Let's change our policy to match other "rolling release" distros and
ease the procedure to fix Glibc security vulnerabilities.
Squashed the commits in xry111/update-glibc branch to keep the history
clean.
Co-Authored-By: Pierre Labastie <pierre.labastie@neuf.fr>
Co-Authored-By: Douglas R. Reno <renodr@linuxfromscratch.org>
Per a discussion in the team, we only consider an upgradation dangerous
if it may render the system unusable. "Causing something not able to
build" is never considered dangerous. Thus upgrading some headers
cannot be dangerous.
The Glibc portion will need an update too (it can be upgraded safely
with some caution) to ease security updates. But let's do the easy
change first...
There seems some guy overusing this method so we should add more
caveats.
- Use /opt/foo-x.y instead of /usr/pkg/foo-x.y. /opt/foo-x.y is used in
BLFS for Rustc, Qt5, etc. and /usr/pkg is not FHS-compliant.
- Use /etc/ld.so.conf and LDFLAGS instead of LD_LIBRARY_PATH. Relying
on LD_LIBRARY_PATH is generally a bad idea, and we also don't use it
in BLFS for /opt packages.
- Discourage this method for general use, mention it may not work for
vital packages like Glibc.
Use "library name" (instead of "library version") for SONAME (for now).
And "conflicting locations" may not be a problem if the symbol is at two
locations but they are exactly same (or ABI compatible).
For the details see lfs-dev discussion.
The current word is still not perfect (we've not defined "the name of a
shared library" at all), so I guess we'll need to make a major revision
for the entire "upgrading issue with shared libraries" thing in the
future.
Move coreutils library from /usr/libexec to /usr/lib in both
Chapter 6 and Chapter 8.
Text updates in chapter08/pkgmgt.xml and chapter09/locale.xml.
Restore deletion of hanging test in chapter08/util-linux.xml.
Text changes in stripping and make instruction compatible with jhalfs.
In stripping, /usr/bin/bash, /usr/bin/find, and /usr/bin/strip are
running. Strip them, and all libraries used by them in /tmp, then
install them back.
We can't use this for all libraries or binaries: the process above
discouples hard links (for example /usr/bin/perl and perl5.34.0). So
unfortunately the stripping instruction is now a stupidly long bash
script...
Update to binutils-2.35.
Update to gcc-10.2.0.
Update to check-0.15.1.
Update to bison-3.7.1.
Update to util-linux 2.36.0.
Update to libcap-2.42.
Update to linux-5.7.12.
git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@12007 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
