Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 May 2011 11:45:14 +0300
From: Georgi Geshev <root@...k-labs.exploits-bg.com>
To: owl-dev@...ts.openwall.com
Subject: Re: Owl test builds

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello Solar,

On 5/19/2011 7:38 AM, Solar Designer wrote:
> Georgi,
> 
> I've just setup the promised OpenVZ container for your test builds (sent
> the details to you off-list).
> 
> I suggest that you do your builds in two chroots, /owl32 and /owl64,
> which you'll need to create.  Of course, I could create two OpenVZ
> containers instead, but I think it's nice for you to have a clean system
> and to experiment in chroots, which you can easily re-create on your own
> (and you can also create more than two if needed).
> 
> I suggest that you do something like:
> 
> su - build
> lftp http://mirrors.kernel.org
> cd /openwall/Owl/current
> get native.tar.gz
> cd x86_64
> mirror RPMS
> exit # from lftp
> tar xzf native.tar.gz
> exit # from su
> mkdir /owl
> cd ~build
> make installworld # installs 64-bit Owl userland under /owl
> mv /owl /owl64
> 
> Then maybe:
> 
> useradd -m build32
> su - build32
> ...download for i686...
> cp native/Owl/build/installworld.conf .
> vi installworld.conf # edit HOME and ROOT
> ...
> mkdir /owl32
> cd ~build
> setarch i686 make installworld # installs 32-bit Owl userland under /owl32
> 
> Of course, it's preferable to check signatures on stuff you download, as
> described here: http://openwall.info/wiki/Owl/upgrade
> 
> However, since this is for test builds only, which we're not going to
> use directly (instead, we'd review and commit the resulting patches,
> then do clean builds elsewhere), security of this setup is not terribly
> important.  This is why I don't insist on you being more careful.
> 
> For the actual test builds, you'd use:
> 
> chroot /owl64
> su - build
> ...download stuff again (or copy from outside of chroot)...
> make buildworld
> 
> and:
> 
> setarch i686 chroot /owl32
> ...ditto...
> 
> Please let me know if you have any questions or run into any issues.
> For general Owl usage/build issues, please post in here.  For issues
> specific to this server setup (e.g., connectivity), e-mail me off-list.
> 
> Thanks,
> 
> Alexander
> 

Thank you so much for all the detailed explanations.

Regards,
Georgi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)

iQEcBAEBAgAGBQJN1NiYAAoJECp4GRJNSNT5GBIH/0+DpD2fJIRpASst7jSaAVpJ
kgPu/bAp7bPPn7zexabZmmIGGxuHv+ZEY4tCPth3uSA8weytmfzpnx2Hbxn2l+dn
5U5e76oaFDNFS5/mkOLKxOPVHi7sAsx2uYHh0cAW00c77FjEtCGHJodCdDMwotZC
qh1C4SA05Md5ZaStZFxVCgls+AxMpiu4nVIjli6AOL8MvIN1nji+0/ZuG1Q6T5OE
83ggi1KcsKXjONNCEwsMBYM8CxSnpR+w+zxStzfr8jubr6i8/HHgW/jHP+vyDnvC
ZzRpK+bhpcoccUPS+U4XOX1+fDAwA8PXJujChsig4KGRzdonaXDalF/6ZCeQ6Nc=
=IRX+
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ