Pure LFS coreutils - I rest my case (temporarily :)

Erik-Jan ej.lfs at xs4all.nl
Thu Apr 24 16:16:15 PDT 2003


Bill's LFS Login wrote:
> 
> I do have shadow installed. I suppose that should be standard?

Yep. But of course, lfs is your distro :))

> 
> I would disagree for one reason, with a wuestion. At the time, has the
> new su been tested? 

No, it doesn't get tested at all, it is only used in the
fail-2eperm-test. Shadow-su (and all the other shadowprogs) doesn't get
tested at all, though.

> If not, what if it is broken and then causes the
> fail-2eprm test to fail. 

You can look at it this way: fail-2eperm tests rm and su

> This presumes that all versions of su accept the logname in the first
> position (is that a safe assumption?) and all parameters found after the
> logname are to be passed to the new shell. And we can apply your fix for
> the BASH_ENV issue.

I really don't know. How many sus are there in this world?

> Is this only good for the coreutils version? I suspect we will find it
If you pass -s /bin/sh to shadow-su, it uses /bin/sh as an interactive
login-shell. Not really what we want...

> Last, does this have any potential pitfalls if we are upgrading glibc?

Really don't know.

> I have some experience in C if you experience difficulty. Feel free to
> post me (off list would be best, I guess).
OK thanks, I will.

> In my final version, you'll see in the big logs that mysql didn't do
> anything. Several were skipped and the test automativcally selected user
> 'nobody', which is really what Ryan was shotting for anyway. So, it
> looked pretty good to me (keeping in mind I have some degree of
> ignorance on these things).
Yes, it did. But adding it gives you more of that 'I know exactly what
happens in every case'-feeling :))

> BTW, is your password file carrying the encrypted passwords? This is
> supposed to be less secure than the shadow password schema, IIRC. I
> wonder if the coreutils install will wipe out the su from shadow, and if
> so, will I be screwed?
No I use shadowing on my host and on my final lfs, like the rest of the
world. Only when building coreutils in ch6, shadow hasn't been installed
yet.

Nothing will be wiped: ch5 installs it in /stage1, ch6 installs it in
/usr/bin (which we move to /bin) but it is the first su in the chrooted
environment that gets installed. When we install shadow, the
coreutils-su will be replaced by the one shadow provides. (Which is a
good thing, I guess, because shadow-su for sure knows about shadowed
passwords and I don't know if the coreutils-su does)

So it seems we've sort of got this one finished (anyone for the test
that failed because of a missing perl expect package?)

Bye,
Erik-Jan
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message



More information about the lfs-dev mailing list