From de28837402798daa420ad065fb9155d308a7767e Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Mon, 26 Jul 2021 19:34:27 +0800 Subject: [PATCH 1/2] Hopefully, complete strip workaround In stripping, /usr/bin/bash, /usr/bin/find, and /usr/bin/strip are running. Strip them, and all libraries used by them in /tmp, then install them back. We can't use this for all libraries or binaries: the process above discouples hard links (for example /usr/bin/perl and perl5.34.0). So unfortunately the stripping instruction is now a stupidly long bash script... --- chapter01/changelog.xml | 9 +++++ chapter08/pkgmgt.xml | 15 ++++++++ chapter08/strippingagain.xml | 66 +++++++++++++++++++++++++++--------- 3 files changed, 74 insertions(+), 16 deletions(-) diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index 487b9e01d..8a3807262 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -43,6 +43,15 @@ appropriate for the entry or if needed the entire day's listitem. --> + + 2021-07-25 + + + [xry111] - (Hopefully) complete stripping workaround. + + + + 2021-07-25 diff --git a/chapter08/pkgmgt.xml b/chapter08/pkgmgt.xml index 228a13378..43b9c57d3 100644 --- a/chapter08/pkgmgt.xml +++ b/chapter08/pkgmgt.xml @@ -121,6 +121,21 @@ and rerun that command to confirm nothing is still using the deleted libraries. + + + If a binary or a shared library is overwrote, the processes + using the code or data in the binary or library may crash. The + correct way to update a binary or a shared library without causing + the process to crash is: remove it first, then install the new + version into position. The install command + provided by Coreutils has already + implemented this and most packages use it to install binaries and + libraries. So you won't be troubled by this issue most of the time. + However, the install process of some packages (notably Mozilla JS + in BLFS) just overwrites the file if it exists and causes crash, so + it's safer to save your work and close unneeded running processes + before updating a package. + diff --git a/chapter08/strippingagain.xml b/chapter08/strippingagain.xml index d2e686e8f..e663f2d8e 100644 --- a/chapter08/strippingagain.xml +++ b/chapter08/strippingagain.xml @@ -23,18 +23,28 @@ strip commands, it is a good idea to make a backup of the LFS system in its current state. - First place the debugging symbols for selected libraries - in separate files. This debugging information is needed if running + The debugging symbols for selected libraries are placed + in separate files. These debugging information is needed if running regression tests that use valgrind or gdb later in BLFS. + And, strip will overwrite the binary or library + file. This may crash the processes using code or data from the file. If + the process running strip itself is affected, the + binary or library being stripped may be destroyed. This may make the + system completely unusable. To avoid it, we'll copy some libraries and + binaries into /tmp, strip them + there, and install them back with the install command. + Read the related entry in for the + rationale to use the install command here. + save_usrlib="ld-&glibc-version;.so libc-&glibc-version;.so libpthread-&glibc-version;.so libthread_db-&libthread_db-version;.so - libquadmath.so.&libquadmath-version; libstdc++.so.&libstdcpp-version; libz.so.&zlib-version; + libquadmath.so.&libquadmath-version; libstdc++.so.&libstdcpp-version; libitm.so.&libitm-version; libatomic.so.&libatomic-version;" cd /usr/lib @@ -48,24 +58,48 @@ for LIB in $save_usrlib; do rm /tmp/$LIB done -unset LIB save_usrlib +online_usrbin="bash find strip" +online_usrlib="libbfd-&binutils-version;.so libdl-&glibc-version;.so + libhistory.so.&readline-version; libncursesw.so.&ncurses-version; + libm-&glibc-version;.so libreadline.so.&readline-version; + libz.so.&zlib-version;" - - Now the binaries and libraries can be stripped: -find /usr/lib -type f -name \*.a \ +for LIB in $online_usrlib; do + cp /usr/lib/$LIB /tmp/$LIB + strip --strip-unneeded /tmp/$LIB + install -vm755 /tmp/$LIB /usr/lib + rm /tmp/$LIB +done + +find /usr/lib -type f -name \*.a \ -exec strip --strip-debug {} ';' -find /usr/lib -type f -name \*.so* ! -name \*dbg ! -name libz.so* \ - -exec strip --strip-unneeded {} ';' +for i in $(find /usr/lib -type f -name \*.so* ! -name \*dbg); do + case "$online_usrlib $save_usrlib" in + *$(basename $i)* ) ;; + * ) strip --strip-unneeded $i ;; + esac +done -find /usr/{bin,sbin,libexec} -type f \ - -exec strip --strip-all {} ';' +for i in $(find /usr/bin -type f); do + case "$online_usrbin" in + *$(basename $i)* ) ;; + * ) strip --strip-all $i ;; + esac +done + +find /usr/{sbin,libexec} -type f \ + -exec strip --strip-all {} ';' + +unset BIN LIB save_usrlib online_usrbin online_usrlib + A large number of files will be reported as having their file format not recognized. These warnings can be safely ignored. These From 6d6f24202935a5e9ae663cc2a1a79b718f16c9da Mon Sep 17 00:00:00 2001 From: "Thomas Trepl (Moody)" Date: Mon, 26 Jul 2021 22:06:18 +0200 Subject: [PATCH 2/2] Fix a programming error in shadow-4.9 --- chapter01/changelog.xml | 9 +++++++++ chapter08/shadow.xml | 4 ++++ 2 files changed, 13 insertions(+) diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index 8a3807262..1b17760f2 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -43,6 +43,15 @@ appropriate for the entry or if needed the entire day's listitem. --> + + 2021-07-26 + + + [thomas] - Fix a programming error in shadow-4.9 + + + + 2021-07-25 diff --git a/chapter08/shadow.xml b/chapter08/shadow.xml index 9aa196421..bd2651b8d 100644 --- a/chapter08/shadow.xml +++ b/chapter08/shadow.xml @@ -95,6 +95,10 @@ find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;sed -i 's/1000/999/' etc/useradd --> + Fix a simple programming error by modifying a file with following command: + +sed -e "224s/rounds = SHA_ROUNDS_DEFAULT/min_&/" -i libmisc/salt.c + Prepare Shadow for compilation: touch /usr/bin/passwd