackguarded
> and tried to install the egcs, but ran into dependency issues -- glibc-devel &
> binutils were required.
> I am now downloading egcs-1.1.2-30_SG201_stout.src.rpm, and I have also pulled
> down glibc-2.2-12_imnx_7.src.rpm & binutils-22.214.171.124-1_imnx.src.rpm. However,
> I am uncertain as to the order I should build these tools and which compilers I
> should use & when. I can eventually figure these things out, but have only got
> this night to get this server ready and shipped to an ISP. Please, if you have
> got a moment, can you fill in the gaps in my understanding as expressed above.
> > * Don't complile kernels or kernel modules with the StackGuard
> > compiler.
> I am not likely to be compiling any kernel pkgs, yet. If I need to in future,
> the info' you have provided here is more than enough to get me started.
> > > -- I would like to stick with using RPM packaging for
> > > building/installing some much needed extra pkgs/tools.
> > > Trouble is, rpm seems to have been built without the options
> > > required for building from SRPMs (--rebuild, --recompile,
> > > -bb, -ba, etc). Is this a correct observation? If it is,
> > > whats the best way to work around this?
> > I'm running Immunix OS on my laptop, use RPM regularly, and have not
> > experienced these problems. Can you elaborate?
> I suspect its because of the missing compilers -- haven't had a chance to do a
> thorough investigation. The symptoms are that every other rpm command would
> succeed, but the commands to build from source rpms all fail silently and print
> out a usage help screen. The usage help seems to suggest that the options to
> build from source rpms are not valid options. So, I began to think that the rpm
> pkg may have been deliberately crippled, perhaps, for security.
> The rpm packages installed are: rpm-4.0-4_imnx & rpm-python-4.0-4_imnx.
> Any ideas/suggestions?
> > > there are compiler tools on the CD, in the tree
> > > extras/clean. Does this mean the compilers have been fully
> > > stackguarded.
> > There are two versions of the StackGuard compiler:
> > * "Stout": this is the one you want to use most of the time.
> The *stout* ones are missing on the distro I have, but I am downloading the
> source rpm.
> > * "Lite": this is the one you need to use to compile glibc. glibc's
> > build sequence includes some very complex procedures, and for
> > arcane reasons, it won't build if the StackGuard compiler provides
> > a __canary_death_handler() function. The "Lite" compiler does not
> > provide one, while the "stout" does provide one.
> Is there any reason I shouldn't use the *lite* versions for everything?
> Once again, I thank you very much for taking the time to address some of the
> issues I have raised here, and hope you may be able to help me some more with
> these ones.
> Immunix-users mailing list
Immunix-users mailing list