building 2.6.35
in [Debian]
|
From: Stephen Powell on 13 Aug 2010 09:40 On Thu, 12 Aug 2010 13:55:40 -0400 (EDT), Sven Joachim wrote: > Stephen Powell wrote: >> I do know about groups, but I don't necessarily know the intended >> purpose of all of the pre-defined groups in a Linux system. Where >> can I find documentation for that? > > For Debian, there is some information in the /usr/share/doc/base-passwd/ > directory. Thanks, Sven! That's exactly the kind of information I was looking for! -- .''`. Stephen Powell : :' : `. `'` `- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/2134936844.67856.1281706339189.JavaMail.root(a)md01.wow.synacor.com
From: Celejar on 13 Aug 2010 10:20 On Thu, 12 Aug 2010 12:34:34 -0400 (EDT) Stephen Powell <zlinuxman(a)wowway.com> wrote: .... > says! I suppose the most secure method would be to create an id just > for kernel building which is a member of group src and its login > group, and that's it. How about copying the source to an unprivileged location, assuming you have the space? Celejar -- foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/20100813101133.c12c6401.celejar(a)gmail.com
From: Stephen Powell on 13 Aug 2010 11:20 On Fri, 13 Aug 2010 10:11:33 -0400 (EDT), Celejar wrote: > On Thu, 12 Aug 2010 12:34:34 -0400 (EDT), Stephen Powell wrote: >> ... >> I suppose the most secure method would be to create an id just >> for kernel building which is a member of group src and its login >> group, and that's it. > > How about copying the source to an unprivileged location, assuming you > have the space? Yes, that is an option also; but it too has drawbacks, especially if you are building out-of-kernel-source-tree module packages in addition to your kernel package. Here's an excerpt from one of my previous posts on this thread: (3) If I am using out-of-kernel-source-tree module source packages, I have to copy them too. By default, the source code installs to /usr/src/modules, I think. All the same issues arise here. And then I have to use the $MODULE_LOC environment variable to tell make-kpkg where to find the module source code. More overrides. It's just simpler to be root and do everything in its default location. Then of course there are disk space requirements, if the source is copied instead of moved. "Every solution breeds more problems." (author unknown) The latest version of my kernel building web page, revised yesterday (http://www.wowway.com/~zlinuxman/Kernel.htm), recommends unpacking, configuring, and compiling the kernel from its default location as a non-root user which is a member of group src. It can be the system administrator's non-superuser self or an id created specifically for kernel building that is enrolled in group src, at the administrator's discretion. I have tested the procedure, and it works. That's my current recommendation. Obviously, you are entitled to disagree if you like. -- .''`. Stephen Powell : :' : `. `'` `- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/486864869.70489.1281712665351.JavaMail.root(a)md01.wow.synacor.com
From: Arthur Machlas on 13 Aug 2010 13:30 > The latest version of my kernel building web page, revised yesterday > (http://www.wowway.com/~zlinuxman/Kernel.htm), recommends unpacking, > configuring, and compiling the kernel from its default location > as a non-root user which is a member of group src. Â It can be the > system administrator's non-superuser self or an id created > specifically for kernel building that is enrolled in group src, > at the administrator's discretion. Â I have tested the procedure, > and it works. Â That's my current recommendation. Â Obviously, you > are entitled to disagree if you like. It's a pretty great document Stephen, and I don't think I mentioned earlier that it was my first and authoritative reference when first starting to build kernels, for exactly the reason you noted, much documentation is out-of-date or not debian specific. So thanks for that, belatedly. One thing I think is missing, that I had to discover myself, and perhaps is related to the OPs question, is that sometimes you need the headers and even the source for the custom kernels, e.g., Virtualbox from upstream. In which case, adding kernel_headers and/or kernel_source to the make-kpkg build line is a noteworthy item, since it will build debs' and take care of installing them correctly without linking back to the build directory when searching for source. Best, AM -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTikeFaL 6oaCQW9J_Pe03fqr6wGYeYmMkrUYsd(a)mail.gmail.com
From: Stephen Powell on 13 Aug 2010 14:50
On Fri, 13 Aug 2010 13:27:50 -0400 (EDT), Arthur Machlas wrote: > Stephen Powell wrote: >> The latest version of my kernel building web page, revised yesterday >> (http://www.wowway.com/~zlinuxman/Kernel.htm), recommends unpacking, >> configuring, and compiling the kernel from its default location >> as a non-root user which is a member of group src. Â It can be the >> system administrator's non-superuser self or an id created >> specifically for kernel building that is enrolled in group src, >> at the administrator's discretion. Â I have tested the procedure, >> and it works. Â That's my current recommendation. Â Obviously, you >> are entitled to disagree if you like. > > It's a pretty great document Stephen, and I don't think I mentioned > earlier that it was my first and authoritative reference when first > starting to build kernels, for exactly the reason you noted, much > documentation is out-of-date or not debian specific. So thanks for > that, belatedly. > > One thing I think is missing, that I had to discover myself, and > perhaps is related to the OPs question, is that sometimes you need the > headers and even the source for the custom kernels, e.g., Virtualbox > from upstream. In which case, adding kernel_headers and/or > kernel_source to the make-kpkg build line is a noteworthy item, since > it will build debs' and take care of installing them correctly without > linking back to the build directory when searching for source. That is valuable real-world feedback from a real-world user, Arthur. I will see what I can do to improve the document in this respect. I haven't done anything like that myself; so if you have some suggested wording that you would like to see added, tell me what and where, and we'll go from there. I would also like to add an out-of-kernel-source-tree modules example. It has been a long time since I did anything with out-of-kernel-source-tree stuff. The last time I did something like that was back in the days when the pcmcia drivers and the alsa drivers were not yet integrated into the main kernel source tree. And that was about ten years ago, I think. Much has changed in the world of kernel building since then. But we now have things like the proprietary nvidia kernel module and proprietary kernel modules for win-modems that can be used as examples. I have occasion to use both of those examples with my current hardware. -- .''`. Stephen Powell : :' : `. `'` `- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/1562182024.75394.1281725183907.JavaMail.root(a)md01.wow.synacor.com |