Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 7 Aug 2016 20:15:21 +0200
From: Matus UHLAR - fantomas <>
Subject: Re: specify home ($JOHN) at compiletime

>> 2. compile warnings:
>> params.h:152:0: warning: "CFG_FULL_NAME" redefined
>>   #define CFG_FULL_NAME   "$JOHN/john.conf"
>>   ^
>> <command-line>:0:0: note: this is the location of the previous definition
>> apparently the #define should to #ifndef CFG_FULL_NAME block
>> (debian patch adds that).
>> Otherwise, seems that the latter is being used.

On 04.08.16 13:51, Solar Designer wrote:
>I think Debian overrides CFG_FULL_NAME because of their policy to have
>all config files under /etc.  This policy is inconsistent with JtR's,
>and vice versa, where JtR checks a set of directories for several of its
>files, including the config file and more.  By overriding CFG_FULL_NAME
>like above, if it worked, you'd break some desirable functionality -
>namely, being able to override the system-wide config file at runtime by
>placing a local one in ~/.john/john.conf.  Just how do Debian package
>users make edits to their john.conf?  Edit the global file as root?

I thought this is what JOHN_SYSTEMWIDE is for - using CFG_FULL_NAME as
system-wide config file and JOHN_PRIVATE_HOME/john.conf for users' config

>I suggest that you simply drop this Debian'ism, especially as it doesn't
>even build for you.

I guess that the debian build doesn't work since it was made for old
Makefile (without autoconf).
It even builds non-sse and non-mmx binaries as fallbacks.

I'd also like to configure non-omp fallbacks, just I'm not sure which
fallback applies first (cpu or omp)

>> ...I'm out of ideas. Debian uses backslash escaping:
>> CFLAGS='-DJOHN_SYSTEMWIDE=1 -DCFG_FULL_NAME=\"/etc/john/john.conf\"'
>> ./configure
>> but that causes configure errors:
>> configure: creating ./fmt_externs.h
>> <command-line>:0:16: warning: missing terminating " character
>I guess the exact escaping needed varies between Debian's invocation
>from a script and your invocation from the command-line.

I'm afraid this applies for different variables at config time: env CFLAGS='-DJOHN_SYSTEMWIDE=1 -DJOHN_SYSTEMWIDE_EXEC="/usr/lib/john" -O2' ./configure --disable-openmp

results in:

gcc -DAC_BUILT -march=native -mavx -DJOHN_AVX -c -DJOHN_SYSTEMWIDE=1 -DJOHN_SYSTEMWIDE_EXEC="/usr/lib/john" -O2 -I/usr/local/include -DARCH_LITTLE_ENDIAN=1   -Wall -Wdeclaration-after-statement -fomit-frame-pointer --param allow-store-data-races=0 -Wno-deprecated-declarations  -Wunused-but-set-variable -std=gnu89 -Wdate-time -D_POSIX_SOURCE -D_GNU_SOURCE -D_XOPEN_SOURCE=600      -pthread -DHAVE_HT  -I/usr/local/include -funroll-loops listconf.c -o listconf.o
listconf.c: In function ‘listconf_list_build_info’:
<command-line>:0:23: error: ‘usr’ undeclared (first use in this function)
listconf.c:137:28: note: in expansion of macro ‘JOHN_SYSTEMWIDE_EXEC’
    puts("System-wide exec: " JOHN_SYSTEMWIDE_EXEC);
<command-line>:0:23: note: each undeclared identifier is reported only once for each function it appears in

this makes mebelieve the problem is not in CFG_FULL_NAME itself, more in
handling -Ddefines. backslash quoting of quotes causes different errors: env CFLAGS='-DJOHN_SYSTEMWIDE=1 -DJOHN_SYSTEMWIDE_EXEC=\"/usr/lib/john\" -O2' ./configure --disable-openmp
configure: creating ./fmt_externs.h
<command-line>:0:23: warning: missing terminating " character
<command-line>:0:23: warning: missing terminating " character
configure: creating ./fmt_registers.h
<command-line>:0:23: warning: missing terminating " character
<command-line>:0:23: warning: missing terminating " character


these seem to be just warnings, and setting both JOHN_SYSTEMWIDE_EXEC and
even CFG_FULL_NAME seems to be correct (at least strings says that about
compiled binary)...

I am not 100% sure because of warnings above... 

>> any idea how to continue?
>Just don't override CFG_FULL_NAME.  Also, seriously consider whether you
>actually want system-wide builds.
>And I guess by now you realize that you're doing something weird, and/or
>that we don't support your use case well (sorry!)  

I hope this does not mean you won't answer my questions anymore...

> Hopefully, you have
>at least tens of similar machines to make this exercise worthwhile.

in fact, yes... (even when talking about physical machines)

Matus UHLAR - fantomas, ;
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have. 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ