From: Rudolf B. <qu...@we...> - 2007-10-19 13:05:09
|
Hello all on the list, I'm new to this list. I intend to install devil-linux on a small box as a firewall with mail- and web-servers, but up to now I did only some trials, but did'nt realize it consequently. Some weeks or months ago somebody on this list gave the advice: "Wait until kernel 2.6". I suppose this has been ment as a joke, but earnestly: Is there any realistic chance to get a devil-linux with kernel 2.6 within the foreseeable future? Greetings, Rudolf |
From: Heiko Z. <he...@zu...> - 2007-10-19 13:20:29
|
On Fri, October 19, 2007 08:04, Rudolf Bahr wrote: > > Hello all on the list, > > > I'm new to this list. I intend to install devil-linux on a small box > as a firewall with mail- and web-servers, but up to now I did only some > trials, but did'nt realize it consequently. > > Some weeks or months ago somebody on this list gave the advice: > "Wait until kernel 2.6". I suppose this has been ment as a joke, but > earnestly: Is there any realistic chance to get a devil-linux with kernel > 2.6 within the foreseeable future? I hope so, but we can't make any promises. We're working on it for quite a while already and any additional help is welcome. Is there a specific need you need the 2.6 kernel for? Usually people need it because of some hardware compatability. -- Regards Heiko Zuerker http://www.devil-linux.org |
From: Rudolf B. <qu...@we...> - 2007-10-19 14:39:35
|
* Heiko Zuerker (he...@zu...) [071019 15:51]: > > Is there a specific need you need the 2.6 kernel for? Usually people need > it because of some hardware compatability. Hello Heiko, yes, there exists a specific hardware problem concerning the Ethernet controllers. At the moment sidux (kernel 2.6.22.3) is running on my small box (VIA Cpu, 2 x RTL-8169SC Gigabit Ethernet Controllers) and as driver it uses "r8169.ko" successfully; in devil-linux there is a driver "r8169", if I remember well, which doesn't seam to work. Secondly I'd rather prefere to use "iptables" than "ipchains". Regards, Rudolf |
From: Serge L. <fi...@in...> - 2007-10-19 15:07:19
|
Rudolf Bahr wrote: > > Secondly I'd rather prefere to use "iptables" than "ipchains". DL 1.2 comes with iptables. -- Sincerely Serge Leschinsky |
From: Serge L. <fi...@in...> - 2007-10-19 15:03:02
|
Rudolf, Rudolf Bahr wrote: > Some weeks or months ago somebody on this list gave the advice: > "Wait until kernel 2.6". I suppose this has been ment as a joke, but > earnestly: Is there any realistic chance to get a devil-linux with kernel > 2.6 within the foreseeable future? I'm using DL with kernel 2.6. In comparison with DL 1.2 (2.4 kernel) there are some advantages - more hardware supportable, some packages are on frontier of technology (active-active firewall), more options for netfilter, AoE (and iSCSI in the nearest future) and some disadvantages - absence of grsecurity patch/selinux, some packages are not up-to-date... My opinion is: DL is not an alpha/beta version already, but full-featured release candidate. And the testing in this phase is especially important. If I check-in the latest changes (new kernel in the main) and ask Heiko to create iso file will anybody test it? -- Sincerely Serge Leschinsky |
From: Heiko Z. <he...@zu...> - 2007-10-19 15:05:53
|
On Fri, October 19, 2007 10:02, Serge Leschinsky wrote: > Rudolf, > > > Rudolf Bahr wrote: > > >> Some weeks or months ago somebody on this list gave the advice: >> "Wait until kernel 2.6". I suppose this has been ment as a joke, but >> earnestly: Is there any realistic chance to get a devil-linux with >> kernel 2.6 within the foreseeable future? >> > I'm using DL with kernel 2.6. In comparison with DL 1.2 (2.4 kernel) > there are some advantages - more hardware supportable, some packages are > on frontier of technology (active-active firewall), more options for > netfilter, AoE (and iSCSI in the nearest future) and some disadvantages - > absence of grsecurity patch/selinux, some packages are not up-to-date... > > My opinion is: DL is not an alpha/beta version already, but full-featured > release candidate. And the testing in this phase is especially > important. If I check-in the latest changes (new kernel in the main) and > ask Heiko to create iso file will anybody test it? I got some other stuff in the works too with 1.3, this may be quite a good testing release then. -- Regards Heiko Zuerker http://www.devil-linux.org |
From: Arnaud Gomes-do-V. <Arn...@ir...> - 2007-10-22 11:09:35
|
Serge Leschinsky <fi...@in...> writes: > If I check-in the latest changes (new kernel in the main) and ask Heiko to > create iso file will anybody test it? I will. -- Arnaud |
From: Serge L. <fi...@in...> - 2007-10-22 11:52:11
|
Arnaud Gomes-do-Vale wrote: >> If I check-in the latest changes (new kernel in the main) and ask Heiko to >> create iso file will anybody test it? > > I will. > Thank you! If somebody wants to build custom iso from CVS, the following options help him to avoid compilation errors ( all other options may be enabled ) CONFIG_ALSA=n CONFIG_CLAMAV_PATCH=n CONFIG_DISTCCD=n CONFIG_EAGLE_USB=n CONFIG_GRSECURITY=n CONFIG_L2TPD=n CONFIG_NCFTP=n CONFIG_PORTSLAVE=n CONFIG_RPM=n CONFIG_USE_DISTCC=n -- Sincerely, Serge Leschinsky |
From: Bruce S. <br...@ar...> - 2007-10-29 23:41:53
|
Serge Leschinsky wrote: > Thank you! If somebody wants to build custom iso from CVS, the following options > help him to avoid compilation errors ( all other options may be enabled ) > > CONFIG_ALSA=n > CONFIG_CLAMAV_PATCH=n > CONFIG_DISTCCD=n > CONFIG_EAGLE_USB=n > CONFIG_GRSECURITY=n > CONFIG_L2TPD=n > CONFIG_NCFTP=n > CONFIG_PORTSLAVE=n > CONFIG_RPM=n > CONFIG_USE_DISTCC=n > Thanks for the tips. I just completed a compile, then I did a build and install of ncftp manually (./build.sh build opt=ncftp) and it appeared to compile fine. One other problem I ran into was I had to turn set "AOE6=n" since it's build aborted. - BS |
From: Michele P. <10...@ti...> - 2007-10-22 18:20:43
|
At 19.02 19/10/2007 +0400, you wrote: >If I check-in the latest changes (new kernel in the main) and ask Heiko to >create iso file will anybody test it? > >-- >Sincerely >Serge Leschinsky I'll gladly try it. Live long and prosper Michele |
From: Bruce S. <bw...@ar...> - 2007-10-23 17:12:46
|
> Thank you! If somebody wants to build custom iso from CVS, the following options > help him to avoid compilation errors ( all other options may be enabled ) > > CONFIG_ALSA=n > CONFIG_CLAMAV_PATCH=n > CONFIG_DISTCCD=n > CONFIG_EAGLE_USB=n > CONFIG_GRSECURITY=n > CONFIG_L2TPD=n > CONFIG_NCFTP=n > CONFIG_PORTSLAVE=n > CONFIG_RPM=n > CONFIG_USE_DISTCC=n Thanks Serge. I just tried it, and the build aborted in gcc-4. I have both of these on: "Use hardened compile options (pie, ssp, etc)" and "LibSafe". Is there a problem with either of those options? (Exec-Shield, GRsecurity, and PAX are turned off) ... checking sys/sem.h usability... yes checking sys/sem.h presence... yes checking for sys/sem.h... yes checking for g++ that supports -ffunction-sections -fdata-sections... yes checking for ld that supports -Wl,-z,relro... yes checking for sin in -lm... configure: error: Link tests are not allowed after GCC_NO_EXECUTABLES. make[2]: *** [configure-target-libstdc++-v3] Error 1 make[2]: Leaving directory `/data/build/tmp/gcc4-build' make[1]: *** [all] Error 2 make[1]: Leaving directory `/data/build/tmp/gcc4-build' I also changed the processor to i686, if that makes any difference. - BS |
From: Heiko Z. <he...@zu...> - 2007-10-23 17:41:08
|
On Tue, October 23, 2007 12:12, Bruce Smith wrote: >> Thank you! If somebody wants to build custom iso from CVS, the >> following options help him to avoid compilation errors ( all other >> options may be enabled ) >> >> CONFIG_ALSA=n >> CONFIG_CLAMAV_PATCH=n >> CONFIG_DISTCCD=n >> CONFIG_EAGLE_USB=n >> CONFIG_GRSECURITY=n >> CONFIG_L2TPD=n >> CONFIG_NCFTP=n >> CONFIG_PORTSLAVE=n >> CONFIG_RPM=n >> CONFIG_USE_DISTCC=n >> > > Thanks Serge. > > > I just tried it, and the build aborted in gcc-4. > > > I have both of these on: "Use hardened compile options (pie, ssp, etc)" > and "LibSafe". Is there a problem with either of those options? > (Exec-Shield, GRsecurity, and PAX are turned off) > > > ... > checking sys/sem.h usability... yes checking sys/sem.h presence... yes > checking for sys/sem.h... yes checking for g++ that supports > -ffunction-sections -fdata-sections... yes > checking for ld that supports -Wl,-z,relro... yes checking for sin in > -lm... configure: error: Link tests are not allowed after > GCC_NO_EXECUTABLES. > make[2]: *** [configure-target-libstdc++-v3] Error 1 > make[2]: Leaving directory `/data/build/tmp/gcc4-build' > make[1]: *** [all] Error 2 > make[1]: Leaving directory `/data/build/tmp/gcc4-build' > > > > I also changed the processor to i686, if that makes any difference. Did you start with a fresh lfssystem? I'm going to check in a couple of changes this afternoon (depending on my tests), you may want to try if after that. Oh and you'll have to CONFIG_LINUX_WLAN_NG=n since it doesn't support kernel 2.6.23 yet. -- Regards Heiko Zuerker http://www.devil-linux.org |
From: Bruce S. <bw...@ar...> - 2007-10-23 18:01:53
|
> > I just tried it, and the build aborted in gcc-4. > > Did you start with a fresh lfssystem? Of course! :-) Actually, I NEVER start a fresh compile any more without a new LFS. I have a script that does it all for me, and for the couple minutes it takes to run, it's not worth the hassle of not running it. Speaking of lfssystem. I'm wondering if I'm using the correct one. Which one is correct for 1.3? lfssystem-6.1.1-i686-stripped.tar.bz2 lfssystem-SVN-20070314-cleaned.tar.bz2 > I'm going to check in a couple of changes this afternoon (depending on my > tests), you may want to try if after that. OK, will do. > Oh and you'll have to CONFIG_LINUX_WLAN_NG=n since it doesn't support > kernel 2.6.23 yet. Gotta get that far first. :-) - BS |
From: Heiko Z. <he...@zu...> - 2007-10-23 18:10:11
|
On Tue, October 23, 2007 13:01, Bruce Smith wrote: >>> I just tried it, and the build aborted in gcc-4. >>> >> >> Did you start with a fresh lfssystem? >> > > Of course! :-) > > > Actually, I NEVER start a fresh compile any more without a new LFS. > I have a script that does it all for me, and for the couple minutes it > takes to run, it's not worth the hassle of not running it. > > Speaking of lfssystem. I'm wondering if I'm using the correct one. > Which one is correct for 1.3? > > > lfssystem-6.1.1-i686-stripped.tar.bz2 > lfssystem-SVN-20070314-cleaned.tar.bz2 lfssystem-SVN-20070314-cleaned.tar.bz2 I deleted the other directory of the ftp server. >> I'm going to check in a couple of changes this afternoon (depending on >> my tests), you may want to try if after that. > > OK, will do. > > >> Oh and you'll have to CONFIG_LINUX_WLAN_NG=n since it doesn't support >> kernel 2.6.23 yet. > > Gotta get that far first. :-) I'm uploading my changes right now, the ftp upload should be finished within the hour. -- Regards Heiko Zuerker http://www.devil-linux.org |
From: Bruce S. <bw...@ar...> - 2007-10-23 18:25:15
|
> lfssystem-SVN-20070314-cleaned.tar.bz2 > I deleted the other directory of the ftp server. Good. :-) > I'm uploading my changes right now, the ftp upload should be finished > within the hour. I suspect my problem was due to the wrong 1.3 lfssystem. I'm wondering if a 'make mrproper' should also delete the program: scripts/lxdialog/lxdialog ? When I switched to the correct lfssystem, 'make menuconfig' would no longer run until I manually removed lxdialog (bad libncurses). - BS |
From: Serge L. <fi...@in...> - 2007-10-23 18:27:29
|
Hi Bruce, Bruce Smith wrote: > > I just tried it, and the build aborted in gcc-4. > > I have both of these on: "Use hardened compile options (pie, ssp, etc)" > and "LibSafe". Is there a problem with either of those options? > (Exec-Shield, GRsecurity, and PAX are turned off) I don't think so, I'm using the same config. > ... > checking sys/sem.h usability... yes > checking sys/sem.h presence... yes > checking for sys/sem.h... yes > checking for g++ that supports -ffunction-sections -fdata-sections... yes > checking for ld that supports -Wl,-z,relro... yes > checking for sin in -lm... configure: error: Link tests are not allowed after GCC_NO_EXECUTABLES. Looks like a problem with binutils. Hm... I haven't had any chance to check the recent changes but I'm going to do it immediately. > make[2]: *** [configure-target-libstdc++-v3] Error 1 > make[2]: Leaving directory `/data/build/tmp/gcc4-build' > make[1]: *** [all] Error 2 > make[1]: Leaving directory `/data/build/tmp/gcc4-build' > -- Serge Leschinsky |
From: Bruce S. <bw...@ar...> - 2007-10-23 18:30:31
|
> > checking for sin in -lm... configure: error: Link tests are not allowed after GCC_NO_EXECUTABLES. > Looks like a problem with binutils. I think it was because I was using the wrong 1.3 lfssystem. > Hm... I haven't had any chance to check the recent changes but I'm going to do > it immediately. Cool! - BS |
From: Heiko Z. <he...@zu...> - 2007-10-23 18:39:42
|
> I'm uploading my changes right now, the ftp upload should be finished > within the hour. The upload is finished. -- Regards Heiko Zuerker http://www.devil-linux.org |
From: Bruce S. <bw...@ar...> - 2007-10-23 18:51:23
|
> > I'm uploading my changes right now, the ftp upload should be finished > > within the hour. > > The upload is finished. Cool. I see there is a new grsecurity patch. Is that working now? - BS |
From: Heiko Z. <he...@zu...> - 2007-10-23 20:00:42
|
On Tue, October 23, 2007 13:51, Bruce Smith wrote: >>> I'm uploading my changes right now, the ftp upload should be finished >>> within the hour. >> >> The upload is finished. >> > > Cool. > > > I see there is a new grsecurity patch. Is that working now? No, I didn't work on that yet. Wanted to get the current version working first. -- Regards Heiko Zuerker http://www.devil-linux.org |
From: Arnaud Gomes-do-V. <Arn...@ir...> - 2007-12-19 16:33:33
|
Hi folks! I finally managed to test the 1.3.4 pre-release in real-life situation. The main problem I found in a few hours' testing is that netstat and friends are not IPv6-aware. -- Arnaud |
From: Heiko Z. <he...@zu...> - 2007-12-19 16:59:52
|
On Wed, December 19, 2007 10:33, Arnaud Gomes-do-Vale wrote: > Hi folks! > > > I finally managed to test the 1.3.4 pre-release in real-life > situation. The main problem I found in a few hours' testing is that netstat > and friends are not IPv6-aware. We didn't really put any effort into IPv6. If you give us a list of programs which don't like IPv6, we can slowly start working on it. As always: Patches to fix this are more then welcome! ;-) -- Regards Heiko Zuerker http://www.devil-linux.org |