| 1 |
Quite impressive Peter. |
| 2 |
I have mirrored your files to |
| 3 |
http://dev.gentoo.org/~solar/uclibc/peter_mirror/portage-uclibc-overlay-20040614.tar.bz2 |
| 4 |
and exploded the tarball to |
| 5 |
http://dev.gentoo.org/~solar/uclibc/peter_mirror/portage-uclibc/ |
| 6 |
then diffed out the .org files and the .ebuilds the ebuild's patch is |
| 7 |
here |
| 8 |
http://dev.gentoo.org/~solar/uclibc/peter_mirror/portage-uclibc-ebuilds-20040614.patch |
| 9 |
and the profile/script data is here |
| 10 |
http://dev.gentoo.org/~solar/uclibc/peter_mirror/org-uclibc-20040614.patch |
| 11 |
|
| 12 |
This will be quite a bit of an undertaking I'm hoping mutex, dragonheat |
| 13 |
can help with some of these commits. |
| 14 |
|
| 15 |
How may megs is your resulting stage/images after the initial bootstrap |
| 16 |
process? |
| 17 |
|
| 18 |
I'm CC: the hardened mailing list as others there may have an interest |
| 19 |
in your work as this uses the hardened profile and all :) |
| 20 |
|
| 21 |
On Mon, 2004-06-14 at 19:25, Peter S. Mazinger wrote: |
| 22 |
> Hello! |
| 23 |
> |
| 24 |
> This is the overlay directory I used parallel to portage (it has to be |
| 25 |
> there for now, else the included links won't work), that allowed me to |
| 26 |
> build gentoo fully uclibc based (starting from a buildroot config, |
| 27 |
> building manually python/portage, running emerge sync ...) |
| 28 |
> |
| 29 |
> 1. the files directories have only new files and links to the originally |
| 30 |
> used (for x86), the digest/Manifest files were needed to rebuild fully |
| 31 |
> with these configs as an overlay directory, the links because portage |
| 32 |
> can't handle "properly (my opinion)" the overlay directory |
| 33 |
> |
| 34 |
> 2. the ebuilds can be diffed to the corresponding version (as of emerge |
| 35 |
> sync 20040613) to see what I have done |
| 36 |
> |
| 37 |
> 3. some of the changes are not directly uclibc related, they correct |
| 38 |
> typos etc. in the originals, add support to build w/o nls, or strip down |
| 39 |
> the package somewhat |
| 40 |
> |
| 41 |
> 4. the directories profiles, scripts include the original version (*.org) |
| 42 |
> of files too, the new ones have to be copied over the original tree, the |
| 43 |
> overlay support does not allow to have these files at another location. |
| 44 |
> |
| 45 |
> 5. distfiles include new patches for binutils-2.14.90/15.91 and gcc-3.3.3 |
| 46 |
> (these have to be copied to the main distfiles, because again the overlay |
| 47 |
> structure does not support it in another location) |
| 48 |
> |
| 49 |
> 6. I haven't tried yet cascaded profiles, the only profile tested is what |
| 50 |
> I delivered. |
| 51 |
> |
| 52 |
> 7. it builds as it is (haven't tried w/ nls, and that is not really |
| 53 |
> correct in uclibc yet), don't enable nls for now |
| 54 |
> |
| 55 |
> 8. stage building and bootstraping was not tested, because I didn't find |
| 56 |
> an "elegant" way to make a stage1/2/3 from .tbz2 files (any help |
| 57 |
> appreciated, then I could also provide a stage1) |
| 58 |
> |
| 59 |
> 9. for now gettext, yacc (replaced by bison -y), ncompress |
| 60 |
> (uncompress replaced by gzip), bc, bin86, groff, man[-pages] are not a |
| 61 |
> part of an 'emerge system', cracklib got support for gzipped files (so |
| 62 |
> miscfiles is much smaller), w/o groff and man-pages it is not a |
| 63 |
> requirement to have c++ compiler either (this is not implemented, should |
| 64 |
> probably be a flag in gcc, like f77, objc), gnuconfig_update is only |
| 65 |
> needed where configure is run directly, not by econf (econf is hacked to |
| 66 |
> provide the same functionality, as gnuconfig_update), ncurses does not |
| 67 |
> deliver the addon libraries (menu,panel,form). Some told me that gettext |
| 68 |
> can't be removed, else autotools won't run, well I think, the .m4 from |
| 69 |
> gettext could be added to autotools, and than it should be no problem w/o |
| 70 |
> it. |
| 71 |
> |
| 72 |
> 10. added also my make.conf and package.keywords, to show which versions |
| 73 |
> where used, the most is stable stuff, but some have to be ~x86. |
| 74 |
> |
| 75 |
> 11. mainly the shared libs will have problems, to add support for new |
| 76 |
> libs, look at the libtool patches (ltconfig-uclibc for older configures |
| 77 |
> and libtool-1.4.3-uclibc for newer ones) |
| 78 |
> |
| 79 |
> 12. be aware that you have to build the buildroot w/ the same config (and |
| 80 |
> patches), as deduced from the uclibc.ebuild (using in both places the |
| 81 |
> same cvs too). Do not start from uclibc-0.9.26 stable, because it is not |
| 82 |
> binary compatible w/ the current cvs. |
| 83 |
> |
| 84 |
> 13. hardened stuff: gcc uses pie and ssp, but relro/now are disabled, |
| 85 |
> relro is also completely removed from binutils, uclibc does not have |
| 86 |
> support for it (any volunteer to add this to the uclibc's ldso?) |
| 87 |
> |
| 88 |
> 14. CHOST has to be set to *linux-uclibc (not linux-gnu) |
| 89 |
> |
| 90 |
> Peter |
| 91 |
-- |
| 92 |
Ned Ludd <solar@g.o> |
| 93 |
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer |
Archives