Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 Mar 2011 10:51:18 +0300
From: Solar Designer <solar@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: iputils s20101006

On Tue, Mar 22, 2011 at 09:13:44PM +0300, Vasiliy Kulikov wrote:
> 1) Our kernel lacks SO_MARK socket option.  It was added in 2008 to
> Linux v2.6.25, but was not ported to RHEL5 kernel:
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4a19ec5800fc3bb64e2d87c4d9fdd9e636086fe0
> 
> I've simply commented out the command line argument processing and
> setsockopt() call.

Sounds fine.

Having to make such temporary changes is the price we're paying for
making one change at a time.

> 2) New arping wants libsysfs and fails to build without it:
> 
> arping: arping.o -lsysfs
> 
> I'm sure we want to packetize this library as currently some other tools
> use this library.  The library itself (without binaries) is 70 kb on
> Ubuntu.
> 
> http://linux-diag.sourceforge.net/Sysfsutils.html

I went to this link, but I can't quickly identify the Source tarball
you'd be using in the package.  Can you please provide more info?

"Download libservicelog-1.1.11.tar.gz (642.9 KB)" - is this it?
How do we verify its authenticity and integrity?..

> However, if we find it unneeded for Owl, I may delete all occurrences of
> sysfs (I believe it is used for information purpose only).

This is within consideration.  I'd like to take a look at whatever
source tarball would provide libsysfs first.

> 3) manpages are now generated from docbook files:
> 
> $(MANFILES): index.db
> 	@-mkdir tmp.db2man
> 	@set -e; cd tmp.db2man; nsgmls ../$< | sgmlspl ../docbook2man-spec.pl ;	mv $@ ..
> 	@-rm -rf tmp.db2man
> 
> Looks like we have to ship precompiled manpages.

Sounds right.

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ