Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 20 May 2011 23:30:04 +0300
From: Georgi Geshev <>
Subject: Re: Owl test builds

Hash: SHA1


On 5/19/2011 11:45 AM, Georgi Geshev wrote:
> Hello Solar,
> On 5/19/2011 7:38 AM, Solar Designer wrote:
>> Georgi,
>> I've just setup the promised OpenVZ container for your test builds (sent
>> the details to you off-list).
>> I suggest that you do your builds in two chroots, /owl32 and /owl64,
>> which you'll need to create.  Of course, I could create two OpenVZ
>> containers instead, but I think it's nice for you to have a clean system
>> and to experiment in chroots, which you can easily re-create on your own
>> (and you can also create more than two if needed).
>> I suggest that you do something like:
>> su - build
>> lftp
>> cd /openwall/Owl/current
>> get native.tar.gz
>> cd x86_64
>> mirror RPMS
>> exit # from lftp
>> tar xzf native.tar.gz
>> exit # from su
>> mkdir /owl
>> cd ~build
>> make installworld # installs 64-bit Owl userland under /owl
>> mv /owl /owl64
>> Then maybe:
>> useradd -m build32
>> su - build32
>> for i686...
>> cp native/Owl/build/installworld.conf .
>> vi installworld.conf # edit HOME and ROOT
>> ...
>> mkdir /owl32
>> cd ~build
>> setarch i686 make installworld # installs 32-bit Owl userland under /owl32
>> Of course, it's preferable to check signatures on stuff you download, as
>> described here:
>> However, since this is for test builds only, which we're not going to
>> use directly (instead, we'd review and commit the resulting patches,
>> then do clean builds elsewhere), security of this setup is not terribly
>> important.  This is why I don't insist on you being more careful.
>> For the actual test builds, you'd use:
>> chroot /owl64
>> su - build
>> stuff again (or copy from outside of chroot)...
>> make buildworld
>> and:
>> setarch i686 chroot /owl32
>> ...ditto...
>> Please let me know if you have any questions or run into any issues.
>> For general Owl usage/build issues, please post in here.  For issues
>> specific to this server setup (e.g., connectivity), e-mail me off-list.
>> Thanks,
>> Alexander
> Thank you so much for all the detailed explanations.
> Regards,
> Georgi

I've run into some trouble performing the actual test builds - I wasn't
able to `su' inside the chrooted environment -

root@...:~ # chroot /owl64
bash-3.1# su - build
su: exec failed

root@...:~ # setarch i686 chroot /owl32
bash-3.1# su - build
su: Insufficient credentials to access authentication data

Fortunately, Alex has already correctly suggested that there was an
obvious issue with the permissions and a simple `chmod 755 /' inside the
chroot would solve the problem.

Version: GnuPG v1.4.11 (MingW32)


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ