From 18e99c88b956e56c2298bfb39d26aac20aa413e2 Mon Sep 17 00:00:00 2001 From: Bruce Dubbs Date: Mon, 18 Apr 2022 11:32:36 -0500 Subject: [PATCH 1/9] Update lfs currency for wheel --- lfs-latest-git.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lfs-latest-git.php b/lfs-latest-git.php index df0ddcccc..5436099ba 100644 --- a/lfs-latest-git.php +++ b/lfs-latest-git.php @@ -137,6 +137,7 @@ if ( $package == "systemd" ) $dirpath = "https://github.com/systemd/systemd/r if ( $package == "tcl" ) $dirpath = "https://www.tcl.tk/software/tcltk/download.html"; if ( $package == "util-linux" ) $dirpath = max_parent( $dirpath, "v." ); if ( $package == "vim" ) $dirpath = "https://github.com/vim/vim/tags"; +if ( $package == "wheel" ) $dirpath = "https://pypi.org/project/wheel/#files"; if ( $package == "zstd" ) $dirpath = "https://github.com/facebook/zstd/releases"; // Check for ftp From 9de91f78221da0f8000cf694a2884b21b4becd13 Mon Sep 17 00:00:00 2001 From: Bruce Dubbs Date: Tue, 19 Apr 2022 11:36:18 -0500 Subject: [PATCH 2/9] Fix currency for mpfr There is something wrong with the certificate for the mpfr web page https://mpfr.loria.fr/mpfr-current/. Ignore the certificate problem. --- lfs-latest-git.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lfs-latest-git.php b/lfs-latest-git.php index 5436099ba..645f8e70d 100644 --- a/lfs-latest-git.php +++ b/lfs-latest-git.php @@ -70,6 +70,7 @@ function find_even_max( $lines, $regex_match, $regex_replace ) function http_get_file( $url ) { if ( ! preg_match( "/sourceforge/", $url ) && + ! preg_match( "/mpfr/", $url ) && ! preg_match( "/psmisc/", $url ) ) { exec( "curl --location --silent --max-time 30 $url", $dir ); @@ -78,6 +79,14 @@ function http_get_file( $url ) $dir = strip_tags( $s ); return explode( "\n", $dir ); } + else if ( preg_match( "/mpfr/", $url ) ) + { + # There seems to be a problem with the mpfs certificate + exec( "curl --location --silent --insecure --max-time 30 $url", $dir ); + $s = implode( "\n", $dir ); + $dir = strip_tags( $s ); + return explode( "\n", $dir ); + } else { exec( "lynx -dump $url 2>/dev/null", $lines ); From 474ba0c42672358f167ba721341c331fd80acb25 Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Wed, 20 Apr 2022 18:34:28 +0800 Subject: [PATCH 3/9] mpfr: use ftp.gnu.org, at least for now Currently www.mpfr.org has a certificate issue. --- packages.ent | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages.ent b/packages.ent index 60d7a6f61..fc0c9d180 100644 --- a/packages.ent +++ b/packages.ent @@ -508,7 +508,7 @@ - + From c919b34c8a46180ce451c5c1baa8df18921ddcdd Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Wed, 20 Apr 2022 18:47:24 +0800 Subject: [PATCH 4/9] generalize the note about removed and vulnerably releases --- chapter03/packages.xml | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/chapter03/packages.xml b/chapter03/packages.xml index 5b1976f47..aa927e60a 100644 --- a/chapter03/packages.xml +++ b/chapter03/packages.xml @@ -10,6 +10,21 @@ All Packages + + Read the security advisories + before downloading packages to figure out if a newer version of any + package should be used to avoid security vulnerabilities. + + The upstreams may remove old releases, especially when these + releases contain a security vulnerability. If one URL below is not + reachable, you should read the security advisories first to figure out + if a newer version (with the vulnerability fixed) should be used. If + not, try to download the removed package from a mirror. Although it's + possible to download an old release from a mirror even if this release + has been removed because of a vulnerability, it's not recommended to + use a release known to be vulnerable for building your system. + + Download or otherwise obtain the following packages: @@ -173,15 +188,6 @@ Home page: Download: MD5 sum: &expat-md5; - - The upstream may remove tarballs of the specific releases of - Expat when these releases contain a - security vulnerability. You should refer to - LFS security advisories - to figure out which version (with the vulnerability fixed) should - be used. You may download the vulnerable version from a mirror, - but it's not recommended. - From 421e0cfcdaaaccfe64ca4af145a41da13598f3bb Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Thu, 21 Apr 2022 14:02:44 +0800 Subject: [PATCH 5/9] add convenience entities for users root and lfs --- general.ent | 3 +++ 1 file changed, 3 insertions(+) diff --git a/general.ent b/general.ent index 4f15d3fdd..7da71e60e 100644 --- a/general.ent +++ b/general.ent @@ -112,6 +112,9 @@ +root"> +lfs"> + %packages-entities; From e286d8db1493827461aa95ea43b345a9ce5d9f2e Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Thu, 21 Apr 2022 14:12:43 +0800 Subject: [PATCH 6/9] decorate the references to root and lfs user The references already correctly decorated are not changed because "if it's not broken don't fix it". --- chapter02/stages.xml | 3 +-- chapter04/addinguser.xml | 4 ++-- chapter07/cleanup.xml | 4 ++-- chapter07/introduction.xml | 2 +- chapter08/bash.xml | 2 +- chapter08/coreutils.xml | 4 ++-- chapter08/util-linux.xml | 2 +- chapter10/kernel.xml | 4 ++-- chapter11/reboot.xml | 4 ++-- 9 files changed, 14 insertions(+), 15 deletions(-) diff --git a/chapter02/stages.xml b/chapter02/stages.xml index 830ec0c1f..7c151975f 100644 --- a/chapter02/stages.xml +++ b/chapter02/stages.xml @@ -71,8 +71,7 @@ A few operations, from Changing Ownership to Entering the Chroot Environment must be done as the root user, with the LFS - environment variable set for the - rootuser. + environment variable set for the &root; user. diff --git a/chapter04/addinguser.xml b/chapter04/addinguser.xml index 535f20b02..b659b4841 100644 --- a/chapter04/addinguser.xml +++ b/chapter04/addinguser.xml @@ -86,8 +86,8 @@ case $(uname -m) in esac In some host systems, the following command does not complete - properly and suspends the login to the lfs user to the background. If the - prompt "lfs:~$" does not appear immediately, entering the + properly and suspends the login to the &lfs-user; user to the background. + If the prompt "lfs:~$" does not appear immediately, entering the fg command will fix the issue. Next, login as user lfs. diff --git a/chapter07/cleanup.xml b/chapter07/cleanup.xml index 651f2e8d6..6ed78fb93 100644 --- a/chapter07/cleanup.xml +++ b/chapter07/cleanup.xml @@ -156,9 +156,9 @@ tar -cJpf $HOME/lfs-temp-tools-&version;.tar.xz . restore when they don't need to. --> The following commands are extremely dangerous. If - you run rm -rf ./* as the root user and you + you run rm -rf ./* as the &root; user and you do not change to the $LFS directory or the LFS - environment variable is not set for the root user, it will destroy + environment variable is not set for the &root; user, it will destroy your entire host system. YOU ARE WARNED. cd $LFS diff --git a/chapter07/introduction.xml b/chapter07/introduction.xml index 2b0030d7b..6605ddea4 100644 --- a/chapter07/introduction.xml +++ b/chapter07/introduction.xml @@ -25,7 +25,7 @@ Until , the commands must be run as root, with the LFS variable set. After entering chroot, all commands - are run as root, fortunately without access to the OS of the computer + are run as &root;, fortunately without access to the OS of the computer you built LFS on. Be careful anyway, as it is easy to destroy the whole LFS system with badly formed commands. diff --git a/chapter08/bash.xml b/chapter08/bash.xml index 787882b59..4ea981d5b 100644 --- a/chapter08/bash.xml +++ b/chapter08/bash.xml @@ -73,7 +73,7 @@ chown -Rv tester . - The testsuite of the package is designed to be run as a non-root + The testsuite of the package is designed to be run as a non-&root; user that owns the terminal connected to standard input. To satisfy the requirement, spawn a new pseudo terminal using Expect and run the tests as the echo "dummy:x:102:tester" >> /etc/group - Fix some of the permissions so that the non-root user can compile and - run the tests: + Fix some of the permissions so that the non-&root; user can + compile and run the tests: chown -Rv tester . diff --git a/chapter08/util-linux.xml b/chapter08/util-linux.xml index 7aba82c85..d90936b78 100644 --- a/chapter08/util-linux.xml +++ b/chapter08/util-linux.xml @@ -84,7 +84,7 @@ make - If desired, run the test suite as a non-root user: + If desired, run the test suite as a non-&root; user: Running the test suite as the root user can be harmful to diff --git a/chapter10/kernel.xml b/chapter10/kernel.xml index 713bab93b..f1469f0b4 100644 --- a/chapter10/kernel.xml +++ b/chapter10/kernel.xml @@ -248,8 +248,8 @@ File systems ---> If the host system has a separate /boot partition, the files copied below should go there. The easiest way to do that is to bind /boot on the - host (outside chroot) to /mnt/lfs/boot before proceeding. As the root - user in the host system: + host (outside chroot) to /mnt/lfs/boot before proceeding. As the + &root; user in the host system: mount --bind /boot /mnt/lfs/boot diff --git a/chapter11/reboot.xml b/chapter11/reboot.xml index 9166a8c49..3d7953897 100644 --- a/chapter11/reboot.xml +++ b/chapter11/reboot.xml @@ -46,8 +46,8 @@ Installing sudo may be useful for - building packages as a non-root user and easily installing the resulting - packages in your new system. + building packages as a non-&root; user and easily installing the + resulting packages in your new system. If you want to access your new system from a remote system within a comfortable GUI environment, install Date: Thu, 21 Apr 2022 14:23:07 +0800 Subject: [PATCH 7/9] python: add a for pip3 usage --- chapter08/python.xml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/chapter08/python.xml b/chapter08/python.xml index 1af9e0db9..cc3ca0d66 100644 --- a/chapter08/python.xml +++ b/chapter08/python.xml @@ -109,6 +109,27 @@ -i /usr/lib/python3.10/site-packages/pip/_internal/cli/req_command.py + + + In LFS and BLFS, we normally build and install Python modules with + pip3. Please take care that the + pip3 install commands in both the books should be + run as &root; unless it's for a Python virtual environment. Running + a pip3 install as a non-&root; user may seems to + work fine, but it will cause the installed module unaccessible by + other users. + + + pip3 install will not reinstall an already + installed module by default. For using the + pip3 install command to upgrade a module (for + example, from meson-0.61.3 to meson-0.62.0), append + -U to the command line. If it's really + necessary to downgrade a module or reinstall the same version for + some reason, append --force-reinstall to + the command line. + + If desired, install the preformatted documentation: From dd9987c5ab0ee493d09817a566a8512ac53ea0d2 Mon Sep 17 00:00:00 2001 From: Bruce Dubbs Date: Thu, 21 Apr 2022 08:43:49 -0500 Subject: [PATCH 8/9] Minor rewording of pip3 recommendations --- chapter08/python.xml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/chapter08/python.xml b/chapter08/python.xml index cc3ca0d66..cb1d12c27 100644 --- a/chapter08/python.xml +++ b/chapter08/python.xml @@ -111,23 +111,23 @@ - In LFS and BLFS, we normally build and install Python modules with - pip3. Please take care that the + In LFS and BLFS we normally build and install Python modules with the + pip3 command. Please take care that the pip3 install commands in both the books should be - run as &root; unless it's for a Python virtual environment. Running - a pip3 install as a non-&root; user may seems to - work fine, but it will cause the installed module unaccessible by - other users. + run as ithe &root; user unless it's for a Python virtual environment. + Running a pip3 install as a non-&root; user may seem + to work fine, but it will cause the installed module to be inaccessible + by other users. + - pip3 install will not reinstall an already - installed module by default. For using the - pip3 install command to upgrade a module (for - example, from meson-0.61.3 to meson-0.62.0), append - -U to the command line. If it's really - necessary to downgrade a module or reinstall the same version for - some reason, append --force-reinstall to - the command line. + pip3 install will not reinstall an already installed + module by default. For using the pip3 install + command to upgrade a module (for example, from meson-0.61.3 to + meson-0.62.0), insert the option --upgrade into + the command line. If it's really necessary to downgrade a module or + reinstall the same version for some reason, insert + --force-reinstall into the command line. From 93db1e614e093078304409d148a1cfe15fd3eb68 Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Thu, 21 Apr 2022 23:28:35 +0800 Subject: [PATCH 9/9] python: fix a typo --- chapter08/python.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chapter08/python.xml b/chapter08/python.xml index cb1d12c27..b7f2da6b9 100644 --- a/chapter08/python.xml +++ b/chapter08/python.xml @@ -114,7 +114,7 @@ In LFS and BLFS we normally build and install Python modules with the pip3 command. Please take care that the pip3 install commands in both the books should be - run as ithe &root; user unless it's for a Python virtual environment. + run as the &root; user unless it's for a Python virtual environment. Running a pip3 install as a non-&root; user may seem to work fine, but it will cause the installed module to be inaccessible by other users.