building 2.6.35
in [Debian]
|
From: Bob Proulx on 12 Aug 2010 19:30 Arthur Machlas wrote: > > Bob Proulx wrote: > >> With those in place you can work as yourself in those areas. Safer > >> than using root since as yourself you can't smash anything in the > >> system directories /etc or /bin or /var or other system locations. > > Isn't there a risk in granting user access to src, adm, and such if > ever your user account is compromised? There is always a risk associated with *everything*. The only truly secure computer is one that has had the following procedure applied to it. http://www.roseweb.de/caro/pages/security/v-one/cut-orig.htm > My uninformed opinion is that it's a question of relative risk; the > 'risk' involved in building kernels as root, versus the risk > involved in giving access to these dirs and tools should your > account become compromised. My experience is that accidents cause problems much more often than active intrusions. Security is certainly important. But more important for me is to create an environment that enables productive use of the system while limiting the risk caused by accidents from authorized users. Safety nets against accidents are very useful. If you are yourself (non-root) working on a tool that you own in /usr/local/bin/foo and while testing make a mistake and get a message that you can't read/write/remove a file in /etc when you meant /usr/local/etc then there isn't any harm done. You know what you did and that it isn't a problem (since you are non-root and have no permissions to /etc) and you fix your error and move on. But if you are root and the same occurs you won't get a permission error but instead will have modified the underlying hosting system. You might not even know that you had done so. This is not about intrusion detection but one of accident prevention. But accidents happen much more often than intrusions. Bob
From: Alexander Samad on 12 Aug 2010 20:30 Hi Well its still doesn't work. I am trying to build the VB kernel modules and well it fails. I need to build the linux-kbuild-2.6.35, working with linux-source just doesn't work ... (I don't want to build a new linux-image) Alex On Wed, Aug 11, 2010 at 6:19 PM, Alexander Samad <alex(a)samad.com.au> wrote: > [snip] > >>> What do I need to do :) >>> >> >> Maybe this will help... >> >> The "make headers_install" command exports the kernel's header files in a >> form suitable for use by userspace programs. >> >> The kernel header files can be generated from the kernel sources. >> >> Define INSTALL_HDR_PATH= for output location. >> >> http://www.mjmwired.net/kernel/Documentation/make/headers_install.txt >> > > so for clarity > > install linux-image-2.6.35-trunk-amd64 & linux-source-2.6.35 > > tar jxf /usr/src/linux-source-2.6.35.tar.bz2 > cp /boot/config-2.6.35-trunk-amd64 /usr/src/linux-source-2.6.35/.config > make oldconfig > make headers_install > > should have me done :) > > >> >>> >>>> A Debian source package for 2.6.35 is also >>> >>>> available in experimental: linux-source-2.6.35. > -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTimZpyiSTwnJ7p9rtjx_uVPVQ8Xpx0Emo9HQGwtS(a)mail.gmail.com
From: Alex Samad on 12 Aug 2010 22:40 Okay I have a working solution and set of steps Unfortunately I didn't keep the url where I got this. But it works, I have to change the changelog to 2.6.35 instead of 2.6.34 ====== How to build linux-kbuild-2.6 yourself Fetch the sources from SVN: svn co svn://svn.debian.org/kernel/dists/trunk/linux-kbuild-2.6 Then, fetch the vanilla kernel tarball (important: the 2.6.x version, no 2.6.x.y version): wget http://ftp.de.kernel.org/pub/linux/kernel/v2.6/linux-2.6.27.tar.bz2 Now, you can prepare the package: cd linux-kbuild-2.6 ../debian/bin/genorig.py ../linux-2.6.27.tar.bz2 cd .. tar xzf orig/linux-kbuild-2.6_2.6.27.orig.tar.gz cd linux-kbuild-2.6-2.6.27/ cp -a ../linux-kbuild-2.6/* ./ ../debian/bin/gencontrol.py dch -i Now adjust the version, and add a comment like "New upstream version" or something, and build the package itself, after you installed eventually missing build-dependencies: make -f debian/rules clean dpkg-checkbuilddeps dpkg-buildpackage -us -uc and you are done. [snip] -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/003701cb3a90$0400bd10$0c023730$@samad.com.au
From: Angus Hedger on 13 Aug 2010 04:50 On Fri, Aug 13, 2010 at 1:29 AM, Alexander Samad <alex(a)samad.com.au> wrote: > Hi > > Well its still doesn't work. Â I am trying to build the VB kernel > modules and well it fails. > > I need to build the linux-kbuild-2.6.35, working with linux-source > just doesn't work ... (I don't want to build a new linux-image) > > Alex > > On Wed, Aug 11, 2010 at 6:19 PM, Alexander Samad <alex(a)samad.com.au> wrote: >> [snip] >> >>>> What do I need to do :) >>>> >>> >>> Maybe this will help... >>> >>> The "make headers_install" command exports the kernel's header files in a >>> form suitable for use by userspace programs. >>> >>> The kernel header files can be generated from the kernel sources. >>> >>> Define INSTALL_HDR_PATH= for output location. >>> >>> http://www.mjmwired.net/kernel/Documentation/make/headers_install.txt >>> >> >> so for clarity >> >> install linux-image-2.6.35-trunk-amd64 & linux-source-2.6.35 >> >> tar jxf /usr/src/linux-source-2.6.35.tar.bz2 >> cp /boot/config-2.6.35-trunk-amd64 /usr/src/linux-source-2.6.35/.config >> make oldconfig >> make headers_install >> >> should have me done :) >> >> >>> >>>> >>>> A Debian source package for 2.6.35 is also >>>> >>>> available in experimental: linux-source-2.6.35. Hey If you are having problems with the VB modules, check the "/lib/modules/<kernel version>/build" Symlink, I have found that for some reason it keeps pointing to the src dir that i built the kernel from rather than the header files. Regards, Angus. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTikog+9af9-xcfwcMj6X??ajqD1BeGM_eNAd(a)mail.gmail.com
From: Stephen Powell on 13 Aug 2010 09:30
On Thu, 12 Aug 2010 13:25:50 -0400 (EDT), Bob Proulx wrote: > Stephen Powell wrote: >> Still, I should have noticed that the /usr/src directory was owned >> by user root and by group src. For some reason, I never made that >> connection. That's a great tip, thanks. I will have to play around >> with this. If I can get everything to work, then the next revision >> of my kernel building web page will be revised accordingly. > > Don't berate yourself. There is too much information in the universe > to know all of it! Only by working together can we manage to get a > handle on even a small fraction of it. How true! I have revised my kernel building web page based on your recommendations (http://www.wowway.com/~zlinuxman/Kernel.htm) to recommend building the kernel as a non-root user. Let me know what you think. -- .''`. Stephen Powell : :' : `. `'` `- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/160880533.67630.1281705950445.JavaMail.root(a)md01.wow.synacor.com |