OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Carl Anthony-Uzoeto (carlzeto.net)
Date: Fri Jun 01 2001 - 15:15:52 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    A million thanks for the clarification -- you have really saved me hours of
    tinkering about.

    thanks,
    --carl

    Carl Anthony-Uzoeto wrote:

    > Hey,
    >
    > This is great. Thanks for the quick responses. Rest of my comments are in-line
    > ..
    >
    > Crispin Cowan wrote:
    >
    > > > -- I need to buld/install some other linux packages. Are
    > > > there any known issues, gotchas, etc that I ought to know
    > > > about?
    > >
    > > I believe all of the known "gotchas" are in the README.Immunix file in /
    > > on the CD. To summarize:
    >
    > I read & re-read, then printed the README.Immunix file, but it didn't clarify
    > the issues for me. I guess because I have the green CD, some things seem to be
    > different. It was probably really intended for the RNA market. For instance,
    > of all the tools listed in the README under the section titled "Packages needed
    > to begin protecting RedHat 7.0 with stackguard and FormatGuard ...", none of
    > the packages with stout in their names is included on the CD. Neither is the
    > glibc_devel or glibc-profile packages installed. In fact, out of this list,
    > only glibc-2.2-12_imnx_7.i386.rpm, libstdc++<blah>, and nscd<blah> are
    > installed.
    >
    > In other words, no compilers have been installed (stackguarded or not), and much
    > of the pkgs required for stackguarding other RedHat 7.0 pkgs were not there.
    > Hence, my confusion.
    >
    > I made an assumption about the egcs under extras/egcs/clean being stackguarded
    > and tried to install the egcs, but ran into dependency issues -- glibc-devel &
    > binutils were required.
    >
    > I am now downloading egcs-1.1.2-30_SG201_stout.src.rpm, and I have also pulled
    > down glibc-2.2-12_imnx_7.src.rpm & binutils-2.10.0.18-1_imnx.src.rpm. However,
    > I am uncertain as to the order I should build these tools and which compilers I
    > should use & when. I can eventually figure these things out, but have only got
    > this night to get this server ready and shipped to an ISP. Please, if you have
    > got a moment, can you fill in the gaps in my understanding as expressed above.
    >
    > >
    > > * Don't complile kernels or kernel modules with the StackGuard
    > > compiler.
    >
    > I am not likely to be compiling any kernel pkgs, yet. If I need to in future,
    > the info' you have provided here is more than enough to get me started.
    >
    > > > -- I would like to stick with using RPM packaging for
    > > > building/installing some much needed extra pkgs/tools.
    > > > Trouble is, rpm seems to have been built without the options
    > > > required for building from SRPMs (--rebuild, --recompile,
    > > > -bb, -ba, etc). Is this a correct observation? If it is,
    > > > whats the best way to work around this?
    > >
    > > I'm running Immunix OS on my laptop, use RPM regularly, and have not
    > > experienced these problems. Can you elaborate?
    >
    > I suspect its because of the missing compilers -- haven't had a chance to do a
    > thorough investigation. The symptoms are that every other rpm command would
    > succeed, but the commands to build from source rpms all fail silently and print
    > out a usage help screen. The usage help seems to suggest that the options to
    > build from source rpms are not valid options. So, I began to think that the rpm
    > pkg may have been deliberately crippled, perhaps, for security.
    >
    > The rpm packages installed are: rpm-4.0-4_imnx & rpm-python-4.0-4_imnx.
    >
    > Any ideas/suggestions?
    >
    > > > there are compiler tools on the CD, in the tree
    > > > extras/clean. Does this mean the compilers have been fully
    > > > stackguarded.
    > >
    > > There are two versions of the StackGuard compiler:
    > >
    > > * "Stout": this is the one you want to use most of the time.
    >
    > The *stout* ones are missing on the distro I have, but I am downloading the
    > source rpm.
    >
    > > * "Lite": this is the one you need to use to compile glibc. glibc's
    > > build sequence includes some very complex procedures, and for
    > > arcane reasons, it won't build if the StackGuard compiler provides
    > > a __canary_death_handler() function. The "Lite" compiler does not
    > > provide one, while the "stout" does provide one.
    >
    > Is there any reason I shouldn't use the *lite* versions for everything?
    >
    > Once again, I thank you very much for taking the time to address some of the
    > issues I have raised here, and hope you may be able to help me some more with
    > these ones.
    >
    > thanks,
    > --carl
    >
    > _______________________________________________
    > Immunix-users mailing list
    > Immunix-usersmail.wirex.com
    > http://mail.wirex.com/mailman/listinfo/immunix-users

    _______________________________________________
    Immunix-users mailing list
    Immunix-usersmail.wirex.com
    http://mail.wirex.com/mailman/listinfo/immunix-users