Copyright © 2001-2021 The BLFS Development Team
Copyright © 2001-2021, The BLFS Development Team
All rights reserved.
This book is licensed under a Creative Commons License.
Computer instructions may be extracted from the book under the MIT License.
Linux® is a registered trademark of Linus Torvalds.
Published 2021-03-01
Revision History | ||
---|---|---|
Revision 10.1 | 2021-03-01 | Twenty-third Release |
Revision 10.0 | 2020-09-01 | Twenty-second Release |
Revision 9.1 | 2020-03-01 | Twenty-first Release |
Revision 9.0 | 2019-09-01 | Twentieth release |
Revision 8.4 | 2019-03-01 | Nineteenth release |
Revision 8.3 | 2018-09-01 | Eighteenth release |
Revision 8.2 | 2018-03-02 | Seventeenth release |
Revision 8.1 | 2017-09-01 | Sixteenth release |
Revision 8.0 | 2017-02-25 | Fifteenth release |
Revision 7.10 | 2016-09-07 | Fourteenth release |
Revision 7.9 | 2016-03-08 | Thirteenth release |
Revision 7.8 | 2015-10-01 | Twelfth release |
Revision 7.7 | 2015-03-06 | Eleventh release |
Revision 7.6 | 2014-09-23 | Tenth release |
Revision 7.5 | 2014-03-05 | Ninth release |
Revision 7.4 | 2013-09-14 | Eighth release |
Revision 6.3 | 2008-08-24 | Seventh release |
Revision 6.2 | 2007-02-14 | Sixth release |
Revision 6.1 | 2005-08-14 | Fifth release |
Revision 6.0 | 2005-04-02 | Fourth release |
Revision 5.1 | 2004-06-05 | Third release |
Revision 5.0 | 2003-11-06 | Second release |
Revision 1.0 | 2003-04-25 | First release |
Abstract
This book follows on from the Linux From Scratch book. It introduces and guides the reader through additions to the system including networking, graphical interfaces, sound support, and printer and scanner support.
Having helped out with Linux From Scratch for a short time, I noticed that we were getting many queries as to how to do things beyond the base LFS system. At the time, the only assistance specifically offered relating to LFS were the LFS hints (http://www.linuxfromscratch.org/hints). Most of the LFS hints are extremely good and well written but I (and others) could still see a need for more comprehensive help to go Beyond LFS — hence BLFS.
BLFS aims to be more than the LFS-hints converted to XML although much of our work is based around the hints and indeed some authors write both hints and the relevant BLFS sections. We hope that we can provide you with enough information to not only manage to build your system up to what you want, whether it be a web server or a multimedia desktop system, but also that you will learn a lot about system configuration as you go.
Thanks as ever go to everyone in the LFS/BLFS community; especially those who have contributed instructions, written text, answered questions and generally shouted when things were wrong!
Finally, we encourage you to become involved in the community; ask questions on the mailing list or news gateway and join in the fun on #lfs and #lfs-support at freenode. You can find more details about all of these in the Introduction section of the book.
Enjoy using BLFS.
Mark Hymers
markh <at> linuxfromscratch.org
BLFS Editor (July 2001–March 2003)
I still remember how I found the BLFS project and started using the instructions that were completed at the time. I could not believe how wonderful it was to get an application up and running very quickly, with explanations as to why things were done a certain way. Unfortunately, for me, it wasn't long before I was opening applications that had nothing more than "To be done" on the page. I did what most would do, I waited for someone else to do it. It wasn't too long before I am looking through Bugzilla for something easy to do. As with any learning experience, the definition of what was easy kept changing.
We still encourage you to become involved as BLFS is never really finished. Contributing or just using, we hope you enjoy your BLFS experience.
Larry Lawrence
larry <at> linuxfromscratch.org
BLFS Editor (March 2003–June 2004)
The BLFS project is a natural progression of LFS. Together, these projects provide a unique resource for the Open Source Community. They take the mystery out of the process of building a complete, functional software system from the source code contributed by many talented individuals throughout the world. They truly allow users to implement the slogan “Your distro, your rules”.
Our goal is to continue to provide the best resource available that shows you how to integrate many significant Open Source applications. Since these applications are constantly updated and new applications are developed, this book will never be complete. Additionally, there is always room for improvement in explaining the nuances of how to install the different packages. To make these improvements, we need your feedback. I encourage you to participate on the different mailing lists, news groups, and IRC channels to help meet these goals.
Bruce Dubbs
bdubbs <at> linuxfromscratch.org
BLFS Editor (June 2004–December 2006 and February 2011–now)
My introduction to the [B]LFS project was actually by accident. I was trying to build a GNOME environment using some how-tos and other information I found on the web. A couple of times I ran into some build issues and Googling pulled up some old BLFS mailing list messages. Out for curiosity, I visited the Linux From Scratch web site and shortly thereafter was hooked. I've not used any other Linux distribution for personal use since.
I can't promise anyone will feel the sense of satisfaction I felt after building my first few systems using [B]LFS instructions, but I sincerely hope that your BLFS experience is as rewarding for you as it has been for me.
The BLFS project has grown significantly the last couple of years. There are more package instructions and related dependencies than ever before. The project requires your input for continued success. If you discover that you enjoy building BLFS, please consider helping out in any way you can. BLFS requires hundreds of hours of maintenance to keep it even semi-current. If you feel confident enough in your editing skills, please consider joining the BLFS team. Simply contributing to the mailing list discussions with sound advice and/or providing patches to the book's XML will probably result in you receiving an invitation to join the team.
Randy McMurchy
randy <at> linuxfromscratch.org
BLFS Editor (December 2006–January 2011)
This version of the book is intended to be used when building on top of a system built using the LFS book. Every effort has been made to ensure accuracy and reliability of the instructions. Many people find that using the instructions in this book after building the current stable or development version of LFS provides a stable and very modern Linux system.
Enjoy!
Randy McMurchy
August 24th, 2008
Last updated on 2020-03-09 08:02:12 -0700
This book is mainly aimed at those who have built a system based on the LFS book. It will also be useful for those who are using other distributions, but for one reason or another want to manually build software and are in need of some assistance. Note that the material contained in this book, in particular the dependency listings, is based upon the assumption that you are using a base LFS system with every package listed in the LFS book already installed and configured. BLFS can be used to create a range of diverse systems and so the target audience is probably nearly as wide as that of the LFS book. If you found LFS useful, you should also like this!
Since Release 7.4, the BLFS book version matches the LFS book version. This book may be incompatible with a previous or later release of the LFS book.
Last updated on 2020-03-09 08:02:12 -0700
This book is divided into the following parts.
This part contains information which is essential to the rest of the book.
Here we introduce basic configuration and security issues. We also discuss a range of editors, file systems, and shells which aren't covered in the main LFS book.
In this section we cover libraries which are often needed by the rest of the book as well as system utilities. Information on Programming (including recompiling GCC to support its full range of languages) concludes this part.
Here we cover how to connect to a network when you aren't using the simple static IP setup given in the main LFS book. Networking libraries and command-line networking tools are also covered here.
Here we deal with setting up mail and other servers (such as FTP, Apache, etc.).
This part explains how to set up a basic X Window System installation along with some generic X libraries and Window managers.
For those who want to use the K Desktop Environment or some parts of it, this part covers it.
GNOME is the main alternative to KDE in the Desktop Environment arena.
Xfce is a lightweight alternative to GNOME and KDE.
LXDE is another lightweight alternative to GNOME and KDE.
Office programs and graphical web browsers are important to most people. They, along with some generic X software can be found in this part of the book.
Here we cover setting multimedia libraries and drivers along with some audio, video and CD-writing programs.
The PST part of the book covers document handling with applications like Ghostscript, CUPS and DocBook to installing texlive.
The Appendices cover information which doesn't belong in the main book; they are mainly there as a reference.
Last updated on 2020-03-09 08:02:12 -0700
The Beyond Linux From Scratch book is designed to carry on from where the LFS book leaves off. But unlike the LFS book, it isn't designed to be followed straight through. Reading the Which sections of the book? part of this chapter should help guide you through the book.
Please read most of this part of the book carefully as it explains quite a few of the conventions used throughout the book.
Unlike the Linux From Scratch book, BLFS isn't designed to be followed in a linear manner. This is because LFS provides instructions on how to create a base system which is capable of turning into anything from a web server to a multimedia desktop system. BLFS attempts to guide you in the process of going from the base system to your intended destination. Choice is very much involved.
Everyone who reads the book will want to read certain sections. The Introduction part, which you are currently reading, contains generic information. Especially take note of the information in Chapter 2, Important Information, as this contains comments about how to unpack software, issues related to using different locales and various other aspects which apply throughout the book.
The part on Post LFS Configuration and Extra Software is where most people will want to turn next. This deals with not just configuration but also Security (Chapter 4, Security), File Systems (Chapter 5, File Systems and Disk Management), Editors (Chapter 6, Editors) and Shells (Chapter 7, Shells). Indeed, you may wish to reference certain parts of this chapter (especially the sections on Editors and File Systems) while building your LFS system.
Following these basic items, most people will want to at least browse through the General Libraries and Utilities part of the book. This part contains information on many items which are prerequisites for other sections of the book as well as some items (such as Chapter 13, Programming) which are useful in their own right. Note that you don't have to install all of these libraries and packages found in this part to start with as each BLFS installation procedure tells you which packages it depends upon so you can choose the program you want to install and see what it needs.
Likewise, most people will probably want to look at the Networking part. It deals with connecting to the Internet or your LAN (Chapter 14, Connecting to a Network) using a variety of methods such as DHCP and PPP, and with items such as Networking Libraries (Chapter 17, Networking Libraries) and various basic networking programs and utilities.
Once you have dealt with these basics, you may wish to configure more advanced network services. These are dealt with in the Servers part of the book. Those wanting to build servers should find a good starting point there. Note that this section also contains information on various database packages.
The next parts of the book principally deal with desktop systems. This portion of the book starts with a part talking about X plus Window and Display Managers. This part also deals with some generic X-based libraries (Chapter 25, X Libraries). After this, KDE and GNOME are given their own parts which are followed by one on X Software.
The book then moves on to deal with Multimedia packages. Note that many people may want to use the ALSA-1.2.2 instructions from this chapter quite near the start of their BLFS journey; they are placed here simply because it is the most logical place for them.
The final part of the main BLFS book deals with Printing, Scanning and Typesetting. This is useful for most people with desktop systems and even those who are creating mainly server systems will find it useful.
We hope you enjoy using BLFS and find it useful.
Last updated on 2012-12-19 11:57:20 -0800
To make things easy to follow, there are a number of conventions used throughout the book. Following are some examples:
./configure --prefix=/usr
This form of text is designed to be typed exactly as seen unless otherwise noted in the surrounding text. It is also used to identify references to specific commands.
install-info: unknown option
`--dir-file=/mnt/lfs/usr/info/dir'
This form of text (fixed width text) is showing screen output, probably a result from issuing a command. It is also used to show filenames such as
/boot/grub/grub.conf
Emphasis
This form of text is used for several purposes in the book but mainly to emphasize important points or to give examples as to what to type.
http://www.linuxfromscratch.org/
This form of text is used for hypertext links external to the book such as HowTos, download locations, websites, etc.
This form of text is used for links internal to the book such as another section describing a different package.
cat > $LFS/etc/group << "EOF"
root:x:0:
bin:x:1:
......
EOF
This type of section is used mainly when creating configuration files. The first command (in bold) tells the system to create the file
$LFS/etc/group
from whatever is typed on the following lines until the sequence EOF is encountered. Therefore, this whole section is generally typed as seen.
<REPLACED
TEXT>
This form of text is used to encapsulate text that should be modified and is not to be typed as seen, or copy and pasted. Note that the square brackets are not part of the text, but should be substituted for as well.
root
This form of text is used to show a specific system user or group reference in the instructions.
When packages are created, the authors depend on prior work. In order to build a package in BLFS, these dependencies must be built prior to the desired package. For each package, any prerequisite packages are listed in one or more separate sections: Required, Recommended, and Optional.
These dependencies are the minimum prerequisite packages required to build the package. Omitted from the list are packages in LFS and required dependencies of other required packages.
These dependencies are those that the BLFS editors have determined are important to give the package reasonable capabilities. Package installation instructions assume they are installed. If a recommended package is not desired, the instructions may need to be modified to accommodate the missing package.
These dependencies are those that the package may use. Integration of optional dependencies may be automatic by the package or may need additional instructions not presented by BLFS. Optional packages may be listed without corresponding BLFS instructions. In this case it is up to the user to determine appropriate installation instructions.
Some packages have specific needs regarding the kernel configuration. The general layout is the following:
Master section --->
Subsection --->
[*] Required parameter [CONFIG_REQU_PAR]
<*> Required parameter (not as module) [CONFIG_REQU_PAR_NMOD]
<*/M> Required parameter (could be a module) [CONFIG_REQU_PAR_MOD]
<*/M/ > Optional parameter [CONFIG_OPT_PAR]
[ ] Incompatible parameter [CONFIG_INCOMP_PAR]
< > Incompatible parameter (even as module) [CONFIG_INCOMP_PAR_MOD]
[CONFIG_...] on the right gives the name of the option, so
you can easily check whether it is set in your config
file. The meaning of the various
entries is:
Master section top level menu item Subsection submenu item Required parameter the option could be either built-in or not selected: it must be selected Required parameter (not as module) the option could be either built-in, module, or not selected: it must be selected as built-in Required parameter (could be a module) the option could be either built-in, module, or not selected: it must be selected, either as built-in or module Optional parameter rarely used: the option could be either built-in, module, or not selected: it may be selected at will Incompatible parameter the option could be either built-in or not selected: it must not be selected Incompatible parameter (even as module) the option could be either built-in, module, or not selected: it must not be selected
Note that, depending on other selections, the angle brackets (<>) may appear as braces ({}), if the option cannot be unselected, or even dashes (-*- or -M-), when the choice is imposed. The help text about the option specifies the other selections on which this option relies, and how those other selections are set.
As in LFS, each package in BLFS has a build time listed in Standard Build Units (SBUs). These times are relative to the time it took to build binutils in LFS and are intended to provide some insight into how long it will take to build a package. Most times listed are for a single processor or core to build the package. In some cases, large, long running builds tested on multi-core systems have SBU times listed with comments such as '(parallelism=4)'. These values indicate testing was done using multiple cores. Note that while this speeds up the build on systems with the appropriate hardware, the speedup is not linear and to some extent depends on the individual package and specific hardware used.
For packages which use ninja (e.g. anything using meson) or rust, by default all cores are used so similar comments will be seen on such packages even when the build time is minimal.
Where even a parallel build takes more than 15 SBU, on certain machines the time may be considerably greater even when the build does not use swap. In particular, different micro-architectures will build some files at different relative speeds and this can introduce delays when certain make targets wait for another file to be created. Where a large build uses a lot of C++ files, processors with Simultaneous Multi Threading will share the Floating Point Unit and can take 45% longer than when using four 'prime' cores (measured on an intel i7 using taskset and keeping the other cores idle).
Some packages do not support parallel builds and using -j1 for the make command is required. Packages that are known to have such limits are marked as such in the text.
Last updated on 2018-09-23 10:06:59 -0700
This is BLFS-BOOK version 10.1 dated March 1st, 2021. This is the 10.1 branch of the BLFS book, currently targeting the LFS 10.1 book. For development versions, if this version is older than a month, it's likely that your mirror hasn't been synchronized recently and a newer version is probably available for download or viewing. Check one of the mirror sites at http://www.linuxfromscratch.org/mirrors.html for an updated version.
Last updated on 2016-04-17 13:16:17 -0700
The BLFS project has a number of mirrors set up world-wide to make it easier and more convenient for you to access the website. Please visit the http://www.linuxfromscratch.org/mirrors.html website for the list of current mirrors.
Last updated on 2007-04-04 12:42:53 -0700
Within the BLFS instructions, each package has two references for finding the source files for the package—an HTTP link and an FTP link (some packages may only list one of these links). Every effort has been made to ensure that these links are accurate. However, the World Wide Web is in continuous flux. Packages are sometimes moved or updated and the exact URL specified is not always available.
To overcome this problem, the BLFS Team, with the assistance of Oregon State University Open Source Lab, has made an HTTP/FTP site available through world wide mirrors. See http://www.linuxfromscratch.org/blfs/download.html#sources for a list. These sites have all the sources of the exact versions of the packages used in BLFS. If you can't find the BLFS package you need at the listed addresses, get it from these sites.
We would like to ask a favor, however. Although this is a public resource for you to use, please do not abuse it. We have already had one unthinking individual download over 3 GB of data, including multiple copies of the same files that are placed at different locations (via symlinks) to make finding the right package easier. This person clearly did not know what files he needed and downloaded everything. The best place to download files is the site or sites set up by the source code developer. Please try there first.
Last updated on 2017-02-11 20:17:33 -0800
Current release: 10.1 – March 1st, 2021
Changelog Entries:
March 1st, 2021
[bdubbs] - Release of BLFS-10.1.
February 26th, 2021
February 25th, 2021
February 24th, 2021
[ken] - Update to thunderbird-78.8.0 (security fix). Fixes #14692.
[ken] - Update to firefox-78.8.0 (security fix). Fixes #14691.
[pierre] - Update to KDE Plasma 5.21.0. Fixes #14467.
[pierre] - Update to KDE Frameworks applications 20.12.2 (including kate and kwave). Fixes #14475.
[pierre] - Update to KDE Frameworks 5.79 (including extra-cmake-modules, oxygen-icons, and breeze-icons). Fixes #14493.
[renodr] - Update to NetworkManager-1.30.0. Fixes #14680.
February 23rd, 2021
February 22nd, 2021
February 21st, 2021
[bdubbs] - Update to gexiv2-0.12.2. Fixes #14688.
[renodr] - Update to krb5-1.19.1. Fixes #14679.
[renodr] - Update to highlight-3.62. Fixes #14685.
[pierre] - Fix qemu so that -no-pie
is not passed to
ld,
which does not accept it anymore (it was not doing
what upstream intended anyway).
[bdubbs] - Update to Python-3.9.2. Fixes #14686.
February 20th, 2021
[renodr] - Adapt valgrind to glibc-2.33.
[ken] - Update to asymptote-2.69. Fixes #14687.
February 19th, 2021
[renodr] - Add a security patch for screen. Fixes #14682.
February 18th, 2021
[ken] - Firmware: latest intel microcode is now 20210216 with a security update for some Skylake and Cascade Lake Xeon processors.
[renodr] - Update to llvm-11.1.0. Fixes #14673.
[renodr] - Update to nettle-3.7.1. Fixes #14678.
[renodr] - Update to Business::ISMN-1.202 (Perl Module). Fixes #14674.
[renodr] - Update to bind and bind-utils 9.16.12 (Security Update). Fixes #14677.
[renodr] - Update to libgcrypt-1.9.2. Fixes #14675.
[renodr] - Update to vte-0.62.3. Fixes #14672.
[renodr] - Update to gnome-desktop-3.38.4. Fixes #14671.
[renodr] - Update to xkeyboard-config-2.32. Fixes #14670.
[renodr] - Update to cmake-3.19.5. Fixes #14669.
[renodr] - Update to libqmi-1.26.10. Fixes #14668.
February 17th, 2021
[ken] - Update to Tie-Cycle-1.226 (perl module).
[ken] - Update to x264-20210211. Fixes #14676.
February 15th, 2021
[ken] - Update to ImageMagick-7.0.11-0. Fixes #14667.
[renodr] - Update to sysstat-12.5.3. Fixes #14662.
[renodr] - Update to pygments-2.8.0 (Python Module). Fixes #14663.
[renodr] - Update to folks-0.15.2. Fixes #14664.
[renodr] - Update to seahorse-3.38.1. Fixes #14665.
[renodr] - Update to taglib-1.12 (Security Update). Fixes #14666.
[ken] - Default to disabling the elf-hack in thunderbird, to ensure successful builds.
February 14th, 2021
[ken] - Patch QtWebEngine to fix breakage from glibc-2.33 which results in missing text in some websites in falkon. Fixes #14661.
[renodr] - Update to libuv-1.41.0. Fixes #14654.
[renodr] - Update to eog-3.38.2. Fixes #14656.
[renodr] - Update to yelp-3.38.3. Fixes #14655.
[renodr] - Update to evince-3.38.2. Fixes #14657.
[renodr] - Update to gnome-terminal-3.38.3. Fixes #14658.
[renodr] - Update to folks-0.15.1. Fixes #14659.
[renodr] - Update to gnome-control-center-3.38.4. Fixes #14660.
[ken] - In seamonkey mention the elf-hack and default to disabling it because of binutils-2.36+. Fixes #14653.
February 13th, 2021
[renodr] - Update to yelp-xsl-3.38.3. Fixes #14652.
February 12th, 2021
[renodr] - Update to gtk+-3.24.25. Fixes #14650.
[renodr] - Update to gnome-maps-3.38.4. Fixes #14651.
[renodr] - Update to gnome-autoar-0.3.0 (Security Update). Fixes #14649.
[renodr] - Update to libgdata-0.18.0. Fixes #14644.
[renodr] - Update to highlight-3.61. Fixes #14645.
[renodr] - Update to postgresql-13.2 (Security Update). Fixes #146464.
[renodr] - Update to evolution-data-server-3.38.4. Fixes #14648.
[renodr] - Update to evolution-3.38.4. Fixes #14647.
[renodr] - Fix a crash in bluez when connecting to AD2P-based bluetooth devices. Fixes #14643.
[renodr] - Update to xterm-366 (Security Update). Fixes #14639.
[renodr] - Update to asciidoc-9.1.0. Fixes #14640.
[renodr] - Update to WebKitGTK+-2.30.5. Fixes #14641.
[renodr] - Update to glib-2.66.7. Fixes #14642.
February 10th, 2021
[renodr] - Update to gnome-disk-utility-3.38.2. Fixes #14637.
[renodr] - Update to pango-1.48.2. Fixes #14638.
[renodr] - Update to subversion-1.14.1 (Security Update). Fixes #14636.
[renodr] - Update to node-v14.15.5. Fixes #14632.
[renodr] - Update to unbound-1.13.1. Fixes #14633.
[renodr] - Update to graphene-1.10.4. Fixes #14634.
[timtas] - Update to icewm-2.1.2. Fixes #14635.
February 9th, 2021
[renodr] - Update to Thunar-4.16.3. Fixes #14630.
[renodr] - Update to json-glib-1.6.2. Fixes #14631.
[renodr] - Update to pcmanfm-1.3.2. Finishes #14618.
[renodr] - Update to libfm-1.3.2. Part of #14618.
[renodr] - Update to libfm-extra-1.3.2. Part of #14618.
[renodr] - Update to fuse-3.10.2. Fixes #14616.
[renodr] - Update to btrfs-progs-5.10.1. Fixes #14615.
[renodr] - Update to libisoburn-1.5.4. Finishes #14586.
[renodr] - Update to libisofs-1.5.4. Part of #14586.
[renodr] - Update to libburn-1.5.4. Part of #14586.
[pierre] - Update to fetchmail-6.4.16. Fixes #14629.
[pierre] - Update to git-2.30.1. Fixes #14628.
[pierre] - Update to lxterminal-0.4.0. Fixes #14627.
[pierre] - Update to lxpanel-0.10.1. Fixes #14626.
[pierre] - Update to LMDB-0.9.28. Fixes #14625.
[pierre] - Update to pycryptodome-3.10.1 (Python module). Fixes #14624.
[pierre] - Update to Log-Log4perl-1.54 (Perl module). Fixes #14623.
[pierre] - Update to lcms2-2.12. Fixes #14622.
[pierre] - Update to jasper-2.0.25 (security fix). Fixes #14621.
[pierre] - Update to inih-53. Fixes #14620.
February 8th, 2021
[renodr] - Update to thunderbird-78.7.1. Fixes #14619.
February 6th, 2021
February 5th, 2021
[pierre] - Update to phonon-backend-vlc-0.11.2. Fixes #14613.
[pierre] - Update to udisks-2.9.2. Fixes #14611.
[pierre] - Update to qca-2.3.2. Fixes #14610.
[pierre] - Update to libsamplerate-0.2.1. Fixes #14608.
[pierre] - Update to libsndfile-1.0.31. Fixes #14607.
[renodr] - Disable compressed manpages in p7zip.
[ken] - Update to firefox-78.7.1 (critical security fix) and JS 78.7.1. Fixes #14609.
[renodr] - Update to mercurial-5.7. Fixes #14595.
[renodr] - Update to nghttp2-1.43.0. Fixes #14596.
[renodr] - Update to p7zip-17.03. Fixes #14600.
[renodr] - Update to xterm-365. Fixes #14597.
[renodr] - Update to network-manager-applet-1.20.0. Fixes #14602.
[renodr] - Update to xf86-input-wacom-0.40.0 (Xorg Driver). Fixes #14604.
[renodr] - Update to pipewire-0.3.21. Fixes #14606.
February 4th, 2021
[renodr] - Update to mousepad-0.5.2. Fixes #14587.
[renodr] - Update to Jinja2-2.11.3 (Security Update). Fixes #14589.
[renodr] - Update to krb5-1.19. Fixes #14590.
[renodr] - Update to poppler-21.02.0. Fixes #14591.
[renodr] - Update to cbindgen-0.17.0. Fixes #14592.
[renodr] - Update to libevdev-1.11.0. Fixes #14593.
[renodr] - Update to audacious (and audacious-plugins) 4.1. Fixes #14594.
[renodr] - Update to glib-2.66.6 (Critical Security Update). Fixes #14603.
[renodr] - Update to jasper-2.0.24 (Security Update). Contains fixes for 25 security vulnerabilities. Fixes #14599.
[timtas] - Update to curl-7.75.0 . Fixes #14601.
February 2nd, 2021
February 1st, 2021
[timtas] - Update to dosfstools-4.2. Fixes #14588.
[renodr] - Update to libbytesize-2.5. Fixes #14576.
[renodr] - Update to wayland-1.19.0. Fixes #14577.
[renodr] - Update to librsvg-2.50.3. Fixes #14578.
[renodr] - Update to libwacom-1.8. Fixes #14579.
[bdubbs] - Update to vim-8.2.2433. Addresses #12241.
[bdubbs] - Update to libcap-2.47. Fixes #14555.
January 31st, 2021
[renodr] - Update to thunderbird-78.7.0 (Security Update). Fixes #14575.
January 30th, 2021
[renodr] - Update to telepathy-glib-0.24.2. Fixes #14574.
[renodr] - Update to pangomm-2.46.0. Fixes #14573.
[renodr] - Update to glibmm-2.66.0. Fixes #14572.
[renodr] - Update to URI-5.07 (Perl Module). Fixes #14584.
[renodr] - Update to samba-4.13.4. Fixes #14569.
[renodr] - Update to wireshark-3.4.3 (Security Update). Fixes #14582.
[renodr] - Update to libXt-1.2.1 (Xorg Library). Fixes #14560.
[renodr] - Update to util-macros-1.19.3 Fixes #14559.
[renodr] - Update to asciidoc-9.0.5. Fixes #14561.
[renodr] - Update to xarchiver-0.5.4.17. Fixes #14563.
[renodr] - Update to gparted-1.2.0. Fixes #14565.
[renodr] - Update to talloc-2.3.2. Fixes #14566.
[renodr] - Update to autofs-5.1.7. Fixes #14567.
[renodr] - Update to feh-3.6.3. Fixes #14568.
[ken] - Move sed of a Makefile.in in dvisvgm after autoreconf which recreates the original. Further fix for #14547.
[renodr] - Update to xf86-video-nouveau-1.0.17. Fixes #14557.
[renodr] - Update to scons-4.1.0. Fixes #14538.
[renodr] - Update to bind-9.16.11. Fixes #14539.
[renodr] - Update to pipewire-0.3.20. Fixes #14541.
[renodr] - Update to mc-4.8.26. Fixes #14543.
[renodr] - Update to pango-1.48.1. Fixes #14545.
[renodr] - Update to libmbim-1.24.6. Fixes #14550.
[renodr] - Update to pinentry-1.1.1. Fixes #14551.
[renodr] - Update to icewm-2.1.1. Fixes #14553.
January 29th, 2021
[renodr] - Update to btrfs-progs-5.10. Fixes #14531.
[renodr] - Update to VLC-3.0.12 (Security Update). Fixes #14533.
[renodr] - Update to libgcrypt-1.9.1. Fixes #14534.
[renodr] - Update to gtk-doc-1.33.2. Fixes #14535.
[ken] - Update to dvisvgm-2.11.1. Fixes #14547.
[ken] - Update to IO-Socket-SSL-2.069 (perl module). Fixes #14552.
[ken] - Update to Business-ISBN-3.006 (perl module) with Business-ISBN-Data-20210112.001 (dependent perl module). Fixes #14537.
[ken] - Update to nss-3.61. Fixes #14549.
[ken] - Update to cbindgen-0.16.0. Fixes #14414.
January 26th, 2021
[timtas] - Update to xfce4-panel-4.16.1. Fixes #14571.
January 26th, 2021
[renodr] - Update to libical-3.0.9. Fixes #14525.
[renodr] - Update to libsigsegv-2.13. Fixes #14526.
[renodr] - Update to ModemManager-1.14.10. Fixes #14527.
[renodr] - Update to postfix-3.5.9. Fixes #14528.
[renodr] - Update to inkscape-1.0.2. Fixes #14530.
[timtas] - Update to sudo-1.9.5p2 (Critical security release). Fixes #14570.
[renodr] - Update to vorbis-tools-1.4.2 (Security Update). Fixes #14546.
[renodr] - Update to seamonkey-2.53.6 (Security Update). Fixes #14548.
January 25th, 2021
[renodr] - Archive libnfsidmap as nfs-utils builds its own version now.
[ken] - Update to mutt-2.0.5. Fixes #14544.
[ken] - Update to firefox-78.7.0 and JS 78.7.0. Both contain security fixes. Fixes #14564.
[timtas] - Update to evince-3.38.1. Fixes #14562.
[renodr] - Update to mutter-3.38.3. Fixes #14519.
[renodr] - Update to gnome-shell-3.38.3. Fixes #14518.
[renodr] - Update to nano-5.5. Fixes #14517.
[renodr] - Update the gstreamer stack to 1.18.3. Fixes #14516.
January 24th, 2021
[renodr] - Update to iptables-1.8.7. Fixes #14523.
January 23rd, 2021
[renodr] - Update to pygments-2.7.4. Fixes #14507.
[renodr] - Update to gcr-3.38.1. Fixes #14508.
[renodr] - Update to Thunar-4.16.2. Fixes #14509.
[renodr] - Update to pulseaudio-14.2. Fixes #14510.
[renodr] - Update to xapian-core-1.4.18. Fixes #14514.
[timtas] - Update to VTE-0.62.2. Fixes #14554.
January 22nd, 2021
[renodr] - Adjust dovecot to use /run/dovecot for it's runtime files instead of the deprecated /var/run.
[renodr] - Adjust the rpcbind socket to use /run instead of the deprecated /var/run for the socket location.
[renodr] - SANE: Fix the documentation installation by specifying the correct configure switch.
[pierre] - Update to fop-2.6. Fixes #14542.
[pierre] - Update to OpenJDK-15.0.2. Fixes #14536.
January 21st, 2021
[timtas] - Update to SQLite-3.34.1. Fixes #14540.
January 19th, 2021
[timtas] - Update to openldap-2.4.57. Fixes #14532.
January 18th, 2021
[ken] - Update to biber-2.16 with biblatex-3.16. Fixes #14410.
[ken] - Update remaining dependant perl modules pulled in by biber: File-Listing-6.14, HTTP-Cookies.6.10, HTTP-Message-6.27, IO-HTML-1.004, libwww-perl-6.52, Net-HTTP-6.20.
[timtas] - Update to xfce4-appfinder-4.16.1. Fixes #14529.
[ken] - Patch mutt to fix a memory leak.
[ken] - Update to DateTime-Calendar-Julian-0.103 (perl module). Fixes #14500.
[ken] - Update to URI-5.06 (perl module). Fixes #14521.
[ken] - Update first batch of dependant perl modules pulled in by biber: Algorithm-Diff-1.201, Alien-Build-2.37, Alien-LibXML2-0.17, Class-Singleton-1.6, Class-Tiny-1.008, Config-AutoConf-0.319, DateTime-1.54, DateTime-Format-Strptime-1.78, DateTime-Locale-1.31, DateTime-TimeZone-2.46, Importer-0.026, Package-Stash-0.39, Params-Validate-1.30.
January 16th, 2020
[pierre] - Update to elogind-249.6.2. Fixes #14524.
[pierre] - Update to Mako-1.1.4 (Python module). Fixes #14520.
[pierre] - Update to cmake-3.19.3. Fixes #14515.
[pierre] - Update to gptfdisk-1.0.6. Fixes #14512.
[pierre] - Update to mesa-20.3.3. Fixes #14511.
[pierre] - Update to tk-8.6.11.1. Fixes #14469.
[timtas] - Update to garcon-4.16.1. Fixes #14522.
[renodr] - Adapt ssh-copy-id (part of OpenSSH) to changes in bash-5.1.
January 14th, 2021
January 12th, 2021
[renodr] - Update to thunderbird-78.6.1 (Security Update). Fixes #14506.
[renodr] - Update to libblockdev-2.25. Fixes #14501.
[renodr] - Update to sudo-1.9.5p1 (Security Update). Fixes #14502.
[renodr] - Update to gnupg-2.2.27. Fixes #14503.
[renodr] - Update to ed-1.17. Fixes #14504.
[renodr] - Update to libdrm-2.4.104. Fixes #14505.
January 11th, 2021
[renodr] - Update to xfwm4-4.16.1. Fixes #14488.
[renodr] - Update to parole-4.16.0. Fixes #14499.
[renodr] - Update to feh-3.6.2. Fixes #14490.
[renodr] - Update to glew-2.2.0. Fixes #14492.
[renodr] - Update to libqmi-1.26.8. Fixes #14497.
[renodr] - Update to libevdev-1.10.1 (Xorg Driver). Fixes #14498.
[renodr] - Update to vala-0.50.3. Fixes #14494.
[renodr] - Update to gjs-1.66.2. Fixes #14491.
[renodr] - Update to gnome-maps-3.38.3. Fixes #14487.
[renodr] - Update to gnome-terminal-3.38.2. Fixes #14489.
[renodr] - Update to tracker-3.0.3. Fixes #14495.
[renodr] - Update to tracker-miners-3.0.4. Fixes #14496.
[renodr] - Update to wget-1.21.1. Fixes #14486.
[renodr] - Update to LVM2-2.03.11. Fixes #14484.
[renodr] - Update to gpgme-1.15.1. Fixes #14483.
[renodr] - Update to doxygen-1.9.1. Fixes #14485.
[ken] - Update to mutt-2.0.4. Fixes #14447.
January 9th, 2021
[renodr] - Update to evolution-3.38.3. Fixes #14482.
[renodr] - Update to evolution-data-server-3.38.3. Fixes #14481.
[renodr] - Update to gvfs-1.46.2. Fixes #14480.
[renodr] - Update to gnome-desktop-3.38.3. Fixes #14479.
[renodr] - Update to logrotate-3.18.0. Fixes #14478.
[renodr] - Update to cups-filters-1.28.7. Fixes #14477.
[renodr] - Update to gnome-control-center-3.38.3. Fixes #14476.
[renodr] - Update to py3c-1.3.1 (Python Module). Fixes #14474.
[renodr] - Update to php-8.0.1 (Security Update). Fixes #14473.
January 8th, 2021
January 7th, 2021
[timtas] - Update to icewm-2.0.1. Fixes #14470.
January 6th, 2021
January 5th, 2021
[renodr] - Introduce the systemd unit for smartmontools.
[renodr] - Remove an unnecessary "autoreconf -fiv" command from cifs-utils.
[renodr] - Update to node.js-14.15.4 (Security Update). Fixes #14462.
[renodr] - Update to nss-3.60.1. Fixes #14463.
[renodr] - Remove an unrecognized switch from the configure line for GnuPG.
[thomas] - Add "Running a git Server" page.
[thomas] - Remove '-i' from Cairo's autoreconf command to enable building without gtkdoc installed.
January 4th, 2021
[renodr] - Update to dovecot-2.3.13 (Security Update). Fixes #14460.
[renodr] - Update to nettle-3.7. Fixes #14461.
[renodr] - Update to umockdev-0.15.4. Fixes #14457.
[renodr] - Update to libpcap-1.10.0 (Security Update). Fixes #14456.
[renodr] - Update to python-dbusmock-0.22.0. Fixes #14455.
[renodr] - Update to poppler-21.01.0. Fixes #14454.
[renodr] - Update to haveged-1.9.14. Fixes #14453.
January 2nd, 2021
[renodr] - Fix the build of python bindings in libmusicbrainz.
[bdubbs] - Update to ruby-3.0.0. Fixes #14415.
[bdubbs] - Update to mesa-20.3.2. Fixes #14448.
[bdubbs] - Update to python-dbusmock-0.21.0. Fixes #14452.
[bdubbs] - Update to wget-1.21. Fixes #14449.
[bdubbs] - Update to vim-8.2.2253. Addreses #12241.
January 1st, 2021
[renodr] - Update to cifs-utils-6.12. Fixes #14451.
[renodr] - Update to gnome-disk-utility-3.38.1. Fixes #14384.
[renodr] - Update to epiphany-3.38.2. Fixes #14328.
[renodr] - Update to xscreensaver-5.45. Fixes #14362.
[renodr] - Add optional dependency on qrencode to systemd since it is now available in BLFS.
[renodr] - Update to shared-mime-info-2.1. Fixes #14450.
[pierre] - Update to plasma5-5.20.4. Fixes #13991.
[bdubbs] - Update to smartmontools-7.2. Fixes #14446.
[bdubbs] - Update to dhcpcd-9.4.0. Fixes #14442.
[bdubbs] - Update to libhandy-1.0.3. Fixes #14433.
[bdubbs] - Update to geoclue-2.5.7. Fixes #14432.
[bdubbs] - Update to opencv-4.5.1. Fixes #14426.
[pierre] - Introduce the libqrencode-4.1.1 library, now required for plasma.
[bdubbs] - Update to mousepad-0.5.1. Fixes #14424.
[bdubbs] - Update to xfce4-terminal-0.8.10. Fixes #14429.
[bdubbs] - Update to parole-4.15.0. Fixes #14440.
[bdubbs] - Update to xfce4-4.16. Fixes #14428, #13942, and #14427.
December 31st, 2020
December 30th, 2020
December 29th, 2020
December 28th, 2020
[renodr] - Update to samba-4.13.3. Fixes #14387.
[renodr] - Update to libwacom-1.7. Fixes #14394.
[bdubbs] - Update to enchant-2.2.15. Fixes #14425.
[bdubbs] - Update to libepoxy-1.5.5. Fixes #14423.
[bdubbs] - Update to SDL2-2.0.14. Fixes #14422.
[bdubbs] - Update to gmime-3.2.7.
[bdubbs] - Update to balsa-2.6.2. Fixes #14421.
[bdubbs] - Update to highlight-3.60. Fixes #14420.
[bdubbs] - Update to libgpg-error-1.41. Fixes #14419.
[bdubbs] - Update to gnupg-2.2.26. Fixes #14418.
[bdubbs] - Update to sysstat-12.5.2. Fixes #14413.
[bdubbs] - Update to wireshark-3.4.2. Fixes #14404.
[bdubbs] - Update to php-8.0.0. Fixes #14326.
December 25th, 2020
[renodr] - Update to thunderbird-78.6.0 (Security Update). Fixes #14329.
December 24th, 2020
December 21st, 2020
[bdubbs] - Update to atkmm-2.28.1. Fixes #14380.
[bdubbs] - Update to pangomm-2.42.2. Fixes #14382.
[bdubbs] - Update to glib-2.66.4. Fixes #14397.
[bdubbs] - Update to gegl-0.4.28. Fixes #14012.
[bdubbs] - Update to babl-0.1.84. Fixes #14017.
[bdubbs] - Update to sudo-1.9.4p2. Fixes #14011.
[bdubbs] - Update to python-dbusmock-0.20.0. Fixes #14409.
[bdubbs] - Update to elogind-246.9.1. Fixes #14408.
[bdubbs] - Update to tiff-4.2.0. Fixes #14407.
December 20th, 2020
[pierre] - Update to extra-cmake-modules, oxygen-icons, breeze-icons, and KDE-frameworks 5.77. Fixes #14014.
December 19th, 2020
[renodr] - Update to WebKitGTK+-2.30.4. Fixes #14388.
December 18th, 2020
[bdubbs] - Update to icu4c-68_2. Fixes #14399.
[bdubbs] - Update to sudo-1.9.4p1. Fixes #14398.
[bdubbs] - Update to LWP-Protocol-https-6.10 (Perl Module). Fixes #14401.
[bdubbs] - Update to node-14.15.3. Fixes #14400.
[bdubbs] - Update to bind-9.16.10 (including utils). Fixes #14396.
[pierre] - Update to mesa-20.3.1. Fixes #14339.
December 17th, 2020
[bdubbs] - Update to cmake-3.19.2. Fixes #14395.
[bdubbs] - Update to pipewire-0.3.18. Fixes #14392.
[bdubbs] - Update to node-14.15.2. Fixes #14390.
[bdubbs] - Update to icewm-2.0.0. Fixes #14383.
[bdubbs] - Update to fftw-3.3.9. Fixes #14379.
[bdubbs] - Update to xarchiver-0.5.4.16. Fixes #14377.
[bdubbs] - Update to enchant-2.2.14. Fixes #14376.
[bdubbs] - Update to imlib2-1.7.1. Fixes #14375.
[bdubbs] - Update to libva-2.10.0 (Xorg Driver). Fixes #14374.
December 16th, 2020
December 15th, 2020
[bdubbs] - Update to p11-kit-0.23.22 (security update). Fixes #14371.
[bdubbs] - Update to boost-1.75.0. Fixes #14373.
[bdubbs] - Update to Python-3.9.1. Fixes #14355.
[bdubbs] - Update to libcap-2.46. Fixes #14378.
[ken] - Update to firefox-78.6.0 (security fixes) and JS 78.6.0. Fixes #14386 and #14385.
December 14th, 2020
December 13th, 2020
December 11th, 2020
December 10th, 2020
December 9th, 2020
[renodr] - Adapt libwacom to upstream udev changes.
[ken] - MuPDF requires GLU. Fixes #14365.
[renodr] - Update the qtwebengine patch to fix the build. This involved rebasing the patch to add a missing header include in the libxml portion of the code.
December 8th, 2020
[bdubbs] - Update to gdk-pixbuf-2.42.2. Fixes #14359.
[bdubbs] - Update to sbc-1.5. Fixes #14358.
[bdubbs] - Update to mlt-6.24.0. Fixes #14357.
[bdubbs] - Update to unrar-6.0.3. Fixes #14354.
[bdubbs] - Update to gstreamer gst-plugins-base gst-plugins-good gst-plugins-bad gst-plugins-ugly gstreamer-vaapi gst-libav 1.18.2. Fixes #14350.
[bdubbs] - Update to xine-lib-1.2.11. Fixes #14351.
December 7th, 2020
December 5th, 2020
December 5th, 2020
[renodr] - Update to cups-filters-1.28.6. Fixes #14335.
[pierre] - Update to pcre2-10.36. Fixes #14340.
[renodr] - Update to xorg-server-1.20.10 (Security Update). Fixes #14322.
[renodr] - Update to systemd-247. Fixes #14176.
[renodr] - Update to nano-5.4. Fixes #14330.
[renodr] - Update to libtirpc-1.3.1. Fixes #14331.
[renodr] - Update to GnuTLS-3.7.0. Fixes #14332.
[renodr] - Adapt xf86-input-wacom to changes in udev.
[pierre] - Update to unbound-1.13.0(security update). Fixes #14338.
[pierre] - Update to mercurial-5.6.1. Fixes #14337.
[pierre] - Update to lua-5.4.2. Fixes #14336.
December 4th, 2020
[bdubbs] - Update to vim-8.2.2070. Addresses #12241.
December 2nd, 2020
December 1st, 2020
[bdubbs] - Update to sudo-1.9.4. Fixes #14320.
[bdubbs] - Update to feh-3.6. Fixes #14321.
[renodr] - Update to libsigc++-2.10.6. Fixes #14307.
[renodr] - Update to libsigc++-3.0.6. Fixes #14308.
[renodr] - Update to glibmm-2.64.5. Fixes #14323.
[renodr] - Update to umockdev-0.15.2. Fixes #14309.
[renodr] - Update to Mousepad-0.5.0. Fixes #14274.
[renodr] - Update to php-7.4.13. Fixes #14311.
[renodr] - Update to bind-9.16.9 (including utils). Fixes #14312.
November 30th, 2020
November 28th, 2020
November 26th, 2020
[ken] - Update to asymptote-2.68. Fixes #14297.
[ken] - Update to dvisvgm-2.10.1. Fixes #14059.
[ken] - Update to mutt-2.0.2 (Security fix if connecting to an IMAP server). Fixes #14217.
[renodr] - Update to yelp-xsl-3.38.2. Fixes #14290.
[renodr] - Update to gnome-desktop-3.38.2. Fixes #14305.
[renodr] - Update to evolution-data-server-3.38.2. Fixes #14282.
[renodr] - Update to evolution-3.38.2. Fixes #14284.
[renodr] - Update to dconf-editor-3.38.2. Fixes #14296.
[renodr] - Update to nautilus-3.38.2. Fixes #14283.
[renodr] - Update to gnome-control-center-3.38.2. Fixes #14267.
[renodr] - Update to gnome-user-docs-3.38.2. Fixes #14289.
[renodr] - Update to yelp-3.38.2. Fixes #14303.
[renodr] - Update to eog-3.38.1. Fixes #14292.
[renodr] - Update to gnome-calculator-3.38.2. Fixes #14293.
[renodr] - Update to gnome-maps-3.38.2. Fixes #14294.
[renodr] - Update to gedit-3.38.1. Fixes #14273.
November 25th, 2020
November 24th, 2020
November 22nd, 2020
[bdubbs] - Update to scour-0.38.2 (Python Module). Fixes #14295.
[bdubbs] - Update to sysstat-12.5.1. Fixes #14288.
[bdubbs] - Update to hdparm-9.60. Fixes #14287.
[bdubbs] - Update to qpdf-10.0.4. Fixes #14286.
[bdubbs] - Update to glibmm-2.64.4. Fixes #14285.
[bdubbs] - Update to tepl-5.0.1. Fixes #14280.
[bdubbs] - Update to dhcpcd-9.3.3. Fixes #14278.
[bdubbs] - Update to pipewire-0.3.16. Fixes #14270.
[bdubbs] - Update to librsvg-2.50.2. Fixes #14277.
[bdubbs] - Update to libxkbcommon-1.0.2. Fixes #14276.
[bdubbs] - Update to libseccomp-2.5.1. Fixes #14275.
[bdubbs] - Update to libX11-1.7.0 (Xorg Library). Fixes #14279.
[bdubbs] - Update to xprop-1.2.5 (Xorg app). Fixes #14268.
November 21st, 2020
November 20th, 2020
November 19th, 2020
[renodr] - Update to Thunderbird-78.5.0 (Security Update). Fixes #14264.
[renodr] - Update to Net-DNS-1.29 (Perl Module). Fixes #14262.
[renodr] - Update to krb5-1.18.3 (Security Update). Fixes #14258.
[renodr] - Update to umockdev-0.15.1. Fixes #14259.
[renodr] - Update to tcsh-6.22.03. Fixes #14260.
[renodr] - Update to libksba-1.5.0. Fixes #14261.
[renodr] - Update to cmake-3.19.0. Fixes #14263.
[renodr] - Update to vala-0.50.2. Fixes #14265.
[renodr] - Update to c-ares-1.17.1 (Security Update). Fixes #14255.
[renodr] - Update to Node.JS-14.15.1 (Security Update). Fixes #14252.
[renodr] - Update to gtk-doc-1.33.1. Fixes #14257.
[renodr] - Update to ModemManager-1.14.8. Fixes #14254.
[renodr] - Update to GnuPG-2.2.24. Fixes #14256.
November 17th, 2020
[timtas] - Update to libjpeg-turbo-2.0.6. Fixes #14253.
November 16th, 2020
[ken] - Update firmware page for intel microcode-20201112. Fixes #14233.
[renodr] - Update to NSS-3.59. Fixes #14244.
[renodr] - Update to glib-2.66.3. Fixes #14249.
[renodr] - Update to tumbler-0.3.1. Fixes #14247.
[renodr] - Update to umockdev-0.15. Fixes #14251.
[ken] - Update to Firefox-78.5.0 and JS78-78.5.0 (security fixes). Fixes #14250.
[bdubbs] - Update to paxmirabilis-20201030 (pax). Fixes #14248.
November 15th, 2020
November 13th, 2020
November 12th, 2020
[renodr] - Update to PostgreSQL-13.1 (Security Update). Fixes #14241.
[renodr] - Update to thunderbird-78.4.3. Fixes #14237.
[renodr] - Update to libhandy-1.0.2. Fixes #14239.
[renodr] - Update to unrar-6.0.2. Fixes #14240.
[bdubbs] - Update to mariadb-10.5.8. Fixes #14235.
[bdubbs] - Update to xterm-362. Fixes #14236.
[bdubbs] - Update to LSB-Tools-0.9. Fixes #14234.
November 11th, 2020
[renodr] - Added gdk-pixbuf-xlib. Fixes #14225.
[renodr] - Update to gdk-pixbuf-2.42.0. Fixes #14224.
[renodr] - Archive libhandy-0.x.
[renodr] - Port gnome-tweaks to libhandy1. Fixes #14226.
[renodr] - Update to mesa-20.2.2. Fixes #14219.
[renodr] - Update to seahorse-3.38.0.1. Fixes #14220.
[renodr] - Update to fontforge-20201107. Fixes #14221.
[renodr] - Update to pango-1.48.0. Fixes #14222.
[renodr] - Update to xfconf-4.14.4. Fixes #14223.
[bdubbs] - Update to Linux-PAM-1.5.0. Fixes #14231.
[timtas] - Update to openldap-2.4.56. Fixes #14232.
November 10th, 2020
[renodr] - Patch Seamonkey against CVE-2020-26950. This update is urgent and should be applied to your system as soon as possible. Fixes #14227.
[bdubbs] - Update to icewm-1.9.2. Fixes #14230.
[renodr] - Update to thunderbird-78.4.2. Contains an urgent security fix. Fixes #14216.
[timtas] - Update to sshfs-3.7.1. Fixes #14229.
November 9th, 2020
November 6th, 2020
[renodr] - Update to bluefish-2.2.12. Fixes #14215.
[pierre] - Recommend Xorg libs for SDL and SDL2, and Wayland for SDL2: some dependent packages assume the corresponding modules exist.
November 5th, 2020
[pierre] - Patch asymptote-2.67 to build with ghostscript-9.53.
[renodr] - Update to xkbcomp-1.4.4 (Xorg Application). Fixes #14214.
[renodr] - Update to icewm-1.9.1. Fixes #14213.
[renodr] - Update to enchant-2.2.13. Fixes #14204.
[renodr] - Update to dhcpcd-9.3.2. Fixes #14201.
[renodr] - Update to pycryptodome-3.9.9 (Python Module). Fixes #14200.
[renodr] - Update to liblinear-242. Fixes #14196.
[renodr] - Update to qpdf-10.0.3. Fixes #14197.
[renodr] - Update to mercurial-5.6. Fixes #14207.
November 4th, 2020
[renodr] - Update to Thunar-1.8.16. Fixes #14194.
[renodr] - Update to poppler-20.11.0. Fixes #14199.
[renodr] - Update to colord-1.4.5. Fixes #14206.
[renodr] - Update to xfdesktop-4.14.3. Fixes #14202.
[renodr] - Update to xfwm4-4.14.6. Fixes #14198.
[renodr] - Update to libdrm-2.4.103. Fixes #14212.
[renodr] - Update to libwacom-1.6. Fixes #14205.
[renodr] - Update to libinput-1.16.3. Fixes #14211.
[bdubbs] - Fix python2's install procedures to omit unneeded files.
[renodr] - Update to mariadb-10.5.7 (Security Update). Fixes #14210.
[bdubbs] - Update to iptables-1.8.6. Fixes #14195.
[renodr] - Update to pipewire-0.3.15. Fixes #14193.
[renodr] - Update to libhandy-1.0.1. Fixes #14191.
[renodr] - Update to icewm-1.9.0. Fixes #14190.
[renodr] - Update to gdm-3.38.2. Fixes #14209.
[renodr] - Update to libreoffice-7.0.3.1 and adapt to ICU-68. This allows Libreoffice to use system ICU again. Fixes #14189.
[renodr] - Update to wireshark-3.4.0. Fixes #14188.
[renodr] - Update to php-7.4.12. Fixes #14187.
November 3rd, 2020
[renodr] - Add a patch to telepathy-glib to fix various issues. These issues include porting the tests, examples, and internal tools to python3, fixing memory leaks, porting to modern build machinery, and fixing the testsuite to work with glib-2.46 and later.
[renodr] - Update to samba-4.13.2. Fixes a data corruption issue involving systems with the vfs_glusterfs module. Fixes #14208.
[renodr] - Update to git-2.29.2. Fixes #14186.
[renodr] - Update to asciidoc-9.0.4. Fixes #14192.
[ken] - Patch qtwebengine to build with ICU68.
November 1st, 2020
[ken] - Do not use system icu in libreoffice, ICU-68 breaks at least one of the external tarballs.
October 30th, 2020
October 29th, 2020
[bdubbs] - Update to icu4c-68_1-src. Fixes #14184.
October 27th, 2020
October 26th, 2020
[ken] - Update to rustc-1.47.0 to allow system llvm-11 to be used. Patch firefox and thunderbird for this. Fixes #14142.
[ken] - Update to llvm-11.0.0. Fixes #14133.
[renodr] - Update to Pygments-2.7.2. Fixes #14173.
[renodr] - Update to git-2.29.1. Fixes #14171.
[renodr] - Update to Net-DNS-1.28 (Perl Module). Fixes #14170.
[renodr] - Update to umockdev-0.14.4. Fixes #14169.
[renodr] - Update to libgcrypt-1.8.7. Fixes #14168.
[renodr] - Update to gdb-10.1. Fixes #14174.
[renodr] - Update to libassuan-2.5.4. Fixes #14167.
October 25th, 2020
October 23rd, 2020
[ken] - Update to thunderbird-78.4.0 (security fix). Fixes #14100.
October 23rd, 2020
October 22nd, 2020
[renodr] - Update to nfs-utils-2.5.2. Fixes #14161.
[renodr] - Update to bind9 and bind-utils 9.16.8. Fixes #14160.
[renodr] - Update to URI-5.05 (Perl Module). Fixes #14159.
[renodr] - Update to List-MoreUtils-0.430 (Perl Module). Fixes #14158.
[renodr] - Update to List-MoreUtils-XS-0.430 (Perl Module). Fixes #14162.
[renodr] - Update to poppler-data-0.4.10. Fixes #14157.
[renodr] - Update to faad2-2_10_0. Fixes #14156.
[renodr] - Update to alsa-lib, alsa-firmware, and alsa-utils 1.2.4. Fixes #14135.
[renodr] - Update to xfsprogs-5.9.0. Fixes #14154.
October 21st, 2020
[renodr] - Add configuration instructions for the systemd variant of TigerVNC.
[renodr] - Adapt gnome-nettool to work with current versions of ping, ping6, and netstat.
[renodr] - Update to epiphany-3.38.1. Finishes #14032.
[renodr] - Update to gedit-3.38.0. Part of #14032.
[renodr] - Update to gnome-terminal-3.38.1. Part of #14032.
[renodr] - Update to gnome-system-monitor-3.38.0. Part of #14032.
[renodr] - Update to gnome-screenshot-3.38.0. Part of #14032.
[renodr] - Update to gnome-maps-3.38.1.1. Part of #14032.
[renodr] - Update to gnome-disk-utility-3.38.0. Part of #14032.
[renodr] - Update to gnome-calculator-3.38.0. Part of #14032.
[renodr] - Update to file-roller-3.38.0. Part of #14032.
[renodr] - Update to evolution-3.38.1. Part of #14032.
[renodr] - Update to NetworkManager-1.26.4. Fixes #14139.
[renodr] - Update to ModemManager-1.14.6. Fixes #14138.
[renodr] - Update to openldap-2.4.54. Fixes #14135.
October 20th, 2020
October 19th, 2020
[renodr] - Fixed a regression in avahi that leads to severe log spam on systems with multiple NICs installed and that have IPv6 enabled.
[renodr] - Update to glib2-2.66.2. Contains a fix for European Daylight Savings Time. Fixes #14150.
[renodr] - Update to curl-7.73.0. Fixes #14140.
[ken] - Update to firefox-78.4.0 (security fixes) and JS78.4.0. Fixes #14151.
[bdubbs] - Update to lxml-4.6.1 (Perl Module). Fixes #14149.
October 18th, 2020
October 17th, 2020
October 16th, 2020
October 15th, 2020
[bdubbs] - Update to dhcpcd-9.3.1. Fixes #14134.
[bdubbs] - Update to libpwquality-1.4.3. Fixes #14130.
[bdubbs] - Update to cups-filters-1.28.5. Fixes #14115.
[bdubbs] - Update to libcap-2.44. Fixes #14096.
[bdubbs] - Update to Python-3.9.0. Fixes #14098.
[bdubbs] - Update to mesa-20.2.1. Fixes #14077.
[renodr] - Update to EOG-3.38.0. Part of #14032.
[renodr] - Update to baobab-3.38.0. Part of #14032.
[renodr] - Added libportal. Fixes #14038.
[renodr] - Update to gdm-3.38.1. Fixes #14136.
[renodr] - Fix the dependency on tracker3 in tracker-miners3.
October 14th, 2020
October 13th, 2020
October 12th, 2020
[renodr] - Update to yelp-3.38.1. Finishes #14031.
[renodr] - Update to gnome-user-docs-3.38.1. Part of #14031.
[renodr] - Update to gdm-3.38.0. Part of #14031.
[renodr] - Update to gnome-session-3.38.0. Part of #14031.
[renodr] - Update to gnome-shell-extensions-3.38.1. Part of #14031.
[renodr] - Update to gnome-shell-3.38.1. Part of #14031.
[renodr] - Update to mutter-3.38.1. Part of #14031.
[renodr] - Update to gnome-control-center-3.38.1. Part of #14031.
[renodr] - Update to gnome-settings-daemon-3.38.1. Part of #14031.
[renodr] - Update to gnome-bluetooth-3.34.3. Part of #14031.
October 11th, 2020
[renodr] - Update to gnome-backgrounds-3.38.0. Part of #14031.
[renodr] - Update to fuse-3.10.0. Fixes #14122.
[renodr] - Update to samba-4.13.0. Fixes #14057.
[renodr] - Update to gvfs-1.46.1. Part of #14031.
[renodr] - Update to nautilus-3.38.1. Part of #14031.
[bdubbs] - Update to freetype-2.10.3. Fixes #14125.
[bdubbs] - Update to lua-5.4.1. Fixes #14121.
[bdubbs] - Update to xcb-proto-1.14.1. Fixes #14112.
[bdubbs] - Update to cbindgen-0.15.0. Fixes #14108.
[bdubbs] - Update to libqmi-1.26.6. Fixes #14107.
[bdubbs] - Update to node-12.19.0. Fixes #14103.
[bdubbs] - Update to cmake-3.18.4. Fixes #14102.
[bdubbs] - Update to dhcpcd-9.3.0. Fixes #14099.
[renodr] - Update to gjs-1.66.1. Fixes #14117.
[renodr] - Update to libsecret-0.20.4. Fixes #14124.
[renodr] - Update to vte-0.62.1. Fixes #14118.
[renodr] - Update to yelp-xsl-3.38.1. Fixes #14116.
[renodr] - Update to gnome-online-accounts-3.38.0. Fixes #14120.
October 9th, 2020
[thomas] - Update to unbound-1.12.0. Fixes #14113.
October 8th, 2020
[renodr] - Update to Tracker-Miners-3.0 and move to a separate page. Fixes #14030.
[renodr] - Update to Tracker-3.0.1 and move to a separate page. Part of #14030.
[renodr] - Update to dconf-0.38.0. Part of #14031.
[renodr] - Update to dconf-editor-3.38.0. Part of #14031.
[renodr] - Update to evolution-data-server-3.38.1. Part of #14030.
[renodr] - Update to libpeas-1.28.0. Part of #14030.
[renodr] - Update to cheese-3.38.0. Part of #14032.
[renodr] - Update to gnome-desktop-3.38.1. Part of #14030.
[renodr] - Update to yelp-xsl-3.38.0. Part of #14030.
[renodr] - Update to VTE-0.62.0. Part of #14030.
[renodr] - Update to gsettings-desktop-schemas-3.38.0. Part of #14030.
[renodr] - Drop the Python2 version of PyCryptodome.
[bdubbs] - Update to nano-5.3. Fixes #14106.
[bdubbs] - Update to libinput-1.16.2 (Xorg Driver). Fixes #14105.
[bdubbs] - Update to XML-Writer-0.900 (Perl Module). Fixes #14104.
[bdubbs] - Update to xkeyboard-config-2.31. Fixes #14101.
[bdubbs] - Update to pycairo-1.20.0 (Python module). Fixes #12497.
October 7th, 2020
October 6th, 2020
October 5th, 2020
October 4th, 2020
[bdubbs] - Update to gtk-doc-1.33.0. Fixes #14086.
[bdubbs] - Update to libmbim-1.24.4. Fixes #14084.
[bdubbs] - Update to ibus-1.5.23. Fixes #14080.
[bdubbs] - Update to Python-3.8.6. Fixes #14066.
[pierre] - Update to ghostscript-9.53.3. Fixes #14093.
[pierre] - Update to nmap-7.90. Fixes #14092.
[pierre] - Update to mercurial-5.5.2. Fixes #14089.
[pierre] - Update to librsvg-2.50.1. Fixes #14088.
[thomas] - Update to apache-ant-1.10.9. Fixes #14082.
October 2nd, 2020
September 29th, 2020
[bdubbs] - Update to pipewire-0.3.13. Fixes #14078.
September 28th, 2020
September 27th, 2020
September 26th, 2020
September 25th, 2020
[bdubbs] - Update to pipewire-0.3.11. Fixes #14033.
[pierre] - Update to libnsl-1.3.0. Fixes #14069.
[pierre] - Update to cups-filters-1.28.3. Fixes #14068.
[pierre] - Update to postgresql-13.0. Fixes #14067.
[pierre] - Update to libuv-1.40.0. Fixes #14065.
[pierre] - Update to thunderbird-78.3.0 (security fix). Fixes #14064.
[pierre] - Update to wireshark-3.2.7. Fixes #14063.
[pierre] - Update to sudo-1.9.3p1. Fixes #14062.
September 24th, 2020
[thomas] - Update to cmake-3.18.3. Fixes #14061.
September 23rd, 2020
[bdubbs] - Update to seamonkey-2.53.4. Fixes #14058.
[bdubbs] - Update to Unicode-Collate-1.28. Fixes #14060.
[renodr] - Update to amtk-5.2.0. Part of #14029.
[renodr] - Update to at-spi2-core-2.38.0. Part of #14029.
[renodr] - Update to at-spi2-atk-2.38.0. Part of #14029.
[renodr] - Update to pyatspi-2.38.0. Part of #14029.
[renodr] - Update to gtksourceview-4.8.0. Part of #14029.
[renodr] - Update to libhandy-1.0.0 and split into a different page, since this major release is needed for two packages in the book, but incompatible with others. Part of #14029.
[renodr] - Update to tepl-5.0.0. Part of #14029.
September 22nd, 2020
September 21st, 2020
[renodr] - Update to adwaita-icon-theme-3.38.0. Part of #14029.
[renodr] - Update to librsvg-2.50.0. Part of #14029.
[renodr] - Update to libsoup-2.72.0. Part of #14029.
[renodr] - Update to glib-networking-2.66.0. Part of #14029.
[ken] - Update to firefox-78.3.0 (security fixes) and JS78.3.0. Fixes #14054.
[renodr] - Update to libdazzle-3.38.0. Part of #14029.
[renodr] - Add sysprof-3.38.0. Fixes #14051.
[bdubbs] - Update to xterm-360. Fixes #14053.
September 20th, 2020
September 19th, 2020
[ken] - Update to nss-3.57. Fixes #14050.
[renodr] - Update to pygobject-3.38.0. Part of #14029.
[renodr] - Update to json-glib-1.6.0. Part of #14029.
[renodr] - Adapt NetworkManager to build with the latest pygobject.
[renodr] - Adapt the tests in libpeas to meson-0.55. Note that this affects the new version of libpeas as well.
[renodr] - Disable documentation generation for the python2 version of dbus-python. This is due to changes in docutils being python3 only.
[renodr] - In preperation for the removal of the python2 module in pygobject3's update, force the dbus tests to use python3.
[bdubbs] - Update to bind-9.16.7. Fixes #14042.
[bdubbs] - Update to pango-1.46.2. Fixes #14048.
[bdubbs] - Update to nspr-4.29. Fixes #14046.
[bdubbs] - Update to Pygments-2.7.1 (Python Module). Fixes #14044.
[bdubbs] - Update to PerlIO-utf8_strict-0.008 (Perl Module). Fixes #14049.
[bdubbs] - Update to Log-Log4perl-1.53 (Perl Module). Fixes #14045.
September 17th, 2020
September 16th, 2020
September 15th, 2020
September 14th, 2020
[ken] - Update to biber-2.15 with biblatex-3.15a. Fixes #13934.
September 13th, 2020
[renodr] - Update the gstreamer stack to 1.18.0. Fixes #14023.
[ken] - Promote clang in LLVM from Optional to Recommended. Add clang as a required dependency for firefox.
September 12th, 2020
[renodr] - Update to gnome-user-docs-3.36.0. Fixes #14011.
[renodr] - Update to tracker-2.3.6. Fixes #14016.
[renodr] - Update to tracker-miners-2.3.5. Fixes #14016.
[renodr] - Update to gnome-desktop-3.36.6. Fixes #14025.
[renodr] - Update to Thunderbird-78.2.2, and modify the build instructions for a smaller and faster build. Fixes #13969 and #13982.
September 11th, 2020
September 10th, 2020
[bdubbs] - Update to qt-everywhere-src-5.15.1 and qtwebengine-everywhere-src-5.15.1. Fixes #14026.
September 8th, 2020
September 7th, 2020
September 6th, 2020
[bdubbs] - Update to libreoffice-7.0.1.2. Fixes #13999.
[bdubbs] - Update to cryptsetup-2.3.4. Fixes #13995.
[bdubbs] - Update to postfix-3.5.7. Fixes #13983.
[bdubbs] - Update to brotli-1.0.9. Fixes #13973.
[bdubbs] - Update to scour-0.38.1. Fixes #13997.
[bdubbs] - Update to vala-0.48.10. Fixes #14008.
[bdubbs] - Update to unixODBC-2.3.9. Fixes #13986.
[bdubbs] - Update to gnupg-2.2.23. Fixes #13974.
[bdubbs] - Update to enchant-2.2.10. Fixes #13957.
[bdubbs] - Update to Log-Log4perl-1.52 (Perl Module). Fixes #14010.
[bdubbs] - Update to List-AllUtils-0.18 (Perl Module). Fixes #14009.
[bdubbs] - Update to HTML-Parser-3.75 (Perl Module). Fixes #13971.
September 5th, 2020
[bdubbs] - Update to glib-2.64.5. Fixes #13941.
[renodr] - Update to cifs-utils-6.11 (Security Update). Fixes #13998.
[renodr] - Update to libgdata-0.17.13. Fixes #13994.
[renodr] - Update to grilo-0.3.13. Fixes #13993.
[renodr] - Update to libwacom-1.5. Fixes #13985.
[renodr] - Update to telepathy-mission-control-5.16.6. Fixes #13970.
[renodr] - Update to tracker-miners-2.3.4. Fixes #13964.
[renodr] - Update to tracker-2.3.5. Fixes #13964.
[renodr] - Update to BIND and BIND Utilites-9.16.6 (Security Update). Fixes #13949.
[renodr] - Update to umockdev-0.14.3. Fixes #13959.
[pierre] - Update to js-68.12.0 (from firefox esr). Fixes #14006.
[pierre] - Update to xfsprogs-5.8.0. Fixes #14005.
[pierre] - Update to gnutls-3.6.15 (security update). Fixes #14004.
[pierre] - Update to at-spi2-core-2.36.1. Fixes #14003.
[pierre] - Update to gtk+-3.24.23. Fixes #14002.
[pierre] - Update to amtk-5.1.2. Fixes #14001.
[pierre] - Update to gspell-1.8.4. Fixes #14000.
[pierre] - Update to php-7.4.10. Fixes #13996.
[pierre] - Update to mercurial-5.5.1. Fixes #13989.
[pierre] - Update to cups-filters-1.28.1. Fixes #13972.
[thomas] - Update to poppler-20.09.0. Fixes #13988.
September 4th, 2020
[renodr] - Update to pipewire-0.3.10. Fixes #13943.
[bdubbs] - Update to icewm-1.8.1. Fixes #13984.
[bdubbs] - Update to feh-3.5. Fixes #13981.
[bdubbs] - Update to harfbuzz-2.7.1. Fixes #13978.
[bdubbs] - Update to iw-5.8. Fixes #13975.
[bdubbs] - Update to libgpg-error-1.39. Fixes #13961.
[bdubbs] - Update to nasm-2.15.05. Fixes #13952.
[bdubbs] - Update to cbindgen-0.14.4. Fixes #13951.
[bdubbs] - Update to pango-1.46.1. Fixes #13948.
[bdubbs] - Update to mesa-20.1.7. Fixes #13946.
[bdubbs] - Update to p11-kit-0.23.21. Fixes #13939.
September 3rd, 2020
[renodr] - Update to doxygen-1.8.20. Fixes #13962.
[renodr] - Update to libX11-1.6.12 (Security Update). Fixes #13967.
[renodr] - Update to xorg-server-1.20.9 (Security Update). Fixes #13968.
[renodr] - Update to xapian-1.4.17. Fixes #13956.
[bdubbs] - Update to xfce4-notifyd-0.6.2. Fixes #13987.
[bdubbs] - Update to links-2.21. Fixes #13936.
[bdubbs] - Update to scour-0.38. Fixes #13935.
[bdubbs] - Update to libcap-2.43. Fixes #13931.
September 2nd, 2020
[renodr] - Update to cmake-3.18.2. Fixes #13950.
[renodr] - Update to libuv-1.39.0. Fixes #13966.
[ken] - Correct the md5sum for perl module dependency IPC-System-Simple-1.30.tar.gz, noticed by Chris Gorman.
[renodr] - Update to openldap-2.4.52. Fixes #13979.
[renodr] - Update to curl-7.72.0. Fixes #13945.
[renodr] - Update to nspr-4.28. Fixes #13954.
[renodr] - Update to NSS-3.56. Fixes #13955.
[renodr] - Update to NetworkManager-1.26.2. Fixes #13944.
[renodr] - Update to libqmi-1.26.4. Fixes #13958.
[renodr] - Update to ModemManager-1.14.2. Fixes #13947.
September 1st, 2020
[bdubbs] - Release of BLFS-10.0.
Last updated on 2021-02-28 09:38:00 -0800
The linuxfromscratch.org server is hosting a number of mailing lists that are used for the development of the BLFS book. These lists include, among others, the main development and support lists.
For more information regarding which lists are available, how to subscribe to them, archive locations, etc., visit http://www.linuxfromscratch.org/mail.html.
Last updated on 2007-04-04 12:42:53 -0700
The BLFS Project has created a Wiki for users to comment on pages and instructions at http://wiki.linuxfromscratch.org/blfs/wiki. Comments are welcome from all users.
The following are the rules for posting:
Users must register and log in to edit a page.
Suggestions to change the book should be made by creating a new ticket, not by making comments in the Wiki.
Questions with your specific installation problems should be made by subscribing and mailing to the BLFS Support Mailing List at mailto:blfs-support AT linuxfromscratch D0T org.
Discussions of build instructions should be made by subscribing and mailing to the BLFS Development List at mailto:blfs-dev AT linuxfromscratch D0T org.
Inappropriate material will be removed.
Last updated on 2007-04-04 12:42:53 -0700
If you encounter a problem while using this book, and your problem is not listed in the FAQ (http://www.linuxfromscratch.org/faq), you will find that most of the people on Internet Relay Chat (IRC) and on the mailing lists are willing to help you. An overview of the LFS mailing lists can be found in Mailing lists. To assist us in diagnosing and solving your problem, include as much relevant information as possible in your request for help.
Before asking for help, you should review the following items:
Is the hardware support compiled into the kernel or
available as a module to the kernel? If it is a module,
is it configured properly in modprobe.conf
and has it been loaded?
You should use lsmod as the
root
user to see if
it's loaded. Check the sys.log
file or run modprobe <driver>
to review any error message. If it loads properly, you
may need to add the modprobe command to
your boot scripts.
Are your permissions properly set, especially for
devices? LFS uses groups to make these settings easier,
but it also adds the step of adding users to groups to
allow access. A simple usermod -G audio <user>
may be all that's necessary for that user to have
access to the sound system. Any question that starts
out with “It works as root, but not as
...” requires a thorough review of
permissions prior to asking.
BLFS liberally uses /opt/
.
The main objection to this centers around the need to
expand your environment variables for each package
placed there (e.g., PATH=$PATH:/opt/kde/bin). In most
cases, the package instructions will walk you through
the changes, but some will not. The section called
“Going Beyond
BLFS” is available to help you
check.
<package>
Apart from a brief explanation of the problem you're having, the essential things to include in your request are:
the version of the book you are using (being 10.1),
the package or section giving you problems,
the exact error message or symptom you are receiving,
whether you have deviated from the book or LFS at all,
if you are installing a BLFS package on a non-LFS system.
(Note that saying that you've deviated from the book doesn't mean that we won't help you. It'll just help us to see other possible causes of your problem.)
Expect guidance instead of specific instructions. If you are instructed to read something, please do so. It generally implies that the answer was way too obvious and that the question would not have been asked if a little research was done prior to asking. The volunteers in the mailing list prefer not to be used as an alternative to doing reasonable research on your end. In addition, the quality of your experience with BLFS is also greatly enhanced by this research, and the quality of volunteers is enhanced because they don't feel that their time has been abused, so they are far more likely to participate.
An excellent article on asking for help on the Internet in general has been written by Eric S. Raymond. It is available online at http://www.catb.org/~esr/faqs/smart-questions.html. Read and follow the hints in that document and you are much more likely to get a response to start with and also to get the help you actually need.
Last updated on 2009-09-24 22:43:37 -0700
Many people have contributed both directly and indirectly to BLFS. This page lists all of those we can think of. We may well have left people out and if you feel this is the case, drop us a line. Many thanks to all of the LFS community for their assistance with this project.
Bruce Dubbs
Pierre Labastie
DJ Lucas
Ken Moffat
Douglas Reno
The list of contributors is far too large to provide detailed information about the contributions for each contributor. Over the years, the following individuals have provided significant inputs to the book:
Timothy Bauscher
Daniel Bauman
Jeff Bauman
Andy Benton
Wayne Blaszczyk
Paul Campbell
Nathan Coulson
Jeroen Coumans
Guy Dalziel
Robert Daniels
Richard Downing
Manuel Canales Esparcia
Jim Gifford
Manfred Glombowski
Ag Hatzimanikas
Mark Hymers
James Iwanek
David Jensen
Jeremy Jones
Seth Klein
Alex Kloss
Eric Konopka
Larry Lawrence
Chris Lynn
Andrew McMurry
Randy McMurchy
Denis Mugnier
Billy O'Connor
Fernando de Oliveira
Alexander Patrakov
Olivier Peres
Andreas Pedersen
Henning Rohde
Matt Rogers
James Robertson
Henning Rohde
Chris Staub
Jesse Tie-Ten-Quee
Ragnar Thomsen
Thomas Trepl
Tushar Teredesai
Jeremy Utley
Zack Winkles
Christian Wurst
Igor Živković
Fernando Arbeiza
Miguel Bazdresch
Gerard Beekmans
Oliver Brakmann
Jeremy Byron
Ian Chilton
David Ciecierski
Jim Harris
Lee Harris
Marc Heerdink
Steffen Knollmann
Eric Konopka
Scot McPherson
Ted Riley
Last updated on 2018-09-01 14:51:57 -0700
Please direct your emails to one of the BLFS mailing lists. See Mailing lists for more information on the available mailing lists.
Last updated on 2012-02-05 21:15:51 -0800
This chapter is used to explain some of the policies used throughout the book, to introduce important concepts and to explain some issues you may see with some of the included packages.
Those people who have built an LFS system may be aware of the general principles of downloading and unpacking software. Some of that information is repeated here for those new to building their own software.
Each set of installation instructions contains a URL from which you can download the package. The patches; however, are stored on the LFS servers and are available via HTTP. These are referenced as needed in the installation instructions.
While you can keep the source files anywhere you like, we assume that you have unpacked the package and changed into the directory created by the unpacking process (the 'build' directory). We also assume you have uncompressed any required patches and they are in the directory immediately above the 'build' directory.
We can not emphasize strongly enough that you should start from
a clean source tree each
time. This means that if you have had an error during
configuration or compilation, it's usually best to delete the
source tree and re-unpack it before trying again. This obviously
doesn't apply if you're an advanced user used to hacking
Makefile
s and C code, but if in
doubt, start from a clean tree.
The golden rule of Unix System Administration is to use your
superpowers only when necessary. Hence, BLFS recommends that
you build software as an unprivileged user and only become
the root
user when installing
the software. This philosophy is followed in all the packages
in this book. Unless otherwise specified, all instructions
should be executed as an unprivileged user. The book will
advise you on instructions that need root
privileges.
If a file is in .tar
format and
compressed, it is unpacked by running one of the following
commands:
tar -xvf filename.tar.gz tar -xvf filename.tgz tar -xvf filename.tar.Z tar -xvf filename.tar.bz2
You may omit using the v
parameter in the commands shown above and below if you wish
to suppress the verbose listing of all the files in the
archive as they are extracted. This can help speed up the
extraction as well as make any errors produced during the
extraction more obvious to you.
You can also use a slightly different method:
bzcat filename.tar.bz2 | tar -xv
Finally, you sometimes need to be able to unpack patches
which are generally not in .tar
format. The best way to do this is to copy the patch file to
the parent of the 'build' directory and then run one of the
following commands depending on whether the file is a
.gz
or .bz2
file:
gunzip -v patchname.gz bunzip2 -v patchname.bz2
Generally, to verify that the downloaded file is genuine and
complete, many package maintainers also distribute md5sums of
the files. To verify the md5sum of the downloaded files,
download both the file and the corresponding md5sum file to
the same directory (preferably from different on-line
locations), and (assuming file.md5sum
is the md5sum file downloaded)
run the following command:
md5sum -c file.md5sum
If there are any errors, they will be reported. Note that the
BLFS book includes md5sums for all the source files also. To
use the BLFS supplied md5sums, you can create a file.md5sum
(place the md5sum data and the
exact name of the downloaded file on the same line of a file,
separated by white space) and run the command shown above.
Alternately, simply run the command shown below and compare
the output to the md5sum data shown in the BLFS book.
md5sum <name_of_downloaded_file>
For larger packages, it is convenient to create log files
instead of staring at the screen hoping to catch a particular
error or warning. Log files are also useful for debugging and
keeping records. The following command allows you to create
an installation log. Replace <command>
with the
command you intend to execute.
( <command>
2>&1 | tee compile.log && exit $PIPESTATUS )
2>&1
redirects error
messages to the same location as standard output. The
tee command
allows viewing of the output while logging the results to a
file. The parentheses around the command run the entire
command in a subshell and finally the exit $PIPESTATUS command
ensures the result of the <command>
is returned
as the result and not the result of the tee command.
For many modern systems with multiple processors (or cores) the compilation time for a package can be reduced by performing a "parallel make" by either setting an environment variable or telling the make program how many processors are available. For instance, a Core2Duo can support two simultaneous processes with:
export MAKEFLAGS='-j2'
or just building with:
make -j2
Generally the number of processes should not exceed the
number of cores supported by the CPU. To list the processors
on your system, issue: grep
processor /proc/cpuinfo
.
In some cases, using multiple processors may result in a 'race' condition where the success of the build depends on the order of the commands run by the make program. For instance, if an executable needs File A and File B, attempting to link the program before one of the dependent components is available will result in a failure. This condition usually arises because the upstream developer has not properly designated all the prerequisites needed to accomplish a step in the Makefile.
If this occurs, the best way to proceed is to drop back to a single processor build. Adding '-j1' to a make command will override the similar setting in the MAKEFLAGS environment variable.
When running the package tests or the install portion of the package build process, we do not recommend using an option greater than '-j1' unless specified otherwise. The installation procedures or checks have not been validated using parallel procedures and may fail with issues that are difficult to debug.
There are times when automating the building of a package can
come in handy. Everyone has their own reasons for wanting to
automate building, and everyone goes about it in their own
way. Creating Makefile
s,
Bash scripts, Perl scripts or simply a list of
commands used to cut and paste are just some of the methods
you can use to automate building BLFS packages. Detailing how
and providing examples of the many ways you can automate the
building of packages is beyond the scope of this section.
This section will expose you to using file redirection and
the yes command
to help provide ideas on how to automate your builds.
You will find times throughout your BLFS journey when you will come across a package that has a command prompting you for information. This information might be configuration details, a directory path, or a response to a license agreement. This can present a challenge to automate the building of that package. Occasionally, you will be prompted for different information in a series of questions. One method to automate this type of scenario requires putting the desired responses in a file and using redirection so that the program uses the data in the file as the answers to the questions.
Building the CUPS package is a good example of how redirecting a file as input to prompts can help you automate the build. If you run the test suite, you are asked to respond to a series of questions regarding the type of test to run and if you have any auxiliary programs the test can use. You can create a file with your responses, one response per line, and use a command similar to the one shown below to automate running the test suite:
make check < ../cups-1.1.23-testsuite_parms
This effectively makes the test suite use the responses in the file as the input to the questions. Occasionally you may end up doing a bit of trial and error determining the exact format of your input file for some things, but once figured out and documented you can use this to automate building the package.
Sometimes you will only need to provide one response, or provide the same response to many prompts. For these instances, the yes command works really well. The yes command can be used to provide a response (the same one) to one or more instances of questions. It can be used to simulate pressing just the Enter key, entering the Y key or entering a string of text. Perhaps the easiest way to show its use is in an example.
First, create a short Bash script by entering the following commands:
cat > blfs-yes-test1 << "EOF"
#!/bin/bash
echo -n -e "\n\nPlease type something (or nothing) and press Enter ---> "
read A_STRING
if test "$A_STRING" = ""; then A_STRING="Just the Enter key was pressed"
else A_STRING="You entered '$A_STRING'"
fi
echo -e "\n\n$A_STRING\n\n"
EOF
chmod 755 blfs-yes-test1
Now run the script by issuing ./blfs-yes-test1 from the command line. It will wait for a response, which can be anything (or nothing) followed by the Enter key. After entering something, the result will be echoed to the screen. Now use the yes command to automate the entering of a response:
yes | ./blfs-yes-test1
Notice that piping yes by itself to the script results in y being passed to the script. Now try it with a string of text:
yes 'This is some text' | ./blfs-yes-test1
The exact string was used as the response to the script. Finally, try it using an empty (null) string:
yes '' | ./blfs-yes-test1
Notice this results in passing just the press of the Enter key to the script. This is useful for times when the default answer to the prompt is sufficient. This syntax is used in the Net-tools instructions to accept all the defaults to the many prompts during the configuration step. You may now remove the test script, if desired.
In order to automate the building of some packages, especially those that require you to read a license agreement one page at a time, requires using a method that avoids having to press a key to display each page. Redirecting the output to a file can be used in these instances to assist with the automation. The previous section on this page touched on creating log files of the build output. The redirection method shown there used the tee command to redirect output to a file while also displaying the output to the screen. Here, the output will only be sent to a file.
Again, the easiest way to demonstrate the technique is to show an example. First, issue the command:
ls -l /usr/bin | more
Of course, you'll be required to view the output one page at
a time because the more filter was used. Now
try the same command, but this time redirect the output to a
file. The special file /dev/null
can be used instead of the
filename shown, but you will have no log file to examine:
ls -l /usr/bin | more > redirect_test.log 2>&1
Notice that this time the command immediately returned to the shell prompt without having to page through the output. You may now remove the log file.
The last example will use the yes command in combination with output redirection to bypass having to page through the output and then provide a y to a prompt. This technique could be used in instances when otherwise you would have to page through the output of a file (such as a license agreement) and then answer the question of “do you accept the above?”. For this example, another short Bash script is required:
cat > blfs-yes-test2 << "EOF"
#!/bin/bash
ls -l /usr/bin | more
echo -n -e "\n\nDid you enjoy reading this? (y,n) "
read A_STRING
if test "$A_STRING" = "y"; then A_STRING="You entered the 'y' key"
else A_STRING="You did NOT enter the 'y' key"
fi
echo -e "\n\n$A_STRING\n\n"
EOF
chmod 755 blfs-yes-test2
This script can be used to simulate a program that requires you to read a license agreement, then respond appropriately to accept the agreement before the program will install anything. First, run the script without any automation techniques by issuing ./blfs-yes-test2.
Now issue the following command which uses two automation techniques, making it suitable for use in an automated build script:
yes | ./blfs-yes-test2 > blfs-yes-test2.log 2>&1
If desired, issue tail blfs-yes-test2.log to see the end of the paged output, and confirmation that y was passed through to the script. Once satisfied that it works as it should, you may remove the script and log file.
Finally, keep in mind that there are many ways to automate and/or script the build commands. There is not a single “correct” way to do it. Your imagination is the only limit.
For each package described, BLFS lists the known dependencies. These are listed under several headings, whose meaning is as follows:
Required means that the target package cannot be correctly built without the dependency having first been installed.
Recommended means that BLFS strongly suggests this package is installed first for a clean and trouble-free build, that won't have issues either during the build process, or at run-time. The instructions in the book assume these packages are installed. Some changes or workarounds may be required if these packages are not installed.
Optional means that this package might be installed for added functionality. Often BLFS will describe the dependency to explain the added functionality that will result.
On occasion you may run into a situation in the book when a package will not build or work properly. Though the Editors attempt to ensure that every package in the book builds and works properly, sometimes a package has been overlooked or was not tested with this particular version of BLFS.
If you discover that a package will not build or work properly, you should see if there is a more current version of the package. Typically this means you go to the maintainer's web site and download the most current tarball and attempt to build the package. If you cannot determine the maintainer's web site by looking at the download URLs, use Google and query the package's name. For example, in the Google search bar type: 'package_name download' (omit the quotes) or something similar. Sometimes typing: 'package_name home page' will result in you finding the maintainer's web site.
In LFS, stripping of debugging symbols was discussed a couple of times. When building BLFS packages, there are generally no special instructions that discuss stripping again. It is probably not a good idea to strip an executable or a library while it is in use, so exiting any windowing environment is a good idea. Then you can do:
find /{,usr/}{bin,lib,sbin} \ -type f \( -name \*.so* -a ! -name \*dbg \) \ -exec strip --strip-unneeded {} \;
If you install programs in other directories such as
/opt
or /usr/local
, you may want to strip the files
there too.
For more information on stripping, see http://www.technovelty.org/linux/stripping-shared-libraries.html.
There are now three different build systems in common use for converting C or C++ source code into compiled programs or libraries and their details (particularly, finding out about available options and their default values) differ. It may be easiest to understand the issues caused by some choices (typically slow execution or unexpected use of, or omission of, optimizatons) by starting with the CFLAGS and CXXFLAGS environment variables. There are also some programs which use rust.
Most LFS and BLFS builders are probably aware of the basics of CFLAGS and CXXFLAGS for altering how a program is compiled. Typically, some form of optimization is used by upstream developers (-O2 or -O3), sometimes with the creation of debug symbols (-g), as defaults.
If there are contradictory flags (e.g. multiple different -O values), the last value will be used. Sometimes this means that flags specified in environment variables will be picked up before values hardcoded in the Makefile, and therefore ignored. For example, where a user specifies '-O2' and that is followed by '-O3' the build will use '-O3'.
There are various other things which can be passed in CFLAGS or CXXFLAGS, such as forcing compilation for a specific microarchitecture (e.g. -march=amdfam10, -march=native) or specifying a specific standard for C or C++ (-std=c++17 for example). But one thing which has now come to light is that programmers might include debug assertions in their code, expecting them to be disabled in releases by using -DNDEBUG. Specifically, if Mesa-20.3.4 is built with these assertions enabled, some activities such as loading levels of games can take extremely long times, even on high-class video cards.
This combination is often described as 'CMMI' (configure, make, make install) and is used here to also cover the few packages which have a configure script that is not generated by autotools.
Sometimes running ./configure --help will produce useful options about switches which might be used. At other times, after looking at the output from configure you may need to look at the details of the script to find out what it was actually searching for.
Many configure scripts will pick up any CFLAGS or CXXFLAGS from the environment, but CMMI packages vary about how these will be mixed with any flags which would otherwise be used (variously: ignored, used to replace the programmer's suggestion, used before the programmer's suggestion, or used after the programmer's suggestion).
In most CMMI packages, running 'make' will list each command and run it, interspersed with any warnings. But some packages try to be 'silent' and only show which file they are compiling or linking instead of showing the command line. If you need to inspect the command, either because of an error, or just to see what options and flags are being used, adding 'V=1' to the make invocation may help.
CMake works in a very different way, and it has two backends which can be used on BLFS: 'make' and 'ninja'. The default backend is make, but ninja can be faster on large packages with multiple processors. To use ninja, specify '-G Ninja' in the cmake command. However, there are some packages which create fatal errors in their ninja files but build successfully using the default of Unix Makefiles.
The hardest part of using CMake is knowing what options you might wish to specify. The only way to get a list of what the package knows about is to run cmake -LAH and look at the output for that default configuration.
Perhaps the most-important thing about CMake is that it has a variety of CMAKE_BUILD_TYPE values, and these affect the flags. The default is that this is not set and no flags are generated. Any CFLAGS or CXXFLAGS in the environment will be used. If the programmer has coded any debug assertions, those will be enabled unless -DNDEBUG is used. The following CMAKE_BUILD_TYPE values will generate the flags shown, and these will come after any flags in the environment and therefore take precedence.
Debug : '-g'
Release : '-O3 -DNDEBUG'
RelWithDebInfo : '-O2 -g -DNDEBUG'
MinSizeRel : '-Os -DNDEBUG'
CMake tries to produce quiet builds. To see the details of the commands which are being run, use 'make VERBOSE=1' or 'ninja -v'.
Meson has some similarities to CMake, but many differences.
To get details of the defines that you may wish to change you
can look at meson_options.txt
which is usually in the top-level directory.
If you have already configured the package by running meson and now wish to change one or more settings, you can either remove the build directory, recreate it, and use the altered options, or within the build directory run meson configure, e.g. to set an option:
meson configure -D<some_option>=true
If you do that, the file meson-private/cmd_line.txt
will show the
last commands which
were used.
Meson provides the following buildtype values, and the flags they enable come after any flags supplied in the environment and therefore take precedence.
plain : no added flags. This is for distributors to supply their own CLFAGS, CXXFLAGS and LDFLAGS. There is no obvious reason to use this in BLFS.
debug : '-g'
debugoptimized : '-O2 -g' - this is the default if nothing is specified, it leaves assertions enabled.
release : '-O3 -DNDEBUG' (but occasionally a package will force -O2 here)
Although the 'release' buildtype is described as enabling -DNDEBUG, and all CMake Release builds pass that, it has so far only been observed (in verbose builds) for Mesa-20.3.4. That suggests that it might only be used when there are debug assertions present.
The -DNDEBUG flag can also be provided by passing -Db_ndebug=true.
To see the details of the commands which are being run in a package using meson, use 'ninja -v'.
Most released rustc programs are provided as crates (source
tarballs) which will query a server to check current versions
of dependencies and then download them as necessary. These
packages are built using cargo
--release. In theory, you can manipulate the
RUSTFLAGS to change the optimize-level (default is 3, like
-O3, e.g. -Copt-level=3
) or to
force it to build for the machine it is being compiled on,
using -Ctarget-cpu=native
but in
practice this seems to make no significant difference.
If you find an interesting rustc program which is only
provided as unpackaged source, you should at least specify
RUSTFLAGS=-Copt-level=2
otherwise it will do an unoptimized compile with debug info
and run much slower.
The rust developers seem to assume that everyone will compile
on a machine dedicated to producing builds, so by default all
CPUs are used. This can often be worked around, either by
exporting CARGO_BUILD_JOBS=<N> or passing --jobs
<N> to cargo. For compiling rustc itself, specifying
--jobs <N> on invocations of x.py (together with the
CARGO_BUILD_JOBS
environment
variable, which looks like a "belt and braces" approach but
seems to be necessary) mostly works. The exception is running
the tests when building rustc, some of them will nevertheless
use all online CPUs, at least as of rustc-1.42.0.
Many people will prefer to optimize compiles as they see fit, by providing CFLAGS or CXXFLAGS. For an introduction to the options available with gcc and g++ see https://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html and https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html and info gcc.
Some packages default to '-O2 -g', others to '-O3 -g', and if CFLAGS or CXXFLAGS are supplied they might be added to the package's defaults, replace the package's defaults, or even be ignored. There are details on some desktop packages which were mostly current in April 2019 at http://www.linuxfromscratch.org/~ken/tuning/ - in particular, README.txt, tuning-1-packages-and-notes.txt, and tuning-notes-2B.txt. The particular thing to remember is that if you want to try some of the more interesting flags you may need to force verbose builds to confirm what is being used.
Clearly, if you are optimizing your own program you can spend time to profile it and perhaps recode some of it if it is too slow. But for building a whole system that approach is impractical. In general, -O3 usually produces faster programs than -O2. Specifying -march=native is also beneficial, but means that you cannot move the binaries to an incompatible machine - this can also apply to newer machines, not just to older machines. For example programs compiled for 'amdfam10' run on old Phenoms, Kaveris, and Ryzens : but programs compiled for a Kaveri will not run on a Ryzen because certain op-codes are not present. Similarly, if you build for a Haswell not everything will run on a SandyBridge.
There are also various other options which some people claim are beneficial. At worst, you get to recompile and test, and then discover that in your usage the options do not provide a benefit.
If building Perl or Python modules, or Qt packages which use qmake, in general the CFLAGS and CXXFLAGS used are those which were used by those 'parent' packages.
Even on desktop systems, there are still a lot of exploitable vulnerabilities. For many of these, the attack comes via javascript in a browser. Often, a series of vulnerabilities are used to gain access to data (or sometimes to pwn, i.e. own, the machine and install rootkits). Most commercial distros will apply various hardening measures.
For hardening options which are reasonably cheap, there is some discussion in the 'tuning' link above (occasionally, one or more of these options might be inappropriate for a package). These options are -D_FORTIFY_SOURCE=2, -fstack-protector=strong, and (for C++) -D_GLIBCXX_ASSERTIONS. On modern machines these should only have a little impact on how fast things run, and often they will not be noticeable.
In the past, there was Hardened LFS where gcc (a much older version) was forced to use hardening (with options to turn some of it off on a per-package basis. What is being covered here is different - first you have to make sure that the package is indeed using your added flags and not over-riding them.
The main distros use much more, such as RELRO (Relocation Read Only) and perhaps -fstack-clash-protection. You may also encounter the so-called 'userspace retpoline' (-mindirect-branch=thunk etc.) which is the equivalent of the spectre mitigations applied to the linux kernel in late 2018). The kernel mitigations caused a lot of complaints about lost performance, if you have a production server you might wish to consider testing that, along with the other available options, to see if performance is still sufficient.
Whilst gcc has many hardening options, clang/LLVM's strengths lie elsewhere. Some options which gcc provides are said to be less effective in clang/LLVM.
Last updated on 2020-10-26 14:44:17 -0700
Should I install XXX in /usr
or /usr/local
?
This is a question without an obvious answer for an LFS based system.
In traditional Unix systems, /usr
usually contains files that come with the system distribution,
and the /usr/local
tree is free
for the local administrator to manage. The only really hard and
fast rule is that Unix distributions should not touch
/usr/local
, except perhaps to
create the basic directories within it.
With Linux distributions like Red Hat, Debian, etc., a possible
rule is that /usr
is managed by
the distribution's package system and /usr/local
is not. This way the package
manager's database knows about every file within /usr
.
LFS users build their own system and so deciding where the
system ends and local files begin is not straightforward. So
the choice should be made in order to make things easier to
administer. There are several reasons for dividing files
between /usr
and /usr/local
.
On a network of several machines all running LFS, or
mixed LFS and other Linux distributions, /usr/local
could be used to hold
packages that are common between all the computers in the
network. It can be NFS mounted or mirrored from a single
server. Here local indicates local to the site.
On a network of several computers all running an
identical LFS system, /usr/local
could hold packages that are
different between the machines. In this case local refers
to the individual computers.
Even on a single computer, /usr/local
can be useful if you have
several distributions installed simultaneously, and want
a place to put packages that will be the same on all of
them.
Or you might regularly rebuild your LFS, but want a place to put files that you don't want to rebuild each time. This way you can wipe the LFS file system and start from a clean partition every time without losing everything.
Some people ask why not use your own directory tree, e.g.,
/usr/site
, rather than
/usr/local
?
There is nothing stopping you, many sites do make their own
trees, however it makes installing new software more difficult.
Automatic installers often look for dependencies in
/usr
and /usr/local
, and if the file it is looking for
is in /usr/site
instead, the
installer will probably fail unless you specifically tell it
where to look.
What is the BLFS position on this?
All of the BLFS instructions install programs in /usr
with optional instructions to install
into /opt
for some specific
packages.
Last updated on 2007-04-04 12:42:53 -0700
As you follow the various sections in the book, you will observe that the book occasionally includes patches that are required for a successful and secure installation of the packages. The general policy of the book is to include patches that fall in one of the following criteria:
Fixes a compilation problem.
Fixes a security problem.
Fixes a broken functionality.
In short, the book only includes patches that are either required or recommended. There is a Patches subproject which hosts various patches (including the patches referenced in the books) to enable you to configure your LFS the way you like it.
Last updated on 2007-04-04 12:42:53 -0700
The BLFS Systemd Units package contains the systemd unit files that are used throughout the book.
Package Information
The BLFS Systemd Units package will be used throughout the BLFS
book for systemd unit files. Each systemd unit has a separate
install target. It is recommended that you keep the package
source directory around until completion of your BLFS system.
When a systemd unit is requested from BLFS Systemd Units,
simply change to the directory, and as the root
user, execute the given make install-<systemd-unit>
command. This command installs the systemd unit to its proper
location (along with any auxiliary configuration scripts) and
also enables it by default.
It is advisable to peruse each systemd unit before installation to determine whether the installed files meet your needs.
Last updated on 2019-10-24 09:28:40 -0700
In LFS we installed a package, libtool, that is used by many packages to build on a variety of Unix platforms. This includes platforms such as AIX, Solaris, IRIX, HP-UX, and Cygwin as well as Linux. The origins of this tool are quite dated. It was intended to manage libraries on systems with less advanced capabilities than a modern Linux system.
On a Linux system, libtool specific files are generally unneeded. Normally libraries are specified in the build process during the link phase. Since a linux system uses the Executable and Linkable Format (ELF) for executables and libraries, information needed to complete the task is embedded in the files. At run time the program loader can query the appropriate files and properly load and execute the program.
The problem is that libtool usually creates one or more text files for package libraries called libtool archives. These small files have a ".la" extention and contain information that is similar to that embedded in the libraries. When building a package that uses libtool, the process automatically looks for these files. If a package is updated and no longer uses the .la file, then the build process can break.
The solution is to remove the .la files. However there is a catch. Some packages, such as ImageMagick-7.0.11-0, use a libtool function, lt_dlopen, to load libraries as needed during execution and resolve their dependencies at run time. In this case, the .la files should remain.
The script below, removes all unneeded .la files and saves them in a directory, /var/local/la-files by default, not in the normal library path. It also searches all pkg-config files (.pc) for embedded references to .la files and fixes them to be conventional library references needed when an application or library is built. It can be run as needed to clean up the directories that may be causing problems.
cat > /usr/sbin/remove-la-files.sh << "EOF"
#!/bin/bash
# /usr/sbin/remove-la-files.sh
# Written for Beyond Linux From Scratch
# by Bruce Dubbs <[email protected]>
# Make sure we are running with root privs
if test "${EUID}" -ne 0; then
echo "Error: $(basename ${0}) must be run as the root user! Exiting..."
exit 1
fi
# Make sure PKG_CONFIG_PATH is set if discarded by sudo
source /etc/profile
OLD_LA_DIR=/var/local/la-files
mkdir -p $OLD_LA_DIR
# Only search directories in /opt, but not symlinks to directories
OPTDIRS=$(find /opt -mindepth 1 -maxdepth 1 -type d)
# Move any found .la files to a directory out of the way
find /usr/lib $OPTDIRS -name "*.la" ! -path "/usr/lib/ImageMagick*" \
-exec mv -fv {} $OLD_LA_DIR \;
###############
# Fix any .pc files that may have .la references
STD_PC_PATH='/usr/lib/pkgconfig
/usr/share/pkgconfig
/usr/local/lib/pkgconfig
/usr/local/share/pkgconfig'
# For each directory that can have .pc files
for d in $(echo $PKG_CONFIG_PATH | tr : ' ') $STD_PC_PATH; do
# For each pc file
for pc in $d/*.pc ; do
if [ $pc == "$d/*.pc" ]; then continue; fi
# Check each word in a line with a .la reference
for word in $(grep '\.la' $pc); do
if $(echo $word | grep -q '.la$' ); then
mkdir -p $d/la-backup
cp -fv $pc $d/la-backup
basename=$(basename $word )
libref=$(echo $basename|sed -e 's/^lib/-l/' -e 's/\.la$//')
# Fix the .pc file
sed -i "s:$word:$libref:" $pc
fi
done
done
done
EOF
chmod +x /usr/sbin/remove-la-files.sh
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/la-files
Last updated on 2017-12-23 07:56:03 -0800
The original libraries were simply an archive of routines from which the required routines were extracted and linked into the executable program. These are described as static libraries (libfoo.a). On some old operating systems they are the only type available.
On almost all Linux platforms there are also shared libraries (libfoo.so) - one copy of the library is loaded into virtual memory, and shared by all the programs which call any of its functions. This is space efficient.
In the past, essential programs such as a shell were often
linked statically so that some form of minimal recovery
system would exist even if shared libraries, such as libc.so,
became damaged (e.g. moved to lost+found
after fsck following an unclean
shutdown). Nowadays, most people use an alternative system
install or a Live CD if they have to recover. Journaling
filesystems also reduce the likelihood of this sort of
problem.
Developers, at least while they are developing, often prefer to use static versions of the libraries which their code links to.
Within the book, there are various places where configure switches such as --disable-static are employed, and other places where the possibility of using system versions of libraries instead of the versions included within another package is discussed. The main reason for this is to simplify updates of libraries.
If a package is linked to a dynamic library, updating to a newer library version is automatic once the newer library is installed and the program is (re)started (provided the library major version is unchanged, e.g. going from libfoo.so.2.0 to libfoo.so.2.1. Going to libfoo.so.3 will require recompilation - ldd can be used to find which programs use the old version). If a program is linked to a static library, the program always has to be recompiled. If you know which programs are linked to a particular static library, this is merely an annoyance. But usually you will not know which programs to recompile.
Most libraries are shared, but if you do something unusual,
such as moving a shared library to /lib
accidentally breaking the .so
symlink in /usr/lib
while keeping the static library
in /lib
, the static library
will be silently linked into the programs which need it.
One way to identify when a static library is used, is to deal
with it at the end of the installation of every package.
Write a script to find all the static libraries in
/usr/lib
or wherever you are
installing to, and either move them to another directory so
that they are no longer found by the linker, or rename them
so that libfoo.a becomes e.g. libfoo.a.hidden. The static
library can then be temporarily restored if it is ever
needed, and the package needing it can be identified. You may
choose to exclude some of the static libraries from glibc if
you do this (libc_nonshared.a, libg.a,
libieee.a, libm.a, libpthread_nonshared.a, librpcsvc.a,
libsupc++.a
) to simplify compilation.
If you use this approach, you may discover that more packages than you were expecting use a static library. That was the case with nettle-2.4 in its default static-only configuration: It was required by GnuTLS-3.0.19, but also linked into package(s) which used GnuTLS, such as glib-networking-2.32.3.
Many packages put some of their common functions into a static library which is only used by the programs within the package and, crucially, the library is not installed as a standalone library. These internal libraries are not a problem - if the package has to be rebuilt to fix a bug or vulnerability, nothing else is linked to them.
When BLFS mentions system libraries, it means shared versions of libraries. Some packages such as Firefox-78.8.0 and ghostscript-9.53.3 include many other libraries. When they link to them, they link statically so this also makes the programs bigger. The version they ship is often older than the version used in the system, so it may contain bugs - sometimes developers go to the trouble of fixing bugs in their included libraries, other times they do not.
Sometimes, deciding to use system libraries is an easy decision. Other times it may require you to alter the system version (e.g. for libpng-1.6.37 if used for Firefox-78.8.0). Occasionally, a package ships an old library and can no longer link to the current version, but can link to an older version. In this case, BLFS will usually just use the shipped version. Sometimes the included library is no longer developed separately, or its upstream is now the same as the package's upstream and you have no other packages which will use it. In those cases, you might decide to use the included static library even if you usually prefer to use system libraries.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libraries
Last updated on 2015-09-20 15:38:20 -0700
This page contains information about locale related problems and issues. In the following paragraphs you'll find a generic overview of things that can come up when configuring your system for various locales. Many (but not all) existing locale related problems can be classified and fall under one of the headings below. The severity ratings below use the following criteria:
Critical: The program doesn't perform its main function. The fix would be very intrusive, it's better to search for a replacement.
High: Part of the functionality that the program provides is not usable. If that functionality is required, it's better to search for a replacement.
Low: The program works in all typical use cases, but lacks some functionality normally provided by its equivalents.
If there is a known workaround for a specific package, it will appear on that package's page. For the most recent information about locale related issues for individual packages, check the User Notes in the BLFS Wiki.
Severity: Critical
Some programs require the user to specify the character
encoding for their input or output data and present only a
limited choice of encodings. This is the case for the
-X
option in Enscript-1.6.6,
the -input-charset
option in
unpatched Cdrtools-3.02a09, and the character
sets offered for display in the menu of Links-2.21. If the required
encoding is not in the list, the program usually becomes
completely unusable. For non-interactive programs, it may be
possible to work around this by converting the document to a
supported input character set before submitting to the
program.
A solution to this type of problem is to implement the necessary support for the missing encoding as a patch to the original program or to find a replacement.
Severity: High for non-text documents, low for text documents
Some programs, nano-5.6 or JOE-4.6 for example, assume that documents are always in the encoding implied by the current locale. While this assumption may be valid for the user-created documents, it is not safe for external ones. When this assumption fails, non-ASCII characters are displayed incorrectly, and the document may become unreadable.
If the external document is entirely text based, it can be converted to the current locale encoding using the iconv program.
For documents that are not text-based, this is not possible. In fact, the assumption made in the program may be completely invalid for documents where the Microsoft Windows operating system has set de facto standards. An example of this problem is ID3v1 tags in MP3 files (see the BLFS Wiki ID3v1Coding page for more details). For these cases, the only solution is to find a replacement program that doesn't have the issue (e.g., one that will allow you to specify the assumed document encoding).
Among BLFS packages, this problem applies to nano-5.6, JOE-4.6, and all media players except Audacious-4.1.
Another problem in this category is when someone cannot read the documents you've sent them because their operating system is set up to handle character encodings differently. This can happen often when the other person is using Microsoft Windows, which only provides one character encoding for a given country. For example, this causes problems with UTF-8 encoded TeX documents created in Linux. On Windows, most applications will assume that these documents have been created using the default Windows 8-bit encoding.
In extreme cases, Windows encoding compatibility issues may be solved only by running Windows programs under Wine.
Severity: Critical
The POSIX standard mandates that the filename encoding is the
encoding implied by the current LC_CTYPE locale category.
This information is well-hidden on the page which specifies
the behavior of Tar and
Cpio programs. Some programs
get it wrong by default (or simply don't have enough
information to get it right). The result is that they create
filenames which are not subsequently shown correctly by
ls, or they
refuse to accept filenames that ls shows properly. For the
GLib-2.66.7 library, the problem can be
corrected by setting the G_FILENAME_ENCODING
environment variable to
the special "@locale" value. Glib2 based programs that don't respect
that environment variable are buggy.
The Zip-3.0 and UnZip-6.0 have this problem because they hard-code the expected filename encoding. UnZip contains a hard-coded conversion table between the CP850 (DOS) and ISO-8859-1 (UNIX) encodings and uses this table when extracting archives created under DOS or Microsoft Windows. However, this assumption only works for those in the US and not for anyone using a UTF-8 locale. Non-ASCII characters will be mangled in the extracted filenames.
The general rule for avoiding this class of problems is to avoid installing broken programs. If this is impossible, the convmv command-line tool can be used to fix filenames created by these broken programs, or intentionally mangle the existing filenames to meet the broken expectations of such programs.
In other cases, a similar problem is caused by importing filenames from a system using a different locale with a tool that is not locale-aware (e.g., OpenSSH-8.4p1). In order to avoid mangling non-ASCII characters when transferring files to a system with a different locale, any of the following methods can be used:
Transfer anyway, fix the damage with convmv.
On the sending side, create a tar archive with the
--format=posix
switch passed to tar (this will be the
default in a future version of tar).
Mail the files as attachments. Mail clients specify the encoding of attached filenames.
Write the files to a removable disk formatted with a FAT or FAT32 filesystem.
Transfer the files using Samba.
Transfer the files via FTP using RFC2640-aware server (this currently means only wu-ftpd, which has bad security history) and client (e.g., lftp).
The last four methods work because the filenames are automatically converted from the sender's locale to UNICODE and stored or sent in this form. They are then transparently converted from UNICODE to the recipient's locale encoding.
Severity: High or critical
Many programs were written in an older era where multibyte locales were not common. Such programs assume that C "char" data type, which is one byte, can be used to store single characters. Further, they assume that any sequence of characters is a valid string and that every character occupies a single character cell. Such assumptions completely break in UTF-8 locales. The visible manifestation is that the program truncates strings prematurely (i.e., at 80 bytes instead of 80 characters). Terminal-based programs don't place the cursor correctly on the screen, don't react to the "Backspace" key by erasing one character, and leave junk characters around when updating the screen, usually turning the screen into a complete mess.
Fixing this kind of problems is a tedious task from a programmer's point of view, like all other cases of retrofitting new concepts into the old flawed design. In this case, one has to redesign all data structures in order to accommodate to the fact that a complete character may span a variable number of "char"s (or switch to wchar_t and convert as needed). Also, for every call to the "strlen" and similar functions, find out whether a number of bytes, a number of characters, or the width of the string was really meant. Sometimes it is faster to write a program with the same functionality from scratch.
Among BLFS packages, this problem applies to xine-ui-0.99.12 and all the shells.
Severity: Low
LFS expects that manual pages are in the language-specific (usually 8-bit) encoding, as specified on the LFS Man DB page. However, some packages install translated manual pages in UTF-8 encoding (e.g., Shadow, already dealt with), or manual pages in languages not in the table. Not all BLFS packages have been audited for conformance with the requirements put in LFS (the large majority have been checked, and fixes placed in the book for packages known to install non-conforming manual pages). If you find a manual page installed by any of BLFS packages that is obviously in the wrong encoding, please remove or convert it as needed, and report this to BLFS team as a bug.
You can easily check your system for any non-conforming manual pages by copying the following short shell script to some accessible location,
#!/bin/sh
# Begin checkman.sh
# Usage: find /usr/share/man -type f | xargs checkman.sh
for a in "$@"
do
# echo "Checking $a..."
# Pure-ASCII manual page (possibly except comments) is OK
grep -v '.\\"' "$a" | iconv -f US-ASCII -t US-ASCII >/dev/null 2>&1 \
&& continue
# Non-UTF-8 manual page is OK
iconv -f UTF-8 -t UTF-8 "$a" >/dev/null 2>&1 || continue
# Found a UTF-8 manual page, bad.
echo "UTF-8 manual page: $a" >&2
done
# End checkman.sh
and then issuing the following command (modify the command
below if the checkman.sh script is not
in your PATH
environment
variable):
find /usr/share/man -type f | xargs checkman.sh
Note that if you have manual pages installed in any location
other than /usr/share/man
(e.g., /usr/local/share/man
),
you must modify the above command to include this additional
location.
Last updated on 2020-08-21 05:19:40 -0700
The packages that are installed in this book are only the tip of the iceberg. We hope that the experience you gained with the LFS book and the BLFS book will give you the background needed to compile, install and configure packages that are not included in this book.
When you want to install a package to a location other than
/
, or /usr
, you are installing outside the default
environment settings on most machines. The following examples
should assist you in determining how to correct this situation.
The examples cover the complete range of settings that may need
updating, but they are not all needed in every situation.
Expand the PATH
to include
$PREFIX/bin
.
Expand the PATH
for
root
to include
$PREFIX/sbin
.
Add $PREFIX/lib
to
/etc/ld.so.conf
or expand
LD_LIBRARY_PATH
to include it.
Before using the latter option, check out http://xahlee.org/UnixResource_dir/_/ldpath.html.
If you modify /etc/ld.so.conf
, remember to update
/etc/ld.so.cache
by
executing ldconfig as the
root
user.
Add $PREFIX/man
to
/etc/man_db.conf
or expand
MANPATH
.
Add $PREFIX/info
to
INFOPATH
.
Add $PREFIX/lib/pkgconfig
to PKG_CONFIG_PATH
. Some
packages are now installing .pc
files in $PREFIX/share/pkgconfig
, so you may
have to include this directory also.
Add $PREFIX/include
to
CPPFLAGS
when compiling
packages that depend on the package you installed.
Add $PREFIX/lib
to
LDFLAGS
when compiling
packages that depend on a library installed by the
package.
If you are in search of a package that is not in the book, the following are different ways you can search for the desired package.
If you know the name of the package, then search Freecode
for it at http://freecode.com/. Also
search Google at http://google.com/. Sometimes a
search for the rpm
at
http://rpmfind.net/ or the
deb
at http://www.debian.org/distrib/packages#search_packages
can also lead to a link to the package.
If you know the name of the executable, but not the package that the executable belongs to, first try a Google search with the name of the executable. If the results are overwhelming, try searching for the given executable in the Debian repository at http://www.debian.org/distrib/packages#search_contents.
Some general hints on handling new packages:
Many of the newer packages follow the ./configure && make && make install process. Help on the options accepted by configure can be obtained via the command ./configure --help.
Most of the packages contain documentation on compiling and installing the package. Some of the documents are excellent, some not so excellent. Check out the homepage of the package for any additional and updated hints for compiling and configuring the package.
If you are having a problem compiling the package, try searching the LFS archives at http://www.linuxfromscratch.org/search.html for the error or if that fails, try searching Google. Often, a distribution will have already solved the problem (many of them use development versions of packages, so they see the changes sooner than those of us who normally use stable released versions). But be cautious - all builders tend to carry patches which are no longer necessary, and to have fixes which are only required because of their particular choices in how they build a package. You may have to search deeply to find a fix for the package version you are trying to use, or even to find the package (names are sometimes not what you might expect, e.g. ghostscript often has a prefix or a suffix in its name), but the following notes might help, particularly for those who, like the editors, are trying to build the latest versions and encountering problems:
Arch http://www.archlinux.org/packages/
- enter the package name in the 'Keywords' box,
select the package name, select the 'Source Files'
field, and then select the PKGBUILD
entry to see how they
build this package.
Debian http://ftp.uk.debian.org/debian/pool
(use your country's version if there is one) - the
source will be in .tar.gz tarballs (either the
original upstream .orig
source, or else a
dfsg
containing those
parts which comply with debian's free software
guidelines) accompanied by versioned .diff.gz or
.tar.gz additions. These additions often show how
the package is built, and may contain patches. In
the .diff.gz versions, any patches create files in
debian/patches
.
Fedora package source gets reorganized from time to time. At the moment the package source for rpms is at https://src.fedoraproject.org/projects/rpms/%2A and from there you can try putting a package name in the search box. If the package is found you can look at the files (specfile to control the build, various patches) or the commits. If that fails, you can download an srpm (source rpm) and using rpm2cpio (see the Tip at the bottom of the page). For rpms go to https://dl.fedoraproject.org/pub/fedora/linux/ and then choose which repo you wish to look at - development/rawhide is the latest development, or choose releases for what was shipped in a release, updates for updates to a release, or updates/testing for the latest updates which might work or might have problems.
Gentoo - the mirrors for ebuilds and patches seem
to be well-hidden, and they change frequently.
Also, if you have found a mirror, you need to know
which directory the application has been assigned
to. The ebuilds themselves can be found at
http://packages.gentoo.org/
- use the search field. If there are any patches, a
mirror will have them in the files/
directory. Depending on
your browser, or the mirror, you might need to
download the ebuild to be able to read it. Treat
the ebuild as a sort of pseudo-code / shell
combination - look in particular for sed commands and
patches, or hazard a guess at the meanings of the
functions such as dodoc.
openSUSE provide a rolling release, some package versions are in http://download.opensuse.org/source/tumbleweed/repo/oss/src/ but others are in ../update/openSUSE-current/src - the source only seems to be available in source rpms.
Slackware - the official package browser is
currently broken. The site at http://slackbuilds.org/
has current and previous versions in their
unofficial repository with links to homepages,
downloads, and some individual files, particularly
the .SlackBuild
files.
Ubuntu ftp://ftp.ubuntu.com/ubuntu/pool/ - see the debian notes above.
If everything else fails, try the blfs-support mailing-list.
If you have found a package that is only available in
.deb
or .rpm
format, there are two small scripts,
rpm2targz and
deb2targz that
are available at http://downloads.linuxfromscratch.org/deb2targz.tar.bz2
and http://downloads.linuxfromscratch.org/rpm2targz.tar.bz2
to convert the archives into a simple tar.gz
format.
You may also find an rpm2cpio script useful. The Perl version in the linux kernel archives at http://lkml.indiana.edu/hypermail/linux/kernel/0210.2/att-0093/01-rpm2cpio works for most source rpms. The rpm2targz script will use an rpm2cpio script or binary if one is on your path. Note that rpm2cpio will unpack a source rpm in the current directory, giving a tarball, a spec file, and perhaps patches or other files.
Last updated on 2020-11-10 20:11:14 -0800
The intention of LFS is to provide a basic system which you can build upon. There are several things about tidying up the system which many people wonder about once they have done the base install. We hope to cover these issues in this chapter.
Most people coming from non-Unix like backgrounds to Linux find
the concept of text-only configuration files slightly strange. In
Linux, just about all configuration is done via the manipulation
of text files. The majority of these files can be found in the
/etc
hierarchy. There are often
graphical configuration programs available for different
subsystems but most are simply pretty front ends to the process
of editing a text file. The advantage of text-only configuration
is that you can edit parameters using your favorite text editor,
whether that be vim, emacs, or any other editor.
The first task is making a recovery boot device in Creating a Custom Boot Device because it's the most critical need. Hardware issues relevant to firmware and other devices is addressed next. The system is then configured to ease addition of new users, because this can affect the choices you make in the two subsequent topics—The Bash Shell Startup Files and The vimrc Files.
There is one remaining topic: Customizing your Logon with /etc/issue. It doesn't have much interaction with the other topics in this chapter.
This section is really about creating a rescue device. As the name rescue implies, the host system has a problem, often lost partition information or corrupted file systems, that prevents it from booting and/or operating normally. For this reason, you must not depend on resources from the host being "rescued". To presume that any given partition or hard drive will be available is a risky presumption.
In a modern system, there are many devices that can be used as a rescue device: floppy, cdrom, usb drive, or even a network card. Which one you use depends on your hardware and your BIOS. In the past, a rescue device was thought to be a floppy disk. Today, many systems do not even have a floppy drive.
Building a complete rescue device is a challenging task. In many ways, it is equivalent to building an entire LFS system. In addition, it would be a repetition of information already available. For these reasons, the procedures for a rescue device image are not presented here.
The software of today's systems has grown large. Linux 2.6 no longer supports booting directly from a floppy. In spite of this, there are solutions available using older versions of Linux. One of the best is Tom's Root/Boot Disk available at http://www.toms.net/rb/. This will provide a minimal Linux system on a single floppy disk and provides the ability to customize the contents of your disk if necessary.
There are several sources that can be used for a rescue CD-ROM. Just about any commercial distribution's installation CD-ROMs or DVDs will work. These include RedHat, Ubuntu, and SuSE. One very popular option is Knoppix.
Also, the LFS Community has developed its own LiveCD available at http://www.linuxfromscratch.org/livecd/. This LiveCD, is no longer capable of building an entire LFS/BLFS system, but is still a good rescue CD-ROM. If you download the ISO image, use xorriso to copy the image to a CD-ROM.
The instructions for using GRUB2 to make a custom rescue CD-ROM are also available in LFS Chapter 10.
A USB Pen drive, sometimes called a Thumb drive, is recognized by Linux as a SCSI device. Using one of these devices as a rescue device has the advantage that it is usually large enough to hold more than a minimal boot image. You can save critical data to the drive as well as use it to diagnose and recover a damaged system. Booting such a drive requires BIOS support, but building the system consists of formatting the drive, adding GRUB as well as the Linux kernel and supporting files.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/CreatingaCustomBootDevice
Last updated on 2020-08-21 05:19:40 -0700
An LFS system can be used without a graphical desktop, and unless or until you install X Window System you will have to work in the console. Most, if not all, PCs boot with an 8x16 font - whatever the actual screen size. There are a few things you can do to alter the display on the console. Most of them involve changing the font, but the first alters the commandline used by grub.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/aboutconsolefonts
Modern screens often have a lot more pixels then the screens used in the past. If your screen is 1600 pixels wide, an 8x16 font will give you 200 columns of text - unless your monitor is enormous, the text will be tiny. One of the ways to work around this is to tell grub to use a smaller size, such as 1024x768 or 800x600 or even 640x480. Even if your screen does not have a 4:3 aspect ratio, this should work.
To try this, you can reboot and edit grub's command-line to
insert a 'video=' parameter between the 'root=/dev/sdXn' and
'ro', for example root=/dev/sda2
video=1024x768 ro
based on the example in LFS section
10.4.4 : ../../../../lfs/view/10.1-systemd/chapter10/grub.html.
If you decide that you wish to do this, you can then (as the
root
user) edit /boot/grub/grub.cfg
.
In LFS the kbd package is
used. The fonts it provides are PC Screen Fonts, usually
called PSF, and they were installed into /usr/share/consolefonts
. Where these
include a unicode mapping table, the file suffix is often
changed to .psfu
although
packages such as terminus-font (see below) do not add the
'u'. These fonts are usually compressed with gzip to save
space, but that is not essential.
The initial PC text screens had 8 colours, or 16 colours if the bright versions of the original 8 colours were used. A PSF font can include up to 256 characters (technically, glyphs) while allowing 16 colours, or up to 512 characters (in which case, the bright colours will not be available). Clearly, these console fonts cannot be used to display CJK text - that would need thousands of available glyphs.
Some fonts in kbd can cover more than 512 codepoints ('characters'), with varying degrees of fidelity: unicode contains several whitespace codepoints which can all be mapped to a space, varieties of dashes can be mapped to a minus sign, smart quotes can map to the regular ASCII quotes rather than to whatever is used for "codepoint not present or invalid", and those cyrillic or greek letters which look like latin letters can be mapped onto them, so 'A' can also do duty for cyrillic A and greek Alpha, and 'P' can also do duty for cyrillic ER and greek RHO. Unfortunately, where a font has been created from a BDF file (the method in terminus and debian's console-setup ) such mapping of additional codepoints onto an existing glyph is not always done, although the terminus ter-vXXn fonts do this well.
There are over 120 combinations of font and size in
kbd: often a font is
provided at several character sizes, and sometimes varieties
cover different subsets of unicode. Most are 8 pixels wide,
in heights from 8 to 16 pixels, but there are a few which are
9 pixels wide, some others which are 12x22, and even one
(latarcyrheb-sun32.psfu
) which
has been scaled up to 16x32. Using a bigger font is another
way of making text on a large screen easier to read.
You can test fonts as a normal user. If you have a font which has not been installed, you can load it with :
setfont /path/to/yourfont.ext
For the fonts already installed you only need the name, so
using gr737a-9x16.psfu.gz
as an
example:
setfont gr737a-9x16
To see the glyphs in the font, use:
showconsolefont
If the font looks as if it might be useful, you can then go on to test it more thoroughly.
When you find a font which you wish to use, as the
root
user) edit /etc/vconsole.conf
as
described in LFS section 9.6 ../../../../lfs/view/10.1-systemd/chapter09/console.html..
For fonts not supplied with the kbd package you will need to optionally
compress it / them with gzip and then install it /
them as the root
user.
Although some console fonts are created from BDF files, which is a text format with hex values for the pixels in each row of the character, there are more-modern tools available for editing psf fonts. The psftools package allows you to dump a font to a text representation with a dash for a pixel which is off (black) and a hash for a pixel which is on (white). You can then edit the text file to add more characters, or reshape them, or map extra codepoints onto them, and then create a new psf font with your changes.
The Terminus Font
package provides fixed-width bitmap fonts designed for long
(8 hours and more per day) work with computers. Under
'Character variants' on that page is a list of patches (in
the alt/
directory). If you are
using a graphical browser to look at that page, you can see
what the patches do, e.g. 'll2' makes 'l' more visibly
different from 'i' and '1'.
By default terminus-fonts will try to create several types of font, and it will fail if bdftopcf from Xorg Applications has not been installed. The configure script is only really useful if you go on to install all the fonts (console and X11 bitmap) to the correct directories, as in a distro. To build only the PSF fonts and their dependencies, run:
make psf
This will create more than 240 ter-*.psf fonts. The 'b' suffix indicates bright, 'n' indicates normal. You can then test them to see if any fit your requirements. Unless you are creating a distro, there seems little point in installing them all.
As an example, to install the last of these fonts, you can
gzip it and then as the root
user:
install -v -m644 ter-v32n.psf.gz /usr/share/consolefonts
Last updated on 2020-08-21 05:19:40 -0700
On some recent PCs it can be necessary, or desirable, to load
firmware to make them work at their best. There is a directory,
/lib/firmware
, where the kernel
or kernel drivers look for firmware images.
Currently, most firmware can be found at a git
repository:
http://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/tree/.
For convenience, the LFS Project has created a mirror, updated
daily, where these firmware files can be accessed via
wget
or a web
browser at http://anduin.linuxfromscratch.org/BLFS/linux-firmware/.
To get the firmware, either point a browser to one of the above repositories and then download the item(s) which you need, or install git-2.30.1 and clone that repository.
For some other firmware, particularly for Intel microcode and certain wifi devices, the needed firmware is not available in the above repository. Some of this will be addressed below, but a search of the Internet for needed firmware is sometimes necessary.
Firmware files are conventionally referred to as blobs because you cannot determine what they will do. Note that firmware is distributed under various different licenses which do not permit disassembly or reverse-engineering.
Firmware for PCs falls into four categories:
Updates to the CPU to work around errata, usually referred to as microcode.
Firmware for video controllers. On x86 machines this is required for ATI devices (Radeon and AMDGPU chips) and may be useful for Intel (Skylake and later) and Nvidia (Kepler and later) GPUs.
ATI Radeon and AMGPU devices all require firmware to be able to use KMS (kernel modesetting - the preferred option) as well as for Xorg. For old radeon chips (before the R600), the firmware is still in the kernel source.
Intel integrated GPUs from Skylake onwards can use firmware for GuC (the Graphics microcontroller), and also for the HuC (HEVC/H265 microcontroller which offloads to the GPU) and the DMC (Display Microcontroller) to provide additional low-power states. The GuC and HuC have had a chequered history in the kernel and updated firmware may be disabled by default, depending on your kernel version. Further details may be found at 01.org and Arch linux.
Nvidia GPUs from Kepler onwards require signed firmware, otherwise the nouveau driver is unable to provide hardware acceleration. Nvidia has now released firmware up to Turing (most, maybe all, GTX16xx and RTX20xx GPUs) to linux-firmware, and kernels from linux-5.6 should support it, although Mesa support may require a development version until Mesa-20.2 is released. Note that faster clocks than the default are not enabled by the released firmware.
Firmware updates for wired network ports. Mostly they work even without the updates, but probably they will work better with the updated firmware. For some modern laptops, firmware for both wired ethernet (e.g. rtl_nic) and also for bluetooth devices (e.g. qca) is required before the wired network can be used.
Firmware for other devices, such as wifi. These devices are not required for the PC to boot, but need the firmware before these devices can be used.
Although not needed to load a firmware blob, the following tools may be useful for determining, obtaining, or preparing the needed firmware in order to load it into the system: cpio-2.13, git-2.30.1, pciutils-3.7.0, and Wget-1.21.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/aboutfirmware
In general, microcode can be loaded by the BIOS or UEFI, and it might be updated by upgrading to a newer version of those. On linux, you can also load the microcode from the kernel if you are using an AMD family 10h or later processor (first introduced late 2007), or an Intel processor from 1998 and later (Pentium4, Core, etc), if updated microcode has been released. These updates only last until the machine is powered off, so they need to be applied on every boot.
Intel provide updates of their microcode for Skylake and later processors as new vulnerabilities come to light, and have in the past provided updates for processors from SandyBridge onwards, although those are no-longer supported for new fixes. New versions of AMD firmware are rare and usually only apply to a few models, although motherboard manufacturers get extra updates which maybe update microcode along with the changes to support newer CPUs and faster memory.
There are two ways of loading the microcode, described as 'early' and 'late'. Early loading happens before userspace has been started, late loading happens after userspace has started. Not surprisingly, early loading is preferred, (see e.g. an explanatory comment in a kernel commit noted at x86/microcode: Early load microcode on LWN.) Indeed, it is needed to work around one particular erratum in early Intel Haswell processors which had TSX enabled. (See Intel Disables TSX Instructions: Erratum Found in Haswell, Haswell-E/EP, Broadwell-Y .) Without this update glibc can do the wrong thing in uncommon situations.
It is still possible to manually force late loading of
microcode, either for testing or to prevent having to reboot.
You will need to reconfigure your kernel for either method.
The instructions here will create a kernel .config
to suite early loading, before
forcing late loading to see if there is any microcode. If
there is, the instructions then show you how to create an
initrd for early loading.
To confirm what processor(s) you have (if more than one, they will be identical) look in /proc/cpuinfo.
If you are creating an initrd to update firmware for different machines, as a distro would do, go down to 'Early loading of microcode' and cat all the Intel blobs to GenuineIntel.bin or cat all the AMD blobs to AuthenticAMD.bin. This creates a larger initrd - for all Intel machines in the 20200609 update the size is 3.0 MB compared to typically 24 KB for one machine.
The first step is to get the most recent version of the
Intel microcode. This must be done by navigating to
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/
and downloading the latest file there. As of this writing
the most secure version of the microcode, for those
machines which can boot it, is microcode-20210216. Extract
this file in the normal way, the microcode is in the
intel-ucode
directory,
containing various blobs with names in the form XX-YY-ZZ.
There are also various other files, and a releasenote.
In the past, intel did not provide any details of which blobs had changed versions, but now the release note details this.
The recent firmware for older processors is provided to deal with vulnerabilities which have now been made public, and for some of these such as Microarchitectural Data Sampling (MDS) you might wish to increase the protection by disabling hyperthreading, or alternatively to disable the kernel's default mitigation because of its impact on compile times. Please read the online documentation at https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/index.html.
Now you need to determine your processor's identity to see if there is any microcode for it. Determine the decimal values of the cpu family, model and stepping by running the following command (it will also report the current microcode version):
head -n7 /proc/cpuinfo
Convert the cpu family, model and stepping to pairs of hexadecimal digits. For a Skylake i3 6100 (described as Intel(R) Core(TM) i3-6100 CPU) the relevant values are cpu family 6, model 94, stepping 3 so in this case the required identification is 06-5e-03. A look at the blobs will show that there is one for this CPU (although for older issues it might have already been applied by the BIOS). If there is a blob for your system then test if it will be applied by copying it (replace <XX-YY-ZZ> by the identifier for your CPU) to where the kernel can find it:
mkdir -pv /lib/firmware/intel-ucode cp -v intel-ucode/<XX-YY-ZZ> /lib/firmware/intel-ucode
Now that the Intel microcode has been prepared, use the following options when you configure the kernel to load Intel microcode:
General Setup --->
[*] Initial RAM filesystem and RAM disk (initramfs/initrd) support [CONFIG_BLK_DEV_INITRD]
Processor type and features --->
[*] CPU microcode loading support [CONFIG_MICROCODE]
[*] Intel microcode loading support [CONFIG_MICROCODE_INTEL]
After you have successfully booted the new system, force late loading by using the command:
echo 1 > /sys/devices/system/cpu/microcode/reload
Then use the following command to see if anything was loaded: (N.B. the dates when microcode was created may be months ahead of when it was released.)
dmesg | grep -e 'microcode' -e 'Linux version' -e 'Command line'
This reformatted example for a machine with old microcode in its BIOS was created by temporarily booting without microcode, to show the current Firmware Bug messages, then the late load shows it being updated to revision 0xec.
[ 0.000000] Linux version 5.9.8 (ken@leshp) (gcc (GCC) 10.2.0,
GNU ld (GNU Binutils) 2.35)
#1 SMP PREEMPT Mon Nov 16 20:42:42 GMT 2020
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-5.9.8-sda11 root=/dev/sda11 ro
[ 0.028715] [Firmware Bug]: TSC_DEADLINE disabled due to Errata;
please update microcode to version: 0xb2 (or later)
[ 0.111874] SRBDS: Vulnerable: No microcode
[ 0.111984] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
If the microcode was not updated, there is no new microcode for this system's processor. If it did get updated, you can now proceed to the section called “Early loading of microcode”.
Begin by downloading a container of firmware for your CPU
family from
http://anduin.linuxfromscratch.org/BLFS/linux-firmware/amd-ucode/.
The family is always specified in hex. Families 10h to 14h
(16 to 20) are in microcode_amd.bin. Families 15h, 16h and
17h have their own containers. Create the required
directory and put the firmware you downloaded into it as
the root
user:
mkdir -pv /lib/firmware/amd-ucode cp -v microcode_amd* /lib/firmware/amd-ucode
When you configure the kernel, use the following options to load AMD microcode:
General Setup --->
[*] Initial RAM filesystem and RAM disk (initramfs/initrd) support [CONFIG_BLK_DEV_INITRD]
Processor type and features --->
[*] CPU microcode loading support [CONFIG_MICROCODE]
[*] AMD microcode loading support [CONFIG_MICROCODE_AMD]
After you have successfully booted the new system, force late loading by using the command:
echo 1 > /sys/devices/system/cpu/microcode/reload
Then use the following command to see if anything was loaded:
dmesg | grep -e 'microcode' -e 'Linux version' -e 'Command line'
This historic example from an old Athlon(tm) II X2 shows it has been updated. At that time, all CPUs were still reported in the microcode details on AMD machines (the current position for AMD machines where newer microcode is available is unknown) :
[ 0.000000] Linux version 4.15.3 (ken@testserver) (gcc version 7.3.0 (GCC))
#1 SMP Sun Feb 18 02:08:12 GMT 2018
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-4.15.3-sda5 root=/dev/sda5 ro
[ 0.307619] microcode: CPU0: patch_level=0x010000b6
[ 0.307671] microcode: CPU1: patch_level=0x010000b6
[ 0.307743] microcode: Microcode Update Driver: v2.2.
[ 187.928891] microcode: CPU0: new patch_level=0x010000c8
[ 187.928899] microcode: CPU1: new patch_level=0x010000c8
If the microcode was not updated, there is no new microcode for this system's processor. If it did get updated, you can now proceed to the section called “Early loading of microcode”.
If you have established that updated microcode is available for your system, it is time to prepare it for early loading. This requires an additional package, cpio-2.13 and the creation of an initrd which will need to be added to grub.cfg.
It does not matter where you prepare the initrd, and once it is working you can apply the same initrd to later LFS systems or newer kernels on this same machine, at least until any newer microcode is released. Use the following commands:
mkdir -p initrd/kernel/x86/microcode cd initrd
For an AMD machine, use the following command (replace <MYCONTAINER> with the name of the container for your CPU's family):
cp -v /lib/firmware/amd-ucode/<MYCONTAINER> kernel/x86/microcode/AuthenticAMD.bin
Or for an Intel machine copy the appropriate blob using this command:
cp -v /lib/firmware/intel-ucode/<XX-YY-ZZ> kernel/x86/microcode/GenuineIntel.bin
Now prepare the initrd:
find . | cpio -o -H newc > /boot/microcode.img
You now need to add a new entry to /boot/grub/grub.cfg and here you should add a new line after the linux line within the stanza. If /boot is a separate mountpoint:
initrd /microcode.img
or this if it is not:
initrd /boot/microcode.img
If you are already booting with an initrd (see the
section called “About initramfs”), you
should run mkinitramfs again after
putting the appropriate blob or container into /lib/firmware
as explained above.
Alternatively, you can have both initrd on the same line,
such as initrd
/microcode.img /other-initrd.img
(adapt
that as above if /boot is not a separate mountpoint).
You can now reboot with the added initrd, and then use the same command to check that the early load worked:
dmesg | grep -e 'microcode' -e 'Linux version' -e 'Command line'
If you updated to address vulnerabilities, you can look at
/sys/devices/system/cpu/vulnerabilities/
to see what is now reported.
The places and times where early loading happens are very different in AMD and Intel machines. First, an Intel (Skylake) example with early loading:
[ 0.000000] microcode: microcode updated early to revision 0xe2, date = 2020-07-14
[ 0.000000] Linux version 5.9.8 (ken@leshp) (gcc (GCC) 10.2.0,
GNU ld (GNU Binutils) 2.35)
#1 SMP PREEMPT Mon Nov 16 20:42:42 GMT 2020
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-5.9.8-sda11 root=/dev/sda11 ro
[ 0.378287] microcode: sig=0x506e3, pf=0x2, revision=0xe2
[ 0.378315] microcode: Microcode Update Driver: v2.2.
A historic AMD example:
[ 0.000000] Linux version 4.15.3 (ken@testserver) (gcc version 7.3.0 (GCC))
#2 SMP Sun Feb 18 02:32:03 GMT 2018
[ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-4.15.3-sda5 root=/dev/sda5 ro
[ 0.307619] microcode: microcode updated early to new patch_level=0x010000c8
[ 0.307678] microcode: CPU0: patch_level=0x010000c8
[ 0.307723] microcode: CPU1: patch_level=0x010000c8
[ 0.307795] microcode: Microcode Update Driver: v2.2.
These instructions do NOT apply to old radeons before the
R600 family. For those, the firmware is in the kernel's
/lib/firmware/
directory. Nor
do they apply if you intend to avoid a graphical setup such
as Xorg and are content to use the default 80x25 display
rather than a framebuffer.
Early radeon devices only needed a single 2K blob of firmware. Recent devices need several different blobs, and some of them are much bigger. The total size of the radeon firmware directory is over 500K — on a large modern system you can probably spare the space, but it is still redundant to install all the unused files each time you build a system.
A better approach is to install pciutils-3.7.0 and
then use lspci
to identify which
VGA controller is installed.
With that information, check the RadeonFeature page of the Xorg wiki for Decoder ring for engineering vs marketing names to identify the family (you may need to know this for the Xorg driver in BLFS — Southern Islands and Sea Islands use the radeonsi driver) and the specific model.
Now that you know which controller you are using, consult the Radeon page of the Gentoo wiki which has a table listing the required firmware blobs for the various chipsets. Note that Southern Islands and Sea Islands chips use different firmware for kernel 3.17 and later compared to earlier kernels. Identify and download the required blobs then install them:
mkdir -pv /lib/firmware/radeon cp -v <YOUR_BLOBS> /lib/firmware/radeon
There are actually two ways of installing this firmware. BLFS, in the 'Kernel Configuration for additional firmware' section part of the Xorg ATI Driver-19.1.0 section gives an example of compiling the firmware into the kernel - that is slightly faster to load, but uses more kernel memory. Here we will use the alternative method of making the radeon driver a module. In your kernel config set the following:
Device Drivers --->
Graphics support --->
Direct Rendering Manager --->
[*] Direct Rendering Manager (XFree86 ... support) [CONFIG_DRM]
[M] ATI Radeon [CONFIG_DRM_RADEON]
Loading several large blobs from /lib/firmware takes a noticeable time, during which the screen will be blank. If you do not enable the penguin framebuffer logo, or change the console size by using a bigger font, that probably does not matter. If desired, you can slightly reduce the time if you follow the alternate method of specifying 'y' for CONFIG_DRM_RADEON covered in BLFS at the link above — you must specify each needed radeon blob if you do that.
Some Nvidia graphics chips need firmware updates to take advantage of all the card's capability. These are generally the GeForce 8, 9, 9300, and 200-900 series chips. For more exact information, see https://nouveau.freedesktop.org/wiki/VideoAcceleration/#firmware.
First, the kernel Nvidia driver must be activated:
Device Drivers --->
Graphics support --->
Direct Rendering Manager --->
<*> Direct Rendering Manager (XFree86 ... support) [CONFIG_DRM]
<*/M> Nouveau (NVIDIA) cards [CONFIG_DRM_NOUVEAU]
The steps to install the Nvidia firmware are:
wget https://raw.github.com/imirkin/re-vp2/master/extract_firmware.py wget http://us.download.nvidia.com/XFree86/Linux-x86/325.15/NVIDIA-Linux-x86-325.15.run sh NVIDIA-Linux-x86-325.15.run --extract-only python extract_firmware.py mkdir -p /lib/firmware/nouveau cp -d nv* vuc-* /lib/firmware/nouveau/
The kernel likes to load firmware for some network drivers,
particularly those from Realtek (the
/lib/linux-firmware/rtl_nic/) directory, but they generally
appear to work without it. Therefore, you can boot the
kernel, check dmesg for messages about this missing firmware,
and if necessary download the firmware and put it in the
specified directory in /lib/firmware
so that it will be found on
subsequent boots. Note that with current kernels this works
whether or not the driver is compiled in or built as a
module, there is no need to build this firmware into the
kernel. Here is an example where the R8169 driver has been
compiled in but the firmware was not made available. Once the
firmware had been provided, there was no mention of it on
later boots.
dmesg | grep firmware | grep r8169
[ 7.018028] r8169 0000:01:00.0: Direct firmware load for rtl_nic/rtl8168g-2.fw failed with error -2
[ 7.018036] r8169 0000:01:00.0 eth0: unable to load firmware patch rtl_nic/rtl8168g-2.fw (-2)
Identifying the correct firmware will typically require you
to install pciutils-3.7.0, and then use
lspci
to
identify the device. You should then search online to check
which module it uses, which firmware, and where to obtain the
firmware — not all of it is in linux-firmware.
If possible, you should begin by using a wired connection when you first boot your LFS system. To use a wireless connection you will need to use a network tools such as Wireless Tools-29 and wpa_supplicant-2.9.
Different countries have different regulations on the radio
spectrum usage of wireless devices. You can install a
firmware to make the wireless devices obey local spectrum
regulations, so you won't be inquired by local authority or
find your wireless NIC jamming the frequencies of other
devices (for example, remote controllers). The regulatory
database firmware can be downloaded from https://kernel.org/pub/software/network/wireless-regdb/.
To install it, simply extract regulatory.db
and regulatory.db.p7s
from the tarball into
/lib/firmware
. The access point
would send a country code to your wireless NIC, and wpa_supplicant-2.9 would tell the
kernel to load the regulation of this country from
regulatory.db
, and enforce it.
Firmware may also be needed for other devices such as some SCSI controllers, bluetooth adaptors, or TV recorders. The same principles apply.
Last updated on 2021-02-18 19:29:09 -0800
Although most devices needed by packages in BLFS and beyond are
set up properly by udev using
the default rules installed by LFS in /etc/udev/rules.d
, there are cases where the
rules must be modified or augmented.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/aboutdevices
If there are multiple sound cards in a system, the "default"
sound card becomes random. The method to establish sound card
order depends on whether the drivers are modules or not. If
the sound card drivers are compiled into the kernel, control
is via kernel command line parameters in /boot/grub/grub.cfg
. For example, if a
system has both an FM801 card and a SoundBlaster PCI card,
the following can be appended to the command line:
snd-fm801.index=0 snd-ens1371.index=1
If the sound card drivers are built as modules, the order can
be established in the /etc/modprobe.conf
file with:
options snd-fm801 index=0
options snd-ens1371 index=1
USB devices usually have two kinds of device nodes associated with them.
The first kind is created by device-specific drivers (e.g., usb_storage/sd_mod or usblp) in the kernel. For example, a USB mass storage device would be /dev/sdb, and a USB printer would be /dev/usb/lp0. These device nodes exist only when the device-specific driver is loaded.
The second kind of device nodes (/dev/bus/usb/BBB/DDD, where BBB is the bus number and DDD is the device number) are created even if the device doesn't have a kernel driver. By using these "raw" USB device nodes, an application can exchange arbitrary USB packets with the device, i.e., bypass the possibly-existing kernel driver.
Access to raw USB device nodes is needed when a userspace program is acting as a device driver. However, for the program to open the device successfully, the permissions have to be set correctly. By default, due to security concerns, all raw USB devices are owned by user root and group usb, and have 0664 permissions (the read access is needed, e.g., for lsusb to work and for programs to access USB hubs). Packages (such as SANE and libgphoto2) containing userspace USB device drivers also ship udev rules that change the permissions of the controlled raw USB devices. That is, rules installed by SANE change permissions for known scanners, but not printers. If a package maintainer forgot to write a rule for your device, report a bug to both BLFS (if the package is there) and upstream, and you will need to write your own rule.
There is one situation when such fine-grained access control with pre-generated udev rules doesn't work. Namely, PC emulators such as KVM, QEMU and VirtualBox use raw USB device nodes to present arbitrary USB devices to the guest operating system (note: patches are needed in order to get this to work without the obsolete /proc/bus/usb mount point described below). Obviously, maintainers of these packages cannot know which USB devices are going to be connected to the guest operating system. You can either write separate udev rules for all needed USB devices yourself, or use the default catch-all "usb" group, members of which can send arbitrary commands to all USB devices.
Before Linux-2.6.15, raw USB device access was performed not with /dev/bus/usb/BBB/DDD device nodes, but with /proc/bus/usb/BBB/DDD pseudofiles. Some applications (e.g., VMware Workstation) still use only this deprecated technique and can't use the new device nodes. For them to work, use the "usb" group, but remember that members will have unrestricted access to all USB devices. To create the fstab entry for the obsolete usbfs filesystem:
usbfs /proc/bus/usb usbfs devgid=14,devmode=0660 0 0
Adding users to the "usb" group is inherently insecure, as they can bypass access restrictions imposed through the driver-specific USB device nodes. For instance, they can read sensitive data from USB hard drives without being in the "disk" group. Avoid adding users to this group, if you can.
Fine-tuning of device attributes such as group name and
permissions is possible by creating extra udev rules, matching on something like
this. The vendor and product can be found by searching the
/sys/devices
directory entries
or using udevadm
info after the device has been attached. See
the documentation in the current udev directory of /usr/share/doc
for details.
SUBSYSTEM=="usb_device", SYSFS{idVendor}=="05d8", SYSFS{idProduct}=="4002", \
GROUP:="scanner", MODE:="0660"
The above line is used for descriptive purposes only. The scanner udev rules are put into place when installing SANE-1.0.29.
If the initial boot process does not set up the /dev/dvd
device properly, it can be
installed using the following modification to the default
udev rules. As the root
user,
run:
sed '1d;/SYMLINK.*cdrom/ a\ KERNEL=="sr0", ENV{ID_CDROM_DVD}=="1", SYMLINK+="dvd", OPTIONS+="link_priority=-100"' \ /lib/udev/rules.d/60-cdrom_id.rules > /etc/udev/rules.d/60-cdrom_id.rules
Last updated on 2020-06-21 20:09:53 -0700
Together, the /usr/sbin/useradd command and
/etc/skel
directory (both are
easy to set up and use) provide a way to assure new users are
added to your LFS system with the same beginning settings for
things such as the PATH
, keyboard
processing and other environmental variables. Using these two
facilities makes it easier to assure this initial state for
each new user added to the system.
The /etc/skel
directory holds
copies of various initialization and other files that may be
copied to the new user's home directory when the /usr/sbin/useradd program
adds the new user.
The useradd
program uses a collection of default values kept in
/etc/default/useradd
. This file
is created in a base LFS installation by the Shadow package. If it has been removed or
renamed, the useradd program uses some
internal defaults. You can see the default values by running
/usr/sbin/useradd
-D.
To change these values, simply modify the /etc/default/useradd
file as the root
user. An alternative to directly
modifying the file is to run useradd as the root
user while supplying the desired
modifications on the command line. Information on how to do
this can be found in the useradd man page.
To get started, create an /etc/skel
directory and make sure it is
writable only by the system administrator, usually root
. Creating the directory as
root
is the best way to go.
The mode of any files from this part of the book that you put
in /etc/skel
should be writable
only by the owner. Also, since there is no telling what kind of
sensitive information a user may eventually place in their copy
of these files, you should make them unreadable by "group" and
"other".
You can also put other files in /etc/skel
and different permissions may be
needed for them.
Decide which initialization files should be provided in every
(or most) new user's home directory. The decisions you make
will affect what you do in the next two sections, The Bash Shell Startup Files
and The vimrc Files. Some
or all of those files will be useful for root
, any already-existing users, and new
users.
The files from those sections that you might want to place in
/etc/skel
include .inputrc
, .bash_profile
, .bashrc
, .bash_logout
, .dircolors
, and .vimrc
. If you are unsure which of these
should be placed there, just continue to the following
sections, read each section and any references provided, and
then make your decision.
You will run a slightly modified set of commands for files
which are placed in /etc/skel
.
Each section will remind you of this. In brief, the book's
commands have been written for files not added to /etc/skel
and instead just sends the results
to the user's home directory. If the file is going to be in
/etc/skel
, change the book's
command(s) to send output there instead and then just copy the
file from /etc/skel
to the
appropriate directories, like /etc
, ~
or the
home directory of any other user already in the system.
When adding a new user with useradd, use the -m
parameter, which tells useradd to create the user's
home directory and copy files from /etc/skel
(can be overridden) to the new
user's home directory. For example (perform as the root
user):
useradd -m <newuser>
Last updated on 2020-03-25 08:07:11 -0700
Throughout BLFS, many packages install programs that run as
daemons or in some way should have a user or group name
assigned. Generally these names are used to map a user ID (uid)
or group ID (gid) for system use. Generally the specific uid or
gid numbers used by these applications are not significant. The
exception of course, is that root
has a uid and gid of 0 (zero) that is
indeed special. The uid values are stored in /etc/passwd
and the gid values are found in
/etc/group
.
Customarily, Unix systems classify users and groups into two
categories: system users and regular users. The system users
and groups are given low numbers and regular users and groups
have numeric values greater than all the system values. The
cutoff for these numbers is found in two parameters in the
/etc/login.defs
configuration
file. The default UID_MIN value is 1000 and the default GID_MIN
value is 1000. If a specific uid or gid value is not specified
when creating a user with useradd or a group with
groupadd the
values assigned will always be above these cutoff values.
Additionally, the Linux Standard Base recommends that system uid and gid values should be below 100.
Below is a table of suggested uid/gid values used in BLFS beyond those defined in a base LFS installation. These can be changed as desired, but provide a suggested set of consistent values.
Table 3.1. UID/GID Suggested Values
Name | uid | gid |
---|---|---|
bin | 1 | |
lp | 9 | |
adm | 16 | |
atd | 17 | 17 |
messagebus | 18 | 18 |
lpadmin | 19 | |
named | 20 | 20 |
gdm | 21 | 21 |
fcron | 22 | 22 |
systemd-journal | 23 | |
apache | 25 | 25 |
smmsp | 26 | 26 |
polkitd | 27 | 27 |
rpc | 28 | 28 |
exim | 31 | 31 |
postfix | 32 | 32 |
postdrop | 33 | |
sendmail | 34 | |
34 | ||
vmailman | 35 | 35 |
news | 36 | 36 |
kdm | 37 | 37 |
fetchmail | 38 | |
mysql | 40 | 40 |
postgres | 41 | 41 |
dovecot | 42 | 42 |
dovenull | 43 | 43 |
ftp | 45 | 45 |
proftpd | 46 | 46 |
vsftpd | 47 | 47 |
rsyncd | 48 | 48 |
sshd | 50 | 50 |
stunnel | 51 | 51 |
dhcpcd | 52 | 52 |
svn | 56 | 56 |
svntest | 57 | |
git | 58 | 58 |
games | 60 | 60 |
kvm | 61 | |
wireshark | 62 | |
lightdm | 63 | 63 |
sddm | 64 | 64 |
lightdm | 65 | 65 |
scanner | 70 | |
colord | 71 | 71 |
systemd-bus-proxy | 72 | 72 |
systemd-journal-gateway | 73 | 73 |
systemd-journal-remote | 74 | 74 |
systemd-journal-upload | 75 | 75 |
systemd-network | 76 | 76 |
systemd-resolve | 77 | 77 |
systemd-timesync | 78 | 78 |
systemd-coredump | 79 | 79 |
uuidd | 80 | 80 |
ldap | 83 | 83 |
avahi | 84 | 84 |
avahi-autoipd | 85 | 85 |
netdev | 86 | |
ntp | 87 | 87 |
unbound | 88 | 88 |
plugdev | 90 | |
wheel | 97 | |
anonymous | 98 | |
nobody | 99 | |
nogroup | 99 |
One value that is missing is 65534. This value is customarily
assigned to the user nobody
and
group nogroup
and is
unnecessary.
Last updated on 2021-01-27 21:25:01 -0800
The shell program /bin/bash
(hereafter referred to as just "the shell") uses a collection
of startup files to help create an environment. Each file has a
specific use and may affect login and interactive environments
differently. The files in the /etc
directory generally provide global
settings. If an equivalent file exists in your home directory
it may override the global settings.
An interactive login shell is started after a successful login,
using /bin/login
, by reading the
/etc/passwd
file. This shell
invocation normally reads /etc/profile
and its private equivalent
~/.bash_profile
(or ~/.profile
if called as /bin/sh) upon startup.
An interactive non-login shell is normally started at the
command-line using a shell program (e.g., [prompt]$
/bin/bash) or by the
/bin/su command.
An interactive non-login shell is also started with a terminal
program such as xterm or konsole from within a
graphical environment. This type of shell invocation normally
copies the parent environment and then reads the user's
~/.bashrc
file for additional
startup configuration instructions.
A non-interactive shell is usually present when a shell script is running. It is non-interactive because it is processing a script and not waiting for user input between commands. For these shell invocations, only the environment inherited from the parent shell is used.
The file ~/.bash_logout
is not
used for an invocation of the shell. It is read and executed
when a user exits from an interactive login shell.
Many distributions use /etc/bashrc
for system wide initialization of
non-login shells. This file is usually called from the user's
~/.bashrc
file and is not built
directly into bash itself. This convention
is followed in this section.
For more information see info bash -- Nodes: Bash Startup Files and Interactive Shells.
Most of the instructions below are used to create files
located in the /etc
directory
structure which requires you to execute the commands as the
root
user. If you elect to
create the files in user's home directories instead, you
should run the commands as an unprivileged user.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bash-shell-startup-files
Here is a base /etc/profile
.
This file starts by setting up some helper functions and some
basic parameters. It specifies some bash history parameters
and, for security purposes, disables keeping a permanent
history file for the root
user. It also sets a default user prompt. It then calls
small, single purpose scripts in the /etc/profile.d
directory to provide most of
the initialization.
For more information on the escape sequences you can use for
your prompt (i.e., the PS1
environment variable) see info
bash -- Node:
Printing a Prompt.
cat > /etc/profile << "EOF"
# Begin /etc/profile
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>
# modifications by Dagmar d'Surreal <[email protected]>
# System wide environment variables and startup programs.
# System wide aliases and functions should go in /etc/bashrc. Personal
# environment variables and startup programs should go into
# ~/.bash_profile. Personal aliases and functions should go into
# ~/.bashrc.
# Functions to help us manage paths. Second argument is the name of the
# path variable to be modified (default: PATH)
pathremove () {
local IFS=':'
local NEWPATH
local DIR
local PATHVARIABLE=${2:-PATH}
for DIR in ${!PATHVARIABLE} ; do
if [ "$DIR" != "$1" ] ; then
NEWPATH=${NEWPATH:+$NEWPATH:}$DIR
fi
done
export $PATHVARIABLE="$NEWPATH"
}
pathprepend () {
pathremove $1 $2
local PATHVARIABLE=${2:-PATH}
export $PATHVARIABLE="$1${!PATHVARIABLE:+:${!PATHVARIABLE}}"
}
pathappend () {
pathremove $1 $2
local PATHVARIABLE=${2:-PATH}
export $PATHVARIABLE="${!PATHVARIABLE:+${!PATHVARIABLE}:}$1"
}
export -f pathremove pathprepend pathappend
# Set the initial path
export PATH=/bin:/usr/bin
if [ $EUID -eq 0 ] ; then
pathappend /sbin:/usr/sbin
unset HISTFILE
fi
# Setup some environment variables.
export HISTSIZE=1000
export HISTIGNORE="&:[bf]g:exit"
# Set some defaults for graphical systems
export XDG_DATA_DIRS=${XDG_DATA_DIRS:-/usr/share/}
export XDG_CONFIG_DIRS=${XDG_CONFIG_DIRS:-/etc/xdg/}
export XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR:-/tmp/xdg-$USER}
# Setup a red prompt for root and a green one for users.
NORMAL="\[\e[0m\]"
RED="\[\e[1;31m\]"
GREEN="\[\e[1;32m\]"
if [[ $EUID == 0 ]] ; then
PS1="$RED\u [ $NORMAL\w$RED ]# $NORMAL"
else
PS1="$GREEN\u [ $NORMAL\w$GREEN ]\$ $NORMAL"
fi
for script in /etc/profile.d/*.sh ; do
if [ -r $script ] ; then
. $script
fi
done
unset script RED GREEN NORMAL
# End /etc/profile
EOF
Now create the /etc/profile.d
directory, where the individual initialization scripts are
placed:
install --directory --mode=0755 --owner=root --group=root /etc/profile.d
Using the bash completion script below is controversial. Not all users like it. It adds many (usually over 1000) lines to the bash environment and makes it difficult to use the 'set' command to examine simple environment variables. Omitting this script does not interfere with the ability of bash to use the tab key for file name completion.
This script imports bash completion scripts, installed by many other BLFS packages, to allow TAB command line completion.
cat > /etc/profile.d/bash_completion.sh << "EOF"
# Begin /etc/profile.d/bash_completion.sh
# Import bash completion scripts
# If the bash-completion package is installed, use its configuration instead
if [ -f /usr/share/bash-completion/bash_completion ]; then
# Check for interactive bash and that we haven't already been sourced.
if [ -n "${BASH_VERSION-}" -a -n "${PS1-}" -a -z "${BASH_COMPLETION_VERSINFO-}" ]; then
# Check for recent enough version of bash.
if [ ${BASH_VERSINFO[0]} -gt 4 ] || \
[ ${BASH_VERSINFO[0]} -eq 4 -a ${BASH_VERSINFO[1]} -ge 1 ]; then
[ -r "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion" ] && \
. "${XDG_CONFIG_HOME:-$HOME/.config}/bash_completion"
if shopt -q progcomp && [ -r /usr/share/bash-completion/bash_completion ]; then
# Source completion code.
. /usr/share/bash-completion/bash_completion
fi
fi
fi
else
# bash-completions are not installed, use only bash completion directory
if shopt -q progcomp; then
for script in /etc/bash_completion.d/* ; do
if [ -r $script ] ; then
. $script
fi
done
fi
fi
# End /etc/profile.d/bash_completion.sh
EOF
Make sure that the directory exists:
install --directory --mode=0755 --owner=root --group=root /etc/bash_completion.d
For a more complete installation, see http://wiki.linuxfromscratch.org/blfs/wiki/bash-shell-startup-files#bash-completions.
This script uses the ~/.dircolors
and /etc/dircolors
files to control the
colors of file names in a directory listing. They control
colorized output of things like ls --color. The
explanation of how to initialize these files is at the end
of this section.
cat > /etc/profile.d/dircolors.sh << "EOF"
# Setup for /bin/ls and /bin/grep to support color, the alias is in /etc/bashrc.
if [ -f "/etc/dircolors" ] ; then
eval $(dircolors -b /etc/dircolors)
fi
if [ -f "$HOME/.dircolors" ] ; then
eval $(dircolors -b $HOME/.dircolors)
fi
alias ls='ls --color=auto'
alias grep='grep --color=auto'
EOF
This script adds some useful paths to the PATH
and can be used to customize other PATH
related environment variables (e.g. LD_LIBRARY_PATH, etc)
that may be needed for all users.
cat > /etc/profile.d/extrapaths.sh << "EOF"
if [ -d /usr/local/lib/pkgconfig ] ; then
pathappend /usr/local/lib/pkgconfig PKG_CONFIG_PATH
fi
if [ -d /usr/local/bin ]; then
pathprepend /usr/local/bin
fi
if [ -d /usr/local/sbin -a $EUID -eq 0 ]; then
pathprepend /usr/local/sbin
fi
# Set some defaults before other applications add to these paths.
pathappend /usr/share/man MANPATH
pathappend /usr/share/info INFOPATH
EOF
This script sets up the default inputrc
configuration file. If the user
does not have individual settings, it uses the global file.
cat > /etc/profile.d/readline.sh << "EOF"
# Setup the INPUTRC environment variable.
if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ] ; then
INPUTRC=/etc/inputrc
fi
export INPUTRC
EOF
Setting the umask value is important for security. Here the default group write permissions are turned off for system users and when the user name and group name are not the same.
cat > /etc/profile.d/umask.sh << "EOF"
# By default, the umask should be set.
if [ "$(id -gn)" = "$(id -un)" -a $EUID -gt 99 ] ; then
umask 002
else
umask 022
fi
EOF
This script sets an environment variable necessary for native language support. A full discussion on determining this variable can be found on the LFS Bash Shell Startup Files page.
cat > /etc/profile.d/i18n.sh << "EOF"
# Set up i18n variables
. /etc/locale.conf
export LANG
EOF
Here is a base /etc/bashrc
.
Comments in the file should explain everything you need.
cat > /etc/bashrc << "EOF"
# Begin /etc/bashrc
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>
# updated by Bruce Dubbs <[email protected]>
# System wide aliases and functions.
# System wide environment variables and startup programs should go into
# /etc/profile. Personal environment variables and startup programs
# should go into ~/.bash_profile. Personal aliases and functions should
# go into ~/.bashrc
# Provides colored /bin/ls and /bin/grep commands. Used in conjunction
# with code in /etc/profile.
alias ls='ls --color=auto'
alias grep='grep --color=auto'
# Provides prompt for non-login shells, specifically shells started
# in the X environment. [Review the LFS archive thread titled
# PS1 Environment Variable for a great case study behind this script
# addendum.]
NORMAL="\[\e[0m\]"
RED="\[\e[1;31m\]"
GREEN="\[\e[1;32m\]"
if [[ $EUID == 0 ]] ; then
PS1="$RED\u [ $NORMAL\w$RED ]# $NORMAL"
else
PS1="$GREEN\u [ $NORMAL\w$GREEN ]\$ $NORMAL"
fi
unset RED GREEN NORMAL
# End /etc/bashrc
EOF
Here is a base ~/.bash_profile
.
If you want each new user to have this file automatically,
just change the output of the command to /etc/skel/.bash_profile
and check the
permissions after the command is run. You can then copy
/etc/skel/.bash_profile
to the
home directories of already existing users, including
root
, and set the owner and
group appropriately.
cat > ~/.bash_profile << "EOF"
# Begin ~/.bash_profile
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>
# updated by Bruce Dubbs <[email protected]>
# Personal environment variables and startup programs.
# Personal aliases and functions should go in ~/.bashrc. System wide
# environment variables and startup programs are in /etc/profile.
# System wide aliases and functions are in /etc/bashrc.
if [ -f "$HOME/.bashrc" ] ; then
source $HOME/.bashrc
fi
if [ -d "$HOME/bin" ] ; then
pathprepend $HOME/bin
fi
# Having . in the PATH is dangerous
#if [ $EUID -gt 99 ]; then
# pathappend .
#fi
# End ~/.bash_profile
EOF
Here is a base ~/.profile
. The
comments and instructions for using /etc/skel
for .bash_profile
above also apply here. Only
the target file names are different.
cat > ~/.profile << "EOF"
# Begin ~/.profile
# Personal environment variables and startup programs.
if [ -d "$HOME/bin" ] ; then
pathprepend $HOME/bin
fi
# Set up user specific i18n variables
#export LANG=<ll>
_<CC>
.<charmap>
<@modifiers>
# End ~/.profile
EOF
Here is a base ~/.bashrc
.
cat > ~/.bashrc << "EOF"
# Begin ~/.bashrc
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>
# Personal aliases and functions.
# Personal environment variables and startup programs should go in
# ~/.bash_profile. System wide environment variables and startup
# programs are in /etc/profile. System wide aliases and functions are
# in /etc/bashrc.
if [ -f "/etc/bashrc" ] ; then
source /etc/bashrc
fi
# Set up user specific i18n variables
#export LANG=<ll>
_<CC>
.<charmap>
<@modifiers>
# End ~/.bashrc
EOF
This is an empty ~/.bash_logout
that can be used as a template. You will notice that the base
~/.bash_logout
does not include
a clear
command. This is because the clear is handled in the
/etc/issue
file.
cat > ~/.bash_logout << "EOF"
# Begin ~/.bash_logout
# Written for Beyond Linux From Scratch
# by James Robertson <[email protected]>
# Personal items to perform on logout.
# End ~/.bash_logout
EOF
If you want to use the dircolors
capability, then run the
following command. The /etc/skel
setup steps shown above also can
be used here to provide a ~/.dircolors
file when a new user is set
up. As before, just change the output file name on the
following command and assure the permissions, owner, and
group are correct on the files created and/or copied.
dircolors -p > /etc/dircolors
If you wish to customize the colors used for different file
types, you can edit the /etc/dircolors
file. The instructions for
setting the colors are embedded in the file.
Finally, Ian Macdonald has written an excellent collection of tips and tricks to enhance your shell environment. You can read it online at http://www.caliban.org/bash/index.shtml.
Last updated on 2020-08-21 05:19:40 -0700
The LFS book installs Vim as its text editor. At this point it should be noted that there are a lot of different editing applications out there including Emacs, nano, Joe and many more. Anyone who has been around the Internet (especially usenet) for a short time will certainly have observed at least one flame war, usually involving Vim and Emacs users!
The LFS book creates a basic vimrc
file. In this section you'll find an
attempt to enhance this file. At startup, vim reads the global
configuration file (/etc/vimrc
)
as well as a user-specific file (~/.vimrc
). Either or both can be tailored to
suit the needs of your particular system.
Here is a slightly expanded .vimrc
that you can put in ~/.vimrc
to provide user specific effects. Of
course, if you put it into /etc/skel/.vimrc
instead, it will be made
available to users you add to the system later. You can also
copy the file from /etc/skel/.vimrc
to the home directory of
users already on the system, such as root
. Be sure to set permissions, owner,
and group if you do copy anything directly from /etc/skel
.
" Begin .vimrc
set columns=80
set wrapmargin=8
set ruler
" End .vimrc
Note that the comment tags are " instead of the more usual # or
//. This is correct, the syntax for vimrc
is slightly unusual.
Below you'll find a quick explanation of what each of the options in this example file means here:
set columns=80
: This simply
sets the number of columns used on the screen.
set wrapmargin=8
: This is the
number of characters from the right window border where
wrapping starts.
set ruler
: This makes
vim show
the current row and column at the bottom right of the
screen.
More information on the many vim options can be found by
reading the help inside vim itself. Do this by typing
:help
in vim to get the general help,
or by typing :help
usr_toc.txt
to view the User Manual Table of Contents.
Last updated on 2020-03-25 08:07:11 -0700
When you first boot up your new LFS system, the logon screen
will be nice and plain (as it should be in a bare-bones
system). Many people however, will want their system to display
some information in the logon message. This can be accomplished
using the file /etc/issue
.
The /etc/issue
file is a plain
text file which will also accept certain escape sequences (see
below) in order to insert information about the system. There
is also the file issue.net
which
can be used when logging on remotely. ssh however, will only use it
if you set the option in the configuration file and will
not interpret the escape
sequences shown below.
One of the most common things which people want to do is clear
the screen at each logon. The easiest way of doing that is to
put a "clear" escape sequence into /etc/issue
. A simple way of doing this is to
issue the command clear >
/etc/issue. This will insert the relevant
escape code into the start of the /etc/issue
file. Note that if you do this,
when you edit the file, you should leave the characters
(normally '^[[H^[[2J') on the first line alone.
Terminal escape sequences are special codes recognized by the terminal. The ^[ represents an ASCII ESC character. The sequence ESC [ H puts the cursor in the upper left hand corner of the screen and ESC 2 J erases the screen. For more information on terminal escape sequences see http://rtfm.etla.org/xterm/ctlseq.html
The following sequences are recognized by agetty (the program which
usually parses /etc/issue
). This
information is from man
agetty where you can find extra information
about the logon process.
The issue
file can contain
certain character sequences to display various information. All
issue
sequences consist of a
backslash (\) immediately followed by one of the letters
explained below (so \d
in
/etc/issue
would insert the
current date).
b Insert the baudrate of the current line.
d Insert the current date.
s Insert the system name, the name of the operating system.
l Insert the name of the current tty line.
m Insert the architecture identifier of the machine, e.g., i686.
n Insert the nodename of the machine, also known as the hostname.
o Insert the domainname of the machine.
r Insert the release number of the kernel, e.g., 2.6.11.12.
t Insert the current time.
u Insert the number of current users logged in.
U Insert the string "1 user" or "<n> users" where <n> is the
number of current users logged in.
v Insert the version of the OS, e.g., the build-date etc.
Last updated on 2020-03-25 08:07:11 -0700
Security takes many forms in a computing environment. After some initial discussion, this chapter gives examples of three different types of security: access, prevention and detection.
Access for users is usually handled by login or an application designed to handle the login function. In this chapter, we show how to enhance login by setting policies with PAM modules. Access via networks can also be secured by policies set by iptables, commonly referred to as a firewall. The Network Security Services (NSS) and Netscape Portable Runtime (NSPR) libraries can be installed and shared among the many applications requiring them. For applications that don't offer the best security, you can use the Stunnel package to wrap an application daemon inside an SSL tunnel.
Prevention of breaches, like a trojan, are assisted by applications like GnuPG, specifically the ability to confirm signed packages, which recognizes modifications of the tarball after the packager creates it.
Finally, we touch on detection with a package that stores "signatures" of critical files (defined by the administrator) and then regenerates those "signatures" and compares for files that have been changed.
All software has bugs. Sometimes, a bug can be exploited, for example to allow users to gain enhanced privileges (perhaps gaining a root shell, or simply accessing or deleting other user's files), or to allow a remote site to crash an application (denial of service), or for theft of data. These bugs are labelled as vulnerabilities.
The main place where vulnerabilities get logged is cve.mitre.org. Unfortunately, many vulnerability numbers (CVE-yyyy-nnnn) are initially only labelled as "reserved" when distributions start issuing fixes. Also, some vulnerabilities apply to particular combinations of configure options, or only apply to old versions of packages which have long since been updated in BLFS.
BLFS differs from distributions—there is no BLFS security team, and the editors only become aware of vulnerabilities after they are public knowledge. Sometimes, a package with a vulnerability will not be updated in the book for a long time. Issues can be logged in the Trac system, which might speed up resolution.
The normal way for BLFS to fix a vulnerability is, ideally, to update the book to a new fixed release of the package. Sometimes that happens even before the vulnerability is public knowledge, so there is no guarantee that it will be shown as a vulnerability fix in the Changelog. Alternatively, a sed command, or a patch taken from a distribution, may be appropriate.
The bottom line is that you are responsible for your own security, and for assessing the potential impact of any problems.
To keep track of what is being discovered, you may wish to follow the security announcements of one or more distributions. For example, Debian has Debian security. Fedora's links on security are at the Fedora wiki. Details of Gentoo linux security announcements are discussed at Gentoo security. Finally, the Slackware archives of security announcements are at Slackware security.
The most general English source is perhaps the Full Disclosure Mailing List, but please read the comment on that page. If you use other languages you may prefer other sites such as heise.de (German) or cert.hr (Croatian). These are not linux-specific. There is also a daily update at lwn.net for subscribers (free access to the data after 2 weeks, but their vulnerabilities database at lwn.net/Vulnerabilities is unrestricted).
For some packages, subscribing to their 'announce' lists will provide prompt news of newer versions.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/vulnerabilities
Last updated on 2020-03-24 12:19:44 -0700
Public Key Infrastructure (PKI) is a method to validate the authenticity of an otherwise unknown entity across untrusted networks. PKI works by establishing a chain of trust, rather than trusting each individual host or entity explicitly. In order for a certificate presented by a remote entity to be trusted, that certificate must present a complete chain of certificates that can be validated using the root certificate of a Certificate Authority (CA) that is trusted by the local machine.
Establishing trust with a CA involves validating things like company address, ownership, contact information, etc., and ensuring that the CA has followed best practices, such as undergoing periodic security audits by independent investigators and maintaining an always available certificate revocation list. This is well outside the scope of BLFS (as it is for most Linux distributions). The certificate store provided here is taken from the Mozilla Foundation, who have established very strict inclusion policies described here.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/djlucas/make-ca/releases/download/v1.7/make-ca-1.7.tar.xz
Download size: 28.5 KB
Download MD5 Sum: e0356f5ae5623f227a3f69b5e8848ec6
Estimated disk space required: 6.6 MB (with all runtime deps)
Estimated build time: 0.1 SBU (with all runtime deps)
p11-kit-0.23.22 (required at runtime to generate certificate stores from trust anchors)
NSS-3.61 (to generate a shared NSSDB)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/make-ca
The make-ca script will
download and process the certificates included in the
certdata.txt
file for use as
trust anchors for the p11-kit-0.23.22 trust module.
Additionally, it will generate system certificate stores used
by BLFS applications (if the recommended and optional
applications are present on the system). Any local
certificates stored in /etc/ssl/local
will be imported to both the
trust anchors and the generated certificate stores
(overriding Mozilla's trust). Additionally, any modified
trust values will be copied from the trust anchors to
/etc/ssl/local
prior to any
updates, preserving custom trust values that differ from
Mozilla when using the trust utility from
p11-kit to operate on the
trust store.
To install the various certificate stores, first install the
make-ca script into the
correct location. As the root
user:
make install && install -vdm755 /etc/ssl/local
As the root
user, after
installing p11-kit-0.23.22, download the
certificate source and prepare for system use with the
following command:
If running the script a second time with the same version
of certdata.txt
, for
instance, to add additional stores as the requisite
software is installed, add the -r
switch to the command
line. If packaging, run make-ca --help to see all
available command line options.
/usr/sbin/make-ca -g
You should periodically update the store with the above
command, either manually, or via a systemd timer. A timer is installed at /usr/lib/systemd/system/update-pki.timer
that, if enabled, will check for updates weekly.
Execute the following commands,
as the root
user, to
enable the systemd timer:
systemctl enable update-pki.timer
For most users, no additional configuration is necessary,
however, the default certdata.txt
file provided by make-ca is
obtained from the mozilla-release branch, and is modified to
provide a Mercurial revision. This will be the correct
version for most systems. There are several other variants of
the file available for use that might be preferred for one
reason or another, including the files shipped with Mozilla
products in this book. RedHat and OpenSUSE, for instance, use
the version included in NSS-3.61. Additional upstream downloads are
available at the links included in /etc/make-ca.conf.dist
. Simply copy the
file to /etc/make-ca.conf
and
edit as appropriate.
There are three trust types that are recognized by the
make-ca script, SSL/TLS,
S/Mime, and code signing. For OpenSSL, these are serverAuth
, emailProtection
, and codeSigning
respectively. If
one of the three trust arguments is omitted, the certificate
is neither trusted, nor rejected for that role. Clients that
use OpenSSL or NSS encountering this certificate will
present a warning to the user. Clients using GnuTLS without p11-kit support are not aware of trusted
certificates. To include this CA into the ca-bundle.crt
, email-ca-bundle.crt
, or objsign-ca-bundle.crt
files (the
GnuTLS legacy bundles), it
must have the appropriate trust arguments.
The /etc/ssl/local
directory is
available to add additional CA certificates to the system.
For instance, you might need to add an organization or
government CA certificate. Files in this directory must be in
the OpenSSL trusted
certificate format. To create an OpenSSL trusted certificate from a
regular PEM encoded file, you need to add trust arguments to
the openssl
command, and create a new certificate. For example, using the
CAcert
roots, if you want to trust both for all three roles, the
following commands will create appropriate OpenSSL trusted
certificates (run as the root
user after Wget-1.21.1 is installed):
wget http://www.cacert.org/certs/root.crt && wget http://www.cacert.org/certs/class3.crt && openssl x509 -in root.crt -text -fingerprint -setalias "CAcert Class 1 root" \ -addtrust serverAuth -addtrust emailProtection -addtrust codeSigning \ > /etc/ssl/local/CAcert_Class_1_root.pem && openssl x509 -in class3.crt -text -fingerprint -setalias "CAcert Class 3 root" \ -addtrust serverAuth -addtrust emailProtection -addtrust codeSigning \ > /etc/ssl/local/CAcert_Class_3_root.pem && /usr/sbin/make-ca -r -f
Occasionally, there may be instances where you don't agree
with Mozilla's inclusion of a particular certificate
authority. If you'd like to override the default trust of a
particular CA, simply create a copy of the existing
certificate in /etc/ssl/local
with different trust arguments. For example, if you'd like to
distrust the "Makebelieve_CA_Root" file, run the following
commands:
openssl x509 -in /etc/ssl/certs/Makebelieve_CA_Root.pem \ -text \ -fingerprint \ -setalias "Disabled Makebelieve CA Root" \ -addreject serverAuth \ -addreject emailProtection \ -addreject codeSigning \ > /etc/ssl/local/Disabled_Makebelieve_CA_Root.pem && /usr/sbin/make-ca -r -f
Last updated on 2021-02-19 22:13:48 -0800
The CrackLib package contains a library used to enforce strong passwords by comparing user selected passwords to words in chosen word lists.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/cracklib/cracklib/releases/download/v2.9.7/cracklib-2.9.7.tar.bz2
Download MD5 sum: 0d68de25332cee5660850528a385427f
Download size: 592 KB
Estimated disk space required: 4.2 MB
Estimated build time: less than 0.1 SBU
Recommended word list for English-speaking countries (size: 6.7 MB; md5sum: 94e9963e4786294f7fb0f2efd7618551): https://github.com/cracklib/cracklib/releases/download/v2.9.7/cracklib-words-2.9.7.bz2
There are additional word lists available for download, e.g., from http://www.cotse.com/tools/wordlists.htm. CrackLib can utilize as many, or as few word lists you choose to install.
Users tend to base their passwords on regular words of the spoken language, and crackers know that. CrackLib is intended to filter out such bad passwords at the source using a dictionary created from word lists. To accomplish this, the word list(s) for use with CrackLib must be an exhaustive list of words and word-based keystroke combinations likely to be chosen by users of the system as (guessable) passwords.
The default word list recommended above for downloading mostly satisfies this role in English-speaking countries. In other situations, it may be necessary to download (or even create) additional word lists.
Note that word lists suitable for spell-checking are not usable as CrackLib word lists in countries with non-Latin based alphabets, because of “word-based keystroke combinations” that make bad passwords.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cracklib
Install CrackLib by running the following commands:
sed -i '/skipping/d' util/packer.c && ./configure --prefix=/usr \ --disable-static \ --with-default-dict=/lib/cracklib/pw_dict && make
Now, as the root
user:
make install && mv -v /usr/lib/libcrack.so.* /lib && ln -sfv ../../lib/$(readlink /usr/lib/libcrack.so) /usr/lib/libcrack.so
Issue the following commands as the root
user to install the recommended word
list and create the CrackLib
dictionary. Other word lists (text based, one word per line)
can also be used by simply installing them into /usr/share/dict
and adding them to the
create-cracklib-dict
command.
install -v -m644 -D ../cracklib-words-2.9.7.bz2 \ /usr/share/dict/cracklib-words.bz2 && bunzip2 -v /usr/share/dict/cracklib-words.bz2 && ln -v -sf cracklib-words /usr/share/dict/words && echo $(hostname) >> /usr/share/dict/cracklib-extra-words && install -v -m755 -d /lib/cracklib && create-cracklib-dict /usr/share/dict/cracklib-words \ /usr/share/dict/cracklib-extra-words
If desired, check the proper operation of the library as an unprivileged user by issuing the following command:
make test
If you are installing CrackLib after your LFS system has been completed and you have the Shadow package installed, you must reinstall Shadow-4.8.1 if you wish to provide strong password support on your system. If you are now going to install the Linux-PAM-1.5.1 package, you may disregard this note as Shadow will be reinstalled after the Linux-PAM installation.
sed -i '/skipping/d' util/packer.c: Remove a meaningless warning.
--with-default-dict=/lib/cracklib/pw_dict
:
This parameter forces the installation of the CrackLib dictionary to the /lib
hierarchy.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
mv -v /usr/lib/libcrack.so.2*
/lib and ln -v
-sf ../../lib/libcrack.so.2.9.0 ...: These
two commands move the libcrack.so.2.9.0
library and associated
symlink from /usr/lib
to
/lib
, then recreates the
/usr/lib/libcrack.so
symlink
pointing to the relocated file.
install -v -m644 -D
...: This command creates the /usr/share/dict
directory (if it doesn't
already exist) and installs the compressed word list there.
ln -v -s cracklib-words
/usr/share/dict/words: The word list is
linked to /usr/share/dict/words
as historically, words
is the
primary word list in the /usr/share/dict
directory. Omit this
command if you already have a /usr/share/dict/words
file installed on
your system.
echo $(hostname)
>>...: The value of hostname is echoed to a
file called cracklib-extra-words
. This extra file is
intended to be a site specific list which includes easy to
guess passwords such as company or department names, user
names, product names, computer names, domain names, etc.
create-cracklib-dict ...: This command creates the CrackLib dictionary from the word lists. Modify the command to add any additional word lists you have installed.
is used to determine if a password is strong |
|
is used to format text files (lowercases all words, removes control characters and sorts the lists) |
|
creates a database with words read from standard input |
|
displays on standard output the database specified |
|
is used to create the CrackLib dictionary from the given word list(s) |
|
provides a fast dictionary lookup method for strong password enforcement |
Last updated on 2021-02-19 22:13:48 -0800
cryptsetup is used to set up transparent encryption of block devices using the kernel crypto API.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/utils/cryptsetup/v2.3/cryptsetup-2.3.4.tar.xz
Download MD5 sum: 911272e73181fdc850bb4d25103a9f83
Download size: 11 MB
Estimated disk space required: 29 MB (add 115 MB for tests)
Estimated build time: 0.2 SBU (add 9 SBU for tests)
JSON-C-0.15, LVM2-2.03.11, and popt-1.18
libpwquality-1.4.4, Python-2.7.18, argon2, and passwdqc
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cryptsetup
Encrypted block devices require kernel support. To use it, the appropriate kernel configuration parameters need to be set:
Device Drivers --->
[*] Multiple devices driver support (RAID and LVM) ---> [CONFIG_MD]
<*/M> Device mapper support [CONFIG_BLK_DEV_DM]
<*/M> Crypt target support [CONFIG_DM_CRYPT]
Cryptographic API --->
<*/M> XTS support [CONFIG_CRYPTO_XTS]
<*/M> SHA224 and SHA256 digest algorithm [CONFIG_CRYPTO_SHA256]
<*/M> AES cipher algorithms [CONFIG_CRYPTO_AES]
<*/M> User-space interface for symmetric key cipher algorithms
[CONFIG_CRYPTO_USER_API_SKCIPHER]
For tests:
<*/M> Twofish cipher algorithm [CONFIG_CRYPTO_TWOFISH]
Install cryptsetup by running the following commands:
./configure --prefix=/usr && make
To test the result, issue as the root
user: make check. Some tests will
fail if appropriate kernel configuration options are not set.
Some additional options that may be needed for tests are:
CONFIG_SCSI_LOWLEVEL, CONFIG_SCSI_DEBUG,
CONFIG_BLK_DEV_DM_BUILTIN, CONFIG_CRYPTO_USER,
CONFIG_CRYPTO_CRYPTD, CONFIG_CRYPTO_LRW, CONFIG_CRYPTO_XTS,
CONFIG_CRYPTO_ESSIV, CONFIG_CRYPTO_CRCT10DIF,
CONFIG_CRYPTO_AES_TI, CONFIG_CRYPTO_AES_NI_INTEL,
CONFIG_CRYPTO_BLOWFISH, CONFIG_CRYPTO_CAST5,
CONFIG_CRYPTO_SERPENT, CONFIG_CRYPTO_SERPENT_SSE2_X86_64,
CONFIG_CRYPTO_SERPENT_AVX_X86_64,
CONFIG_CRYPTO_SERPENT_AVX2_X86_64, and
CONFIG_CRYPTO_TWOFISH_X86_64.
Now, as the root
user:
make install
Because of the number of possible configurations, setup of encrypted volumes is beyond the scope of the BLFS book. Please see the configuration guide in the cryptsetup FAQ.
is used to setup dm-crypt managed device-mapper mappings |
|
is a for offline LUKS device re-encryption |
|
is a tool to manage dm-integrity (block level integrity) volumes |
|
is used to configure dm-verity managed device-mapper mappings. Device-mapper verity target provides read-only transparent integrity checking of block devices using kernel crypto API |
Last updated on 2021-02-19 22:13:48 -0800
The Cyrus SASL package contains a Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-2.1.27/cyrus-sasl-2.1.27.tar.gz
Download MD5 sum: a33820c66e0622222c5aefafa1581083
Download size: 3.9 MB
Estimated disk space required: 26 MB
Estimated build time: 0.1 SBU
Linux-PAM-1.5.1, MIT Kerberos V5-1.19.1, MariaDB-10.5.8 or MySQL, OpenJDK-15.0.2, OpenLDAP-2.4.57, PostgreSQL-13.2, SQLite-3.34.1, krb4, Dmalloc, Pod::POM::View::Restructured, and Sphinx
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cyrus-sasl
This package does not support parallel build.
First, fix a build failure if Sphinx or docutils-0.16 is installed on the system:
patch -Np1 -i ../cyrus-sasl-2.1.27-doc_fixes-1.patch
Install Cyrus SASL by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --enable-auth-sasldb \ --with-dbpath=/var/lib/sasl/sasldb2 \ --with-saslauthd=/var/run/saslauthd && make -j1
This package does not come with a test suite. If you are planning on using the GSSAPI authentication mechanism, test it after installing the package using the sample server and client programs which were built in the preceding step. Instructions for performing the tests can be found at http://www.linuxfromscratch.org/hints/downloads/files/cyrus-sasl.txt.
Now, as the root
user:
make install && install -v -dm755 /usr/share/doc/cyrus-sasl-2.1.27/html && install -v -m644 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-2.1.27 && install -v -m644 doc/legacy/*.html /usr/share/doc/cyrus-sasl-2.1.27/html && install -v -dm700 /var/lib/sasl
--with-dbpath=/var/lib/sasl/sasldb2
:
This switch forces the sasldb database to be
created in /var/lib/sasl
instead of /etc
.
--with-saslauthd=/var/run/saslauthd
:
This switch forces saslauthd to use the FHS
compliant directory /var/run/saslauthd
for variable run-time
data.
--enable-auth-sasldb
:
This switch enables SASLDB authentication backend.
--with-dblib=gdbm
: This switch
forces GDBM to be used
instead of Berkeley DB.
--with-ldap
: This switch enables
the OpenLDAP support.
--enable-ldapdb
: This switch
enables the LDAPDB authentication backend. There is a
circular dependency with this parameter. See http://wiki.linuxfromscratch.org/blfs/wiki/cyrus-sasl
for a solution to this problem.
--enable-java
: This switch
enables compiling of the Java support libraries.
--enable-login
: This option
enables unsupported LOGIN authentication.
--enable-ntlm
: This option
enables unsupported NTLM authentication.
install -v -m644 ...: These commands install documentation which is not installed by the make install command.
install -v -m700 -d /var/lib/sasl: This directory must exist when starting saslauthd or using the sasldb plugin. If you're not going to be running the daemon or using the plugins, you may omit the creation of this directory.
/etc/saslauthd.conf
(for
saslauthd
LDAP configuration) and /etc/sasl2/Appname.conf
(where "Appname"
is the application defined name of the application)
See https://www.cyrusimap.org/sasl/sasl/sysadmin.html for information on what to include in the application configuration files.
See file:///usr/share/doc/cyrus-sasl-2.1.27/LDAP_SASLAUTHD for configuring saslauthd with OpenLDAP.
See https://www.cyrusimap.org/sasl/sasl/gssapi.html#gssapi for configuring saslauthd with Kerberos.
If you need to run the saslauthd daemon at
system startup, install the saslauthd.service
unit included in the
blfs-systemd-units-20210122
package using the following command:
make install-saslauthd
You'll need to modify /etc/default/saslauthd
and modify the
MECHANISM
parameter with your
desired authentication mechanism. The default authentication mechanism is
"shadow".
is used to list loadable SASL plugins and their properties |
|
is the SASL authentication server |
|
is used to list the users in the SASL password
database |
|
is used to set and delete a user's SASL password
and mechanism specific secrets in the SASL password
database |
|
is a test utility for the SASL authentication server |
|
is a general purpose authentication library for server and client applications |
Last updated on 2021-02-20 11:35:58 -0800
The GnuPG package is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs. GnuPG 2 is the stable version of GnuPG integrating support for OpenPGP and S/MIME.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.27.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.2.27.tar.bz2
Download MD5 sum: a9c002b5356103c97412955a1956ae0c
Download size: 6.9 MB
Estimated disk space required: 156 MB (with all tests; add 24 MB for docs)
Estimated build time: 0.4 SBU (using parallelism=4; add 1.6 SBU for tests)
Libassuan-2.5.4, libgcrypt-1.9.2, Libksba-1.5.0, and npth-1.6
pinentry-1.1.1 (Run-time requirement for most of the package's functionality)
cURL-7.75.0, Fuse-3.10.2, GnuTLS-3.7.0, ImageMagick-7.0.11-0 (for the convert utility, used for generating the documentation), libusb-1.0.24, an MTA, OpenLDAP-2.4.57, SQLite-3.34.1, texlive-20200406 (or install-tl-unx), fig2dev (for generating documentation), and GNU adns
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gnupg2
By default GnuPG doesn't install the deprecated gpg-zip script, but it is still needed by some programs. Make GnuPG install it with:
sed -e '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' \ -i tools/Makefile.in
Install GnuPG by running the following commands:
./configure --prefix=/usr \ --localstatedir=/var \ --docdir=/usr/share/doc/gnupg-2.2.27 && make && makeinfo --html --no-split -o doc/gnupg_nochunks.html doc/gnupg.texi && makeinfo --plaintext -o doc/gnupg.txt doc/gnupg.texi && make -C doc html
If you have texlive-20200406 installed and you wish to create documentation in alternate formats, issue the following commands (fig2dev is needed for the ps format):
make -C doc pdf ps
To test the results, issue: make check.
Note that if you have already installed GnuPG, the instructions below will
overwrite /usr/share/man/man1/gpg-zip.1
. Now, as the
root
user:
make install && install -v -m755 -d /usr/share/doc/gnupg-2.2.27/html && install -v -m644 doc/gnupg_nochunks.html \ /usr/share/doc/gnupg-2.2.27/html/gnupg.html && install -v -m644 doc/*.texi doc/gnupg.txt \ /usr/share/doc/gnupg-2.2.27 && install -v -m644 doc/gnupg.html/* \ /usr/share/doc/gnupg-2.2.27/html
If you created alternate formats of the documentation,
install them using the following command as the root
user:
install -v -m644 doc/gnupg.{pdf,dvi,ps} \ /usr/share/doc/gnupg-2.2.27
sed ... tools/Makefile.in: This command is needed to build the gpg-zip program.
--docdir=/usr/share/doc/gnupg-2.2.27
:
This switch changes the default docdir to /usr/share/doc/gnupg-2.2.27
.
--enable-all-tests
: allows more
tests to be run with make
check.
--enable-g13
: This switch enables
building the g13 program.
is used to create and populate a user's
|
|
is a wrapper script used to run gpgconf with the
|
|
is a tool that takes care of accessing the OpenPGP keyservers |
|
is a tool to contact a running dirmngr and test whether a certificate has been revoked |
|
is a tool to create, mount or unmount an encrypted file system container (optional) |
|
is a daemon used to manage secret (private) keys independently from any protocol. It is used as a backend for gpg2 and gpgsm as well as for a couple of other utilities |
|
is a utility used to communicate with a running gpg-agent |
|
is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool used to provide digital encryption and signing services using the OpenPGP standard |
|
is a utility used to automatically and reasonably
safely query and modify configuration files in the
|
|
is a utility currently only useful for debugging.
Run it with |
|
executes the given scheme program or spawns an interactive shell |
|
is a tool similar to gpg2 used to provide digital encryption and signing services on X.509 certificates and the CMS protocol. It is mainly used as a backend for S/MIME mail processing |
|
splits an OpenPGP message into packets |
|
is a tool to encrypt or sign files into an archive |
|
is a verify only version of gpg2 |
|
provides a server for the Web Key Service protocol |
|
encrypts or signs files into an archive |
|
is used to list, export and import Keybox data |
|
is used to listen to a Unix Domain socket created by any of the GnuPG tools |
Last updated on 2021-02-21 17:43:43 -0800
The GnuTLS package contains libraries and userspace tools which provide a secure layer over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group. Quoting from the TLS protocol specification:
“The TLS protocol provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.”
GnuTLS provides support for TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0, and SSL 3.0 protocols, TLS extensions, including server name and max record size. Additionally, the library supports authentication using the SRP protocol, X.509 certificates and OpenPGP keys, along with support for the TLS Pre-Shared-Keys (PSK) extension, the Inner Application (TLS/IA) extension and X.509 and OpenPGP certificate handling.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.0.tar.xz
Download (FTP): ftp://ftp.gnupg.org/gcrypt/gnutls/v3.7/gnutls-3.7.0.tar.xz
Download MD5 sum: 1123a7bcc2fafd703e5a811bc1beb179
Download size: 5.8 MB
Estimated disk space required: 163 MB (add 112 MB for tests)
Estimated build time: 0.9 SBU (using parallelism=4; add 7.7 SBU for tests)
make-ca-1.7, libunistring-0.9.10, libtasn1-4.16.0, and p11-kit-0.23.22
Doxygen-1.9.1, GTK-Doc-1.33.2, Guile-3.0.5, libidn-1.36 or libidn2-2.3.0, libseccomp-2.5.1, Net-tools-CVS_20101030 (used during the test suite), texlive-20200406 or install-tl-unx, Unbound-1.13.1 (to build the DANE library), Valgrind-3.16.1 (used during the test suite), autogen, cmocka and datefudge (used during the test suite if the DANE library is built), and Trousers (Trusted Platform Module support)
Note that if you do not install libtasn1-4.16.0, an older version shipped in the GnuTLS tarball will be used instead.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gnutls
Install GnuTLS by running the following commands:
./configure --prefix=/usr \ --docdir=/usr/share/doc/gnutls-3.7.0 \ --disable-guile \ --with-default-trust-store-pkcs11="pkcs11:" && make
To test the results, issue: make check. If a prior
version of GnuTLS (or the
same version but without all of the recommended dependencies)
has been installed, some tests may fail. If /usr/lib/libgnutls.so
and the target of
that symlink are moved or renamed so that they cannot be
found, all tests should pass and the install procedure will
restore libgnutls.so
and the
versioned library it points to.
Now, as the root
user:
make install
If you passed --enable-gtk-doc
to
the configure
script, the API will automatically be installed. Otherwise,
if desired, you can still install the API documentation to
the /usr/share/gtk-doc/html/gnutls
directory
using the following command as the root
user:
make -C doc/reference install-data-local
--with-default-trust-store-pkcs11="pkcs11:"
:
This switch tells gnutls to use the PKCS #11 trust store as
the default trust. Omit this switch if p11-kit-0.23.22 is not
installed.
--disable-guile
: This
switch disables GUILE support, since GnuTLS does not support
Guile-2.2.x yet.
--with-default-trust-store-file=/etc/pki/tls/certs/ca-bundle.crt
:
This switch tells configure where to find the
legacy CA certificate bundle and to use it instead of PKCS
#11 module by default. Use this if p11-kit-0.23.22 is not
installed.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
--enable-openssl-compatibility
:
Use this switch if you wish to build the OpenSSL
compatibility library.
--without-p11-kit
: use this
switch if you have not installed p11-kit.
--with-included-unistring
: uses
the bundled version of libunistring, instead of the system
one. Use this switch if you have not installed libunistring-0.9.10.
is used to generate X.509 certificates, certificate requests, and private keys |
|
is a tool used to generate and check DNS resource records for the DANE protocol |
|
is a simple client program to set up a TLS connection to some other computer |
|
is a simple client program to set up a TLS connection to some other computer and produces very verbose progress results |
|
is a simple server program that listens to incoming TLS connections |
|
is a program that can parse and print information about OCSP requests/responses, generate requests and verify responses |
|
is a program that allows handling data from PKCS #11 smart cards and security modules |
|
is a simple program that generates random keys for use with TLS-PSK |
|
is a simple program that emulates the programs in the Stanford SRP (Secure Remote Password) libraries using GnuTLS |
|
contains the core API functions and X.509 certificate API functions |
Last updated on 2021-02-19 22:13:48 -0800
The GPGME package is a C library that allows cryptography support to be added to a program. It is designed to make access to public key crypto engines like GnuPG or GpgSM easier for applications. GPGME provides a high-level crypto API for encryption, decryption, signing, signature verification and key management.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/gpgme/gpgme-1.15.1.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.15.1.tar.bz2
Download MD5 sum: e086c4575fe4d7840864fb7dfe97f692
Download size: 1.6 MB
Estimated disk space required: 243 MB
Estimated build time: 0.8 SBU (with parallelism=4; with all bindings, add 0.6 SBU for tests)
Doxygen-1.9.1 and Graphviz-2.44.1 (for API documentation), GnuPG-2.2.27 (required if Qt or SWIG are installed; used during the testsuite), Clisp-2.49, Python-2.7.18, Qt-5.15.2, and/or SWIG-4.0.2 (for language bindings)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gpgme
Install GPGME by running the following commands:
./configure --prefix=/usr --disable-gpg-test && make
To test the results, you should have GnuPG-2.2.27 installed and remove the --disable-gpg-test above. Issue: make -k check.
Now, as the root
user:
make install
--disable-gpg-test
:
if this parameter is not passed to configure, the test
programs are built during make stage, which requires
GnuPG-2.2.27. This parameter is not needed
if GnuPG-2.2.27 is installed.
is used to obtain GPGME compilation and linking information |
|
outputs GPGME commands in JSON format |
|
is an assuan server exposing GPGME operations, such as printing fingerprints and keyids with keyservers |
|
contains the GPGME API functions |
|
contains the C++ GPGME API functions |
|
contains API functions for handling GPG operations in Qt applications |
Last updated on 2021-02-19 22:13:48 -0800
The Haveged package contains a daemon that generates an unpredictable stream of random numbers and feeds the /dev/random device.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/jirka-h/haveged/archive/v1.9.14/haveged-1.9.14.tar.gz
Download MD5 sum: f756474201bec9a46b41e8712f79468a
Download size: 488 KB
Estimated disk space required: 21 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/haveged
Install Haveged by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install && mkdir -pv /usr/share/doc/haveged-1.9.14 && cp -v README /usr/share/doc/haveged-1.9.14
If you want the Haveged
daemon to start automatically when the system is booted,
install the haveged.service
unit included in the blfs-systemd-units-20210122
package (as the root
user):
make install-haveged
Last updated on 2021-02-19 11:32:42 -0800
iptables is a userspace command line program used to configure the Linux 2.4 and later kernel packet filtering ruleset.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.netfilter.org/projects/iptables/files/iptables-1.8.7.tar.bz2
Download (FTP): ftp://ftp.netfilter.org/pub/iptables/iptables-1.8.7.tar.bz2
Download MD5 sum: 602ba7e937c72fbb7b1c2b71c3b0004b
Download size: 704 KB
Estimated disk space required: 22 MB
Estimated build time: 0.1 SBU
libpcap-1.10.0 (required for nfsypproxy support), bpf-utils (required for Berkeley Packet Filter support), libnfnetlink (required for connlabel support), libnetfilter_conntrack (required for connlabel support), and nftables
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/iptables
A firewall in Linux is accomplished through the netfilter interface. To use iptables to configure netfilter, the following kernel configuration parameters are required:
[*] Networking support ---> [CONFIG_NET]
Networking Options --->
[*] Network packet filtering framework (Netfilter) ---> [CONFIG_NETFILTER]
[*] Advanced netfilter configuration [CONFIG_NETFILTER_ADVANCED]
Core Netfilter Configuration --->
<*/M> Netfilter connection tracking support [CONFIG_NF_CONNTRACK]
<*/M> Netfilter Xtables support (required for ip_tables) [CONFIG_NETFILTER_XTABLES]
<*/M> LOG target support [CONFIG_NETFILTER_XT_TARGET_LOG]
IP: Netfilter Configuration --->
<*/M> IP tables support (required for filtering/masq/NAT) [CONFIG_IP_NF_IPTABLES]
Include any connection tracking protocols that will be used, as well as any protocols that you wish to use for match support under the "Core Netfilter Configuration" section. The above options are enough for running Creating a Personal Firewall With iptables below.
The installation below does not include building some
specialized extension libraries which require the raw
headers in the Linux
source code. If you wish to build the additional extensions
(if you aren't sure, then you probably don't), you can look
at the INSTALL
file to see an
example of how to change the KERNEL_DIR=
parameter to
point at the Linux source
code. Note that if you upgrade the kernel version, you may
also need to recompile iptables and that the BLFS team has
not tested using the raw kernel headers.
Install iptables by running the following commands:
./configure --prefix=/usr \ --sbindir=/sbin \ --disable-nftables \ --enable-libipq \ --with-xtlibdir=/lib/xtables && make
This package does not come with a test suite.
Now, as the root
user:
make install && ln -sfv ../../sbin/xtables-legacy-multi /usr/bin/iptables-xml && for file in ip4tc ip6tc ipq xtables do mv -v /usr/lib/lib${file}.so.* /lib && ln -sfv ../../lib/$(readlink /usr/lib/lib${file}.so) /usr/lib/lib${file}.so done
--disable-nftables
:
This switch disables building nftables compatibility.
--enable-libipq
: This
switch enables building of libipq.so
which can be used by some
packages outside of BLFS.
--with-xtlibdir=/lib/xtables
:
This switch ensures that all iptables modules are installed in the
/lib/xtables
directory.
--enable-nfsynproxy
: This switch
enables installation of nfsynproxy SYNPROXY configuration tool.
ln -sfv ../../sbin/xtables-legacy-multi /usr/bin/iptables-xml: This command ensures that the symbolic link for the iptables-xml command is relative.
In the following example configurations, LAN1 is used for the internal LAN interface, and WAN1 is used for the external interace connected to the Internet. You will need to replace these values with appropriate interface names for your system.
A Personal Firewall is designed to let you access all the services offered on the Internet while keeping your computer secure and your data private.
Below is a slightly modified version of Rusty Russell's recommendation from the Linux 2.4 Packet Filtering HOWTO. It is still applicable to the Linux 5.x kernels.
install -v -dm755 /etc/systemd/scripts
cat > /etc/systemd/scripts/iptables << "EOF"
#!/bin/sh
# Begin /etc/systemd/scripts/iptables
# Insert connection-tracking modules
# (not needed if built into the kernel)
modprobe nf_conntrack
modprobe xt_LOG
# Enable broadcast echo Protection
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
# Disable Source Routed Packets
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
echo 0 > /proc/sys/net/ipv4/conf/default/accept_source_route
# Enable TCP SYN Cookie Protection
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
# Disable ICMP Redirect Acceptance
echo 0 > /proc/sys/net/ipv4/conf/default/accept_redirects
# Do not send Redirect Messages
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
# Drop Spoofed Packets coming in on an interface, where responses
# would result in the reply going out a different interface.
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
# Log packets with impossible addresses.
echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
echo 1 > /proc/sys/net/ipv4/conf/default/log_martians
# be verbose on dynamic ip-addresses (not needed in case of static IP)
echo 2 > /proc/sys/net/ipv4/ip_dynaddr
# disable Explicit Congestion Notification
# too many routers are still ignorant
echo 0 > /proc/sys/net/ipv4/tcp_ecn
# Set a known state
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
# These lines are here in case rules are already in place and the
# script is ever rerun on the fly. We want to remove all rules and
# pre-existing user defined chains before we implement new rules.
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
# Allow local-only connections
iptables -A INPUT -i lo -j ACCEPT
# Free output on any interface to any ip for any service
# (equal to -P ACCEPT)
iptables -A OUTPUT -j ACCEPT
# Permit answers on already established connections
# and permit new connections related to established ones
# (e.g. port mode ftp)
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# Log everything else.
iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT "
# End /etc/systemd/scripts/iptables
EOF
chmod 700 /etc/systemd/scripts/iptables
This script is quite simple, it drops all traffic coming into your computer that wasn't initiated from your computer, but as long as you are simply surfing the Internet you are unlikely to exceed its limits.
If you frequently encounter certain delays at accessing FTP servers, take a look at BusyBox with iptables example number 4.
Even if you have daemons or services running on your system, these will be inaccessible everywhere but from your computer itself. If you want to allow access to services on your machine, such as ssh or ping, take a look at Creating a BusyBox With iptables.
A Network Firewall has two interfaces, one connected to an intranet, in this example LAN1, and one connected to the Internet, here WAN1. To provide the maximum security for the firewall itself, make sure that there are no unnecessary servers running on it such as X11. As a general principle, the firewall itself should not access any untrusted service (think of a remote server giving answers that makes a daemon on your system crash, or even worse, that implements a worm via a buffer-overflow).
install -v -dm755 /etc/systemd/scripts
cat > /etc/systemd/scripts/iptables << "EOF"
#!/bin/sh
# Begin /etc/systemd/scripts/iptables
echo
echo "You're using the example configuration for a setup of a firewall"
echo "from Beyond Linux From Scratch."
echo "This example is far from being complete, it is only meant"
echo "to be a reference."
echo "Firewall security is a complex issue, that exceeds the scope"
echo "of the configuration rules below."
echo "You can find additional information"
echo "about firewalls in Chapter 4 of the BLFS book."
echo "http://www.linuxfromscratch.org/blfs"
echo
# Insert iptables modules (not needed if built into the kernel).
modprobe nf_conntrack
modprobe nf_conntrack_ftp
modprobe xt_conntrack
modprobe xt_LOG
modprobe xt_state
# Enable broadcast echo Protection
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
# Disable Source Routed Packets
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
# Enable TCP SYN Cookie Protection
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
# Disable ICMP Redirect Acceptance
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
# Don't send Redirect Messages
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
# Drop Spoofed Packets coming in on an interface where responses
# would result in the reply going out a different interface.
echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
# Log packets with impossible addresses.
echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
# Be verbose on dynamic ip-addresses (not needed in case of static IP)
echo 2 > /proc/sys/net/ipv4/ip_dynaddr
# Disable Explicit Congestion Notification
# Too many routers are still ignorant
echo 0 > /proc/sys/net/ipv4/tcp_ecn
# Set a known state
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
# These lines are here in case rules are already in place and the
# script is ever rerun on the fly. We want to remove all rules and
# pre-existing user defined chains before we implement new rules.
iptables -F
iptables -X
iptables -Z
iptables -t nat -F
# Allow local connections
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow forwarding if the initiated on the intranet
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD ! -i WAN1 -m conntrack --ctstate NEW -j ACCEPT
# Do masquerading
# (not needed if intranet is not using private ip-addresses)
iptables -t nat -A POSTROUTING -o WAN1 -j MASQUERADE
# Log everything for debugging
# (last of all rules, but before policy rules)
iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT "
iptables -A FORWARD -j LOG --log-prefix "FIREWALL:FORWARD "
iptables -A OUTPUT -j LOG --log-prefix "FIREWALL:OUTPUT "
# Enable IP Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
# The following sections allow inbound packets for specific examples
# Uncomment the example lines and adjust as necessary
# Allow ping on the external interface
#iptables -A INPUT -p icmp -m icmp --icmp-type echo-request -j ACCEPT
#iptables -A OUTPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
# Reject ident packets with TCP reset to avoid delays with FTP or IRC
#iptables -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset
# Allow HTTP and HTTPS to 192.168.0.2
#iptables -A PREROUTING -t nat -i WAN1 -p tcp --dport 80 -j DNAT --to 192.168.0.2
#iptables -A PREROUTING -t nat -i WAN1 -p tcp --dport 443 -j DNAT --to 192.168.0.2
#iptables -A FORWARD -p tcp -d 192.168.0.2 --dport 80 -j ACCEPT
#iptables -A FORWARD -p tcp -d 192.168.0.2 --dport 443 -j ACCEPT
# End /etc/systemd/scripts/iptables
EOF
chmod 700 /etc/systemd/scripts/iptables
With this script your intranet should be reasonably secure against external attacks. No one should be able to setup a new connection to any internal service and, if it's masqueraded, makes your intranet invisible to the Internet. Furthermore, your firewall should be relatively safe because there are no services running that a cracker could attack.
This scenario isn't too different from the Creating a Masquerading Router With iptables, but additionally offers some services to your intranet. Examples of this can be when you want to administer your firewall from another host on your intranet or use it as a proxy or a name server.
Outlining specifically how to protect a server that offers services on the Internet goes far beyond the scope of this document. See the references in the section called “Extra Information” for more information.
Be cautious. Every service you have enabled makes your setup more complex and your firewall less secure. You are exposed to the risks of misconfigured services or running a service with an exploitable bug. A firewall should generally not run any extra services. See the introduction to the Creating a Masquerading Router With iptables for some more details.
If you want to add services such as internal Samba or name servers that do not need to access the Internet themselves, the additional statements are quite simple and should still be acceptable from a security standpoint. Just add the following lines into the script before the logging rules.
iptables -A INPUT -i ! WAN1 -j ACCEPT
iptables -A OUTPUT -o ! WAN1 -j ACCEPT
If daemons, such as squid, have to access the Internet themselves, you could open OUTPUT generally and restrict INPUT.
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j ACCEPT
However, it is generally not advisable to leave OUTPUT unrestricted. You lose any control over trojans who would like to "call home", and a bit of redundancy in case you've (mis-)configured a service so that it broadcasts its existence to the world.
To accomplish this, you should restrict INPUT and OUTPUT on all ports except those that it's absolutely necessary to have open. Which ports you have to open depends on your needs: mostly you will find them by looking for failed accesses in your log files.
Have a Look at the Following Examples:
Squid is caching the web:
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --sport 80 -m conntrack --ctstate ESTABLISHED \
-j ACCEPT
Your caching name server (e.g., named) does its lookups via UDP:
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
You want to be able to ping your computer to ensure it's still alive:
iptables -A INPUT -p icmp -m icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp -m icmp --icmp-type echo-reply -j ACCEPT
If you are frequently accessing FTP servers or enjoy chatting, you might notice delays because some implementations of these daemons query an identd daemon on your system to obtain usernames. Although there's really little harm in this, having an identd running is not recommended because many security experts feel the service gives out too much additional information.
To avoid these delays you could reject the requests with a 'tcp-reset' response:
iptables -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset
To log and drop invalid packets (packets that came in after netfilter's timeout or some types of network scans) insert these rules at the top of the chain:
iptables -I INPUT 0 -p tcp -m conntrack --ctstate INVALID \
-j LOG --log-prefix "FIREWALL:INVALID "
iptables -I INPUT 1 -p tcp -m conntrack --ctstate INVALID -j DROP
Anything coming from the outside should not have a private address, this is a common attack called IP-spoofing:
iptables -A INPUT -i WAN1 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i WAN1 -s 172.16.0.0/12 -j DROP
iptables -A INPUT -i WAN1 -s 192.168.0.0/16 -j DROP
There are other addresses that you may also want to drop: 0.0.0.0/8, 127.0.0.0/8, 224.0.0.0/3 (multicast and experimental), 169.254.0.0/16 (Link Local Networks), and 192.0.2.0/24 (IANA defined test network).
If your firewall is a DHCP client, you need to allow those packets:
iptables -A INPUT -i WAN1 -p udp -s 0.0.0.0 --sport 67 \
-d 255.255.255.255 --dport 68 -j ACCEPT
To simplify debugging and be fair to anyone who'd like to access a service you have disabled, purposely or by mistake, you could REJECT those packets that are dropped.
Obviously this must be done directly after logging as the very last lines before the packets are dropped by policy:
iptables -A INPUT -j REJECT
These are only examples to show you some of the
capabilities of the firewall code in Linux. Have a look at
the man page of iptables. There you will find much more
information. The port numbers needed for this can be found
in /etc/services
, in case you
didn't find them by trial and error in your log file.
To set up the iptables firewall at boot, install the
iptables.service
unit
included in the blfs-systemd-units-20210122
package.
make install-iptables
is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel |
|
is a safer way to update iptables remotely |
|
is used to interact with iptables using the legacy command set |
|
is used to restore a set of legacy iptables rules |
|
is used to save a set of legacy iptables rules |
|
is used to restore IP Tables from data specified on STDIN. Use I/O redirection provided by your shell to read from a file |
|
is used to dump the contents of an IP Table in easily parseable format to STDOUT. Use I/O-redirection provided by your shell to write to a file |
|
is used to convert the output of iptables-save to
an XML format. Using the |
|
are a set of commands for IPV6 that parallel the iptables commands above |
|
(optional) configuration tool. SYNPROXY target makes handling of large SYN floods possible without the large performance penalties imposed by the connection tracking in such cases |
|
is a binary that behaves according to the name it is called by |
Last updated on 2021-02-21 17:43:43 -0800
The purpose of a firewall is to protect a computer or a network against malicious access. In a perfect world every daemon or service, on every machine, is perfectly configured and immune to security flaws, and all users are trusted implicitly to use the equipment as intended. However, this is rarely, if ever, the case. Daemons may be misconfigured, or updates may not have been applied for known exploits against essential services. Additionally, you may wish to choose which services are accessible by certain machines or users, or you may wish to limit which machines or applications are allowed external access. Alternatively, you simply may not trust some of your applications or users. For these reasons, a carefully designed firewall should be an essential part of system security.
While a firewall can greatly limit the scope of the above issues, do not assume that having a firewall makes careful configuration redundant, or that any negligent misconfiguration is harmless. A firewall does not prevent the exploitation of any service you offer outside of it. Despite having a firewall, you need to keep applications and daemons properly configured and up to date.
The word firewall can have several different meanings.
This is a hardware device or software program, intended to secure a home or desktop computer connected to the Internet. This type of firewall is highly relevant for users who do not know how their computers might be accessed via the Internet or how to disable that access, especially if they are always online and connected via broadband links.
An example configuration for a personal firewall is provided at Creating a Personal Firewall With iptables.
This is a system placed between the Internet and an intranet. To minimize the risk of compromising the firewall itself, it should generally have only one role—that of protecting the intranet. Although not completely risk-free, the tasks of doing the routing and IP masquerading (rewriting IP headers of the packets it routes from clients with private IP addresses onto the Internet so that they seem to come from the firewall itself) are commonly considered relatively secure.
An example configuration for a masquerading firewall is provided at Creating a Masquerading Router With iptables.
This is often an old computer you may have retired and nearly forgotten, performing masquerading or routing functions, but offering non-firewall services such as a web-cache or mail. This may be used for home networks, but is not to be considered as secure as a firewall only machine because the combination of server and router/firewall on one machine raises the complexity of the setup.
An example configuration for a BusyBox is provided at Creating a BusyBox With iptables.
This type of firewall performs masquerading or routing, but grants public access to some branch of your network that is physically separated from your regular intranet and is essentially a separate network with direct Internet access. The servers on this network are those which must be easily accessible from both the Internet and intranet. The firewall protects both networks. This type of firewall has a minimum of three network interfaces.
The example configurations provided for iptables-1.8.7 are not intended to be a complete guide to securing systems. Firewalling is a complex issue that requires careful configuration. The configurations provided by BLFS are intended only to give examples of how a firewall works. They are not intended to fit any particular configuration and may not provide complete protection from an attack.
BLFS provides an utility to manage the kernel Netfilter interface, iptables-1.8.7. It has been around since early 2.4 kernels, and has been the standard since. This is likely the set of tools that will be most familiar to existing admins. Other tools have been developped more recently, see the list of further readings below for more details. Here you will find a list of URLs that contain comprehensive information about building firewalls and further securing your system.
www.netfilter.org - Homepage of the netfilter/iptables/nftables projects
Netfilter related FAQ
Netfilter related HOWTO's
nftables HOWTO
en.tldp.org/LDP/nag2/x-087-2-firewall.html
en.tldp.org/HOWTO/Security-HOWTO.html
en.tldp.org/HOWTO/Firewall-HOWTO.html
www.linuxsecurity.com/docs/
www.little-idiot.de/firewall (German & outdated, but very comprehensive)
linux.oreillynet.com/pub/a/linux/2000/03/10/netadmin/ddos.html
staff.washington.edu/dittrich/misc/ddos
www.e-infomax.com/ipmasq
www.circlemud.org/~jelson/writings/security/index.htm
www.securityfocus.com
www.cert.org - tech_tips
security.ittoolbox.com
www.insecure.org/reading.html
Last updated on 2020-03-05 12:54:16 -0800
The libcap package was installed in LFS, but if Linux-PAM support is desired, the PAM module must be built (after installation of Linux-PAM).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-2.48.tar.xz
Download MD5 sum: ca71693a9abe4e0ad9cc33a755ee47e0
Download size: 132 KB
Estimated disk space required: 1.3 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libcap
If you are upgrading libcap from a previous version, use the instructions in LFS libcap page to upgrade libcap. If Linux-PAM-1.5.1 has been built, the PAM module will automatically be built too.
Install libcap by running the following commands:
make -C pam_cap
This package does not come with a test suite.
Now, as the root
user:
install -v -m755 pam_cap/pam_cap.so /lib/security && install -v -m644 pam_cap/capability.conf /etc/security
In order to allow Linux-PAM
to grant privileges based on POSIX capabilites, you need to
add the libcap module to the begining of the /etc/pam.d/system-auth
file. Make the
required edits with the following commands:
mv -v /etc/pam.d/system-auth{,.bak} &&
cat > /etc/pam.d/system-auth << "EOF" &&
# Begin /etc/pam.d/system-auth
auth optional pam_cap.so
EOF
tail -n +3 /etc/pam.d/system-auth.bak >> /etc/pam.d/system-auth
Additonally, you'll need to modify the /etc/security/capability.conf
file to grant
necessary privileges to users, and utilize the setcap utility to set
capabilities on specific utilities as needed. See
man 8 setcap
and man 3
cap_from_text for additional information.
Last updated on 2021-02-21 15:09:04 -0800
The Linux PAM package contains Pluggable Authentication Modules used to enable the local system administrator to choose how applications authenticate users.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/linux-pam/linux-pam/releases/download/v1.5.1/Linux-PAM-1.5.1.tar.xz
Download MD5 sum: 155f2a31d07077b2c63a1f135876c31b
Download size: 952 KB
Estimated disk space required: 37 MB (with tests)
Estimated build time: 0.4 SBU (with tests)
Optional Documentation
Download (HTTP): https://github.com/linux-pam/linux-pam/releases/download/v1.5.1/Linux-PAM-1.5.1-docs.tar.xz
Download MD5 sum: eb03b8191fc886780411054115866ee2
Download size 432 KB
Berkeley DB-5.3.28, libnsl-1.3.0, libtirpc-1.3.1, libaudit, and Prelude
docbook-xml-4.5, docbook-xsl-1.79.2, fop-2.6, libxslt-1.1.34 and either Lynx-2.8.9rel.1 or W3m
Shadow-4.8.1 and Systemd-247 need to be reinstalled after installing and configuring Linux PAM.
With Linux-PAM-1.4.0 and higher, the pam_cracklib module is not installed by default. To enforce strong passwords, it is recommended to use libpwquality-1.4.4.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/linux-pam
If you downloaded the documentation, unpack the tarball by issuing the following command.
tar -xf ../Linux-PAM-1.5.1-docs.tar.xz --strip-components=1
If you instead want to regenerate the documentation, fix the configure script so that it detects lynx if installed:
sed -e 's/dummy elinks/dummy lynx/' \ -e 's/-no-numbering -no-references/-force-html -nonumbers -stdin/' \ -i configure
Install Linux PAM by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --libdir=/usr/lib \ --enable-securedir=/lib/security \ --docdir=/usr/share/doc/Linux-PAM-1.5.1 && make
To test the results, a suitable /etc/pam.d/other
configuration file must
exist.
If you have a system with Linux PAM installed and working,
be careful when modifying the files in /etc/pam.d
, since your system may become
totally unusable. If you want to run the tests, you do not
need to create another /etc/pam.d/other
file. The installed one
can be used for that purpose.
You should also be aware that make install overwrites
the configuration files in /etc/security
as well as /etc/environment
. In case you have
modified those files, be sure to back them up.
For a first installation, create the configuration file by
issuing the following commands as the root
user:
install -v -m755 -d /etc/pam.d &&
cat > /etc/pam.d/other << "EOF"
auth required pam_deny.so
account required pam_deny.so
password required pam_deny.so
session required pam_deny.so
EOF
Now run the tests by issuing make check. Ensure there are no errors produced by the tests before continuing the installation. Note that the checks are quite long. It may be useful to redirect the output to a log file in order to inspect it thoroughly.
Only in case of a first installation, remove the
configuration file created earlier by issuing the following
command as the root
user:
rm -fv /etc/pam.d/other
Now, as the root
user:
make install && chmod -v 4755 /sbin/unix_chkpwd && for file in pam pam_misc pamc do mv -v /usr/lib/lib${file}.so.* /lib && ln -sfv ../../lib/$(readlink /usr/lib/lib${file}.so) /usr/lib/lib${file}.so done
--enable-securedir=/lib/security
:
This switch sets the installation location for the
PAM modules.
--disable-regenerate-docu
: If
the needed dependencies (docbook-xml-4.5, docbook-xsl-1.79.2, libxslt-1.1.34, and Lynx-2.8.9rel.1 or
W3m)
are installed, the manual pages, and the html and text
documentations are (re)generated and installed. Furthermore,
if fop-2.6 is
installed, the PDF documentation is generated and installed.
Use this switch if you do not want to rebuild the
documentation.
chmod -v 4755
/sbin/unix_chkpwd: The unix_chkpwd helper program
must be setuid so that non-root
processes can access the shadow
file.
Configuration information is placed in /etc/pam.d/
. Below is an example file:
# Begin /etc/pam.d/other
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so nullok
# End /etc/pam.d/other
Now set up some generic files. As the root:
user
install -vdm755 /etc/pam.d && cat > /etc/pam.d/system-account << "EOF" &&# Begin /etc/pam.d/system-account account required pam_unix.so # End /etc/pam.d/system-account
EOF cat > /etc/pam.d/system-auth << "EOF" &&# Begin /etc/pam.d/system-auth auth required pam_unix.so # End /etc/pam.d/system-auth
EOF cat > /etc/pam.d/system-session << "EOF"# Begin /etc/pam.d/system-session session required pam_unix.so # End /etc/pam.d/system-session
EOF cat > /etc/pam.d/system-password << "EOF"# Begin /etc/pam.d/system-password # use sha512 hash for encryption, use shadow, and try to use any previously # defined authentication token (chosen password) set by any prior module password required pam_unix.so sha512 shadow try_first_pass # End /etc/pam.d/system-password
EOF
If you wish to enable strong password support, install libpwquality-1.4.4, and follow the instructions in that page to configure the pam_pwquality PAM module with strong password support.
Now add a restrictive /etc/pam.d/other
configuration file. With
this file, programs that are PAM aware will not run unless
a configuration file specifically for that application is
created.
cat > /etc/pam.d/other << "EOF"
# Begin /etc/pam.d/other
auth required pam_warn.so
auth required pam_deny.so
account required pam_warn.so
account required pam_deny.so
password required pam_warn.so
password required pam_deny.so
session required pam_warn.so
session required pam_deny.so
# End /etc/pam.d/other
EOF
The PAM man page (man pam) provides a good starting point for descriptions of fields and allowable entries. The Linux-PAM System Administrators' Guide is recommended for additional information.
You should now reinstall the Shadow-4.8.1 and Systemd-247 packages.
displays and modifies the authentication failure record files |
|
is a helper binary that creates home directories |
|
is a helper program used to configure a private namespace for a user session |
|
is a helper program that transfers password hashes from passwd or shadow to opasswd |
|
is used to check if the default timestamp is valid |
|
is a helper binary that verifies the password of the current user |
|
is a helper binary that updates the password of a given user |
|
provides the interfaces between applications and the PAM modules |
Last updated on 2021-02-19 22:13:48 -0800
liboauth is a collection of POSIX-C functions implementing the OAuth Core RFC 5849 standard. Liboauth provides functions to escape and encode parameters according to OAuth specification and offers high-level functionality to sign requests or verify OAuth signatures as well as perform HTTP requests.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/liboauth/liboauth-1.0.3.tar.gz
Download MD5 sum: 689b46c2b3ab1a39735ac33f714c4f7f
Download size: 496 KB
Estimated disk space required: 3.5 MB
Estimated build time: less than 0.1 SBU
Required patch for use with openssl: http://www.linuxfromscratch.org/patches/blfs/10.1/liboauth-1.0.3-openssl-1.1.0-3.patch
NSS-3.61 and Doxygen-1.9.1 (to build documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/liboauth
Apply a patch for the current version of openssl:
patch -Np1 -i ../liboauth-1.0.3-openssl-1.1.0-3.patch
Install liboauth by running the following commands:
./configure --prefix=/usr --disable-static && make
If you wish to build the documentation (needs Doxygen-1.9.1), issue:
make dox
To test the results, issue: make check.
Now, as the root
user:
make install
If you have previously built the documentation, install it by
running the following commands as the root
user:
install -v -dm755 /usr/share/doc/liboauth-1.0.3 && cp -rv doc/html/* /usr/share/doc/liboauth-1.0.3
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-nss
: Use this switch if
you want to use Mozilla NSS instead of OpenSSL.
Last updated on 2021-02-21 17:43:43 -0800
The libpwquality package provides common functions for password quality checking and also scoring them based on their apparent randomness. The library also provides a function for generating random passwords with good pronounceability.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libpwquality/libpwquality/releases/download/libpwquality-1.4.4/libpwquality-1.4.4.tar.bz2
Download MD5 sum: 1fe43f6641dbf1e1766e2a02cf68a9c3
Download size: 420 KB
Estimated disk space required: 4.1 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libpwquality
Install libpwquality by running the following commands:
./configure --prefix=/usr \ --disable-static \ --with-securedir=/lib/security \ --with-python-binary=python3 && make
This package does not come with a test suite.
Now, as the root
user:
make install && mv -v /usr/lib/libpwquality.so.* /lib && ln -sfv ../../lib/$(readlink /usr/lib/libpwquality.so) /usr/lib/libpwquality.so
--with-python-binary=python3
:
This parameter gives the location of the Python binary. The default is python
, and requires Python-2.7.18.
libpwquality is intended to
be a functional replacement for the now-obsolete pam_cracklib.so
PAM module. To configure
the system to use the pam_pwquality
module, execute the following
commands as the root
user:
mv /etc/pam.d/system-password{,.orig} &&
cat > /etc/pam.d/system-password << "EOF"
# Begin /etc/pam.d/system-password
# check new passwords for strength (man pam_pwquality)
password required pam_pwquality.so authtok_type=UNIX retry=1 difok=1 \
minlen=8 dcredit=0 ucredit=0 \
lcredit=0 ocredit=0 minclass=1 \
maxrepeat=0 maxsequence=0 \
maxclassrepeat=0 geoscheck=0 \
dictcheck=1 usercheck=1 \
enforcing=1 badwords="" \
dictpath=/lib/cracklib/pw_dict
# use sha512 hash for encryption, use shadow, and use the
# authentication token (chosen password) set by pam_pwquality
# above (or any previous modules)
password required pam_unix.so sha512 shadow use_authtok
# End /etc/pam.d/system-password
EOF
Last updated on 2015-09-25 08:48:24 -0500
MIT Kerberos V5 is a free implementation of Kerberos 5. Kerberos is a network authentication protocol. It centralizes the authentication database and uses kerberized applications to work with servers or services that support Kerberos allowing single logins and encrypted communication over internal networks or the Internet.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://kerberos.org/dist/krb5/1.19/krb5-1.19.1.tar.gz
Download MD5 sum: 81257292f8243f735654d4fd5d1fef6a
Download size: 8.3 MB
Estimated disk space required: 138 MB (add 24 MB for tests)
Estimated build time: 0.8 SBU (add 1.4 SBU for tests)
BIND Utilities-9.16.11, GnuPG-2.2.27 (to authenticate the package), keyutils-1.6.1, OpenLDAP-2.4.57, Valgrind-3.16.1 (used during the testsuite), yasm-1.3.0, libedit, cmocka, pyrad, and resolv_wrapper
Some sort of time synchronization facility on your system (like ntp-4.2.8p15) is required since Kerberos won't authenticate if there is a time difference between a kerberized client and the KDC server.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/mitkrb
Build MIT Kerberos V5 by running the following commands:
cd src && sed -i -e 's@\^u}@^u cols 300}@' tests/dejagnu/config/default.exp && sed -i -e '/eq 0/{N;s/12 //}' plugins/kdb/db2/libdb2/test/run.test && sed -i '/t_iprop.py/d' tests/Makefile.in && ./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var/lib \ --runstatedir=/run \ --with-system-et \ --with-system-ss \ --with-system-verto=no \ --enable-dns-for-realm && make
To test the build, issue as the root
user: make -k -j1 check. If you
have a former version of MIT Kerberos V5 installed, it may
happen that the test suite may pick up the installed versions
of the libraries, rather than the newly built ones. If so, it
is better to run the tests after the installation.
Now, as the root
user:
make install && for f in gssapi_krb5 gssrpc k5crypto kadm5clnt kadm5srv \ kdb5 kdb_ldap krad krb5 krb5support verto ; do find /usr/lib -type f -name "lib$f*.so*" -exec chmod -v 755 {} \; done && mv -v /usr/lib/libkrb5.so.3* /lib && mv -v /usr/lib/libk5crypto.so.3* /lib && mv -v /usr/lib/libkrb5support.so.0* /lib && ln -v -sf ../../lib/libkrb5.so.3.3 /usr/lib/libkrb5.so && ln -v -sf ../../lib/libk5crypto.so.3.1 /usr/lib/libk5crypto.so && ln -v -sf ../../lib/libkrb5support.so.0.1 /usr/lib/libkrb5support.so && mv -v /usr/bin/ksu /bin && chmod -v 755 /bin/ksu && install -v -dm755 /usr/share/doc/krb5-1.19.1 && cp -vfr ../doc/* /usr/share/doc/krb5-1.19.1
The first sed increases the width of the virtual terminal used for some tests to prevent some spurious text in the output which is taken as a failure. The second sed removes a test that is known to fail. The third sed removes a test that is known to hang.
--localstatedir=/var/lib
: This
option is used so that the Kerberos variable runtime data is
located in /var/lib
instead of
/usr/var
.
--runstatedir=/run
:
This option is used so that the Kerberos runtime state
information is located in /run
instead of the deprecated /var/run
.
--with-system-et
:
This switch causes the build to use the system-installed
versions of the error-table support software.
--with-system-ss
:
This switch causes the build to use the system-installed
versions of the subsystem command-line interface software.
--with-system-verto=no
: This
switch fixes a bug in the package: it does not recognize its
own verto library installed previously. This is not a
problem, if reinstalling the same version, but if you are
updating, the old library is used as system's one, instead of
installing the new version.
--enable-dns-for-realm
: This
switch allows realms to be resolved using the DNS server.
--with-ldap
: Use this switch if
you want to compile the OpenLDAP database backend module.
mv -v /usr/lib/libk...
/lib and ln -v
-sf ../../lib/libk... /usr/lib/libk...: Move
critical libraries to the /lib
directory so that they are available when the /usr
filesystem is not mounted.
find /usr/lib -type f -name "lib$f*.so*" -exec chmod -v 755 {} \;: This command changes the permisison of installed libraries.
mv -v /usr/bin/ksu
/bin: Moves the ksu program to the
/bin
directory so that it is
available when the /usr
filesystem is not mounted.
You should consider installing some sort of password
checking dictionary so that you can configure the
installation to only accept strong passwords. A
suitable dictionary to use is shown in the CrackLib-2.9.7 instructions. Note
that only one file can be used, but you can concatenate
many files into one. The configuration file shown below
assumes you have installed a dictionary to /usr/share/dict/words
.
Create the Kerberos configuration file with the following
commands issued by the root
user:
cat > /etc/krb5.conf << "EOF"
# Begin /etc/krb5.conf
[libdefaults]
default_realm = <EXAMPLE.ORG>
encrypt = true
[realms]
<EXAMPLE.ORG>
= {
kdc = <belgarath.example.org>
admin_server = <belgarath.example.org>
dict_file = /usr/share/dict/words
}
[domain_realm]
.<example.org>
= <EXAMPLE.ORG>
[logging]
kdc = SYSLOG:INFO:AUTH
admin_server = SYSLOG:INFO:AUTH
default = SYSLOG:DEBUG:DAEMON
# End /etc/krb5.conf
EOF
You will need to substitute your domain and proper
hostname for the occurrences of the <belgarath>
and
<example.org>
names.
default_realm
should be the
name of your domain changed to ALL CAPS. This isn't
required, but both Heimdal and MIT recommend it.
encrypt = true
provides
encryption of all traffic between kerberized clients and
servers. It's not necessary and can be left off. If you
leave it off, you can encrypt all traffic from the client
to the server using a switch on the client program
instead.
The [realms]
parameters tell
the client programs where to look for the KDC
authentication services.
The [domain_realm]
section
maps a domain to a realm.
Create the KDC database:
kdb5_util create -r <EXAMPLE.ORG>
-s
Now you should populate the database with principals
(users). For now, just use your regular login name or
root
.
kadmin.localkadmin.local:
add_policy dict-onlykadmin.local:
addprinc -policy dict-only<loginname>
The KDC server and any machine running kerberized server daemons must have a host key installed:
kadmin.local:
addprinc -randkey host/<belgarath.example.org>
After choosing the defaults when prompted, you will have to export the data to a keytab file:
kadmin.local:
ktadd host/<belgarath.example.org>
This should have created a file in /etc
named krb5.keytab
(Kerberos 5). This file
should have 600 (root
rw
only) permissions. Keeping the keytab files from public
access is crucial to the overall security of the Kerberos
installation.
Exit the kadmin program (use quit or exit) and return back to the shell prompt. Start the KDC daemon manually, just to test out the installation:
/usr/sbin/krb5kdc
Attempt to get a ticket with the following command:
kinit <loginname>
You will be prompted for the password you created. After you get your ticket, you can list it with the following command:
klist
Information about the ticket should be displayed on the screen.
To test the functionality of the keytab file, issue the
following command as the root
user:
ktutilktutil:
rkt /etc/krb5.keytabktutil:
l
This should dump a list of the host principal, along with the encryption methods used to access the principal.
Create an empty ACL file that can be modified later:
touch /var/lib/krb5kdc/kadm5.acl
At this point, if everything has been successful so far, you can feel fairly confident in the installation and configuration of the package.
For additional information consult the documentation for krb5-1.19.1 on which the above instructions are based.
If you want to start Kerberos services at boot, install the
krb5.service
unit included in
the blfs-systemd-units-20210122
package using the following command:
make install-krb5
is a GSSAPI test client |
|
is a GSSAPI test server |
|
is a host keytable manipulation utility |
|
is an utility used to make modifications to the Kerberos database |
|
is an utility similar to kadmin, but if the database is db2, the local client kadmin.local, is intended to run directly on the master KDC without Kerberos authentication |
|
is a server for administrative access to a Kerberos database |
|
allows an administrator to manage realms, Kerberos services and ticket policies |
|
is the KDC database utility |
|
removes the current set of tickets |
|
is used to authenticate to the Kerberos server as a principal and acquire a ticket granting ticket that can later be used to obtain tickets for other services |
|
reads and displays the current tickets in the credential cache |
|
is a program for changing Kerberos 5 passwords |
|
takes a principal database in a specified format and converts it into a stream of database records |
|
receives a database sent by kprop and writes it as a local database |
|
displays the contents of the KDC database update log to standard output |
|
gives information on how to link programs against libraries |
|
is the Kerberos 5 server |
|
sends a problem report (PR) to a central support site |
|
is the super user program using Kerberos protocol.
Requires a properly configured |
|
makes the specified credential cache the primary cache for the collection, if a cache collection is available |
|
is a program for managing Kerberos keytabs |
|
prints keyversion numbers of Kerberos principals |
|
is used to contact a sample server and authenticate to it using Kerberos 5 tickets, then display the server's response |
|
is a simple UDP-based sample client program, for demonstration |
|
is a simple UDP-based server application, for demonstration |
|
is the sample Kerberos 5 server |
|
is another sample client |
|
is another sample server |
|
contains the Generic Security Service Application Programming Interface (GSSAPI) functions which provides security services to callers in a generic fashion, supportable with a range of underlying mechanisms and technologies and hence allowing source-level portability of applications to different environments |
|
contains the administrative authentication and password checking functions required by Kerberos 5 client-side programs |
|
contains the administrative authentication and password checking functions required by Kerberos 5 servers |
|
is a Kerberos 5 authentication/authorization database access library |
|
contains the internal support library for RADIUS functionality |
|
is an all-purpose Kerberos 5 library |
Last updated on 2021-02-21 15:39:51 -0800
The Nettle package contains a low-level cryptographic library that is designed to fit easily in many contexts.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/nettle/nettle-3.7.1.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/nettle/nettle-3.7.1.tar.gz
Download MD5 sum: 4d23a99df650ee88511653fb9acea3f0
Download size: 2.3 MB
Estimated disk space required: 89 MB (with tests)
Estimated build time: 0.4 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nettle
Install Nettle by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install && chmod -v 755 /usr/lib/lib{hogweed,nettle}.so && install -v -m755 -d /usr/share/doc/nettle-3.7.1 && install -v -m644 nettle.html /usr/share/doc/nettle-3.7.1
--disable-static
:
This switch prevents installation of static versions of the
libraries.
calculates a hash value using a specified algorithm |
|
outputs a sequence of pseudorandom (non-cryptographic) bytes, using Knuth's lagged fibonacci generator. The stream is useful for testing, but should not be used to generate cryptographic keys or anything else that needs real randomness |
|
password-based key derivation function that take as input a password or passphrase and typically strengthen it and protect against certain pre-computation attacks by using salting and expensive computation |
|
converts private and public RSA keys from PKCS #1 format to sexp format |
|
converts an s-expression to a different encoding |
Last updated on 2021-02-19 22:13:48 -0800
The Network Security Services (NSS) package is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. This is useful for implementing SSL and S/MIME or other Internet security standards into an application.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.mozilla.org/pub/security/nss/releases/NSS_3_61_RTM/src/nss-3.61.tar.gz
Download MD5 sum: e07573e1c0e1e5bef7c05075f8dfa46d
Download size: 79 MB
Estimated disk space required: 304 MB (add 96 MB for tests)
Estimated build time: 8.1 SBU (add 20 SBU for tests)
SQLite-3.34.1 and p11-kit-0.23.22 (runtime)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nss
This package does not support parallel build.
Install NSS by running the following commands:
patch -Np1 -i ../nss-3.61-standalone-1.patch && cd nss && make -j1 BUILD_OPT=1 \ NSPR_INCLUDE_DIR=/usr/include/nspr \ USE_SYSTEM_ZLIB=1 \ ZLIB_LIBS=-lz \ NSS_ENABLE_WERROR=0 \ $([ $(uname -m) = x86_64 ] && echo USE_64=1) \ $([ -f /usr/include/sqlite3.h ] && echo NSS_USE_SYSTEM_SQLITE=1)
To run the tests, execute the following commands (5 tests are known to fail):
cd tests && HOST=localhost DOMSUF=localdomain ./all.sh && cd ../
Now, as the root
user:
cd ../dist && install -v -m755 Linux*/lib/*.so /usr/lib && install -v -m644 Linux*/lib/{*.chk,libcrmf.a} /usr/lib && install -v -m755 -d /usr/include/nss && cp -v -RL {public,private}/nss/* /usr/include/nss && chmod -v 644 /usr/include/nss/* && install -v -m755 Linux*/bin/{certutil,nss-config,pk12util} /usr/bin && install -v -m644 Linux*/lib/pkgconfig/nss.pc /usr/lib/pkgconfig
BUILD_OPT=1
: This
option is passed to make so that the build is
performed with no debugging symbols built into the binaries
and the default compiler optimizations are used.
NSPR_INCLUDE_DIR=/usr/include/nspr
:
This option sets the location of the nspr headers.
USE_SYSTEM_ZLIB=1
:
This option is passed to make to ensure that the
libssl3.so
library is linked to
the system installed zlib
instead of the in-tree version.
ZLIB_LIBS=-lz
: This
option provides the linker flags needed to link to the system
zlib.
$([ $(uname -m) = x86_64 ]
&& echo USE_64=1): The USE_64=1
option is required on x86_64, otherwise
make will try
(and fail) to create 32-bit objects. The [ $(uname -m) =
x86_64 ] test ensures it has no effect on a 32 bit system.
([ -f /usr/include/sqlite3.h ]
&& echo NSS_USE_SYSTEM_SQLITE=1):
This tests if sqlite is
installed and if so it echos the option
NSS_USE_SYSTEM_SQLITE=1 to make so that libsoftokn3.so
will link against the system
version of sqlite.
NSS_DISABLE_GTESTS=1
: If you
don't need to run NSS test suite, append this option to
make command,
to prevent the compilation of tests and save some build time.
If p11-kit-0.23.22 is installed, the
p11-kit trust module
(/usr/lib/pkcs11/p11-kit-trust.so
) can be
used as a drop-in replacement for /usr/lib/libnssckbi.so
to transparently
make the system CAs available to NSS aware applications, rather than the
static list provided by /usr/lib/libnssckbi.so
. As the root
user, execute the following
commands:
ln -sfv ./pkcs11/p11-kit-trust.so /usr/lib/libnssckbi.so
Additionally, for dependent applications that do not use the
internal database (/usr/lib/libnssckbi.so
), the /usr/sbin/make-ca
script, included on the
make-ca-1.7 page can generate a system wide
NSS DB with the -n
switch, or by modifying the /etc/make-ca.conf
file.
is the Mozilla Certificate Database Tool. It is a command-line utility that can create and modify the Netscape Communicator cert8.db and key3.db database files. It can also list, generate, modify, or delete certificates within the cert8.db file and create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key3.db file |
|
is used to determine the NSS library settings of the installed NSS libraries |
|
is a tool for importing certificates and keys from pkcs #12 files into NSS or exporting them. It can also list certificates and keys in such files |
Last updated on 2021-02-19 22:13:48 -0800
The OpenSSH package contains ssh clients and the sshd daemon. This is useful for encrypting authentication and subsequent traffic over a network. The ssh and scp commands are secure implementations of telnet and rcp respectively.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
Download MD5 sum: 8f897870404c088e4aa7d1c1c58b526b
Download size: 1.7 MB
Estimated disk space required: 48 MB (add 17 MB for tests)
Estimated build time: 0.2 SBU (Using parallelism=4; running the tests takes 20+ minutes, irrespective of processor speed)
GDB-10.1 (for tests), Linux-PAM-1.5.1, X Window System, MIT Kerberos V5-1.19.1, libedit, LibreSSL Portable, OpenSC, and libsectok
OpenJDK-15.0.2, Net-tools-CVS_20101030, and Sysstat-12.5.3
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/OpenSSH
OpenSSH runs as two
processes when connecting to other computers. The first
process is a privileged process and controls the issuance of
privileges as necessary. The second process communicates with
the network. Additional installation steps are necessary to
set up the proper environment, which are performed by issuing
the following commands as the root
user:
install -v -m700 -d /var/lib/sshd && chown -v root:sys /var/lib/sshd && groupadd -g 50 sshd && useradd -c 'sshd PrivSep' \ -d /var/lib/sshd \ -g sshd \ -s /bin/false \ -u 50 sshd
First, adapt ssh-copy-id to changes in bash-5.1:
sed -e '/INSTALLKEYS_SH/s/)//' -e '260a\ )' -i contrib/ssh-copy-id
Install OpenSSH by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc/ssh \ --with-md5-passwords \ --with-privsep-path=/var/lib/sshd && make
The testsuite requires an installed copy of scp to complete the
multiplexing tests. To run the test suite, first copy the
scp program to
/usr/bin
, making sure that you
backup any existing copy first.
To test the results, issue: make -j1 tests.
Now, as the root
user:
make install && install -v -m755 contrib/ssh-copy-id /usr/bin && install -v -m644 contrib/ssh-copy-id.1 \ /usr/share/man/man1 && install -v -m755 -d /usr/share/doc/openssh-8.4p1 && install -v -m644 INSTALL LICENCE OVERVIEW README* \ /usr/share/doc/openssh-8.4p1
--sysconfdir=/etc/ssh
: This
prevents the configuration files from being installed in
/usr/etc
.
--with-md5-passwords
:
This enables the use of MD5 passwords.
--with-pam
: This parameter
enables Linux-PAM support in
the build.
--with-xauth=/usr/bin/xauth
: Set
the default location for the xauth binary for X
authentication. Change the location if xauth will be installed to
a different path. This can also be controlled from
sshd_config
with the
XAuthLocation keyword. You can omit this switch if
Xorg is already installed.
--with-kerberos5=/usr
: This
option is used to include Kerberos 5 support in the build.
--with-libedit
: This option
enables line editing and history features for sftp.
~/.ssh/*
, /etc/ssh/ssh_config
, and /etc/ssh/sshd_config
There are no required changes to any of these files.
However, you may wish to view the /etc/ssh/
files and make any changes
appropriate for the security of your system. One
recommended change is that you disable root
login via ssh. Execute the
following command as the root
user to disable root
login via ssh:
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
If you want to be able to log in without typing in your password, first create ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub with ssh-keygen and then copy ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys on the remote computer that you want to log into. You'll need to change REMOTE_USERNAME and REMOTE_HOSTNAME for the username and hostname of the remote computer and you'll also need to enter your password for the ssh-copy-id command to succeed:
ssh-keygen && ssh-copy-id -i ~/.ssh/id_rsa.pubREMOTE_USERNAME
@REMOTE_HOSTNAME
Once you've got passwordless logins working it's actually
more secure than logging in with a password (as the private
key is much longer than most people's passwords). If you
would like to now disable password logins, as the
root
user:
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config && echo "ChallengeResponseAuthentication no" >> /etc/ssh/sshd_config
If you added Linux-PAM
support and you want ssh to use it then you will need to
add a configuration file for sshd and enable use of LinuxPAM. Note, ssh only uses PAM to
check passwords, if you've disabled password logins these
commands are not needed. If you want to use PAM, issue the
following commands as the root
user:
sed 's@d/login@d/sshd@g' /etc/pam.d/login > /etc/pam.d/sshd && chmod 644 /etc/pam.d/sshd && echo "UsePAM yes" >> /etc/ssh/sshd_config
Additional configuration information can be found in the man pages for sshd, ssh and ssh-agent.
To start the SSH server at system boot, install the
sshd.service
unit included in
the blfs-systemd-units-20210122
package.
make install-sshd
is a file copy program that acts like rcp except it uses an encrypted protocol |
|
is an FTP-like program that works over the SSH1 and SSH2 protocols |
|
is a symlink to ssh |
|
is an rlogin/rsh-like client program except it uses an encrypted protocol |
|
is a daemon that listens for ssh login requests |
|
is a tool which adds keys to the ssh-agent |
|
is an authentication agent that can store private keys |
|
is a script that enables logins on remote machine using local keys |
|
is a key generation tool |
|
is a utility for gathering public host keys from a number of hosts |
Last updated on 2021-02-19 11:32:42 -0800
The p11-kit package provides a way to load and enumerate PKCS #11 (a Cryptographic Token Interface Standard) modules.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/p11-glue/p11-kit/releases/download/0.23.22/p11-kit-0.23.22.tar.xz
Download MD5 sum: 03f93a4eb62127b5d40e345c624a0665
Download size: 812 KB
Estimated disk space required: 47 MB (add 169 MB for tests)
Estimated build time: 0.2 SBU (add 0.6 SBU for tests)
libtasn1-4.16.0 and make-ca-1.7 (runtime)
GTK-Doc-1.33.2, libxslt-1.1.34, and NSS-3.61 (runtime)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/p11-kit
Prepare the distribution specific anchor hook:
sed '20,$ d' -i trust/trust-extract-compat &&
cat >> trust/trust-extract-compat << "EOF"
# Copy existing anchor modifications to /etc/ssl/local
/usr/libexec/make-ca/copy-trust-modifications
# Generate a new trust store
/usr/sbin/make-ca -f -g
EOF
Install p11-kit by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --with-trust-paths=/etc/pki/anchors && make
To test the results, issue: make check. Many tests will
fail if the test suite is run as the root
user.
Now, as the root
user:
make install && ln -sfv /usr/libexec/p11-kit/trust-extract-compat \ /usr/bin/update-ca-certificates
--with-trust-paths=/etc/pki/anchors
:
this switch sets the location of trusted certificates used by
libp11-kit.so.
--with-hash-impl=freebl
: Use this
switch if you want to use the Freebl library from
NSS for SHA1 and MD5
hashing.
--enable-doc
: Use this switch if
you have installed GTK-Doc-1.33.2 and libxslt-1.1.34 and wish
to rebuild the documentation and generate manual pages.
The p11-kit trust module
(/usr/lib/pkcs11/p11-kit-trust.so
) can be
used as a drop-in replacement for /usr/lib/libnssckbi.so
to transparently
make the system CAs available to NSS aware applications, rather than the
static list provided by /usr/lib/libnssckbi.so
. As the root
user, execute the following
commands:
ln -sfv ./pkcs11/p11-kit-trust.so /usr/lib/libnssckbi.so
is a command line tool that can be used to perform operations on PKCS#11 modules configured on the system |
|
is a command line tool to examine and modify the shared trust policy store |
|
is a command line tool to both extract local
certificates from an updated anchor store, and
regenerate all anchors and certificate stores on
the system. This is done unconditionally on BLFS
using the |
|
contains functions used to coordinate initialization and finalization of any PKCS#11 module |
|
is the PKCS#11 proxy module |
Last updated on 2021-02-19 22:13:48 -0800
Polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to communicate with privileged processes.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/polkit/releases/polkit-0.118.tar.gz
Download MD5 sum: ae3f2a742740069922589ad20ffd54d2
Download size: 1.5 MB
Estimated disk space required: 17 MB (add 2 MB for tests)
Estimated build time: 0.1 SBU (Using parallelism=4; add 0.3 SBU for tests)
Since systemd-logind uses PAM to register user sessions, it is a good idea to build Polkit with PAM support so systemd-logind can track Polkit sessions.
D-Bus Python-1.2.16 and dbusmock-0.22.0 (for tests), docbook-xml-4.5, docbook-xsl-1.79.2, GTK-Doc-1.33.2, and libxslt-1.1.34
One polkit authentication agent for using polkit in the graphical environment: polkit-kde-agent in Plasma-5.21.1 for KDE, the agent built in gnome-shell-3.38.3 for GNOME3, polkit-gnome-0.105 for XFCE, and lxpolkit in LXSession-0.5.5 for LXDE.
If libxslt-1.1.34 is installed, then
docbook-xml-4.5 and docbook-xsl-1.79.2 are
required. If you have installed libxslt-1.1.34, but
you do not want to install any of the DocBook packages
mentioned, you will need to use --disable-man-pages
in the instructions
below.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/polkit
There should be a dedicated user and group to take control of
the polkitd
daemon after it is started. Issue the following commands as
the root
user:
groupadd -fg 27 polkitd && useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \ -g polkitd -s /bin/false polkitd
When building Polkit with systemd logind support, the configure script explicitly checks if system is booted using systemd. This can cause problems if building the package in chroot, where the configure would fail to detect systemd. To workaround the problem, simply run the following command:
sed -i "s:/sys/fs/cgroup/systemd/:/sys:g" configure
Install Polkit by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --disable-static \ --with-os-type=LFS && make
To test the results, first ensure that the system D-Bus daemon is running. Then run make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-authfw=shadow
: This switch
enables the package to use the Shadow rather than the Linux PAM Authentication framework. Use
it if you have not installed Linux
PAM.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
If you did not build Polkit with Linux PAM support, you can skip this section.
If you have built Polkit
with Linux PAM support,
you need to modify the default PAM configuration file which
was installed by default to get Polkit to work correctly with BLFS.
Issue the following commands as the root
user to create the configuration
file for Linux PAM:
cat > /etc/pam.d/polkit-1 << "EOF"
# Begin /etc/pam.d/polkit-1
auth include system-auth
account include system-account
password include system-password
session include system-session
# End /etc/pam.d/polkit-1
EOF
is used to obtain information about registered PolicyKit actions |
|
is used to check whether a process is authorized for action |
|
is an example program to test the pkexec command |
|
allows an authorized user to execute a command as another user |
|
is used to start a textual authentication agent for the subject |
|
provides the org.freedesktop.PolicyKit1 D-Bus service on the system message bus |
|
contains the Polkit authentication agent API functions |
|
contains the Polkit authorization API functions |
Last updated on 2021-02-20 17:41:49 -0800
The Polkit GNOME package provides an Authentication Agent for Polkit that integrates well with the GNOME Desktop environment.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/polkit-gnome/0.105/polkit-gnome-0.105.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/polkit-gnome/0.105/polkit-gnome-0.105.tar.xz
Download MD5 sum: 50ecad37c8342fb4a52f590db7530621
Download size: 305 KB
Estimated disk space required: 5.0 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/polkit-gnome
Install Polkit GNOME by running the following commands:
./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
For the authentification framework to work, polkit-gnome-authentification-agent-1 needs to be started. However, make install did not install a startup file for the Polkit GNOME so you have to create it by yourself.
Issue the following commands as the root
user to create a startup file for
Polkit GNOME:
mkdir -p /etc/xdg/autostart &&
cat > /etc/xdg/autostart/polkit-gnome-authentication-agent-1.desktop << "EOF"
[Desktop Entry]
Name=PolicyKit Authentication Agent
Comment=PolicyKit Authentication Agent
Exec=/usr/libexec/polkit-gnome-authentication-agent-1
Terminal=false
Type=Application
Categories=
NoDisplay=true
OnlyShowIn=GNOME;XFCE;Unity;
AutostartCondition=GNOME3 unless-session gnome
EOF
Last updated on 2021-02-21 17:43:43 -0800
Shadow was indeed installed in LFS and there is no reason to reinstall it unless you installed CrackLib or Linux-PAM after your LFS system was completed. If you have installed CrackLib after LFS, then reinstalling Shadow will enable strong password support. If you have installed Linux-PAM, reinstalling Shadow will allow programs such as login and su to utilize PAM.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/shadow-maint/shadow/releases/download/4.8.1/shadow-4.8.1.tar.xz
Download MD5 sum: 4b05eff8a427cf50e615bda324b5bc45
Download size: 1.5 MB
Estimated disk space required: 33 MB
Estimated build time: 0.2 SBU
Linux-PAM-1.5.1 or CrackLib-2.9.7
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/shadow
The installation commands shown below are for installations where Linux-PAM has been installed and Shadow is being reinstalled to support the Linux-PAM installation.
If you are reinstalling Shadow to provide strong password
support using the CrackLib
library without using Linux-PAM, ensure you add the
--with-libcrack
parameter to the configure script below
and also issue the following command:
sed -i 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' etc/login.defs
Reinstall Shadow by running the following commands:
sed -i 's/groups$(EXEEXT) //' src/Makefile.in && find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \; && find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \; && find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \; && sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \ -e 's@/var/spool/mail@/var/mail@' \ -i etc/login.defs && sed -i 's/1000/999/' etc/useradd && ./configure --sysconfdir=/etc --with-group-name-max-length=32 && make
This package does not come with a test suite.
Now, as the root
user:
make install
sed -i 's/groups$(EXEEXT) //' src/Makefile.in: This sed is used to suppress the installation of the groups program as the version from the Coreutils package installed during LFS is preferred.
find man -name Makefile.in -exec ... {} \;: This command is used to suppress the installation of the groups man pages so the existing ones installed from the Coreutils package are not replaced.
sed -e 's@#ENCRYPT_METHOD
DES@ENCRYPT_METHOD SHA512@' -e 's@/var/spool/mail@/var/mail@'
-i etc/login.defs: Instead of using the
default 'DES' method, this command modifies the installation
to use the more secure 'SHA512' method of hashing passwords,
which also allows passwords longer than eight characters. It
also changes the obsolete /var/spool/mail
location for user mailboxes
that Shadow uses by default
to the /var/mail
location.
sed -i 's/1000/999/' etc/useradd: Make a minor change to make the default useradd consistent with the LFS groups file.
--with-group-name-max-length=32
:
The maximum user name is 32 characters. Make the maximum
group name the same.
Shadow's stock configuration
for the useradd
utility may not be desirable for your installation. One
default parameter causes useradd to create a mailbox
file for any newly created user. useradd will make the group
ownership of this file to the mail
group with 0660 permissions. If you
would prefer that these mailbox files are not created by
useradd, issue
the following command as the root
user:
sed -i 's/yes/no/' /etc/default/useradd
The rest of this page is devoted to configuring Shadow to work properly with Linux-PAM. If you do not have Linux-PAM installed, and you reinstalled Shadow to support strong passwords via the CrackLib library, no further configuration is required.
Configuring your system to use Linux-PAM can be a complex task. The information below will provide a basic setup so that Shadow's login and password functionality will work effectively with Linux-PAM. Review the information and links on the Linux-PAM-1.5.1 page for further configuration information. For information specific to integrating Shadow, Linux-PAM and libpwquality, you can visit the following link:
The login
program currently performs many functions which
Linux-PAM modules should
now handle. The following sed command will
comment out the appropriate lines in /etc/login.defs
, and stop login from performing
these functions (a backup file named /etc/login.defs.orig
is also created to
preserve the original file's contents). Issue the
following commands as the root
user:
install -v -m644 /etc/login.defs /etc/login.defs.orig && for FUNCTION in FAIL_DELAY \ FAILLOG_ENAB \ LASTLOG_ENAB \ MAIL_CHECK_ENAB \ OBSCURE_CHECKS_ENAB \ PORTTIME_CHECKS_ENAB \ QUOTAS_ENAB \ CONSOLE MOTD_FILE \ FTMP_FILE NOLOGINS_FILE \ ENV_HZ PASS_MIN_LEN \ SU_WHEEL_ONLY \ CRACKLIB_DICTPATH \ PASS_CHANGE_TRIES \ PASS_ALWAYS_WARN \ CHFN_AUTH ENCRYPT_METHOD \ ENVIRON_FILE do sed -i "s/^${FUNCTION}/# &/" /etc/login.defs done
As mentioned previously in the Linux-PAM instructions, Linux-PAM has two supported methods
for configuration. The commands below assume that you've
chosen to use a directory based configuration, where each
program has its own configuration file. You can
optionally use a single /etc/pam.conf
configuration file by
using the text from the files below, and supplying the
program name as an additional first field for each line.
As the root
user, create
the following Linux-PAM
configuration files in the /etc/pam.d/
directory (or add the
contents to the /etc/pam.conf
file) using the following
commands:
cat > /etc/pam.d/login << "EOF"
# Begin /etc/pam.d/login
# Set failure delay before next prompt to 3 seconds
auth optional pam_faildelay.so delay=3000000
# Check to make sure that the user is allowed to login
auth requisite pam_nologin.so
# Check to make sure that root is allowed to login
# Disabled by default. You will need to create /etc/securetty
# file for this module to function. See man 5 securetty.
#auth required pam_securetty.so
# Additional group memberships - disabled by default
#auth optional pam_group.so
# include system auth settings
auth include system-auth
# check access for the user
account required pam_access.so
# include system account settings
account include system-account
# Set default environment variables for the user
session required pam_env.so
# Set resource limits for the user
session required pam_limits.so
# Display date of last login - Disabled by default
#session optional pam_lastlog.so
# Display the message of the day - Disabled by default
#session optional pam_motd.so
# Check user's mail - Disabled by default
#session optional pam_mail.so standard quiet
# include system session and password settings
session include system-session
password include system-password
# End /etc/pam.d/login
EOF
cat > /etc/pam.d/passwd << "EOF"
# Begin /etc/pam.d/passwd
password include system-password
# End /etc/pam.d/passwd
EOF
cat > /etc/pam.d/su << "EOF"
# Begin /etc/pam.d/su
# always allow root
auth sufficient pam_rootok.so
# Allow users in the wheel group to execute su without a password
# disabled by default
#auth sufficient pam_wheel.so trust use_uid
# include system auth settings
auth include system-auth
# limit su to users in the wheel group
auth required pam_wheel.so use_uid
# include system account settings
account include system-account
# Set default environment variables for the service user
session required pam_env.so
# include system session settings
session include system-session
# End /etc/pam.d/su
EOF
cat > /etc/pam.d/chage << "EOF"
# Begin /etc/pam.d/chage
# always allow root
auth sufficient pam_rootok.so
# include system auth, account, and session settings
auth include system-auth
account include system-account
session include system-session
# Always permit for authentication updates
password required pam_permit.so
# End /etc/pam.d/chage
EOF
for PROGRAM in chfn chgpasswd chpasswd chsh groupadd groupdel \ groupmems groupmod newusers useradd userdel usermod do install -v -m644 /etc/pam.d/chage /etc/pam.d/${PROGRAM} sed -i "s/chage/$PROGRAM/" /etc/pam.d/${PROGRAM} done
At this point, you should do a simple test to see if
Shadow is working as
expected. Open another terminal and log in as a user,
then su
to root
. If you do not
see any errors, then all is well and you should proceed
with the rest of the configuration. If you did receive
errors, stop now and double check the above
configuration files manually. One obvious reason for an
error is if the user is not in group wheel
. You may want to run (as
root
): usermod -a -G wheel <user>
.
Any other error is the sign of an error in the above
procedure. You can also run the test suite from the
Linux-PAM package to
assist you in determining the problem. If you cannot
find and fix the error, you should recompile
Shadow adding the
--without-libpam
switch to
the configure command in
the above instructions (also move the /etc/login.defs.orig
backup file to
/etc/login.defs
). If you
fail to do this and the errors remain, you will be
unable to log into your system.
Instead of using the /etc/login.access
file for controlling
access to the system, Linux-PAM uses the pam_access.so
module along with the
/etc/security/access.conf
file. Rename the /etc/login.access
file using the
following command:
[ -f /etc/login.access ] && mv -v /etc/login.access{,.NOUSE}
Instead of using the /etc/limits
file for limiting usage of
system resources, Linux-PAM uses the pam_limits.so
module along with the
/etc/security/limits.conf
file. Rename the /etc/limits
file using the following
command:
[ -f /etc/limits ] && mv -v /etc/limits{,.NOUSE}
Be sure to test the login capabilities of the system before logging out. Errors in the configuration can cause a permanent lockout requiring a boot from an external source to correct the problem.
A list of the installed files, along with their short descriptions can be found at ../../../../lfs/view/10.1-systemd/chapter08/shadow.html#contents-shadow.
Last updated on 2021-02-19 22:13:48 -0800
The ssh-askpass is a generic executable name for many packages, with similar names, that provide a interactive X service to grab password for packages requiring administrative privileges to be run. It prompts the user with a window box where the necessary password can be inserted. Here, we choose Damien Miller's package distributed in the OpenSSH tarball.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
Download (FTP): ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
Download MD5 sum: 8f897870404c088e4aa7d1c1c58b526b
Download size: 1.7 MB
Estimated disk space required: 9.4 MB
Estimated build time: less than 0.1 SBU
GTK+-2.24.33, Sudo-1.9.5p2 (runtime), Xorg Libraries, and X Window System (runtime)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ssh-askpass
Install ssh-askpass by running the following commands:
cd contrib && make gnome-ssh-askpass2
Now, as the root
user:
install -v -d -m755 /usr/libexec/openssh/contrib && install -v -m755 gnome-ssh-askpass2 \ /usr/libexec/openssh/contrib && ln -sv -f contrib/gnome-ssh-askpass2 \ /usr/libexec/openssh/ssh-askpass
The use of /usr/libexec/openssh/contrib and a symlink is justified by the eventual necessity of a different program for that service.
As the root
user, configure
Sudo-1.9.5p2 to use ssh-askpass:
cat >> /etc/sudo.conf << "EOF" &&
# Path to askpass helper program
Path askpass /usr/libexec/openssh/ssh-askpass
EOF
chmod -v 0644 /etc/sudo.conf
If a given graphical <application> requires administrative privileges, use sudo -A <application> from an x-terminal, from a Window Manager menu and/or replace "Exec=<application> ..." by "Exec=sudo -A <application> ..." in the <application>.desktop file.
Last updated on 2021-02-21 17:43:43 -0800
The stunnel package contains a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) so you can easily communicate with clients over secure channels. stunnel can be used to add SSL functionality to commonly used Inetd daemons such as POP-2, POP-3, and IMAP servers, along with standalone daemons such as NNTP, SMTP, and HTTP. stunnel can also be used to tunnel PPP over network sockets without changes to the server package source code.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): ftp://ftp.stunnel.org/stunnel/archive/5.x/stunnel-5.58.tar.gz
Download MD5 sum: aed41cff61d622ff6c8706e9d75c53b7
Download size: 968 KB
Estimated disk space required: 8.8 MB
Estimated build time: 0.1 SBU
netcat (required for tests), tcpwrappers, and TOR
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/stunnel
The stunnel
daemon will be run in a chroot jail by an
unprivileged user. Create the new user and group using the
following commands as the root
user:
groupadd -g 51 stunnel && useradd -c "stunnel Daemon" -d /var/lib/stunnel \ -g stunnel -s /bin/false -u 51 stunnel
A signed SSL Certificate and a Private Key is necessary to
run the stunnel daemon. After the
package is installed, there are instructions to generate
them. However, if you own or have already created a signed
SSL Certificate you wish to use, copy it to /etc/stunnel/stunnel.pem
before starting
the build (ensure only root
has read and write access). The .pem
file must be formatted as shown
below:
-----BEGIN PRIVATE KEY-----
<many encrypted lines of private key>
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
<many encrypted lines of certificate>
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
<encrypted lines of dh parms>
-----END DH PARAMETERS-----
Install stunnel by running the following commands:
For some systems with binutils versions prior to 2.25, configure may fail. If necessary, fix it either with:
sed -i '/LDFLAGS.*static_flag/ s/^/#/' configure
or, if LLVM-11.1.0 with Clang is installed, you can replace ./configure ... with CC=clang ./configure ... in the first command below.
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var && make
If you have installed the optional netcat application, the regression tests can be run with make check.
Now, as the root
user:
make docdir=/usr/share/doc/stunnel-5.58 install
Install the included systemd unit by running the following
command as the root
user:
install -v -m644 tools/stunnel.service /lib/systemd/system
If you do not already have a signed SSL Certificate and
Private Key, create the stunnel.pem
file in the /etc/stunnel
directory using the command
below. You will be prompted to enter the necessary
information. Ensure you reply to the
Common Name (FQDN of your server) [localhost]:
prompt with the name or IP address you will be using to access the service(s).
To generate a certificate, as the root
user, issue:
make cert
make docdir=... install: This command installs the package and changes the documentation installation directory to standard naming conventions.
As the root
user, create
the directory used for the .pid
file created when the stunnel daemon starts:
install -v -m750 -o stunnel -g stunnel -d /var/lib/stunnel/run && chown stunnel:stunnel /var/lib/stunnel
Next, create a basic /etc/stunnel/stunnel.conf
configuration
file using the following commands as the root
user:
cat > /etc/stunnel/stunnel.conf << "EOF"
; File: /etc/stunnel/stunnel.conf
; Note: The pid and output locations are relative to the chroot location.
pid = /run/stunnel.pid
chroot = /var/lib/stunnel
client = no
setuid = stunnel
setgid = stunnel
cert = /etc/stunnel/stunnel.pem
;debug = 7
;output = stunnel.log
;[https]
;accept = 443
;connect = 80
;; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SSL
;; Microsoft implementations do not use SSL close-notify alert and thus
;; they are vulnerable to truncation attacks
;TIMEOUTclose = 0
EOF
Finally, add the service(s) you wish to encrypt to the configuration file. The format is as follows:
[<service>
]
accept = <hostname:portnumber>
connect = <hostname:portnumber>
If you use stunnel to
encrypt a daemon started from [x]inetd, you may need to
disable that daemon in the /etc/[x]inetd.conf
file and enable a
corresponding <service>
_stunnel
service. You may have to add an appropriate entry in
/etc/services
as well.
For a full explanation of the commands and syntax used in the configuration file, issue man stunnel.
Last updated on 2021-02-21 22:53:11 -0800
The Sudo package allows a
system administrator to give certain users (or groups of
users) the ability to run some (or all) commands as
root
or another user while
logging the commands and arguments.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.sudo.ws/dist/sudo-1.9.5p2.tar.gz
Download (FTP): ftp://ftp.sudo.ws/pub/sudo/sudo-1.9.5p2.tar.gz
Download MD5 sum: e6bc4c18c06346e6b3431637a2b5f3d5
Download size: 3.9 MB
Estimated disk space required: 60 MB (add 9 MB for tests)
Estimated build time: 0.4 SBU (add 0.1 SBU for tests)
Linux-PAM-1.5.1, MIT Kerberos V5-1.19.1, OpenLDAP-2.4.57, MTA (that provides a sendmail command), AFS, FWTK, and Opie
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sudo
Install Sudo by running the following commands:
./configure --prefix=/usr \ --libexecdir=/usr/lib \ --with-secure-path \ --with-all-insults \ --with-env-editor \ --docdir=/usr/share/doc/sudo-1.9.5p2 \ --with-passprompt="[sudo] password for %p: " && make
To test the results, issue: env LC_ALL=C make check 2>&1 | tee ../make-check.log. Check the results with grep failed ../make-check.log.
Now, as the root
user:
make install && ln -sfv libsudo_util.so.0.0.0 /usr/lib/sudo/libsudo_util.so.0
--libexecdir=/usr/lib
: This
switch controls where private programs are installed.
Everything in that directory is a library, so they belong
under /usr/lib
instead of
/usr/libexec
.
--with-secure-path
:
This switch transparently adds /sbin
and /usr/sbin
directories to the PATH
environment variable.
--with-all-insults
:
This switch includes all the sudo insult sets.
--with-env-editor
:
This switch enables use of the environment variable EDITOR
for visudo.
--with-passprompt
:
This switch sets the password prompt. The %p
will be expanded to the name
of the user whose password is being requested.
--without-pam
: This switch avoids
building Linux-PAM support
when Linux-PAM is installed
on the system.
There are many options to sudo's configure command. Check the configure --help output for a complete list.
ln -sfv libsudo_util...: Works around a bug in the installation process, which links to the previously installed version (if there is one) instead of the new one.
The sudoers
file can be quite
complicated. It is composed of two types of entries:
aliases (basically variables) and user specifications
(which specify who may run what). The installation installs
a default configuration that has no privileges installed
for any user.
A couple of common configuration changes are to set the
path for the super user and to allow members of the wheel
group to execute all commands after providing their own
credientials. Use the following commands to create the
/etc/sudoers.d/sudo
configuration file as the root
user:
cat > /etc/sudoers.d/sudo << "EOF"
Defaults secure_path="/usr/bin:/bin:/usr/sbin:/sbin"
%wheel ALL=(ALL) ALL
EOF
For details, see man sudoers.
The Sudo developers
highly recommend using the visudo program to edit
the sudoers
file. This will
provide basic sanity checking like syntax parsing and
file permission to avoid some possible mistakes that
could lead to a vulnerable configuration.
If PAM is installed on the
system, Sudo is built with
PAM support. In that case,
issue the following command as the root
user to create the PAM configuration file:
cat > /etc/pam.d/sudo << "EOF"
# Begin /etc/pam.d/sudo
# include the default auth settings
auth include system-auth
# include the default account settings
account include system-account
# Set default environment variables for the service user
session required pam_env.so
# include system session defaults
session include system-session
# End /etc/pam.d/sudo
EOF
chmod 644 /etc/pam.d/sudo
converts between sudoers file formats |
|
executes a command as another user as permitted by
the |
|
is a sudo event and I/O log server |
|
sends sudo I/O logs to the log server |
|
is a symlink to sudo that implies
the |
|
is used to play back or list the output logs created by sudo |
|
allows for safer editing of the |
Last updated on 2021-02-19 11:32:42 -0800
The Tripwire package contains programs used to verify the integrity of the files on a given system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/Tripwire/tripwire-open-source/releases/download/2.4.3.7/tripwire-open-source-2.4.3.7.tar.gz
Download MD5 sum: a5cf1bc2f235f5d8ca458f00548db6ee
Download size: 980 KB
Estimated disk space required: 29 MB
Estimated build time: 1.6 SBU (scripting install)
An MTA
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/tripwire
Compile Tripwire by running the following commands:
sed -e '/^CLOBBER/s/false/true/' \ -e 's|TWDB="${prefix}|TWDB="/var|' \ -e '/TWMAN/ s|${prefix}|/usr/share|' \ -e '/TWDOCS/s|${prefix}/doc/tripwire|/usr/share/doc/tripwire-2.4.3.7|' \ -i installer/install.cfg && find . -name Makefile.am | xargs \ sed -i 's/^[[:alpha:]_]*_HEADERS.*=/noinst_HEADERS =/' && sed '/dist/d' -i man/man?/Makefile.am && autoreconf -fi && ./configure --prefix=/usr --sysconfdir=/etc/tripwire && make
The default configuration is to use a local MTA. If you
don't have an MTA installed and have no wish to install
one, modify install/install.cfg
to use an SMTP server
instead. Otherwise the install will fail.
This package does not come with a test suite.
Now, as the root
user:
make install && cp -v policy/*.txt /usr/share/doc/tripwire-2.4.3.7
During make install, several questions are asked, including passwords. If you want to make a script, you have to apply a sed before running make install:
sed -i -e 's@installer/install.sh@& -n -s<site-password>
-l<local-password>
@' Makefile
Of course, you should do this with dummy passwords and change them later.
Another issue when scripting is that the installer exits when the standard input is not a terminal. You may disable this behavior with the following sed:
sed '/-t 0/,+3d' -i installer/install.sh
sed ...
installer/install.cfg: This command tells the
package to install the program database and reports in
/var/lib/tripwire
and sets the
proper location for man pages and documentation.
find ..., sed ..., and autoreconf -fi: The build system is unusable as is, and has to be modified for the build to succeed.
make install:
This command creates the Tripwire security keys as well as
installing the binaries. There are two keys: a site key and a
local key which are stored in /etc/tripwire/
.
cp -v policy/*.txt /usr/doc/tripwire-2.4.3.7: This command installs the tripwire sample policy files with the other tripwire documentation.i
Tripwire uses a policy
file to determine which files are integrity checked. The
default policy file (/etc/tripwire/twpol.txt
) is for a default
installation and will need to be updated for your system.
Policy files should be tailored to each individual
distribution and/or installation. Some example policy files
can be found in /usr/share/doc/tripwire/
.
If desired, copy the policy file you'd like to try into
/etc/tripwire/
instead of
using the default policy file, twpol.txt
. It is, however, recommended
that you edit your policy file. Get ideas from the examples
above and read /usr/share/doc/tripwire/policyguide.txt
for additional information. twpol.txt
is a good policy file for
learning about Tripwire as
it will note any changes to the file system and can even be
used as an annoying way of keeping track of changes for
uninstallation of software.
After your policy file has been edited to your satisfaction
you may begin the configuration steps (perform as the
root
) user:
twadmin --create-polfile --site-keyfile /etc/tripwire/site.key \ /etc/tripwire/twpol.txt && tripwire --init
Depending on your system and the contents of the policy file, the initialization phase above can take a relatively long time.
Tripwire will identify file changes in the critical system files specified in the policy file. Using Tripwire while making frequent changes to these directories will flag all these changes. It is most useful after a system has reached a configuration that the user considers stable.
To use Tripwire after creating a policy file to run a report, use the following command:
tripwire --check > /etc/tripwire/report.txt
View the output to check the integrity of your files. An automatic integrity report can be produced by using a cron facility to schedule the runs.
Reports are stored in binary and, if desired, encrypted.
View reports, as the root
user, with:
twprint --print-report -r /var/lib/tripwire/report/<report-name.twr>
After you run an integrity check, you should examine the
report (or email) and then modify the Tripwire database to reflect the
changed files on your system. This is so that Tripwire will not continually notify
you hat files you intentionally changed are a security
violation. To do this you must first ls -l
/var/lib/tripwire/report/ and note the name
of the newest file which starts with your system name as
presented by the command uname -n
and ends in
.twr
. These files were
created during report creation and the most current one is
needed to update the Tripwire database of your system. As
the root
user, type in the
following command making the appropriate report name:
tripwire --update --twrfile /var/lib/tripwire/report/<report-name.twr>
You will be placed into Vim with a copy of the report in front of you. If all the changes were good, then just type :wq and after entering your local key, the database will be updated. If there are files which you still want to be warned about, remove the 'x' before the filename in the report and type :wq.
is a signature gathering utility that displays the hash function values for the specified files |
|
is the main file integrity checking program |
|
administrative and utility tool used to perform certain administrative functions related to Tripwire files and configuration options |
|
prints Tripwire database and report files in clear text format |
Last updated on 2021-02-21 17:43:43 -0800
The volume_key package provides a library for manipulating storage volume encryption keys and storing them separately from volumes to handle forgotten passphrases.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/felixonmars/volume_key/archive/volume_key-0.3.12.tar.gz
Download MD5 sum: d1c76f24e08ddd8c1787687d0af5a814
Download size: 196 KB
Estimated disk space required: 11 MB
Estimated build time: 0.2 SBU
cryptsetup-2.3.4, GLib-2.66.7, GPGME-1.15.1, and NSS-3.61
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/volume_key
Install volume_key by running the following commands:
This package expands to the directory volume_key-volume_key-0.3.12.
autoreconf -fiv && ./configure --prefix=/usr \ --without-python && make
This package does not come with a functioning test suite.
Now, as the root
user:
make install
--without-python
:
This parameter prevents building the Python 2 bindings, if Python-2.7.18 is
installed.
--without-python3
: Use this
option if you do not want to build the Python 3 bindings. In this case,
SWIG-4.0.2 is not needed.
Last updated on 2015-09-25 08:48:24 -0500
Journaling file systems reduce the time needed to recover a file system that was not unmounted properly. While this can be extremely important in reducing downtime for servers, it has also become popular for desktop environments. This chapter contains other journaling file systems you can use instead of the default LFS extended file system (ext2/3/4). It also provides introductory material on managing disk arrays.
The only purpose of an initramfs is to mount the root filesystem. The initramfs is a complete set of directories that you would find on a normal root filesystem. It is bundled into a single cpio archive and compressed with one of several compression algorithms.
At boot time, the boot loader loads the kernel and the initramfs image into memory and starts the kernel. The kernel checks for the presence of the initramfs and, if found, mounts it as / and runs /init. The init program is typically a shell script. Note that the boot process takes longer, possibly significantly longer, if an initramfs is used.
For most distributions, kernel modules are the biggest reason to have an initramfs. In a general distribution, there are many unknowns such as file system types and disk layouts. In a way, this is the opposite of LFS where the system capabilities and layout are known and a custom kernel is normally built. In this situation, an initramfs is rarely needed.
There are only four primary reasons to have an initramfs in the LFS environment: loading the rootfs from a network, loading it from an LVM logical volume, having an encrypted rootfs where a password is required, or for the convenience of specifying the rootfs as a LABEL or UUID. Anything else usually means that the kernel was not configured properly.
If you do decide to build an initramfs, the following scripts will provide a basis to do it. The scripts will allow specifying a rootfs via partition UUID or partition LABEL or a rootfs on an LVM logical volume. They do not support an encrypted root file system or mounting the rootfs over a network card. For a more complete capability see the LFS Hints or dracut.
To install these scripts, run the following commands as the
root
user:
cat > /sbin/mkinitramfs << "EOF"
#!/bin/bash
# This file based in part on the mkinitramfs script for the LFS LiveCD
# written by Alexander E. Patrakov and Jeremy Huntwork.
copy()
{
local file
if [ "$2" = "lib" ]; then
file=$(PATH=/lib:/usr/lib type -p $1)
else
file=$(type -p $1)
fi
if [ -n "$file" ] ; then
cp $file $WDIR/$2
else
echo "Missing required file: $1 for directory $2"
rm -rf $WDIR
exit 1
fi
}
if [ -z $1 ] ; then
INITRAMFS_FILE=initrd.img-no-kmods
else
KERNEL_VERSION=$1
INITRAMFS_FILE=initrd.img-$KERNEL_VERSION
fi
if [ -n "$KERNEL_VERSION" ] && [ ! -d "/lib/modules/$1" ] ; then
echo "No modules directory named $1"
exit 1
fi
printf "Creating $INITRAMFS_FILE... "
binfiles="sh cat cp dd killall ls mkdir mknod mount "
binfiles="$binfiles umount sed sleep ln rm uname"
binfiles="$binfiles readlink basename"
# Systemd installs udevadm in /bin. Other udev implementations have it in /sbin
if [ -x /bin/udevadm ] ; then binfiles="$binfiles udevadm"; fi
sbinfiles="modprobe blkid switch_root"
#Optional files and locations
for f in mdadm mdmon udevd udevadm; do
if [ -x /sbin/$f ] ; then sbinfiles="$sbinfiles $f"; fi
done
# Add lvm if present (cannot be done with the others because it
# also needs dmsetup
if [ -x /sbin/lvm ] ; then sbinfiles="$sbinfiles lvm dmsetup"; fi
unsorted=$(mktemp /tmp/unsorted.XXXXXXXXXX)
DATADIR=/usr/share/mkinitramfs
INITIN=init.in
# Create a temporary working directory
WDIR=$(mktemp -d /tmp/initrd-work.XXXXXXXXXX)
# Create base directory structure
mkdir -p $WDIR/{bin,dev,lib/firmware,run,sbin,sys,proc,usr}
mkdir -p $WDIR/etc/{modprobe.d,udev/rules.d}
touch $WDIR/etc/modprobe.d/modprobe.conf
ln -s lib $WDIR/lib64
ln -s ../bin $WDIR/usr/bin
# Create necessary device nodes
mknod -m 640 $WDIR/dev/console c 5 1
mknod -m 664 $WDIR/dev/null c 1 3
# Install the udev configuration files
if [ -f /etc/udev/udev.conf ]; then
cp /etc/udev/udev.conf $WDIR/etc/udev/udev.conf
fi
for file in $(find /etc/udev/rules.d/ -type f) ; do
cp $file $WDIR/etc/udev/rules.d
done
# Install any firmware present
cp -a /lib/firmware $WDIR/lib
# Copy the RAID configuration file if present
if [ -f /etc/mdadm.conf ] ; then
cp /etc/mdadm.conf $WDIR/etc
fi
# Install the init file
install -m0755 $DATADIR/$INITIN $WDIR/init
if [ -n "$KERNEL_VERSION" ] ; then
if [ -x /bin/kmod ] ; then
binfiles="$binfiles kmod"
else
binfiles="$binfiles lsmod"
sbinfiles="$sbinfiles insmod"
fi
fi
# Install basic binaries
for f in $binfiles ; do
if [ -e /bin/$f ]; then d="/bin"; else d="/usr/bin"; fi
ldd $d/$f | sed "s/\t//" | cut -d " " -f1 >> $unsorted
copy $d/$f bin
done
for f in $sbinfiles ; do
ldd /sbin/$f | sed "s/\t//" | cut -d " " -f1 >> $unsorted
copy $f sbin
done
# Add udevd libraries if not in /sbin
if [ -x /lib/udev/udevd ] ; then
ldd /lib/udev/udevd | sed "s/\t//" | cut -d " " -f1 >> $unsorted
elif [ -x /lib/systemd/systemd-udevd ] ; then
ldd /lib/systemd/systemd-udevd | sed "s/\t//" | cut -d " " -f1 >> $unsorted
fi
# Add module symlinks if appropriate
if [ -n "$KERNEL_VERSION" ] && [ -x /bin/kmod ] ; then
ln -s kmod $WDIR/bin/lsmod
ln -s kmod $WDIR/bin/insmod
fi
# Add lvm symlinks if appropriate
# Also copy the lvm.conf file
if [ -x /sbin/lvm ] ; then
ln -s lvm $WDIR/sbin/lvchange
ln -s lvm $WDIR/sbin/lvrename
ln -s lvm $WDIR/sbin/lvextend
ln -s lvm $WDIR/sbin/lvcreate
ln -s lvm $WDIR/sbin/lvdisplay
ln -s lvm $WDIR/sbin/lvscan
ln -s lvm $WDIR/sbin/pvchange
ln -s lvm $WDIR/sbin/pvck
ln -s lvm $WDIR/sbin/pvcreate
ln -s lvm $WDIR/sbin/pvdisplay
ln -s lvm $WDIR/sbin/pvscan
ln -s lvm $WDIR/sbin/vgchange
ln -s lvm $WDIR/sbin/vgcreate
ln -s lvm $WDIR/sbin/vgscan
ln -s lvm $WDIR/sbin/vgrename
ln -s lvm $WDIR/sbin/vgck
# Conf file(s)
cp -a /etc/lvm $WDIR/etc
fi
# Install libraries
sort $unsorted | uniq | while read library ; do
# linux-vdso and linux-gate are pseudo libraries and do not correspond to a file
# libsystemd-shared is in /lib/systemd, so it is not found by copy, and
# it is copied below anyway
if [[ "$library" == linux-vdso.so.1 ]] ||
[[ "$library" == linux-gate.so.1 ]] ||
[[ "$library" == libsystemd-shared* ]]; then
continue
fi
copy $library lib
done
if [ -d /lib/udev ]; then
cp -a /lib/udev $WDIR/lib
fi
if [ -d /lib/systemd ]; then
cp -a /lib/systemd $WDIR/lib
fi
if [ -d /lib/elogind ]; then
cp -a /lib/elogind $WDIR/lib
fi
# Install the kernel modules if requested
if [ -n "$KERNEL_VERSION" ]; then
find \
/lib/modules/$KERNEL_VERSION/kernel/{crypto,fs,lib} \
/lib/modules/$KERNEL_VERSION/kernel/drivers/{block,ata,md,firewire} \
/lib/modules/$KERNEL_VERSION/kernel/drivers/{scsi,message,pcmcia,virtio} \
/lib/modules/$KERNEL_VERSION/kernel/drivers/usb/{host,storage} \
-type f 2> /dev/null | cpio --make-directories -p --quiet $WDIR
cp /lib/modules/$KERNEL_VERSION/modules.{builtin,order} \
$WDIR/lib/modules/$KERNEL_VERSION
depmod -b $WDIR $KERNEL_VERSION
fi
( cd $WDIR ; find . | cpio -o -H newc --quiet | gzip -9 ) > $INITRAMFS_FILE
# Prepare early loading of microcode if available
if ls /lib/firmware/intel-ucode/* >/dev/null 2>&1 ||
ls /lib/firmware/amd-ucode/* >/dev/null 2>&1; then
# first empty WDIR to reuse it
rm -r $WDIR/*
DSTDIR=$WDIR/kernel/x86/microcode
mkdir -p $DSTDIR
if [ -d /lib/firmware/amd-ucode ]; then
cat /lib/firmware/amd-ucode/microcode_amd*.bin > $DSTDIR/AuthenticAMD.bin
fi
if [ -d /lib/firmware/intel-ucode ]; then
cat /lib/firmware/intel-ucode/* > $DSTDIR/GenuineIntel.bin
fi
( cd $WDIR; find . | cpio -o -H newc --quiet ) > microcode.img
cat microcode.img $INITRAMFS_FILE > tmpfile
mv tmpfile $INITRAMFS_FILE
rm microcode.img
fi
# Remove the temporary directories and files
rm -rf $WDIR $unsorted
printf "done.\n"
EOF
chmod 0755 /sbin/mkinitramfs
mkdir -p /usr/share/mkinitramfs &&
cat > /usr/share/mkinitramfs/init.in << "EOF"
#!/bin/sh
PATH=/bin:/usr/bin:/sbin:/usr/sbin
export PATH
problem()
{
printf "Encountered a problem!\n\nDropping you to a shell.\n\n"
sh
}
no_device()
{
printf "The device %s, which is supposed to contain the\n" $1
printf "root file system, does not exist.\n"
printf "Please fix this problem and exit this shell.\n\n"
}
no_mount()
{
printf "Could not mount device %s\n" $1
printf "Sleeping forever. Please reboot and fix the kernel command line.\n\n"
printf "Maybe the device is formatted with an unsupported file system?\n\n"
printf "Or maybe filesystem type autodetection went wrong, in which case\n"
printf "you should add the rootfstype=... parameter to the kernel command line.\n\n"
printf "Available partitions:\n"
}
do_mount_root()
{
mkdir /.root
[ -n "$rootflags" ] && rootflags="$rootflags,"
rootflags="$rootflags$ro"
case "$root" in
/dev/* ) device=$root ;;
UUID=* ) eval $root; device="/dev/disk/by-uuid/$UUID" ;;
PARTUUID=*) eval $root; device="/dev/disk/by-partuuid/$PARTUUID" ;;
LABEL=* ) eval $root; device="/dev/disk/by-label/$LABEL" ;;
"" ) echo "No root device specified." ; problem ;;
esac
while [ ! -b "$device" ] ; do
no_device $device
problem
done
if ! mount -n -t "$rootfstype" -o "$rootflags" "$device" /.root ; then
no_mount $device
cat /proc/partitions
while true ; do sleep 10000 ; done
else
echo "Successfully mounted device $root"
fi
}
do_try_resume()
{
case "$resume" in
UUID=* ) eval $resume; resume="/dev/disk/by-uuid/$UUID" ;;
LABEL=*) eval $resume; resume="/dev/disk/by-label/$LABEL" ;;
esac
if $noresume || ! [ -b "$resume" ]; then return; fi
ls -lH "$resume" | ( read x x x x maj min x
echo -n ${maj%,}:$min > /sys/power/resume )
}
init=/sbin/init
root=
rootdelay=
rootfstype=auto
ro="ro"
rootflags=
device=
resume=
noresume=false
mount -n -t devtmpfs devtmpfs /dev
mount -n -t proc proc /proc
mount -n -t sysfs sysfs /sys
mount -n -t tmpfs tmpfs /run
read -r cmdline < /proc/cmdline
for param in $cmdline ; do
case $param in
init=* ) init=${param#init=} ;;
root=* ) root=${param#root=} ;;
rootdelay=* ) rootdelay=${param#rootdelay=} ;;
rootfstype=*) rootfstype=${param#rootfstype=} ;;
rootflags=* ) rootflags=${param#rootflags=} ;;
resume=* ) resume=${param#resume=} ;;
noresume ) noresume=true ;;
ro ) ro="ro" ;;
rw ) ro="rw" ;;
esac
done
# udevd location depends on version
if [ -x /sbin/udevd ]; then
UDEVD=/sbin/udevd
elif [ -x /lib/udev/udevd ]; then
UDEVD=/lib/udev/udevd
elif [ -x /lib/systemd/systemd-udevd ]; then
UDEVD=/lib/systemd/systemd-udevd
else
echo "Cannot find udevd nor systemd-udevd"
problem
fi
${UDEVD} --daemon --resolve-names=never
udevadm trigger
udevadm settle
if [ -f /etc/mdadm.conf ] ; then mdadm -As ; fi
if [ -x /sbin/vgchange ] ; then /sbin/vgchange -a y > /dev/null ; fi
if [ -n "$rootdelay" ] ; then sleep "$rootdelay" ; fi
do_try_resume # This function will not return if resuming from disk
do_mount_root
killall -w ${UDEVD##*/}
exec switch_root /.root "$init" "$@"
EOF
LVM2-2.03.11 and/or mdadm-4.1 must be installed before generating the initramfs, if the system partition uses them.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/initramfs
To build an initramfs, run the following as the root
user:
mkinitramfs [KERNEL VERSION]
The optional argument is the directory where the appropriate
kernel modules are located. This must be a subdirectory of
/lib/modules
. If no modules are
specified, then the initramfs is named initrd.img-no-kmods. If a kernel
version is specified, the initrd is named initrd.img-$KERNEL_VERSION and is
only appropriate for the specific kernel specified. The
output file will be placed in the current directory.
If early loading of microcode is needed (see the
section called “Microcode updates for CPUs”),
you can install the appropriate blob or container in
/lib/firmware
. It will be
automatically added to the initrd when running mkinitramfs.
After generating the initrd, copy it to the /boot
directory.
Now edit /boot/grub/grub.cfg
and add a new menuentry. Below are several examples.
# Generic initramfs and root fs identified by UUID menuentry "LFS Dev (LFS-7.0-Feb14) initrd, Linux 3.0.4" { linux /vmlinuz-3.0.4-lfs-20120214 root=UUID=54b934a9-302d-415e-ac11-4988408eb0a8 ro initrd /initrd.img-no-kmods }
# Generic initramfs and root fs on LVM partition menuentry "LFS Dev (LFS-7.0-Feb18) initrd lvm, Linux 3.0.4" { linux /vmlinuz-3.0.4-lfs-20120218 root=/dev/mapper/myroot ro initrd /initrd.img-no-kmods }
# Specific initramfs and root fs identified by LABEL menuentry "LFS Dev (LFS-7.1-Feb20) initrd label, Linux 3.2.6" { linux /vmlinuz-3.2.6-lfs71-120220 root=LABEL=lfs71 ro initrd /initrd.img-3.2.6-lfs71-120220 }
Finally, reboot the system and select the desired system.
Last updated on 2020-09-28 06:39:36 -0700
The btrfs-progs package contains administration and debugging tools for the B-tree file system (btrfs).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs/btrfs-progs-v5.10.1.tar.xz
Download MD5 sum: 0ec41da8462196c17ac08f351db86912
Download size: 2.1 MB
Estimated disk space required: 92 MB (add 2.7 GB for tests)
Estimated build time: 0.3 SBU (add 45 SBU for tests)
asciidoc-9.1.0 and xmlto-0.0.28 (both required to generate man pages)
LVM2-2.03.11 (dmsetup is used in tests), Python-2.7.18 (python bindings), and reiserfsprogs-3.6.27 (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/btrfs-progs
Enable the following option in the kernel configuration and recompile the kernel:
File systems --->
<*/M> Btrfs filesystem support [CONFIG_BTRFS_FS]
CONFIG_BTRFS_FS_POSIX_ACL and CONFIG_REISERFS_FS_XATTR are required for some tests. Other Btrfs options in the kernel are optional.
Install btrfs-progs by running the following commands:
./configure --prefix=/usr \ --bindir=/bin \ --libdir=/lib \ --with-pkgconfigdir=/usr/lib/pkgconfig && make
Some tests require grep built with perl regular expressions. To obtain this, rebuild grep with the LFS Chapter 8 instructions after installing PCRE-8.44.
Before running tests, build a support program:
make fssum && sed -i '/found/s/^/: #/' tests/convert-tests.sh &&
To test the results, issue (as the root
user):
pushd tests ./fsck-tests.sh ./mkfs-tests.sh ./cli-tests.sh ./convert-tests.sh ./misc-tests.sh ./fuzz-tests.sh popd
Install the package as the root
user:
make install && ln -sfv ../../lib/$(readlink /lib/libbtrfs.so) /usr/lib/libbtrfs.so && ln -sfv ../../lib/$(readlink /lib/libbtrfsutil.so) /usr/lib/libbtrfsutil.so && rm -fv /lib/libbtrfs.{a,so} /lib/libbtrfsutil.{a,so} && mv -v /bin/{mkfs,fsck}.btrfs /sbin
--disable-documentation
: This
option is needed if the recommended dependencies are not
installed.
mv tests/{cli,convert,misc,fuzz}-tests/ ...: Disables tests that fail and prevent tests from completing.
ln -s ... /usr/lib/libbtrfs.so: Creates a symbolic link in the directory where it is expected.
rm /lib/libbtrfs.{a,so}: Removes unneeded library entries.
is the main interface into btrfs filesystem operations |
|
converts from an ext2/3/4 filesystem to btrfs |
|
is a filter to find btrfs root |
|
maps btrfs logical extent to physical extent |
|
overwrites the primary superblock with a backup copy |
|
tunes various filesystem parameters |
|
does nothing, but is present for consistency with fstab |
|
creates a btrfs file system |
Last updated on 2021-02-21 17:43:43 -0800
The dosfstools package contains various utilities for use with the FAT family of file systems.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/dosfstools/dosfstools/releases/download/v4.2/dosfstools-4.2.tar.gz
Download MD5 sum: 49c8e457327dc61efab5b115a27b087a
Download size: 314 KB
Estimated disk space required: 3.5 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dosfstools
Enable the following option in the kernel configuration and recompile the kernel:
File systems --->
<DOS/FAT/EXFAT/NT Filesystems --->
<*/M> MSDOS fs support [CONFIG_MSDOS_FS]
<*/M> VFAT (Windows-95) fs support [CONFIG_VFAT_FS]
Install dosfstools by running the following commands:
./configure --prefix=/ \ --enable-compat-symlinks \ --mandir=/usr/share/man \ --docdir=/usr/share/doc/dosfstools-4.2 && make
This package does not come with a test suite.
Now, as the root
user:
make install
--enable-compat-symlinks
: This
switch creates the dosfsck,
dosfslabel, fsck.msdos, fsck.vfat, mkdosfs, mkfs.msdos, and mkfs.vfat symlinks required by some
programs.
Last updated on 2021-02-21 17:43:43 -0800
FUSE (Filesystem in Userspace) is a simple interface for userspace programs to export a virtual filesystem to the Linux kernel. Fuse also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libfuse/libfuse/releases/download/fuse-3.10.2/fuse-3.10.2.tar.xz
Download MD5 sum: 1c60ab35e72f1b6cb3903a49f3563aee
Download size: 2.0 MB
Estimated disk space required: 146 MB
Estimated build time: 0.1 SBU (add 0.4 SBU for tests)
Doxygen-1.9.1 (to rebuild the API documentation) and pytest (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/fuse
Enable the following options in the kernel configuration and recompile the kernel if necessary:
File systems --->
<*/M> FUSE (Filesystem in Userspace) support [CONFIG_FUSE_FS]
Character devices in user space should be enabled too for running the tests:
File systems --->
<*/M> FUSE (Filesystem in Userspace) support [CONFIG_FUSE_FS]
<*/M> Character device in Userspace support [CONFIG_CUSE]
Install Fuse by running the following commands:
sed -i '/^udev/,$ s/^/#/' util/meson.build && mkdir build && cd build && meson --prefix=/usr .. && ninja
The API documentation is included in the package, but if you have Doxygen-1.9.1 installed and wish to rebuild it, issue:
doxygen doc/Doxyfile
To test the results, run (as the root
user):
python3 -m pytest test/
The pytest Python module is needed for the tests.
Now, as the root
user:
ninja install && mv -vf /usr/lib/libfuse3.so.3* /lib && ln -sfvn ../../lib/libfuse3.so.3.10.2 /usr/lib/libfuse3.so && mv -vf /usr/bin/fusermount3 /bin && mv -vf /usr/sbin/mount.fuse3 /sbin && chmod u+s /bin/fusermount3 && install -v -m755 -d /usr/share/doc/fuse-3.10.2 && install -v -m644 ../doc/{README.NFS,kernel.txt} \ /usr/share/doc/fuse-3.10.2 && cp -Rv ../doc/html /usr/share/doc/fuse-3.10.2
sed ... util/meson.build: This command disables the installation of a boot script and udev rule that are not needed.
mv ... libfuse3.so.3*; ln ... libfuse3.so: These commands install the libraries in the /lib directory.
Some options regarding mount policy can be set in the file
/etc/fuse.conf
. To install
the file run the following command as the root
user:
cat > /etc/fuse.conf << "EOF"
# Set the maximum number of FUSE mounts allowed to non-root users.
# The default is 1000.
#
#mount_max = 1000
# Allow non-root users to specify the 'allow_other' or 'allow_root'
# mount options.
#
#user_allow_other
EOF
Additional information about the meaning of the configuration options are found in the man page.
Last updated on 2021-02-21 17:43:43 -0800
The jfsutils package contains administration and debugging tools for the jfs file system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://jfs.sourceforge.net/project/pub/jfsutils-1.1.15.tar.gz
Download MD5 sum: 8809465cd48a202895bc2a12e1923b5d
Download size: 532 KB
Estimated disk space required: 8.9 MB
Estimated build time: 0.1 SBU
Required patch to fix issues exposed by GCC 10 and later: http://www.linuxfromscratch.org/patches/blfs/10.1/jfsutils-1.1.15-gcc10_fix-1.patch
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/jfs
Enable the following option in the kernel configuration and recompile the kernel:
File systems --->
<*/M> JFS filesystem support [CONFIG_JFS_FS]
First, fix some issues exposed by GCC 10 and later:
patch -Np1 -i ../jfsutils-1.1.15-gcc10_fix-1.patch
Install jfsutils by running the following commands:
sed -i "/unistd.h/a#include <sys/types.h>" fscklog/extract.c && sed -i "/ioctl.h/a#include <sys/sysmacros.h>" libfs/devices.c && ./configure && make
This package does not come with a test suite.
Now, as the root
user:
make install
sed ...: Fixes building with glibc 2.28.
is used to replay the JFS transaction log, check a JFS formatted device for errors, and fix any errors found |
|
is a hard link to fsck.jfs |
|
constructs an JFS file system |
|
is a hard link to mkfs.jfs |
|
is a program which can be used to perform various low-level actions on a JFS formatted device |
|
extracts a JFS fsck service log into a file and/or formats and displays the extracted file |
|
dumps the contents of the journal log from the specified JFS formatted device into output file ./jfslog.dmp |
|
adjusts tunable file system parameters on JFS file systems |
Last updated on 2021-02-21 17:43:43 -0800
The LVM2 package is a set of tools that manage logical partitions. It allows spanning of file systems across multiple physical disks and disk partitions and provides for dynamic growing or shrinking of logical partitions, mirroring and low storage footprint snapshots.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://sourceware.org/ftp/lvm2/LVM2.2.03.11.tgz
Download (FTP): ftp://sourceware.org/pub/lvm2/LVM2.2.03.11.tgz
Download MD5 sum: 81b7a8b59d3f7ecf9dc00f978f41d725
Download size: 2.4 MB
Estimated disk space required: 44 MB (add 27 MB for tests; transient files can grow up to around 800 MB in the /tmp directory during tests)
Estimated build time: 0.2 SBU (using parallelism=4; add 16 to 48 SBU for tests, depending on disk speed)
mdadm-4.1, reiserfsprogs-3.6.27, Valgrind-3.16.1, Which-2.21, xfsprogs-5.10.0 (all five may be used, but are not required, for tests), thin-provisioning-tools, and vdo
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lvm2
Enable the following options in the kernel configuration and recompile the kernel:
There are several other Device Mapper options in the kernel beyond those listed below. In order to get reasonable results if running the regression tests, all must be enabled either internally or as a module. The tests will all time out if Magic SysRq key is not enabled.
Device Drivers --->
[*] Multiple devices driver support (RAID and LVM) ---> [CONFIG_MD]
<*/M> Device mapper support [CONFIG_BLK_DEV_DM]
<*/M> Crypt target support [CONFIG_DM_CRYPT]
<*/M> Snapshot target [CONFIG_DM_SNAPSHOT]
<*/M> Thin provisioning target [CONFIG_DM_THIN_PROVISIONING]
<*/M> Mirror target [CONFIG_DM_MIRROR]
Kernel hacking --->
Generic Kernel Debugging Instruments --->
[*] Magic SysRq key [CONFIG_MAGIC_SYSRQ]
Install LVM2 by running the following commands:
SAVEPATH=$PATH && PATH=$PATH:/sbin:/usr/sbin && ./configure --prefix=/usr \ --exec-prefix= \ --enable-cmdlib \ --enable-pkgconfig \ --enable-udev_sync && make && PATH=$SAVEPATH && unset SAVEPATH
The tests use udev for
logical volume synchronization, so the LVM udev rules and
some utilities need to be installed before running the tests.
If you are installing LVM2
for the first time, and do not want to install the full
package before running the tests, the minimal set of
utilities can be installed by running the following
instructions as the root
user:
make -C tools install_tools_dynamic && make -C udev install && make -C libdm install
To test the results, issue, as the root
user:
make S=shell/thin-flags.sh check_local
The S=... option allows to skip tests. The shell/thin-flags.sh test has been reported to freeze the computer. Other targets are available and can be listed with make -C test help. The test timings are very dependent on the speed of the disk(s), and on the number of enabled kernel options.
The tests do not implement the “expected fail” possibility, and a small number of test failures is expected by upstream. More failures may happen because some kernel options are missing. For example, the lack of the dm-delay device mapper target may explain some failures. Some tests are flagged “warned” if thin-provisioning-tools are not installed. A workaround is to add the following flags to configure:
--with-thin-check= \ --with-thin-dump= \ --with-thin-repair= \ --with-thin-restore= \ --with-cache-check= \ --with-cache-dump= \ --with-cache-repair= \ --with-cache-restore= \
Some tests may hang. They can be removed if necessary, for example: rm test/shell/lvconvert-raid-reshape.sh. The tests generate a lot of kernel messages, which may clutter your terminal. You can disable them by issuing dmesg -D before running the tests (do not forget to issue dmesg -E when tests are done).
The checks create device nodes in the /tmp directory. The tests will fail if /tmp is mounted with the nodev option.
Now, as the root
user:
make install make install_systemd_units
PATH=$PATH:/sbin:/usr/sbin:
The path must contain /sbin
and
/usr/sbin
for proper system
tool detection by the configure script. This
instruction ensures that PATH is properly set even if you
build as an unprivileged user.
--enable-cmdlib
: This
switch enables building of the shared command library. It is
required when building the event daemon.
--enable-pkgconfig
:
This switch enables installation of pkg-config support files.
--enable-udev_sync
:
This switch enables synchronisation with Udev processing.
--enable-dmeventd
: This switch
enables building of the Device
Mapper event daemon.
make install_systemd_units: This is needed to install a unit that activates logical volumes at boot. It is not installed by default.
is a utility to deactivate block devices |
|
(optional) is the Device Mapper event daemon |
|
is a low level logical volume management tool |
|
is a utility used to resize or check filesystem on a device |
|
provides the command-line tools for LVM2. Commands are implemented via sympolic links to this program to manage physical devices (pv*), volume groups (vg*) and logical volumes (lv*) |
|
is a tool used to dump various information concerning LVM2 |
|
is used to import a duplicated VG (e.g. hardware snapshot) |
|
contains the Device Mapper API functions |
Last updated on 2021-02-19 22:13:48 -0800
LVM manages disk drives. It allows multiple drives and partitions to be combined into larger volume groups, assists in making backups through a snapshot, and allows for dynamic volume resizing. It can also provide mirroring similar to a RAID 1 array.
A complete discussion of LVM is beyond the scope of this introduction, but basic concepts are presented below.
To run any of the commands presented here, the LVM2-2.03.11 package must
be installed. All commands must be run as the root
user.
Management of disks with lvm is accomplished using the following concepts:
These are physical disks or partitions such as /dev/sda3 or /dev/sdb.
These are named groups of physical volumes that can be manipulated by the administrator. The number of physical volumes that make up a volume group is arbitrary. Physical volumes can be dynamically added or removed from a volume group.
Volume groups may be subdivided into logical volumes. Each logical volume can then be individually formatted as if it were a regular Linux partition. Logical volumes may be dynamically resized by the administrator according to need.
To give a concrete example, suppose that you have two 2 TB
disks. Also suppose a really large amount of space is required
for a very large database, mounted on /srv/mysql
. This is what the initial set of
partitions would look like:
Partition Use Size Partition Type
/dev/sda1 /boot 100MB 83 (Linux)
/dev/sda2 / 10GB 83 (Linux)
/dev/sda3 swap 2GB 82 (Swap)
/dev/sda4 LVM remainder 8e (LVM)
/dev/sdb1 swap 2GB 82 (Swap)
/dev/sdb2 LVM remainder 8e (LVM)
First initialize the physical volumes:
pvcreate /dev/sda4 /dev/sdb2
A full disk can be used as part of a physical volume, but beware that the pvcreate command will destroy any partition information on that disk.
Next create a volume group named lfs-lvm:
vgcreate lfs-lvm /dev/sda4 /dev/sdb2
The status of the volume group can be checked by running the command vgscan. Now create the logical volumes. Since there is about 3900 GB available, leave about 900 GB free for expansion. Note that the logical volume named mysql is larger than any physical disk.
lvcreate --name mysql --size 2500G lfs-lvm lvcreate --name home --size 500G lfs-lvm
Finally the logical volumes can be formatted and mounted. In this example, the jfs file system (jfsutils-1.1.15) is used for demonstration purposes.
mkfs -t ext4 /dev/lfs-lvm/home mkfs -t jfs /dev/lfs-lvm/mysql mount /dev/lfs-lvm/home /home mkdir -p /srv/mysql mount /dev/lfs-lvm/mysql /srv/mysql
A LVM logical volume can host a root filesystem, but requires
the use of an initramfs (initial RAM file system). The
initramfs proposed in the section called “About
initramfs” allows to pass the lvm volume in the
root=
switch of the
kernel command line.
If not using an initramfs, there is a race condition in
systemd preventing mounting
logical volumes through /etc/fstab
. You must create a “mount”
unit (see systemd.mount(5)) as in the following example, which
mounts the /home
directory
automatically at boot:
cat > /etc/systemd/system/home.mount << EOF
[Unit]
Description=Mount the lvm volume /dev/lfs-lvm/home to /home
[Mount]
What=/dev/lfs-lvm/home
Where=/home
Type=ext4
Options=default
[Install]
WantedBy=multi-user.target
EOF
The name of the unit must be the name of the mount point with the `/' character replaced by `-', omitting the leading one.
Next the unit must be enabled with:
systemctl enable home.mount
For a more information about LVM, see the LVM HOWTO and the lvm man pages.
Last updated on 2020-06-29 00:38:45 -0700
The storage technology known as RAID (Redundant Array of Independent Disks) combines multiple physical disks into a logical unit. The drives can generally be combined to provide data redundancy or to extend the size of logical units beyond the capability of the physical disks or both. The technology also allows for providing hardware maintenance without powering down the system.
The types of RAID organization are described in the RAID Wiki.
Note that while RAID provides protection against disk failures, it is not a substitute for backups. A file deleted is still deleted on all the disks of a RAID array. Modern backups are generally done via rsync-3.2.3.
There are three major types of RAID implementation: Hardware RAID, BIOS-based RAID, and Software RAID.
Hardware based RAID provides capability through proprietary hardware and data layouts. The control and configuration is generally done via firmware in conjunction with executable programs made available by the device manufacturer. The capabilities are generally supplied via a PCI card, although there are some instances of RAID components integrated in to the motherboard. Hardware RAID may also be available in a stand-alone enclosure.
One advantage of hardware-based RAID is that the drives are offered to the operating system as a logical drive and no operating system dependent configuration is needed.
Disadvantages include difficulties in transferring drives from one system to another, updating firmware, or replacing failed RAID hardware.
Some computers offter a hardware-like RAID implementation in the system BIOS. Sometime this is referred to as 'fake' RAID as the capabilites are generally incorporated into firmware without any hardware acceleration.
The advantages and disadvantages of BIOS-based RAID are generally the same as hardware RAID with the additional disadvantage that there is no hardware acceleration.
In some cases, BIOS-based RAID firmware is enabled by default (e.g. some DELL systems). If software RAID is desired, this option must be explicitly disabled in the BIOS.
Software based RAID is the most flexible form of RAID. It is easy to install and update and provides full capability on all or part of any drives available to the system. In BLFS, the RAID software is found in mdadm-4.1.
Configuring a RAID device is straight forward using
mdadm. Generally devices are
created in the /dev
directory
as /dev/mdx
where x is an integer.
The first step in creating a RAID array is to use
partitioning software such as fdisk
or parted-3.4 to define
the partitions needed for the array. Usually, there will be
one partition on each drive participating in the RAID array,
but that is not strictly necessary. For this example, there
will be four disk drives: /dev/sda
, /dev/sdb
, /dev/sdc
, and /dev/sdd
. They will be partitioned as
follows:
Partition Size Type Use
sda1: 100 MB fd Linux raid auto /boot (RAID 1) /dev/md0
sda2: 10 GB fd Linux raid auto / (RAID 1) /dev/md1
sda3: 2 GB 83 Linux swap swap
sda4 300 GB fd Linux raid auto /home (RAID 5) /dev/md2
sdb1: 100 MB fd Linux raid auto /boot (RAID 1) /dev/md0
sdb2: 10 GB fd Linux raid auto / (RAID 1) /dev/md1
sdb3: 2 GB 83 Linux swap swap
sdb4 300 GB fd Linux raid auto /home (RAID 5) /dev/md2
sdc1: 12 GB fd Linux raid auto /usr/src (RAID 0) /dev/md3
sdc2: 300 GB fd Linux raid auto /home (RAID 5) /dev/md2
sdd1: 12 GB fd Linux raid auto /usr/src (RAID 0) /dev/md3
sdd2: 300 GB fd Linux raid auto /home (RAID 5) /dev/md2
In this arrangement, a separate boot partition is created as
the first small RAID array and a root filesystem as the
secong RAID array, both mirrored. The third partition is a
large (about 1TB) array for the /home
directory. This provides an ability
to stripe data across multiple devices, improving speed for
both reading and writing large files. Finally, a fourth array
is created that concatenates two partitions into a larger
device.
All mdadm commands must be
run as the root
user.
To create these RAID arrays the commands are:
/sbin/mdadm -Cv /dev/md0 --level=1 --raid-devices=2 /dev/sda1 /dev/sdb1 /sbin/mdadm -Cv /dev/md1 --level=1 --raid-devices=2 /dev/sda2 /dev/sdb2 /sbin/mdadm -Cv /dev/md3 --level=0 --raid-devices=2 /dev/sdc1 /dev/sdd1 /sbin/mdadm -Cv /dev/md2 --level=5 --raid-devices=4 \ /dev/sda4 /dev/sdb4 /dev/sdc2 /dev/sdd2
The devices created can be examined by device. For example,
to see the details of /dev/md1
,
use /sbin/mdadm --detail
/dev/md1
:
Version : 1.2
Creation Time : Tue Feb 7 17:08:45 2012
Raid Level : raid1
Array Size : 10484664 (10.00 GiB 10.74 GB)
Used Dev Size : 10484664 (10.00 GiB 10.74 GB)
Raid Devices : 2
Total Devices : 2
Persistence : Superblock is persistent
Update Time : Tue Feb 7 23:11:53 2012
State : clean
Active Devices : 2
Working Devices : 2
Failed Devices : 0
Spare Devices : 0
Name : core2-blfs:0 (local to host core2-blfs)
UUID : fcb944a4:9054aeb2:d987d8fe:a89121f8
Events : 17
Number Major Minor RaidDevice State
0 8 1 0 active sync /dev/sda1
1 8 17 1 active sync /dev/sdb1
From this point, the partitions can be formated with the
filesystem of choice (e.g. ext3, ext4, xfsprogs-5.10.0,
reiserfsprogs-3.6.27, etc). The
formatted partitions can then be mounted. The /etc/fstab
file can use the devices created
for mounting at boot time and the linux command line in
/boot/grub/grub.cfg
can specify
root=/dev/md1
.
The swap devices should be specified in the /etc/fstab
file as normal. The kernel
normally stripes swap data across multiple swap files and
should not be made part of a RAID array.
For further options and management details of RAID devices,
refer to man
mdadm
.
Additional details for monitoring RAID arrays and dealing with problems can be found at the Linux RAID Wiki.
Last updated on 2020-03-25 14:46:27 -0700
The mdadm package contains administration tools for software RAID.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/utils/raid/mdadm/mdadm-4.1.tar.xz
Download MD5 sum: 51bf3651bd73a06c413a2f964f299598
Download size: 432 KB
Estimated disk space required: 4.9 MB (10 MB with tests)
Estimated build time: 0.1 SBU (tests take about an hour, only partially processor dependent)
A MTA
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/mdadm
Kernel versions in series 4.1 through 4.4.1 have a broken RAID implementation. Use a kernel with version at or above 4.4.2.
Enable the following options in the kernel configuration and recompile the kernel, if necessary. Only the RAID types desired are required.
Device Drivers --->
[*] Multiple devices driver support (RAID and LVM) ---> [CONFIG_MD]
<*> RAID support [CONFIG_BLK_DEV_MD]
[*] Autodetect RAID arrays during kernel boot [CONFIG_MD_AUTODETECT]
<*/M> Linear (append) mode [CONFIG_MD_LINEAR]
<*/M> RAID-0 (striping) mode [CONFIG_MD_RAID0]
<*/M> RAID-1 (mirroring) mode [CONFIG_MD_RAID1]
<*/M> RAID-10 (mirrored striping) mode [CONFIG_MD_RAID10]
<*/M> RAID-4/RAID-5/RAID-6 mode [CONFIG_MD_RAID456]
Fix a build error introduced by gcc-7.1:
sed 's@-Werror@@' -i Makefile
Build mdadm by running the following command:
make
If you wish to run the tests, ensure that your kernel supports RAID and that a version of mdadm is not already running. As many as 9 out of 124 tests may fail.
The tests edit values in /proc and run tests on software raid devices. They shouldn't be run on systems with active software RAID devices.
Run the tests as the root
user:
./test --keep-going --logdir=test-logs --save-logs
Now, as the root
user:
make install
make everything: This optional target creates extra programs, particularly a statically-linked version of mdadm and also versions of mdassemble. These all need to be manually installed.
--keep-going
: Run the
tests to the end, even if one or more tests fail.
--logdir=test-logs
:
Defines the directory where test logs are saved.
--save-logs
:
Instructs the test suite to save the logs.
--tests=
:
Optional comma separated list of tests to be executed (all
tests, if this option is not passed).
<test1,test2,...>
Last updated on 2021-02-21 17:43:43 -0800
The Ntfs-3g package contains a stable, read-write open source driver for NTFS partitions. NTFS partitions are used by most Microsoft operating systems. Ntfs-3g allows you to mount NTFS partitions in read-write mode from your Linux system. It uses the FUSE kernel module to be able to implement NTFS support in user space. The package also contains various utilities useful for manipulating NTFS partitions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://tuxera.com/opensource/ntfs-3g_ntfsprogs-2017.3.23.tgz
Download MD5 sum: d97474ae1954f772c6d2fa386a6f462c
Download size: 1.2 MB
Estimated disk space required: 20 MB
Estimated build time: 0.2 SBU
fuse 2.x (this disables user mounts)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ntfs-3g
Enable the following options in the kernel configuration and recompile the kernel if necessary:
File systems --->
<*/M> FUSE (Filesystem in Userspace) support [CONFIG_FUSE_FS]
Install Ntfs-3g by running the following commands:
./configure --prefix=/usr \ --disable-static \ --with-fuse=internal \ --docdir=/usr/share/doc/ntfs-3g-2017.3.23 && make
This package does not come with a test suite.
Now, as the root
user:
make install && ln -sv ../bin/ntfs-3g /sbin/mount.ntfs && ln -sv ntfs-3g.8 /usr/share/man/man8/mount.ntfs.8
If you want ordinary users to be able to mount NTFS
partitions you'll need to set mount.ntfs with the root user
ID. Note: it is probably unsafe to do this on a computer that
needs to be secure (like a server). As the root
user:
chmod -v 4755 /bin/ntfs-3g
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-fuse=internal
:
This switch dynamically forces ntfs-3g to use an internal copy of the
fuse-2.x library. This is
required if you wish to allow users to mount NTFS partitions.
--disable-ntfsprogs
: Disables
installation of various utilities used to manipulate NTFS
partitions.
ln -sv ../bin/ntfs-3g /sbin/mount.ntfs: Creating /sbin/mount.ntfs makes mount default to using Ntfs-3g to mount NTFS partitions.
chmod -v 4755 /bin/ntfs-3g: Making mount.ntfs setuid root allows non root users to mount NTFS partitions.
To mount a Windows partition at boot time, put a line like this in /etc/fstab:
/dev/sda1 /mnt/windows auto defaults 0 0
To allow users to mount a usb stick with an NTFS filesystem on it, put a line similar to this (change sdc1 to whatever a usb stick would be on your system) in /etc/fstab:
/dev/sdc1 /mnt/usb auto user,noauto,umask=0,utf8 0 0
In order for a user to be able to mount the usb stick, they
will need to be able to write to /mnt/usb
, so as the root
user:
chmod -v 777 /mnt/usb
is similar to ntfs-3g but uses the Fuse low-level interface |
|
is a symlink to mkntfs |
|
creates an NTFS file system |
|
is a symlink to lowntfs-3g |
|
mounts an NTFS filesystem |
|
is a symbolic link to ntfs-3g |
|
is an NTFS driver, which can create, remove, rename, move files, directories, hard links, and streams. It can also read and write files, including streams, sparse files and transparently compressed files. It can also handle special files like symbolic links, devices, and FIFOs; moreover it provides standard management of file ownership and permissions, including POSIX ACLs |
|
tests if an NTFS volume is mountable read only or read-write, and exits with a status value accordingly. The volume can be a block device or image file |
|
audits NTFS Security Data |
|
creates the file defining the mapping of Windows accounts to Linux logins for users who owns files which should be visible from both Windows and Linux |
|
identifies files in a specified region of an NTFS volume |
|
copies a file to an NTFS volume |
|
fixes common errors and forces Windows to check an NTFS partition |
|
lists directory contents on an NTFS filesystem |
|
prints NTFS files and streams on the standard output |
|
clones an NTFS filesystem |
|
compares two NTFS filesystems and tells the differences |
|
dumps a file's attributes |
|
displays or changes the label on an ntfs file system |
|
resizes an NTFS filesystem without data loss |
|
recovers a deleted file from an NTFS volume |
|
contains the Ntfs-3g API functions |
Last updated on 2021-02-21 17:43:43 -0800
The gptfdisk package is a set of programs for creation and maintenance of GUID Partition Table (GPT) disk drives. A GPT partitioned disk is required for drives greater than 2 TB and is a modern replacement for legacy PC-BIOS partitioned disk drives that use a Master Boot Record (MBR). The main program, gdisk, has an inteface similar to the classic fdisk program.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/gptfdisk/gptfdisk-1.0.6.tar.gz
Download MD5 sum: 68da8921f0df2f1aa559f360de9c86dd
Download size: 202 KB
Estimated disk space required: 3.3 MB
Estimated build time: less than 0.1 SBU (0.2 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gptdisk
The gptfdisk package comes
with a rudimentary Makefile
.
First we update it to provide a simple build and install
interface and fix the location of a header file. Install
gptfdisk by running the
following commands:
patch -Np1 -i ../gptfdisk-1.0.6-convenience-1.patch && sed -i 's|ncursesw/||' gptcurses.cc && make
To test the results, issue: make test.
Now, as the root
user:
make install
patch -Np1 ...:
This patch modifies the Makefile
file so that it provides an
“install” target.
Last updated on 2021-02-21 11:05:24 -0800
The Parted package is a disk partitioning and partition resizing tool.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/parted/parted-3.4.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/parted/parted-3.4.tar.xz
Download MD5 sum: 357d19387c6e7bc4a8a90fe2d015fe80
Download size: 1.7 MB
Estimated disk space required: 34 MB (additional 3 MB for the tests and additional 2 MB for optional PDF and Postscript documentation)
Estimated build time: 0.3 SBU (additional 2.5 SBU for the tests)
LVM2-2.03.11 (device-mapper, required if building udisks)
dosfstools-4.2, Pth-2.0.7, texlive-20200406 (or install-tl-unx), and Digest::CRC (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/parted
Install Parted by running the following commands:
./configure --prefix=/usr --disable-static && make && make -C doc html && makeinfo --html -o doc/html doc/parted.texi && makeinfo --plaintext -o doc/parted.txt doc/parted.texi
If you have texlive-20200406 installed and wish to create PDF and Postcript documentation issue the following commands:
texi2pdf -o doc/parted.pdf doc/parted.texi && texi2dvi -o doc/parted.dvi doc/parted.texi && dvips -o doc/parted.ps doc/parted.dvi
To test the results, issue, as the root
user:
make check
Many tests are skipped if not run as the root
user.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/parted-3.4/html && install -v -m644 doc/html/* \ /usr/share/doc/parted-3.4/html && install -v -m644 doc/{FAT,API,parted.{txt,html}} \ /usr/share/doc/parted-3.4
Install the optional PDF and Postscript documentation by
issuing the following command as the root
user:
install -v -m644 doc/FAT doc/API doc/parted.{pdf,ps,dvi} \ /usr/share/doc/parted-3.4
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--disable-device-mapper
: This
option disables device mapper support. Add this parameter if
you have not installed LVM2.
Last updated on 2021-02-19 22:13:48 -0800
The reiserfsprogs package contains various utilities for use with the Reiser file system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/kernel/people/jeffm/reiserfsprogs/v3.6.27/reiserfsprogs-3.6.27.tar.xz
Download MD5 sum: 90c139542725efc6da3a6b1709695395
Download size: 439 KB
Estimated disk space required: 13 MB
Estimated build time: 0.2 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/reiser
Enable the following option in the kernel configuration and recompile the kernel:
File systems --->
<*/M> Reiserfs support [CONFIG_REISERFS_FS]
Install reiserfsprogs by running the following commands:
sed -i '/parse_time.h/i #define _GNU_SOURCE' lib/parse_time.c && autoreconf -fiv && ./configure --prefix=/usr \ --sbindir=/sbin && make
This package does not come with a test suite.
Now, as the root
user:
make install
sed ...: Ensure a variable is defined for use with recent include files.
--sbindir=/sbin
: This
switch ensures that the reiserfsprogs utilities are installed in
/sbin
.
can sometimes help to solve problems with ReiserFS file systems. If it is called without options, it prints the super block of any ReiserFS file system found on the device |
|
creates a ReiserFS file system |
|
is used to check or repair a ReiserFS file system |
|
is used for tuning the ReiserFS journal. WARNING: Don't use this utility without first reading the man page thoroughly |
|
is used to resize an unmounted ReiserFS file system |
Last updated on 2021-02-21 17:43:43 -0800
The smartmontools package contains utility programs (smartctl, smartd) to control/monitor storage systems using the Self-Monitoring, Analysis and Reporting Technology System (S.M.A.R.T.) built into most modern ATA and SCSI disks.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/smartmontools/smartmontools-7.2.tar.gz
Download MD5 sum: e8d134c69ae4959a05cb56b31172ffb1
Download size: 972 KB
Estimated disk space required: 24 MB
Estimated build time: 0.2 SBU
cURL-7.75.0 or Lynx-2.8.9rel.1 or Wget-1.21.1 (download tools), and GnuPG-2.2.27 (encrypted hard disks)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/smartmontools
Install smartmontools by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --docdir=/usr/share/doc/smartmontools-7.2 && make
This package does not come with a test suite.
Now, as the root
user:
make install
See the embedded comments in /etc/smartd.conf
for detailed
instructions on customizing the smartd darmon.
Last updated on 2021-02-21 17:43:43 -0800
The Sshfs package contains a filesystem client based on the SSH File Transfer Protocol. This is useful for mounting a remote computer that you have ssh access to as a local filesystem. This allows you to drag and drop files or run shell commands on the remote files as if they were on your local computer.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libfuse/sshfs/releases/download/sshfs-3.7.1/sshfs-3.7.1.tar.xz
Download MD5 sum: 22ac23d05ca7c56fb568627f086374d0
Download size: 52 KB
Estimated disk space required: 1.7 MB
Estimated build time: less than 0.1 SBU
Fuse-3.10.2, GLib-2.66.7, and OpenSSH-8.4p1.
docutils-0.16 (required to build the man page)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sshfs
Install Sshfs by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
To mount an ssh server you need to be able to log into the server. For example, to mount your remote home folder to the local ~/examplepath (the directory must exist and you must have permissions to write to it):
sshfs example.com:/home/userid ~/examplepath
When you've finished work and want to unmount it again:
fusermount3 -u ~/example
You can also mount an sshfs
filesystem at boot by adding an entry similar to the
following in the /etc/fstab
file:
[email protected]:/path /media/path fuse.sshfs _netdev,IdentityFile=/home/userid/.ssh/id_rsa 0 0
See man 1 sshfs and man 8 mount.fuse for all available mount options.
Last updated on 2021-02-21 17:43:43 -0800
The xfsprogs package contains administration and debugging tools for the XFS file system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/utils/fs/xfs/xfsprogs/xfsprogs-5.10.0.tar.xz
Download MD5 sum: f4156af67a0e247833be88efaa2869f9
Download size: 1.2 MB
Estimated disk space required: 57 MB
Estimated build time: 0.2 SBU (Using parallelism=4)
ICU-68.2 (for unicode name scanning in xfs_scrub)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/xfs
Enable the following options in the kernel configuration and recompile the kernel:
File systems --->
<*/M> XFS filesystem support [CONFIG_XFS_FS]
Install xfsprogs by running the following commands:
make DEBUG=-DNDEBUG \ INSTALL_USER=root \ INSTALL_GROUP=root
This package does not come with a test suite.
Now, as the root
user:
make PKG_DOC_DIR=/usr/share/doc/xfsprogs-5.10.0 install && make PKG_DOC_DIR=/usr/share/doc/xfsprogs-5.10.0 install-dev && rm -rfv /usr/lib/libhandle.a && rm -rfv /lib/libhandle.{a,la,so} && ln -sfv ../../lib/libhandle.so.1 /usr/lib/libhandle.so
make DEBUG=-DNDEBUG: Turns off debugging symbols.
INSTALL_USER=root
INSTALL_GROUP=root
: This sets the owner and group
of the installed files.
OPTIMIZER="..."
: Adding this
parameter to the end of the make command overrides the
default optimization settings.
simply exits with a zero status, since XFS partitions are checked at mount time |
|
constructs an XFS file system |
|
changes the parameters of an XFS file system |
|
prints block mapping for an XFS file |
|
copies the contents of an XFS file system to one or more targets in parallel |
|
for each directory argument, estimates the space that directory would take if it were copied to an XFS filesystem (does not cross mount points) |
|
is used to debug an XFS file system |
|
suspends access to an XFS file system |
|
applicable only to XFS filesystems, improves the organization of mounted filesystems, the reorganization algorithm operates on one file at a time, compacting or othewise improving the layout of the file extents (contiguous blocks of file data) |
|
expands an XFS file system |
|
is equivalent to invoking xfs_growfs, but specifying that no change to the file system is to be made |
|
is a debugging tool like xfs_db, but is aimed at examining the regular file I/O path rather than the raw XFS volume itself |
|
prints the log of an XFS file system |
|
restores an XFS metadump image to a filesystem image |
|
copies XFS filesystem metadata to a file |
|
creates an XFS file, padded with zeroes by default |
|
generates pathnames from inode numbers for an XFS file system |
|
is a utility for reporting and editing various aspects of filesystem quota |
|
repairs corrupt or damaged XFS file systems |
|
copies a file to the real-time partition on an XFS file system |
|
checks and repairs the contents of a mounted XFS file system |
|
scrubs all mounted XFS file systems |
|
reports and controls free space usage in an XFS file system |
|
contains XFS-specific functions that provide a way to perform certain filesystem operations without using a file descriptor to access filesystem objects |
Last updated on 2021-02-21 17:43:43 -0800
This chapter is referenced in the LFS book for those wishing to use other editors on their LFS system. You're also shown how some LFS installed programs benefit from being recompiled after GUI libraries have been installed.
Bluefish is a GTK+ text editor targeted towards programmers and web designers, with many options to write websites, scripts and programming code. Bluefish supports many programming and markup languages, and it focuses on editing dynamic and interactive websites.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.bennewitz.com/bluefish/stable/source/bluefish-2.2.12.tar.bz2
Download MD5 sum: 33dd8262c4d8a564a517f8c98c0cce19
Download size: 4.0 MB
Estimated disk space required: 69 MB
Estimated build time: 0.4 SBU
GTK+-2.24.33 or GTK+-3.24.25 (If both are installed, configure defaults to using GTK+ 3)
desktop-file-utils-0.26 (for updating the desktop database)
enchant-2.2.15 (for spell checking), Gucharmap-12.0.1, PCRE-8.44 and Jing
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bluefish
Install Bluefish by running the following commands:
./configure --prefix=/usr --docdir=/usr/share/doc/bluefish-2.2.12 && make
This package does not come with a test suite.
Now, as the root
user:
make install
This package installs icon files into the /usr/share/icons/hicolor
hierarchy and
desktop files into the /usr/share/applications
hierarchy. You
can improve system performance and memory usage by updating
/usr/share/icons/hicolor/icon-theme.cache
and /usr/share/applications/mimeinfo.cache
.
To perform the update you must have desktop-file-utils-0.26 (for
the desktop cache) and issue the following commands as the
root
user:
gtk-update-icon-cache -t -f --include-image-data /usr/share/icons/hicolor && update-desktop-database
Last updated on 2021-02-22 12:20:59 -0800
Ed is a line-oriented text editor. It is used to create, display, modify and otherwise manipulate text files, both interactively and via shell scripts. Ed isn't something which many people use. It's described here because it can be used by the patch program if you encounter an ed-based patch file. This happens rarely because diff-based patches are preferred these days.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/ed/ed-1.17.tar.lz
Download (FTP): ftp://ftp.gnu.org/gnu/ed/ed-1.17.tar.lz
Download MD5 sum: 894748c9bbf35cb7c599f5317b1a8cdb
Download size: 68 KB
Estimated disk space required: 1.2 MB
Estimated build time: less than 0.1 SBU
libarchive-3.5.1 (for bsdtar)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ed
Install Ed by running the following commands:
./configure --prefix=/usr --bindir=/bin && make
To test the results, issue: make check.
Now, as the root
user:
make install
Last updated on 2021-02-22 07:54:45 -0800
The Emacs package contains an extensible, customizable, self-documenting real-time display editor.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/emacs/emacs-27.1.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/emacs/emacs-27.1.tar.xz
Download MD5 sum: f1f25356b68ec69caccd41d95988d23d
Download size: 42 MB
Estimated disk space required: 480 MB
Estimated build time: 0.7 SBU (Using parallelism=4)
giflib-5.2.1, GnuTLS-3.7.0, and LibTIFF-4.2.0
X Window System, alsa-lib-1.2.4, dbus-1.12.20, GConf-3.2.6, gobject-introspection-1.66.1, gsettings-desktop-schemas-3.38.0, GPM-1.20.7, GTK+-2.24.33 or GTK+-3.24.25, ImageMagick-7.0.11-0, jansson-2.13.1, libjpeg-turbo-2.0.6, libpng-1.6.37, librsvg-2.50.3, libxml2-2.9.10, MIT Kerberos V5-1.19.1, Valgrind-3.16.1, intlfonts, libungif, libotf and m17n-lib - to correctly display such complex scripts as Indic and Khmer, and also for scripts that require Arabic shaping support (Arabic and Farsi), and libXaw3d
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/emacs
Install Emacs by running the following commands:
./configure --prefix=/usr --localstatedir=/var && make
This package does not come with a test suite. If make succeeds, you can test the result by running src/emacs -Q, which is the program that will be installed, with its auxiliary files. This should start and display the application opening screen.
Now, as the root
user:
make install && chown -v -R root:root /usr/share/emacs/27.1
This package installs icon files into the /usr/share/icons/hicolor
hierarchy and
you can improve system performance and memory usage by
updating /usr/share/icons/hicolor/index.theme
. To
perform the update you must have GTK+-2.24.33 or GTK+-3.24.25
installed and issue the following command as the
root
user:
gtk-update-icon-cache -qtf /usr/share/icons/hicolor
--localstatedir=/var
:
Create game score files in /var/games/emacs
instead of /usr/var/games/emacs
.
--with-imagemagick
: Use this if
you have installed ImageMagick-7.0.11-0 and wish to
link against it.
--with-gif=no
: Use this if you
have not installed giflib-5.2.1 or libungif.
--with-tiff=no
: Use this if you
have not installed LibTIFF-4.2.0.
--with-gnutls=no
: Use this if you
have not installed GnuTLS-3.7.0.
creates cross-reference tagfile database files for source code |
|
permits browsing of C++ class hierarchies from within emacs |
|
is an editor |
|
attaches an emacs session to an already running emacsserver instance |
|
is another program to generate source code cross-reference tagfiles |
|
prints entries in Change Logs matching various criteria |
Last updated on 2021-02-22 12:20:59 -0800
The Gedit package contains a lightweight UTF-8 text editor for the GNOME Desktop.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/gedit/3.38/gedit-3.38.1.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/gedit/3.38/gedit-3.38.1.tar.xz
Download MD5 sum: 19dcfd1631256ab85d9394225dddf167
Download size: 6.5 MB
Estimated disk space required: 74 MB (with tests)
Estimated build time: 0.3 SBU (using parallelism=4; with tests)
git-2.30.1, gsettings-desktop-schemas-3.38.0, gspell-1.8.4, gtksourceview4-4.8.0, itstool-2.0.6, libpeas-1.28.0, and tepl-5.0.1
Gvfs-1.46.2 (runtime), ISO Codes-4.5.0, and PyGObject-3.38.0 (Python 3 module)
GTK-Doc-1.33.2, Vala-0.50.3, and zeitgeist
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gedit
Install Gedit by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Dbuildtype=release .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
If you installed the package to your system using a
“DESTDIR” method, /usr/share/glib-2.0/schemas/gschemas.compiled
was not updated/created. Create (or update) the file using
the following command as the root
user:
glib-compile-schemas /usr/share/glib-2.0/schemas
-Duser_documentation=false
:
This switch disables generating the user documentation. Omit
this switch if you have GTK-Doc-1.33.2 installed and wish
to generate the user documentation.
-Dgtk_doc=true
: Use this option
to build the reference manual (needs GTK-Doc-1.33.2).
Last updated on 2021-02-25 11:57:49 -0800
JOE (Joe's own editor) is a small text editor capable of emulating WordStar, Pico, and Emacs.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/joe-editor/joe-4.6.tar.gz
Download MD5 sum: 9017484e6116830d846678b625ea5c43
Download size: 1.8 MB
Estimated disk space required: 22 MB
Estimated build time: 0.2 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/joe
Install JOE by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --docdir=/usr/share/doc/joe-4.6 && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -vm 755 joe/util/{stringify,termidx,uniproc} /usr/bin
is a symbolic link to joe used to launch Emacs emulation mode |
|
is a small text editor capable of emulating WordStar, Pico, and Emacs |
|
is a symbolic link to joe used to launch Pico emulation mode |
|
is a symbolic link to joe used to launch WordStar emulation mode |
|
is a symbolic link to joe that restricts JOE to editing only files which are specified on the command-line |
|
is a program used by joe to convert rc and .jsf files into a C file (see /usr/share/doc/joe-4.6/util/README) |
|
is a program used by joe to generate the termcap index file (see /usr/share/doc/joe-4.6/util/README) |
|
is a program used by joe to generate joe's unicode database file unicat.c from Blocks.txt CaseFolding.txt EastAsianWidth.txt and UnicodeData.txt (find them at /usr/share/doc/joe-4.6/util; see usr/share/doc/joe-4.6/util/README) |
Last updated on 2021-02-22 12:20:59 -0800
The Kate package contains an advanced KF5 based graphical text editor.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.kde.org/stable/release-service/20.12.2/src/kate-20.12.2.tar.xz
Download MD5 sum: 5d6be348636d431b05916e49cc22defb
Download size: 5.6 MB
Estimated disk space required: 109 MB
Estimated build time: 0.9 SBU (using parallelism=4)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/kate5
Install Kate by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=$KF5_PREFIX \ -DCMAKE_BUILD_TYPE=Release \ -DBUILD_TESTING=OFF \ -Wno-dev .. && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-24 06:51:33 -0800
Mousepad is a simple GTK+ 3 text editor for the Xfce desktop environment.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://archive.xfce.org/src/apps/mousepad/0.5/mousepad-0.5.2.tar.bz2
Download MD5 sum: d64c0e92337e49c5bcc807e622d4db9c
Download size: 832 KB
Estimated disk space required: 17 MB
Estimated build time: 0.1 SBU
gtksourceview-3.24.11 and Xfconf-4.16.0
DConf-0.38.0 (runtime) and dbus-glib-0.110
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/mousepad
Install Mousepad by running the following commands:
./configure --prefix=/usr --enable-keyfile-settings && make
This package does not come with a test suite.
Now, as the root
user:
make install
--enable-keyfile-settings
: Use
the GSettings keyfile backend rather than the default
DConf-0.38.0.
Last updated on 2021-02-23 04:28:57 -0800
The Nano package contains a small, simple text editor which aims to replace Pico, the default editor in the Pine package.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.nano-editor.org/dist/v5/nano-5.6.tar.xz
Download MD5 sum: 65ca32d7485ae8339ef2ccbf18c789f6
Download size: 1.4 MB
Estimated disk space required: 24 MB
Estimated build time: 0.2 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/Nano
Install Nano by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --enable-utf8 \ --docdir=/usr/share/doc/nano-5.6 && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -v -m644 doc/{nano.html,sample.nanorc} /usr/share/doc/nano-5.6
--enable-utf8
: This
switch enables unicode support in Nano.
Example configuration (create as a system-wide /etc/nanorc
or a personal ~/.nanorc
file)
set autoindent
set constantshow
set fill 72
set historylog
set multibuffer
set nohelp
set positionlog
set quickblank
set regexp
set suspend
Check the sample.nanorc
file
in the installed documentation directory. It includes color
configurations and has some documentation included in the
comments.
Syntax highlighting is provided for several file types, in
/usr/share/nano/
directory.
E.g., for shell scripts, you can insert include /usr/share/nano/sh.nanorc
in the
personal or global configuration file. If you wish
highlighting for all supported files, use include /usr/share/nano/*.nanorc
. This
include does not descend into the extra
directory. Move required files one
level up.
Last updated on 2021-02-26 14:00:35 -0800
The Vim package, which is an abbreviation for VI IMproved, contains a vi clone with extra features as compared to the original vi.
The default LFS instructions install vim as a part of the base system. If you would prefer to link vim against X, you should recompile vim to enable GUI mode. There is no need for special instructions since X support is automatically detected.
The version of vim changes daily. The get the latest version, go to https://github.com/vim/vim/releases.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://anduin.linuxfromscratch.org/BLFS/vim/vim-8.2.2433.tar.gz
Download MD5 sum: a26555c8919cf40938d2428d834bf913
Download size: 15 MB
Estimated disk space required: 110 MB (add 71 MB for tests)
Estimated build time: 0.4 SBU (with parallelism=4; add 1.4 SBU for tests)
X Window System and GTK+-3.24.25
GPM-1.20.7, Lua-5.4.2, Python-2.7.18, rsync-3.2.3 and Ruby-3.0.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/vim
If you recompile Vim to
link against X and your
X libraries are not on the
root partition, you will no longer have an editor for use
in emergencies. You may choose to install an additional
editor, not link Vim
against X, or move the
current vim
executable to the /bin
directory under a different name such as vi
.
Install Vim by running the following commands:
If you intend to run the tests and have not installed Xorg in /usr, append LDFLAGS='-L$XORG_PROFIX/lib' to the configure line below.
echo '#define SYS_VIMRC_FILE "/etc/vimrc"' >> src/feature.h && echo '#define SYS_GVIMRC_FILE "/etc/gvimrc"' >> src/feature.h && ./configure --prefix=/usr \ --with-features=huge \ --enable-gui=gtk3 \ --with-tlib=ncursesw && make
If the global configuration file /etc/vimrc
references the VIMRUNTIME
environment variable, some tests
may complain about being unable to find the corresponding
directory and wait for user input. If this is the case,
this file should be saved and removed before running the
tests.
To test the results, issue: make -j1 test. Even if one
of the tests fails to produce the file test.out
in src/testdir
, the remaining tests will still
be executed. If all goes well, the log will report
ALL DONE
. Some tests labelled as
“flaky” may fail occasionally and
can be ignored. The tests are known to fail if the output is
redirected to a file.
Some color tests expect to be executed under the xterm terminal emulator.
Now, as the root
user:
make install
By default, Vim's documentation is installed in /usr/share/vim
. The following symlink
allows the documentation to be accessed via /usr/share/doc/vim-8.2.2433
, making it
consistent with the location of documentation for other
packages:
ln -snfv ../vim/vim82/doc /usr/share/doc/vim-8.2.2433
If you wish to update the runtime files, issue the following command (requires rsync-3.2.3):
rsync -avzcP --exclude="/dos/" --exclude="/spell/" \ ftp.nluug.nl::Vim/runtime/ ./runtime/
To install the runtime files and regenerate the tags
file, as the root
user issue:
make -C src installruntime && vim -c ":helptags /usr/share/doc/vim-8.2.2433" -c ":q"
--with-features=huge
:
This switch enables all the additional features available in
Vim, including support for
multibyte characters.
--with-tlib=ncursesw
:
This switch forces Vim to link against the libncursesw
library.
--enable-gui=no
: This will
prevent compilation of the GUI. Vim will still link against X, so that some features such as the
client-server model or the x11-selection (clipboard) are
still available.
--without-x
: If you prefer not to
link Vim against
X, use this switch.
--enable-luainterp
, --enable-perlinterp
, --enable-pythoninterp
, --enable-tclinterp
, --enable-rubyinterp
: These options include
the Lua, Perl, Python, Tcl, or Ruby interpreters that allow
using other application code in vim scripts.
Vim has an integrated spell checker which you can enable by issuing the following in a vim window:
:setlocal spell spelllang=ru
This setting will enable spell checking for the Russian language for the current session.
By default, Vim only
installs spell files for the English language. If a spell
file is not available for a language, then Vim will call the $VIMRUNTIME/plugin/spellfile.vim
plugin
and will try to obtain the *.spl and optionally *.sug from
the vim ftp server, by using the $VIMRUNTIME/plugin/netrwPlugin.vim
plugin.
Alternatively you can manually download the *.spl and *.sug
files from: ftp://ftp.vim.org/pub/vim/runtime/spell/
and save them to ~/.vim/spell
or in /usr/share/vim/vim82/spell/
.
To find out what's new in Vim-8.2.2433 issue the following command:
:help version-8.2.2433
For additional information on setting up Vim configuration files, see The vimrc Files and http://vim.wikia.com/wiki/Example_vimrc.
A list of the reinstalled files, along with their short descriptions can be found in the LFS Vim Installation Instructions.
Last updated on 2021-02-22 12:20:59 -0800
We are all familiar with the Bourne Again SHell, but there are two other user interfaces that are considered useful modern shells – the Berkeley Unix C shell and the Korn shell. This chapter installs packages compatible with these additional shell types.
Dash is a POSIX compliant
shell. It can be installed as /bin/sh or as the default shell
for either root
or a second
user with a userid of 0. It depends on fewer libraries than
the Bash shell and is
therefore less likely to be affected by an upgrade problem or
disk failure. Dash is also
useful for checking that a script is completely compatible
with POSIX syntax.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://gondor.apana.org.au/~herbert/dash/files/dash-0.5.11.3.tar.gz
Download MD5 sum: c7016b513f701d88c70b3082eb183581
Download size: 240 KB
Estimated disk space required: 3.7 MB
Estimated build time: less than 0.1 SBU
libedit (command line editor library)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dash
Install Dash by running the following commands:
./configure --bindir=/bin --mandir=/usr/share/man && make
This package does not come with a test suite.
Now, as the root
user:
make install
If you would like to make dash the default
sh, recreate
the /bin/sh
symlink as the
root
user:
If you create the symbolic link from dash to sh, you will need to reset the link to bash to build LFS.
ln -svf dash /bin/sh
--bindir=/bin
: This
parameter places the dash binary into the root
filesystem.
--with-libedit
: To compile
Dash with libedit support.
Last updated on 2021-02-21 17:43:43 -0800
The Tcsh package contains “an enhanced but completely compatible version of the Berkeley Unix C shell (csh)”. This is useful as an alternative shell for those who prefer C syntax to that of the bash shell, and also because some programs require the C shell in order to perform installation tasks.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): ftp://ftp.astron.com/pub/tcsh/tcsh-6.22.03.tar.gz
Download MD5 sum: c9387b7c8cf958956e75b1fa4e59b612
Download size: 992 KB
Estimated disk space required: 15 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/tcsh
Install Tcsh by running the following commands:
./configure --prefix=/usr --bindir=/bin && make && sh ./tcsh.man2html
To test the results, issue: make check.
Now, as the root
user:
make install install.man && ln -v -sf tcsh /bin/csh && ln -v -sf tcsh.1 /usr/share/man/man1/csh.1 && install -v -m755 -d /usr/share/doc/tcsh-6.22.03/html && install -v -m644 tcsh.html/* /usr/share/doc/tcsh-6.22.03/html && install -v -m644 FAQ /usr/share/doc/tcsh-6.22.03
--bindir=/bin
: This
installs the tcsh program in
/bin
instead of /usr/bin
.
sh ./tcsh.man2html: This creates HTML documentation from the formatted man page.
ln -v -sf tcsh
/bin/csh: The FHS states that if there is a
C shell installed, there
should be a symlink from /bin/csh
to it. This creates that symlink.
There are numerous configuration files for the C shell.
Examples of these are /etc/csh.cshrc
, /etc/csh.login
, /etc/csh.logout
, ~/.tcshrc
, ~/.cshrc
, ~/.history
, ~/.cshdirs
, ~/.login
, and ~/.logout
. More information on these
files can be found in the tcsh(1)
man page.
Update /etc/shells
to include
the C shell program names (as the root
user):
cat >> /etc/shells << "EOF"
/bin/tcsh
/bin/csh
EOF
The following ~/.cshrc
provides two alternative colour prompts and coloured
ls output. If
you prefer a global modification, issue the command as the
root
user, replacing
~/.cshrc
by /etc/csh.cshrc
.
cat > ~/.cshrc << "EOF"
# Original at:
# https://www.cs.umd.edu/~srhuang/teaching/code_snippets/prompt_color.tcsh.html
# Modified by the BLFS Development Team.
# Add these lines to your ~/.cshrc (or to /etc/csh.cshrc).
# Colors!
set red="%{\033[1;31m%}"
set green="%{\033[0;32m%}"
set yellow="%{\033[1;33m%}"
set blue="%{\033[1;34m%}"
set magenta="%{\033[1;35m%}"
set cyan="%{\033[1;36m%}"
set white="%{\033[0;37m%}"
set end="%{\033[0m%}" # This is needed at the end...
# Setting the actual prompt. Two separate versions for you to try, pick
# whichever one you like better, and change the colors as you want.
# Just don't mess with the ${end} guy in either line... Comment out or
# delete the prompt you don't use.
set prompt="${green}%n${blue}@%m ${white}%~ ${green}%%${end} "
set prompt="[${green}%n${blue}@%m ${white}%~ ]${end} "
# This was not in the original URL above
# Provides coloured ls
alias ls ls --color=always
# Clean up after ourselves...
unset red green yellow blue magenta cyan yellow white end
EOF
Last updated on 2021-02-21 17:43:43 -0800
The zsh package contains a command interpreter (shell) usable as an interactive login shell and as a shell script command processor. Of the standard shells, zsh most closely resembles ksh but includes many enhancements.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.zsh.org/pub/zsh-5.8.tar.xz
Download MD5 sum: e02a5428620b3dd268800c7843b3dd4d
Download size: 3.0 MB
Estimated disk space required: 72 MB (includes documentation and tests)
Estimated build time: 1.3 SBU (Using parallelism=4; includes documentation and tests)
Optional Documentation: http://www.zsh.org/pub/zsh-5.8-doc.tar.xz
Documentation MD5 sum: ef8514401a81bb1a4c4b655ebda8a1a2
Documentation download size: 3.0 MB
When there is a new zsh release, the old files shown above are moved to a new server directory: http://www.zsh.org/pub/old/.
libcap-2.48 with PAM, PCRE-8.44, and Valgrind-3.16.1,
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/zsh
If you downloaded the optional documentation, unpack it with the following command:
tar --strip-components=1 -xvf ../zsh-5.8-doc.tar.xz
Install zsh by running the following commands:
./configure --prefix=/usr \ --bindir=/bin \ --sysconfdir=/etc/zsh \ --enable-etcdir=/etc/zsh && make && makeinfo Doc/zsh.texi --plaintext -o Doc/zsh.txt && makeinfo Doc/zsh.texi --html -o Doc/html && makeinfo Doc/zsh.texi --html --no-split --no-headers -o Doc/zsh.html
If you have texlive-20200406 installed, you can build PDF format of the documentation by issuing the following command:
texi2pdf Doc/zsh.texi -o Doc/zsh.pdf
To test the results, issue: make check.
Now, as the root
user:
make install && make infodir=/usr/share/info install.info && install -v -m755 -d /usr/share/doc/zsh-5.8/html && install -v -m644 Doc/html/* /usr/share/doc/zsh-5.8/html && install -v -m644 Doc/zsh.{html,txt} /usr/share/doc/zsh-5.8
If you downloaded the optional documentation, install it by
issuing the following commands as the root
user:
make htmldir=/usr/share/doc/zsh-5.8/html install.html && install -v -m644 Doc/zsh.dvi /usr/share/doc/zsh-5.8
If you built the PDF format of the documentation, install it
by issuing the following command as the root
user:
install -v -m644 Doc/zsh.pdf /usr/share/doc/zsh-5.8
--sysconfdir=/etc/zsh
and --enable-etcdir=/etc/zsh
: These
parameters are used so that all the zsh configuration files are consolidated
into the /etc/zsh
directory.
Omit these parameters if you wish to retain historical
compatibility by having all the files located in the
/etc
directory.
--bindir=/bin
: This
parameter places the zsh binaries into the root
filesystem.
--enable-cap
: This option enables
POSIX capabilities.
--disable-gdbm
: This option
disables the use of the GDBM
library.
--enable-pcre
: This option allows
zsh to use the PCRE regular
expression library in shell builtins.
Linking zsh dynamically
against pcre and/or
gdbm produces runtime
dependencies on libpcre.so
and/or libgdbm.so
respectively, which both reside in /usr
hierarchy. If /usr
is a separate mount point and
zsh needs to be available
in boot time, then its supporting libraries should be in
/lib
too. You can move the
libraries as follows:
mv -v /usr/lib/libpcre.so.* /lib && ln -v -sf ../../lib/libpcre.so.0 /usr/lib/libpcre.so mv -v /usr/lib/libgdbm.so.* /lib && ln -v -sf ../../lib/libgdbm.so.3 /usr/lib/libgdbm.so
Alternatively you can statically link zsh against pcre and gdbm if you modify the config.modules
file (you need first to
run configure to generate it).
There are a whole host of configuration files for
zsh including /etc/zsh/zshenv
, /etc/zsh/zprofile
, /etc/zsh/zshrc
, /etc/zsh/zlogin
and /etc/zsh/zlogout
. You can find more
information on these in the zsh(1)
and related manual pages.
The first time zsh is executed, you will be prompted by
messages asking several questions. The answers will be used
to create a ~/.zshrc
file. If
you wish to run these questions again, run zsh
/usr/share/zsh/5.8/functions/zsh-newuser-install
-f.
There are several built-in advanced prompts. In the
zsh shell,
start advanced prompt support with autoload -U promptinit,
then promptinit. Available
prompt names are listed with prompt -l. Select a
particular one with prompt
<prompt-name>
.
Display all available prompts with prompt -p. Except for the
list and display commands above, you can insert the other
ones in ~/.zshrc
to be
automatically executed at shell start, with the prompt you
chose.
Last updated on 2021-02-21 17:43:43 -0800
Virtualization allows running a complete operating system, or virtual machine (VM), within another operating environment as a task. There are several commercial and open source environments that either emulate another processor or utilize the hardware virtualization features of the host processor.
qemu is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.qemu-project.org/qemu-5.2.0.tar.xz
Download MD5 sum: 179f86928835da857c237b42f4b2df73
Download size: 102 MB
Estimated disk space required: 1.7 GB
Estimated build time: 0.9 SBU (using parallelism=4; add 0.3 SBU for tests)
GLib-2.66.7, and X Window System
alsa-lib-1.2.4 and SDL2-2.0.14
Depending on the sound system, various packages in ALSA-1.2.2, Python-3.9.2, PulseAudio-14.2, BlueZ-5.55, cURL-7.75.0, Cyrus SASL-2.1.27, GnuTLS-3.7.0, GTK+-2.24.33, GTK+-3.24.25, libusb-1.0.24, libgcrypt-1.9.2, libssh2-1.9.0, LZO-2.10, Nettle-3.7.1, Mesa-20.3.4, SDL-1.2.15, VTE-0.62.3 or Vte-0.28.2, and libcacard
This optional dependencies list is not comprehensive. See the output of ./configure --help for a more complete list.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/qemu
Before building qemu, check to see if your processor supports Virtualization Technology (VT):
egrep '^flags.*(vmx|svm)' /proc/cpuinfo
If you get any output, you have VT technology (vmx for Intel processors and svm for AMD processors). You then need to go into your system BIOS and ensure it is enabled. After enabing, reboot back to your LFS instance.
Enable the following options in the kernel configuration and recompile the kernel if necessary:
[*] Virtualization: ---> [CONFIG_VIRTUALIZATION]
<*/M> Kernel-based Virtual Machine (KVM) support [CONFIG_KVM]
<*/M> KVM for Intel (and compatible) processors support [CONFIG_KVM_INTEL]
<*/M> KVM for AMD processors support [CONFIG_KVM_AMD]
The Intel or AMD settings are not both required, but the one matching your system processor is required.
To use the “bridge” network device, as explained below, check that bridge-utils-1.6 is installed and the following options in the kernel configuration are enabled:
[*] Networking support ---> [CONFIG_NET]
Networking options --->
<*/M> 802.1d Ethernet Bridging [CONFIG_BRIDGE]
Device Drivers --->
[*] Network device support ---> [CONFIG_NETDEVICES]
<*/M> Universal TUN/TAP device driver support [CONFIG_TUN]
Add any users that might use the KVM device to that group:
usermod -a -G kvm <username>
Fix an issue exposed by binutils-2.36:
sed -i "/LDFLAGS_NOPIE/d" configure pc-bios/optionrom/Makefile
Install qemu by running the following commands:
Qemu is capable of running many targets. The build process
is also capable of building multiple targets at one time in
a comma delimited list assigned to --target-list
. Run ./configure --help to get
a complete list of available targets.
if [ $(uname -m) = i686 ]; then QEMU_ARCH=i386-softmmu else QEMU_ARCH=x86_64-softmmu fi mkdir -vp build && cd build && ../configure --prefix=/usr \ --sysconfdir=/etc \ --target-list=$QEMU_ARCH \ --audio-drv-list=alsa \ --docdir=/usr/share/doc/qemu-5.2.0 && unset QEMU_ARCH && make
qemu uses ninja as a subprocess when building. To run the tests, issue: ninja test.
Now, as the root
user:
make install
You will also need to add an Udev rule so that the KVM device gets correct permissions:
cat > /lib/udev/rules.d/65-kvm.rules << "EOF"
KERNEL=="kvm", GROUP="kvm", MODE="0660"
EOF
Change the permissions and ownership of a helper script, which is needed when using the “bridge” network device (see below):
chgrp kvm /usr/libexec/qemu-bridge-helper && chmod 4750 /usr/libexec/qemu-bridge-helper
For convenience you may want to create a symbolic link to run the installed program. For instance:
ln -sv qemu-system-`uname -m` /usr/bin/qemu
--audio-drv-list=alsa
: This
switch sets the audio driver to ALSA. See below for enabling
other audio drivers.
--audio-drv-list=pa
: This switch
sets the audio driver to pulseaudio. For other drivers see
the --audio-drv-list list in configure's help output.
The default audio driver is OSS. To enable support for both
alsa and pulseaudio, use --audio-drv-list=alsa,pa
.
Since using qemu means using a virtual computer, the steps to
set up the virtual machine are in close analogy with those to
set up a real computer. You'll need to decide about CPU,
memory, disk, USB devices, network card(s), screen size, etc.
Once the “hardware” is decided, you'll have
for example to choose how to connect the machine to internet,
and/or to install an OS. In the following, we show basic ways
of performing those steps. But qemu is much more than this,
and it is strongly advised to read the qemu documentation in
/usr/share/doc/qemu-5.2.0/qemu-doc.html
.
It is standard practice to name the computer running qemu “host” and the emulated machine running under qemu the “guest”. We'll use those notations in the following.
The following instructions assume the optional symbolic
link, qemu
, has been created.
Additionally, qemu must be run from an
X Window System based terminal (either locally or over
ssh).
A virtual disk may be set up in the following way:
VDISK_SIZE=50G
VDISK_FILENAME=vdisk.img
qemu-img create -f qcow2 $VDISK_FILENAME $VDISK_SIZE
The virtual disk size and filename should be ajusted as desired. The actual size of the file will be less than specified, but will expand as needed, so it is safe to put a high value.
To install an operating system, download an iso image from
your preferred Linux distribution. For the purposes of this
example, we'll use Fedora-16-x86_64-Live-LXDE.iso
in the
current directory. Run the following:
qemu -enable-kvm \
-drive file=$VDISK_FILENAME \
-cdrom Fedora-16-x86_64-Live-LXDE.iso \
-boot d \
-m 1G
Follow the normal installation procedures for the chosen
distribution. The -boot
option specifies the boot
order of drives as a string of drive letters. Valid drive
letters are: a, b (floppy 1 and 2), c (first hard disk), d
(first CD-ROM). The -m
option is the amount of
memory to use for the virtual machine. The choice depends on
the load of the host. Modern distributions should be
comfortable with 1GB. The -enable-kvm
option allows
hardware acceleration. Without this switch, the emulation is
much slower.
The virtual machine hardware is defined by the qemu command line. An example command is given below:
qemu -enable-kvm \ -smp 4 \ -cpu host \ -m 1G \ -drive file=$VDISK_FILENAME \ -cdrom grub-img.iso \ -boot order=c,once=d,menu=on \ -net nic,netdev=net0 \ -netdev user,id=net0 \ -device ac97 \ -vga std \ -serial mon:stdio \ -name "fedora-16"
-enable-kvm
: enable
full KVM virtualization support. On some hardware, it may be
necessary to add the undocumented -machine smm=off
option in order to enable
KVM.
-smp <N>
:
enable symmetric multiprocessing with <N> CPUs.
-cpu <model>
:
simulate CPU <model>. the list of supported models can
be obtained with -cpu help
.
-drive
file=<filename>
: defines a virtual disk
whose image is stored in <filename>
.
-cdrom grub-img.iso
:
defines an iso formated file to use as a cdrom. Here we use a
grub rescue disk, which may turn handy when something goes
wrong at boot time.
-boot
order=c,once=d,menu=on
: defines the boot order
for the virtual BIOS.
-net
nic,netdev=<netid>
: defines a network card
connected to the network device with id <netid>.
-netdev
user,id=<netid>
: defines the network
“user” device. This is a virtual
local network with addresses 10.0.2.0/24, where the host has
address 10.0.2.2 and acts as a gateway to internet, and with
a name server at address 10.0.2.3, and an smb server at
address 10.0.2.4. A builtin DHCP server can allocate
addresses between 10.0.2.15 and 10.0.2.31.
-soundhw
<model>
: defines the soundcard model. The
list may be obtained with -soundhw
help
.
-vga <type>
:
defines the type of vga card to emulate.
-serial mon:stdio
:
sends the serial port of the guest (/dev/ttyS0
on linux guests), multiplexed
with the qemu monitor, to the standard input and output of
the qemu process.
-name <name>
:
sets the name of the guest. This name is displayed in the
guest window caption. It may be useful if you run several
guests at the same time.
It may happen that the guest window displayed by qemu does not correspond to the full capability of the emulated vga card. For example, the vmware card is 1600x900 capable, but only 1024x768 is displayed by default. A suitable Xorg configuration on the guest allows to use the full size (Note that the Xorg video driver to use is Xorg VMware Driver-13.3.0):
cat > /usr/share/X11/xorg.conf.d/20-vmware.conf << "EOF"
Section "Monitor"
Identifier "Monitor0"
# cvt 1600 900
# 1600x900 59.95 Hz (CVT 1.44M9) hsync: 55.99 kHz; pclk: 118.25 MHz
Modeline "1600x900" 118.25 1600 1696 1856 2112 900 903 908 934 -hsync +vsync
Option "PreferredMode" "1600x900"
HorizSync 1-200
VertRefresh 1-200
EndSection
Section "Device"
Identifier "VMware SVGA II Adapter"
Option "Monitor" "default"
Driver "vmware"
EndSection
Section "Screen"
Identifier "Default Screen"
Device "VMware SVGA II Adapter"
Monitor "Monitor0"
SubSection "Display"
Depth 24
Modes "1600x900" "1440x900" "1366x768" "1280x720" "800x480"
EndSubSection
EndSection
EOF
New sizes will be available besides the native ones. You need to restart X in order to have the new sizes available.
The above solution for networking allows the guest to access
the local network through the host (and possibly to access
internet through the local routers), but the converse is not
true. Not even the host can access the guest, unless port
forwarding is enabled. And in the case several guests are
running, they cannot communicate with each other. Other
network devices can be used for this purpose. For example,
there is the “socket” device, which allows
several guests to share a common virtual network. In the
following, we describe in more details how to set up the
“bridge” device, which allows the
guests to appear as if connected to the local network. All
the commands below should be run as the root
user.
Allow the host to forward IP packets:
sysctl -w net.ipv4.ip_forward=1
To make this permanent, add the command to /etc/sysctl.d/60-net-forward.conf:
cat >> /etc/sysctl.d/60-net-forward.conf << EOF
net.ipv4.ip_forward=1
EOF
Set up a required configuration file:
install -vdm 755 /etc/qemu && echo allow br0 > /etc/qemu/bridge.conf
In the command above, replace the switch -netdev user,...
with
-netdev
bridge,id=net0
.
is a standalone client for using the ivshmem device |
|
is an example server for the ivshmem device |
|
is a test tool for the qemu EDID generator |
|
implements support for QMP (QEMU Monitor Protocol) commands and events that terminate and originate respectively within the guest using an agent built as part of QEMU |
|
provides commands to manage QEMU disk images |
|
is a diagnostic and manipulation program for (virtual) memory media. It is still at an early stage of development |
|
exports Qemu disk images using the QEMU Disk Network Block Device (NBD) protocol |
|
is the QEMU PC System emulator |
|
creates a socket pair or a named socket. QEMU and proxy helper communicate using this socket. QEMU proxy fs driver sends filesystem request to proxy helper and receives the response from it |
Last updated on 2021-02-21 06:55:47 -0800
Libraries contain code which is often required by more than one program. This has the advantage that each program doesn't need to duplicate code (and risk introducing bugs), it just has to call functions from the libraries installed on the system. The most obvious example of a set of libraries is Glibc which is installed during the LFS book. This contains all of the C library functions which programs use.
There are two types of libraries: static and shared. Shared
libraries (usually libXXX.so
) are
loaded into memory from the shared copy at runtime (hence the
name). Static libraries ( libXXX.a
)
are actually linked into the program executable file itself, thus
making the program file larger. Quite often, you will find both
static and shared copies of the same library on your system.
Generally, you only need to install libraries when you are
installing software that needs the functionality they supply. In
the BLFS book, each package is presented with a list of (known)
dependencies. Thus, you can figure out which libraries you need
to have before installing that program. If you are installing
something without using BLFS instructions, usually the
README
or INSTALL
file will contain details of the
program's requirements.
There are certain libraries which nearly everyone will need at some point. In this chapter these and some others are listed and it is explained why you may want to install them.
The Apache Portable Runtime (APR) is a supporting library for the Apache web server. It provides a set of application programming interfaces (APIs) that map to the underlying Operating System (OS). Where the OS doesn't support a particular function, APR will provide an emulation. Thus programmers can use the APR to make a program portable across different platforms.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.apache.org/dist/apr/apr-1.7.0.tar.bz2
Download (FTP): ftp://ftp.mirrorservice.org/sites/ftp.apache.org/apr/apr-1.7.0.tar.bz2
Download MD5 sum: 7a14a83d664e87599ea25ff4432e48a7
Download size: 852 KB
Estimated disk space required: 11 MB (additional 4 MB for the tests)
Estimated build time: 0.2 SBU (add 1.7 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/apr
Install Apr by running the following commands:
./configure --prefix=/usr \ --disable-static \ --with-installbuilddir=/usr/share/apr-1/build && make
To test the results, issue: make test.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
The Apache Portable Runtime Utility Library provides a predictable and consistent interface to underlying client library interfaces. This application programming interface assures predictable if not identical behaviour regardless of which libraries are available on a given platform.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.apache.org/dist/apr/apr-util-1.6.1.tar.bz2
Download (FTP): ftp://ftp.mirrorservice.org/sites/ftp.apache.org/apr/apr-util-1.6.1.tar.bz2
Download MD5 sum: 8ff5dc36fa39a2a3db1df196d3ed6086
Download size: 420 KB
Estimated disk space required: 6.5 MB (add 1.4 MB for tests)
Estimated build time: less than 0.1 SBU (add 0.3 SBU for tests)
Berkeley DB-5.3.28, FreeTDS, MariaDB-10.5.8 or MySQL, OpenLDAP-2.4.57, PostgreSQL-13.2, SQLite-3.34.1 and unixODBC-2.3.9
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/apr-util
Install Apr Util by running the following commands:
./configure --prefix=/usr \ --with-apr=/usr \ --with-gdbm=/usr \ --with-openssl=/usr \ --with-crypto && make
To test the results, issue: make -j1 test. One test, testdbm, is known to fail.
Now, as the root
user:
make install
--with-gdbm=/usr
:
This switch enables the apr_dbm_gdbm-1.so
plugin.
--with-openssl=/usr
--with-crypto
: These switches enable the
apr_crypto_openssl-1.so
plugin.
--with-berkeley-db=/usr
: If you
have installed Berkeley DB-5.3.28, use this switch
to compile the apr_dbm_db-1.so
plugin.
--with-ldap
: If you have
installed OpenLDAP-2.4.57, use this switch to
compile the apr_ldap.so
plugin.
Last updated on 2021-02-19 22:13:48 -0800
The Aspell package contains an interactive spell checking program and the Aspell libraries. Aspell can either be used as a library or as an independent spell checker.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/aspell/aspell-0.60.8.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/aspell/aspell-0.60.8.tar.gz
Download MD5 sum: 012fa9209203ae4e5a61c2a668fd10e3
Download size: 3.3 MB
Estimated disk space required: 51 MB (Additional 8 MB for EN dictionary)
Estimated build time: 0.4 SBU
You'll need to download at least one dictionary. The link below will take you to a page containing links to dictionaries in many languages.
Aspell dictionaries: https://ftp.gnu.org/gnu/aspell/dict
Which-2.21 (for the dictionaries)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/aspell
Install Aspell by running the following commands:
./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install && ln -svfn aspell-0.60 /usr/lib/aspell && install -v -m755 -d /usr/share/doc/aspell-0.60.8/aspell{,-dev}.html && install -v -m644 manual/aspell.html/* \ /usr/share/doc/aspell-0.60.8/aspell.html && install -v -m644 manual/aspell-dev.html/* \ /usr/share/doc/aspell-0.60.8/aspell-dev.html
If you do not plan to install Ispell, then copy the wrapper script ispell:
install -v -m 755 scripts/ispell /usr/bin/
If you do not plan to install Spell, then copy the wrapper script spell:
install -v -m 755 scripts/spell /usr/bin/
ln -svfn aspell-0.60 /usr/lib/aspell: This command is useful for configuration of other applications, such as enchant-2.2.15.
is a utility that can function as an ispell -a replacement, as an independent spell checker, as a test utility to test out Aspell features, and as a utility for managing dictionaries |
|
is a wrapper around aspell to invoke it in ispell compatible mode |
|
is a wrapper around aspell to invoke it in spell compatible mode |
|
imports old personal dictionaries into Aspell |
|
decompresses a prezipped file to stdout |
|
decompresses a prezipped file |
|
is a prefix delta compressor, used to compress sorted word lists or other similar text files |
|
is called by the various wrapper scripts to perform the actual compressing and decompressing |
|
displays information about the |
|
is a script to help use Aspell as an ispell replacement |
|
compresses or decompresses sorted word lists for use with the Aspell spell checker |
|
contains spell checking API functions |
|
is an interface to the |
Last updated on 2021-02-19 22:13:48 -0800
Boost provides a set of free peer-reviewed portable C++ source libraries. It includes libraries for linear algebra, pseudorandom number generation, multithreading, image processing, regular expressions and unit testing.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://dl.bintray.com/boostorg/release/1.75.0/source/boost_1_75_0.tar.bz2
Download MD5 sum: ea217ed7c4414e93d44106c316966ae1
Download size: 116 MB
Estimated disk space required: 1.1 GB (175 MB installed)
Estimated build time: 1.3 SBU (Using parallelism=4; add 1.3 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/boost
This package can be built with several jobs running in
parallel. In the instructions below, <N>
stands for the number
of jobs. Install Boost by
running the following commands:
./bootstrap.sh --prefix=/usr --with-python=python3 &&
./b2 stage -j<N>
threading=multi link=shared
To run the Boost.Build's regression test, issue pushd tools/build/test; python3 test_all.py; popd. All 153 tests should pass.
To run every library's regression tests, issue pushd status; ../b2; popd.
A few tests may fail. They take a very long time (over 119
SBU at -j4) and use a very large amount of disk space (46
GB). You should use the -jN
switch to speed them up.
Now, as the root
user:
./b2 install threading=multi link=shared
threading=multi
: This
parameter ensures that Boost
is built with multithreading support.
link=shared
: This
parameter ensures that only shared libraries are created,
except for libboost_exception and libboost_test_exec_monitor
which are created as static. Most people will not need the
static libraries, and most programs using Boost only use the headers. Omit this
parameter if you do need static libraries.
ln -svf detail/sha1.hpp
...
: The uuid/sha1.hpp
used to be a regular header,
but by boost_1_66_0 it had been changed to load the similar
detail/sha1.hpp
header, with a
message that it had been deprecated. It has now been removed,
but not every package which uses it has been changed. An
example is one of the libraries downloaded as a git version
by libreoffice. The symlink enables this and similar packages
to build.
-jN
: This switch may be added to
the b2 command
lines, to run up to N processes in parallel.
--with-python=python3
: Add this
switch to the bootstrap command, if you
want Boost to use Python3 instead of Python2. Using Python3
is known to cause the installation to fail on some systems.
Last updated on 2021-02-19 21:30:09 -0800
Brotli provides a general-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling. Its libraries are particularly used for WOFF2 fonts on webpages.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/google/brotli/archive/v1.0.9/brotli-1.0.9.tar.gz
Download MD5 sum: c2274f0c7af8470ad514637c35bcee7d
Download size: 476 KB
Estimated disk space required: 24 MB (with python3 bindings)
Estimated build time: 0.4 SBU (with python3 bindings)
Python-2.7.18 (to create python2 bindings)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/brotli
At first, fix an issue in pkg-config files:
sed -i '[email protected].@@' scripts/*.pc.in
Install brotli by running the following commands:
mkdir out && cd out && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ .. && make
To test the results, issue: make test
If desired, either or both sets of python bindings can be built and installed without any conflicts. If you need the Python2 bindings, add or substitute python2 for python3 in the following instructions:
pushd .. && python3 setup.py build && popd
The python tests are missing most of the necessary testdata files and therefore 240 of 311 tests fail. If you nevertheless wish to test the bindings, go back to the top-level directory and issue: python3 setup.py test.
Now, as the root
user:
make install && cd ..
If you have built either or both sets of python bindings, install them as the
root
user (as before, use the
appropriate version(s) of python:
python3 setup.py install --optimize=1
Last updated on 2021-02-19 22:13:48 -0800
CLucene is a C++ version of Lucene, a high performance text search engine.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/clucene/clucene-core-2.3.3.4.tar.gz
Download MD5 sum: 48d647fbd8ef8889e5a7f422c1bfda94
Download size: 2.2 MB
Estimated disk space required: 78 MB
Estimated build time: 0.8 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/clucene
Install CLucene by running the following commands:
patch -Np1 -i ../clucene-2.3.3.4-contribs_lib-1.patch && mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DBUILD_CONTRIBS_LIB=ON .. && make
Now, as the root
user:
make install
-DBUILD_CONTRIBS_LIB=ON
: This
cmake variable enables building the CLucene contribs library
necessary for running applications that use language specific
text analyzers like LibreOffice for example.
Last updated on 2021-02-19 22:13:48 -0800
The D-Bus GLib package contains GLib interfaces to the D-Bus API.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://dbus.freedesktop.org/releases/dbus-glib/dbus-glib-0.110.tar.gz
Download MD5 sum: d7cebf1d69445cbd28b4983392145192
Download size: 820 KB
Estimated disk space required: 10 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dbus-glib
Install D-Bus GLib by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --disable-static && make
To test the results, issue: make check. Note that more comprehensive tests can be run by following the same method used in D-Bus instructions, which requires building the package twice.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 11:05:24 -0800
The Double-conversion package contains a library that facilitates binary-to-decimal and decimal-to-binary routines for IEEE doubles.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/google/double-conversion/archive/v3.1.5/double-conversion-3.1.5.tar.gz
Download MD5 sum: e94d3a33a417e692e5600e75019f0272
Download size: 6.7 MB
Estimated disk space required: 54 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/double-conversion
Install Double-conversion by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DBUILD_SHARED_LIBS=ON \ -DBUILD_TESTING=ON \ .. && make
To test the results, issue: make test.
Now, as the root
user:
make install
-DBUILD_SHARED_LIBS=ON
: This
switch forces cmake to build a shared version of the library
instead of the static version.
-DBUILD_TESTING=ON
:
This switch builds the test programs.
Last updated on 2021-02-19 22:13:48 -0800
The enchant package provide a generic interface into various existing spell checking libraries.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/AbiWord/enchant/releases/download/v2.2.15/enchant-2.2.15.tar.gz
Download MD5 sum: 9b27f815ee35ff12b5b870c2d04361c6
Download size: 968 KB
Estimated disk space required: 6.9 MB (add 100 MB for tests)
Estimated build time: 0.2 SBU (add 0.5 SBU for tests)
dbus-glib-0.110, Doxygen-1.9.1, Hspell, Hunspell, Nuspell, Voikko, and unittest-cpp (required for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/enchant
Install enchant by running the following commands:
./configure --prefix=/usr --disable-static && make
To run tests, unittest-cpp must be installed and the
--enable-relocatable
option
passed to configure above. If these conditions are present,
the tests may be run with make
check.
Now, as the root
user:
make install && rm -rf /usr/include/enchant && ln -sfv enchant-2 /usr/include/enchant && ln -sfv enchant-2 /usr/bin/enchant && ln -sfv libenchant-2.so /usr/lib/libenchant.so && ln -sfv enchant-2.pc /usr/lib/pkgconfig/enchant.pc
--disable-static
:
This switch prevents installation of static versions of the
libraries.
rm -rf /usr/include/enchant; ln -sfn ...: Create symlinks for this package version so that other other packages can find it using the old name.
You can test your installation and configuration by creating a test file and running the following commands (you can replace the en_GB dictionary by any other downloaded when installing Aspell-0.60.8):
cat > /tmp/test-enchant.txt << "EOF"
Tel me more abot linux
Ther ar so many commads
EOF
enchant -d en_GB -l /tmp/test-enchant.txt &&
enchant -d en_GB -a /tmp/test-enchant.txt
You will see a list of the misspelled words followed by a list of alternatives for them.
See more details in the enchant manual page.
Last updated on 2021-02-19 22:13:48 -0800
Exempi is an implementation of XMP (Adobe's Extensible Metadata Platform).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://libopenraw.freedesktop.org/download/exempi-2.5.2.tar.bz2
Download MD5 sum: 96e82c244a5659a9b07ae07ca8773ad9
Download size: 3.5 MB
Estimated disk space required: 372 MB (add 31 MB for tests)
Estimated build time: 0.5 SBU (using parallelism=4; add 0.3 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/exempi
If you intend to run the regression tests, first remove a test that depends on an apparently proprietary Adobe SDK:
sed -i -r '/^\s?testadobesdk/d' exempi/Makefile.am && autoreconf -fiv
Install Exempi by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
FFTW is a C subroutine library for computing the discrete Fourier transform (DFT) in one or more dimensions, of arbitrary input size, and of both real and complex data (as well as of even/odd data, i.e. the discrete cosine/sine transforms or DCT/DST).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.fftw.org/fftw-3.3.9.tar.gz
Download (FTP): ftp://ftp.fftw.org/pub/fftw/fftw-3.3.9.tar.gz
Download MD5 sum: 50145bb68a8510b5d77605f11cadf8dc
Download size: 4.0 MB
Estimated disk space required: 60 MB
Estimated build time: 1.4 SBU (using parallelism=4; add 2.2 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/fftw
We build fftw three times for different libraries in different numerical precisions: the default double precision floating point, the older 32-bit (single precision) version named float which sacrifices precision for speed, and the long double which offers increased precision at the cost of slower execution.
The first build is for double precision arithmetic. Install fftw by running the following commands:
./configure --prefix=/usr \ --enable-shared \ --disable-static \ --enable-threads \ --enable-sse2 \ --enable-avx && make
To test the results, issue: make check. On 32-bit systems, the tests can take substantially longer than they would on 64-bit machines.
Now, as the root
user:
make install
Now build single precision:
make clean && ./configure --prefix=/usr \ --enable-shared \ --disable-static \ --enable-threads \ --enable-sse2 \ --enable-avx \ --enable-float && make
As the root
user:
make install
Finally, build long double precision:
make clean && ./configure --prefix=/usr \ --enable-shared \ --disable-static \ --enable-threads \ --enable-long-double && make
As the root
user:
make install
--enable-shared
--disable-static
: Use shared libs instead of
static libs.
--enable-threads
:
This enables libfftw3_threads.so
to be compiled. It is
used by e.g. the gimp plugin
from G'MIC.
--enable-float
: This
enables building the library that uses single precision
floating point arithmetic. It is faster but less precise than
the default double precision library. The library will be
called libfftw3f.so
needed by
PulseAudio-14.2.
--enable-long-double
:
This enables building the library that uses higher precision
long-double floating point arithmetic. The library will be
called libfftw3l.so
.
is a utility to generate FFTW wisdom files, which contain saved information about how to optimally compute (Fourier) transforms of various sizes |
|
is a utility to generate C configuration routines from FFTW wisdom files, where the latter contain saved information about how to optimally compute (Fourier) transforms of various sizes |
|
is the Fast Fourier Transform library |
|
is the threaded Fast Fourier Transform library |
|
is the single-precision Fast Fourier Transform library, described as “float” for historic reasons |
|
is the threaded single-precision Fast Fourier Transform library |
|
is the long double Fast Fourier Transform library |
|
is the threaded long double Fast Fourier Transform library |
Last updated on 2021-02-19 22:13:48 -0800
The GLib package contains low-level libraries useful for providing data structure handling for C, portability wrappers and interfaces for such runtime functionality as an event loop, threads, dynamic loading and an object system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/glib/2.66/glib-2.66.7.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/glib/2.66/glib-2.66.7.tar.xz
Download MD5 sum: 20d515238d2d22f1ec2057828fb59d52
Download size: 4.6 MB
Estimated disk space required: 206 MB (add 1 MB for tests)
Estimated build time: 0.5 SBU (add 1.0 SBU for tests; both using parallelism=4)
libxslt-1.1.34 and PCRE-8.44 (built with Unicode properties)
dbus-1.12.20 and bindfs (both may be used in some tests), GDB-10.1 (for bindings), docbook-xml-4.5, docbook-xsl-1.79.2, GTK-Doc-1.33.2 (to build API documentation), and glib-networking-2.66.0 (for some tests, but this is a circular dependency)
gobject-introspection-1.66.1 (should be installed before gtk+, atk, etc.)
Quoted directly from the INSTALL
file: “Some of the
mimetype-related functionality in GIO requires the
update-mime-database and
update-desktop-database
utilities”, which are part of shared-mime-info-2.1 and desktop-file-utils-0.26,
respectively. These two utilities are also needed for some
tests.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/glib2
If desired, apply the optional patch. In many cases,
applications that use this library, either directly or
indirectly via other libraries such as GTK+-3.24.25, output
numerous warnings when run from the command line. This patch
enables the use of an environment variable, GLIB_LOG_LEVEL
, that supresses unwanted
messages. The value of the variable is a digit that
corresponds to:
1 Alert |
2 Critical |
3 Error |
4 Warning |
5 Notice |
For instance export
GLIB_LOG_LEVEL=4
will skip output of Warning
and Notice messages (and Info/Debug messages if they are
turned on). If GLIB_LOG_LEVEL
is
not defined, normal message output will not be affected.
patch -Np1 -i ../glib-2.66.7-skip_warnings-1.patch
If a previous version of glib is installed, move the headers out of the way so that later packages do not encounter conflicts:
if [ -e /usr/include/glib-2.0 ]; then rm -rf /usr/include/glib-2.0.old && mv -vf /usr/include/glib-2.0{,.old} fi
Install GLib by running the following commands:
mkdir build && cd build && meson --prefix=/usr \ -Dman=true \ -Dselinux=disabled \ .. && ninja
If libxslt-1.1.34 is installed, the above command may indicate several (about 33) errors that start with "Error: no ID for constraint linkend:" when generating the man pages. These are harmless.
The GLib test suite requires desktop-file-utils for some tests. However, desktop-file-utils requires GLib in order to compile; therefore, you must first install GLib and then run the test suite.
Now, as the root
user:
ninja install && mkdir -p /usr/share/doc/glib-2.66.7 && cp -r ../docs/reference/{NEWS,gio,glib,gobject} /usr/share/doc/glib-2.66.7
You should now install desktop-file-utils-0.26 and shared-mime-info-2.1 and proceed to run the test suite.
To test the results, after having installed the package, issue: ninja test.
Finally, if this is a reinstall from glib2-2.64.x or earlier,
remove (as the root
user) an
obsolete header file that interferes with some packages:
rm -f /usr/include/glib-2.0/glib/gurifuncs.h
-Dman=true
: This
switch causes the build to create and install the package man
pages.
-Dselinux=disabled
:
This switch disables support for selinux which is not
supported in BLFS.
-Dgtk_doc=true
: This switch
causes the build to create and install the API documentation.
can be used to start applications and to send messages to already-running instances of other applications |
|
is a simple tool used for working with D-Bus objects |
|
is used to generate code and/or documentation for one or more D-Bus interfaces |
|
is a utility that makes many GIO features available from the command line |
|
is used to create a |
|
is used to read the resource description from a file and the files that it references to create a binary resource bundle that is suitable for use with the GResource API |
|
is used to compile all the GSettings XML schema
files in a directory into a binary file with the
name |
|
is a C code marshaller generation utility for GLib closures |
|
is a variant of the gettext internationalization utility |
|
is a C language enum description generation utility |
|
is a small utility that draws a tree of types |
|
offers a simple command line interface to GResource |
|
offers a simple command line interface to GSettings |
|
is a test running utility |
|
is a test report formatting utility |
|
contain low-level core libraries for the GIMP Toolkit |
Last updated on 2021-02-20 14:10:45 -0800
The GLibmm package is a set of C++ bindings for GLib.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/glibmm/2.66/glibmm-2.66.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/glibmm/2.66/glibmm-2.66.0.tar.xz
Download MD5 sum: e7084e702d87ac9e34a5837f5a500822
Download size: 7.2 MB
Estimated disk space required: 174 MB (with tests)
Estimated build time: 0.8 SBU (Using parallelism=4; with tests)
GLib-2.66.7 and libsigc++-2.10.6
Doxygen-1.9.1, glib-networking-2.66.0 (for tests), GnuTLS-3.7.0 (for tests), libxslt-1.1.34, and mm-common
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/glibmm
Install GLibmm by running the following commands:
mkdir bld && cd bld && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
Last updated on 2021-02-19 22:13:48 -0800
The GMime package contains a set of utilities for parsing and creating messages using the Multipurpose Internet Mail Extension (MIME) as defined by the applicable RFCs. See the GMime web site for the RFCs resourced. This is useful as it provides an API which adheres to the MIME specification as closely as possible while also providing programmers with an extremely easy to use interface to the API functions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/gmime/3.2/gmime-3.2.7.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/gmime/3.2/gmime-3.2.7.tar.xz
Download MD5 sum: 7ecd9aa75e0cd2e8668206b1d53df874
Download size: 2.1 MB
Estimated disk space required: 25 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
GLib-2.66.7 and libgpg-error-1.41
gobject-introspection-1.66.1 and libidn2-2.3.0
DocBook-utils-0.6.14, GPGME-1.15.1, GTK-Doc-1.33.2, Vala-0.50.3, and Gtk# (requires Mono)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gmime
Install GMime by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-19 22:13:48 -0800
The GObject Introspection is used to describe the program APIs and collect them in a uniform, machine readable format.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/gobject-introspection/1.66/gobject-introspection-1.66.1.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/gobject-introspection/1.66/gobject-introspection-1.66.1.tar.xz
Download MD5 sum: f43d661d39ff52d33622cb1854aaaf76
Download size: 992 KB
Estimated disk space required: 55 MB (with tests)
Estimated build time: 0.2 SBU (Using parallelism=4; with tests)
Cairo-1.17.2+f93fc72c03e (required for the tests), Gjs-1.66.2 (to satisfy one test), GTK-Doc-1.33.2, Mako-1.1.4, and Markdown (to satisfy one test)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gobject-introspection
Install GObject Introspection by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test -k0. One test (test_docwriter) fails if the optional Markdown module is not installed.
Now, as the root
user:
ninja install
-Dgtk_doc=true
: Build and install
the documentation.
-Dcairo=enabled
: Use cairo for
tests.
-Ddoctool=enabled
: Install
g-ir-doc-tool and run related tests.
creates or extracts annotation data from GI typelibs |
|
converts one or more GIR files into one or more typelib |
|
generates Mallard files that can be viewed with yelp or rendered to HTML with yelp-build from yelp-tools |
|
is a utility that gives information about a GI typelib |
|
is a GIR generator that uses the repository API |
|
is a tool which generates GIR XML files by parsing headers and introspecting GObject based libraries |
|
provides an API to access the typelib metadata |
Last updated on 2021-02-19 22:13:48 -0800
Grantlee is a set of free software libraries written using the Qt framework. Currently two libraries are shipped with Grantlee: Grantlee Templates and Grantlee TextDocument. The goal of Grantlee Templates is to make it easier for application developers to separate the structure of documents from the data they contain, opening the door for theming.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://downloads.grantlee.org/grantlee-5.2.0.tar.gz
Download MD5 sum: 6239b3703674f88b2236d30d0ed67eea
Download size: 1.1 MB
Estimated disk space required: 22 MB
Estimated build time: 0.6 SBU (Using parallelism=4)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/grantlee
Install Grantlee by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ .. && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-21 15:09:04 -0800
The GNU Scientific Library (GSL) is a numerical library for C and C++ programmers. It provides a wide range of mathematical routines such as random number generators, special functions and least-squares fitting.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/gsl/gsl-2.6.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/gsl/gsl-2.6.tar.gz
Download MD5 sum: bda73a3dd5ff2f30b5956764399db6e7
Download size: 7.1 MB
Estimated disk space required: 275 MB (with tests, without docs)
Estimated build time: 1.7 SBU (with tests, without docs)
Sphinx with sphinx_rtd_theme
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gsl
Install Gsl by running the following commands:
./configure --prefix=/usr --disable-static && make
If you have the optional Sphinx package installed, buid the documentation with:
make html
To test the results, issue: make check.
Now, as the root
user:
make install
If you built the documentation, install it (as root
) with:
mkdir /usr/share/doc/gsl-2.6 && cp -R doc/_build/html/* /usr/share/doc/gsl-2.6
--disable-static
:
This switch prevents installation of static versions of the
libraries.
is a shell script to get the version number and compiler flags of the installed Gsl library |
|
is a demonstration program for the GNU Scientific Library that computes a histogram from data taken from stdin |
|
is a demonstration program for the GNU Scientific Library that generates random samples from various distributions |
|
contains functions that implement a C interface to Basic Linear Algebra Subprograms |
|
contains functions that provide a collection of numerical routines for scientific computing |
Last updated on 2021-02-19 22:13:48 -0800
The gspell package provides a flexible API to add spell checking to a GTK+ application.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/gspell/1.8/gspell-1.8.4.tar.xz
Download MD5 sum: 378dee938c08c24b559953cbcad83942
Download size: 414 KB
Estimated disk space required: 13 MB (with tests)
Estimated build time: 0.1 SBU (using parallelism=4; with tests)
enchant-2.2.15 and GTK+-3.24.25
gobject-introspection-1.66.1, GTK-Doc-1.33.2, ISO Codes-4.5.0, Vala-0.50.3, and Valgrind-3.16.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gspell
Install gspell by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check. One test, test-checker, is known to fail if the external package Hunspell is not installed. The tests also must be run in an X session.
Now, as the root
user:
make install
Last updated on 2021-02-21 15:09:04 -0800
The International Components for Unicode (ICU) package is a mature, widely used set of C/C++ libraries providing Unicode and Globalization support for software applications. ICU is widely portable and gives applications the same results on all platforms.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://github.com/unicode-org/icu/releases/download/release-68-2/icu4c-68_2-src.tgz
Download MD5 sum: c21cbdfe31a1e325afe765a16f907d20
Download size: 24 MB
Estimated disk space required: 312 MB (add 37 MB for tests)
Estimated build time: 0.7 SBU (Using parallelism=4; add 2.2 SBU for tests)
LLVM-11.1.0 (with Clang), and Doxygen-1.9.1 (for documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/icu
If clang++ is available, it will be used in the mistaken belief that g++ might not support C++11, even though configure has tested for that. If using g++ there will be an unnecessary warning at the end of configure. Building with g++ also takes longer than the estimated SBU shown.
Install ICU by running the following commands:
cd source && ./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
disassembles a resource bundle |
|
converts “\u” escaped characters into unicode characters |
|
compiles ICU break iteration rules source files into binary data files |
|
generates C or platform specific assembly code from an ICU data file |
|
reads in Unicode confusable character definitions and writes out the binary data |
|
generates an ICU memory-mappable data file |
|
compiles the converter's aliases file |
|
compiles word lists into ICU string trie dictionaries |
|
builds binary data files with Unicode normalization data |
|
compiles a resource bundle |
|
compiles StringPrep data from filtered RFC 3454 files |
|
outputs ICU build options |
|
outputs configuration information about the current ICU |
|
extracts or modifies an ICU .dat archive |
|
compiles a converter table |
|
packages data for use by ICU |
|
converts data from one encoding to another |
|
is the data library |
|
is the internationalization (i18n) library |
|
is the ICU I/O (unicode stdio) library |
|
is the test library |
|
is the tool utility library |
|
is the common library |
Last updated on 2021-02-19 22:13:48 -0800
This package is a simple .INI file parser written in C.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/benhoyt/inih/archive/r53/inih-r53.tar.gz
Download MD5 sum: 8b52bf308de2ad1eab94fad64c116610
Download size: 17 KB
Estimated disk space required: 1.3 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/inih
Install inih by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
Last updated on 2021-02-19 22:13:48 -0800
The Jansson package contains a library used to encode, decode, and manipulate JSON data.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.digip.org/jansson/releases/jansson-2.13.1.tar.gz
Download MD5 sum: 570af45b8203e95876d71fecd56cee20
Download size: 520 KB
Estimated disk space required: 7.8 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/jansson
Install jansson by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
JS is Mozilla's JavaScript engine written in C. JS78 is taken from Firefox.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.mozilla.org/pub/firefox/releases/78.8.0esr/source/firefox-78.8.0esr.source.tar.xz
Download MD5 sum: 04858eb8431d560e62189878d1abb7bd
Download size: 316 MB
Estimated disk space required: 2.9 GB (36 MB installed after removing 35MB static lib)
Estimated build time: 2.2 SBU (with parallelism = 4)
Autoconf-2.13, ICU-68.2, rustc-1.47.0, and Which-2.21
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/js78
Unlike most other packages in BLFS, the instructions below
require you to untar firefox-78.8.0esr.tar.xz
and change into
the firefox-78.8.0
folder.
Extracting the tarball will reset the permissions of the
current directory to 0755 if you have permission to do
that. If you do this in a directory where the sticky bit is
set, such as /tmp
it will end
with error messages:
tar: .: Cannot utime: Operation not permitted
tar: .: Cannot change mode to rwxr-xr-t: Operation not permitted
tar: Exiting with failure status due to previous errors
This does finish with non-zero status, but it does
NOT mean there is a
real problem. Do not untar as the root
user in a directory where the
sticky bit is set - that will unset it.
Install JS by running the following commands:
If you are compiling this package in chroot you must do two
things. First, as the root
user, ensure that /dev/shm
is
mounted. If you do not do this, the Python configury will fail with a
traceback report referencing /usr/lib/pythonN.N/multiprocessing/synchronize.py
.
Run:
mountpoint -q /dev/shm || mount -t tmpfs devshm /dev/shm
Second, either as the root
user export the $SHELL
environment variable using export SHELL=/bin/sh or
else prepend SHELL=/bin/sh
when
running the configure command.
mkdir obj && cd obj && CC=gcc CXX=g++ \ ../js/src/configure --prefix=/usr \ --with-intl-api \ --with-system-zlib \ --with-system-icu \ --disable-jemalloc \ --disable-debug-symbols \ --enable-readline && make
To run JS test suite, issue: make -C js/src check-jstests JSTESTS_EXTRA_ARGS="--timeout 300 --wpt=disabled". It's recommended to redirect the output into a log. Depending on the machine, either ten or fourteen JS tests related to locale and timezone fail, because of an issue in ICU-68.2. To run the JIT test suite, issue: make -C js/src check-jit-test JITTEST_EXTRA_ARGS="--timeout 300". Again, a few tests may show as unexpected failures.
An issue in the installation process causes any running program which links to JS78 shared library (for example, GNOME Shell) to crash if JS78 is upgraded or reinstalled. To work around this issue, remove the old version of the JS78 shared library before installation:
rm -fv /usr/lib/libmozjs-78.so
Now, as the root
user:
make install && rm -v /usr/lib/libjs_static.ajs && sed -i '/@NSPR_CFLAGS@/d' /usr/bin/js78-config
CC=gcc CXX=g++
: Upstream now
prefers clang, override it
like other Mozilla packages in BLFS book.
--with-*
: These
parameters allow the build system to use system versions of
the above libraries. These are required for stability.
--enable-readline
:
This switch enables Readline support in the JS shell.
--disable-jemalloc
:
This switch disables the internal memory allocator used in
JS78. jemalloc is only intended for the Firefox browser
environment. For other applications using JS78, if JS78 uses
jemalloc, the application may crash as items allocated in
jemalloc allocator are freed on system (glibc) allocator.
--disable-debug-symbols
: Don't
generate debug symbols since they are very large and most
users won't need it. Remove it if you want to debug JS78.
rm -v /usr/lib/libjs_static.ajs: Remove a large static library which is not used by any BLFS package.
sed -i '/@NSPR_CFLAGS@/d' /usr/bin/js78-config: Prevent js78-config from using buggy CFLAGS.
Last updated on 2021-02-26 17:57:35 -0800
The JSON-C implements a reference counting object model that allows you to easily construct JSON objects in C, output them as JSON formatted strings and parse JSON formatted strings back into the C representation of JSON objects.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://s3.amazonaws.com/json-c_releases/releases/json-c-0.15.tar.gz
Download MD5 sum: 55f395745ee1cb3a4a39b41636087501
Download size: 353 KB
Estimated disk space required: 336 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/json-c
Install JSON-C by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DBUILD_STATIC_LIBS=OFF \ .. && make
To test the results, issue: make test.
Now, as the root
user:
make install
-DCMAKE_BUILD_TYPE=Release
:
This switch is used to apply a higher level of compiler
optimizations.
Last updated on 2021-02-19 22:13:48 -0800
The JSON GLib package is a library providing serialization and deserialization support for the JavaScript Object Notation (JSON) format described by RFC 4627.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/json-glib/1.6/json-glib-1.6.2.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/json-glib/1.6/json-glib-1.6.2.tar.xz
Download MD5 sum: 7a981956939e21f78b560ac1ea57f2d7
Download size: 168 KB
Estimated disk space required: 13 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/json-glib
Install JSON GLib by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
Last updated on 2021-02-21 11:05:24 -0800
Keyutils is a set of utilities for managing the key retention facility in the kernel, which can be used by filesystems, block devices and more to gain and retain the authorization and encryption keys required to perform secure operations.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://people.redhat.com/~dhowells/keyutils/keyutils-1.6.1.tar.bz2
Download MD5 sum: 919af7f33576816b423d537f8a8692e8
Download size: 96 KB
Estimated disk space required: 1.9 MB (with tests)
Estimated build time: less than 0.1 SBU (add 0.6 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/keyutils
Install keyutils by running the following commands:
sed -i 's:$(LIBDIR)/$(PKGCONFIG_DIR):/usr/lib/pkgconfig:' Makefile && make
To test the results, issue, as the root
user:
sed -i '/find/s:/usr/bin/::' tests/Makefile && make -k test
Note that several tests will fail if certain uncommon kernel options were not used when the kernel was built. These include CONFIG_BIG_KEYS, CONFIG_KEY_DH_OPERATIONS, and CONFIG_CRYPTO_DH.
Now, as the root
user:
make NO_ARLIB=1 install
sed ... Makefile: This command ensures the pkgconfig file is placed in the correct directory.
NO_ARLIB=1
: This make
flag disables installing the static library.
controls the key management facility with a variety of subcommands |
|
is invoked by request-key on behalf of the kernel when kernel services (such as NFS, CIFS and AFS) need to perform a hostname lookup and the kernel does not have the key cached. It is not ordinarily intended to be called directly |
|
is invoked by the kernel when the kernel is asked for a key that it doesn't have immediately available. The kernel creates a temporary key and then calls out to this program to instantiate it. It is not intended to be called directly |
|
contains the keyutils library API instantiation |
Last updated on 2021-02-19 22:13:48 -0800
The libaio package is an asynchronous I/O facility ("async I/O", or "aio") that has a richer API and capability set than the simple POSIX async I/O facility. This library, libaio, provides the Linux-native API for async I/O. The POSIX async I/O facility requires this library in order to provide kernel-accelerated async I/O capabilities, as do applications which require the Linux-native async I/O API.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://ftp.de.debian.org/debian/pool/main/liba/libaio/libaio_0.3.112.orig.tar.xz
Download MD5 sum: 66e3b7dd255581a73542ee851f8cd737
Download size: 40 KB
Estimated disk space required: 1.0 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libaio
First, disable the installation of the static library:
sed -i '/install.*libaio.a/s/^/#/' src/Makefile
Build libaio by running the following command:
make
To test the results, issue: make partcheck.
Now, install the package as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
The libarchive library provides a single interface for reading/writing various compression formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libarchive/libarchive/releases/download/3.5.1/libarchive-3.5.1.tar.xz
Download MD5 sum: 1f8c29149832baff8bae232fd2f9b0ec
Download size: 4.7 MB
Estimated disk space required: 40 MB (add 29 MB for tests)
Estimated build time: 0.3 SBU (add 1.0 SBU for tests)
libxml2-2.9.10, LZO-2.10, and Nettle-3.7.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libarchive
Install libarchive by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: LC_ALL=C make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--without-xml2
: This switch sets
expat for xar archive format support instead of preferred
libxml2 if both packages are installed.
--without-nettle
: This switch
sets OpenSSL for crypto support instead of preferred Nettle
if both packages are installed.
Last updated on 2021-02-19 21:30:09 -0800
The libassuan package contains an inter process communication library used by some of the other GnuPG related packages. libassuan's primary use is to allow a client to interact with a non-persistent server. libassuan is not, however, limited to use with GnuPG servers and clients. It was designed to be flexible enough to meet the demands of many transaction based environments with non-persistent servers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.4.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.5.4.tar.bz2
Download MD5 sum: d5cee3492f0e0c4fd537af798621dd5b
Download size: 564 KB
Estimated disk space required: 6.7 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
texlive-20200406 (or install-tl-unx)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libassuan
Install libassuan by running the following commands:
./configure --prefix=/usr && make && make -C doc html && makeinfo --html --no-split -o doc/assuan_nochunks.html doc/assuan.texi && makeinfo --plaintext -o doc/assuan.txt doc/assuan.texi
The above commands build the documentation in html and plaintext formats. If you wish to build alternate formats of the documentation, you must have texlive-20200406 installed and issue the following commands:
make -C doc pdf ps
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -dm755 /usr/share/doc/libassuan-2.5.4/html && install -v -m644 doc/assuan.html/* \ /usr/share/doc/libassuan-2.5.4/html && install -v -m644 doc/assuan_nochunks.html \ /usr/share/doc/libassuan-2.5.4 && install -v -m644 doc/assuan.{txt,texi} \ /usr/share/doc/libassuan-2.5.4
If you built alternate formats of the documentation, install
them by running the following commands as the root
user:
install -v -m644 doc/assuan.{pdf,ps,dvi} \ /usr/share/doc/libassuan-2.5.4
Last updated on 2021-02-19 22:13:48 -0800
The libatasmart package is a disk reporting library. It only supports a subset of the ATA S.M.A.R.T. functionality.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://0pointer.de/public/libatasmart-0.19.tar.xz
Download MD5 sum: 53afe2b155c36f658e121fe6def33e77
Download size: 248 KB
Estimated disk space required: 3 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libatasmart
Install libatasmart by running the following commands:
./configure --prefix=/usr --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make docdir=/usr/share/doc/libatasmart-0.19 install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
libatomic_ops provides implementations for atomic memory update operations on a number of architectures. This allows direct use of these in reasonably portable code. Unlike earlier similar packages, this one explicitly considers memory barrier semantics, and allows the construction of code that involves minimum overhead across a variety of architectures.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/ivmai/libatomic_ops/releases/download/v7.6.10/libatomic_ops-7.6.10.tar.gz
Download MD5 sum: 90a78a84d9c28ce11f331c25289bfbd0
Download size: 492 KB
Estimated disk space required: 7.0 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libatomic_ops
Install libatomic_ops by running the following commands:
./configure --prefix=/usr \ --enable-shared \ --disable-static \ --docdir=/usr/share/doc/libatomic_ops-7.6.10 && make
To check the results, issue make check.
Now, as the root
user:
make install
--enable-shared
: This
switch enables building of the libatomic_ops
shared libraries.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 21:30:09 -0800
libblockdev is a C library supporting GObject Introspection for manipulation of block devices. It has a plugin-based architecture where each technology (like LVM, Btrfs, MD RAID, Swap,...) is implemented in a separate plugin, possibly with multiple implementations (e.g. using LVM CLI or the new LVM DBus API).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/storaged-project/libblockdev/releases/download/2.25-1/libblockdev-2.25.tar.gz
Download MD5 sum: 3873d4c97d82121ce86dab745b1862fc
Download size: 912 KB
Estimated disk space required: 14 MB
Estimated build time: 0.2 SBU
gobject-introspection-1.66.1, libbytesize-2.5, libyaml-0.2.4, parted-3.4, and volume_key-0.3.12
btrfs-progs-5.10.1, GTK-Doc-1.33.2, mdadm-4.1, dmraid, bcachefs, and ndctl
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libblockdev
Install libblockdev by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --with-python3 \ --without-gtk-doc \ --without-nvdimm \ --without-dm && make
This package does not come with a working test suite.
Now, as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
The libbytesize package is a library which facilitates the common operations with sizes in bytes.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/storaged-project/libbytesize/releases/download/2.5/libbytesize-2.5.tar.gz
Download MD5 sum: ab94377166b97d662a2434cf79380fd0
Download size: 432 KB
Estimated disk space required: 4.1 MB
Estimated build time: less than 0.1 SBU (including tests)
GTK-Doc-1.33.2, six-1.15.0 (needed for tests and python bindings), pocketlint (python module for one test), and polib (python module for one test)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libbytesize
Install libbytesize by running the following commands:
./configure --prefix=/usr && make
If you have the optional python modules installed, the regression tests can be run with: make check.
Now, as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
The libdaemon package is a lightweight C library that eases the writing of UNIX daemons.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://0pointer.de/lennart/projects/libdaemon/libdaemon-0.14.tar.gz
Download MD5 sum: 509dc27107c21bcd9fbf2f95f5669563
Download size: 332 KB
Estimated disk space required: 3 MB
Estimated build time: 0.1 SBU
Doxygen-1.9.1 and Lynx-2.8.9rel.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libdaemon
Install libdaemon by running the following commands:
./configure --prefix=/usr --disable-static && make
If you have Doxygen installed and wish to build the API documentation, issue the following command:
make -C doc doxygen
This package does not come with a test suite.
Now, as the root
user:
make docdir=/usr/share/doc/libdaemon-0.14 install
If you built the API documentation, install it using the
following commands as the root
user:
install -v -m755 -d /usr/share/doc/libdaemon-0.14/reference/html && install -v -m644 doc/reference/html/* /usr/share/doc/libdaemon-0.14/reference/html && install -v -m644 doc/reference/man/man3/* /usr/share/man/man3
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
The libgcrypt package contains a general purpose crypto library based on the code used in GnuPG. The library provides a high level interface to cryptographic building blocks using an extendable and flexible API.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.9.2.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.9.2.tar.bz2
Download MD5 sum: 00121b05e1ff4cc85a4a6503e0a7d9fb
Download size: 3.1 MB
Estimated disk space required: 138 MB (with tests; add 4 MB for documentation)
Estimated build time: 0.3 SBU (with documentation; add 0.5 SBU for tests)
Pth-2.0.7 and texlive-20200406 (or install-tl-unx)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgcrypt
Install libgcrypt by running the following commands:
./configure --prefix=/usr && make && make -C doc html && makeinfo --html --no-split -o doc/gcrypt_nochunks.html doc/gcrypt.texi && makeinfo --plaintext -o doc/gcrypt.txt doc/gcrypt.texi
The above commands build the documentation in html and plaintext formats. If you wish to build alternate formats of the documentation, you need texlive-20200406 (or install-tl-unx). Issue the following command:
make -C doc pdf ps
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -dm755 /usr/share/doc/libgcrypt-1.9.2 && install -v -m644 README doc/{README.apichanges,fips*,libgcrypt*} \ /usr/share/doc/libgcrypt-1.9.2 && install -v -dm755 /usr/share/doc/libgcrypt-1.9.2/html && install -v -m644 doc/gcrypt.html/* \ /usr/share/doc/libgcrypt-1.9.2/html && install -v -m644 doc/gcrypt_nochunks.html \ /usr/share/doc/libgcrypt-1.9.2 && install -v -m644 doc/gcrypt.{txt,texi} \ /usr/share/doc/libgcrypt-1.9.2
If you built alternate formats of the documentation, install
them by issuing the following command as the root
user:
install -v -m644 doc/gcrypt.{pdf,ps,dvi} \ /usr/share/doc/libgcrypt-1.9.2
--with-capabilities
: This option
enables libcap2 support. Note that this breaks cryptsetup-2.3.4
is a debug tool for S-expressions |
|
is a standalone HMAC-SHA-256 implementation used to compute an HMAC-SHA-256 authentication code |
|
determines the compile and linker flags that should
be used to compile and link programs that use
|
|
is a RPN (Reverse Polish Notation) calculator |
|
contains the cryptographic API functions |
Last updated on 2021-02-19 22:13:48 -0800
The libgpg-error package contains a library that defines common error values for all GnuPG components.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.41.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.41.tar.bz2
Download MD5 sum: 36e9e7e6fffefac1eae5a1a49f14ac4f
Download size: 948 KB
Estimated disk space required: 10 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgpg-error
Install libgpg-error by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -m644 -D README /usr/share/doc/libgpg-error-1.41/README
is used to determine libgpg-error error codes |
|
is a utility used to configure and build applications based on the libgpg-error library. It can be used to query the C compiler and linker flags which are required to correctly compile and link the application against the libgpg-error library |
|
is the same script as gpg-error-config |
|
extracts man pages from a Texinfo source |
|
contains the libgpg-error API functions |
Last updated on 2021-02-19 22:13:48 -0800
The libgrss package contains a library designed to manipulate RSS and Atom feeds.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libgrss/0.7/libgrss-0.7.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libgrss/0.7/libgrss-0.7.0.tar.xz
Download MD5 sum: 7c0ee46a82dc0e9610183fe9ef8c7c1d
Download size: 356 KB
Estimated disk space required: 10 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgrss
Install libgrss by running the following commands:
patch -Np1 -i ../libgrss-0.7.0-bugfixes-1.patch && autoreconf -fv && ./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 11:05:24 -0800
The libgsf package contains a library used for providing an extensible input/output abstraction layer for structured file formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libgsf/1.14/libgsf-1.14.47.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libgsf/1.14/libgsf-1.14.47.tar.xz
Download MD5 sum: 20bf9933128210d7a9f920a34198d22f
Download size: 676 KB
Estimated disk space required: 15 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
GLib-2.66.7 and libxml2-2.9.10
gdk-pixbuf-2.42.2 (To build gsf-office-thumbnailer)
gobject-introspection-1.66.1 and GTK-Doc-1.33.2
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgsf
Install libgsf by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check. Two tests, t1004-zip-zip64.pl and t1005-zip-nonseekable.pl, are known to fail.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
is a simple archive utility, somewhat similar to tar(1) |
|
is used internally by GNOME applications such as Nautilus to generate thumbnails of several types of office application files |
|
is used to extract Visual Basic for Applications macros from files |
|
contains the libgsf API functions |
Last updated on 2021-02-21 11:05:24 -0800
The libgudev package contains GObject bindings for libudev.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libgudev/234/libgudev-234.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libgudev/234/libgudev-234.tar.xz
Download MD5 sum: 386889d460003a4242a64cb47244a39a
Download size: 268 KB
Estimated disk space required: 4.1 MB
Estimated build time: less than 0.1 SBU
gobject-introspection-1.66.1 (for gir-data, needed for GNOME), GTK-Doc-1.33.2, and umockdev-0.15.4 (for testing)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgudev
Install libgudev by running the following commands:
./configure --prefix=/usr --disable-umockdev && make
If you wish to run the test suite, omit "--disable-umockdev" from the configure command and then issue: make check.
Now, as the root
user:
make install
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
--disable-umockdev
:
Disables the usage of umockdev-0.15.4. Omit this switch if
you wish to run the test suite.
Last updated on 2021-02-19 22:13:48 -0800
The libgusb package contains the GObject wrappers for libusb-1.0 that makes it easy to do asynchronous control, bulk and interrupt transfers with proper cancellation and integration into a mainloop.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://people.freedesktop.org/~hughsient/releases/libgusb-0.3.5.tar.xz
Download MD5 sum: 61022fb9abf16804ed3541a67af7d695
Download size: 44 KB
Estimated disk space required: 2.3 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
GTK-Doc-1.33.2, gobject-introspection-1.66.1,
usbutils-013 (for usb.ids
data file, which is also required
for the tests), and Vala-0.50.3
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgusb
Install libgusb by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Ddocs=false .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Ddocs=true
: Use this option if
GTK-Doc is installed and you
wish to install the documentation.
Last updated on 2021-02-19 22:13:48 -0800
The libical package contains an implementation of the iCalendar protocols and data formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libical/libical/releases/download/v3.0.9/libical-3.0.9.tar.gz
Download MD5 sum: 734099cc0b0f52bdcc5e3e191a0d9769
Download size: 868 KB
Estimated disk space required: 27 MB (with tests)
Estimated build time: 0.2 SBU (Using parallelism=4; with tests)
gobject-introspection-1.66.1 and Vala-0.50.3(both required for Gnome)
Berkeley DB-5.3.28, Doxygen-1.9.1 (for the API documentation), GTK-Doc-1.33.2 (for the API documentation), ICU-68.2, and PyGObject-3.38.0 (for some tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libical
Install libical by running the following commands:
This package may occasionally fail when building with multiple processors. See Using Multiple Processors for more information.
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DSHARED_ONLY=yes \ -DICAL_BUILD_DOCS=false \ -DGOBJECT_INTROSPECTION=true \ -DICAL_GLIB_VAPI=true \ .. && make
If you have Doxygen-1.9.1 and GTK-Doc-1.33.2 installed and wish to build the API documentation, issue:
make docs
To test the results, issue: make test.
Now, as the root
user:
make install
If you have built the API documentation, install by issuing,
as root
user:
install -vdm755 /usr/share/doc/libical-3.0.9/html && cp -vr apidocs/html/* /usr/share/doc/libical-3.0.9/html
-DCMAKE_BUILD_TYPE=Release
:
This switch is used to apply higher level of the compiler
optimizations.
-DSHARED_ONLY=yes
:
This switch is used in order to only build the shared
libraries.
-DGOBJECT_INTROSPECTION=true
:
This switch is used to generate GObject metadata bindings.
-DICAL_GLIB_VAPI=true
: This
switch is used in order to build bindings for Vala-0.50.3.
-DUSE_BUILTIN_TZDATA=yes
: This
switch is used in order to build using your own timezone
data.
Last updated on 2021-02-19 22:13:48 -0800
libidn is a package designed for internationalized string handling based on the Stringprep, Punycode and IDNA specifications defined by the Internet Engineering Task Force (IETF) Internationalized Domain Names (IDN) working group, used for internationalized domain names. This is useful for converting data from the system's native representation into UTF-8, transforming Unicode strings into ASCII strings, allowing applications to use certain ASCII name labels (beginning with a special prefix) to represent non-ASCII name labels, and converting entire domain names to and from the ASCII Compatible Encoding (ACE) form.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/libidn/libidn-1.36.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/libidn/libidn-1.36.tar.gz
Download MD5 sum: 813c7b268d1051ca02c3610986126f38
Download size: 4.3 MB
Estimated disk space required: 28 MB (add 13 MB for tests)
Estimated build time: 0.2 SBU (using parallelim=4; add 0.6 SBU for tests)
Pth-2.0.7, Emacs-27.1, GTK-Doc-1.33.2, OpenJDK-15.0.2, Valgrind-3.16.1, and Mono
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libidn
Install libidn by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install && find doc -name "Makefile*" -delete && rm -rf -v doc/{gdoc,idn.1,stamp-vti,man,texi} && mkdir -v /usr/share/doc/libidn-1.36 && cp -r -v doc/* /usr/share/doc/libidn-1.36
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
is a command line interface to the internationalized domain name library |
|
contains a generic Stringprep implementation that does Unicode 3.2 NFKC normalization, mapping and prohibition of characters, and bidirectional character handling. Profiles for Nameprep, iSCSI, SASL and XMPP are included as well as support for Punycode and ASCII Compatible Encoding (ACE) via IDNA. A mechanism to define Top-Level Domain (TLD) specific validation tables, and to compare strings against those tables, as well as default tables for some TLDs are included |
Last updated on 2021-02-19 21:30:09 -0800
libidn2 is a package designed for internationalized string handling based on standards from the Internet Engineering Task Force (IETF)'s IDN working group, designed for internationalized domain names.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/libidn/libidn2-2.3.0.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/libidn/libidn2-2.3.0.tar.gz
Download MD5 sum: 01c5084995295e519f95978ae9785ee0
Download size: 2.1 MB
Estimated disk space required: 21 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libidn2
Install libidn2 by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-19 21:30:09 -0800
libiodbc is an API to ODBC compatible databases.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/iodbc/libiodbc-3.52.12.tar.gz
Download MD5 sum: c76cab12a642a024bd1a262615a1a4a8
Download size: 1.1 MB
Estimated disk space required: 26 MB
Estimated build time: 0.3 SBU
GTK+-2.24.33 (to create the GUI admin tool)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libiodbc
Install libiodbc by running the following commands:
./configure --prefix=/usr \ --with-iodbc-inidir=/etc/iodbc \ --includedir=/usr/include/iodbc \ --disable-libodbc \ --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
--with-iodbc-inidir=/etc/iodbc
:
libiodbc will install
configuration files in this directory.
--includedir=/usr/include/iodbc
:
This installs the interface headers to a private directory to
avoid a conflict with headers installed by unixODBC.
--disable-libodbc
:
This prevents the installation of the libodbc.so
symbolic link to avoid a
conflict with unixODBC.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 11:05:24 -0800
The Libksba package contains a library used to make X.509 certificates as well as making the CMS (Cryptographic Message Syntax) easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. The library does not rely on another cryptographic library but provides hooks for easy integration with Libgcrypt.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.5.0.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/libksba/libksba-1.5.0.tar.bz2
Download MD5 sum: a43bc51bd1bf13295623398d0f2d88b4
Download size: 644 KB
Estimated disk space required: 11 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libksba
Install Libksba by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
This package provides a library for learning linear classifiers for large scale applications. It supports Support Vector Machines (SVM) with L2 and L1 loss, logistic regression, multi class classification and also Linear Programming Machines (L1-regularized SVMs). Its computational complexity scales linearly with the number of training examples making it one of the fastest SVM solvers around.
This package is known to build and work properly using an LFS-10.1 platform.
After updating this package from liblinear-1.96 or earlier, you need to reinstall Nmap-7.91, in order to link to the new library.
Download (HTTP): https://github.com/cjlin1/liblinear/archive/v242/liblinear-242.tar.gz
Download MD5 sum: dabdfcd5ad6aa4fc706b7d5df452a9c0
Download size: 552 KB
Estimated disk space required: 1.6 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/liblinear
Install liblinear by running the following commands:
make lib
This package does not come with a test suite.
Now, as the root
user:
install -vm644 linear.h /usr/include && install -vm755 liblinear.so.4 /usr/lib && ln -sfv liblinear.so.4 /usr/lib/liblinear.so
Last updated on 2021-02-19 22:13:48 -0800
The libmbim package contains a GLib-based library for talking to WWAN modems and devices which speak the Mobile Interface Broadband Model (MBIM) protocol.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/libmbim/libmbim-1.24.6.tar.xz
Download MD5 sum: 38d228548eae3ee144e19a42b028eab0
Download size: 500 KB
Estimated disk space required: 29 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libmbim
Install libmbim by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-19 22:13:48 -0800
This package is intended to provide a simple way for applications to take actions based on a system or user-specified paper size.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://ftp.debian.org/debian/pool/main/libp/libpaper/libpaper_1.1.24+nmu5.tar.gz
Download MD5 sum: 38bc55688c0fc5544edaa5a951a45fbd
Download size: 48 KB
Estimated disk space required: 3.5 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libpaper
Install libpaper by running the following commands:
autoreconf -fi && ./configure --prefix=/usr \ --sysconfdir=/etc \ --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install && mkdir -vp /etc/libpaper.d
The /etc/libpaper.d directory contains scripts to run after the paper size has been changed. This package puts no scripts here, but other packages may. If the fcron package has not been installed, create the run-parts script as shown in the Fcron Configuration Information section.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
mkdir -pv /etc/libpaper.d: libpaper expects that packages will install files into this directory.
Last updated on 2021-02-19 22:13:48 -0800
The libportal package provides a library that contains GIO-style async APIs for most Flatpak portals.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/flatpak/libportal/releases/download/0.3/libportal-0.3.tar.xz
Download MD5 sum: dffd58a937dfbabc873e51029dc587f3
Download size: 52 KB
Estimated disk space required: 3.5 MB
Estimated build time: less than 0.1 SBU
GLib-2.66.7 and GTK-Doc-1.33.2
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libportal
Install libportal by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
Last updated on 2021-02-19 22:13:48 -0800
The libqmi package contains a GLib-based library for talking to WWAN modems and devices which speak the Qualcomm MSM Interface (QMI) protocol.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/libqmi/libqmi-1.26.10.tar.xz
Download MD5 sum: b5c98878b7d355aa47a1feaefff0b6d7
Download size: 1.0 MB
Estimated disk space required: 138 MB (with tests)
Estimated build time: 0.3 SBU (Using parallelism=4; with tests)
gobject-introspection-1.66.1 and libmbim-1.24.6
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libqmi
Install libqmi by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
--disable-mbim-qmux
: This switch
disables support for using a MBIM control device for QMI
messages. Use this switch if you did not install libmbim.
is an utility used to control QMI devices |
|
is an utility used to perform firmware updates on QMI devices |
|
is an utility used for simple network management of QMI devices |
|
contains API functions for talking to WWAN modems and devices which speak the Qualcomm MSM Interface (QMI) protocol |
Last updated on 2021-02-19 22:13:48 -0800
The libseccomp package provides an easy to use and platform independent interface to the Linux kernel's syscall filtering mechanism.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/seccomp/libseccomp/releases/download/v2.5.1/libseccomp-2.5.1.tar.gz
Download MD5 sum: 59f5563c532d3fa1df9db0516b36b1cd
Download size: 624 KB
Estimated disk space required: 6.7 MB (additional 5.2 MB for tests)
Estimated build time: less than 0.1 SBU (additional 2.2 SBU for tests)
Which-2.21 (needed for tests), Valgrind-3.16.1, Cython, and LCOV
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libseccomp
Install libseccomp by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
The libsigc++ package implements a typesafe callback system for standard C++.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libsigc++/2.10/libsigc++-2.10.6.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libsigc++/2.10/libsigc++-2.10.6.tar.xz
Download MD5 sum: 34fdf5910c32763e5fbe61ac2a37cec2
Download size: 4.6 MB
Estimated disk space required: 39 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
Boost-1.75.0 and libxslt-1.1.34
DocBook-utils-0.6.14, Doxygen-1.9.1, and mm-common
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libsigc++
Install libsigc++ by running the following commands:
mkdir bld && cd bld && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Dbuild_documentation=true
: Use
this switch if Doxygen-1.9.1 is installed and you wish
to build and install the API documentation.
Last updated on 2021-02-19 22:13:48 -0800
The libsigc++3 package implements a typesafe callback system for standard C++.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libsigc++/3.0/libsigc++-3.0.6.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libsigc++/3.0/libsigc++-3.0.6.tar.xz
Download MD5 sum: 8cc0c1df6b7d9c466555f4a2963ab06a
Download size: 772 KB
Estimated disk space required: 33 MB (with tests)
Estimated build time: 0.4 SBU (with tests)
Boost-1.75.0 and libxslt-1.1.34
DocBook-utils-0.6.14, Doxygen-1.9.1, dblatex, and mm-common
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libsigc++3
Install libsigc++3 by running the following commands:
mkdir bld && cd bld && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Dbuild_documentation=true
: Use
this switch if Doxygen-1.9.1 is installed and you wish
to build and install the API documentation.
Last updated on 2021-02-21 11:05:24 -0800
libsigsegv is a library for handling page faults in user mode. A page fault occurs when a program tries to access to a region of memory that is currently not available. Catching and handling a page fault is a useful technique for implementing pageable virtual memory, memory-mapped access to persistent databases, generational garbage collectors, stack overflow handlers, and distributed shared memory.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/libsigsegv/libsigsegv-2.13.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/libsigsegv/libsigsegv-2.13.tar.gz
Download MD5 sum: cf4a5fdc95e5494eaa190825af11f3be
Download size: 452 KB
Estimated disk space required: 3.8 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libsigsegv
Install libsigsegv by running the following commands:
./configure --prefix=/usr \ --enable-shared \ --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--enable-shared
: This
switch ensures that shared libraries are compiled.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
Libssh2 package is a client-side C library implementing the SSH2 protocol.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.libssh2.org/download/libssh2-1.9.0.tar.gz
Download MD5 sum: 1beefafe8963982adc84b408b2959927
Download size: 868 KB
Estimated disk space required: 13 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
GnuPG-2.2.27, libgcrypt-1.9.2, and OpenSSH-8.4p1 (all three required for the testsuite)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libssh2
Install libssh2 by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check. One test, using gnupg, may fail for unknown reasons.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
This is a library that provides cross platform access to statistics about the system on which it's run. It's written in C and presents a selection of useful interfaces which can be used to access key system statistics. The current list of statistics includes CPU usage, memory utilisation, disk usage, process counts, network traffic, disk I/O, and more.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.mirrorservice.org/sites/ftp.i-scream.org/pub/i-scream/libstatgrab/libstatgrab-0.92.tar.gz
Download (FTP): ftp://www.mirrorservice.org/sites/ftp.i-scream.org/pub/i-scream/libstatgrab/libstatgrab-0.92.tar.gz
Download MD5 sum: 5362b2ddbec54b3901e7d70c22cda249
Download size: 800 KB
Estimated disk space required: 7.4 MB (with tests)
Estimated build time: 0.1 SBU (add 1.6 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libstatgrab
Install libstatgrab by running the following commands:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/libstatgrab-0.92 && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
libtasn1 is a highly portable C library that encodes and decodes DER/BER data following an ASN.1 schema.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.16.0.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/libtasn1/libtasn1-4.16.0.tar.gz
Download MD5 sum: 531208de3729d42e2af0a32890f08736
Download size: 1.7 MB
Estimated disk space required: 11 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
GTK-Doc-1.33.2 and Valgrind-3.16.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libtasn1
Install libtasn1 by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
If you did not pass the --enable-gtk-doc
parameter to the
configure
script, you can install the API documentation using the
following command as the root
user:
make -C doc/reference install-data-local
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: This parameter
is normally used if GTK-Doc
is installed and you wish to rebuild and install the API
documentation. It is broken for this package due to the use
of a long deprecated gtk-doc program that is no longer
available.
Last updated on 2021-02-19 22:13:48 -0800
Libuninameslist provides a Library of Unicode names and annotation data
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/fontforge/libuninameslist/releases/download/20200413/libuninameslist-dist-20200413.tar.gz
Download MD5 sum: f4235a4c3532a2f31989ca68cf6d3df4
Download size: 1.2 MB
Estimated disk space required: 17 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libuninameslist
Install libuninameslist by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-frenchlib
: This option
adds a library of french translations of the names and
attributes, libuninameslist-fr.so.
Last updated on 2021-02-19 22:13:48 -0800
The libunique package contains a library for writing single instance applications.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libunique/1.1/libunique-1.1.6.tar.bz2
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libunique/1.1/libunique-1.1.6.tar.bz2
Download MD5 sum: 7955769ef31f1bc4f83446dbb3625e6d
Download size: 328 KB
Estimated disk space required: 7.0 MB
Estimated build time: 0.2 SBU
GTK+-2.24.33, also GTK-Doc-1.33.2 (for autoreconf)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libunique
Install libunique by running the following commands:
patch -Np1 -i ../libunique-1.1.6-upstream_fixes-1.patch && autoreconf -fi && ./configure --prefix=/usr \ --disable-dbus \ --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
--disable-dbus
: This
switch disables D-Bus
backend in favor of the GDBus backend.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 11:05:24 -0800
libunistring is a library that provides functions for manipulating Unicode strings and for manipulating C strings according to the Unicode standard.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/libunistring/libunistring-0.9.10.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/libunistring/libunistring-0.9.10.tar.xz
Download MD5 sum: db08bb384e81968957f997ec9808926e
Download size: 2.0 MB
Estimated disk space required: 49 MB (add 43 MB for tests)
Estimated build time: 0.9 SBU (add 1.0 SBU for tests)
texlive-20200406 (or install-tl-unx) (to rebuild the documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libunistring
Install libunistring by running the following commands:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/libunistring-0.9.10 && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 21:30:09 -0800
The libusb package contains a library used by some applications for USB device access.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libusb/libusb/releases/download/v1.0.24/libusb-1.0.24.tar.bz2
Download MD5 sum: 5bc27df16155302f308d409e73589872
Download size: 596 KB
Estimated disk space required: 5.8 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libusb
This package does not support parallel build.
Install libusb by running the following commands:
./configure --prefix=/usr --disable-static && make
If Doxygen is installed and you wish to build the API documentation, issue the following command:
sed -i "s/^TCL_SUBST/#&/; s/wide//" doc/doxygen.cfg && make -C doc docs
This package does not come with a test suite.
Now, as the root
user:
make install
If you built the API documentation, install it using the
following commands as the root
user:
install -v -d -m755 /usr/share/doc/libusb-1.0.24/apidocs && install -v -m644 doc/html/* \ /usr/share/doc/libusb-1.0.24/apidocs
sed -i ...: This sed prevents some warnings when building the documentation.
To access raw USB devices (those not treated as a disk by the mass-storage driver), appropriate support must be available in the kernel. Check your kernel configuration:
Device Drivers --->
[*] USB support ---> [CONFIG_USB_SUPPORT]
<*/M> Support for Host-side USB [CONFIG_USB]
(Select any USB hardware device drivers you may need on the same page)
For more details on setting up USB devices, see the section called “USB Device Issues”.
Last updated on 2021-02-19 22:13:48 -0800
The libuv package is a multi-platform support library with a focus on asynchronous I/O.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://dist.libuv.org/dist/v1.41.0/libuv-v1.41.0.tar.gz
Download MD5 sum: d990b0770dd2b15f7a8399580d55d32c
Download size: 1.2 MB
Estimated disk space required: 14 MB (add 12 MB for tests)
Estimated build time: 0.1 SBU (Using parallelism=4; add 0.4 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libuv
Install libuv by running the following commands:
The sh autogen.sh command below fails if the ACLOCAL environment variable is set as specified in Xorg-7. If it is used, ACLOCAL needs to be unset for this package and then reset for other packages.
sh autogen.sh && ./configure --prefix=/usr --disable-static && make
If you want to run the tests, run: make check.
Now, as the root
user:
make install
Last updated on 2021-02-19 21:30:09 -0800
libxkbcommon is a keymap compiler and support library which processes a reduced subset of keymaps as defined by the XKB specification.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://xkbcommon.org/download/libxkbcommon-1.0.3.tar.xz
Download MD5 sum: bd0ff892fe937e39ec3bb4daeb348f76
Download size: 424 KB
Estimated disk space required: 25 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
libxcb-1.14, Wayland-1.19.0, and wayland-protocols-1.20
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libxkbcommon
Install libxkbcommon by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Denable-docs=false .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Denable-docs=false
:
This switch disables documentation generation. Remove it if
Doxygen-1.9.1 is installed.
mv -v /usr/share/doc/libxkbcommon{,-1.0.3}: If you removed -Denable-docs=false, use this command to install the documentation in a versioned directory.
Last updated on 2021-02-21 11:05:24 -0800
The libxml2 package contains libraries and utilities used for parsing XML files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://xmlsoft.org/sources/libxml2-2.9.10.tar.gz
Download (FTP): ftp://xmlsoft.org/libxml2/libxml2-2.9.10.tar.gz
Download MD5 sum: 10942a1dc23137a8aa07f0639cbfece5
Download size: 5.4 MB
Estimated disk space required: 87 MB (add 15 MB for tests)
Estimated build time: 0.2 SBU (add 0.3 SBU for tests)
Required patch: http://www.linuxfromscratch.org/patches/blfs/10.1/libxml2-2.9.10-security_fixes-1.patch
Optional Testsuite: http://www.w3.org/XML/Test/xmlts20130923.tar.gz - This enables make check to do complete testing.
Some packages which utilize libxml2 (such as GNOME Doc Utils) need the Python3 module installed to function properly and some packages will not build properly if the Python3 module is not available.
The old Python2 module can
be built after libxml2.so
has
been installed, see Python2
libxml2-2.9.10 module.
ICU-68.2 (see below) and Valgrind-3.16.1 (may be used in the tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libxml2
Apply a patch to fix various errors:
patch -p1 -i ../libxml2-2.9.10-security_fixes-1.patch
First fix a problem generating the Python3 module with Python-3.9.0 and later:
sed -i '/if Py/{s/Py/(Py/;s/)/))/}' python/{types.c,libxml.c}
If you are going to run the tests, disable one test that causes the Python tests to terminate early with an error:
sed -i 's/test.test/#&/' python/tests/tstLastError.py
If, and only if, you are using ICU-68.2, fix a build breakage caused by that version by running the following command:
sed -i 's/ TRUE/ true/' encoding.c
Install libxml2 by running the following commands:
./configure --prefix=/usr \ --disable-static \ --with-history \ --with-python=/usr/bin/python3 && make
If you downloaded the testsuite, issue the following command:
tar xf ../xmlts20130923.tar.gz
To test the results, issue: make check > check.log. A summary of the results can be obtained with grep -E '^Total|expected' check.log. If Valgrind-3.16.1 is installed and you want to check memory leaks, replace check with check-valgrind.
The tests use http://localhost/ to test parsing
of external entities. If the machine where you run the
tests serves as a web site, the tests may hang, depending
on the content of the file served. It is therefore
recommended to shut down the server during the tests, as
the root
user:
systemctl stop httpd.service
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-history
: This
switch enables Readline
support when running xmlcatalog or xmllint in shell mode.
--with-python=/usr/bin/python3
:
Allows building the libxml2 module with Python3 instead of
Python2.
--with-icu
: Add this switch if
you have built ICU-68.2, for better unicode support.
--with-threads
: Add this switch
to enable multithread support.
determines the compile and linker flags that should
be used to compile and link programs that use
|
|
is used to monitor and manipulate XML and SGML catalogs |
|
parses XML files and outputs reports (based upon options) to detect errors in XML coding |
|
provides functions for programs to parse files that use the XML format |
|
is the interface for Python3 to use |
Last updated on 2021-02-19 21:30:09 -0800
The libxslt package contains
XSLT libraries used for extending libxml2
libraries to support XSLT files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://xmlsoft.org/sources/libxslt-1.1.34.tar.gz
Download (FTP): ftp://xmlsoft.org/libxslt/libxslt-1.1.34.tar.gz
Download MD5 sum: db8765c8d076f1b6caafd9f2542a304a
Download size: 3.4 MB
Estimated disk space required: 36 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
docbook-xml-4.5 and docbook-xsl-1.79.2
Although it is not a direct dependency, many applications using libxslt will expect docbook-xml-4.5 and docbook-xsl-1.79.2 to be present.
libgcrypt-1.9.2 and Python2 libxml2-2.9.10 module
The Python2 libxml2-2.9.10 module dependency is only appropriate if the Python2 module for this package is needed. The libxslt Python2 module is not needed for any package in BLFS but various non-BLFS packages may install Python2 modules which reference it.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libxslt
Install libxslt by running the following commands:
sed -i s/3000/5000/ libxslt/transform.c doc/xsltproc.{1,xml} && ./configure --prefix=/usr --disable-static --without-python && make
A shipped man page is glitched. If the recommended dependencies are installed, regenerate it by running the following commands:
sed -e 's@http://cdn.docbook.org/release/xsl@https://cdn.docbook.org/release/xsl-nons@' \ -e 's@\$Date\$@31 October 2019@' -i doc/xsltproc.xml && xsltproc/xsltproc --nonet doc/xsltproc.xml -o doc/xsltproc.1
To test the results, issue: make check.
Now, as the root
user:
make install
sed -i s/3000/5000/ ...: this increases the recursion limit in libxslt. This is needed by some packages for their documentation.
--without-python
:
This parameter disables the libxslt python module since it
does not support Python3. If you wish to enable this module,
make sure that Python2
libxml2-2.9.10 module is installed, and remove this
parameter.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
is used to find out the pre-processor, linking and compiling flags necessary to use the libxslt libraries in 3rd-party programs |
|
is used to apply XSLT stylesheets to XML documents |
|
is used to provide extensions to XSLT functions |
|
provides extensions to the |
Last updated on 2021-02-19 22:13:48 -0800
The libwacom package contains a library used to identify wacom tablets and their model-specific features.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/linuxwacom/libwacom/releases/download/libwacom-1.8/libwacom-1.8.tar.bz2
Download MD5 sum: 979e39b480bb08f36e48f67746eb3ec5
Download size: 504 KB
Estimated disk space required: 8.1 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
Doxygen-1.9.1, git-2.30.1, librsvg-2.50.3, Valgrind-3.16.1 (optional for some tests), and pytest
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libwacom
Install libwacom by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Dudev-dir=/lib/udev -Dtests=disabled .. && ninja
To test the results, issue: ninja test. To run additional tests, install pytest and remove the "-Dtests=disabled" option from the meson line above.
Now, as the root
user:
ninja install
-Dudev-dir=/lib/udev
:
This parameter sets the proper installation directory for
udev rules.
-Dtests=disabled
:
This parameter disables some of the more advanced tests
because they require pytest to work
properly.
Last updated on 2021-02-19 22:13:48 -0800
The libyaml package contains a C library for parsing and emitting YAML (YAML Ain't Markup Language) code.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/yaml/libyaml/archive/0.2.4/libyaml-dist-0.2.4.tar.gz
Download MD5 sum: 64219701e897efb467d95123a165ca01
Download size: 84 KB
Estimated disk space required: 6.6 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libyaml
Install libyaml by running the following commands:
./bootstrap && ./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
LZO is a data compression library which is suitable for data decompression and compression in real-time. This means it favors speed over compression ratio.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.oberhumer.com/opensource/lzo/download/lzo-2.10.tar.gz
Download MD5 sum: 39d3f3f9c55c87b1e5d6888e1420f4b5
Download size: 588 KB
Estimated disk space required: 12 MB
Estimated build time: 0.3 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lzo
Install LZO by running the following commands:
./configure --prefix=/usr \ --enable-shared \ --disable-static \ --docdir=/usr/share/doc/lzo-2.10 && make
To test the results, issue: make check. All the checks should pass. Now issue make test to run the full suite of tests.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 21:30:09 -0800
The mtdev package contains Multitouch Protocol Translation Library which is used to transform all variants of kernel MT (Multitouch) events to the slotted type B protocol.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://bitmath.org/code/mtdev/mtdev-1.1.6.tar.bz2
Download MD5 sum: bf8ef2482e84a00b5db8fbd3ce00e249
Download size: 292 KB
Estimated disk space required: 2.5 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/mtdev
Install mtdev by running the following commands:
./configure --prefix=/usr --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 22:13:48 -0800
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://nodejs.org/dist/v14.16.0/node-v14.16.0.tar.xz
Download MD5 sum: d511e6953770b3e5f871ff50aafe3de6
Download size: 32 MB
Estimated disk space required: 754 MB (add 29 MB for tests)
Estimated build time: 10.0 SBU (using parallelism=4; add 2.7 SBU for tests)
c-ares-1.17.1, ICU-68.2, libuv-1.41.0, and nghttp2-1.43.0
http-parser and npm (an internal copy of npm will be installed if not present)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nodejs
Build Node.js by running the following commands:
./configure --prefix=/usr \ --shared-cares \ --shared-libuv \ --shared-openssl \ --shared-nghttp2 \ --shared-zlib \ --with-intl=system-icu && make
To test the results, issue: make test-only.
Now, as the root
user:
make install && ln -sf node /usr/share/doc/node-14.16.0
--with-intl=system-icu
: use the
system version of icu. Other
values are full-icu
(to build a
local, full icu library) and
small-icu
(to build a local,
minimal icu library).
--shared-{cares,libuv,nghttp2,openssl,zlib}
:
use the system installed libraries instead of local copies.
--without-npm
: do not build
npm (use if you'd like to
build a separate npm later).
--shared-http-parser
: use the
system installed library instead of a local copy.
Last updated on 2021-02-26 14:00:35 -0800
The NPth package contains a very portable POSIX/ANSI-C based library for Unix platforms which provides non-preemptive priority-based scheduling for multiple threads of execution (multithreading) inside event-driven applications. All threads run in the same address space of the server application, but each thread has its own individual program-counter, run-time stack, signal mask and errno variable.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/npth/npth-1.6.tar.bz2
Download MD5 sum: 375d1a15ad969f32d25f1a7630929854
Download size: 296 KB
Estimated disk space required: 2.6 MB (with checks)
Estimated build time: less than 0.1 SBU (with checks)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/npth
Install NPth by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
is a utility used to configure and build applications based on the npth library. It can be used to query the C compiler and linker flags which are required to correctly compile and link the application against the npth library |
|
contains the API functions used by the New Portable Threads Library |
Last updated on 2021-02-19 22:13:48 -0800
Netscape Portable Runtime (NSPR) provides a platform-neutral API for system level and libc like functions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.mozilla.org/pub/nspr/releases/v4.29/src/nspr-4.29.tar.gz
Download MD5 sum: a546926d3c8e887be02c668c1293da92
Download size: 1.0 MB
Estimated disk space required: 9.5 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nspr
Install NSPR by running the following commands:
cd nspr && sed -ri 's#^(RELEASE_BINS =).*#\1#' pr/src/misc/Makefile.in && sed -i 's#$(LIBRARY) ##' config/rules.mk && ./configure --prefix=/usr \ --with-mozilla \ --with-pthreads \ $([ $(uname -m) = x86_64 ] && echo --enable-64bit) && make
The testsuite is designed for testing changes to nss or nspr and is not particularly useful for checking a released version (e.g. it needs to be run on a non-optimized build with both nss and nspr directories existing alongside each other). For further details, see the User Notes for nss at http://wiki.linuxfromscratch.org/blfs/wiki/nss
Now, as the root
user:
make install
sed -ri 's#^(RELEASE_BINS =).*#\1#' pr/src/misc/Makefile.in: This sed disables installing two unneeded scripts.
sed -i 's#$(LIBRARY) ##' config/rules.mk: This sed disables installing the static libraries.
--with-mozilla
: This
parameter adds Mozilla support to the libraries (required if
you want to build any other Mozilla products and link them to
these libraries).
--with-pthreads
: This
parameter forces use of the system pthread library.
$([ $(uname -m) = x86_64 ]
&& echo --enable-64bit)
: The
--enable-64bit parameter is required on an x86_64 system to
prevent configure failing with a
claim that this is a system without pthread support. The [
$(uname -m) = x86_64 ] test ensures it has no effect on a 32
bit system.
provides compiler and linker options to other packages that use NSPR |
|
contains functions that provide platform independence for non-GUI operating system facilities such as threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking |
|
contains functions that implement many of the features offered by libnspr4 |
|
contains functions that provide data structures |
Last updated on 2021-02-19 22:13:48 -0800
The PCRE package contains Perl Compatible Regular Expression libraries. These are useful for implementing regular expression pattern matching using the same syntax and semantics as Perl 5.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.pcre.org/pub/pcre/pcre-8.44.tar.bz2
Download (FTP): ftp://ftp.pcre.org/pub/pcre/pcre-8.44.tar.bz2
Download MD5 sum: cf7326204cc46c755b5b2608033d9d24
Download size: 1.5 MB
Estimated disk space required: 20 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pcre
Install PCRE by running the following commands:
./configure --prefix=/usr \ --docdir=/usr/share/doc/pcre-8.44 \ --enable-unicode-properties \ --enable-pcre16 \ --enable-pcre32 \ --enable-pcregrep-libz \ --enable-pcregrep-libbz2 \ --enable-pcretest-libreadline \ --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install && mv -v /usr/lib/libpcre.so.* /lib && ln -sfv ../../lib/$(readlink /usr/lib/libpcre.so) /usr/lib/libpcre.so
--enable-unicode-properties
:
This switch enables Unicode properties support and includes
the code for handling UTF-8/16/32 character strings in the
library. You need this switch if you are going to build
GLib-2.66.7 with the --with-pcre=system
switch.
--enable-pcre16
: This
switch enables 16 bit character support.
--enable-pcre32
: This
switch enables 32 bit character support.
--enable-pcregrep-libz
: This
switch adds support to pcregrep to read
.gz
compressed files.
--enable-pcregrep-libbz2
: This
switch adds support to pcregrep to read
.bz2
compressed files.
--enable-pcretest-libreadline
:
This switch adds line editing and history features to
pcretest
program.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
mv -v /usr/lib/libpcre.so.* /lib: Moves the PCRE library on the root filesystem so that it is available in case grep gets reinstalled with PCRE support.
--enable-jit
: this option enables
Just-in-time compiling, which can greatly speed up pattern
matching.
Last updated on 2021-02-19 22:13:48 -0800
The PCRE2 package contains a new generation of the Perl Compatible Regular Expression libraries. These are useful for implementing regular expression pattern matching using the same syntax and semantics as Perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.pcre.org/pub/pcre/pcre2-10.36.tar.bz2
Download (FTP): ftp://ftp.pcre.org/pub/pcre/pcre2-10.36.tar.bz2
Download MD5 sum: bd7e7421ff3fa2e2d5429229ecfad095
Download size: 1.6 MB
Estimated disk space required: 23 MB (with tests)
Estimated build time: 0.5 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pcre2
Install PCRE2 by running the following commands:
./configure --prefix=/usr \ --docdir=/usr/share/doc/pcre2-10.36 \ --enable-unicode \ --enable-jit \ --enable-pcre2-16 \ --enable-pcre2-32 \ --enable-pcre2grep-libz \ --enable-pcre2grep-libbz2 \ --enable-pcre2test-libreadline \ --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--enable-unicode
:
This switch enables Unicode support and includes the
functions for handling UTF-8/16/32 character strings in the
library.
--enable-pcre2-16
:
This switch enables 16 bit character support.
--enable-pcre2-32
:
This switch enables 32 bit character support.
--enable-pcre2grep-libz
: This
switch adds support for reading .gz compressed files to
pcre2grep.
--enable-pcre2grep-libbz2
: This
switch adds support for reading .bz2 compressed files to
pcre2grep.
--enable-pcre2test-libreadline
:
This switch adds line editing and history features to the
pcre2test program.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-jit
: this
option enables Just-in-time compiling, which can greatly
speed up pattern matching.
Last updated on 2021-02-19 22:13:48 -0800
The popt package contains the popt libraries which are used by some programs to parse command-line options.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://ftp.rpm.org/popt/releases/popt-1.x/popt-1.18.tar.gz
Download (FTP): ftp://ftp.rpm.org/pub/rpm/popt/releases/popt-1.x/popt-1.18.tar.gz
Download MD5 sum: 450f2f636e6a3aa527de803d0ae76c5a
Download size: 567 kB
Estimated disk space required: 8.7 MB (includes installing documentation)
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/popt
Install popt by running the following commands:
./configure --prefix=/usr --disable-static && make
If you have Doxygen-1.9.1 installed and wish to build the API documentation, issue:
sed -i 's@\./@src/@' Doxyfile && doxygen
To test the results, issue: make check.
Now, as the root
user:
make install
If you built the API documentation, install it using the
following commands issued by the root
user:
install -v -m755 -d /usr/share/doc/popt-1.18 && install -v -m644 doxygen/html/* /usr/share/doc/popt-1.18
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 21:30:09 -0800
The Pth package contains a very portable POSIX/ANSI-C based library for Unix platforms which provides non-preemptive priority-based scheduling for multiple threads of execution (multithreading) inside event-driven applications. All threads run in the same address space of the server application, but each thread has its own individual program-counter, run-time stack, signal mask and errno variable.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/pth/pth-2.0.7.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/pth/pth-2.0.7.tar.gz
Download MD5 sum: 9cb4a25331a4c4db866a31cbe507c793
Download size: 652 KB
Estimated disk space required: 5 MB
Estimated build time: 0.2 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pth
Don't add the --enable-pthread
parameter to the configure command below
else you will overwrite the pthread library and interface
header installed by the Glibc package in LFS.
Install Pth by running the following commands:
sed -i 's#$(LOBJS): Makefile#$(LOBJS): pth_p.h Makefile#' Makefile.in && ./configure --prefix=/usr \ --disable-static \ --mandir=/usr/share/man && make
To test the results, issue: make test.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/pth-2.0.7 && install -v -m644 README PORTING SUPPORT TESTS \ /usr/share/doc/pth-2.0.7
sed -i 's#$(LOBJS)
...: This sed fixes a race condition
in the Makefile
. It allows
running make
with multiple jobs (e.g., make
-j4).
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--mandir=/usr/share/man
: This
switch puts the man pages in /usr/share/man
instead of /usr/man
.
is a utility used to configure and build applications based on the pth(3) library. It can be used to query the C compiler and linker flags which are required to correctly compile and link the application against the pth(3) library |
|
contains the API functions used by the GNU Portable Threads Library |
Last updated on 2021-02-19 22:13:48 -0800
Qca aims to provide a straightforward and cross-platform crypto API, using Qt datatypes and conventions. Qca separates the API from the implementation, using plugins known as Providers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.kde.org/stable/qca/2.3.2/qca-2.3.2.tar.xz
Download MD5 sum: 328ca1e968ee29a2bf6f383b1f9c163e
Download size: 718 KB
Estimated disk space required: 43 MB
Estimated build time: 0.6 SBU (using parallelism=4; add 0.6 SBU for tests)
make-ca-1.7, CMake-3.19.5, Qt-5.15.2, and Which-2.21
Cyrus SASL-2.1.27, GnuPG-2.2.27, libgcrypt-1.9.2, libgpg-error-1.41, NSS-3.61, NSPR-4.29, p11-kit-0.23.22, Doxygen-1.9.1, Which-2.21, and Botan
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/qca
Fix the location of the CA certificates:
sed -i '[email protected]@certs/ca-bundle.crt@' CMakeLists.txt
Install Qca by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=$QT5DIR \ -DCMAKE_BUILD_TYPE=Release \ -DQCA_MAN_INSTALL_DIR:PATH=/usr/share/man \ .. && make
To test the results, issue make test.
Now, as the root
user:
make install
-DCMAKE_BUILD_TYPE=Release
:
This switch is used to apply a higher level of compiler
optimizations.
-DQCA_MAN_INSTALL_DIR:PATH=/usr/share/man
:
Install the qca man page in the normal location.
Last updated on 2021-02-21 15:09:04 -0800
Talloc provides a hierarchical, reference counted memory pool system with destructors. It is the core memory allocator used in Samba.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.samba.org/ftp/talloc/talloc-2.3.2.tar.gz
Download MD5 sum: 3376a86bdf9dd4abc6b8d8d645390902
Download size: 648 KB
Estimated disk space required: 10 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
docbook-xml-4.5, docbook-xsl-1.79.2 and libxslt-1.1.34 (To generate man pages), Python-2.7.18 (To build Python-2 module), GDB-10.1, git-2.30.1, libnsl-1.3.0, libtirpc-1.3.1, Valgrind-3.16.1, and xfsprogs-5.10.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/talloc
Install Talloc by running the following commands:
./configure --prefix=/usr && make
To check the results, issue make check.
Now, as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
The Telepathy GLib contains a library used by GLib based Telepathy components. Telepathy is a D-Bus framework for unifying real time communication, including instant messaging, voice calls and video calls. It abstracts differences between protocols to provide a unified interface for applications.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://telepathy.freedesktop.org/releases/telepathy-glib/telepathy-glib-0.24.2.tar.gz
Download MD5 sum: 7be2e1fc78f932a215f177994fe37d67
Download size: 3.7 MB
Estimated disk space required: 256 MB
Estimated build time: 1.2 SBU
dbus-glib-0.110, GTK-Doc-1.33.2 (required for autoreconf) and libxslt-1.1.34
gobject-introspection-1.66.1, and Vala-0.50.3
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/telepathy-glib
If you intend to run the tests, one of them defaults to
invoking /usr/bin/python
and
fails if it is absent, causing the second batch of tests to
not run - unlike the other tests which can be overridden from
the environment. Fix it with the following command:
sed -i 's%/usr/bin/python%&3%' tests/all-errors-documented.py
Install Telepathy GLib by running the following commands:
PYTHON=/usr/bin/python3 ./configure --prefix=/usr \ --enable-vala-bindings \ --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--enable-vala-bindings
: This
switch enables building of the Vala bindings. Remove if you
don't have Vala-0.50.3 installed.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 11:05:24 -0800
The Uchardet package contains an encoding detectory library which takes a sequence of bytes in an unknown character encoding and attempts to determine the encoding of the text.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/uchardet/releases/uchardet-0.0.7.tar.xz
Download MD5 sum: 623406dac5c5ad89e40eedd7f279efae
Download size: 212 KB
Estimated disk space required: 4.2 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/uchardet
Install Uchardet by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DBUILD_STATIC=OFF \ -Wno-dev .. && make
To test the results, issue: make test.
Now, as the root
user:
make install
-DBUILD_STATIC=OFF
:
This switch disables building the static version of the
library.
Last updated on 2021-02-19 22:13:48 -0800
The Umockdev package contains a framework that allows a developer to mock devices for use in unit testing.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/martinpitt/umockdev/releases/download/0.15.4/umockdev-0.15.4.tar.xz
Download MD5 sum: e6c06e56873ee7d5fbb9e3efa758edaf
Download size: 448 KB
Estimated disk space required: 7.3 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
GTK-Doc-1.33.2 and libgphoto2 (optional for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/umockdev
Install Umockdev by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: PATH=$PATH:/sbin:/usr/sbin ninja
test. The addition to PATH
is needed if you use the starting scripts
in The Bash Shell Startup
Files, because some tests need to run udevadm. One test needs to
be run in an X session.
Now, as the root
user:
ninja install
-Dgtk_doc=true
: Use this switch
if you have GTK-Doc-1.33.2 installed and wish to
rebuild and install the API documentation.
Last updated on 2021-02-19 22:13:48 -0800
Wayland is a project to define a protocol for a compositor to talk to its clients as well as a library implementation of the protocol.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://wayland.freedesktop.org/releases/wayland-1.19.0.tar.xz
Download MD5 sum: 5d59ac3d8a8f4e42de2ceb8bb19dfca9
Download size: 448 KB
Estimated disk space required: 15 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
Doxygen-1.9.1, Graphviz-2.44.1 and xmlto-0.0.28 (to build the API documentation) and docbook-xml-4.5, docbook-xsl-1.79.2 and libxslt-1.1.34 (to build the manual pages)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/wayland
Install Wayland by running the following commands:
./configure --prefix=/usr \ --disable-static \ --disable-documentation && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--disable-documentation
: This
switch is used to disable building of the API documentation.
Remove it if you have installed optional dependencies.
is a tool to generate proxy methods in wayland-client-protocol.h and wayland-server-protocol.h |
|
contains API functions for writing Wayland applications |
|
contains API functions for managing cursors in Wayland applications |
|
contains API functions for handling OpenGL calls in Wayland applications |
|
contains API functions for writing Wayland compositors |
Last updated on 2015-07-31 23:26:22 -0500
The Wayland-Protocols package contains additional Wayland protocols that add functionality outside of protocols already in the Wayland core.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://wayland.freedesktop.org/releases/wayland-protocols-1.20.tar.xz
Download MD5 sum: b0836533a3f2dc6585b1dae00341157f
Download size: 112 KB
Estimated disk space required: 1.2 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/wayland-protocols
Install Wayland-protocols by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
Last updated on 2021-02-19 22:13:48 -0800
The wv package contains tools for reading information from an MS Word document.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.abisource.com/downloads/wv/1.2.9/wv-1.2.9.tar.gz
Download MD5 sum: dbccf2e9f747e50c913b7e3d126b73f7
Download size: 608 KB
Estimated disk space required: 25 MB
Estimated build time: 0.4 SBU
libgsf-1.14.47 and libpng-1.6.37
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/wv
Install wv by running the following commands:
./configure --prefix=/usr --disable-static && make
This package does not have a testsuite.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 11:05:24 -0800
Xapian is an open source search engine library.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://oligarchy.co.uk/xapian/1.4.18/xapian-core-1.4.18.tar.xz
Download MD5 sum: dd1b30f9b307b06fab319d3258fe65ee
Download size: 2.8 MB
Estimated disk space required: 232 MB (add 188 MB for tests)
Estimated build time: 0.5 SBU (using parallelism=4; add 35 SBU for tests)
Valgrind-3.16.1 (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/xapian
Install Xapian by running the following commands:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/xapian-core-1.4.18 && make
To run the test suite, issue: make check.
Now, as the root
user:
make install
performs a document-by-document copy of one or more Xapian databases |
|
is a command line tool to search through a database |
|
is a simple example program demonstrating query expansion |
|
indexes each paragraph of a text file as a Xapian document |
|
is a simple command line search utility |
|
checks the consistency of a database or table |
|
compacts a database, or merges and compacts several databases |
|
reports information about the installed xapian |
|
inspects the contents of a Xapian database |
|
reads and writes user metadata |
|
inspects the contents of a flint table for development or debugging |
|
is a remote server for use with ProgClient |
|
replicates a database from a master server to a local copy |
|
services database replication requests from clients |
|
is the TCP daemon for use with Xapian's remote backend |
Last updated on 2021-02-19 22:13:48 -0800
Depending on what your system will be used for, you may or may not require the graphics and font libraries. Most desktop machines will want them for use with graphical applications. Most servers on the other hand, will not require them.
AAlib is a library to render any graphic into ASCII Art.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/aa-project/aalib-1.4rc5.tar.gz
Download MD5 sum: 9801095c42bba12edebd1902bcf0a990
Download size: 388 KB
Estimated disk space required: 6.5 MB
Estimated build time: 0.1 SBU
X Window System, slang-2.3.2, and GPM-1.20.7
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/aalib
Fix a minor problem with the included m4 file:
sed -i -e '/AM_PATH_AALIB,/s/AM_PATH_AALIB/[&]/' aalib.m4
Install AAlib by running the following commands:
./configure --prefix=/usr \ --infodir=/usr/share/info \ --mandir=/usr/share/man \ --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
is a demo of AAlib, rendering an animated fire in ASCII Art |
|
provides information for your current settings related to AAlib |
|
provides configuration info for AAlib |
|
saves a font to a file |
|
shows the abilities of AAlib in a little test |
|
is a collection of routines to render any graphical input in portable format to ASCII Art. It can be used through many programs and has a very well documented API, so you can easily put it into your own programs |
Last updated on 2021-02-21 15:09:04 -0800
The Babl package is a dynamic, any to any, pixel format translation library.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gimp.org/pub/babl/0.1/babl-0.1.84.tar.xz
Download MD5 sum: b40aea9b42f7245dbe36bcaa4170da93
Download size: 296 KB
Estimated disk space required: 16 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
gobject-introspection-1.66.1 and librsvg-2.50.3
Little CMS-2.12 and w3m
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/babl
Install Babl by running the following commands:
mkdir bld && cd bld && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install && install -v -m755 -d /usr/share/gtk-doc/html/babl/graphics && install -v -m644 docs/*.{css,html} /usr/share/gtk-doc/html/babl && install -v -m644 docs/graphics/*.{html,svg} /usr/share/gtk-doc/html/babl/graphics
install -v -m755 -d
/usr/share/gtk-doc/html/babl/graphics: This
and the subsequent commands install the library html
documentation under /usr/share/gtk-doc/html
where other gtk
packages put the programmer-oriented documentation.
Last updated on 2021-02-21 15:09:04 -0800
Exiv2 is a C++ library and a command line utility for managing image and video metadata.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.exiv2.org/builds/exiv2-0.27.3-Source.tar.gz
Download MD5 sum: 68a59595e8617284b2e1eee528ae1f77
Download size: 25 MB
Estimated disk space required: 76 MB
Estimated build time: 0.3 SBU (Using parallelism=4)
Doxygen-1.9.1, Graphviz-2.44.1, and libxslt-1.1.34
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/exiv2
Install Exiv2 by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DEXIV2_ENABLE_VIDEO=yes \ -DEXIV2_ENABLE_WEBREADY=yes \ -DEXIV2_ENABLE_CURL=yes \ -DEXIV2_BUILD_SAMPLES=no \ -G "Unix Makefiles" .. && make
This package does not come with a test suite.
Now, as the root
user:
make install
-DEXIV2_ENABLE_VIDEO=yes
: This
switch enables managing video metadata.
-DEXIV2_ENABLE_WEBREADY=yes
:
This switch enables managing web image metadata.
-DEXIV2_BUILD_SAMPLES=no
: This
switch is necessary to suppress building and installing
sample programs. If the sample programs are built, 34
additional programs are installed in /usr/bin.
-DEXIV2_ENABLE_CURL=yes
: This
switch is necessary to enable network/http capabilities.
Last updated on 2021-02-21 15:09:04 -0800
The FreeType2 package contains a library which allows applications to properly render TrueType fonts.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/freetype/freetype-2.10.4.tar.xz
Download MD5 sum: 0e6c0e9b218be3ba3e26e1d23b1c80dd
Download size: 2.4 MB
Estimated disk space required: 43 MB (with additional documentation)
Estimated build time: 0.2 SBU (with additional documentation)
Additional Documentation
Download (HTTP): https://downloads.sourceforge.net/freetype/freetype-doc-2.10.4.tar.xz
Download MD5 sum: a389bc390ca8009c758094e71a8fb18d
Download size: 2.0 MB
HarfBuzz-2.7.4 (first, install without it, after it is installed, reinstall FreeType-2.10.4), libpng-1.6.37, and Which-2.21
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/freetype2
If you downloaded the additional documentation, unpack it into the source tree using the following command:
tar -xf ../freetype-doc-2.10.4.tar.xz --strip-components=2 -C docs
Install FreeType2 by running the following commands:
sed -ri "s:.*(AUX_MODULES.*valid):\1:" modules.cfg && sed -r "s:.*(#.*SUBPIXEL_RENDERING) .*:\1:" \ -i include/freetype/config/ftoption.h && ./configure --prefix=/usr --enable-freetype-config --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
If you downloaded the optional documentation, install it as
the root
user:
install -v -m755 -d /usr/share/doc/freetype-2.10.4 && cp -v -R docs/* /usr/share/doc/freetype-2.10.4 && rm -v /usr/share/doc/freetype-2.10.4/freetype-config.1
sed -ri ...:
First command enables GX/AAT and OpenType table validation
and second command enables Subpixel Rendering. Note that
Subpixel Rendering may have patent issues. Be sure to read
the 'Other patent issues'
part
of http://www.freetype.org/patents.html
before enabling this option.
--enable-freetype-config
: This
switch ensure that the man page for freetype-config is
installed.
--without-harfbuzz
: If
harfbuzz is installed prior
to freetype without
freetype support, use this
switch to avoid a build failure.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 15:09:04 -0800
The Fontconfig package contains a library and support programs used for configuring and customizing font access.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/fontconfig/release/fontconfig-2.13.1.tar.bz2
Download MD5 sum: 36cdea1058ef13cbbfdabe6cb019dc1c
Download size: 1.6 MB
Estimated disk space required: 16 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
JSON-C-0.15, DocBook-utils-0.6.14 and libxml2-2.9.10, texlive-20200406 (or install-tl-unx)
If you have DocBook Utils
installed and you remove the --disable-docs
parameter from
the configure
command below, you must have SGMLSpm-1.1 and
texlive-20200406 installed
also, or the Fontconfig
build will fail.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/Fontconfig
Install Fontconfig by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --disable-docs \ --docdir=/usr/share/doc/fontconfig-2.13.1 && make
To test the results, issue: make check.
Now, as the root
user:
make install
If you did not remove the --disable-docs
parameter from
the configure
command, you can install the pre-generated documentation by
using the following commands as the root
user:
install -v -dm755 \ /usr/share/{man/man{1,3,5},doc/fontconfig-2.13.1/fontconfig-devel} && install -v -m644 fc-*/*.1 /usr/share/man/man1 && install -v -m644 doc/*.3 /usr/share/man/man3 && install -v -m644 doc/fonts-conf.5 /usr/share/man/man5 && install -v -m644 doc/fontconfig-devel/* \ /usr/share/doc/fontconfig-2.13.1/fontconfig-devel && install -v -m644 doc/*.{pdf,sgml,txt,html} \ /usr/share/doc/fontconfig-2.13.1
--disable-docs
: This
switch avoids building the documentation (the release tarball
includes pre-generated documentation).
The main configuration file for Fontconfig is /etc/fonts/fonts.conf
. Generally you do
not want to edit this file. It will also read /etc/fonts/local.conf
and any files in
/etc/fonts/conf.d
. To put a
new font directory in the configuration, create (or update)
the /etc/fonts/local.conf
file with your local information or add a new file in
/etc/fonts/conf.d
. The
default location of fonts in Fontconfig is:
/usr/share/fonts
~/.local/share/fonts
~/.fonts (this is now deprecated, but for the moment it still works)
Fontconfig also ships many
example configuration files in the /usr/share/fontconfig/conf.avail
directory. Symlinking specific files to /etc/fonts/conf.d
will enable them. The
default setup is generally good enough for most users. See
/etc/fonts/conf.d/README
for
a description of the configuration files.
More information about configuring Fontconfig can be found in the user's manual in file:///usr/share/doc/fontconfig-2.13.1/fontconfig-user.html.
is used to create font information caches |
|
is used to read font information caches |
|
shows the ruleset files' information on the system |
|
is used to create font lists |
|
is used to match available fonts, or find fonts that match a given pattern |
|
is used to parse pattern (empty pattern by default) and show the parsed result |
|
is used to query fonts files and print resulting patterns |
|
is used to scan font files and directories, and print resulting patterns |
|
is used to validate font files |
|
contains functions used by the Fontconfig programs and also by other programs to configure or customize font access |
Last updated on 2021-02-21 15:09:04 -0800
The FriBidi package is an implementation of the Unicode Bidirectional Algorithm (BIDI). This is useful for supporting Arabic and Hebrew alphabets in other packages.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/fribidi/fribidi/releases/download/v1.0.9/fribidi-1.0.9.tar.xz
Download MD5 sum: 1b767c259c3cd8e0c8496970f63c22dc
Download size: 1.1 MB
Estimated disk space required: 21 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/fribidi
Install FriBidi by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
is a command-line interface to the |
|
contains functions used to implement the Unicode Bidirectional Algorithm |
Last updated on 2021-02-21 11:05:24 -0800
This package provides the GEneric Graphics Library, which is a graph based image processing format.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gimp.org/pub/gegl/0.4/gegl-0.4.28.tar.xz
Download MD5 sum: 4111e0085c7077a506a67dc14d3514ed
Download size: 4.7 MB
Estimated disk space required: 89 MB (with tests)
Estimated build time: 0.5 SBU (Using parallelism=4; with tests)
babl-0.1.84 and JSON-GLib-1.6.2
gobject-introspection-1.66.1, Graphviz-2.44.1, Pygments-2.8.0, and PyGObject-3.38.0
asciidoc-9.1.0, Cairo-1.17.2+f93fc72c03e, Exiv2-0.27.3, FFmpeg-4.3.2, gdk-pixbuf-2.42.2, gexiv2-0.12.2, Graphviz-2.44.1, GTK-Doc-1.33.2, JasPer-2.0.25, Little CMS-2.12, libjpeg-turbo-2.0.6 libpng-1.6.37, librsvg-2.50.3, LibTIFF-4.2.0, libwebp-1.2.0, Pango-1.48.2, Ruby-3.0.0, SDL2-2.0.14, v4l-utils-1.20.0, Vala-0.50.3, lensfun, libopenraw, libspiro, libumfpack, LuaJIT, MRG, and OpenEXR
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gegl
At first, adjust some test scripts to use Python 3 installed in LFS, instead of EOL'ed Python 2:
sed '1s@python@&3@' -i tests/python/*.py
Install gegl by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Ddocs=true
: Build and install
documentation (requires GTK-Doc-1.33.2,).
is a commandline tool for working with the XML data model |
|
is a simple image difference detection tool for use in regression testing |
|
provides infrastructure to do demand based cached non destructive image editing on larger than RAM buffers |
|
is the GEGL N-point image deformation library |
|
is the GEGL Seamless Cloning library |
Last updated on 2021-02-21 15:09:04 -0800
The giflib package contains libraries for reading and writing GIFs as well as programs for converting and working with GIF files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://sourceforge.net/projects/giflib/files/giflib-5.2.1.tar.gz
Download (HTTP) MD5 sum: 6f03aee4ebe54ac2cc1ab3e4b0a049e5
Download (HTTP) size: 436 KB
Estimated disk space required: 3.2 MB (with documentation)
Estimated build time: less than 0.1 SBU (with documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/giflib
Install giflib by running the following commands:
make
This package does not come with a test suite.
Now, as the root
user:
make PREFIX=/usr install && find doc \( -name Makefile\* -o -name \*.1 \ -o -name \*.xml \) -exec rm -v {} \; && install -v -dm755 /usr/share/doc/giflib-5.2.1 && cp -v -R doc/* /usr/share/doc/giflib-5.2.1
find doc ... -exec rm -v {}
\;: This command removes Makefiles
, man and xml files from the
documentation directory that would otherwise be installed by
the commands that follow.
converts images saved as GIF to 24-bit RGB images |
|
dumps GIF data in a textual format, or undumps it to a GIF |
|
modifies GIF image colormaps |
|
clumsily attempts to fix truncated GIF images |
|
prints (text only) general information about a GIF file |
|
is a GIF transformation tool |
|
contains API functions required by the giflib programs and any other programs needing library functionality to read, write and manipulate GIF images |
Last updated on 2021-02-21 15:09:04 -0800
OpenGL Mathematics (GLM) is a header-only C++ mathematics library for graphics software based on the OpenGL Shading Language (GLSL) specifications. An extension system provides extended capabilities such as matrix transformations and quaternions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/g-truc/glm/archive/0.9.9.8/glm-0.9.9.8.tar.gz
Download MD5 sum: 0e83d4a33c7d4044a2c35c8d6aba4671
Download size: 4.2 MB
Estimated disk space required: 23 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/GLM
This package is unusual as it includes its functionality in header files. We just copy them into position.
As the root
user:
cp -r glm /usr/include/ && cp -r doc /usr/share/doc/glm-0.9.9.8
Last updated on 2021-02-21 15:09:04 -0800
Graphite2 is a rendering engine for graphite fonts. These are TrueType fonts with additional tables containing smart rendering information and were originally developed to support complex non-Roman writing systems. They may contain rules for e.g. ligatures, glyph substitution, kerning, justification - this can make them useful even on text written in Roman writing systems such as English. Note that firefox by default provides an internal copy of the graphite engine and cannot use a system version (although it can now be patched to use it), but it too should benefit from the availability of graphite fonts.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/silnrsi/graphite/releases/download/1.3.14/graphite2-1.3.14.tgz
Download MD5 sum: 1bccb985a7da01092bfb53bb5041e836
Download size: 6.3 MB
Estimated disk space required: 28 MB (with tests add docs)
Estimated build time: 0.2 SBU (with tests and docs)
FreeType-2.10.4, silgraphite to build the comparerender test and benchmarking tool, and if that is present, and HarfBuzz-2.7.4 to add more functionality to it (this is a circular dependency, you would need to first build graphite2 without harfbuzz).
To build the documentation: asciidoc-9.1.0, Doxygen-1.9.1, texlive-20200406 (or install-tl-unx), and dblatex (for PDF docs)
To execute the test suite you will need FontTools (Python 3 module), otherwise, the "cmp" tests fail.
You will need at least one suitable graphite font for the package to be useful.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/graphite2
Some tests fail if FontTools (Python 3 module) is not installed. These tests can be removed with:
sed -i '/cmptest/d' tests/CMakeLists.txt
Install Graphite2 by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr .. && make
If you wish to build the documentation, issue:
make docs
To test the results, issue: make test.
Now, as the root
user:
make install
If you built the documentation, install, as the root
user:
install -v -d -m755 /usr/share/doc/graphite2-1.3.14 && cp -v -f doc/{GTF,manual}.html \ /usr/share/doc/graphite2-1.3.14 && cp -v -f doc/{GTF,manual}.pdf \ /usr/share/doc/graphite2-1.3.14
-DCMAKE_VERBOSE_MAKEFILE=ON
: This
switch turns on build verbose mode.
Last updated on 2021-02-21 15:09:04 -0800
The HarfBuzz package contains an OpenType text shaping engine.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/harfbuzz/harfbuzz/releases/download/2.7.4/harfbuzz-2.7.4.tar.xz
Download MD5 sum: 6d8393e6fb84edfb15997d1c5ba35b1b
Download size: 9.1 MB
Estimated disk space required: 229 MB (add 6 MB for tests)
Estimated build time: 0.3 SBU (Using parallelism=4; add 0.2 SBU for tests)
gobject-introspection-1.66.1 (required if building GNOME), GLib-2.66.7 (required for Pango), Graphite2-1.3.14 (required for building texlive-20200406 or LibreOffice-7.1.0.3 with system harfbuzz), ICU-68.2, and FreeType-2.10.4 (after HarfBuzz-2.7.4 is installed, reinstall FreeType-2.10.4)
Cairo-1.17.2+f93fc72c03e (circular: build cairo and all its recommended dependencies, including harfbuzz, first, then rebuild harfbuzz if the cairo backend is needed), git-2.30.1, GTK-Doc-1.33.2, and FontTools (Python 3 module, for the testsuite)
Recommended dependencies are not strictly required to build the package. However, you might not get expected results at runtime if you don't install them. Please do not report bugs with this package if you have not installed the recommended dependencies.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/harfbuzz
Install HarfBuzz by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Dgraphite=enabled -Dbenchmark=disabled && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Dgraphite=enabled
:
This switch enables Graphite2 support, which is required for
building texlive-20200406 or LibreOffice-7.1.0.3 with system
harfbuzz.
-Dbenchmark=disabled
:
This switch disables downloading and building the
google-benchmark subproject,
which requires git-2.30.1, and is of no use for non
developpers.
-Ddocs=false
: If GTK-Doc-1.33.2 is
installed, the documentation is built and installed. This
switch prevents that.
gives the set of characters contained in a string, represented as single characters and/or single character names. Example: hb-ot-shape-closure /usr/share/fonts/dejavu/DejaVuSans.ttf "Hello World." |
|
is used for the conversion of text strings into positioned glyphs |
|
is used to create subsets of fonts, and display text using them |
|
displays a graphical view of a string shape using a particular font as a set of glyphs. The output format is automatically defined by the file extension, the supported ones being ansi/png/svg/pdf/ps/eps. For example: hb-view --output-file=hello.png /usr/share/fonts/dejavu/DejaVuSans.ttf "Hello World." |
|
is the HarfBuzz text shaping library |
|
provides GObject integration for the HarfBuzz text shaping library |
|
provides ICU integration for the HarfBuzz text shaping library |
Last updated on 2021-02-21 15:09:04 -0800
The JasPer Project is an open-source initiative to provide a free software-based reference implementation of the JPEG-2000 codec.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/jasper-software/jasper/archive/version-2.0.25/jasper-2.0.25.tar.gz
Download MD5 sum: afbdd817fcdd0dcfbd6bec79825b944a
Download size: 1.3 MB
Estimated disk space required: 7.3 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
Freeglut-3.2.1 (required for jiv), Doxygen-1.9.1 (needed for generating html documentation), and texlive-20200406 (needed to regnerate the pdf documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/jasper
The tarball jasper-2.0.25.tar.gz will extract to jasper-version-2.0.25.
Install JasPer by running the following commands:
mkdir BUILD && cd BUILD && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_SKIP_INSTALL_RPATH=YES \ -DJAS_ENABLE_DOC=NO \ -DCMAKE_INSTALL_DOCDIR=/usr/share/doc/jasper-2.0.25 \ .. && make
To test the results, issue: make test.
Now, as the root
user:
make install
-DCMAKE_SKIP_INSTALL_RPATH=YES
:
This option removes embedded library search paths.
-DJAS_ENABLE_DOC=NO
:
This option disables rebuilding the pdf documentation if
texlive-20200406 is installed.
Last updated on 2021-02-21 15:09:04 -0800
The Little CMS library is used by other programs to provide color management facilities.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/lcms/lcms-1.19.tar.gz
Download MD5 sum: 8af94611baf20d9646c7c2c285859818
Download size: 927 KB
Estimated disk space required: 27 MB
Estimated build time: 0.5 SBU
LibTIFF-4.2.0, libjpeg-turbo-2.0.6, and Python-2.7.18 (with SWIG-4.0.2 also)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lcms
Install Little CMS by running the following commands:
patch -Np1 -i ../lcms-1.19-cve_2013_4276-1.patch && ./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/lcms-1.19 && install -v -m644 README.1ST doc/* \ /usr/share/doc/lcms-1.19
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-python
: Use this parameter
if Python and SWIG are installed.
generates PostScript CRD or CSA from ICC profiles |
|
links two or more profiles into a single device link profile |
|
is a color space conversion calculator |
|
is an ICC profile applier for JPEG files |
|
is an ICC profile applier for TIFF files |
|
is a TIFF compare utility |
|
shows media white of profiles, identifying black body locus |
|
is used by the lcms programs as well as other programs to provide color management facilities |
Last updated on 2021-02-21 15:09:04 -0800
The Little Color Management System is a small-footprint color management engine, with special focus on accuracy and performance. It uses the International Color Consortium standard (ICC), which is the modern standard for color management.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/lcms/lcms2-2.12.tar.gz
Download MD5 sum: 8cb583c8447461896320b43ea9a688e0
Download size: 7.1 MB
Estimated disk space required: 22 MB (with the tests)
Estimated build time: 0.2 SBU (with the tests)
libjpeg-turbo-2.0.6 and LibTIFF-4.2.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lcms2
Install Little CMS2 by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 11:05:24 -0800
The libexif package contains a library for parsing, editing, and saving EXIF data. Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. All EXIF tags described in EXIF standard 2.1 are supported.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/libexif/libexif/releases/download/libexif-0_6_22-release/libexif-0.6.22.tar.xz
Download MD5 sum: 1070601438443fdd5b8635565693cf99
Download size: 1.3 MB
Estimated disk space required: 21 MB
Estimated build time: 0.1 SBU
Doxygen-1.9.1 and Graphviz-2.44.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libexif
First, apply a patch to fix a security issue (integer overflow leading to Out Of Buffer write):
patch -Np1 -i ../libexif-0.6.22-security_fixes-1.patch
Install libexif by running the following commands:
./configure --prefix=/usr \ --disable-static \ --with-doc-dir=/usr/share/doc/libexif-0.6.22 && make
To test the results, issue: make check.
Now, as the root
user:
make install
Documentation was built and installed if you have the
dependencies shown above installed. If you don't have the
dependencies installed, there is a compressed tarball in the
source tree doc
directory that
can be unpacked into /usr/share/doc/libexif-0.6.22.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 15:09:04 -0800
The libgxps package provides an interface to manipulate XPS documents.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/libgxps/0.3/libgxps-0.3.1.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/libgxps/0.3/libgxps-0.3.1.tar.xz
Download MD5 sum: ade83c264b3af2551a0dff9144478df8
Download size: 92 KB
Estimated disk space required: 6.0 MB
Estimated build time: 0.1 SBU
GTK+-3.24.25, Little CMS-2.12, libarchive-3.5.1, libjpeg-turbo-2.0.6, LibTIFF-4.2.0, and libxslt-1.1.34
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libgxps
Install Libgxps by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
Last updated on 2021-02-21 15:09:04 -0800
libjpeg-turbo is a fork of the original IJG libjpeg which uses SIMD to accelerate baseline JPEG compression and decompression. libjpeg is a library that implements JPEG image encoding, decoding and transcoding.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/libjpeg-turbo/libjpeg-turbo-2.0.6.tar.gz
Download MD5 sum: 4cada3f0bdc93d826fa31bf9e4469ef6
Download size: 2.1 MB
Estimated disk space required: 31 MB (with tests)
Estimated build time: 0.3 SBU (using parallelism=4; with tests)
CMake-3.19.5 and NASM-2.15.05 or yasm-1.3.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libjpeg-turbo
Install libjpeg-turbo by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=RELEASE \ -DENABLE_STATIC=FALSE \ -DCMAKE_INSTALL_DOCDIR=/usr/share/doc/libjpeg-turbo-2.0.6 \ -DCMAKE_INSTALL_DEFAULT_LIBDIR=lib \ .. && make
To test the results, issue: make test.
If installing libjpeg-turbo over an older jpeg
installation, not all library symbolic links are updated
properly. To fix this before installation, run the
following as the root
user:
rm -f /usr/lib/libjpeg.so*
Now, as the root
user:
make install
-DWITH_JPEG8=ON
: This switch
enables compatibility with libjpeg version 8.
compresses image files to produce a JPEG/JFIF file on the standard output. Currently supported input file formats are: PPM (PBMPLUS color format), PGM (PBMPLUS gray-scale format), BMP, and Targa |
|
decompresses image files from JPEG/JFIF format to either PPM (PBMPLUS color format), PGM (PBMPLUS gray-scale format), BMP, or Targa format |
|
is used for lossless transformation of JPEG files |
|
displays text comments from within a JPEG file |
|
is used to benchmark the performance of libjpeg-turbo |
|
inserts text comments into a JPEG file |
|
contains functions used for reading and writing JPEG images |
Last updated on 2021-02-21 11:05:24 -0800
The libmng libraries are used by programs wanting to read and write Multiple-image Network Graphics (MNG) files which are the animation equivalents to PNG files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/libmng/libmng-2.0.3.tar.xz
Download MD5 sum: e9e899adb1b681b17f14d91e261878c5
Download size: 932 KB
Estimated disk space required: 15 MB
Estimated build time: 0.1 SBU
libjpeg-turbo-2.0.6 and Little CMS-2.12
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libmng
Install libmng by running the following commands:
./configure --prefix=/usr --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/libmng-2.0.3 && install -v -m644 doc/*.txt /usr/share/doc/libmng-2.0.3
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 15:09:04 -0800
The libmypaint package, a.k.a. "brushlib", is a library for making brushstrokes which is used by MyPaint and other projects.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/mypaint/libmypaint/releases/download/v1.6.1/libmypaint-1.6.1.tar.xz
Download MD5 sum: 7f1dab2d30ce8a3f494354c7c77a2977
Download size: 508 KB
Estimated disk space required: 11 MB (add 1 MB for tests)
Estimated build time: 0.1 SBU (add 0.3 SBU for tests)
GLib-2.66.7 and gobject-introspection-1.66.1
Doxygen-1.9.1 (to create XML docs), gegl (0.3 versions only) and gperftools
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libmypaint
Install libmypaint by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
Last updated on 2021-02-21 15:09:04 -0800
The libpng package contains libraries used by other programs for reading and writing PNG files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/libpng/libpng-1.6.37.tar.xz
Download MD5 sum: 015e8e15db1eecde5f2eb9eb5b6e59e9
Download size: 992 KB
Estimated disk space required: 14 MB (with tests)
Estimated build time: less than 0.1 SBU (using parallelism=4; add 0.7 SBU for tests)
Recommended patch to include animated png functionality in libpng (required to use the system libpng in Firefox, Seamonkey, and Thunderbird): https://downloads.sourceforge.net/sourceforge/libpng-apng/libpng-1.6.37-apng.patch.gz
Patch md5sum: f02073fd96816b184c79b297775e37dc
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libpng
If you want to patch libpng to support apng files, apply it here:
gzip -cd ../libpng-1.6.37-apng.patch.gz | patch -p1
Install libpng by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install && mkdir -v /usr/share/doc/libpng-1.6.37 && cp -v README libpng-manual.txt /usr/share/doc/libpng-1.6.37
--disable-static
:
This switch prevents installation of static versions of the
libraries.
tests, optimizes and optionally fixes the zlib header in PNG files. Optionally, when fixing, strips ancillary chunks from the file |
|
fixes PNG files that have an incorrect length field in the iTXt chunks |
|
is a shell script that provides configuration information for applications wanting to use libpng |
|
contain routines used to create and manipulate PNG format graphics files |
Last updated on 2021-02-19 22:13:48 -0800
Libraw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.libraw.org/data/LibRaw-0.20.2.tar.gz
Download MD5 sum: 2e5bedb59ea433e2d2ef6bbbe5253179
Download size: 1.4 MB
Estimated disk space required: 29 MB
Estimated build time: 0.2 SBU (Using parallelism=4)
libjpeg-turbo-2.0.6, JasPer-2.0.25, and Little CMS-2.12
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libraw
Install libraw by running the following commands:
autoreconf -fiv && ./configure --prefix=/usr \ --enable-jpeg \ --enable-jasper \ --enable-lcms \ --disable-static \ --docdir=/usr/share/doc/libraw-0.20.2 && make
This package does not come with a test suite.
Now, as the root
user:
make install
--enable-jpeg
: This
switch enables support for jpeg. Remove if you don't have
libjpeg-turbo-2.0.6 installed.
--enable-jasper
: This
switch enables support for jasper. Remove if you don't have
JasPer-2.0.25 installed.
--enable-lcms
: This
switch enables support for Little CMS2. Remove if you don't
have Little CMS-2.12 installed.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
All the installed programs are examples of libraw use.
generates four TIFF files from RAW data, one file per channel |
|
emulates "dcraw -h" (see DCRAW manpage) |
|
emulates "dcraw [-4] [-6] [-e]" (see DCRAW manpage) |
|
creates eight different renderings from one source file. The first and fourth one should be identical |
|
emulates call to "dcraw [-D] [-T] [-v] [-e] [-4]" (see DCRAW manpage) |
|
is an almost complete dcraw emulator (see DCRAW manpage) |
|
emulates call to "dcraw -h [-w] [-a] [-v]" (see DCRAW manpage) |
|
creates eight different renderings from one source file. The first and fourth one should be identical |
|
emulates call to "dcraw -i [-v]" (see DCRAW manpage) |
|
generates unprocessed raw image: with masked pixels and without black subtraction |
Last updated on 2021-02-21 15:09:04 -0800
The librsvg package contains a library and tools used to manipulate, convert and view Scalable Vector Graphic (SVG) images.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/librsvg/2.50/librsvg-2.50.3.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/librsvg/2.50/librsvg-2.50.3.tar.xz
Download MD5 sum: aa965ac365fb1078cfb23ee11c6ce4e0
Download size: 18 MB
Estimated disk space required: 1.2 GB (97 MB installed), add 987 MB for tests
Estimated build time: 1.2 SBU (Using parallelism=4), add 1.3 SBU for tests
gdk-pixbuf-2.42.2, Cairo-1.17.2+f93fc72c03e, Pango-1.48.2, and rustc-1.47.0
gobject-introspection-1.66.1 and Vala-0.50.3
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/librsvg
Install librsvg by running the following commands:
./configure --prefix=/usr \ --enable-vala \ --disable-static \ --docdir=/usr/share/doc/librsvg-2.50.3 && make
To test the results, issue: make check. Many of the tests in 'reftests' may fail (44 in November 2020) because they produce, and then diff, graphic files with text and the details such as spacing vary when the system versions of cairo, freetype, pixman, pango and perhaps harfbuzz differ from the versions on the system where the reference files were created.
Now, as the root
user:
make install
If you installed the package on to your system using a
“DESTDIR” method, an important
file was not installed and should be copied and/or
generated. Generate it using the following command as the
root
user:
gdk-pixbuf-query-loaders --update-cache
--enable-vala
: This
switch enables building of the Vala bindings. Remove this
switch if you don't have Vala-0.50.3 installed.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--disable-introspection
: Use this
switch if you have not installed Gobject Introspection.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 15:09:04 -0800
Libspiro will take an array of spiro control points and convert them into a series of bezier splines which can then be used in the myriad of ways the world has come to use beziers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/fontforge/libspiro/releases/download/20200505/libspiro-dist-20200505.tar.gz
Download MD5 sum: d2d3eef9381c05a9a0268c0863ec9f9d
Download size: 413 KB
Estimated disk space required: 5.3 MB (add 1.2 MB if running the tests)
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libspiro
Install libspiro by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 15:09:04 -0800
The LibTIFF package contains the TIFF libraries and associated utilities. The libraries are used by many programs for reading and writing TIFF files and the utilities are used for general work with TIFF files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.osgeo.org/libtiff/tiff-4.2.0.tar.gz
Download MD5 sum: 2bbf6db1ddc4a59c89d6986b368fc063
Download size: 2.7 MB
Estimated disk space required: 16 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
Freeglut-3.2.1 (required for tiffgt), libjpeg-turbo-2.0.6, libwebp-1.2.0, and JBIG-KIT
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libtiff
Install LibTIFF by running the following commands:
mkdir -p libtiff-build && cd libtiff-build && cmake -DCMAKE_INSTALL_DOCDIR=/usr/share/doc/libtiff-4.2.0 \ -DCMAKE_INSTALL_PREFIX=/usr -G Ninja .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
converts a TIFF facsimile to compressed PostScript file |
|
creates a TIFF Class F fax file from raw fax data |
|
converts a palette color TIFF image to a full color image |
|
creates a TIFF file from a PPM image file |
|
converts a raw byte sequence into TIFF |
|
converts a color TIFF image to grayscale |
|
converts a TIFF image to a PDF document |
|
converts a TIFF image to a PostScript file |
|
converts a wide variety of TIFF images into an RGBA TIFF image |
|
compares two TIFF files |
|
copies (and possibly converts) a TIFF file |
|
selects, copies, crops, converts, extracts and/or processes one or more TIFF files |
|
converts a grayscale image to bilevel using dithering |
|
prints verbatim information about TIFF files |
|
displays an image stored in a TIFF file |
|
prints information about TIFF files |
|
applies the median cut algorithm to data in a TIFF file |
|
sets the value of a TIFF header to a specified value |
|
splits a multi-image TIFF into single-image TIFF files |
|
contains the API functions used by the libtiff programs as well as other programs to read and write TIFF files |
|
contains the C++ API functions used by programs to read and write TIFF files |
Last updated on 2021-02-21 11:05:24 -0800
The libwebp package contains a library and support programs to encode and decode images in WebP format.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://downloads.webmproject.org/releases/webp/libwebp-1.2.0.tar.gz
Download MD5 sum: 978087605c288fd6c0ab7c4d11e903ae
Download size: 3.9 MB
Estimated disk space required: 50 MB
Estimated build time: 0.3 SBU
libjpeg-turbo-2.0.6, libpng-1.6.37, LibTIFF-4.2.0, and SDL-1.2.15 (for improved 3D Acceleration)
Freeglut-3.2.1 and giflib-5.2.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libwebp
Install libwebp by running the following commands:
./configure --prefix=/usr \ --enable-libwebpmux \ --enable-libwebpdemux \ --enable-libwebpdecoder \ --enable-libwebpextras \ --enable-swap-16bit-csp \ --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
--enable-swap-16bit-csp
: This
switch enables byte swap for 16 bit colorspaces.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
compresses an image using the WebP format |
|
decompresses WebP files into PNG, PAM, PPM or PGM images |
|
converts a GIF image to a WebP image |
|
creates an animated WebP file from a sequence of input images |
|
decompresses a WebP file and displays it in a window |
|
prints out the cunk level structure of WebP files along with performing basic integrity checks |
|
creates animated WebP files from non-animated WebP images, extracts frames from animated WebP images, and manages XMP/EXIF metadata and ICC profile |
|
contains the API functions for WebP encoding and decoding |
Last updated on 2021-02-21 11:05:24 -0800
The mypaint-brushes package contains brushes used by packages which use libmypaint.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/Jehan/mypaint-brushes/archive/v1.3.0/mypaint-brushes-v1.3.0.tar.gz
Download MD5 sum: 679190d88f67a94db57ac99017f966f5
Download size: 2.4 MB
Estimated disk space required: 8.8 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/mypaint-brushes
Install mypaint-brushes by running the following commands:
patch -Np1 -i ../mypaint-brushes-1.3.0-automake_1.16-1.patch && ./autogen.sh && ./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-21 15:09:04 -0800
Newt is a programming library for color text mode, widget based user interfaces. It can be used to add stacked windows, entry widgets, checkboxes, radio buttons, labels, plain text fields, scrollbars, etc., to text mode user interfaces. Newt is based on the S-Lang library.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://releases.pagure.org/newt/newt-0.52.21.tar.gz
Download MD5 sum: a0a5fd6b53bb167a65e15996b249ebb5
Download size: 172 KB
Estimated disk space required: 6.4 MB
Estimated build time: less than 0.1 SBU
popt-1.18 and slang-2.3.2
GPM-1.20.7 (runtime)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/newt
Install newt by running the following command:
sed -e 's/^LIBNEWT =/#&/' \ -e '/install -m 644 $(LIBNEWT)/ s/^/#/' \ -e 's/$(LIBNEWT)/$(LIBNEWTSONAME)/g' \ -i Makefile.in && ./configure --prefix=/usr --with-gpm-support && make
This package does not come with a test suite.
Now, as the root
user:
make install
--with-gpm-support
:
This switch enables mouse support for newt applications
through GPM.
sed -e ... -i Makefile.in: Disables installation of a static library.
Last updated on 2021-02-21 15:09:04 -0800
The opencv package contains graphics libraries mainly aimed at real-time computer vision.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/opencv/opencv/archive/4.5.1/opencv-4.5.1.tar.gz
Download MD5 sum: 2205d3169238ec1f184438a96de68513
Download size: 84 MB
Estimated disk space required: 706 MB
Estimated build time: 2.9 SBU (using parallelism=4)
Optional additional modules: https://github.com/opencv/opencv_contrib/archive/4.5.1/opencv_contrib-4.5.1.tar.gz
One additional file that starts with "ippicv" (integrated performance primitives) will be automatically downloaded during the cmake portion of the build procedure. This download is specific to the system architecture.
FFmpeg-4.3.2, gst-plugins-base-1.18.3, GTK+-3.24.25, JasPer-2.0.25, libjpeg-turbo-2.0.6, libpng-1.6.37, LibTIFF-4.2.0, libwebp-1.2.0, v4l-utils-1.20.0, and xine-lib-1.2.11
apache-ant-1.10.9, Doxygen-1.9.1, Java-15.0.2, Python-2.7.18, Cuda, Eigen, OpenEXR, GCD, GDAL, GigEVisionSDK, JACK, libdc1394, libgphoto2, NumPy, OpenNI, PlanetUML, PvAPI, Threading Building Blocks (TBB), UniCap, VTK - The Visualization Toolkit, and XIMEA
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/opencv
If needed, unpack the additional modules package:
tar xf ../opencv_contrib-4.5.1.tar.gz
Install opencv by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DENABLE_CXX11=ON \ -DBUILD_PERF_TESTS=OFF \ -DWITH_XINE=ON \ -DBUILD_TESTS=OFF \ -DENABLE_PRECOMPILED_HEADERS=OFF \ -DCMAKE_SKIP_RPATH=ON \ -DBUILD_WITH_DEBUG_INFO=OFF \ -Wno-dev .. && make
The package does not come with an operable test suite.
Now, as the root
user:
make install
-DWITH_XINE=ON
: This
option instructs the make procedure to use xine-lib-1.2.11.
-DENABLE_PRECOMPILED_HEADERS=OFF
:
This option is needed for compatibiiity with gcc-6.1 and
later.
-DOPENCV_EXTRA_MODULES_PATH=../opencv_contrib-4.5.1/modules
:
instructs the build system to build additional modules.
Last updated on 2021-02-23 18:13:38 -0800
OpenJPEG is an open-source implementation of the JPEG-2000 standard. OpenJPEG fully respects the JPEG-2000 specifications and can compress/decompress lossless 16-bit images.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/uclouvain/openjpeg/archive/v2.4.0/openjpeg-2.4.0.tar.gz
Download MD5 sum: 4d388298335947367e91f1d100468af1
Download size: 2.1 MB
Estimated disk space required: 16 MB
Estimated build time: 0.2 SBU
Little CMS-2.12, libpng-1.6.37, LibTIFF-4.2.0, and Doxygen-1.9.1 (to build the API documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/openjpeg2
Install OpenJPEG by running the following commands:
mkdir -v build && cd build && cmake -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX=/usr \ -DBUILD_STATIC_LIBS=OFF .. && make
This package does not come with a working test suite.
Now, as the root
user:
make install && pushd ../doc && for man in man/man?/* ; do install -v -D -m 644 $man /usr/share/$man done popd
Last updated on 2021-02-21 15:09:04 -0800
The Pixman package contains a library that provides low-level pixel manipulation features such as image compositing and trapezoid rasterization.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cairographics.org/releases/pixman-0.40.0.tar.gz
Download MD5 sum: 73858c0862dd9896fb5f62ae267084a4
Download size: 892 KB
Estimated disk space required: 55 MB (with tests)
Estimated build time: 0.8 SBU (with tests)
GTK+-2.24.33 and libpng-1.6.37 (for tests and demos)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pixman
Install Pixman by running the following commands:
mkdir build && cd build && meson --prefix=/usr && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
Last updated on 2021-02-20 17:41:49 -0800
The Poppler package contains a PDF rendering library and command line tools used to manipulate PDF files. This is useful for providing PDF rendering functionality as a shared library.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://poppler.freedesktop.org/poppler-21.02.0.tar.xz
Download MD5 sum: eb52009df36fc612fd195d88641388db
Download size: 1.6 MB
Estimated disk space required: 97 MB (with Qt5 library and tests)
Estimated build time: 0.8 SBU (with parallelism=4, Qt5 library, and tests)
Poppler Encoding Data
Download (HTTP): https://poppler.freedesktop.org/poppler-data-0.4.10.tar.gz
Download MD5 sum: a7f15fb2f26c60a7a92093cfdf2378d5
Download size: 4.3 MB
Estimated disk space required: 25 MB
Estimated build time: less than 0.1 SBU
The additional package consists of encoding files for use with Poppler. The encoding files are optional and Poppler will automatically read them if they are present. When installed, they enable Poppler to render CJK and Cyrillic properly.
CMake-3.19.5 and Fontconfig-2.13.1
Cairo-1.17.2+f93fc72c03e, Little CMS-2.12, libjpeg-turbo-2.0.6, libpng-1.6.37, NSS-3.61, and OpenJPEG-2.4.0
Boost-1.75.0, cURL-7.75.0, gdk-pixbuf-2.42.2, git-2.30.1 (for downloading test files), gobject-introspection-1.66.1, GTK-Doc-1.33.2, Pygments-2.8.0, GTK+-3.24.25, LibTIFF-4.2.0, and Qt-5.15.2 (required for PDF support in Okular-20.12.2)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/poppler
Install Poppler by running the following commands:
mkdir build && cd build && cmake -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX=/usr \ -DTESTDATADIR=$PWD/testfiles \ -DENABLE_UNSTABLE_API_ABI_HEADERS=ON \ .. && make
In order to run the test suite, some testcases are needed and can be obtained only from a git repository. The command to download them is: git clone git://git.freedesktop.org/git/poppler/test testfiles. Then issue: LC_ALL=en_US.UTF-8 make test.
Now, as the root
user:
make install
To install the documentation, run the following commands as
root
:
install -v -m755 -d /usr/share/doc/poppler-21.02.0 && cp -vr ../glib/reference/html /usr/share/doc/poppler-21.02.0
If you downloaded the additional encoding data package, install it by issuing the following commands:
tar -xf ../../poppler-data-0.4.10.tar.gz && cd poppler-data-0.4.10
Now, as the root
user:
make prefix=/usr install
-DCMAKE_BUILD_TYPE=Release
:
This switch is used to apply a higher level of compiler
optimizations.
-DTESTDATADIR=$PWD/testfiles
:
Tells the test programs where the auxiliary files are
located.
-DENABLE_UNSTABLE_API_ABI_HEADERS=ON
:
Installs some old Xpdf
headers required by certain programs.
-DENABLE_GTK_DOC=ON
: Use this
parameter if GTK-Doc and Pygments is installed and you wish
to rebuild and install the API documentation.
LC_ALL=en_US.UTF-8 make test: Runs the test suite. The environment variable LC_ALL=en_US.UTF-8 is only needed if the default locale does not include UTF-8.
adds a new embedded file to an existing PDF file |
|
lists or extracts embedded files from PDF files |
|
lists the fonts used in a PDF file along with various information for each font |
|
saves images from a PDF file as PPM, PBM, or JPEG files |
|
prints the contents of the 'Info' dictionary (plus some other useful information) from a PDF file |
|
extracts single pages from a PDF file |
|
verifies the digital signatures in a PDF document |
|
converts a PDF file to one of several formats (PNG, JPEG, PDF, PS, EPS, SVG) using the cairo output device of the poppler library |
|
converts a PDF file to HTML |
|
converts PDF files to PBM, PGM and PPM formats |
|
converts PDF files to Postscript format |
|
converts PDF files to plain text |
|
merges several PDF files, in the order of their occurrence on the command line, to one PDF output file |
|
contains the API functions to render PDF files |
|
is a C++ backend for rendering PDF files |
|
is a wrapper library used to interface the PDF rendering functions with GTK+ |
|
is a wrapper library used to interface the PDF rendering functions with Qt5 |
Last updated on 2021-02-21 20:38:24 -0800
Potrace™ is a tool for transforming a bitmap (PBM, PGM, PPM, or BMP format) into one of several vector file formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/potrace/potrace-1.16.tar.gz
Download MD5 sum: 5f0bd87ddd9a620b0c4e65652ef93d69
Download size: 644 KB
Estimated disk space required: 7.1 MB (including tests)
Estimated build time: less than 0.1 SBU (including tests)
LLVM-11.1.0 (including clang)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/potrace
Install Potrace by running the following commands:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/potrace-1.16 \ --enable-a4 \ --enable-metric \ --with-libpotrace && make
To run the test suite, issue: make check.
Now, as the root
user:
make install
--enable-a4
: Use A4
as the default paper size.
--enable-metric
: Use
metric units (centimeters) as default
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-libpotrace
:
Install the library and headers.
Last updated on 2021-02-21 15:09:04 -0800
The Qpdf package contains command-line programs and a library that does structural, content-preserving transformations on PDF files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/qpdf/qpdf/releases/download/release-qpdf-10.1.0/qpdf-10.1.0.tar.gz
Download MD5 sum: 6d72264ff68a9807418af4d7fc613e95
Download size: 18 MB
Estimated disk space required: 274 MB (add 44 MB for tests)
Estimated build time: 0.5 SBU (using parallelism=4; add 1.3 SBU for tests)
fop-2.6, GnuTLS-3.7.0, and libxslt-1.1.34
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/qpdf
Install Qpdf by running the following commands:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/qpdf-10.1.0 && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-21 15:09:04 -0800
Qrencode is a fast and compact library for encoding data in a QR Code symbol, a 2D symbology that can be scanned by handheld terminals such as a mobile phone with a CCD sensor.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://fukuchi.org/works/qrencode/qrencode-4.1.1.tar.bz2
Download MD5 sum: de7185bcab635a34730e1b73d4efa705
Download size: 451 KB
Estimated disk space required: 5.0 MB (with documentation, add 5 MB for tests)
Estimated build time: less than 0.1 SBU, add 0.1 SBU for tests
Doxygen-1.9.1 for generating documentation, and SDL2-2.0.14 for tests
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/qrencode
Install libqrencode by running the following commands:
./configure --prefix=/usr && make
If you have installed Doxygen-1.9.1, you can build the documentation by issuing:
doxygen
The tests must be run after installing the package.
Now, as the root
user:
make install
If you have built the optional documentation, install it as
the root
user:
install -vdm 755 /usr/share/doc/qrencode-4.1.1 && mv html/* /usr/share/doc/qrencode-4.1.1
To test the results, if you have passed the --with-tests
option to configure, issue:
make check.
--with-tests
: This option allows
building the test programs. It requires SDL2-2.0.14.
--without-tools
: This option
prevents building the qrencode executable,
removing the need for libpng-1.6.37.
Last updated on 2021-02-21 15:09:04 -0800
SassC is a wrapper around libsass, a CSS pre-processor language.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/sass/sassc/archive/3.6.1/sassc-3.6.1.tar.gz
Download MD5 sum: dd675920c7151e50e2d2ac14f0fb222a
Download size: 28 KB
Estimated disk space required: 4.4 MB
Estimated build time: 0.1 SBU
Download (HTTP): https://github.com/sass/libsass/archive/3.6.4/libsass-3.6.4.tar.gz
Download MD5 sum: 602f7ff300f41f9d456c60a67270e3e0
Download size: 332 KB
Estimated disk space required: 210 MB
Estimated build time: 0.5 SBU (Using parallelism=4)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sassc
First, build the library:
tar -xf ../libsass-3.6.4.tar.gz && pushd libsass-3.6.4 && autoreconf -fi && ./configure --prefix=/usr --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
Build the command line wrapper:
popd && autoreconf -fi && ./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-21 11:05:24 -0800
WOFF2 is a library for converting fonts from the TTF format to the WOFF 2.0 format. It also allows decompression from WOFF 2.0 to TTF. The WOFF 2.0 format uses the Brotli compression algorithm to compress fonts suitable for downloading in CSS @font-face rules.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/google/woff2/archive/v1.0.2/woff2-1.0.2.tar.gz
Download MD5 sum: 793c8844845351cb80730a74937e411b
Download size: 39 KB
Estimated disk space required: 1.6 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/woff2
Install WOFF2 by running the following commands:
mkdir out && cd out && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release .. && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-21 15:09:04 -0800
This chapter contains various utilities that do not fit conveniently into other chapters. Programs include some documentation generators, several utilities for manipulating text and graphics, programs for listing files, a program for entering PIN numbers and pass-phrases, and a connection manager.
The Asciidoc package is a text document format for writing notes, documentation, articles, books, ebooks, slideshows, web pages, man pages and blogs. AsciiDoc files can be translated to many formats including HTML, PDF, EPUB, and man page.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/asciidoc/asciidoc-py3/releases/download/9.1.0/asciidoc-9.1.0.tar.gz
Download MD5 sum: 6b0700c602a926325d71f7681dde5c6e
Download size: 1.2 MB
Estimated disk space required: 8.6 MB
Estimated build time: less than 0.1 SBU
docbook-xsl-1.79.2, fop-2.6, libxslt-1.1.34, Lynx-2.8.9rel.1, dblatex, and W3m
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/asciidoc
First, fix a build problem if the optional dependencies are not installed:
sed -i 's:doc/testasciidoc.1::' Makefile.in && rm doc/testasciidoc.1.txt
Install Asciidoc by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --docdir=/usr/share/doc/asciidoc-9.1.0 && make
This package does not come with a test suite.
Now, as the root
user:
make install && make docs
Last updated on 2021-02-20 11:35:58 -0800
The Bogofilter application is a mail filter that classifies mail as spam or ham (non-spam) by a statistical analysis of the message's header and content (body).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/bogofilter/bogofilter-1.2.5.tar.xz
Download MD5 sum: 8763f87adfff7b802ced177d8c654539
Download size: 784 KB
Estimated disk space required: 19 MB
Estimated build time: 0.1 SBU
lmdb-0.9.28, SQLite-3.34.1, xmlto-0.0.28, QDBM and TokyoCabinet
If you do not install the recommended Gsl-2.6 package then a statically linked shipped version will be used instead.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bogofilter
If you plan to change the version of your database library on an existing installation, or to change to a different database, read the warning at the top of the RELEASE.NOTES file.
Install Bogofilter by running the following commands:
./configure --prefix=/usr --sysconfdir=/etc/bogofilter && make
To test the results, issue make check.
Now, as the root
user:
make install
--with-database=
: This switch
allows you to change the default database from db to either
qdbm, sqlite3 or tokyocabinet.
creates a more compact bogofilter working directory with a dump/load cycle |
|
copies a bogofilter working directory to another directory |
|
bundles a bogofilter working directory in tar format and copies it to standard output |
|
is a fast Bayesian spam filter |
|
is used to separate messages into tokens and to test new versions of the lexer.l code |
|
attempts to find optimum parameter settings for bogofilter |
|
upgrades the bogofilter database to the current version |
|
dumps, loads, and maintains bogofilter database files |
Last updated on 2021-02-20 11:35:58 -0800
Compface provides utilities and a library to convert from/to X-Face format, a 48x48 bitmap format used to carry thumbnails of email authors in a mail header.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://anduin.linuxfromscratch.org/BLFS/compface/compface-1.5.2.tar.gz
Download (FTP): ftp://anduin.linuxfromscratch.org/BLFS/compface/compface-1.5.2.tar.gz
Download MD5 sum: 62f4f79c0861ad292ba3cf77b4c48319
Download size: 47 KB
Estimated disk space required: 520 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/compface
Install Compface by running the following commands:
./configure --prefix=/usr --mandir=/usr/share/man && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -m755 -v xbm2xface.pl /usr/bin
is a filter for generating highly compressed representations of 48x48x1 face image files |
|
is an inverse filter which performs an inverse transformation with no loss of data |
|
is a script to generate xfaces |
|
allows the compression and decompression algorithms to be used in other programs such as MTAs |
Last updated on 2021-02-20 11:35:58 -0800
The Desktop File Utils package contains command line utilities for working with Desktop entries. These utilities are used by Desktop Environments and other applications to manipulate the MIME-types application databases and help adhere to the Desktop Entry Specification.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/desktop-file-utils/releases/desktop-file-utils-0.26.tar.xz
Download MD5 sum: 29739e005f5887cf41639b8450f3c23f
Download size: 84 KB
Estimated disk space required: 1.8 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/desktop-file-utils
If you are upgrading from a previous version of desktop-file-utils that used the Autotools method of installing and configuring the package, you must remove the desktop-file-edit symlink by using the following commands.
rm -fv /usr/bin/desktop-file-edit
Install Desktop File Utils by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
The XDG Base Directory specification defines the standard locations for applications to place data and configuration files. These files can be used, for instance, to define the menu structure and menu items in a desktop environment.
The default location for configuration files to be
installed is /etc/xdg
, and
the default locations for data files are /usr/local/share
and /usr/share
. These locations can be
extended with the environment variables XDG_CONFIG_DIRS
and XDG_DATA_DIRS
, respectively. The
GNOME, KDE and XFCE environments respect these
settings.
When a package installs a .desktop
file to a location in one of the
base data directories, the database that maps MIME-types to
available applications can be updated. For instance, the
cache file at /usr/share/applications/mimeinfo.cache
can be rebuilt by executing the following command as the
root
user:
install -vdm755 /usr/share/applications && update-desktop-database /usr/share/applications
Last updated on 2021-02-20 11:35:58 -0800
The Graphviz package contains graph visualization software. Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks. Graphviz has several main graph layout programs. It also has web and interactive graphical interfaces, auxiliary tools, libraries, and language bindings.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www2.graphviz.org/Packages/stable/portable_source/graphviz-2.44.1.tar.gz
Download MD5 sum: 96792adafea5cc6879060c400da31ea3
Download size: 33 MB
Estimated disk space required: 284 MB
Estimated build time: 1.0 SBU (using parallelism=4)
Graphviz basic usage does not need any libraries out of what is found in the LFS book. Its “core” rendering engine allows to generate several graphic formats, such as Postscript, SVG, VML, .fig, and Tk. Those formats can be converted to almost any other, using for example tools from ImageMagick-7.0.11-0. The dependencies below add the ability to generate graph images in bitmap format, to display the graph image on screen, to edit a graph by seeing directly the result image, or to view large graphs. Since Graphviz is a dependency of several other packages in this book, it is suggested to first build it without any dependencies, then to rebuild it when you have built enough packages to suit your needs.
Pango-1.48.2, with Cairo-1.17.2+f93fc72c03e, Xorg Libraries, Fontconfig-2.13.1, and libpng-1.6.37, to generate images in bitmap SVG, postscript, PNG, and PDF formats, or displaying the image on screen
Adding GTK+-2.24.33 with libjpeg-turbo-2.0.6 allows to add JPEG, BMP, TIF, and ICO formats, and to display the image in a GTK+ window
GD Library may be used instead of Pango. It adds the ability to generate images in GIF, VRML, and GD formats, but Pango provides better outputs for the other formats, and is needed for displaying images
Other formats may be added with libwebp-1.2.0 (WebP support is considered experimental), DevIL, libLASi, glitz, and libming (Adobe Flash)
libgs.so
from ghostscript-9.53.3,
librsvg-2.50.3, and Poppler-21.02.0
Freeglut-3.2.1 (with libglade-2.6.4, GtkGLExt, and libGTS, for building the smyrna large graph viewer, which is considered experimental), Qt-5.15.2, for building the gvedit graph editor. Another graph editor, dotty needs only Xorg Libraries
SWIG-4.0.2 (SWIG must be installed or no bindings will be built), GCC-10.2.0 (for the go language), Guile-3.0.5, OpenJDK-15.0.2, Lua-5.4.2, PHP-8.0.2, Python-2.7.18, Ruby-3.0.0, Tk-8.6.11.1, Io, Mono, OCaml, and R
Criterion (framework for tests), Electric Fence,
ghostscript-9.53.3 (for the ps2pdf command)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/graphviz
Install Graphviz by running the following commands:
sed -i '/LIBPOSTFIX="64"/s/64//' configure.ac && autoreconf && ./configure --prefix=/usr \ --disable-php \ PS2PDF=true && make
This package does not come with a test suite that provides meaningful results.
Now, as the root
user:
make install
If desired, create a symbolic link in the system documents
directory to the documentation installed in /usr/share/graphviz/doc
using the following
command as the root
user:
ln -v -s /usr/share/graphviz/doc /usr/share/doc/graphviz-2.44.1
sed ... configure.ac: This command is needed to avoid installing files in /usr/lib64.
--disable-php
: This
version of graphviz does not support php version 8.
PS2PDF=true
: This is
needed if ghostscript-9.53.3 is not installed.
Otherwise, the build system tries to run false, which generates an
error.
--with-javaincludedir="$JAVA_HOME/include
-I$JAVA_HOME/include/linux"
: If you have built
OpenJDK-15.0.2 in /opt, and you want to
build the JAVA bindings, it is necessary to specify the
location of the JAVA header files to configure. The configure
switch is designed for only one directory, but two
directories need to be included. This is possible
nevertheless by using the -I switch inside the variable.
--with-webp
: Even if libwebp-1.2.0 is installed, it is not
included in the build without this option.
--with-smyrna
: Even if the needed
dependencies are installed, the interactive graph viewer
smyrna is not
built without this option.
There are no specific configuration requirements for
Graphviz. You may consider
installing the additional plugins and tools available from
the download page at http://www.graphviz.org/Download_source.php
for additional capabilities. If additional plugins are
installed, you can run dot
-c (as the root
user) to update the config
file in /usr/lib/graphviz
.
is a filter that takes a directed graph as input and outputs a copy of the graph with sufficient edges reversed to make the graph acyclic |
|
decomposes graphs into their biconnected components, printing the components to standard output |
|
decomposes graphs into their connected components, printing the components to standard output |
|
draws graphs using a circular layout |
|
takes as input a graph in DOT format, finds node clusters and augments the graph with this information |
|
(needs GD Library) generates an image where each pixel is the difference between the corresponding pixel in each of the two source images |
|
reads a stream of graphs and for each computes the distance of every node from sourcenode |
|
draws directed graphs. It works well on DAGs and other graphs that can be drawn as hierarchies. It reads attributed graph files and writes drawings. By default, the output format dot is the input file with layout coordinates appended |
|
converts between graphs represented in GXL and in
the DOT language. Unless a conversion type is
specified using a flag, gxl2dot will
deduce the type of conversion from the suffix of
the input file, a |
|
is a graph editor for the X Window System. It may be run as a standalone editor, or as a front end for applications that use graphs. It can control multiple windows viewing different graphs |
|
performs edge coloring to disambiguate crossing edges |
|
draws undirected graphs using a “spring” model. It relies on a force-directed approach in the spirit of Fruchterman and Reingold |
|
is a graph analogue to wc in that it prints to standard output the number of nodes, edges, connected components or clusters contained in the input files. It also prints a total count for all graphs if more than one graph is given |
|
converts a graph specified in the GML format to a graph in the GV (formerly DOT) format |
|
converts a graph specified in the GRAPHML format to a graph in the GV (formerly DOT) format |
|
converts a graph specified in the GV format to a graph in the GML format |
|
converts a graph specified in the GV format to a graph in the GXL format |
|
is a filter that sets node colors from initial seed values. Colors flow along edges from tail to head, and are averaged (as HSB vectors) at nodes |
|
provides a simple graph editor and viewer. It allows many graphs to be viewed at the same time. The text of each graph is displayed in its own text window |
|
generates a variety of simple, regularly-structured abstract graphs |
|
takes as input a graph in DOT format, finds node clusters and produces a rendering of the graph as a geographic-style map, with clusters highlighted, in xdot format |
|
is a pipeline for running gvmap |
|
reads in a stream of graphs, combines the graphs into a single layout, and produces a single graph serving as the union of the input graphs |
|
is a graph stream editor inspired by awk. It copies input graphs to its output, possibly transforming their structure and attributes, creating new graphs, or printing arbitrary information |
|
converts between graphs represented in GXL and in
the DOT language. Unless a conversion type is
specified using a flag, gxl2dot will
deduce the type of conversion from the suffix of
the input file, a |
|
converts between graphs represented in GXL and in the GV language |
|
is a two-view graphics editor for technical pictures |
|
is a graph editor for the X Window System. It may be run as a standalone editor, or as a front end for applications that use graphs. It can control multiple windows viewing different graphs |
|
converts a sparse matrix of the Matrix Market format to a graph in the GV (formerly DOT) format |
|
draws undirected graphs using “spring” models. Input files must be formatted in the dot attributed graph language. By default, the output of neato is the input graph with layout coordinates appended |
|
reads a stream of graphs and prints each in pretty-printed (canonical) format on stdout. If no files are given, it reads from stdin |
|
draws clustered graphs. As input, it takes any graph in the DOT format |
|
draws clustered graphs using a squarified treemap layout. As input, it takes any graph in the DOT format |
|
reads directed graphs in the same format used by dot and removes subgraphs rooted at nodes specified on the command line via options |
|
decomposes digraphs into strongly connected components and an auxiliary map of the relationship between components. In this map, each component is collapsed into a node. The resulting graphs are printed to stdout |
|
draws undirected graphs using the “spring” model, but it uses a multi-scale approach to produce layouts of large graphs in a reasonably short time |
|
computes the transitive reduction of directed graphs, and prints the resulting graphs to standard output. This removes edges implied by transitivity. Nodes and subgraphs are not otherwise affected |
|
draws graphs using a radial layout. Basically, one node is chosen as the center and put at the origin. The remaining nodes are placed on a sequence of concentric circles centered about the origin, each a fixed radial distance from the previous circle |
|
is a preprocessor to dot that is used to improve the aspect ratio of graphs having many leaves or disconnected nodes. The usual layout for such a graph is generally very wide or tall |
|
is a simple script which launches the gvim or vim editor along with a GUI window showing the dot output of the edited file |
|
manages run-time dictionaries using standard container data types: unordered set/multiset, ordered set/multiset, list, stack, and queue |
|
supports graph programming by maintaining graphs in memory and reading and writing graph files. Graphs are composed of nodes, edges, and nested subgraphs |
|
provides a context for applications wishing to manipulate and render graphs. It provides a command line parsing, common rendering code, and a plugin mechanism for renderers |
|
contains functions to find the shortest path between two points in a simple polygon |
|
provides support for parsing and deparsing graphical operations specificed by the xdot language |
Last updated on 2021-02-19 22:13:48 -0800
The GTK-Doc package contains a code documenter. This is useful for extracting specially formatted comments from the code to create API documentation. This package is optional; if it is not installed, packages will not build the documentation. This does not mean that you will not have any documentation. If GTK-Doc is not available, the install process will copy any pre-built documentation to your system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/gtk-doc/1.33/gtk-doc-1.33.2.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/gtk-doc/1.33/gtk-doc-1.33.2.tar.xz
Download MD5 sum: ea6563421abe964d02135ca0d5b8dd8e
Download size: 496 KB
Estimated disk space required: 13 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
docbook-xml-4.5, docbook-xsl-1.79.2, itstool-2.0.6, and libxslt-1.1.34
Pygments-2.8.0 at run time
For tests: dblatex or fop-2.6 (XML PDF support), GLib-2.66.7, Which-2.21, and Python modules lxml-4.6.2, parameterized, and yelp-tools
The optional python modules above can be easily installed with the pip3 command.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gtk-doc
Install GTK-Doc by running the following commands:
autoreconf -fiv && ./configure --prefix=/usr && make
The test suite will hang if the package (or a previous version) is not already installed.
Now, as the root
user:
make install
To test the results, issue: make check. Some tests will fail depending on optionally installed packages.
Last updated on 2021-02-19 22:13:48 -0800
The hd2u package contains an any to any text format converter.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://hany.sk/~hany/_data/hd2u/hd2u-1.0.4.tgz
Download MD5 sum: d516d794deb42ee95bd4e96af94088de
Download size: 64 KB
Estimated disk space required: 364 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/hd2u
Install hd2u by running the following commands:
./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-20 11:35:58 -0800
Highlight is an utility that converts source code to formatted text with syntax highlighting.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.andre-simon.de/zip/highlight-3.62.tar.bz2
Download MD5 sum: f155e808ca15d34aa8e1d34e3885e571
Download size: 1.4 MB
Estimated disk space required: 30 MB (with gui)
Estimated build time: 0.2 SBU (Using paralllelism=4; with gui)
Qt-5.15.2 (to build the GUI front-end)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/highlight
For consistency, do not compress man pages.
sed -i '/GZIP/s/^/#/' makefile
To build Highlight run the following command:
make
To build the Qt5 GUI front-end, run the following command:
make doc_dir=/usr/share/doc/highlight-3.62/ gui
This package does not come with a test suite.
To install Highlight, run
the following command as the root
user:
make doc_dir=/usr/share/doc/highlight-3.62/ install
To install the GUI program, run the following command as the
root
user:
make install-gui
doc_dir=/usr/share/doc/highlight-3.62/
:
install highlight documentation into a versioned directory.
This parameter is also needed for make gui, because its value
would be hardcoded into the gui executable. Note that the
trailing “/” is necessary.
Last updated on 2021-02-21 14:50:58 -0800
ibus is an Intelligent Input Bus. It is a new input framework for the Linux OS. It provides a fully featured and user friendly input method user interface.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/ibus/ibus/releases/download/1.5.23/ibus-1.5.23.tar.gz
Download MD5 sum: 2e2cf49d449c532171b9d9698f934a01
Download size: 3.4 MB
Estimated disk space required: 75 MB (with tests)
Estimated build time: 0.9 SBU (Using parallelism=4; with tests)
Download: https://www.unicode.org/Public/zipped/13.0.0/UCD.zip (Unicode Character Database)
DConf-0.38.0, ISO Codes-4.5.0, and Vala-0.50.3
gobject-introspection-1.66.1, GTK+-2.24.33, and libnotify-0.7.9
D-Bus Python-1.2.16 and PyGObject-3.38.0 (both to build the Python support library), GTK-Doc-1.33.2, PyXDG-0.27 (for the ibus-setup), and libxkbcommon-1.0.3, Wayland-1.19.0 (both to build the Wayland support programs), and EmojiOne
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ibus
If the optional Unicode Character Database was downloaded,
install it now as the root
user:
mkdir -p /usr/share/unicode/ucd && unzip -uo ../UCD.zip -d /usr/share/unicode/ucd
Be sure to also remove the --disable-unicode-dict in the configure step below.
Fix an issue with deprecated schema entries:
sed -i 's@/desktop/ibus@/org/freedesktop/ibus@g' \ data/dconf/org.freedesktop.ibus.gschema.xml
Install ibus by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --disable-unicode-dict \ --disable-emoji-dict && rm -f tools/main.c && make
To test the results, issue: make -k check. The test named ibus-compose fails because it uses some locales not installed in LFS. The test named ibus-keypress is known to fail in Wayland based desktop environment.
Now, as the root
user:
make install && gzip -dfv /usr/share/man/man{{1,5}/ibus*.gz,5/00-upstream-settings.5.gz}
--disable-emoji-dict
:
This switch disables the use of emoticon dictionaries. Omit
if you installed the optional package.
--disable-unicode-dict
: This
switch disables the use of unicode dictionaries. Omit if you
installed the optional Unicode Character Database.
rm -f tools/main.c: This command removes a generated file that was not removed when packaging.
--disable-gtk2
: This switch
disables building the GTK+ 2
immodule. Use it if you have not installed GTK+ 2.
--enable-python-library
: This
switch enables building the Python support library. Use it if you
have installed the optional dependencies.
--enable-wayland
: This switch
enables building the Wayland
support programs. Use it if you have installed the optional
dependencies.
--with-python=python3
: This
switch makes the configure script look for
Python 3. Use it if you want
to build the Python 3
support library alongside the Python 2 one.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
gzip -dfv ...: Decompress installed man pages in accordance with other man pages.
Last updated on 2021-02-22 18:07:34 -0800
ImageMagick is a collection of tools and libraries to read, write, and manipulate an image in various image formats. Image processing operations are available from the command line. Bindings for Perl and C++ are also available.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.imagemagick.org/download/releases/ImageMagick-7.0.11-0.tar.xz
Download MD5 sum: 660bf750511926bd9bbb46f3f5f36fab
Download size: 9.7 MB
Estimated disk space required: 203 MB (with typical dependencies; add 19 MB for checks)
Estimated build time: 0.8 SBU (with typical dependencies; add 0.5 SBU for checks, both using parallelism=4)
The ImageMagick source
releases are updated frequently and the version shown above
may no longer be available from the download locations. You
can download a more recent version and use the existing
BLFS instructions to install it. Chances are that it will
work just fine, but this has not been tested by the BLFS
team. If the package version shown above is not available
from the locations shown above, or from the legacy/
directory at ftp.ImageMagick.org/pub/ImageMagick
you
can download it from the BLFS package server at Oregon
State University:
ftp://ftp.osuosl.org/pub/blfs/conglomeration/ImageMagick/.
The optional dependencies listed below should be installed if
you need support for the specific format or the conversion
tool the dependency provides. Many of the dependencies'
capabilities and uses are described in the “MAGICK
DELEGATES” section of the README.txt
file located in the source tree.
Additional information about the dependencies can be found in
the Install-unix.txt
file
located in the source tree as well as issuing the
./configure
--help command. A summary of this
information, as well as some additional notes can be viewed
on-line at https://imagemagick.org/script/install-source.php.
Clang from LLVM-11.1.0, Cups-2.3.3, cURL-7.75.0, FFmpeg-4.3.2, fftw-3.3.9, p7zip-17.03 (LZMA), SANE-1.0.29, Wget-1.21.1, xdg-utils-1.1.3, xterm-366, Dmalloc, Electric Fence, PGP or GnuPG-2.2.27 (you'll have to do some hacking to use GnuPG), Profiles, and ufraw (for raw formats listed in https://imagemagick.org/script/formats.php)
JasPer-2.0.25, Little CMS-1.19 or Little CMS-2.12, libgxps-0.3.1, libjpeg-turbo-2.0.6, libpng-1.6.37, libraw-0.20.2 (RAW_R), librsvg-2.50.3, LibTIFF-4.2.0, libwebp-1.2.0, OpenJPEG-2.4.0, Pango-1.48.2, DjVuLibre, FlashPIX (libfpx), FLIF, JBIG-KIT, libheif with libde265 (both needed if converting macOS heic images), libraqm, Liquid Rescale, OpenEXR, and RALCGM (or ralcgm)
Dejavu fonts, ghostscript-9.53.3, Gimp-2.10.22, Graphviz-2.44.1, Inkscape-1.0.2, Blender, corefonts, GhostPCL, Gnuplot, POV-Ray, and Radiance
Enscript-1.6.6, texlive-20200406 (or install-tl-unx) AutoTrace, GeoExpress Command Line Utilities, AKA MrSID Utilities (binary package), hp2xx, html2ps, libwmf, UniConvertor, and Utah Raster Toolkit (or URT-3.1b)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/imagemagick
Install ImageMagick by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --enable-hdri \ --with-modules \ --with-perl \ --disable-static && make
Now, as the root
user:
make DOCUMENTATION_PATH=/usr/share/doc/imagemagick-7.0.11 install
To test the installation, issue: make check. A more comprehensive test is the ImageMagick validation suite. If make check has not been executed, run make tests/validate to compile it. Issue tests/validate 2>&1 | tee validate.log to run the validation suite. Note that the EPS, PS, and PDF tests require a working Ghostscript. One test in 'make check' needs “Helvetica” from “Ghostscript Standard Fonts”, which are optionally installed in ghostscript-9.53.3 - that test, and one other, might fail, but all the validation can still pass.
--enable-hdri
:
Enables building of a high dynamic range version of
ImageMagick.
--with-modules
:
Enables support for dynamically loadable modules.
--with-perl
: Enables
building and installing of PerlMagick.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-gslib
: Enables support to
use the Ghostscript shared
library.
--with-rsvg
: Enables support to
use the librsvg library.
--with-autotrace
: Enables support
to use the Autotrace
library.
--with-wmf
: Enables support to
use the libwmf library.
--with-gvc
: Enables support to
use GraphViz.
--with-windows-font-dir=
:
This option specifies the directory where the Windows
CoreFonts are installed.
<Some/Directory>
--with-dejavu-font-dir=
:
This option specifies the directory where the DejaVu fonts
are installed.
<Some/Directory>
The options and parameters listed above are the only ones you should have to pass to the configure script to activate all the delegate dependencies. All other dependencies will be automatically detected and utilized in the build if they are installed.
animates a sequence of images |
|
compares an image to a reconstructed image |
|
composites various images into the given base image |
|
processes a MSL script to create an image |
|
converts image(s) from one format to another |
|
displays an image |
|
describes the format and characteristics of an image file |
|
captures an X window |
|
convert between image formats as well as resize an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample and much more |
|
show information about the installed versions of the ImageMagick libraries |
|
transforms an image |
|
composites various images into a new image |
|
streams one or more pixel components of an image or portion of the image to your choice of storage formats |
|
allows the reading, manipulation and writing of a
large number of image file formats using the
ImageMagick
library. Run make in the
|
|
provides the C API for ImageMagick |
|
is the recommended C API for ImageMagick. Unlike the MagickCore API it uses only a few opaque types |
|
provides the C++ API for ImageMagick |
Last updated on 2021-02-23 20:33:00 -0800
The ISO Codes package contains a list of country, language and currency names and it is used as a central database for accessing this data.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://anduin.linuxfromscratch.org/BLFS/iso-codes/iso-codes-4.5.0.tar.xz
Download MD5 sum: 716ecc291f46e1431a7cb6de340b79a8
Download size: 3.8 MB
Estimated disk space required: 87 MB
Estimated build time: 0.2 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/iso-codes
Install ISO Codes by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
If you install ISO codes over a previous installed version, the install step will fail when creating some symlinks. In order to properly update them, run:
sed -i '/^LN_S/s/s/sfvn/' */Makefile
Now, as the root
user:
make install
Last updated on 2021-02-20 11:35:58 -0800
The lsof package is useful to LiSt Open Files for a given running application or process.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): https://www.mirrorservice.org/sites/lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_4.91.tar.gz
Download MD5 sum: 10e1353aa4bf2fd5bbed65db9ef6fd47
Download size: 1.1 MB
Estimated disk space required: 9.6 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lsof
The contents of the lsof tarball include another tarball with the source code, which needs, in turn, to be unpacked. Install lsof by running the following commands:
tar -xf lsof_4.91_src.tar && cd lsof_4.91_src && ./Configure -n linux && make CFGL="-L./lib -ltirpc"
This package does not come with a working test suite.
Now, as the root
user:
install -v -m0755 -o root -g root lsof /usr/bin && install -v lsof.8 /usr/share/man/man8
./Configure -n linux: Avoid AFS, customization, and inventory checks, and use the linux dialect.
make CFGL="-L./lib -ltirpc": Add the libtirpc libraries location to the make command.
Last updated on 2021-02-20 11:35:58 -0800
The PIN-Entry package contains a collection of simple PIN or pass-phrase entry dialogs which utilize the Assuan protocol as described by the Ägypten project. PIN-Entry programs are usually invoked by the gpg-agent daemon, but can be run from the command line as well. There are programs for various text-based and GUI environments, including interfaces designed for Ncurses (text-based), and for the common GTK and Qt toolkits.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.1.tar.bz2
Download (FTP): ftp://ftp.gnupg.org/gcrypt/pinentry/pinentry-1.1.1.tar.bz2
Download MD5 sum: d7f646d373b722317d985cddc1d107c1
Download size: 504 KB
Estimated disk space required: 15 MB
Estimated build time: less than 0.1 SBU
Libassuan-2.5.4 and libgpg-error-1.41
Emacs-27.1, FLTK-1.3.5, Gcr-3.38.1, GTK+-2.24.33, GTK+-3.24.25, libsecret-0.20.4, Qt-5.15.2, and efl
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pinentry
Install PIN-Entry by running the following commands:
./configure --prefix=/usr --enable-pinentry-tty && make
This package does not come with a test suite.
Now, as the root
user:
make install
--enable-inside-emacs=yes/no
:
Default is no.
--enable-pinentry-qt=yes/no
:
Default is yes.
--enable-pinentry-gtk2=yes/no
:
Default is yes. Even if other pinentry-* is installed,
pinentry will
be a symlink to pinentry-gtk-2.
--enable-pinentry-gnome3=yes/no
:
Default is yes. Actually, it is the gtk3 pinentry.
--enable-pinentry-tty
: Default
is 'maybe'.
is a symbolic link to the default PIN-Entry program |
|
is an Ncurses text-based PIN-Entry helper program |
|
is an Emacs version of the PIN-Entry helper program |
|
is a FLTK PIN-Entry helper program |
|
is a GNOME-3 PIN-Entry helper program |
|
is a GTK+2 PIN-Entry program program |
|
is a Qt4 or 5 PIN-Entry helper program |
|
is a tty PIN-Entry helper program |
Last updated on 2021-02-23 18:13:38 -0800
The Rarian package is a documentation metadata library based on the proposed Freedesktop.org spec. Rarian is designed to be a replacement for ScrollKeeper.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/rarian/0.8/rarian-0.8.1.tar.bz2
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/rarian/0.8/rarian-0.8.1.tar.bz2
Download MD5 sum: 75091185e13da67a0ff4279de1757b94
Download size: 317 KB
Estimated disk space required: 6 MB
Estimated build time: 0.2 SBU
libxslt-1.1.34 (rarian-sk-extract will not be built without this) and docbook-xml-4.5 (without this, Rarian scripts source DTDs from the net)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/rarian
Install Rarian by running the following commands:
./configure --prefix=/usr \ --disable-static \ --localstatedir=/var && make
This package does not come with a test suite.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
prints a nice list of all available documents found by the library |
|
emulates scrollkeeper-config |
|
is a wrapper around xsltproc to mimic scrollkeeper-extract |
|
generates a unique (random) uuid |
|
gets a content list (category tree) |
|
is a simple wrapper to make calling scrollkeeper-get-cl easier |
|
is a simple wrapper to make calling scrollkeeper-get-cl (extended) easier |
|
emulates scrollkeeper-get-index-from-index-from-docpath, scrollkeeper-get-toc-from-docpath, and scrollkeeper-get-toc-from-id |
|
emulates scrollkeeper-install and scrollkeeper-uninstall |
|
takes in a directory full of omf's, reads and parses them and spews out an equivalent scroll file |
|
creates the omf file by reading an existing omf file and replacing the url for a resource with the url |
|
is a simple wrapper script to emulate scrollkeeper-rebuilddb |
|
is compatible with the scrollkeeper-update script that's required to be run when installing new omf files. It converts the omf files into new-style scrolls |
|
is the API to build a list of available meta data files and allows access to these |
Last updated on 2021-02-20 11:35:58 -0800
The rep-gtk package contains a Lisp and GTK binding. This is useful for extending GTK-2 and GDK libraries with Lisp. Starting at rep-gtk-0.15, the package contains the bindings to GTK and uses the same instructions. Both can be installed, if needed.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.tuxfamily.org/librep/rep-gtk/rep-gtk_0.90.8.3.tar.xz
Download MD5 sum: b20f72cf00d316d35fa7f84a6e7532af
Download size: 120 KB
Estimated disk space required: 13 MB
Estimated build time: 0.1 SBU
GTK+-2.24.33 and librep-0.92.7
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/rep-gtk
Install rep-gtk by running the following commands:
./autogen.sh --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-21 15:09:04 -0800
Screen is a terminal multiplexor that runs several separate processes, typically interactive shells, on a single physical character-based terminal. Each virtual terminal emulates a DEC VT100 plus several ANSI X3.64 and ISO 2022 functions and also provides configurable input and output translation, serial port support, configurable logging, multi-user support, and many character encodings, including UTF-8. Screen sessions can be detached and resumed later on a different terminal.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/screen/screen-4.8.0.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/screen/screen-4.8.0.tar.gz
Download MD5 sum: d276213d3acd10339cd37848b8c4ab1e
Download size: 836 KB
Estimated disk space required: 7.4 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/screen
First, apply a patch from upstream that fixes a security vulnerability:
patch -Np1 -i ../screen-4.8.0-upstream_fixes-1.patch
Install Screen by running the following commands:
./configure --prefix=/usr \ --infodir=/usr/share/info \ --mandir=/usr/share/man \ --with-socket-dir=/run/screen \ --with-pty-group=5 \ --with-sys-screenrc=/etc/screenrc && sed -i -e "s%/usr/local/etc/screenrc%/etc/screenrc%" {etc,doc}/* && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -m 644 etc/etcscreenrc /etc/screenrc
--with-socket-dir=/run/screen
:
This option places the per-user sockets in a standard
location.
--with-sys-screenrc=/etc/screenrc
:
This option places the global screenrc file in /etc
.
--with-pty-group=5
:
This option sets the gid to the value used by LFS.
sed -i -e "s%/usr/local/etc/screenrc%/etc/screenrc%" {etc,doc}/*: This command corrects the configuration and documentation files to the location that is used here for the global screenrc file.
Last updated on 2021-02-19 11:42:41 -0800
The Shared Mime Info package contains a MIME database. This allows central updates of MIME information for all supporting applications.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://gitlab.freedesktop.org/xdg/shared-mime-info/uploads/0ee50652091363ab0d17e335e5e74fbe/shared-mime-info-2.1.tar.xz
Download MD5 sum: 410725367f52ddbc06ef9eda883b8f73
Download size: 5.0 MB
Estimated disk space required: 26 MB
Estimated build time: less than 0.1 SBU
GLib-2.66.7, itstool-2.0.6, libxml2-2.9.10, and xmlto-0.0.28
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/shared-mime-info
Install Shared Mime Info by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Dupdate-mimedb=true .. && ninja
This package does not come with a working test suite.
Now, as the root
user:
ninja install
-Dupdate-mimedb=true
:
This parameter tells the build system to run update-mime-database during
installation. Otherwise, this must be done manually in order
to be able to use the MIME database.
Last updated on 2021-02-20 11:35:58 -0800
The Sharutils package contains utilities that can create 'shell' archives.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/sharutils/sharutils-4.15.2.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/sharutils/sharutils-4.15.2.tar.xz
Download MD5 sum: 5975ce21da36491d7aa6dc2b0d9788e0
Download size: 1.1 MB
Estimated disk space required: 22 MB (with the test suite)
Estimated build time: 0.4 SBU (with the test suite)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sharutils
Fix a heap buffer overflow, and an issue exposed by GCC-10:
sed -i 's/BUFSIZ/rw_base_size/' src/unshar.c && sed -i '/program_name/s/^/extern /' src/*opts.h
Install Sharutils by running the following commands:
sed -i 's/IO_ftrylockfile/IO_EOF_SEEN/' lib/*.c && echo "#define _IO_IN_BACKUP 0x100" >> lib/stdio-impl.h && ./configure --prefix=/usr && make
To test the results, issue make check.
Now, as the root
user:
make install
creates "shell archives" (or shar files) which are in text format and can be mailed |
|
unpacks a shar file |
|
reads a file (or by default the standard input) and writes an encoded version to the standard output. The encoding uses only printing ASCII characters |
|
reads a file (or by default the standard input) and decodes the uuencoded version to the standard output |
Last updated on 2021-02-20 11:35:58 -0800
The Telepathy Logger package is a headless observer client that logs information received by the Telepathy framework. It features pluggable backends to log different sorts of messages in different formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://telepathy.freedesktop.org/releases/telepathy-logger/telepathy-logger-0.8.2.tar.bz2
Download MD5 sum: c2f6a31c76cbdf8790500cf4f872ba71
Download size: 552 KB
Estimated disk space required: 17 MB
Estimated build time: 0.2 SBU
Python-2.7.18 (only during build), SQLite-3.34.1, and telepathy-glib-0.24.2
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/telepathy-logger
Fix a deprecated schema entry:
sed 's@/apps/@/org/freedesktop/@' \ -i data/org.freedesktop.Telepathy.Logger.gschema.xml.in
Install Telepathy Logger by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: This parameter
is normally used if GTK-Doc
is installed and you wish to rebuild and install the API
documentation. It is broken for this package due to the use
of a long deprecated gtk-doc program that is no longer
available.
Last updated on 2021-02-21 15:09:04 -0800
Telepathy Mission Control is an account manager and channel dispatcher for the Telepathy framework, allowing user interfaces and other clients to share connections to real-time communication services without conflicting.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://telepathy.freedesktop.org/releases/telepathy-mission-control/telepathy-mission-control-5.16.6.tar.gz
Download MD5 sum: 911e990c7755eb98a8022223f649405d
Download size: 1.1 MB
Estimated disk space required: 28 MB
Estimated build time: 0.2 SBU
D-Bus Python-1.2.16 (for the “twisted” tests), GTK-Doc-1.33.2, UPower-0.99.11, and Twisted (for the “twisted” tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/telepathy-mission-control
Install Telepathy Mission Control by running the following commands:
PYTHON=python3 \ ./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
PYTHON=python3: prevents using Python2 if it is installed.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
is a command line tool used to manipulate Mission Control accounts |
|
waits for a D-Bus bus name that will be provided automatically by the desktop session |
|
is a D-Bus service which runs on the session bus to implement AccountManager and ChannelDispatcher services described in the Telepathy D-Bus specification |
|
contains Telepathy Mission Control plugin API functions |
Last updated on 2021-02-24 11:35:31 -0800
The Tidy HTML5 package contains a command line tool and libraries used to read HTML, XHTML and XML files and write cleaned up markup. It detects and corrects many common coding errors and strives to produce visually equivalent markup that is both W3C compliant and compatible with most browsers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/htacg/tidy-html5/archive/5.6.0/tidy-html5-5.6.0.tar.gz
Download MD5 sum: 85c8a163d9ece6a02fe12bc9bddbc455
Download size: 649 KB
Estimated disk space required: 11 MB
Estimated build time: 0.2 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/tidy
Install Tidy HTML5 by running the following commands:
cd build/cmake && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DBUILD_TAB2SPACE=ON \ ../.. && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -v -m755 tab2space /usr/bin
-DCMAKE_BUILD_TYPE=Release
:
This switch is used to build the release library without any
debug `assert` in the code.
-DBUILD_TAB2SPACE=ON
:
This switch is used to enable building the tab2space utility.
Last updated on 2021-02-19 22:13:48 -0800
The time utility is a program that measures many of the CPU resources, such as time and memory, that other programs use. The GNU version can format the output in arbitrary ways by using a printf-style format string to include various resource measurements.
Although the shell has a builtin command providing similar functionalities, this utility is required by the LSB.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/time/time-1.9.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/time/time-1.9.tar.gz
Download MD5 sum: d2356e0fe1c0b85285d83c6b2ad51b5f
Download size: 584 KB
Estimated disk space required: 4.0 MB (with tests)
Estimated build time: 0.1 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/time
Install Time by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
Last updated on 2021-02-20 11:35:58 -0800
The tree application, as the name suggests, is useful to display, in a terminal, directory contents, including directories, files, links.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://mama.indstate.edu/users/ice/tree/src/tree-1.8.0.tgz
Download (FTP): ftp://mama.indstate.edu/linux/tree/tree-1.8.0.tgz
Download MD5 sum: 715191c7f369be377fc7cc8ce0ccd835
Download size: 52 KB
Estimated disk space required: 656 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/tree
Install tree by running the following commands:
make
This package does not come with a test suite.
Now, as the root
user:
make MANDIR=/usr/share/man/man1 install && chmod -v 644 /usr/share/man/man1/tree.1
Last updated on 2021-02-20 11:35:58 -0800
The unixODBC package is an Open Source ODBC (Open DataBase Connectivity) sub-system and an ODBC SDK for Linux, Mac OSX, and UNIX. ODBC is an open specification for providing application developers with a predictable API with which to access data sources. Data sources include optional SQL Servers and any data source with an ODBC Driver. unixODBC contains the following components used to assist with the manipulation of ODBC data sources: a driver manager, an installer library and command line tool, command line tools to help install a driver and work with SQL, drivers and driver setup libraries.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): ftp://ftp.unixodbc.org/pub/unixODBC/unixODBC-2.3.9.tar.gz
Download MD5 sum: 06f76e034bb41df5233554abe961a16f
Download size: 1.6 MB
Estimated disk space required: 28 MB
Estimated build time: 0.2 SBU (using parallelism=4)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/unixodbc
Install unixODBC by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc/unixODBC && make
This package does not come with a test suite.
Now, as the root
user:
make install && find doc -name "Makefile*" -delete && chmod 644 doc/{lst,ProgrammerManual/Tutorial}/* && install -v -m755 -d /usr/share/doc/unixODBC-2.3.9 && cp -v -R doc/* /usr/share/doc/unixODBC-2.3.9
--enable-drivers
: This parameter
enables building the drivers that were installed by default
in previous versions.
--enable-drivers-conf
: This
parameter enables building the driver configuration libraries
that were installed by default in previous versions.
The files in /etc/unixODBC
are meant to be configured by the system administrator (or
the ODBC site administrator if appropriate privileges are
granted to /etc/unixODBC
).
These files are not meant to be directly edited. The ODBC
installer library is responsible for reading and writing
the unixODBC config files.
Unfortunately, there are not many man, or any info pages for the
various programs available in the unixODBC package. Along with the
information in the “Short Descriptions” below and
the documentation installed in /usr/share/doc/unixODBC-2.3.9
, there are
many README
files throughout
the source tree where the use and functionality of the
programs can be found. Additionally, you can use the
parameter -?
for syntax and
usage information. Lastly, the unixODBC web site at http://www.unixodbc.org/ has
very good information.
is a utility used to check a shared library to see if it can be loaded and if a given symbol exists in it |
|
is a utility which can be used to submit SQL to a data source and to format/output results. It can be used in batch or interactive mode |
|
provides the same functionality as the isql program |
|
is used to find out details about the installation of the unixODBC package |
|
is a utility created for install script/RPM
writers. It is a command line interface to key
functionality in the |
|
is a utility which attempts to check whether an ODBC driver was built with 32-bit or 64-bit SQLLEN types |
Last updated on 2021-02-20 11:35:58 -0800
Xdg-user-dirs is a tool to help manage “well known” user directories like the desktop folder and the music folder. It also handles localization (i.e. translation) of the filenames.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://user-dirs.freedesktop.org/releases/xdg-user-dirs-0.17.tar.gz
Download MD5 sum: e0564ec6d838e6e41864d872a29b3575
Download size: 251 KB
Estimated disk space required: 3.0 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/xdg-user-dirs
Install xdg-user-dirs by running the following commands:
./configure --prefix=/usr --sysconfdir=/etc && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-20 11:35:58 -0800
This chapter contains mainly hardware utilities. It also contains some applications used by other applications in the book for installation or configuration purposes.
The AccountsService package provides a set of D-Bus interfaces for querying and manipulating user account information and an implementation of those interfaces based on the usermod(8), useradd(8) and userdel(8) commands.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/accountsservice/accountsservice-0.6.55.tar.xz
Download MD5 sum: 6e4c6fbd490260cfe17de2e76f5d803a
Download size: 96 KB
Estimated disk space required: 10 MB
Estimated build time: 0.1 SBU
libgcrypt-1.9.2 and Polkit-0.118
gobject-introspection-1.66.1 and Systemd-247
GTK-Doc-1.33.2 and xmlto-0.0.28
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/accountsservice
Install AccountsService by running the following commands:
mkdir build && cd build && meson --prefix=/usr \ -Dadmin_group=adm \ -Dsystemd=true \ .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
-Dadmin_group=adm
:
This switch sets the group for administrator accounts.
-Ddocbook=true
: This switch
enables building the D-Bus interface API documentation.
To allow users in the adm group to be listed as
Administrators, execute the following commands as the
root
user:
cat > /etc/polkit-1/rules.d/40-adm.rules << "EOF"
polkit.addAdminRule(function(action, subject) {
return ["unix-group:adm"];
});
EOF
Last updated on 2021-02-21 17:43:43 -0800
The acpid (Advanced Configuration and Power Interface event daemon) is a completely flexible, totally extensible daemon for delivering ACPI events. It listens on netlink interface and when an event occurs, executes programs to handle the event. The programs it executes are configured through a set of configuration files, which can be dropped into place by packages or by the user.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/acpid2/acpid-2.0.32.tar.xz
Download MD5 sum: 248995264b9d1cd8bdb923d5b190fd44
Download size: 156 KB
Estimated disk space required: 2.5 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/acpid
Install acpid by running the following commands:
./configure --prefix=/usr \ --docdir=/usr/share/doc/acpid-2.0.32 && make
This package does not come with a test suite.
Now, as the root
user:
make install && install -v -m755 -d /etc/acpi/events && cp -r samples /usr/share/doc/acpid-2.0.32
acpid is configured by user
defined events. Place event files under /etc/acpi/events
directory. If an event
occurs, acpid
recurses through the event files in order to see if the regex
defined after "event" matches. If they do, action is
executed.
The following brief example will suspend the system when the laptop lid is closed (it requires pm-utils-1.4.1):
cat > /etc/acpi/events/lid << "EOF"event=button/lid action=/etc/acpi/lid.sh
EOF cat > /etc/acpi/lid.sh << "EOF"#!/bin/sh /bin/grep -q open /proc/acpi/button/lid/LID/state && exit 0 /usr/sbin/pm-suspend
EOF chmod +x /etc/acpi/lid.sh
Unfortunately, not every computer labels ACPI events in the
same way. To determine how your buttons are recognized, use
the acpi_listen
tool. Also, look in the samples
directory under /usr/share/doc/acpid-2.0.32
for more
examples.
To start the acpid daemon at boot,
install the systemd unit from the blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-acpid
This package uses socket based activation and will be started when something needs it. No standalone unit file is provided for this package.
is a program that listens for ACPI events and executes the rules that match the received event |
|
is a simple tool which connects to acpid and listens for events |
|
is a monitor program that connects to three sources of ACPI events (events file, netlink and input layer) and then reports on what it sees while it is connected |
Last updated on 2021-02-20 11:35:58 -0800
The at package provide delayed job execution and batch processing. It is required for Linux Standards Base (LSB) conformance.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://software.calhariz.com/at/at_3.2.1.orig.tar.gz
Download MD5 sum: 518a1c1782c8434869bb0824f1d84520
Download size: 125 KB
Estimated disk space required: 1.8 MB including tests
Estimated build time: less than 0.1 SBU
An MTA
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/at
Before building at, as the
root
user you should create
the group and user atd
which
will run the atd daemon:
groupadd -g 17 atd && useradd -d /dev/null -c "atd daemon" -g atd -s /bin/false -u 17 atd
Install at with the following commands:
./configure --with-daemon_username=atd \ --with-daemon_groupname=atd \ SENDMAIL=/usr/sbin/sendmail \ --with-jobdir=/var/spool/atjobs \ --with-atspool=/var/spool/atspool \ --with-systemdsystemunitdir=/lib/systemd/system && make -j1
To test the results, issue: make test.
Now, as the root
user:
make install docdir=/usr/share/doc/at-3.2.1 \ atdocdir=/usr/share/doc/at-3.2.1
If At has been built with Linux PAM support, you need to create a PAM configuration file, to get it working correctly with BLFS.
Issue the following commands as the root
user to create the configuration
file for Linux PAM:
cat > /etc/pam.d/atd << "EOF"
# Begin /etc/pam.d/atd
auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
# End /etc/pam.d/atd
EOF
queues, examines or deletes jobs for later execution |
|
is the daemon that runs jobs queued for later execution |
|
lists the user's pending jobs, or all jobs, if superuser |
|
deletes jobs, identified by their job number |
|
runs jobs queued for later execution |
|
is a script that executes commands when system load levels permit |
Last updated on 2021-02-20 11:35:58 -0800
Autofs controls the operation of the automount daemons. The automount daemons automatically mount filesystems when they are accessed and unmount them after a period of inactivity. This is done based on a set of pre-configured maps.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-5.1.7.tar.xz
Download MD5 sum: 6bd1ea8a9e5dc3a7dc95119e3bbaf52c
Download size: 324 KB
Estimated disk space required: 6.7 MB
Estimated build time: 0.1 SBU
libtirpc-1.3.1 and rpcsvc-proto-1.4.2
nfs-utils-2.5.2, libnsl-1.3.0, libxml2-2.9.10, MIT Kerberos V5-1.19.1, OpenLDAP-2.4.57 (client only), and Cyrus SASL-2.1.27
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/autofs
Verify that automounter kernel support has been enabled:
File systems --->
<*/M> Kernel automounter support (supports v3, v4, and v5) [CONFIG_AUTOFS_FS]
Optionally, enable the following options in the kernel configuration:
File systems --->
[*] Network File Systems ---> [CONFIG_NETWORK_FILESYSTEMS]
<*/M> NFS client support [CONFIG_NFS_FS]
<*/M> SMB3 and CIFS support (advanced network filesystem) [CONFIG_CIFS]
Recompile and install the new kernel, if necessary.
Install Autofs by running the following commands:
./configure --prefix=/ \ --with-libtirpc \ --with-systemd \ --without-openldap \ --mandir=/usr/share/man && make
This package does not come with a test suite.
Now, as the root
user:
make install
If autofs is already installed on your system, be sure to backup your configuration files. They'll be overwritten by the following command.
Install the default configuration files, still as the
root
user:
make install_samples
--with-libtirpc
: This
switch forces the package to use libtirpc for RPC
functionality instead of relying on implementation from
Glibc, which was removed in LFS 8.1.
--with-systemd
: This
switch enables installation of the bundled systemd units.
--without-openldap
:
This switch disables openldap if found. If openldap is
desired, omit this switch. Note that openldap support in
autofs requires MIT Kerberos V5-1.19.1.
The installation process creates auto.master
, auto.misc
, auto.smb
, and auto.net
. Replace the auto.master
file with the following
commands as the root
user:
mv /etc/auto.master /etc/auto.master.bak &&
cat > /etc/auto.master << "EOF"
# Begin /etc/auto.master
/media/auto /etc/auto.misc --ghost
#/home /etc/auto.home
# End /etc/auto.master
EOF
This file creates a new media directory, /media/auto
that will overlay any
existing directory of the same name. In this example, the
file, /etc/auto.misc
, has a
line:
cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
that will mount a cdrom as /media/auto/cd
if that directory is
accessed. The --ghost
option
tells the automounter to create “ghost” versions (i.e. empty
directories) of all the mount points listed in the
configuration file regardless whether any of the file
systems are actually mounted or not. This is very
convenient and highly recommended, because it will show you
the available auto-mountable file systems as existing
directories, even when their file systems aren't currently
mounted. Without the --ghost
option, you'll have to remember the names of the
directories. As soon as you try to access one of them, the
directory will be created and the file system will be
mounted. When the file system gets unmounted again, the
directory is destroyed too, unless the --ghost
option was given.
An alternative method would be to specify another
automount location such as /var/lib/auto/cdrom
and create a
symbolic link from /media/cdrom
to the automount location.
The auto.misc
file must be
configured to your working hardware. The loaded
configuration file should load your cdrom if /dev/cdrom
is active or it can be edited
to match your device setup. Examples for floppies are
available in the file and easily activated. Documentation
for this file is available using the man 5 autofs command.
In the second line, if enabled, a user's home directory
would be mounted via NFS upon login. The /etc/home.auto
would need to exist and
have an entry similar to:
joe example.org:/export/home/joe
where the directory /export/home/joe
is exported via NFS from
the system example.org. NFS shares are covered on the next
page.
This package could also be used to mount SMB shares, however that feature is not configured in these instructions. For additional configuration information, see the man pages for auto.master(5). There are also web resources such as this AUTOFS HOWTO available.
To start Autofs at boot,
enable the previously installed systemd unit by running the
following command as the root
user:
systemctl enable autofs
You can also specify OPTIONS
variable in the /etc/sysconfig/autofs
file with any
additional parameters that you might want to pass to the
automount daemon.
Last updated on 2021-02-20 11:35:58 -0800
The BlueZ package contains the Bluetooth protocol stack for Linux.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/bluetooth/bluez-5.55.tar.xz
Download MD5 sum: 94972b8bc7ade60c72b0ffa6ccff2c0a
Download size: 1.9 MB
Estimated disk space required: 68 MB (add 78 MB for tests)
Estimated build time: 0.2 SBU (using parallelism=4; add 0.2 SBU for tests)
dbus-1.12.20, GLib-2.66.7, and libical-3.0.9
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bluez
If you are building this package to use bluetooth devices (rather than as a build dependency), enable the following options in the kernel configuration, also the options below the next paragraph if you intend to run the tests, and recompile the kernel if necessary:
[*] Networking support ---> [CONFIG_NET]
<*/M> Bluetooth subsystem support ---> [CONFIG_BT]
<*/M> RFCOMM protocol support [CONFIG_BT_RFCOMM]
[*] RFCOMM TTY support [CONFIG_BT_RFCOMM_TTY]
<*/M> BNEP protocol support [CONFIG_BT_BNEP]
[*] Multicast filter support [CONFIG_BT_BNEP_MC_FILTER]
[*] Protocol filter support [CONFIG_BT_BNEP_PROTO_FILTER]
<*/M> HIDP protocol support [CONFIG_BT_HIDP]
Bluetooth device drivers --->
(Select the appropriate drivers for your Bluetooth hardware)
<*/M> RF switch subsystem support ---- [CONFIG_RFKILL]
If you wish to run the testsuite (even if treating this package as a build dependency), you will need to enable the following options in the kernel configuration and recompile the kernel if necessary:
-*- Cryptographic API ---> [CONFIG_CRYPTO]
<*/M> User-space interface for hash algorithms [CONFIG_CRYPTO_USER_API_HASH]
<*/M> User-space interface for symmetric key cipher algorithms [CONFIG_CRYPTO_USER_API_SKCIPHER]
First, fix a segmentation fault that occurs when connecting to AD2P-based bluetooth devices:
patch -Np1 -i ../bluez-5.55-upstream_fixes-1.patch
Install BlueZ by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --enable-library && make
To test the results, issue: make check
.
Now, as the root
user:
make install && ln -svf ../libexec/bluetooth/bluetoothd /usr/sbin
Install the main configuration file as the root
user:
install -v -dm755 /etc/bluetooth && install -v -m644 src/main.conf /etc/bluetooth/main.conf
If desired, install the API documentation as the root
user:
install -v -dm755 /usr/share/doc/bluez-5.55 && install -v -m644 doc/*.txt /usr/share/doc/bluez-5.55
--enable-library
:
This switch enables building the BlueZ 4 compatibility library which is
required by some applications.
ln -svf ../libexec/bluetooth/bluetoothd /usr/sbin: This command makes access to the bluetooth daemon more convenient.
/etc/bluetooth/main.conf
is
installed automatically during the install. Additionally,
there are three supplementary configuration files.
/etc/sysconfig/bluetooth is installed as a part of the boot
script below. In addition, you optionally can install the
following, as the root
user:
cat > /etc/bluetooth/rfcomm.conf << "EOF"
# Start rfcomm.conf
# Set up the RFCOMM configuration of the Bluetooth subsystem in the Linux kernel.
# Use one line per command
# See the rfcomm man page for options
# End of rfcomm.conf
EOF
cat > /etc/bluetooth/uart.conf << "EOF"
# Start uart.conf
# Attach serial devices via UART HCI to BlueZ stack
# Use one line per device
# See the hciattach man page for options
# End of uart.conf
EOF
To start the bluetoothd daemon at
boot, enable the previously installed systemd unit by
running the following command as the root
user:
systemctl enable bluetooth
To start the obexd daemon for a user
session (to support some Bluetooth programs using it),
enable the previously installed systemd unit for all users
by running the following command as the root
user:
systemctl enable --global obex
Systemd will start the Bluetooth daemon only when a bluetooth device is detected on the system.
is used to issue BlueCore commands to Cambridge Silicon Radio devices |
|
is a Bluemoon configuration utility |
|
is the interactive Bluetooth control program |
|
is the Bluetooth daemon |
|
provides access to the Bluetooth subsystem monitor infrastructure for reading HCI traces |
|
is used to convert a file needed by Broadcom devices to hcd (Broadcom bluetooth firmware) format |
|
is used to send a L2CAP echo request to the Bluetooth MAC address given in dotted hex notation |
|
is a L2CAP testing program |
|
is used to test RFCOMM communications on the Bluetooth stack |
|
contains the BlueZ 4 API functions |
Last updated on 2021-02-21 15:09:04 -0800
Bubblewrap is a setuid implementation of user namespaces, or sandboxing, that provides access to a subset of kernel user namespace features. Bubblewrap allows user owned processes to run in an isolated environment with limited access to the underlying filesystem.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/projectatomic/bubblewrap/releases/download/v0.4.1/bubblewrap-0.4.1.tar.xz
Download MD5 sum: 1104b0e43006f22076b5057c129939c8
Download size: 212 KB
Estimated disk space required: 2.1 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bubblewrap
Install Bubblewrap by running the following commands:
./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-20 11:35:58 -0800
Colord is a system service that makes it easy to manage, install, and generate color profiles. It is used mainly by GNOME Color Manager for system integration and use when no users are logged in.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/colord/releases/colord-1.4.5.tar.xz
Download MD5 sum: adc4501b54fb8667ee99f64cff87e12d
Download size: 1.8 MB
Estimated disk space required: 31 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
dbus-1.12.20, GLib-2.66.7, Little CMS-2.12, Polkit-0.118, and SQLite-3.34.1
gobject-introspection-1.66.1, libgudev-234, libgusb-0.3.5, Systemd-247, and Vala-0.50.3
gnome-desktop-3.38.4 and colord-gtk-0.2.0 (to build the example tools), libxslt-1.1.34, SANE-1.0.29, ArgyllCMS, and Bash Completion
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/colord
There should be a dedicated user and group to take control of
the colord daemon after it has started. Issue the following
commands as the root
user:
groupadd -g 71 colord && useradd -c "Color Daemon Owner" -d /var/lib/colord -u 71 \ -g colord -s /bin/false colord
First, clean up about 100 warnings:
mv po/fur.po po/ur.po && sed -i 's/fur/ur/' po/LINGUAS
Install Colord by running the following commands:
mkdir build && cd build && meson --prefix=/usr \ -Ddaemon_user=colord \ -Dvapi=true \ -Dsystemd=true \ -Dlibcolordcompat=true \ -Dargyllcms_sensor=false \ -Dbash_completion=false \ -Ddocs=false \ -Dman=false .. && ninja
Now, as the root
user:
ninja install
To test the results, issue: ninja -k 2 test. One test,
colord-self-test-daemon
, will
fail. The test suite must be run after the package is
installed, and the system-wide D-Bus Daemon must be running.
-Ddaemon_user=colord
:
This switch is used so the colord daemon will run as an
unprivileged user instead of the root
user.
-Dvapi=true
: This
switch enables building the Vala bindings. Remove if you don't have
Vala-0.50.3 installed.
-Dsystemd=true
: This
switch enables installation of the systemd service.
-Dlibcolordcompat=true
: This
switch enables building a compatibility library for older
packages that use Colord.
-Dargyllcms_sensor=false
: This
switch disables the ArgLLCMS sensor driver. Omit if you have
ArgyllCMS installed and wish
to use it.
-Dbash_completion=false
: This
switch disables Bash Completion support for Colord
applications.
-Ddocs=false
: This
switch disables building of documentation. Omit if you have
GTK-Doc-1.33.2 available.
-Dman=false
: This
switch disables building of man pages. Omit if you have
DocBook-utils-0.6.14 available.
Namespaced versions of the docbook-xsl stylesheets are also
required.
is the Color Manager Profile Creation Tool |
|
is a tool used to fix metadata in ICC profiles |
|
dumps the contents of an ICC profile as human readable text |
|
is the Color Manager Testing Tool |
|
is a text-mode program that allows you to interact with colord on the command line |
|
contains the Colord API functions |
|
contains legacy API functions for compatibility with older applications |
|
contains internal API functions for the programs included with Colord |
|
contains a simple display hardware colorimiter |
Last updated on 2021-02-21 17:43:43 -0800
The cpio package contains tools for archiving.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/cpio/cpio-2.13.tar.bz2
Download (FTP): ftp://ftp.gnu.org/gnu/cpio/cpio-2.13.tar.bz2
Download MD5 sum: f3438e672e3fa273a7dc26339dd1eed6
Download size: 1.3 MB
Estimated disk space required: 17 MB (with tests and docs)
Estimated build time: 0.3 SBU (with tests and docs)
texlive-20200406 (or install-tl-unx)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cpio
First, fix a build issue when using GCC-10 and higher:
sed -i '/The name/,+2 d' src/global.c
Install cpio by running the following commands:
./configure --prefix=/usr \ --bindir=/bin \ --enable-mt \ --with-rmt=/usr/libexec/rmt && make && makeinfo --html -o doc/html doc/cpio.texi && makeinfo --html --no-split -o doc/cpio.html doc/cpio.texi && makeinfo --plaintext -o doc/cpio.txt doc/cpio.texi
If you have texlive-20200406 installed and wish to create PDF or Postscript documentation, issue one or both of the following commands:
make -C doc pdf && make -C doc ps
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/cpio-2.13/html && install -v -m644 doc/html/* \ /usr/share/doc/cpio-2.13/html && install -v -m644 doc/cpio.{html,txt} \ /usr/share/doc/cpio-2.13
If you built PDF or Postscript documentation, install it by
issuing the following commands as the root
user:
install -v -m644 doc/cpio.{pdf,ps,dvi} \ /usr/share/doc/cpio-2.13
--bindir=/bin
: This
parameter installs cpio to /bin
instead of /usr/bin
as recommended by the FHS
guidelines.
--enable-mt
: This
parameter forces the building and installation of the
mt program.
--with-rmt=/usr/libexec/rmt
:
This parameter inhibits building the rmt program as it is
already installed by the Tar
package in LFS.
Last updated on 2021-02-20 11:35:58 -0800
The cups-pk-helper package contains a PolicyKit helper used to configure Cups with fine-grained privileges.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/cups-pk-helper/releases/cups-pk-helper-0.2.6.tar.xz
Download MD5 sum: a9045c7db6e502d6496da8fc71d8820e
Download size: 160 KB
Estimated disk space required: 5.9 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cups-pk-helper
Install cups-pk-helper by running the following commands:
./configure --prefix=/usr --sysconfdir=/etc && make
This package does not come with a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-21 17:43:43 -0800
Even though D-Bus was built in LFS, there are some features provided by the package that other BLFS packages need, but their dependencies didn't fit into LFS.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://dbus.freedesktop.org/releases/dbus/dbus-1.12.20.tar.gz
Download MD5 sum: dfe8a71f412e0b53be26ed4fbfdc91c4
Download size: 2.0 MB
Estimated disk space required: 21 MB (add 18 MB for the tests)
Estimated build time: 0.3 SBU (add 8.0 SBU for the tests)
Xorg Libraries (for dbus-launch program)
For the tests: dbus-glib-0.110, D-Bus Python-1.2.16, PyGObject-3.38.0, and Valgrind-3.16.1; for documentation: Doxygen-1.9.1, xmlto-0.0.28, Ducktype, and Yelp Tools
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dbus
Install D-Bus by running the following commands (you may wish to review the output from ./configure --help first and add any desired parameters to the configure command shown below):
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --enable-user-session \ --disable-doxygen-docs \ --disable-xml-docs \ --disable-static \ --docdir=/usr/share/doc/dbus-1.12.20 \ --with-console-auth-dir=/run/console \ --with-system-pid-file=/run/dbus/pid \ --with-system-socket=/run/dbus/system_bus_socket && make
See below for test instructions.
Now, as the root
user:
make install
The shared library needs to be moved to /lib
, and as a result the .so
file in /usr/lib
will need to be recreated. Run the
following command as the root
user:
mv -v /usr/lib/libdbus-1.so.* /lib && ln -sfv ../../lib/$(readlink /usr/lib/libdbus-1.so) /usr/lib/libdbus-1.so
If you are using a DESTDIR install, dbus-daemon-launch-helper
needs to be fixed afterwards. Issue, as root
user:
chown -v root:messagebus /usr/libexec/dbus-daemon-launch-helper && chmod -v 4750 /usr/libexec/dbus-daemon-launch-helper
The dbus tests cannot be run until after dbus-glib-0.110 has been installed. They must be run as an unprivileged user from a local session with bus address. To run the standard tests issue make check.
If you want to run the unit regression tests, configure requires additional parameters which expose additional functionality in the binaries that are not intended to be used in a production build of D-Bus. If you would like to run the tests, issue the following commands (for the tests, you don't need to build the docs):
make distclean && PYTHON=python3 ./configure --enable-tests \ --enable-asserts \ --disable-doxygen-docs \ --disable-xml-docs && make && make check
There have been reports that the tests may fail if running inside a Midnight Commander shell. You may get out-of-memory error messages when running the tests. These are normal and can be safely ignored.
--disable-doxygen-docs
: This
switch disables doxygen documentation build and install, if
you have doxygen installed.
If doxygen is installed, and
you wish to build them, remove this parameter.
--disable-xml-docs
:
This switch disables html documentation build and install, if
you have xmlto installed. If
xmlto is installed, and you
wish to build them, remove this parameter.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-user-session
: This
parameter enables per-user DBus sessions with systemd.
--with-console-auth-dir=/run/console
:
This parameter specifies the directory to check for console
ownership.
--with-system-pid-file=/run/dbus/pid
:
This parameter specifies the location of the PID file.
--with-system-socket=/run/dbus/system_bus_socket
:
This parameter specifies the location of the system bus
socket.
--enable-tests
:
Builds extra parts of the code to support all tests. Do not
use on a production build.
--enable-embedded-tests
: Builds
extra parts of the code to support only unit tests. Do not
use on a production build.
--enable-asserts
:
Enables debugging code to run assertions for statements
normally assumed to be true. This prevents a warning that
'--enable-tests
' on
its own is only useful for profiling and might not give true
results for all tests, but adds its own NOTE that this should
not be used in a production build.
The configuration files listed above should probably not be
modified. If changes are required, you should create
/etc/dbus-1/session-local.conf
and/or
/etc/dbus-1/system-local.conf
and make any desired changes to these files.
If any packages install a D-Bus .service
file outside of the standard
/usr/share/dbus-1/services
directory, that directory should be added to the local
session configuration. For instance, /usr/local/share/dbus-1/services
can be
added by performing the following commands as the
root
user:
cat > /etc/dbus-1/session-local.conf << "EOF"
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Search for .service files in /usr/local -->
<servicedir>/usr/local/share/dbus-1/services</servicedir>
</busconfig>
EOF
There are many methods you can use to start a session daemon using the dbus-launch command. Review the dbus-launch man page for details about the available parameters and options. Here are some suggestions and examples:
Add dbus-launch to the
line in the ~/.xinitrc
file that starts your graphical desktop environment.
If you use gdm or some other
display manager that calls the ~/.xsession
file, you can add
dbus-launch to the
line in your ~/.xsession
file that starts your
graphical desktop environment. The syntax would be
similar to the example in the ~/.xinitrc
file.
The examples shown previously use dbus-launch to
specify a program to be run. This has the benefit
(when also using the --exit-with-session
parameter) of stopping the session daemon when the
specified program is stopped. You can also start the
session daemon in your system or personal startup
scripts by adding the following lines:
# Start the D-Bus session daemon
eval `dbus-launch`
export DBUS_SESSION_BUS_ADDRESS
This method will not stop the session daemon when you
exit your shell, therefore you should add the
following line to your ~/.bash_logout
file:
# Kill the D-Bus session daemon
kill $DBUS_SESSION_BUS_PID
A list of the installed files, along with their short descriptions can be found at ../../../../lfs/view/10.1-systemd/chapter08/dbus.html#contents-dbus.
Last updated on 2021-02-20 17:41:49 -0800
The Fcron package contains a periodical command scheduler which aims at replacing Vixie Cron.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://fcron.free.fr/archives/fcron-3.2.1.src.tar.gz
Download MD5 sum: bd4996e941a40327d11efc5e3fd1f839
Download size: 587 KB
Estimated disk space required: 5.1 MB
Estimated build time: 0.1 SBU
An MTA, text editor (default is vi from the Vim-8.2.2433 package), Linux-PAM-1.5.1, and DocBook-utils-0.6.14
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/fcron
For security reasons, an unprivileged user and group for
Fcron should be created
(perform as the root
user):
groupadd -g 22 fcron && useradd -d /dev/null -c "Fcron User" -g fcron -s /bin/false -u 22 fcron
Install Fcron by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --without-sendmail \ --with-piddir=/run \ --with-boot-install=no && make
This package does not come with a test suite.
Now, as the root
user:
make install
DESTDIR install must be done as root
user. Furthermore, if PAM
configuration files should be installed in /etc/pam.d
, you have to create this
directory in the DESTDIR before doing the install.
--without-sendmail
:
By default, Fcron will
attempt to use the sendmail command from an
MTA package
to email you the results of the fcron script. This switch
is used to disable default email notification. Omit the
switch to enable the default. Alternatively, you can use the
--with-sendmail=
to use a different mailer
command.
</path/to/MTA
command>
--with-boot-install=no
: This
prevents installation of the bootscript included with the
package.
--with-piddir=/run
:
This fixes the systemd unit to use the proper directory for
PID files so that systemctl does not hang and the unit starts
correctly.
--with-editor=
:
This switch allows you to set the default text editor.
</path/to/editor>
--with-dsssl-dir=
:
May be used if you have DocBook-utils-0.6.14
installed. Currently, the dsssl stylesheets are located at
</path/to/dsssl-stylesheets>
/usr/share/sgml/docbook/dsssl-stylesheets-1.79
.
There are no required changes in any of the config files.
Configuration information can be found in the man page for
fcron.conf
.
fcron scripts are written using fcrontab. Refer to the fcrontab man page for proper parameters to address your situation.
If Linux-PAM is installed, two PAM
configuration files are installed in etc/pam.d
. Alternatively if etc/pam.d
is not used, the installation
will append two configuration sections to the existing
/etc/pam.conf
file. You
should ensure the files match your preferences. Modify them
as required to suit your needs.
If you would like to setup a periodic hierarchy for the
root user, first issue the following commands (as the
root
user to create the
/usr/bin/run-parts
script:
cat > /usr/bin/run-parts << "EOF" &&
#!/bin/sh
# run-parts: Runs all the scripts found in a directory.
# from Slackware, by Patrick J. Volkerding with ideas borrowed
# from the Red Hat and Debian versions of this utility.
# keep going when something fails
set +e
if [ $# -lt 1 ]; then
echo "Usage: run-parts <directory>"
exit 1
fi
if [ ! -d $1 ]; then
echo "Not a directory: $1"
echo "Usage: run-parts <directory>"
exit 1
fi
# There are several types of files that we would like to
# ignore automatically, as they are likely to be backups
# of other scripts:
IGNORE_SUFFIXES="~ ^ , .bak .new .rpmsave .rpmorig .rpmnew .swp"
# Main loop:
for SCRIPT in $1/* ; do
# If this is not a regular file, skip it:
if [ ! -f $SCRIPT ]; then
continue
fi
# Determine if this file should be skipped by suffix:
SKIP=false
for SUFFIX in $IGNORE_SUFFIXES ; do
if [ ! "$(basename $SCRIPT $SUFFIX)" = "$(basename $SCRIPT)" ]; then
SKIP=true
break
fi
done
if [ "$SKIP" = "true" ]; then
continue
fi
# If we've made it this far, then run the script if it's executable:
if [ -x $SCRIPT ]; then
$SCRIPT || echo "$SCRIPT failed."
fi
done
exit 0
EOF
chmod -v 755 /usr/bin/run-parts
Next, create the directory layout for the periodic jobs
(again as the root
user):
install -vdm754 /etc/cron.{hourly,daily,weekly,monthly}
Finally, add the run-parts to the system
fcrontab (while still the root
user):
cat > /var/spool/fcron/systab.orig << "EOF"
&bootrun 01 * * * * root run-parts /etc/cron.hourly
&bootrun 02 4 * * * root run-parts /etc/cron.daily
&bootrun 22 4 * * 0 root run-parts /etc/cron.weekly
&bootrun 42 4 1 * * root run-parts /etc/cron.monthly
EOF
Last updated on 2021-02-20 11:35:58 -0800
The GPM (General Purpose Mouse daemon) package contains a mouse server for the console and xterm. It not only provides cut and paste support generally, but its library component is used by various software such as Links to provide mouse support to the application. It is useful on desktops, especially if following (Beyond) Linux From Scratch instructions; it's often much easier (and less error prone) to cut and paste between two console windows than to type everything by hand!
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://anduin.linuxfromscratch.org/BLFS/gpm/gpm-1.20.7.tar.bz2
Download (FTP): ftp://anduin.linuxfromscratch.org/BLFS/gpm/gpm-1.20.7.tar.bz2
Download MD5 sum: bf84143905a6a903dbd4d4b911a2a2b8
Download size: 820 KB
Estimated disk space required: 7.4 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/GPM
Enable the following option in the kernel configuration and recompile the kernel if necessary:
Device Drivers --->
Input device support ---> [CONFIG_INPUT]
<*/M> Mouse interface [CONFIG_INPUT_MOUSEDEV]
Install GPM by running the following commands:
patch -Np1 -i ../gpm-1.20.7-consolidated-1.patch && ./autogen.sh && ./configure --prefix=/usr --sysconfdir=/etc && make
This package does not come with a test suite.
Now, as the root
user:
make install && install-info --dir-file=/usr/share/info/dir \ /usr/share/info/gpm.info && ln -sfv libgpm.so.2.1.0 /usr/lib/libgpm.so && install -v -m644 conf/gpm-root.conf /etc && install -v -m755 -d /usr/share/doc/gpm-1.20.7/support && install -v -m644 doc/support/* \ /usr/share/doc/gpm-1.20.7/support && install -v -m644 doc/{FAQ,HACK_GPM,README*} \ /usr/share/doc/gpm-1.20.7
./autogen.sh: This command creates the missing configure script.
install-info
...: This package installs a .info
file, but does not update the system
dir
file. This command makes
the update.
ln -v -sfn libgpm.so.2.1.0
/usr/lib/libgpm.so: This command is used to
create (or update) the .so
symlink to the library.
To start the gpm daemon at boot,
install the systemd unit from the blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-gpm
/etc/gpm-root.conf
and
~/.gpm-root
: The default and
individual user gpm-root configuration
files.
GPM is by default started
with the following parameters: -m /dev/input/mice -t imps2
.
If the mentioned parameters don't suit your needs, you can
override them by running the following commands as the
root
user:
install -v -dm755 /etc/systemd/system/gpm.service.d &&
cat > /etc/systemd/system/gpm.service.d/99-user.conf << EOF
[Service]
ExecStart=/usr/sbin/gpm <list of parameters>
EOF
is a security mechanism used to disable the paste buffer |
|
is a simple program that reports the mouse buttons being pressed and released |
|
is a simple program that reports the mouse coordinates |
|
is used to report the GPM library and server versions |
|
is a cut and paste utility and mouse server for virtual consoles |
|
is a default handler for gpm. It is used to draw menus on the root window |
|
is a simple sample application using the high-level library, meant to be read by programmers trying to use the high-level library |
|
is a program to report mouse events |
|
is a tool for determining the mouse type and device it's attached to |
|
contains the API functions to access the GPM daemon |
Last updated on 2021-02-20 11:35:58 -0800
The Hdparm package contains a utility that is useful for obtaining information about, and controlling ATA/IDE controllers and hard drives. It allows to increase performance and sometimes to increase stability.
This package is known to build and work properly using an LFS-10.1 platform.
As well as being useful, incorrect usage of Hdparm can destroy your information and in rare cases, drives. Use with caution and make sure you know what you are doing. If in doubt, it is recommended that you leave the default kernel parameters alone.
Download (HTTP): https://downloads.sourceforge.net/hdparm/hdparm-9.60.tar.gz
Download MD5 sum: 25a791d47236c58801f8b27074f3ef93
Download size: 152 KB
Estimated disk space required: 1.0 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/hdparm
Build Hdparm by running the following command:
make
This package does not come with a test suite.
Now, as the root
user:
make install
Note that by default, hdparm is installed in
/sbin
as some systems may
require it during the boot process before /usr
is mounted. If you wish to install
hdparm under
the /usr
hierarchy, then
replace the above command with the following:
make binprefix=/usr install
Last updated on 2021-02-20 11:35:58 -0800
The LSB-Tools package includes tools for Linux Standards Base (LSB) conformance.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/djlucas/LSB-Tools/releases/download/v0.9/LSB-Tools-0.9.tar.gz
Download MD5 sum: 9e55d4b465bc9fd2b8c715f0fa62aa58
Download size: 16 KB
Estimated disk space required: 180 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/LSB-Tools
Install LSB-Tools by running the following commands:
python3 setup.py build
Now, as the root
user:
python3 setup.py install --optimize=1
The configuration for this package was done in
LFS and
Systemd. The file /etc/lsb-release
should already exist. Be
sure that the DISTRIB_CODENAME entry has been set properly.
Last updated on 2021-02-19 11:32:42 -0800
The lm_sensors package provides user-space support for the hardware monitoring drivers in the Linux kernel. This is useful for monitoring the temperature of the CPU and adjusting the performance of some hardware (such as cooling fans).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/lm-sensors/lm-sensors/archive/V3-6-0/lm-sensors-3-6-0.tar.gz
Download MD5 sum: f60e47b5eb50bbeed48a9f43bb08dd5e
Download size: 268 KB
Estimated disk space required: 2.6 MB
Estimated build time: less than 0.1 SBU
RRDtool (required to build the sensord program)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lm_sensors
Getting your kernel config right is an iterative process that may require that you recompile your kernel a couple of times. The simplest way to go about it is to start by enabling modules and then compile everything that may be needed by Lm Sensors as a module:
Bus options (PCI etc.) --->
[*] PCI support [CONFIG_PCI]
[*] Enable loadable module support ---> [CONFIG_MODULES]
Device Drivers --->
I2C support --->
<*/M> I2C device interface [CONFIG_I2C_CHARDEV]
I2C Hardware Bus support --->
<M> (configure all of them as modules)
<*/M> Hardware Monitoring support ---> [CONFIG_HWMON]
<M> (configure all of them as modules)
Recompile your kernel and reboot into the new kernel. Don't forget to make modules_install We will come back to the kernel in the Configuring section below.
Install lm_sensors by running the following commands:
make PREFIX=/usr \ BUILD_STATIC_LIB=0 \ MANDIR=/usr/share/man
This package does not come with a test suite.
Now, as the root
user:
make PREFIX=/usr \ BUILD_STATIC_LIB=0 \ MANDIR=/usr/share/man install && install -v -m755 -d /usr/share/doc/lm_sensors-3-6-0 && cp -rv README INSTALL doc/* \ /usr/share/doc/lm_sensors-3-6-0
BUILD_STATIC_LIB=0
:
This parameter disables compiling and installing the static
version of libsensors
.
PROG_EXTRA=sensord
:
This parameter enables compiling sensord, a daemon that can
monitor your system at regular intervals. Compiling
sensord
requires RRDtool. Compiling
RRDtool 1.4.6 requires a sed: sed -i '/ sv_undef/d'
bindings/perl-shared/RRDs.xs.
To find out what hardware sensors your system has, issue
the following command as the root
user:
sensors-detect
The appropriate modules should have been loaded and a summary is displayed at the end. Now you know what is needed and you can recompile your kernel to enable just the options you need (i.e., don't enable the modules you cannot use).
is a shell script for use with lm_sensors. It reads its configuration from a file, then calculates fan speeds from temperatures and sets the corresponding PWM outputs to the computed values |
|
is a small helper program to examine registers visible through the ISA bus. It is intended to probe any chip that lives on the ISA bus working with an address register and a data register (I2C-like access) or a flat range (of up to 256 bytes) |
|
is a small helper program to set registers visible through the ISA bus |
|
tests the pulse width modulation (PWM) outputs of sensors and configures fancontrol |
|
prints the current readings of all sensor chips |
|
is a Perl script to convert lm-sensors version 2 configuration files to work with version 3 |
|
is a Perl script
that will walk you through the process of scanning
your system for various hardware monitoring chips
(sensors) supported by |
|
(optional) is a daemon that can be used to periodically log sensor readings |
|
contains the lm_sensors API functions |
Last updated on 2021-02-20 11:35:58 -0800
The logrotate package allows automatic rotation, compression, removal, and mailing of log files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/logrotate/logrotate/releases/download/3.18.0/logrotate-3.18.0.tar.xz
Download MD5 sum: c21e586457db80e70606b45a9d84dfe8
Download size: 160 KB
Estimated disk space required: 5.6 MB
Estimated build time: 0.2 SBU (with tests)
An MTA (runtime)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/logrotate
Install logrotate by running the following command:
./configure --prefix=/usr && make
To test the results, issue: make test. One test fails because the very old compress is not present and two tests fail if an MTA is not installed.
Now, as the root
user:
make install
Logrotate needs a
configuration file, which must be passed as an argument to
the command when executed. Create the file as the
root
user:
cat > /etc/logrotate.conf << EOF
# Begin /etc/logrotate.conf
# Rotate log files weekly
weekly
# Don't mail logs to anybody
nomail
# If the log file is empty, it will not be rotated
notifempty
# Number of backups that will be kept
# This will keep the 2 newest backups only
rotate 2
# Create new empty files after rotating old ones
# This will create empty log files, with owner
# set to root, group set to sys, and permissions 664
create 0664 root sys
# Compress the backups with gzip
compress
# No packages own lastlog or wtmp -- rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
/var/log/lastlog {
monthly
rotate 1
}
# Some packages drop log rotation info in this directory
# so we include any file in it.
include /etc/logrotate.d
# End /etc/logrotate.conf
EOF
chmod -v 0644 /etc/logrotate.conf
Now create the /etc/logrotate.d
directory as the root
user:
mkdir -p /etc/logrotate.d
At this point additional log rotation commands can be
entered, typically in the /etc/logrotate.d
directory. For example:
cat > /etc/logrotate.d/sys.log << EOF
/var/log/sys.log {
# If the log file is larger than 100kb, rotate it
size 100k
rotate 5
weekly
postrotate
/bin/killall -HUP syslogd
endscript
}
EOF
chmod -v 0644 /etc/logrotate.d/sys.log
You can designate multiple files in one entry:
cat > /etc/logrotate.d/example.log << EOF
file1
file2
file3 {
...
postrotate
...
endscript
}
EOF
chmod -v 0644 /etc/logrotate.d/example.log
You can use in the same line the list of files: file1 file2 file3. See the logrotate man page or http://www.techrepublic.com/article/manage-linux-log-files-with-logrotate/ for more examples.
The command logrotate
/etc/logrotate.conf can be run manually,
however, the command should be run daily. Other useful
commands are logrotate -d
/etc/logrotate.conf for debugging purposes
and logrotate -f
/etc/logrotate.conf forcing the logrotate
commands to be run immediately. Combining the previous
options -df
, you can debug the
effect of the force command. When debugging, the commands are
only simulated and are not actually run. As a result, errors
about files not existing will eventually appear because the
files are not actually created.
To run the logrotate command daily,
execute the following commands,
as the root
user, to create a
systemd timer to run daily at 3:00 A.M.
(local time):
cat > /lib/systemd/system/logrotate.service << "EOF" &&[Unit] Description=Runs the logrotate command Documentation=man:logrotate(8) DefaultDependencies=no After=local-fs.target Before=shutdown.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/sbin/logrotate /etc/logrotate.conf
EOF cat > /lib/systemd/system/logrotate.timer << "EOF" &&[Unit] Description=Runs the logrotate command daily at 3:00 AM [Timer] OnCalendar=*-*-* 3:00:00 Persistent=true [Install] WantedBy=timers.target
EOF systemctl enable logrotate.timer
Last updated on 2021-02-20 11:35:58 -0800
MC (Midnight Commander) is a text-mode full-screen file manager and visual shell. It provides a clear, user-friendly, and somewhat protected interface to a Unix system while making many frequent file operations more efficient and preserving the full power of the command prompt.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://ftp.midnight-commander.org/mc-4.8.26.tar.xz
Download (FTP): ftp://ftp.osuosl.org/pub/midnightcommander/mc-4.8.26.tar.xz
Download MD5 sum: 3c1f77b71dba1f4eeeedc4276627fed7
Download size: 2.4 MB
Estimated disk space required: 196 MB (with tests)
Estimated build time: 0.5 SBU (using parallelism=4; with tests)
GLib-2.66.7 and PCRE-8.44
Doxygen-1.9.1, GPM-1.20.7, libssh2-1.9.0, Ruby-3.0.0, Samba-4.13.4, UnZip-6.0, X Window System, and Zip-3.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/MC
Install MC by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --enable-charset && make
To test the results, issue: make check. One test concerning rpm files fails.
Now, as the root
user:
make install
--sysconfdir=/etc
:
This switch places the global configureation directory in
/etc
.
--enable-charset
:
This switch adds support to mcedit for editing files in
encodings different from the one implied by the current
locale.
Last updated on 2021-02-20 11:35:58 -0800
ModemManager provides a unified high level API for communicating with mobile broadband modems, regardless of the protocol used to communicate with the actual device.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.freedesktop.org/software/ModemManager/ModemManager-1.14.10.tar.xz
Download MD5 sum: 2e3c58914eda4665e76f6b2084850597
Download size: 2.3 MB
Estimated disk space required: 147 MB (with tests)
Estimated build time: 0.5 SBU (Using parallelism=4; with tests)
gobject-introspection-1.66.1, libmbim-1.24.6, libqmi-1.26.10, Polkit-0.118, and Vala-0.50.3
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ModemManager
Install ModemManager by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --with-systemd-journal \ --with-systemd-suspend-resume \ --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--with-systemd-suspend-resume
:
This switch forces ModemManager to use the systemd
power management facilities.
--with-systemd-journal
:
This switch forces ModemManager to use the systemd journal
for logging.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 17:43:43 -0800
The Notification Daemon package contains a daemon that displays passive pop-up notifications.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/notification-daemon/3.20/notification-daemon-3.20.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/notification-daemon/3.20/notification-daemon-3.20.0.tar.xz
Download MD5 sum: 2de7f4075352831f1d98d8851b642124
Download size: 336 KB
Estimated disk space required: 4.1 MB
Estimated build time: less than 0.1 SBU
GTK+-3.24.25 and libcanberra-0.30 (Built with GTK+-3.24.25 support).
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/notification-daemon
Install Notification Daemon by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --disable-static && make
This package does not come with a testsuite.
Now, as the root
user:
make install
You can test the notification daemon with the command notify-send:
pgrep -l notification-da && notify-send -i info Information "Hi ${USER}, This is a Test"
The command pgrep -l notification-da is added to assure that it is the daemon of this package that is running, not another one, e.g. the daemon from xfce4-notifyd-0.6.2.
Last updated on 2021-02-21 17:43:43 -0800
p7zip is the Unix command-line port of 7-Zip, a file archiver that archives with high compression ratios. It handles 7z, ZIP, GZIP, Brotli, BZIP2, XZ, TAR, APM, ARJ, CAB, CHM, CPIO, CramFS, DEB, DMG, FAT, HFS, ISO, Lizard, LZ5, LZFSE, LZH, LZMA, LZMA2, MBR, MSI, MSLZ, NSIS, NTFS, RAR, RPM, SquashFS, UDF, VHD, WIM, XAR, Z, and Zstd formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/jinfeihan57/p7zip/archive/v17.03/p7zip-17.03.tar.gz
Download MD5 sum: fd7e6b082db89edfc047c1ce2d810850
Download size: 6.2 MB
Estimated disk space required: 66 MB
Estimated build time: 2.3 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/p7zip
First, prevent p7zip from installing compressed manual pages:
sed '/^gzip/d' -i install.sh
Install p7zip by running the following commands:
make all3
To test the results, issue: make test.
Now, as the root
user:
make DEST_HOME=/usr \ DEST_MAN=/usr/share/man \ DEST_SHARE_DOC=/usr/share/doc/p7zip-17.03 install
If using DESTDIR techniques, use DEST_DIR instead.
Last updated on 2021-02-20 11:35:58 -0800
pax is an archiving utility created by POSIX and defined by the POSIX.1-2001 standard. Rather than sort out the incompatible options that have crept up between tar and cpio, along with their implementations across various versions of UNIX, the IEEE designed a new archive utility. The name “pax” is an acronym for portable archive exchange. Furthermore, “pax” means “peace” in Latin, so its name implies that it shall create peace between the tar and cpio format supporters. The command invocation and command structure is somewhat a unification of both tar and cpio.
pax has been required to be present in LSB conformant systems since LSB version 3.0.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.mirbsd.org/MirOS/dist/mir/cpio/paxmirabilis-20201030.tgz
Download MD5 sum: 87a0a3870ec437c41eb1b406334fe2c5
Download size: 172 KB
Estimated disk space required: 1.2 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pax
Install pax by running the following commands:.
This package expands to the directory pax.
bash Build.sh
This package does not come with a test suite.
Now, as the root
user:
This package also creates hard links from pax to the programs cpio and tar in the build directory. The LFS editors do not recommend that they be installed as they will overwrite the GNU versions of these programs.
install -v pax /bin && install -v -m644 pax.1 /usr/share/man/man1
Last updated on 2021-02-20 11:35:58 -0800
The PCI Utils package contains a set of programs for listing PCI devices, inspecting their status and setting their configuration registers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/software/utils/pciutils/pciutils-3.7.0.tar.xz
Download MD5 sum: e6e20482b4f25c5186e6a753c5edc361
Download size: 364 KB
Estimated disk space required: 3.8 MB
Estimated build time: less than 0.1 SBU
cURL-7.75.0, Wget-1.21.1, or Lynx-2.8.9rel.1 (for the update-pciids script to function correctly).
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pciutils
Install PCI Utils by running the following commands:
make PREFIX=/usr \ SHAREDIR=/usr/share/hwdata \ SHARED=yes
This package does not come with a test suite.
Now, as the root
user:
make PREFIX=/usr \ SHAREDIR=/usr/share/hwdata \ SHARED=yes \ install install-lib && chmod -v 755 /usr/lib/libpci.so
SHARED=yes
: This
parameter enables building of the shared library instead of
the static one.
ZLIB=no
: This option prevents
compression of the pci.ids
file.
The pci.ids
data file is
constantly being updated. To get a current version of this
file, run update-pciids as the
root
user. This program
requires the Which-2.21 script or
program to find cURL-7.75.0, Lynx-2.8.9rel.1 or Wget-1.21.1 which
are used to download the most current file, and then replace
the existing file in /usr/share/hwdata
.
You should update the /usr/share/hwdata/pci.ids
file
periodically. Execute the
following commands, as the root
user, to create a systemd timer to update it weekly on Sundays at 2:30
A.M. (local time):
cat > /lib/systemd/system/update-pciids.service << "EOF" &&[Unit] Description=Update pci.ids file Documentation=man:update-pciids(8) DefaultDependencies=no After=local-fs.target network-online.target Before=shutdown.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/sbin/update-pciids
EOF cat > /lib/systemd/system/update-pciids.timer << "EOF" &&[Unit] Description=Update pci.ids file weekly [Timer] OnCalendar=Sun 02:30:00 Persistent=true [Install] WantedBy=timers.target
EOF systemctl enable update-pciids.timer
Last updated on 2021-02-20 11:35:58 -0800
The Power Management Utilities provide simple shell command line tools to suspend and hibernate the computer. They can be used to run user supplied scripts on suspend and resume.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://pm-utils.freedesktop.org/releases/pm-utils-1.4.1.tar.gz
Download MD5 sum: 1742a556089c36c3a89eb1b957da5a60
Download size: 204 KB
Estimated disk space required: 1.6 MB
Estimated build time: 0.1 SBU
xmlto-0.0.28 (to generate man pages)
Hdparm-9.60, Wireless Tools-29, ethtool, and vbetool
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pm-utils
If needed, enable the following options in the kernel configuration and recompile the kernel:
Power management and ACPI options --->
<*> Suspend to RAM and standby [CONFIG_SUSPEND]
<*> Hibernation (aka 'suspend to disk') [CONFIG_HIBERNATION]
Suspend to RAM allows the system to enter sleep states in which main memory is powered and thus its contents are preserved. The method cuts power to most parts of the machine aside from the RAM. Because of the large power savings, it is advisable for laptops to automatically enter this mode when the computer is running on batteries and the lid is closed (or the user is inactive for some time).
Suspend to disk (Hibernation) saves the machine's state into swap space and completely powers off the machine. When the machine is powered on, the state is restored. Until then, there is zero power consumption. Suspend to RAM and hibernation are normally appropriate for portable devices such as laptops, but can be used on workstations. The capability is not really appropriate for servers.
To use hibernation, the kernel parameter resume=/dev/<swap_partition> has to be used on the kernel command line (in grub.cfg). The swap partition should be at least the size of the physical RAM on the system.
Install Power Management Utilities by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --docdir=/usr/share/doc/pm-utils-1.4.1 && make
This package does not come with a test suite.
Now, as the root
user:
make install
If you don't have xmlto-0.0.28 installed, copy pregenerated
man pages, as the root
user:
install -v -m644 man/*.1 /usr/share/man/man1 && install -v -m644 man/*.8 /usr/share/man/man8 && ln -sv pm-action.8 /usr/share/man/man8/pm-suspend.8 && ln -sv pm-action.8 /usr/share/man/man8/pm-hibernate.8 && ln -sv pm-action.8 /usr/share/man/man8/pm-suspend-hybrid.8
Suspend or resume functionality can be easily modified by
installing files into the /etc/pm/sleep.d
directory. These files,
known as hooks, are run when the system is put into a sleep
state or resumed. Default hooks are located in /usr/lib/pm-utils/sleep.d
, and user hooks
should be put in /etc/pm/sleep.d
. See the pm-action(8) man
page for more information.
In order to use hibernation with GRUB and a swap partition, you need to
add kernel parameter resume=
(e.g.
swap_partition
resume=/dev/sda1
) to the kernel
line in the /boot/grub/grub.cfg
configuration file.
is a script that determines whether the system is running on AC power (rather than a battery) |
|
is a symlink to pm-action script that puts the computer into hibernate mode (the system is fully powered off and system state is saved to disk) |
|
is a script that checks whether power management features such as suspend and hibernate are supported |
|
is a script that puts the computer into powersaving (low power) mode |
|
is a symlink to pm-action script that puts the computer into suspend mode (most devices are shut down and system state is saved in RAM) |
|
is a symlink to pm-action script that puts the computer into hybrid-suspend mode (the system does everything it needs to hibernate, but suspends instead of shutting down) |
Last updated on 2021-02-20 11:35:58 -0800
Raptor is a C library that provides a set of parsers and serializers that generate Resource Description Framework (RDF) triples.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.librdf.org/source/raptor2-2.0.15.tar.gz
Download MD5 sum: a39f6c07ddb20d7dd2ff1f95fa21e2cd
Download size: 1.9 MB
Estimated disk space required: 28 MB (additional 1 MB for the tests)
Estimated build time: 0.2 SBU (additional 0.5 SBU for the tests)
cURL-7.75.0 and libxslt-1.1.34
GTK-Doc-1.33.2, ICU-68.2 and libyajl
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/raptor
First, apply a patch that fixes a couple of security issues:
patch -Np1 -i ../raptor-2.0.15-security_fixes-1.patch
Install Raptor by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-icu-config=/usr/bin/icu-config
: Use
this switch if you have installed ICU-68.2 and wish to build Raptor with its support.
Last updated on 2021-02-20 11:35:58 -0800
Rasqal is a C library that handles Resource Description Framework (RDF) query language syntaxes, query construction, and execution of queries returning results as bindings, boolean, RDF graphs/triples or syntaxes.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.librdf.org/source/rasqal-0.9.33.tar.gz
Download MD5 sum: 1f5def51ca0026cd192958ef07228b52
Download size: 1.6 MB
Estimated disk space required: 22 MB (additional 4 MB for the tests)
Estimated build time: 0.3 SBU (additional 0.7 SBU for the tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/rasqal
Install Rasqal by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-20 11:35:58 -0800
Redland is a set of free software C libraries that provide support for the Resource Description Framework (RDF).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.librdf.org/source/redland-1.0.17.tar.gz
Download MD5 sum: e5be03eda13ef68aabab6e42aa67715e
Download size: 1.6 MB
Estimated disk space required: 18 MB
Estimated build time: 0.2 SBU
Berkeley DB-5.3.28, libiodbc-3.52.12, SQLite-3.34.1, MariaDB-10.5.8 or MySQL, PostgreSQL-13.2, virtuoso, and 3store
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/redland
Install Redland by running the following commands:
./configure --prefix=/usr --disable-static && make
To test the results, issue make check.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-20 11:35:58 -0800
The sg3_utils package contains low level utilities for devices that use a SCSI command set. Apart from SCSI parallel interface (SPI) devices, the SCSI command set is used by ATAPI devices (CD/DVDs and tapes), USB mass storage devices, Fibre Channel disks, IEEE 1394 storage devices (that use the "SBP" protocol), SAS, iSCSI and FCoE devices (amongst others).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://sg.danny.cz/sg/p/sg3_utils-1.45.tar.xz
Download MD5 sum: 3a1ba25fe7b43577de4a5c1edb018526
Download size: 968 KB
Estimated disk space required: 24 MB
Estimated build time: 0.2 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sg3_utils
Install sg3_utils by running the following commands:
./configure --prefix=/usr --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
accesses Linux SCSI logging level information |
|
checks SCSI device support for mandatory commands |
|
does the SCSI READ CAPACITY command on disks |
|
does the SCSI TEST UNIT READY on devices |
|
checks for SCSI to ATA Translation (SAT) device support |
|
starts one or more SCSI disks |
|
stops one or more SCSI disks |
|
fetches the temperature of a SCSI device |
|
performs a SCSI BACKGROUND CONTROL command on a device to perform "advanced background operations" |
|
sends the SCSI COMPARE AND WRITE command to device |
|
sends the SCSI RECEIVE COPY RESULTS command (XCOPY related) |
|
copies data to and from files and devices. Specialised for devices that understand the SCSI command set |
|
takes SCSI sense data in binary or as a sequence of ASCII hexadecimal bytes and decodes it |
|
changes ownership of a LUN from another Service-Processor to this one |
|
formats or resizes a SCSI disk (perhaps changes its block size) |
|
sends a SCSI GET CONFIGURATION command (MMC-4 +) |
|
sends a SCSI GET PHYSICAL ELEMENT STATUS command to a device |
|
sends the SCSI GET LBA STATUS command |
|
sends a SCSI REPORT or SET IDENTIFYING INFORMATION command |
|
access mode page information for a SCSI (or ATAPI) device |
|
sends a SCSI INQUIRY or ATA IDENTIFY (PACKET) DEVICE command and outputs the response |
|
access log pages with SCSI LOG SENSE command |
|
sends the SCSI REPORT LUNS command |
|
displays mapping between linux sg and other SCSI devices |
|
maps a special file to a SCSI generic (sg) device (or vice versa) |
|
copies data to and from files and devices. Specialized for devices that understand the SCSI command set and does memory mapped transfers from sg devices |
|
reads mode pages with SCSI MODE SENSE command |
|
reports information on supported SCSI commands or task management functions |
|
copies data to and from files and devices. Specialized for devices that understand the SCSI command set |
|
sends a SCSI PERSISTENT RESERVE (IN or OUT) command to manipulate registrations and reservations |
|
sends a SCSI PREVENT ALLOW MEDIUM REMOVAL command |
|
sends an arbitrary SCSI command to a device |
|
reads data using SCSI READ BUFFER command |
|
displays or modifies RDAC Redundant Controller Page |
|
reads blocks of data continually from the same offset |
|
performs a SCSI READ ATTRIBUTE command on a device |
|
sends a SCSI READ BLOCK LIMITS command |
|
sends a SCSI READ BUFFER command |
|
sends a SCSI READ CAPACITY command |
|
sends a SCSI READ LONG command |
|
sends a SCSI REASSIGN BLOCKS command |
|
sends the SCSI REPORT REFERRALS command |
|
sends a SCSI REPORT ZONES command |
|
sends one or more SCSI REQUEST SENSE commands |
|
sends SCSI device, target, bus or host reset; or checks reset state |
|
sends a SCSI RESET WRITE POINTER command |
|
sends a SCSI READ MEDIA SERIAL NUMBER command |
|
sends a SCSI REPORT TARGET PORT GROUPS command |
|
fetches status from a SCSI Accessed Fault-Tolerant Enclosure (SAF-TE) device |
|
sends a SCSI SANITIZE command |
|
sends an ATA IDENTIFY (PACKET) DEVICE command via a SCSI to ATA Translation (SAT) layer |
|
sends an ATA READ LOG EXT command via a SAT pass through to fetch log page 11h which contains SATA phy event counters |
|
uses an ATA READ LOG EXT command via a SCSI to ATA Translation (SAT) layer |
|
sends an ATA SET FEATURES command via a SCSI to ATA Translation (SAT) layer |
|
does a scan of sg devices (or given SCSI/ATAPI/ATA devices) and prints the results |
|
performs a SCSI SEEK or PRE-FETCH command on a device and it's cache |
|
performs a SCSI SEND DIAGNOSTIC command |
|
sends controls and fetch status from a SCSI Enclosure Services (SES) device |
|
sends microcode to a SCSI enclosure |
|
sends a SCSI START STOP UNIT command to start, stop, load or eject medium |
|
sends a SCSI SET TARGET PORT GROUPS command |
|
performs a SCSI STREAM CONTROL or GET STREAM STATUS command on a device to open or close an I/O stream |
|
sends the scsi command synchronize cache |
|
tests the SCSI host adapter by issuing write and read operations on a device's buffer and calculating checksums |
|
sends one or more SCSI TEST UNIT READY commands |
|
sends a SCSI UNMAP command |
|
invokes SCSI VERIFY command(s) on a block device |
|
fetches Vital Product Data (VPD) pages using a SCSI INQUIRY command |
|
sends a SCSI WRITE BUFFER command |
|
sends the SCSI WRITE LONG command |
|
sends the SCSI WRITE SAME command |
|
sends the SCSI WRITE AND VERIFY command |
|
performs SCSI WRITE commands on a device |
|
writes mode page |
|
copies data to and from files and devices using SCSI EXTENDED COPY (XCOPY) |
|
performs SCSI ZONE commands on a device, such as OPEN, CLOSE, FINISH or SEQUENTIALIZE |
|
contains the sg3_utils API functions |
Last updated on 2021-02-20 11:35:58 -0800
The Sysstat package contains utilities to monitor system performance and usage activity. Sysstat contains the sar utility, common to many commercial Unixes, and tools you can schedule via cron to collect and historize performance and activity data.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://sebastien.godard.pagesperso-orange.fr/sysstat-12.5.3.tar.xz
Download MD5 sum: aef5464af848afe2f425d3cd9afce8eb
Download size: 840 KB
Estimated disk space required: 30 MB
Estimated build time: 0.1 SBU
There are no build-time requirements for this package; however, it is designed to be controlled by a cron daemon such as Fcron-3.2.1.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sysstat
Install Sysstat by running the following commands:
sa_lib_dir=/usr/lib/sa \ sa_dir=/var/log/sa \ conf_dir=/etc/sysconfig \ ./configure --prefix=/usr \ --disable-file-attr && make
This package does not come with a test suite.
Now, as the root
user:
make install
Install the systemd unit by running the following command as
the root
user:
install -v -m644 sysstat.service /lib/systemd/system/sysstat.service
Fix the systemd unit by running the following command as the
root
user:
sed -i "/^Also=/d" /lib/systemd/system/sysstat.service
sa_lib_dir
: This environment
variable specifies the location of the package-specific
library directory.
sa_dir
: This environment variable
specifies the location of the directory containing the data
files.
conf_dir
: This environment
variable specifies the location of the system configuration
directory.
--disable-file-attr
:
Do not set attributes on files being installed. This
parameter causes the installation to ignore the man group
variable resulting in the man files having root
: root
ownership.
Run ./configure
--help to see other influential environment
variables you can pass to configure. You may want
to use the history
and
compressafter
variables to
customize the amount of data files kept on the system.
To begin gathering Sysstat
history information, you must add to, or create a
privileged user's crontab. The history data location is
/var/log/sa
. The user running
Sysstat utilities via cron
must have write access to this location.
Below is an example of what to install in the crontab. Adjust the parameters to suit your needs. Use man sa1 and man sa2 for information about the commands.
# 8am-7pm activity reports every 10 minutes during weekdays
0 8-18 * * 1-5 /usr/lib/sa/sa1 600 6 &
# 7pm-8am activity reports every hour during weekdays
0 19-7 * * 1-5 /usr/lib/sa/sa1 &
# Activity reports every hour on Saturday and Sunday
0 * * * 0,6 /usr/lib/sa/sa1 &
# Daily summary prepared at 19:05
5 19 * * * /usr/lib/sa/sa2 -A &
Ensure you submit the revised crontab to the cron daemon.
displays statistics about read and write operations on CIFS filesystems |
|
reports CPU statistics and input/output statistics for devices and partitions |
|
writes activities for each available processor |
|
is used for monitoring individual tasks currently being managed by the Linux kernel |
|
is used for displaying the contents of data files created by the sar command. But unlike sar, sadf can write its data in many different formats |
|
is used for displaying the contents of elected cumulative activity counters in the operating system |
|
is used for monitoring the activity of tape drives connected to a system |
Last updated on 2021-02-20 11:35:58 -0800
While systemd was installed when building LFS, there are many features provided by the package that were not included in the initial installation because Linux-PAM was not yet installed. The systemd package needs to be rebuilt to provide a working systemd-logind service, which provides many additional features for dependent packages.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/systemd/systemd/archive/v247/systemd-247.tar.gz
Download MD5 sum: b0d6e603b814908acc69db29bbfb023c
Download size: 9.4 MB
Estimated disk space required: 273 MB (with tests)
Estimated build time: 2.1 SBU (with tests)
btrfs-progs-5.10.1, cURL-7.75.0, cryptsetup-2.3.4, git-2.30.1, GnuTLS-3.7.0, iptables-1.8.7, libgcrypt-1.9.2, libidn2-2.3.0, libpwquality-1.4.4, libseccomp-2.5.1, libxkbcommon-1.0.3, make-ca-1.7, pcre2-10.36, qemu-5.2.0, qrencode-4.1.1, Valgrind-3.16.1, zsh-5.8 (for the zsh completions), gnu-efi, kexec-tools, libfido2, libmicrohttpd, lz4, quota-tools and Sphinx
docbook-xml-4.5, docbook-xsl-1.79.2, libxslt-1.1.34, and lxml-4.6.2 (to build the index of systemd manual pages)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/systemd
Apply a patch to fix regressions in systemd-networkd and segmentation faults in systemctl:
patch -Np1 -i ../systemd-247-upstream_fixes-1.patch
Remove an unneeded group, render
, from the default udev rules:
sed -i 's/GROUP="render"/GROUP="video"/' rules.d/50-udev-default.rules.in
Rebuild systemd by running the following commands:
mkdir build && cd build && meson --prefix=/usr \ -Dblkid=true \ -Dbuildtype=release \ -Ddefault-dnssec=no \ -Dfirstboot=false \ -Dinstall-tests=false \ -Dldconfig=false \ -Dman=auto \ -Drootprefix= \ -Drootlibdir=/lib \ -Dsplit-usr=true \ -Dsysusers=false \ -Drpmmacrosdir=no \ -Db_lto=false \ -Dhomed=false \ -Duserdb=false \ -Dmode=release \ -Dpamconfdir=/etc/pam.d \ -Ddocdir=/usr/share/doc/systemd-247 \ .. && ninja
For the best test results, make sure you run the testsuite from a system that is booted by the same systemd version you are rebuilding.
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Dpamconfdir=/etc/pam.d
: Forces
the PAM files to be installed in /etc/pam.d rather than
/usr/lib/pam.d.
-Duserdb=false
:
Removes a daemon that does not offer any use under a BLFS
configuration. If you wish to enable the userdbd daemon, replace "false" with
"true" in the above meson command.
-Dhomed=false
: Remove
a daemon that does not offer any use under a traditional BLFS
configuration, especially using accounts created with
useradd. To enable systemd-homed, first ensure that you have
cryptsetup-2.3.4 and libpwquality-1.4.4, and then change
"false" to "true" in the above meson command.
The /etc/pam.d/system-session
file needs to be modified and a new file needs to be created
in order for systemd-logind to work
correctly. Run the following commands as the root
user:
cat >> /etc/pam.d/system-session << "EOF"# Begin Systemd addition session required pam_loginuid.so session optional pam_systemd.so # End Systemd addition
EOF cat > /etc/pam.d/systemd-user << "EOF"# Begin /etc/pam.d/systemd-user account required pam_access.so account include system-account session required pam_env.so session required pam_limits.so session required pam_unix.so session required pam_loginuid.so session optional pam_keyinit.so force revoke session optional pam_systemd.so auth required pam_deny.so password required pam_deny.so # End /etc/pam.d/systemd-user
EOF
If upgrading from a previous version of systemd and an initrd is used for system boot, you should generate a new initrd before rebooting the system.
A list of the installed files, along with their short descriptions can be found at ../../../../lfs/view/10.1/chapter08/systemd.html#contents-systemd.
Listed below are the newly installed libraries and directories along with short descriptions.
/lib/security
)
is a tool to create, remove, change, or inspect a home directory managed by systemd-homed; note that it's useless for the classic UNIX users and home directories which we are using in LFS/BLFS book |
|
inspects users, groups, and group memberships |
|
is a PAM module used to register user sessions with the systemd login manager, systemd-logind |
Last updated on 2021-02-22 17:02:40 -0800
The UDisks package provides a daemon, tools and libraries to access and manipulate disks and storage devices.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/storaged-project/udisks/releases/download/udisks-2.9.2/udisks-2.9.2.tar.bz2
Download MD5 sum: 1f8a9ca98a63ecc9e48ffd08309d0492
Download size: 1.6 MB
Estimated disk space required: 52 MB (with tests)
Estimated build time: 0.3 SBU (with tests)
libatasmart-0.19, libblockdev-2.25, libgudev-234, libxslt-1.1.34, and Polkit-0.118
btrfs-progs-5.10.1, dosfstools-4.2, gptfdisk-1.0.6, mdadm-4.1, and xfsprogs-5.10.0
D-Bus Python-1.2.16 (for the integration tests), GTK-Doc-1.33.2, LVM2-2.03.11, ntfs-3g-2017.3.23, PyGObject-3.38.0 (for the integration tests), exFAT, and libiscsi
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/udisks2
Install UDisks by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --disable-static && make
To test the results, issue: make check. A more thorough
test can be run with make
ci. You must first create the directories
/var/run/udisks2
and
/var/lib/udisks2
, and the
optional python modules should be present.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-21 20:38:24 -0800
The UnRar package contains a
RAR
extraction utility used for
extracting files from RAR
archives. RAR
archives are
usually created with WinRAR,
primarily in a Windows environment.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.rarlab.com/rar/unrarsrc-6.0.3.tar.gz
Download MD5 sum: 54513ee5b1870f1d35bfa82eacce6b0f
Download size: 228 KB
Estimated disk space required: 2.2 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/unrar
This package extracts the tarball to the unversioned
directory unrar
and not the
expected directory unrar-6.0.3
.
Install UnRar by running the following commands:
make -f makefile
This package does not come with a test suite.
Now, as the root
user:
install -v -m755 unrar /usr/bin
Last updated on 2021-02-20 11:35:58 -0800
The UnZip package contains
ZIP
extraction utilities. These
are useful for extracting files from ZIP
archives. ZIP
archives are created with PKZIP or Info-ZIP utilities, primarily in a DOS
environment.
This package is known to build and work properly using an LFS-10.1 platform.
The previous version of the UnZip package had some locale related issues. Currently there are no BLFS editors capable of testing these locale issues. Therefore, the locale related information is left on this page, but has not been tested. A more general discussion of these problems can be found in the Program Assumes Encoding section of the Locale Related Issues page.
Download (HTTP): https://downloads.sourceforge.net/infozip/unzip60.tar.gz
Download (FTP): ftp://ftp.info-zip.org/pub/infozip/src/unzip60.tgz
Download MD5 sum: 62b490407489521db863b523a7f86375
Download size: 1.3 MB
Estimated disk space required: 9 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/unzip
Use of UnZip in the JDK, Mozilla, DocBook or any other BLFS package installation is not a problem, as BLFS instructions never use UnZip to extract a file with non-ASCII characters in the file's name.
These issues are thought to be fixed in the patch. But since none of the editors have data to test this, the following workarounds are retained in case they might still be needed.
The UnZip package assumes
that filenames stored in the ZIP archives created on non-Unix
systems are encoded in CP850, and that they should be
converted to ISO-8859-1 when writing files onto the
filesystem. Such assumptions are not always valid. In fact,
inside the ZIP archive, filenames are encoded in the DOS
codepage that is in use in the relevant country, and the
filenames on disk should be in the locale encoding. In MS
Windows, the OemToChar() C function (from User32.DLL
) does the correct conversion
(which is indeed the conversion from CP850 to a superset of
ISO-8859-1 if MS Windows is set up to use the US English
language), but there is no equivalent in Linux.
When using unzip to unpack a ZIP archive containing non-ASCII filenames, the filenames are damaged because unzip uses improper conversion when any of its encoding assumptions are incorrect. For example, in the ru_RU.KOI8-R locale, conversion of filenames from CP866 to KOI8-R is required, but conversion from CP850 to ISO-8859-1 is done, which produces filenames consisting of undecipherable characters instead of words (the closest equivalent understandable example for English-only users is rot13). There are several ways around this limitation:
1) For unpacking ZIP archives with filenames containing non-ASCII characters, use WinZip while running the Wine Windows emulator.
2) Use bsdtar -xf from libarchive-3.5.1 to unpack the ZIP archive. Then fix the damage made to the filenames using the convmv tool (http://j3e.de/linux/convmv/). The following is an example for the zh_CN.UTF-8 locale:
convmv -f cp936 -t utf-8 -r --nosmart --notest \
</path/to/unzipped/files>
First apply the patch:
patch -Np1 -i ../unzip-6.0-consolidated_fixes-1.patch
Now compile the package:
make -f unix/Makefile generic
The test suite does not work for target “generic”.
Now, as the root
user:
make prefix=/usr MANDIR=/usr/share/man/man1 \ -f unix/Makefile install
make -f unix/Makefile generic: This target begins by running a configure script (unlike the older targets such as linux and linux_noasm) which creates a flags file that is then used in the build. This ensures that the 32-bit x86 build receives the right flags to unzip files which which are larger than 2GB when extracted.
allows the output of unzip commands to be redirected |
|
lists, tests or extracts files from a |
|
is a self-extracting stub that can be prepended to
a |
|
searches files in a |
|
produces technical information about the files in a
|
Last updated on 2021-02-19 22:13:48 -0800
The UPower package provides an interface to enumerating power devices, listening to device events and querying history and statistics. Any application or service on the system can access the org.freedesktop.UPower service via the system message bus.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://gitlab.freedesktop.org/upower/upower/uploads/93cfe7c8d66ed486001c4f3f55399b7a/upower-0.99.11.tar.xz
Download MD5 sum: abe6acb617f11f2e8dbd9846fcf86e24
Download size: 424 KB
Estimated disk space required: 11 MB (add 3MB for tssts)
Estimated build time: 0.1 SBU (add 0.1 SBU for tests)
libgudev-234, libusb-1.0.24, and Polkit-0.118
GTK-Doc-1.33.2, PyGObject-3.38.0, dbusmock-0.22.0, and umockdev-0.15.4 (for part of the test suite).
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/upower
Enable the following options in the kernel configuration and recompile the kernel if necessary:
General Setup --->
[*] Namespaces support ---> [CONFIG_NAMESPACES]
[*] User namespace [CONFIG_USER_NS]
Install UPower by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --enable-deprecated \ --disable-static && make
To test the results, issue: make check. Some checks may not pass due to missing files. Test suite should be run from a local GUI session started with dbus-launch.
Now, as the root
user:
make install
--enable-deprecated
:
This switch enables deprecated functionality which is still
needed by some applications.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-gtk-doc
: Use this
parameter if GTK-Doc is
installed and you wish to rebuild and install the API
documentation.
Last updated on 2021-02-22 21:05:47 -0800
The USB Utils package contains utilities used to display information about USB buses in the system and the devices connected to them.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/utils/usb/usbutils/usbutils-013.tar.xz
Download MD5 sum: 91b0c9a3382d6f4c382df7a98462de2e
Download size: 96 KB
Estimated disk space required: 4.5 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/usbutils
Install USB Utils by running the following commands:
./autogen.sh --prefix=/usr --datadir=/usr/share/hwdata && make
This package does not come with a test suite.
Now, as the root
user:
make install
To install the usb.ids
data
file, using Wget-1.21.1, run, as the root
user:
install -dm755 /usr/share/hwdata/ && wget http://www.linux-usb.org/usb.ids -O /usr/share/hwdata/usb.ids
The script lsusb.py displays information in a more easily readable form than lsusb. To find the options, use lsusb.py -h. One form of use recommended by the developer is lsusb.py -ciu.
You should update the /usr/share/hwdata/usb.ids
file
periodically. Execute the
following commands, as the root
user, to create a systemd timer to update it weekly on Sundays at 2:30
A.M. (local time):
cat > /lib/systemd/system/update-usbids.service << "EOF" &&[Unit] Description=Update usb.ids file Documentation=man:lsusb(8) DefaultDependencies=no After=local-fs.target network-online.target Before=shutdown.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/bin/wget http://www.linux-usb.org/usb.ids -O /usr/share/hwdata/usb.ids
EOF cat > /lib/systemd/system/update-usbids.timer << "EOF" &&[Unit] Description=Update usb.ids file weekly [Timer] OnCalendar=Sun 03:00:00 Persistent=true [Install] WantedBy=timers.target
EOF systemctl enable update-usbids.timer
is a utility for displaying information about all USB buses in the system and all devices connected to them, but not in human friendly form |
|
displays information about all USB buses in the system and all devices connected to them in reasonable human friendly form |
|
is a shell script that displays details of USB buses and devices connected to them. It is designed to be used if /proc/bus/usb/devices is not available on your system |
|
is used to dump report descriptors and streams from HID (human interface device) interfaces of USB devices |
Last updated on 2021-02-19 22:13:48 -0800
The presence or absence of the which program in the main LFS book is probably one of the most contentious issues on the mailing lists. It has resulted in at least one flame war in the past. To hopefully put an end to this once and for all, presented here are two options for equipping your system with which. The question of which “which” is for you to decide.
The first option is to install the actual GNU which package.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/which/which-2.21.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/which/which-2.21.tar.gz
Download MD5 sum: 097ff1a324ae02e0a3b0369f07a7544a
Download size: 148 KB
Estimated disk space required: 1 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/which
Install which by running the following commands:
./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
The second option (for those who don't want to install the
package) is to create a simple script (execute as the
root
user):
cat > /usr/bin/which << "EOF"
#!/bin/bash
type -pa "$@" | head -n 1 ; exit ${PIPESTATUS[0]}
EOF
chmod -v 755 /usr/bin/which
chown -v root:root /usr/bin/which
This should work OK and is probably the easiest solution for most cases, but is not the most comprehensive implementation.
Last updated on 2021-02-19 21:30:09 -0800
The Zip package contains
Zip utilities. These are
useful for compressing files into ZIP
archives.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/infozip/zip30.tar.gz
Download (FTP): ftp://ftp.info-zip.org/pub/infozip/src/zip30.tgz
Download MD5 sum: 7b74551e63f8ee6aab6fbc86676c0d37
Download size: 1.1 MB
Estimated disk space required: 6.4 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/zip
Install Zip by running the following commands:
make -f unix/Makefile generic_gcc
This package does not come with a test suite.
Now, as the root
user:
make prefix=/usr MANDIR=/usr/share/man/man1 -f unix/Makefile install
make prefix=/usr -f
unix/Makefile install: This command overrides
the prefix
variable that is set
to /usr/local
in the
unix/Makefile
. Alternatives to
generic_gcc
can be seen with a
make -f unix/Makefile
list command.
Last updated on 2021-02-19 21:30:09 -0800
A base LFS system can be used as a development platform, however the base system only includes language support for C, C++ and Perl. This chapter provides instructions to build many popular programming environments to greatly expand your system's development capabilities.
Autoconf2.13 is an old version of Autoconf . This old version accepts switches which are not valid in more recent versions. Now that firefox has started to use python2 for configuring, this old version is required even if configure files have not been changed.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/autoconf/autoconf-2.13.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/autoconf/autoconf-2.13.tar.gz
Download MD5 sum: 9de56d4a161a723228220b0f425dc711
Download size: 434 KB
Estimated disk space required: 2.8 MB
Estimated build time: less than 0.1 SBU (additional 0.1 SBU for the tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/autoconf213
Install Autoconf by running the following commands:
patch -Np1 -i ../autoconf-2.13-consolidated_fixes-1.patch && mv -v autoconf.texi autoconf213.texi && rm -v autoconf.info && ./configure --prefix=/usr --program-suffix=2.13 && make
To test the installation issue make check (all 253 tests should pass).
Now, as the root
user:
make install && install -v -m644 autoconf213.info /usr/share/info && install-info --info-dir=/usr/share/info autoconf213.info
mv -v autoconf.texi autoconf213.texi: ensure that the info file added by this package will not overwrite the more recent version.
rm -v autoconf.info: ensure that the info file will be created by the current version of texinfo.
--program-suffix=2.13: ensure that the installed programs have the version added to their names, so that only a script which specifically looks for these old versions will find them.
install -v -m644
...: the patch removes install-info from the
Makefile because that would install (and if necessary
recreate) standards.info which is an old version, so now
autoconf213.info
has to be
manually installed.
Produces shell scripts that automatically configure software source code packages to adapt to many kinds of Unix-like systems |
|
is a tool for creating template files of C #define statements for configure to use |
|
This automatically runs autoconf2.13, autoheader2.13, aclocal, automake, gettextize and libtoolize in the right order when changes have been made to autoconf or automake template files |
|
Can be used as a preliminary step in creating a
|
|
Modifies a |
|
Prints the identifiers that the package uses in C preprocessor conditionals [If a package has already been set up to have some portability, this program can help determine what configure needs to check for. It can also fill in gaps in a configure.in file generated by autoscan] |
Last updated on 2021-02-20 14:53:06 -0800
Cbindgen can be used to generate C bindings for Rust code.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/eqrion/cbindgen/archive/v0.17.0/cbindgen-0.17.0.tar.gz
Download MD5 sum: 319023d51257da454f9a30aa3a358429
Download size: 188 KB
Estimated disk space required: 123 MB (add 533 MB for tests)
Estimated build time: 0.6 SBU (add 0.4 SBU for tests), both on a 4-core machine
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cbindgen
As with most Rust packages, this needs a network connection to check the current versions of the required cargo crates, and to download them if they are not already present.
Install cbindgen by running the following commands:
cargo build --release
To test the results, issue: cargo test. Three tests in the final suite are known to fail.
Now, as the root
user:
install -Dm755 target/release/cbindgen /usr/bin/
Last updated on 2021-02-20 14:53:06 -0800
GNU Clisp is a Common Lisp implementation which includes an interpreter, compiler, debugger, and many extensions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/clisp/latest/clisp-2.49.tar.bz2
Download (FTP): ftp://ftp.gnu.org/gnu/clisp/latest/clisp-2.49.tar.bz2
Download MD5 sum: 1962b99d5e530390ec3829236d168649
Download size: 7.8 MB
Estimated disk space required: 163 MB (add 8 MB for tests)
Estimated build time: 0.9 SBU (1.2 SBU with tests)
Optional patch: http://www.linuxfromscratch.org/patches/blfs/10.1/clisp-2.49-readline7_fixes-1.patch (required if building against libffcall)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/clisp
This package does not support parallel build.
If you are building on a 32-bit system, work around a bug in GCC caused by the latest version of binutils:
case $(uname -m) in i?86) export CFLAGS+=-falign-functions=4 ;; esac
Remove two tests, which fail for unknown reasons:
sed -i -e '/socket/d' -e '/"streams"/d' tests/tests.lisp
Install Clisp by running the following commands:
If you are building clisp against libffcall, apply the patch to fix a build failure with current readline:
patch -Np1 -i ../clisp-2.49-readline7_fixes-1.patch
Install Clisp by running the following commands:
mkdir build && cd build && ../configure --srcdir=../ \ --prefix=/usr \ --docdir=/usr/share/doc/clisp-2.49 \ --with-libsigsegv-prefix=/usr && ulimit -s 16384 && make -j1
To test the results, issue: make check.
Now, as the root
user:
make install
ulimit -s 16384: this increases the maximum stack size, as recommended by the configure.
--docdir=/usr/share/doc/clisp-2.49:
this ensures the html documentation will go into a versioned
directory instead of straight into /usr/share/html/
.
--with-libsigsegv-prefix=/usr: use this to tell configure that you have installed libsigsegv in /usr, otherwise it will not be found.
--with-libffcall-prefix=/usr
: use
this to tell configure that you have
installed the optional libffcall
in /usr, otherwise like libsigsegv it will not be found.
/usr/lib/clisp-2.49/base/
Last updated on 2021-02-20 14:53:06 -0800
The CMake package contains a modern toolset used for generating Makefiles. It is a successor of the auto-generated configure script and aims to be platform- and compiler-independent. A significant user of CMake is KDE since version 4.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cmake.org/files/v3.19/cmake-3.19.5.tar.gz
Download MD5 sum: b05ac439a6f49c75a0faaeca4a2c3144
Download size: 8.8 MB
Estimated disk space required: 375 MB (add 733 MB for tests)
Estimated build time: 2.1 SBU (add 3.4 SBU for tests, both using parallelism=4)
cURL-7.75.0, libarchive-3.5.1, and nghttp2-1.43.0
GCC-10.2.0 (for gfortran), git-2.30.1 (for use during tests), Mercurial-5.7 (for use during tests), Qt-5.15.2 (for the Qt-based GUI), Subversion-1.14.1 (for testing), rhash, and Sphinx (for building documents)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cmake
Install CMake by running the following commands:
sed -i '/"lib64"/s/64//' Modules/GNUInstallDirs.cmake && ./bootstrap --prefix=/usr \ --system-libs \ --mandir=/share/man \ --no-system-jsoncpp \ --no-system-librhash \ --docdir=/share/doc/cmake-3.19.5 && make
To test the results, issue: LC_ALL=en_US.UTF-8 bin/ctest -j<N>
-O
cmake-3.19.5-test.log, where <N>
is an integer
between 1 and the number of system cores. Setting
LC_ALL
is needed to prevent some
test failures when some of the locale variables are set to
non English locales.
Now, as the root
user:
make install
sed ... Modules/GNUInstallDirs.cmake: This command disables applications using cmake from attempting to install files in /usr/lib64/.
--system-libs
: This
switch forces the build system to link against Zlib, Bzip2, cURL, nghttp2, Expat and libarchive installed on the system.
--no-system-jsoncpp
:
This switch removes the JSON-C++ library from the list of system
libraries. A bundled version of that library is used instead.
--no-system-librhash
:
This switch removes the librhash library from the list of system
libraries used. A bundled version of that library is used
instead.
--qt-gui
: This switch enables
building the Qt-based GUI
for CMake.
--parallel=
: This switch enables
performing the CMake
bootstrap with multiple jobs at one time.
Last updated on 2021-02-19 21:30:09 -0800
The Doxygen package contains a documentation system for C++, C, Java, Objective-C, Corba IDL and to some extent PHP, C# and D. It is useful for generating HTML documentation and/or an off-line reference manual from a set of documented source files. There is also support for generating output in RTF, PostScript, hyperlinked PDF, compressed HTML, and Unix man pages. The documentation is extracted directly from the sources, which makes it much easier to keep the documentation consistent with the source code.
You can also configure Doxygen to extract the code structure from undocumented source files. This is very useful to quickly find your way in large source distributions. Used along with Graphviz, you can also visualize the relations between the various elements by means of include dependency graphs, inheritance diagrams, and collaboration diagrams, which are all generated automatically.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://doxygen.nl/files/doxygen-1.9.1.src.tar.gz
Download MD5 sum: 1513a1f6c0003dcf1d840e0420953857
Download size: 4.9 MB
Estimated disk space required: 177 MB (with tests)
Estimated build time: 1.1 SBU (using parallelism=4; with tests)
Graphviz-2.44.1, ghostscript-9.53.3, libxml2-2.9.10 (required for the tests), LLVM-11.1.0 (with clang), Python-2.7.18, Qt-5.15.2 (for doxywizard), texlive-20200406 (or install-tl-unx), xapian-1.4.18 (for doxyindexer), and javacc
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/doxygen
Install Doxygen by running the following commands:
mkdir -v build && cd build && cmake -G "Unix Makefiles" \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX=/usr \ -Wno-dev .. && make
To test the results, issue: make tests.
If you wish to generate the package documentation, you must have Python, TeX Live (for HTML docs) and Ghostscript (for PDF docs) installed, then issue the following command:
cmake -DDOC_INSTALL_DIR=share/doc/doxygen-1.9.1 -Dbuild_doc=ON .. && make docs
Now, as the root
user:
make install && install -vm644 ../doc/*.1 /usr/share/man/man1
If you have generated the package documentation, then the man pages are automatically installed, and you do not need to run the last install ... command.
-Dbuild_wizard=ON
: Use this
switch if Qt5 is installed
and you wish to build the GUI front-end.
-Dbuild_search=ON
: Use this
switch if xapian is
installed and you wish to build external search tools
(doxysearch.cgi
and doxyindexer).
-Duse_libclang=ON
: Use this
switch if llvm with
clang are installed, to add
support for libclang parsing.
There is no real configuration necessary for the Doxygen package although three additional packages are required if you wish to use extended capabilities. If you need to use the language translation features, you must have Python-2.7.18 installed. If you require formulas to create PDF documentation, then you must have texlive-20200406 installed. If you require formulas to convert PostScript files to bitmaps, then you must have ghostscript-9.53.3 installed.
is a command-line based utility used to generate template configuration files and then generate documentation from these templates. Use doxygen --help for an explanation of the command-line parameters |
|
is a GUI front-end for configuring and running doxygen |
|
generates a search index called |
|
is a CGI program to search the data indexed by doxyindexer |
Last updated on 2021-02-21 17:43:43 -0800
The GCC package contains the GNU Compiler Collection. This page describes the installation of compilers for the following languages: C, C++, D, Fortran, Objective C, Objective C++, and Go.
This package is known to build and work properly using an LFS-10.1 platform.
If you are upgrading GCC from any other version prior to 10.2.0, then you must be careful compiling 3rd party kernel modules. You should ensure that the kernel and all its native modules are also compiled using the same version of GCC that you use to build the 3rd party module. This issue does not affect native kernel (and kernel modules) updates, as the instructions below are a complete reinstallation of GCC. If you have existing 3rd party modules installed, ensure they are recompiled using the updated version of GCC. As always, never update the kernel headers from the ones used when Glibc was compiled during LFS.
Some system headers need to be fixed to be used with GCC.
This is done during the installation of GCC, and the
“fixed” headers are installed in
/usr/lib/gcc/<machine
triplet>/<GCC version>/include-fixed
. This
is harmless if GCC is built during the LFS stage. But if
you reinstall GCC in BLFS, some of the BLFS packages may be
“fixed”. If one of those
packages is reinstalled afterwards, the “fixed” headers are not updated,
which may lead to version mismatches. In case that happens,
the “fixed” headers must be updated
by running (as root
):
/usr/libexec/gcc/x86_64-pc-linux-gnu/10.2.0/install-tools/mkheaders
. The machine triplet may be different on a 32bit system.
Download (HTTP): https://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/gcc/gcc-10.2.0/gcc-10.2.0.tar.xz
Download MD5 sum: e9fd9b1789155ad09bcf3ae747596b50
Download size: 72 MB
Estimated disk space required: 8.3 GB (2.8 GB installed with all listed languages; add 1.1 GB for tests)
Estimated build time: 24 SBU (with parallelism=4, add 51 SBU for tests with parallelism=4)
GDB-10.1, Valgrind-3.16.1 (for tests), and ISL (to enable graphite optimization)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gcc
Even if you specify only languages other than C and C++ to the ./configure command below, the installation process will overwrite your existing GCC C and C++ compilers and libraries. Having the Tcl, Expect and DejaGnu packages installed before beginning the build is highly recommended so you can run the full suite of tests.
Do not continue with the make install command until you are confident the build was successful. You can compare your test results with those found at https://gcc.gnu.org/ml/gcc-testresults/. You may also want to refer to the information found in the GCC section of Chapter 8 in the LFS book (../../../../lfs/view/10.1/chapter08/gcc.html).
The instructions below are intentionally performing a
“bootstrap” process. Bootstrapping
is needed for robustness and is highly recommended when
upgrading the compilers version. To disable bootstrap
anyways, add --disable-bootstrap
to the
./configure
options below.
Install GCC by running the following commands:
case $(uname -m) in x86_64) sed -i.orig '/m64=/s/lib64/lib/' gcc/config/i386/t-linux64 ;; esac mkdir build && cd build && ../configure \ --prefix=/usr \ --disable-multilib \ --with-system-zlib \ --enable-languages=c,c++,d,fortran,go,objc,obj-c++ && make
If you have installed additional packages such as Valgrind and GDB, the GCC part of the testsuite will run more tests than in LFS. Some of those will report FAIL and others XPASS (pass when expected to FAIL). As of gcc-10.2.0, about 90 FAIL occur in the “guality” suite, as well as miscellaneous failures throughout the rest of the test suite. If all the compilers above are built, there will be around 120 unexpected failures out of over 468,000 tests. To run the tests, issue:
ulimit -s 32768 && make -k check
The tests are very long, and the results may be hard to find in the logs, specially if you use parallel jobs with make. You can get a summary of the tests with:
../contrib/test_summary
Now, as the root
user:
make install && mkdir -pv /usr/share/gdb/auto-load/usr/lib && mv -v /usr/lib/*gdb.py /usr/share/gdb/auto-load/usr/lib && chown -v -R root:root \ /usr/lib/gcc/*linux-gnu/10.2.0/include{,-fixed} rm -rf /usr/lib/gcc/$(gcc -dumpmachine)/10.2.0/include-fixed/bits/
Some packages expect to find the C preprocessor in
/lib
or may refer to the C
compiler under the name cc. The following symbolic
links are not needed if you have followed the LFS
instructions, since they have been already created. If you do
not have them on your system, issue as the root
user:
ln -v -sf ../usr/bin/cpp /lib && ln -v -sf gcc /usr/bin/cc && install -v -dm755 /usr/lib/bfd-plugins && ln -sfv ../../libexec/gcc/$(gcc -dumpmachine)/10.2.0/liblto_plugin.so /usr/lib/bfd-plugins/
mkdir build; cd build: The GCC documentation recommends building the package in a dedicated build directory.
--disable-multilib
:
This parameter ensures that files are created for the
specific architecture of your computer.
--with-system-zlib
:
Uses the system zlib instead
of the bundled one. zlib is
used for compressing and uncompressing GCC's intermediate language in LTO (Link
Time Optimization) object files.
--enable-languages=c,c++,d,fortran,go,objc,obj-c++
:
This command identifies which languages to build. You may
modify this command to remove undesired languages. Two other
languages can be added, besides ADA (see introduction above):
BRIG (add brig
to the
list of enabled languages), a binary format for HSAIL
(Heterogeneous System Architecture Intermediate Language),
and JIT (add jit
to
the list of enabled languages), a library which can be linked
into interpreters that want to generate machine code
“on the
fly” at run-time. They have not been
tested by the BLFS developers.
ulimit -s 32768: This command prevents several tests from running out of stack space.
make -k check: This command runs the test suite without stopping if any errors are encountered.
../contrib/test_summary: This command will produce a summary of the test suite results. You can append | grep -A7 Summ to the command to produce an even more condensed version of the summary. You may also wish to redirect the output to a file for review and comparison later on.
mv -v /usr/lib/*gdb.py
...: The installation stage puts some files
used by gdb under the
/usr/lib
directory. This
generates spurious error messages when performing
ldconfig. This
command moves the files to another location.
chown -v -R root:root
/usr/lib/gcc/*linux-gnu/...: If the package
is built by a user other than root, the ownership of the
installed include
directory
(and its content) will be incorrect. This command changes the
ownership to the root
user
and group.
rm -rf .../include-fixed/bits/: Remove an erroneous file in gcc added by the fixincludes process.
Some program and library names and descriptions are not listed here, but can be found at ../../../../lfs/view/10.1/chapter08/gcc.html#contents-gcc as they were initially installed during the building of LFS.
Last updated on 2021-02-20 14:53:06 -0800
The GC package contains the Boehm-Demers-Weiser conservative garbage collector, which can be used as a garbage collecting replacement for the C malloc function or C++ new operator. It allows you to allocate memory basically as you normally would, without explicitly deallocating memory that is no longer useful. The collector automatically recycles memory when it determines that it can no longer be otherwise accessed. The collector is also used by a number of programming language implementations that either use C as intermediate code, want to facilitate easier interoperation with C libraries, or just prefer the simple collector interface. Alternatively, the garbage collector may be used as a leak detector for C or C++ programs, though that is not its primary goal.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.hboehm.info/gc/gc_source/gc-8.0.4.tar.gz
Download MD5 sum: 67a5093e2f9f381bd550aa891d00b54b
Download size: 1.1 MB
Estimated disk space required: 11 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gc
Install GC by running the following commands:
./configure --prefix=/usr \ --enable-cplusplus \ --disable-static \ --docdir=/usr/share/doc/gc-8.0.4 && make
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -m644 doc/gc.man /usr/share/man/man3/gc_malloc.3
--docdir=/usr/share/doc/gc-8.0.4
:
This option is used so the package will install the
documentation in a versioned directory.
--enable-cplusplus
:
This parameter enables the building and installing of the C++
library along with the standard C library.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
Last updated on 2021-02-19 21:30:09 -0800
GDB, the GNU Project debugger, allows you to see what is going on “inside” another program while it executes -- or what another program was doing at the moment it crashed. Note that GDB is most effective when tracing programs and libraries that were built with debugging symbols and not stripped.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/gdb/gdb-10.1.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/gdb/gdb-10.1.tar.xz
Download MD5 sum: 1822a7dd45e7813f4408407eec1a6af1
Download size: 21 MB
Estimated disk space required: 761 MB (add 750 MB for docs; add 633 MB for tests)
Estimated build time: 1.7 SBU (Using parallelism=4; add 30 SBU for tests; add 0.5 SBU for docs)
six-1.15.0 (Python 3 module, required at run-time to use GDB scripts from various LFS/BLFS packages with Python 3 installed in LFS)
Doxygen-1.9.1, GCC-10.2.0 (ada, gfortran, and go are used for tests), Guile-3.0.5, Python-2.7.18, rustc-1.47.0 (used for some tests), Valgrind-3.16.1, and SystemTap (run-time, used for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gdb
Install GDB by running the following commands:
mkdir build && cd build && ../configure --prefix=/usr \ --with-system-readline \ --with-python=/usr/bin/python3 && make
Optionally, to build the API documentation using Doxygen-1.9.1, run:
make -C gdb/doc doxy
To test the results, issue:
pushd gdb/testsuite && make site.exp && echo "set gdb_test_timeout 120" >> site.exp && runtest popd
See gdb/testsuite/README and TestingGDB. There are many problems with the test suite:
Clean directories are needed if re-running the tests. For that reason, make a copy of the compiled source code directory before the tests in case you need to run the tests again.
Results depend on installed compilers.
A few tests assume that the header file <sys/sdt.h>
, part of SystemTap, is
present.
A test run of the test suite had 230 unexpected failures (out of over 70000 tests).
On some systems, the gdb.tui test suite will fail if running over SSH.
On some AMD-based systems, over 200 additional tests may fail due to a difference in the threading implementation on those CPUs.
Now, as the root
user:
make -C gdb install
If you have built the API documentation, it is now in
gdb/doc/doxy. You can install it (as the root
user):
install -d /usr/share/doc/gdb-10.1 && rm -rf gdb/doc/doxy/xml && cp -Rv gdb/doc/doxy /usr/share/doc/gdb-10.1
--with-system-readline
: This
switch forces GDB to use the
copy of Readline installed
in LFS.
--with-python=/usr/bin/python3
:
This switch forces GDB to
use Python 3 installed in LFS. Remove this switch if you have
installed Python-2.7.18 and want to use it instead
of Python 3.
Last updated on 2021-02-19 21:30:09 -0800
Git is a free and open source, distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Every Git clone is a full-fledged repository with complete history and full revision tracking capabilities, not dependent on network access or a central server. Branching and merging are fast and easy to do. Git is used for version control of files, much like tools such as Mercurial-5.7, Bazaar, Subversion-1.14.1, CVS, Perforce, and Team Foundation Server.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/software/scm/git/git-2.30.1.tar.xz
Download MD5 sum: 6f63eb0cc94f52e865fbd90ffb0ecb5c
Download size: 6.0 MB
Estimated disk space required: 366 MB (with downloaded documentation, add 16 MB to build documentation)
Estimated build time: 0.3 SBU (with parallelism=4; add 0.5 SBU for building documentation and 8.3 SBU for tests with parallelism=4)
https://www.kernel.org/pub/software/scm/git/git-manpages-2.30.1.tar.xz (not needed if you've installed asciidoc-9.1.0, xmlto-0.0.28, and prefer to rebuild them)
https://www.kernel.org/pub/software/scm/git/git-htmldocs-2.30.1.tar.xz and other docs (not needed if you've installed asciidoc-9.1.0 and want to rebuild the documentation).
cURL-7.75.0 (needed to use Git over http, https, ftp or ftps)
pcre2-10.36 (or the deprecated PCRE-8.44), in either case
configured with --enable-jit
,
Subversion-1.14.1 with Perl bindings
(for git svn),
Tk-8.6.11.1 (gitk, a simple Git repository viewer, uses Tk at runtime), and Valgrind-3.16.1
xmlto-0.0.28 and asciidoc-9.1.0 or AsciiDoctor, and also dblatex (for the PDF version of the user manual), and docbook2x to create info pages
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/git
Install Git by running the following commands:
./configure --prefix=/usr \ --with-gitconfig=/etc/gitconfig \ --with-python=python3 && make
You can build the man pages and/or html docs, or use downloaded ones. If you choose to build them, use the next two instructions.
If you have installed asciidoc-9.1.0 you can create the html version of the man pages and other docs:
make html
If you have installed asciidoc-9.1.0 and xmlto-0.0.28 you can create the man pages:
make man
The test suite can be run in parallel mode. To run the test suite, issue: make test. If run as a normal user, 0 tests should be reported as failed in the final summary.
Now, as the root
user:
make perllibdir=/usr/lib/perl5/5.32/site_perl install
Install the man pages as the root
user:
make install-man
Install the html docs as the root
user:
make htmldir=/usr/share/doc/git-2.30.1 install-html
If you downloaded the man pages untar them as the
root
user:
tar -xf ../git-manpages-2.30.1.tar.xz \ -C /usr/share/man --no-same-owner --no-overwrite-dir
If you downloaded the html docs untar them as the
root
user:
mkdir -vp /usr/share/doc/git-2.30.1 && tar -xf ../git-htmldocs-2.30.1.tar.xz \ -C /usr/share/doc/git-2.30.1 --no-same-owner --no-overwrite-dir && find /usr/share/doc/git-2.30.1 -type d -exec chmod 755 {} \; && find /usr/share/doc/git-2.30.1 -type f -exec chmod 644 {} \;
For both methods, the html-docs include a lot of plain text
files. Reorganize the files as the root
user:
mkdir -vp /usr/share/doc/git-2.30.1/man-pages/{html,text} && mv /usr/share/doc/git-2.30.1/{git*.txt,man-pages/text} && mv /usr/share/doc/git-2.30.1/{git*.,index.,man-pages/}html && mkdir -vp /usr/share/doc/git-2.30.1/technical/{html,text} && mv /usr/share/doc/git-2.30.1/technical/{*.txt,text} && mv /usr/share/doc/git-2.30.1/technical/{*.,}html && mkdir -vp /usr/share/doc/git-2.30.1/howto/{html,text} && mv /usr/share/doc/git-2.30.1/howto/{*.txt,text} && mv /usr/share/doc/git-2.30.1/howto/{*.,}html && sed -i '/^<a href=/s|howto/|&html/|' /usr/share/doc/git-2.30.1/howto-index.html && sed -i '/^\* link:/s|howto/|&html/|' /usr/share/doc/git-2.30.1/howto-index.txt
--with-gitconfig=/etc/gitconfig
:
This sets /etc/gitconfig
as the
file that stores the default, system wide, Git settings.
--with-python=python3
: Use this
switch to use Python 3,
instead of the EOL'ed Python
2. Python is used for the git p4 interface to
Perforce repositories, and also used in some tests.
--with-libpcre2
: Use this switch
if PCRE2 is installed and
has been built with the non-default JIT enabled.
--with-libpcre
: As an alternative
to PCRE2, use this switch if the deprecated PCRE is installed and has been built
with the non-default JIT enabled.
tar -xf
../git-manpages-2.30.1.tar.gz -C /usr/share/man
--no-same-owner: This untars git-manpages-2.30.1.tar.gz
. The
-C
option makes tar change
directory to /usr/share/man
before it starts to decompress the docs. The --no-same-owner
option stops tar from
preserving the user and group details of the files. This is
useful as that user or group may not exist on your system;
this could (potentially) be a security risk.
mv /usr/share/doc/git-2.30.1 ...: These commands move some of the files into subfolders to make it easier to sort through the docs and find what you're looking for.
find ... chmod ...: These commands correct the permissions in the shipped documentation tar file.
is the stupid content tracker |
|
is a CVS server emulator for Git |
|
is a graphical Git repository browser (needs Tk-8.6.11.1) |
|
is invoked by git send-pack and updates the repository with the information fed from the remote end |
|
is a login shell for SSH accounts to provide restricted Git access |
|
is invoked by git archive --remote and sends a generated archive to the other end over the git protocol |
|
is invoked by git fetch-pack, it discovers what objects the other side is missing, and sends them after packing |
Last updated on 2021-02-20 14:53:06 -0800
This section will describe how to set up, administer and secure a git server. Git has many options available. For more detailed documentation see https://git-scm.com/book/en/v2.
The following instructions will install a git server. It will be set up to use OpenSSH as the secure remote access method.
Configuration of the server consists of the following steps:
You will need to be user root
for the initial portion of
configuration. Create the git
user and group and set and unusable
password hash with the following commands:
groupadd -g 58 git && useradd -c "git Owner" -d /home/git -m -g git -s /usr/bin/git-shell -u 58 git && sed -i '/^git:/s/^git:[^:]:/git:NP:/' /etc/shadow
Putting in an unuable password hash (replacing the
!
by NP
) unlocks the account but it cannot be
used to login via password authentication. That is required
by sshd to work properly.
Next, create some files and directories in the home
directory of the git user allowing access to the git
repository using ssh keys.
install -o git -g git -dm0700 /home/git/.ssh && install -o git -g git -m0600 /dev/null /home/git/.ssh/authorized_keys
For any developer who should have access to the repository
add his/her public ssh key to /home/git/.ssh/authorized_keys
. First,
prepend some options to prevent users from using the
connection to git for port forwarding to other machines the
git server might reach.
echo -n "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty " >> /home/git/.ssh/authorized_keys && cat <user-ssh-key> >> /home/git/.ssh/authorized_keys
It is also useful to set the default name of the initial
branch of new repositories by modifying the git
configuration. As the root
user, run:
git config --system init.defaultBranch trunk
Finally add the /usr/bin/git-shell
entry to the
/etc/shells
configuration
file. This shell has been set in the git
user profile and is to make sure
that only git related actions can be executed:
echo "/usr/bin/git-shell" >> /etc/shells
The repository can be anywhere on the filesystem. It is
important that the git user has read/write access to that
location. We use /srv/git
as
base directory. Create a new git repository with the following
commands (as the root
user):
In all the instructions below, we use project1 as an example repository name. You should name your repository as a short descriptive name for your specific project.
install -o git -g git -m755 -d /srv/git/project1.git && cd /srv/git/project1.git && git init --bare && chown -R git:git .
All the instructions in this section and the next should be done on a user system, not the server system.
Now that the repository is created, it can be used by the
developers to put some files into it. Once the ssh key of
the user is imported to git's authorized_keys
file, the user can
interact with the repository.
A minimal configuration should be available on the developer's system specifying its user name and the email address. Create this minimal config file on client side:
cat > ~/.gitconfig <<EOF [user] name = <users-name> email = <users-email-address> EOF
On the developer's machine, setup some files to be pushed to the repository as the initial content:
The gitserver term used below should be the host name (or ip address) of the git server.
mkdir myproject cd myproject git init --initial-branch=trunk git remote add origin git@gitserver:/srv/git/project1.git cat >README <<EOF This is the README file EOF git add README git commit -m 'Initial creation of README' git push --set-upstream origin trunk
The initial content is now pushed to the server and is
available for other users. On the current machine, the
argument --set-upstream origin
trunk
is now no longer required as the local
repository is now connected to the remote repository.
Subsequent pushes can be performed as
git push
Other developers can now clone the repository and do modifications to the content (as long as their ssh keys has been installed):
git clone git@gitserver:/srv/git/project1.git cd project1 vi README git commit -am 'Fix for README file' git push
This is a very basic server setup based on OpenSSH access. All developers are
using the git
user to
perform actions on the repository and the changes users
are commiting can be distiguished as the local user name
(see ~/.gitconfig
) is
recorded in the changesets.
Access is restricted by the public keys added to git's
authorized_keys
file and
there is no option for the public to export/clone the
repository. To enable this, continue with step 4 to set up
the git server for public read-only access.
In the URL used to clone the project, the absolute path
(here /srv/git/project1.git
)
has to be specified as the repository is not in git's home
directory but in /srv/git
. To
get rid of the need to expose the structure of the server
installation, a symlink can be added in git's home
directory for each project like this:
ln -svf /srv/git/project1.git /home/git/
Now, the repository can be cloned using
git clone git@gitserver:project1.git
The setup described above makes a repository available for authenticated users (via providing the ssh public key file). There is also a simple way to publish the repository to unauthenticated users — of course without write access.
The combination of access via ssh (for authenticated users) and the export of repositories to unauthenticated users via the daemon is in most cases enough for a development site.
The daemon will be reachable at port 9418
by default. Make sure that your
firewall setup allows access to that port.
To start the server at boot time, install the git-daemon.service
unit from the
blfs-systemd-units-20210122
package:
make install-git-daemon
In order to allow git to
export a repository, a file named git-daemon-export-ok
is required in each
repository directory on the server. The file needs no
content, just its existance enables, its absence disables
the export of that repository.
touch /srv/git/project1.git/git-daemon-export-ok
Along with the git-daemon.service
unit, a configuration
file named /etc/default/git-daemon
has been
installed. Review this configuration file to match your
needs.
There are only three options to set in the configuration file:
GIT_BASE_DIR=<dirname>
Specify the location of the git repositories. Relative paths used when accessing the daemon will translated relative to this directory.
DFT_REPO_DIR=<dirname>
This directory is added to the white list of allowed
directories. This variable can hold multiple
directory names but is usually set equal to
GIT_BASE_DIR
.
GIT_DAEMON_OPTS=<options>
In case special options to the git daemon command
are needed, they have to be specified in this
setting. One example might be to adjust the port
number where daemon is listening. In this case, add
--port=<port
number>
to this variable. For more
information about which options can be set, take a
look at the output of git daemon --help.
After starting the daemon, unauthenticated users can clone exported repositories by using
git clone git://gitserver/project1.git
As the base directory is /srv/git
by default (or set to a custom
value in the configuration), git interprets the incoming path
(/project1.git) relative to that base directory so that the
repository in /srv/git/project1.git
is served.
Last updated on 2021-01-12 00:44:00 -0800
The Guile package contains the GNU Project's extension language library. Guile also contains a stand alone Scheme interpreter.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/guile/guile-3.0.5.tar.xz
Download (FTP): ftp://ftp.gnu.org/gnu/guile/guile-3.0.5.tar.xz
Download MD5 sum: 58b011f6d3d1a4bab774b5f82a7e99a7
Download size: 12 MB
Estimated disk space required: 273 MB (add 4 MB for tests)
Estimated build time: 1.9 SBU (Using parallelism=4; add 0.3 SBU for tests)
GC-8.0.4 and libunistring-0.9.10
Emacs-27.1 and GDB-10.1 (run-time only dependencies).
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/guile
Install Guile by running the following commands:
./configure --prefix=/usr \ --disable-static \ --docdir=/usr/share/doc/guile-3.0.5 && make && make html && makeinfo --plaintext -o doc/r5rs/r5rs.txt doc/r5rs/r5rs.texi && makeinfo --plaintext -o doc/ref/guile.txt doc/ref/guile.texi
To test the results, issue: ./check-guile.
Now, as the root
user:
make install && make install-html && mkdir -p /usr/share/gdb/auto-load/usr/lib && mv /usr/lib/libguile-*-gdb.scm /usr/share/gdb/auto-load/usr/lib && mv /usr/share/doc/guile-3.0.5/{guile.html,ref} && mv /usr/share/doc/guile-3.0.5/r5rs{.html,} && find examples -name "Makefile*" -delete && cp -vR examples /usr/share/doc/guile-3.0.5 && for DIRNAME in r5rs ref; do install -v -m644 doc/${DIRNAME}/*.txt \ /usr/share/doc/guile-3.0.5/${DIRNAME} done && unset DIRNAME
--disable-static
:
This switch prevents installation of static versions of the
libraries.
is a stand-alone Scheme interpreter for Guile |
|
is a Guile script which provides the information necessary to link your programs against the Guile library, in much the same way PkgConfig does |
|
is a script to parse declarations in your C code for Scheme visible C functions |
|
is a wrapper program installed along with guile, which knows where a particular module is installed and calls it, passing its arguments to the program |
|
is a symlink to guild |
Last updated on 2021-02-19 21:30:09 -0800
The librep package contains a Lisp system. This is useful for scripting or for applications that may use the Lisp interpreter as an extension language.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://download.tuxfamily.org/librep/librep_0.92.7.tar.xz
Download MD5 sum: 036195b371006848e29ed6f50ddc8475
Download size: 840 KB
Estimated disk space required: 10 MB
Estimated build time: 0.3 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/librep
Install librep by running the following commands:
./configure --prefix=/usr --disable-static && make
This package does not come with a test suite.
Now, as the root
user:
sed -i '5043,5044 d' libtool && make install
Last updated on 2021-02-20 14:53:06 -0800
The LLVM package contains a collection of modular and reusable compiler and toolchain technologies. The Low Level Virtual Machine (LLVM) Core libraries provide a modern source and target-independent optimizer, along with code generation support for many popular CPUs (as well as some less common ones!). These libraries are built around a well specified code representation known as the LLVM intermediate representation ("LLVM IR").
Clang provides new C, C++, Objective C and Objective C++ front-ends for LLVM and is required by some desktop packages such as firefox and for rust if that is built using the system LLVM.
The Compiler RT package provides runtime sanitizer and profiling libraries for developers who use Clang and LLVM.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/llvm/llvm-project/releases/download/llvmorg-11.1.0/llvm-11.1.0.src.tar.xz
Download MD5 sum: 69bc06661ce8f1872e27b40ff96002b2
Download size: 37 MB
Estimated disk space required: 3.1 GB (727 MB installed, add 20 GB for tests)
Estimated build time: 30 SBU (with parallelism=4, add 18 SBU for tests)
Download: https://github.com/llvm/llvm-project/releases/download/llvmorg-11.1.0/clang-11.1.0.src.tar.xz
Download MD5 sum: 133c6719e22bfded74fcaf1d3092e979
Download size: 15 MB
Download: https://github.com/llvm/llvm-project/releases/download/llvmorg-11.1.0/compiler-rt-11.1.0.src.tar.xz
Download MD5 sum: efd3e3de6f05254f5d62353780486d70
Download size: 2.1 MB
Doxygen-1.9.1, git-2.30.1, Graphviz-2.44.1, libxml2-2.9.10, Pygments-2.8.0, rsync-3.2.3 (for tests), texlive-20200406 (or install-tl-unx), Valgrind-3.16.1, PyYAML-5.3.1, Zip-3.0, OCaml, psutil, recommonmark, Sphinx, and Z3
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/llvm
Install clang into the source tree by running the following commands:
tar -xf ../clang-11.1.0.src.tar.xz -C tools && mv tools/clang-11.1.0.src tools/clang
If you have downloaded compiler-rt, install it into the source tree by running the following commands:
tar -xf ../compiler-rt-11.1.0.src.tar.xz -C projects && mv projects/compiler-rt-11.1.0.src projects/compiler-rt
There are many Python scripts in this package which use /usr/bin/env python to access the system Python which on LFS is Python-3.9.2. Use the following comand to fix these scripts:
grep -rl '#!.*python' | xargs sed -i '1s/python$/python3/'
Install LLVM by running the following commands:
mkdir -v build && cd build && CC=gcc CXX=g++ \ cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DLLVM_ENABLE_FFI=ON \ -DCMAKE_BUILD_TYPE=Release \ -DLLVM_BUILD_LLVM_DYLIB=ON \ -DLLVM_LINK_LLVM_DYLIB=ON \ -DLLVM_ENABLE_RTTI=ON \ -DLLVM_TARGETS_TO_BUILD="host;AMDGPU;BPF" \ -DLLVM_BUILD_TESTS=ON \ -DLLVM_BINUTILS_INCDIR=/usr/include \ -Wno-dev -G Ninja .. && ninja
If you have installed Sphinx and recommonmark and wish to generate the html documentation and manual pages, issue the following commands:
cmake -DLLVM_BUILD_DOCS=ON \ -DLLVM_ENABLE_SPHINX=ON \ -DSPHINX_WARNINGS_AS_ERRORS=OFF \ -Wno-dev -G Ninja .. && ninja docs-llvm-html docs-llvm-man
The clang documentation can be built too:
ninja docs-clang-html docs-clang-man
To test the results, issue: ninja check-all. Tests are
built with all available cores, but run using the
number of online
processors. (The difference is that available cores can be
limited using taskset, but taking them
offline requires echoing 0 to /sys/devices/system/cpu/cpu<N>/online
by the root
user and makes
them temporarily unusable by all jobs on the machine.) Note
that a few of the compiler-rt Sanitizer based tests (6 of
more than 48000 tests run) are known to fail.
Now, as the root
user:
ninja install
If you have built the the llvm documentation, install it by
running the following commands as the root
user:
install -v -m644 docs/man/* /usr/share/man/man1 && install -v -d -m755 /usr/share/doc/llvm-11.1.0/llvm-html && cp -Rv docs/html/* /usr/share/doc/llvm-11.1.0/llvm-html
If you have built the clang documentation, it can be
installed in the same way (again as the root
user):
install -v -m644 tools/clang/docs/man/* /usr/share/man/man1 && install -v -d -m755 /usr/share/doc/llvm-11.1.0/clang-html && cp -Rv tools/clang/docs/html/* /usr/share/doc/llvm-11.1.0/clang-html
-DLLVM_ENABLE_FFI=ON
:
This switch enables LLVM to
use libffi.
-DLLVM_BUILD_LLVM_DYLIB=ON
:
builds libraries as static and links all of them into an
unique shared one. This is the recommended way of building a
shared library.
-DCMAKE_BUILD_TYPE=Release
:
This switch enables compiler optimizations in order to speed
up the code and reduce its size. It also disables some
compile checks which are not necessary on a production
system.
-DLLVM_TARGETS_TO_BUILD="host;AMDGPU;BPF"
:
This switch enables building for the same target as the host,
and also for the r600 AMD GPU used by the Mesa r600 and
radeonsi drivers. The BPF target is required to build
v4l-utils-1.20.0. Default is all. You
can use a semicolon separated list. Valid targets are: host,
X86, Sparc, PowerPC, ARM, AArch64, Mips, Hexagon, Xcore,
MSP430, NVPTX, SystemZ, AMDGPU, BPF, CppBackend, or all.
-DLLVM_LINK_LLVM_DYLIB=ON
: Used
in conjunction with -DLLVM_BUILD_LLVM_DYLIB=ON
,
this switch enables linking the tools against the shared
library instead of the static ones. It also slightly reduces
their size and also ensures that llvm-config will correctly
use libLLVM-11.1.so.
-DLLVM_ENABLE_RTTI=ON
: Used to
build LLVM with run-time type information. This is required
for building Mesa-20.3.4.
-DLLVM_BINUTILS_INCDIR=/usr/include
:
Used to tell the building system the location of binutils
headers, installed in LFS. This allows the building of
LLVMgold.so
, which is needed
for building programs with clang and Link Time
Optimization (LTO).
-DBUILD_SHARED_LIBS=ON
: if used
instead of -DLLVM_BUILD_LLVM_DYLIB=ON
and
-DLLVM_LINK_LLVM_DYLIB=ON
,
builds all the LLVM
libraries (about 60) as shared libraries instead of static.
-DLLVM_ENABLE_DOXYGEN
: Enables
the generation of browsable HTML documentation if you have
installed Doxygen-1.9.1. You should run
make
doxygen-html afterwards, and install the
generated documentation manually.
is the automatic test case reduction tool |
|
is used to test the libclang API and demonstrate its usage |
|
is the Clang C, C++, and Objective-C compiler |
|
is a tool to perform static code analysis and display Abstract Syntax Trees (AST) |
|
is a tool to collect the USR name and location of external definitions in a source file |
|
is a tool to format C/C++/Java/JavaScript/Objective-C/Protobuf code |
|
is a tool to bundle/unbundle OpenMP offloaded files associated with a common source file |
|
is a tool to create wrapper bitcode for offload target binaries |
|
is a Clang-based refactoring tool for C, C++ and Objective-C |
|
is a tool to rename symbols in C/C++ programs |
|
is a tool to scan for dependencies in a source file |
|
is a combination of tools for dealing with diagnostics in clang |
|
is a tool used to manipulate archived DWARF debug symbol files, compatible with the Darwin command dsymutil |
|
runs clang-format on git generated patches (requires git-2.30.1) |
|
is a Python tool to dump and construct header maps |
|
is the LLVM static compiler |
|
is used to directly execute programs from LLVM bitcode |
|
is a tool used to convert addresses into file names and line numbers |
|
is the LLVM archiver |
|
is the LLVM assembler |
|
is the LLVM bitcode analyzer |
|
is a tool to concatenate llvm modules |
|
identifies whether Control Flow Integrity protects all indirect control flow instructions in the provided object file, DSO, or binary |
|
Prints LLVM compilation options |
|
is used to emit coverage information |
|
is a bytecode disassembler |
|
is a tool to convert Microsoft resource files to COFF |
|
is used as a C++ ABI Data Dumper |
|
is used to demangle C++ symbols in llvm code |
|
is used to remap C++ mangled symbols |
|
is the LLVM structural 'diff' |
|
is the LLVM disassembler |
|
prints the content of DWARF sections in object files |
|
merges split DWARF files |
|
is used to read information about an ELF binary's ABI |
|
is a benchmarking tool that uses information available in LLVM to measure host machine instruction characteristics like latency or port decomposition |
|
is used to extract a function from an LLVM module |
|
is used to process GSYM Symbolication Format files which convert memory addresses to function name and source file line. These files are smaller than DWARF or Breakpad files |
|
is used to merge interface stubs with object files |
|
is used to rewrite load commands into MachO binary format |
|
is used to parse relocatable object files to make their contents executable in a target process |
|
is the LLVM linker |
|
is used to create universal binaries from MachO files |
|
is the LLVM LTO (link time optimization) linker |
|
is a test harness for the resolution based LTO interface |
|
is a standalone machine code assembler/disassembler |
|
is a performance analysis tool to statically measure the performance of machine code |
|
is a playground for machine code provided by LLVM |
|
is a tool to extract one module from multimodule bitcode files |
|
is a tool to generate signed files and catalogs from a side-by-side assembly manifest (used for Microsoft SDK) |
|
is used to list LLVM bitcode and object file's symbol table |
|
is LLVM's version of an objcopy tool |
|
is an LLVM object file dumper |
|
is a tool to generate an optimization report from YAML optimization record files |
|
is a PDB (Program Database) dumper. PDB is a Microsoft format |
|
is a small tool to manipulate and print profile data files |
|
is used to generate an index for a LLVM archive |
|
is a platform-independent tool to compile resource scripts into binary resource files |
|
displays low-level format-specific information about object files |
|
is used to automatically reduce testcases when running a test suite |
|
is the LLVM MC-JIT tool |
|
is the LLVM object size dumper |
|
is the LLVM module splitter |
|
is used to generate random |
|
print strings found in a binary (object file, executable, or archive library) |
|
converts adresses into source code locations |
|
is the LLVM Target Description To C++ Code Generator |
|
is a tool to demangle names |
|
is an implementation of Google's XRay function call tracing system |
|
takes an object file, and produces a YAML representation of the file |
|
is the LLVM optimizer |
|
is the sanitizer coverage processing tool |
|
is the sanitizer statistics processing tool |
|
is a Perl script that invokes the Clang static analyzer |
|
is a viewer for Clang static analyzer results |
|
is the LLVM tool to verify use-list order |
|
takes a YAML representation of an object file and converts it to a binary file |
Last updated on 2021-02-20 14:27:06 -0800
Lua is a powerful light-weight programming language designed for extending applications. It is also frequently used as a general-purpose, stand-alone language. Lua is implemented as a small library of C functions, written in ANSI C, and compiles unmodified in all known platforms. The implementation goals are simplicity, efficiency, portability, and low embedding cost. The result is a fast language engine with small footprint, making it ideal in embedded systems too.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.lua.org/ftp/lua-5.4.2.tar.gz
Download MD5 sum: 49c92d6a49faba342c35c52e1ac3f81e
Download size: 345 KB
Estimated disk space required: 5.6 MB (with Basic tests)
Estimated build time: less than 0.1 SBU (with Basic tests)
Required patch: http://www.linuxfromscratch.org/patches/blfs/10.1/lua-5.4.2-shared_library-1.patch
Optional Test Suite Download (HTTP): http://www.lua.org/tests/lua-5.4.2-tests.tar.gz
Optional Test Suite Download MD5 sum: 4ca9e1ad9b8f42f76ac0440bf548201d
Optional Test Suite Download size: 126 KB
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lua
Some packages check for the pkg-config file for Lua, which is created with:
cat > lua.pc << "EOF"
V=5.4
R=5.4.2
prefix=/usr
INSTALL_BIN=${prefix}/bin
INSTALL_INC=${prefix}/include
INSTALL_LIB=${prefix}/lib
INSTALL_MAN=${prefix}/share/man/man1
INSTALL_LMOD=${prefix}/share/lua/${V}
INSTALL_CMOD=${prefix}/lib/lua/${V}
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include
Name: Lua
Description: An Extensible Extension Language
Version: ${R}
Requires:
Libs: -L${libdir} -llua -lm -ldl
Cflags: -I${includedir}
EOF
Install Lua by running the following commands:
patch -Np1 -i ../lua-5.4.2-shared_library-1.patch && make linux
To test the results, issue: make test. “This will run the interpreter and print its version”. More comprehensive tests can be performed if you downloaded the "Test suite" tarball. Those tests need to be executed after the package is installed, thus we defer to the description below.
Now, as the root
user:
make INSTALL_TOP=/usr \ INSTALL_DATA="cp -d" \ INSTALL_MAN=/usr/share/man/man1 \ TO_LIB="liblua.so liblua.so.5.4 liblua.so.5.4.2" \ install && mkdir -pv /usr/share/doc/lua-5.4.2 && cp -v doc/*.{html,css,gif,png} /usr/share/doc/lua-5.4.2 && install -v -m644 -D lua.pc /usr/lib/pkgconfig/lua.pc
Here we describe only the "Basic tests". Untar the tarball
and change to the lua-5.4.2-tests
directory, then issue
lua -e "_U=true"
all.lua. If the tests finish without error,
you will see a message containing the string "final OK".
Last updated on 2021-02-20 14:53:06 -0800
Lua is a powerful light-weight programming language designed for extending applications. It is also frequently used as a general-purpose, stand-alone language. Lua is implemented as a small library of C functions, written in ANSI C, and compiles unmodified in all known platforms. The implementation goals are simplicity, efficiency, portability, and low embedding cost. The result is a fast language engine with small footprint, making it ideal in embedded systems too.
This is an older verion of Lua needed only for compatibility with other programs such as Wireshark-3.4.3.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.lua.org/ftp/lua-5.2.4.tar.gz
Download MD5 sum: 913fdb32207046b273fdb17aad70be13
Download size: 248 KB
Estimated disk space required: 3.6 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lua
Some packages check for the pkg-config file for Lua, which is created with:
cat > lua.pc << "EOF"
V=5.2
R=5.2.4
prefix=/usr
INSTALL_BIN=${prefix}/bin
INSTALL_INC=${prefix}/include/lua5.2
INSTALL_LIB=${prefix}/lib
INSTALL_MAN=${prefix}/share/man/man1
INSTALL_LMOD=${prefix}/share/lua/${V}
INSTALL_CMOD=${prefix}/lib/lua/${V}
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include/lua5.2
Name: Lua
Description: An Extensible Extension Language
Version: ${R}
Requires:
Libs: -L${libdir} -llua -lm -ldl
Cflags: -I${includedir}
EOF
Install Lua by running the following commands:
patch -Np1 -i ../lua-5.2.4-shared_library-1.patch && sed -i '/#define LUA_ROOT/s:/usr/local/:/usr/:' src/luaconf.h && sed -r -e '/^LUA_(SO|A|T)=/ s/lua/lua5.2/' \ -e '/^LUAC_T=/ s/luac/luac5.2/' \ -i src/Makefile && make MYCFLAGS="-fPIC" linux
The installation of this package is complex, so we will use the DESTDIR method of installation:
make TO_BIN='lua5.2 luac5.2' \ TO_LIB="liblua5.2.so liblua5.2.so.5.2 liblua5.2.so.5.2.4" \ INSTALL_DATA="cp -d" \ INSTALL_TOP=$PWD/install/usr \ INSTALL_INC=$PWD/install/usr/include/lua5.2 \ INSTALL_MAN=$PWD/install/usr/share/man/man1 \ install && install -Dm644 lua.pc install/usr/lib/pkgconfig/lua52.pc && mkdir -pv install/usr/share/doc/lua-5.2.4 && cp -v doc/*.{html,css,gif,png} install/usr/share/doc/lua-5.2.4 && ln -s liblua5.2.so install/usr/lib/liblua.so.5.2 && ln -s liblua5.2.so install/usr/lib/liblua.so.5.2.4 && mv install/usr/share/man/man1/{lua.1,lua5.2.1} && mv install/usr/share/man/man1/{luac.1,luac5.2.1}
Now, as the root
user:
chown -R root:root install && cp -a install/* /
sed -i ... src/luaconf.h: This command changes the Lua search path to match the install path.
sed -i ... src/Makefile: This command deconflicts this installation with the latest version of lua.
Last updated on 2021-02-20 14:53:06 -0800
Mercurial is a distributed source control management tool similar to Git and Bazaar. Mercurial is written in Python and is used by projects such as Mozilla and Vim.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.mercurial-scm.org/release/mercurial-5.7.tar.gz
Download MD5 sum: d9042ec8778cda1ef14d64fadf8bc0cf
Download size: 7.5 MB
Estimated disk space required: 112 MB (with docs, add 1.4 GB for tests)
Estimated build time: 0.3 SBU (with docs, add 19 SBU for tests using -j4)
docutils-0.16 (required to build the documentation), git-2.30.1, GnuPG-2.2.27 (gpg2 with Python bindings), OpenSSH-8.4p1 (runtime, to access ssh://... repositories), Pygments-2.8.0, rustc-1.47.0, Subversion-1.14.1 (with Python bindings), Bazaar, CVS, pyflakes, and pyOpenSSL
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/mercurial
First, force the build system to use Python 3:
export PYTHON=python3
Build Mercurial by issuing the following command:
make build
To build the documentation (requires docutils-0.16), issue:
make doc
To run the test suite, issue:
TESTFLAGS="-j<N>
--tmpdir tmp --blacklist blacklists/fsmonitor --blacklist blacklists/linux-vfat" make check
where <N>
is
an integer between one and the number of ( processor X
threads ), inclusive. In order to investigate any apparently
failing tests, you may use the run-tests.py script. To see
the almost forty switches, some of them very useful, issue
tests/run-tests.py
--help. Running the following commands, you
will execute only the tests that failed before:
pushd tests && rm -rf tmp && ./run-tests.py --tmpdir tmp test-gpg.t popd
Normally, the previous failures will be confirmed. However,
if you add the switch --debug
before --tmpdir
, and run again,
some failures are gone, which seems to be a problem with the
test suite. If this happens, normally, from now on, there
will be no more such failures whether you use the debug
switch or not.
An interesting switch is --time
,
which will generate at the end of the test suite execution, a
table with all executed tests and respective start, end,
user, system and real times. Note that the switches may be
used with make
check by including them in the TESTFLAGS
environment variable.
Install Mercurial by running
the following command (as root
):
make PREFIX=/usr install-bin
If you built the documentation, install it by running the
following command (as root
):
make PREFIX=/usr install-doc
Next, clean up the environment variable set earlier:
unset PYTHON
After installation, two very quick and simple tests should run correctly. The first one needs some configuration:
cat >> ~/.hgrc << "EOF"
[ui]
username = <user_name> <user@mail>
EOF
where you must replace <user_name> and <your@mail> (mail is optional and can be omitted). With the user identity defined, run hg debuginstall and several lines will be displayed, the last one reading "no problems detected". Another quick and simple test is just hg, which should output basic commands that can be used with hg.
/etc/mercurial/hgrc
and
~/.hgrc
The great majority of extensions are disabled by default. Run hg help extensions if you need to enable any, e.g. when investigating test failures. You will obtain the lists of enabled and disabled extensions, and more information, such as how to enable or disable them using configuration files.
If you have installed make-ca-1.7 and want Mercurial to use them, as the
root
user, issue:
install -v -d -m755 /etc/mercurial &&
cat > /etc/mercurial/hgrc << "EOF"
[web]
cacerts = /etc/pki/tls/certs/ca-bundle.crt
EOF
Last updated on 2021-02-20 14:53:06 -0800
NASM (Netwide Assembler) is an 80x86 assembler designed for portability and modularity. It includes a disassembler as well.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.nasm.us/pub/nasm/releasebuilds/2.15.05/nasm-2.15.05.tar.xz
Download MD5 sum: 1c9802446d7341c41c21eb98c7859064
Download size: 976 KB
Estimated disk space required: 40 MB
Estimated build time: 0.2 SBU
Optional documentation: http://www.nasm.us/pub/nasm/releasebuilds/2.15.05/nasm-2.15.05-xdoc.tar.xz
asciidoc-9.1.0 and xmlto-0.0.28
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nasm
If you downloaded the optional documentation, put it into the source tree:
tar -xf ../nasm-2.15.05-xdoc.tar.xz --strip-components=1
Install NASM by running the following commands:
./configure --prefix=/usr && make
This package does not come with a test suite.
Now, as the root
user:
make install
If you downloaded the optional documentation, install it with
the following instructions as the root
user:
install -m755 -d /usr/share/doc/nasm-2.15.05/html && cp -v doc/html/*.html /usr/share/doc/nasm-2.15.05/html && cp -v doc/*.{txt,ps,pdf} /usr/share/doc/nasm-2.15.05
Last updated on 2021-02-20 14:53:06 -0800
The Perl module packages (also referred to as Distributions, because each can contain multiple modules) add useful objects to the Perl language. The packages listed on this page are required or recommended for other packages in the book. If they have dependent modules, those are either on this page or else on the next page (Perl Module Dependencies).
In many cases, only the required or recommended dependencies
are listed - there might be other modules which allow more
tests to be run, but omitting them will still allow the tests
to PASS
.
For a few modules, the BLFS editors have determined that other modules still listed as prerequisites are not required, and omitted them.
Where an alphabetically-earlier dependency of the same module pulls in a dependency, it is not mentioned for the later dependencies of the same module. You should build the listed dependencies in order.
It is generally worth running the tests for perl modules, they often can show problems such as missing dependencies which are required to use the module. Here, the editors have attempted to separate those dependencies which are only required for running testsuites, but they will not be mentioned for a module where one of its dependencies uses that module for its own testsuite. That is to say, if you intend to run the testsuites, please run them for each dependency of the module.
It is possible to automatically install the current versions of a module and all missing or too-old dependencies recommended by upstream using CPAN. See CPAN automated install of perl modules at the end of this page.
Most of these modules only install files below /usr/lib/perl5/site_perl/5.xx.y
and those
will not be documented. One or two install programs (mostly,
perl scripts), or a library, into /usr/bin/
or /usr/lib/
and these are documented.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/perl-modules
The Archive::Zip module allows a Perl program to create, manipulate, read, and write Zip archive files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/P/PH/PHRED/Archive-Zip-1.68.tar.gz
Download MD5 sum: a33993309322164867c99e04a4000ee3
UnZip-6.0 (with its patch)
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
This module allows you disable autovivification (the automatic creation and population of new arrays and hashes whenever undefined variables are dereferenced), and optionally throw a warning or an error when it would have occurred.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/V/VP/VPIT/autovivification-0.18.tar.gz
Download MD5 sum: 8dec994e1e7d368e055f21a5777385a0
The Business::ISBN module is for work with International Standard Book Numbers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/B/BD/BDFOY/Business-ISBN-3.006.tar.gz
Download MD5 sum: 9b9ecd69bc6157332836dc870217ac67
The Business::ISMN module is for work with International Standard Music Numbers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/B/BD/BDFOY/Business-ISMN-1.202.tar.gz
Download MD5 sum: 7a32381ddbf1cf58f260c3bcb3016bc3
The Business::ISSN module is for work with International Standard Serial Numbers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/B/BD/BDFOY/Business-ISSN-1.004.tar.gz
Download MD5 sum: 4d638d72f22e2d3cc677eab6e07d15f2
Class::Accessor generates accessors/mutators for your class.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/K/KA/KASEI/Class-Accessor-0.51.tar.gz
Download MD5 sum: 1f1e5990f87cad7659b292fed7dc0407
The Data::Compare module compares two perl data structures.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/D/DC/DCANTRELL/Data-Compare-1.27.tar.gz
Download MD5 sum: 53e821a62222e151a5ccab3c8a8e416f
Data::Dump provides pretty printing of data structures.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/G/GA/GAAS/Data-Dump-1.23.tar.gz
Download MD5 sum: 762c111e525c82ff23d62c90821b26e9
Data::Uniqid provides three simple routines for generating unique IDs.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/M/MW/MWX/Data-Uniqid-0.12.tar.gz
Download MD5 sum: 6bab3b5da09fedfdf60ce2629a7367db
DateTime::Calendar::Julian implements the Julian Calendar.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/W/WY/WYANT/DateTime-Calendar-Julian-0.103.tar.gz
Download MD5 sum: 4ace691338db8ac24a45e3406a3fc014
DateTime::Format::Builder created DateTime parser classes and objects.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/D/DR/DROLSKY/DateTime-Format-Builder-0.83.tar.gz
Download MD5 sum: aa41917ca9ad69b3898728ce9c2fb477
Encode::EUCJPASCII provides an eucJP-open (Extended Unix Code, Japanese) mapping.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/N/NE/NEZUMI/Encode-EUCJPASCII-0.03.tar.gz
Download MD5 sum: 5daa65f55b7c2050bb0713d9e95f239d
The Encode::HanExtra module provides extra sets of Chinese Encodings which are not included in the core Encode module because of size issues.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/A/AU/AUDREYT/Encode-HanExtra-0.23.tar.gz
Download MD5 sum: e1d3bc32c1c8ee304235a06fbcd5d5a4
This module uses the 'unsafe' build and installation
instructions (In perl-5.26.0 the use of the current
directory in @INC
was removed
for security reasons and this module has not been updated)
:
PERL_USE_UNSAFE_INC=1 perl Makefile.PL && make && make test
Now, as the root
user:
make install
The Encode::JIS2K module provides JIS X 0212 (aka JIS 2000) Encodings.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/D/DA/DANKOGAI/Encode-JIS2K-0.03.tar.gz
Download MD5 sum: 60539471aa408a2b793cd45a6ce651db
File::Slurper is a simple, sane and efficient module to slurp a file.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/L/LE/LEONT/File-Slurper-0.012.tar.gz
Download MD5 sum: 5742c63096392dfee50b8db314bcca18
File::Which provides a portable implementation of the 'which' utility.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/P/PL/PLICEASE/File-Which-1.23.tar.gz
Download MD5 sum: c8f054534c3c098dd7a0dada60aaae34
The HTML::Parser distribution is a collection of modules that parse and extract information from HTML documents.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/C/CA/CAPOEIRAB/HTML-Parser-3.75.tar.gz
Download MD5 sum: 65bf65aa8b34b35443e094010f991406
HTTP-Message-6.27 (its module HTTP::Headers is a run-time requirement for HTML::HeadParser from this distribution).
Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::INET, so you can perform socket operations directly on it too.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/O/OA/OALDERS/HTTP-Daemon-6.12.tar.gz
Download MD5 sum: 63674e3f81760a29075853413eb157d8
IO::Socket::SSL makes using SSL/TLS much easier by wrapping the necessary functionality into the familiar IO::Socket interface and providing secure defaults whenever possible.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/S/SU/SULLR/IO-Socket-SSL-2.069.tar.gz
Download MD5 sum: 237cc3ecf6ea470225ee5e652b0c046c
make-ca-1.7 and Net-SSLeay-1.88
URI-5.07 (to access international domain names)
This module uses a variant of the standard build and installation instructions:
yes | perl Makefile.PL && make && make test
Now, as the root
user:
make install
IO::String - Emulate file interface for in-core strings.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/G/GA/GAAS/IO-String-1.08.tar.gz
Download MD5 sum: 250e5424f290299fc3d6b5d1e9da3835
IPC::Run3 is used to run a subprocess with input/ouput redirection.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/R/RJ/RJBS/IPC-Run3-0.048.tar.gz
Download MD5 sum: 5a8cec571c51a118b265cf6e24e55761
Lingua::Translit and its translit program transliterate text between writing systems.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/A/AL/ALINKE/Lingua-Translit-0.28.tar.gz
Download MD5 sum: 090cecd52ff9c1f9d4b370ba653b9da1
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
The List::Allutils module combines List::Util and List::MoreUtils in one bite-sized package.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/D/DR/DROLSKY/List-AllUtils-0.18.tar.gz
Download MD5 sum: 9b1513c67e887cbf7e724dd5de427048
List::MoreUtils provides the stuff missing in List::Util.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/R/RE/REHSACK/List-MoreUtils-0.430.tar.gz
Download MD5 sum: daccd6310021231b827dcc943ff1c6b7
Log::Log4perl provides a Log4j implementation for perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/E/ET/ETJ/Log-Log4perl-1.54.tar.gz
Download MD5 sum: 46c5a3a101921c25857f84585cd0b5c2
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
LWP::Protocol::https provides https support for LWP::UserAgent (i.e. libwww-perl-6.52). Once the module is installed LWP is able to access sites using HTTP over SSL/TLS.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/O/OA/OALDERS/LWP-Protocol-https-6.10.tar.gz
Download MD5 sum: cf64e4bc57a9266ac4343cdf0808c5c8
IO-Socket-SSL-2.069, libwww-perl-6.52 and make-ca-1.7 with
/etc/pki/tls/certs/ca-bundle.crt
.
First, apply a patch to use the system certificates (using the CPAN automated install will instead use Mozilla::CA which is usually not up to date and does not use local certificates).
patch -Np1 -i ../LWP-Protocol-https-6.10-system_certs-2.patch
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
Module::Build allows perl modules to be built without a make command being present.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/L/LE/LEONT/Module-Build-0.4231.tar.gz
Download MD5 sum: 066b193e461d7dfe1eca17a139353001
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
Note that this module can also be built using Build.PL
Net::DNS is a DNS resolver implemented in Perl. It can be used to perform nearly any type of DNS query from a Perl script.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/N/NL/NLNETLABS/Net-DNS-1.29.tar.gz
Download MD5 sum: 2c9120830a68f18deb43a95826ea6372
Parse::RecDescent incrementally generates top-down recursive-descent text parsers from simple yacc-like grammar specifications.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/J/JT/JTBRAUN/Parse-RecDescent-1.967015.tar.gz
Download MD5 sum: 7a36d45d62a9b68603edcdbd276006cc
Parse::Yapp is a Perl extension for generating and using LALR parsers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/W/WB/WBRASWELL/Parse-Yapp-1.21.tar.gz
Download MD5 sum: 69584d5b0f0304bb2a23cffcd982c5de
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
PerlIO::utf8_strict provides a fast and correct UTF-8 PerlIO layer. Unlike perl's default :utf8 layer it checks the input for correctness.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/L/LE/LEONT/PerlIO-utf8_strict-0.008.tar.gz
Download MD5 sum: 0e2a940e1759c4d322958ef6ebc2e52f
Regexp::Common provides commonly requested regular expressions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/A/AB/ABIGAIL/Regexp-Common-2017060201.tar.gz
Download MD5 sum: b1bb40759b84154990f36a160160fb94
The SGMLSpm module is a Perl library used for parsing the output from James Clark's SGMLS and NSGMLS parsers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/R/RA/RAAB/SGMLSpm-1.1.tar.gz
Download MD5 sum: 746c74ae969992cedb1a2879b4168090
Before beginning the build, issue the following command to prevent an error:
chmod -v 644 MYMETA.yml
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
After the package has been installed, run the following
command as the root
user:
ln -sv sgmlspl.pl /usr/bin/sgmlspl
is an SGML processor |
|
is a symbolic link used during the install of DocBook-utils-0.6.14 |
Sort::Key provides a set of functions to sort lists of values by some calculated key value.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/S/SA/SALVA/Sort-Key-1.33.tar.gz
Download MD5 sum: a37ab0da0cfdc26e57b4c79e39f6d98f
Test::Command tests the exit status, STDOUT, or STDERR, of an external command.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/D/DA/DANBOO/Test-Command-0.11.tar.gz
Download MD5 sum: 9ab83c4695961dbe92cd86efe08f0634
Test::Differences tests strings and data structures and shows the differences if they do not match.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/D/DC/DCANTRELL/Test-Differences-0.67.tar.gz
Download MD5 sum: 4a18533f77d43d9feaa1b6ab3dc72735
Text::BibTeX provides an interface to read and parse BibTeX files.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/A/AM/AMBS/Text-BibTeX-0.88.tar.gz
Download MD5 sum: 361aad5cf400764e35d1ade3b609bb60
This module is built using Build.PL
:
perl Build.PL && ./Build && ./Build test
Now, as the root
user:
./Build install
performs lexical analysis on a BibTeX file |
|
parses a series of BibTeX files with command line options to control the string post-processing behaviour |
|
parses a BibTeX file, splitting 'author' and 'editor' fields into lists of names, and then dumps everything to stdout |
|
is a library for parsing and processing BibTeX data files |
Text::CSV is a comma-separated values manipulator, using XS (eXternal Subroutine - for subroutines written in C or C++) or pure perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/I/IS/ISHIGAKI/Text-CSV-2.00.tar.gz
Download MD5 sum: 435951d381e814b5ce51f570a6a1dc24
Text-CSV_XS-1.44 (required by biber-2.16)
Text::Roman allows conversion between Roman and Arabic algorisms (number systems, e.g. MCMXLV and 1945).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/S/SY/SYP/Text-Roman-3.5.tar.gz
Download MD5 sum: 1f6b09c0cc1f4425b565ff787a39fd83
Unicode::Collate provides a Unicode collation algorithm.
This is a core module. If you are using perl-5.28.0 or later, its version is good enough for biber-2.16 and you do not need to reinstall this module.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/S/SA/SADAHIRO/Unicode-Collate-1.29.tar.gz
Download MD5 sum: 1576931d68a8533c931b80c4c2e37fe9
Unicode::LineBreak provides a UAX #14 Unicode Line Breaking Algorithm.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/N/NE/NEZUMI/Unicode-LineBreak-2019.001.tar.gz
Download MD5 sum: 003d6da7a13700e069afed9238c864b9
MIME-Charset-1.012.2, also Wget-1.21.1 (to download two files from unicode.org in the testsuite)
libthai (to break Thai words into segments)
This module implements the URI class. Objects of this class represent "Uniform Resource Identifier references" as specified in RFC 2396 (and updated by RFC 2732). A Uniform Resource Identifier is a compact string of characters that identifies an abstract or physical resource. A Uniform Resource Identifier can be further classified as either a Uniform Resource Locator (URL) or a Uniform Resource Name (URN). The distinction between URL and URN does not matter to the URI class interface. A "URI-reference" is a URI that may have additional information attached in the form of a fragment identifier.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/O/OA/OALDERS/URI-5.07.tar.gz
Download MD5 sum: 2109530e0fa538c02d43fc37705f6fce
The XML::LibXML::Simple module is a rewrite of XML::Simple to use the XML::LibXML parser for XML structures,instead of the plain Perl or SAX parsers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/M/MA/MARKOV/XML-LibXML-Simple-1.01.tar.gz
Download MD5 sum: faad5ed26cd83998f6514be199c56c38
XML-LibXSLT provides an interface to libxslt-1.1.34
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/S/SH/SHLOMIF/XML-LibXSLT-1.99.tar.gz
Download MD5 sum: 1a2b2295c4e0088015cf5ea947da5579
XML::Simple provides an easy API to read and write XML (especially config files). It is deprecated and its use is discouraged.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/G/GR/GRANTM/XML-Simple-2.25.tar.gz
Download MD5 sum: bb841dce889a26c89a1c2739970e9fbc
XML-SAX-1.02 (for an alternative parser which will be used if available, otherwise XML::Parser which was installed in LFS will be used),
XML::Writer provides a Perl extension for writing XML documents.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.cpan.org/authors/id/J/JO/JOSEPHW/XML-Writer-0.900.tar.gz
Download MD5 sum: 2457214360cefda445742a608dd6195e
There is an alternate way of installing the modules using the cpan shell install command. The command automatically downloads the latest source from the CPAN archive for the module and any missing prerequisite modules listed by upstream. Then for each module it extracts it, runs the compilation, the tests and installs it.
You still need to install any non-perl dependencies before
running the automated installation method. You may wish to
clean out the build/
directory after installing, to free up the space. If any
post-install actions such as creating a symlink are
mentioned, you should also do those.
The first time you run cpan, you'll be prompted
to enter some information regarding download locations and
methods. This information is retained in files located in
~/.cpan
.
In particular, you may wish to configure it so that Sudo-1.9.5p2 is used for the installs, allowing you to build and test as a regular user. The following examples have not used that approach.
Start the cpan shell by issuing
'cpan' as the
root
user. Any module may
now be installed from the cpan>
prompt with the
command:
install <Module::Name>
For additional commands and help, issue 'help' from the
cpan>
prompt.
Alternatively, for scripted or non-interactive
installations, use the following syntax as the root
user to install one or more
modules:
cpan -i <Module1::Name> <Module2::Name>
Review the cpan.1
man page
for additional parameters you can pass to cpan on the command line.
Last updated on 2019-12-24 14:56:35 -0800
The modules on the previous page are referenced from other pages in BLFS, but these modules are only in the book as dependencies of those modules. If you use the CPAN install method, you do not need to read this page.
The BLFS editors pay much less attention to these modules,
and the versions will not be regularly reviewed. In all
cases, only the required or recommended dependencies are
listed - there might be other modules which allow more tests
to be run, but omitting them will still allow the tests to
PASS
.
The links on this page (to metacpan.org) should go to "known good" versions, for which their dependencies are correct. If you wish to use a later version, please check the Changes file at https://metacpan.org - sometimes added dependencies are listed, other times not. Some of these modules have very frequent updates, often bringing different dependencies. The linked metacpan.org versions below are known to build and work with the module versions in BLFS-10.0..
However, if you notice that the Changes file for a newer version than is in the current development book reports a fix for a security issue, please report this to either the blfs-dev or the blfs-support list.
Similarly, if you discover that an updated module on the previous page needs an extra dependency, please report this.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/perl-modules
Algorithm::Diff computes 'intelligent' differences between two files or lists.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RJ/RJBS//Algorithm-Diff-1.201.tar.gz
Download MD5 sum: 2eaae910f5220261ee2bbdfc4a8df2c2
Alien::Build provides tools for building external (non-CPAN) dependencies for CPAN.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PL/PLICEASE/Alien-Build-2.37.tar.gz
Download MD5 sum: e8ab24f0d583fed320768da8b0273f5b
Capture-Tiny-0.48, File-Which-1.23, FFI-CheckLib-0.27 and File-chdir-0.1010
Alien::Libxml2 is designed to allow modules to install the C libxml2 library on your system. In BLFS, it uses pkg-config to find how to link to the installed libxml2-2.9.10.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PL/PLICEASE/Alien-Libxml2-0.17.tar.gz
Download MD5 sum: 5fee0bd3a987a1e7f40ce50016c10c8a
Alien-Build-2.37, libxml2-2.9.10
B::COW provides additional helpers for the B core module to check Copy On Write.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/A/AT/ATOOMIC/B-COW-0.004.tar.gz
Download MD5 sum: a1ef8623a06ce9f6358674d7e604de1e
B::Hooks::EndOfScope allows you to execute code when perl finished compiling the surrounding scope.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/ET/ETHER/B-Hooks-EndOfScope-0.24.tar.gz
Download MD5 sum: 99a48be0694dfd12b40482c6a495e10f
Module-Implementation-0.09, Sub-Exporter-Progressive-0.001013 and Variable-Magic-0.62
Business-ISBN-Data is a data pack for Business::ISBN.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/B/BD/BDFOY/Business-ISBN-Data-20210112.001.tar.gz
Download MD5 sum: 80f5aafeda883770e94e30bbb106795f
The Capture::Tiny module captures STDOUT and STDERR from Perl, XS (eXternal Subroutine, i.e. written in C or C++) or external programs.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DA/DAGOLDEN/Capture-Tiny-0.48.tar.gz
Download MD5 sum: f5d24083ad270f8326dd659dd83eeb54
Class::Data::Inheritable is for creating accessor/mutators to class data. That is, if you want to store something about your class as a whole (instead of about a single object).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/T/TM/TMTM/Class-Data-Inheritable-0.08.tar.gz
Download MD5 sum: fc0fe65926eb8fb932743559feb54eb9
Class::Inspector allows you to get information about a loaded class.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PL/PLICEASE/Class-Inspector-1.36.tar.gz
Download MD5 sum: 084c3aeec023639d21ecbaf7d4460b21
A Singleton describes an object class that can have only one instance in any system, such as a print spooler. This module implements a Singelton class from which other classes can be derived.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/S/SH/SHAY/Class-Singleton-1.6.tar.gz
Download MD5 sum: d9c84a7b8d1c490c38e88ed1f9faae47
Class:Tiny offers a minimalist class construction kit.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DA/DAGOLDEN/Class-Tiny-1.008.tar.gz
Download MD5 sum: e3ccfae5f64d443e7e1110be964d7202
Clone recursively copies perl datatypes.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/A/AT/ATOOMIC/Clone-0.45.tar.gz
Download MD5 sum: b101333499b638658f89e29458cd83c0
The Config::AutoConf module implements some of the AutoConf macros (detecting a command, detecting a library, etc.) in pure perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RE/REHSACK/Config-AutoConf-0.319.tar.gz
Download MD5 sum: eeeab8cc93eef7dd2e2c343ecdf247b7
CPAN::Meta::Check verifies if requirements described in a CPAN::Meta object are present.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/L/LE/LEONT/CPAN-Meta-Check-0.014.tar.gz
Download MD5 sum: ccd4448a7b08e1e3ef6f475030b282c9
DateTime is a date and time object for perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/DateTime-1.54.tar.gz
Download MD5 sum: 5b90d9b26741da2627b8d002d8796f95
DateTime-Locale-1.31, DateTime-TimeZone-2.46
CPAN-Meta-Check-0.014, Test-Fatal-0.014 and Test-Warnings-0.030
DateTime::Format::Strptime implements most of strptime(3), i.e. it takes a string and a pattern and returns a DateTime object.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/DateTime-Format-Strptime-1.78.tar.gz
Download MD5 sum: 3e5a7377b20932d59b47c4a8b72a2325
DateTime::Locale provides localization support for DateTime-1.54.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/DateTime-Locale-1.31.tar.gz
Download MD5 sum: e580c7e2bfdb1b9867de6f3a0ab1a46b
Dist-CheckConflicts-0.11, File-ShareDir-1.116, namespace-autoclean-0.29 and Params-ValidationCompiler-0.30
CPAN-Meta-Check-0.014, IPC-System-Simple-1.30 and Test-File-ShareDir-1.001002
This class is the base class for all time zone objects. A time zone is represented internally as a set of observances, each of which describes the offset from GMT for a given time period.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/DateTime-TimeZone-2.46.tar.gz
Download MD5 sum: de1079b256b73b88121dfbc8d8d29507
Class-Singleton-1.6, Module-Runtime-0.016, and Params-ValidationCompiler-0.30, also
Both Test-Fatal-0.014 and Test-Requires-0.11, but only if a copy of DateTime-1.54 (for which this is a dependency) has already been installed
Devel::StackTrace provides an object representing a stacvk trace.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Devel-StackTrace-2.04.tar.gz
Download MD5 sum: a5b09f7be7f2b10b525a9740676906d8
Dist::CheckConflicts declares version conflicts for a distribution, to support post-install updates of dependant distributions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DO/DOY/Dist-CheckConflicts-0.11.tar.gz
Download MD5 sum: c8725a92b9169708b0f63036812070f2
Encode::Locale determines the locale encoding.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/G/GA/GAAS/Encode-Locale-1.05.tar.gz
Download MD5 sum: fcfdb8e4ee34bcf62aed429b4a23db27
Eval::Closure safely and cleanly creates closures via string eval.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DO/DOY/Eval-Closure-0.14.tar.gz
Download MD5 sum: ceeb1fc579ac9af981fa6b600538c285
Exception::Class allows you to declare real exception classes in Perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Exception-Class-1.44.tar.gz
Download MD5 sum: 6b5bb8e4ad2b1f6120fc1d33ae45e91b
Exporter::Tiny is an exporter with the features of Sub::Exporter but only core dependencies.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/T/TO/TOBYINK/Exporter-Tiny-1.002002.tar.gz
Download MD5 sum: 485897322a2514b4d6ca90b2daacb7cd
ExtUtils::LibBuilder is a tool to build C libraries.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/A/AM/AMBS/ExtUtils-LibBuilder-0.08.tar.gz
Download MD5 sum: 8ffe9e9a3c2f916f40dc4f6aed237d33
FFI::CheckLib checks whether a particular dynamic library is available for FFI (Foreign Function Interface) to use.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PL/PLICEASE/FFI-CheckLib-0.27.tar.gz
Download MD5 sum: b2e3fc6f762e458d348e98ace632d841
File::chdir provides a more sensible way to change directories.
Perl's chdir() has the unfortunate problem of being very, very, very global. If any part of your program calls chdir() or if any library you use calls chdir(), it changes the current working directory for the *whole* program. File::chdir gives you an alternative, $CWD and @CWD.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DA/DAGOLDEN/File-chdir-0.1010.tar.gz
Download MD5 sum: aacfafa4a8f13d45be67451e0f9b483e
This module copies and moves directories recursively (or single files), to an optional depth and attempts to preserve each file or directory's mode.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DM/DMUEY/File-Copy-Recursive-0.45.tar.gz
Download MD5 sum: e5eee1a3f8ae3aebbac063ea54870e54
Path-Tiny-0.114, Test-Deep-1.130, Test-Fatal-0.014, Test-File-1.443 and Test-Warnings-0.030
File::Find::Rule is a friendlier interface to File::Find. It allows you to build rules which specify the desired files and directories.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RC/RCLAMP/File-Find-Rule-0.34.tar.gz
Download MD5 sum: a7aa9ad4d8ee87b2a77b8e3722768712
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
File::Listing parses a directory listing.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PL/PLICEASE/File-Listing-6.14.tar.gz
Download MD5 sum: cf60a79563185391831613178a79b4cd
File::ShareDir allows you to access data files which have been installed by File::ShareDir::Install.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RE/REHSACK/File-ShareDir-1.116.tar.gz
Download MD5 sum: f2a0eee9f04c93753dd56437175e5bda
File::ShareDir::Install allows you to install read-only data files from a distribution.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/ET/ETHER/File-ShareDir-Install-0.13.tar.gz
Download MD5 sum: 5eabd44a5d7d84bf2e8e502491226287
HTML::Tagset provides several data tables useful in parsing HTML.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PE/PETDANCE/HTML-Tagset-3.20.tar.gz
Download MD5 sum: d2bfa18fe1904df7f683e96611e87437
HTTP::Cookies provides a class for objects that represent a "cookie jar" -- that is, a database of all the HTTP cookies that a given LWP::UserAgent (from libwww-perl-6.52) object knows about.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/O/OA/OALDERS/HTTP-Cookies-6.10.tar.gz
Download MD5 sum: b4d7804231b1dfd10999d42283e0cf06
HTTP::Date provides functions to deal with the date formats used by the HTTP protocol and also with some other date formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/O/OA/OALDERS/HTTP-Date-6.05.tar.gz
Download MD5 sum: 2ecbb3aedf6aef062605191813ca3027
TimeDate-2.33 (to allow it to recognize zones other than GMT and numeric)
HTTP::Message provides a base class for HTTP style message objects.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/O/OA/OALDERS/HTTP-Message-6.27.tar.gz
Download MD5 sum: 4b4038aef74f63c2b6baca189c6c6602
Encode-Locale-1.05, HTTP-Date-6.05, IO-HTML-1.004, LWP-MediaTypes-6.04 and URI-5.07
HTTP::Negotiate provides a complete implementation of the HTTP content negotiation algorithm.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/G/GA/GAAS/HTTP-Negotiate-6.01.tar.gz
Download MD5 sum: 1236195250e264d7436e7bb02031671b
Importer provides an alternative but compatible interface to modules that export symbols.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/EX/EXODIST/Importer-0.026.tar.gz
Download MD5 sum: 3f09930b82cadfe26d0ce2fb1338aa1b
IO::HTML opens an HTML file with automatic character set detection.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/C/CJ/CJM/IO-HTML-1.004.tar.gz
Download MD5 sum: 04bbe363686fd19bfb4cc0ed775e3d03
IPC::System::Simple takes the hard work out of calling external commands and producing detailed diagnostics.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/J/JK/JKEENAN/IPC-System-Simple-1.30.tar.gz
Download MD5 sum: e68341fd958fd013b3521d909904f675
The libwww-perl collection is a set of Perl modules which provides a simple and consistent application programming interface (API) to the World-Wide Web. The main focus of the library is to provide classes and functions that allow you to write WWW clients. The library also contains modules that are of more general use and even classes that help you implement simple HTTP servers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/O/OA/OALDERS/libwww-perl-6.52.tar.gz
Download MD5 sum: 7b5959aff7b11509bd87fa1de753f127
File-Listing-6.14, HTTP-Cookies-6.10, HTTP-Daemon-6.12, HTTP-Negotiate-6.01, HTML-Parser-3.75, Net-HTTP-6.20, Try-Tiny-0.30 and WWW-RobotRules-6.02
Test-Fatal-0.014, Test-Needs-0.002006 and Test-RequiresInternet-0.05
This module uses the standard build and installation instructions:
perl Makefile.PL && make && make test
Now, as the root
user:
make install
After installing this package, if you want HTTPS protocol support install LWP-Protocol-https-6.10.
List::MoreUtils::XS is a compiled backend for List::MoreUtils
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RE/REHSACK/List-MoreUtils-XS-0.430.tar.gz
Download MD5 sum: e77113e55b046906aecfb4ddb4f0c662
List::SomeUtils provides the stuff misisng in List::Util.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/List-SomeUtils-0.58.tar.gz
Download MD5 sum: d35e2233abcd8712792e6a3548f41181
List::SomeUtils::XS is a (faster) XS (eXternal Subroutine) implementation for List::SomeUtils.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/List-SomeUtils-XS-0.58.tar.gz
Download MD5 sum: 396eabe83a75fcb8d7542d95812469d1
List::UtilsBy provides a number of higher-order list utility functions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PE/PEVANS/List-UtilsBy-0.11.tar.gz
Download MD5 sum: 14469e1029060490bc3a563f0e59e5f1
LWP::MediaTypes guesses the media type (i.e. the MIME Type) for a file or URL.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/O/OA/OALDERS/LWP-MediaTypes-6.04.tar.gz
Download MD5 sum: 84b799a90c0d2ce52897a7cb4c0478d0
MIME::Charset provides information about character sets used for MIME messages o nthe internet, such as their encodings.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/N/NE/NEZUMI/MIME-Charset-1.012.2.tar.gz
Download MD5 sum: 71440416376248c31aa3bef753fae28d
Encode-EUCJPASCII-0.03, Encode-HanExtra-0.23 and Encode-JIS2K-0.03 (because all are required by biber-2.16)
This module uses a variant of the standard build and installation instructions:
yes '' | perl Makefile.PL && make && make test
Now, as the root
user:
make install
Module::Implementation loads one of several alternate underlying implementations of a module (e.g. eXternal Subroutine or pure Perl, or an implementation for a given OS).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Module-Implementation-0.09.tar.gz
Download MD5 sum: 52e3fe0ca6b1eff0488d59b7aacc0667
Module-Runtime-0.016, Try-Tiny-0.30
Module::Pluggable provides a way of having 'plugins' for your module.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/S/SI/SIMONW/Module-Pluggable-5.2.tar.gz
Download MD5 sum: 87ce2971662efd0b69a81bb4dc9ea76c
Module::Runtime provides functions to deal with runtime handling of Perl modules.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/Z/ZE/ZEFRAM/Module-Runtime-0.016.tar.gz
Download MD5 sum: d3d47222fa2e3dfcb4526f6cc8437b20
The "mro" namespace provides several utilities for dealing with method resolution order and method caching in general in Perl 5.9.5 and higher. This module provides those interfaces for earlier versions of Perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/H/HA/HAARG/MRO-Compat-0.13.tar.gz
Download MD5 sum: d2e603e8ae9dc6934162d190eb085385
This module is very similar to namespace::clean, except it will clean all imported functions, no matter if you imported them before or after you used the pragma. It will also not touch anything that looks like a method.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/ET/ETHER/namespace-autoclean-0.29.tar.gz
Download MD5 sum: 39b38c776cd1f0ee03cc70781a2f2798
namespace-clean-0.27, Sub-Identify-0.14
This package allows you to keep imports and functions out of your namespace.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RI/RIBASUSHI/namespace-clean-0.27.tar.gz
Download MD5 sum: cba97f39ef7e594bd8489b4fdcddb662
The Net::HTTP class is a low level HTTP client. An instance of the class represents a connection to an HTTP server.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/O/OA/OALDERS/Net-HTTP-6.20.tar.gz
Download MD5 sum: 00f825fb848d50202aeec074c3608453
Net::SSLeay is a PERL extension for using OpenSSL.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/C/CH/CHRISN/Net-SSLeay-1.88.tar.gz
Download MD5 sum: fcef4985f5f7e0381e3dddd0ee7878d1
If enabling the external tests, one test in t/external/15_altnames.t may fail.
This module uses a variant of the standard build and installation instructions:
yes '' | perl Makefile.PL && make && make test
Now, as the root
user:
make install
Number::Compare compiles a simple comparison to an anonymous subroutine, which you can call with a value to be tested against. It understands IEC standard magnitudes (k, ki, m, mi, g, gi).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RC/RCLAMP/Number-Compare-0.03.tar.gz
Download MD5 sum: ded4085a8fc96328742785574ca65208
Manipulating stashes (Perl's symbol tables) is occasionally necessary, but incredibly messy, and easy to get wrong. This module hides all of that behind a simple API.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/ET/ETHER/Package-Stash-0.39.tar.gz
Download MD5 sum: 287d80c9115c9230912aca684f8ca92e
Dist-CheckConflicts-0.11, Module-Implementation-0.09
CPAN-Meta-Check-0.014, Test-Fatal-0.014, Test-Needs-0.002006
Params::Validate allows you to validate method or function call parameters to an arbitrary level of specificity.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Params-Validate-1.30.tar.gz
Download MD5 sum: 2f1f7f3a1845974d9fc44d16cac1a0fb
Module-Build-0.4231, Module-Implementation-0.09
Params::ValidationCompiler builds an optimized subroutine parameter validator.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Params-ValidationCompiler-0.30.tar.gz
Download MD5 sum: f7746a98cab3d7a246372379d4658a4e
Exception-Class-1.44, Specio-0.46
Path::Tiny provides a small fast utility for working with file paths.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DA/DAGOLDEN/Path-Tiny-0.114.tar.gz
Download MD5 sum: dd6092293f8766fb87d003dceebe4263
Role::Tiny is a minimalist role composition tool.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/H/HA/HAARG/Role-Tiny-2.001004.tar.gz
Download MD5 sum: 98446826608b1e943e65c1f6e35942fe
Scope::Guard provides a convenient way to perform cleanup or other forms of resource management at the end of a scope.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/C/CH/CHOCOLATE/Scope-Guard-0.21.tar.gz
Download MD5 sum: be57b915d23ddac7677ef2ad9e52b92a
Specio provides classes for representing type constraints and coercion, along with syntax sugar for declaring them.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Specio-0.46.tar.gz
Download MD5 sum: aca3a183b46b93a8ce02009a2ccd868b
Devel-StackTrace-2.04, Eval-Closure-0.14, Module-Runtime-0.016, Role-Tiny-2.001004, Sub-Quote-2.006006 and Try-Tiny-0.30
MRO-Compat-0.13, Test-Fatal-0.014 and Test-Needs-0.002006
namespace-autoclean-0.29 (for the testsuite)
Sub::Exporter::Progressive is a wrapper for Sub::Exporter.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/F/FR/FREW/Sub-Exporter-Progressive-0.001013.tar.gz
Download MD5 sum: 72cf6acdd2a0a8b105821a4db98e4ebe
Sub::Identify allows you to retrieve the real name of code references. It is encouraged to migrate to Sub::Util (a core module) when possible.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RG/RGARCIA/Sub-Identify-0.14.tar.gz
Download MD5 sum: 014f19e72698b6a2cbcb54adc9691825
Sub::Info is a tool for inspecting subroutines.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/EX/EXODIST/Sub-Info-0.002.tar.gz
Download MD5 sum: 335345b534fc0539c894050f7814cbda
Sub::Quote provides ways to generate subroutines from strings.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/H/HA/HAARG/Sub-Quote-2.006006.tar.gz
Download MD5 sum: 1bb9caee697bcfa738f419d40505e506
Sub::Uplevel allows you to fool a caller that it is running in a higher stack frame.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DA/DAGOLDEN/Sub-Uplevel-0.2800.tar.gz
Download MD5 sum: 6c6a174861fd160e8d5871a86df00baf
SUPER provides easier methods to dispatch control to the superclass (when subclassing a class).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/C/CH/CHROMATIC/SUPER-1.20190531.tar.gz
Download MD5 sum: defb371225f8ef1581d8c8fcc6077b46
Term::Table formats a header and rows into a table. This is used by some failing tests to provide diagnostics about what has goen wrong.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/EX/EXODIST/Term-Table-0.015.tar.gz
Download MD5 sum: f23274aec9bc43fe46135d37ae1b5927
Test::Deep gives you very flexible ways to check that the result you got is the result you were expecting.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RJ/RJBS/Test-Deep-1.130.tar.gz
Download MD5 sum: d466e471108f7f7a5df3802cb13761ac
Test::Exception provides convenience methods for testing exception based code.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/EX/EXODIST/Test-Exception-0.43.tar.gz
Download MD5 sum: 572d355026fb0b87fc2b8c64b83cada0
The Test::Fatal module provides simple helpers for testing code which throws exceptions.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RJ/RJBS/Test-Fatal-0.014.tar.gz
Download MD5 sum: 7954f6d2e3607be10c0fbd69063a3d1b
Test::File provides a collection of test utilities for file attributes.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/B/BD/BDFOY/Test-File-1.443.tar.gz
Download MD5 sum: ec8c6f6e940b454e110aaaa663fc761c
Test::File::ShareDir is some low level plumbing to enable a distribution to perform tests while consuming its own share directories in a manner similar to how they will be once installed. This allows File-ShareDir-1.116 to see the latest version of content instead of whatever is installed on the target system where you are testing.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/K/KE/KENTNL/Test-File-ShareDir-1.001002.tar.gz
Download MD5 sum: ec31466aa44c1cd56c6cb51d7ec3a5de
Class-Tiny-1.008, File-Copy-Recursive-0.45, File-ShareDir-1.116, Path-Tiny-0.114 and Scope-Guard-0.21
Test::LeakTrace traces memory leaks.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/L/LE/LEEJO/Test-LeakTrace-0.16.tar.gz
Download MD5 sum: d58f3e0fed32df8255787a77d7d87641
Test::MockModule lets you temporarily redefine subroutines in other packages for the purposes of unit testing.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/G/GF/GFRANKS/Test-MockModule-v0.173.0.tar.gz
Download MD5 sum: efaa3e27d256d9811b81f5286b9ea459
Module-Build-0.4231, SUPER-1.20190531
Test::Needs skips tests if a requested module is not present.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/H/HA/HAARG/Test-Needs-0.002006.tar.gz
Download MD5 sum: d5c96d51d8d5510f7c0b7f354c49af1c
The Test::Requires module checks if another (optional) module can be loaded, and if not it skips all the current tests.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/T/TO/TOKUHIROM/Test-Requires-0.11.tar.gz
Download MD5 sum: 999d6c4e46ea7baae7a5113292e02ed8
Test::RequiresInternet is intended to easily test network connectivity before functional tests begin to non-local Internet resources.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/M/MA/MALLEN/Test-RequiresInternet-0.05.tar.gz
Download MD5 sum: 0ba9f1cff4cf90ed2618c2eddfd525d8
Test::utf8 is a collection of tests useful for dealing with utf8 strings in Perl.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/M/MA/MARKF/Test-utf8-1.02.tar.gz
Download MD5 sum: 71d187539c76ac1ed9a0242ff208796d
Test::Warnings tests for warnings and the lack of them.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/ET/ETHER/Test-Warnings-0.030.tar.gz
Download MD5 sum: d30550a4898499daf351f9cf31602121
This module allows you to deliberately hide modules from a program even though they are installed. This is mostly useful for testing modules that have a fallback when a certain dependency module is not installed.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/C/CO/CORION/Test-Without-Module-0.20.tar.gz
Download MD5 sum: 34684186b66929bbcd12d3ac8ae03f9d
Test2::Plugin::NoWarnings causes tests to fail if there are any warnings while they run.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/D/DR/DROLSKY/Test2-Plugin-NoWarnings-0.09.tar.gz
Download MD5 sum: efcddec6cda66260ae14206e28f7feeb
Test2::Suite is a distribution with a rich set of tools built upon the Test2 framework.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/EX/EXODIST/Test2-Suite-0.000130.tar.gz
Download MD5 sum: 37d02b6ab79abbfe5a4821c56a755255
Module-Pluggable-5.2, Scope-Guard-0.21, Sub-Info-0.002 and Term-Table-0.015
Text::CSV_XS provides facilities for the composition and decomposition of comma-separated values.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/H/HM/HMBRAND/Text-CSV_XS-1.44.tgz
Download MD5 sum: 7ed1bfe174b8867bb0987625e9ed57bc
Text::Diff performs diffs on files and record sets.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/N/NE/NEILB/Text-Diff-1.45.tar.gz
Download MD5 sum: edf57b6189f7651a6be454062a4e6d9c
Text::Glob implements glob(3) style matching that can be used to match against text, rather than fetching names from a filesystem.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/R/RC/RCLAMP/Text-Glob-0.11.tar.gz
Download MD5 sum: d001559c504a2625dd117bd1558f07f7
You use Tie::Cycle to go through a list over and over again. Once you get to the end of the list, you go back to the beginning. You don't have to worry about any of this since the magic of tie does that for you.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/B/BD/BDFOY/Tie-Cycle-1.226.tar.gz
Download MD5 sum: 474cbce228dde2e5253d322e0729baa6
TimeDate provides miscellaneous timezone manipulation routines.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/A/AT/ATOOMIC/TimeDate-2.33.tar.gz
Download MD5 sum: 5e5afe22c8d417417283d1f7f4572a57
Try::Tiny provides try and catch to expect and handle exceptional conditions, avoiding quirks in Perl and common mistakes.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/E/ET/ETHER/Try-Tiny-0.30.tar.gz
Download MD5 sum: eb362c3cb32c42f9f28de9ddb7f2ead6
Magic is Perl's way of enhancing variables. With this module, you can add your own magic to any variable.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/V/VP/VPIT/Variable-Magic-0.62.tar.gz
Download MD5 sum: 588d94ec3d98dece878a776d161c1dda
WWW::RobotRules parses robots.txt
files, creating a
WWW::RobotRules object with methods to check if access to a
given URL is prohibited.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/G/GA/GAAS/WWW-RobotRules-6.02.tar.gz
Download MD5 sum: b7186e8b8b3701e70c22abf430742403
libwww-perl-6.52 (install this module first and install that later)
XML::LibXML is a perl binding for libxml2-2.9.10.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/S/SH/SHLOMIF/XML-LibXML-2.0205.tar.gz
Download MD5 sum: ae78cb614192c42fb8c4cdf5d735d181
XML::NamespaceSupport offers a simple way to process namespaced XML names from within any application that may need them.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/P/PE/PERIGRIN/XML-NamespaceSupport-1.12.tar.gz
Download MD5 sum: a8916c6d095bcf073e1108af02e78c97
XML::SAX is a SAX parser access API for Perl. It includes classes and APIs required for implementing SAX drivers, along with a factory class for returning any SAX parser installed on the user's system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/G/GR/GRANTM/XML-SAX-1.02.tar.gz
Download MD5 sum: b62e3754523695c7f5bbcafa3676a38d
libxml2-2.9.10, XML-NamespaceSupport-1.12 and XML-SAX-Base-1.09
This module uses a variant of the standard build and installation instructions:
yes | perl Makefile.PL && make && make test
Now, as the root
user:
make install
This module has a very simple task - to be a base class for PerlSAX drivers and filters.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://cpan.metacpan.org/authors/id/G/GR/GRANTM/XML-SAX-Base-1.09.tar.gz
Download MD5 sum: ec347a14065dd7aec7d9fb181b2d7946
Last updated on 2020-08-17 09:13:28 -0700
PHP is the PHP Hypertext Preprocessor. Primarily used in dynamic web sites, it allows for programming code to be directly embedded into the HTML markup. It is also useful as a general purpose scripting language.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.php.net/distributions/php-8.0.2.tar.xz
Download MD5 sum: 4fc1c90ee10b72d6a56447f8491a9857
Download size: 10 MB
Estimated disk space required: 675 MB (with tests, add 182 MB for documentation)
Estimated build time: 1.8 SBU (with parallelism=4; add 1.9 SBU for tests)
Optional pre-built documentation (single file html): https://www.php.net/distributions/manual/php_manual_en.html.gz
Optional pre-built documentation (chunked html): https://www.php.net/distributions/manual/php_manual_en.tar.gz. Note that the documentation can be found in languages other than English at http://www.php.net/download-docs.php
Apache-2.4.46 and libxml2-2.9.10
Aspell-0.60.8, enchant-2.2.15, libxslt-1.1.34, an MTA (that provides a sendmail command), PCRE-8.44, Pth-2.0.7, AppArmor, Dmalloc, Net-SNMP, oniguruma, OSSP mm, re2c, and XMLRPC-EPI
FreeType-2.10.4, libexif-0.6.22, libjpeg-turbo-2.0.6, libpng-1.6.37, LibTIFF-4.2.0, libwebp-1.2.0, X Window System, FDF Toolkit, GD, and t1lib
cURL-7.75.0, tidy-html5-5.6.0, Caudium, Hyperwave, mnoGoSearch, Roxen WebServer, and WDDX
Berkeley DB-5.3.28 (Note that PHP does not officially support versions above 5.3), libiodbc-3.52.12, lmdb-0.9.28, MariaDB-10.5.8 or MySQL, OpenLDAP-2.4.57, PostgreSQL-13.2, SQLite-3.34.1, unixODBC-2.3.9, Adabas, Birdstep, cdb, DBMaker, Empress, FrontBase, IBM DB2, Mini SQL, Monetra, and QDBM
PHP also provides support for many commercial database tools such as Oracle, SAP and ODBC Router.
Cyrus SASL-2.1.27, MIT Kerberos V5-1.19.1, libmcrypt, and mhash
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/php
You can use PHP for server-side scripting, command-line scripting or client-side GUI applications. This book provides instructions for setting up PHP for server-side scripting as it is the most common form.
PHP has many more configure options that will enable support for various things. You can use ./configure --help to see a full list of the available options. Also, use of the PHP web site is highly recommended, as their online docs are very good. An example of a configure command that utilizes many of the most common dependencies can be found at http://anduin.linuxfromscratch.org/BLFS/files/php_configure.txt.
If, for whatever reason, you don't have libxml2-2.9.10
installed, you need to add --disable-libxml
to the configure command in the
instructions below. Note that this will prevent the
pear command
from being built.
Install PHP by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --datadir=/usr/share/php \ --mandir=/usr/share/man \ --enable-fpm \ --without-pear \ --with-fpm-user=apache \ --with-fpm-group=apache \ --with-fpm-systemd \ --with-config-file-path=/etc \ --with-zlib \ --enable-bcmath \ --with-bz2 \ --enable-calendar \ --enable-dba=shared \ --with-gdbm \ --with-gmp \ --enable-ftp \ --with-gettext \ --enable-mbstring \ --disable-mbregex \ --with-readline && make
To test the results, issue: make test. Several tests (out of over 12400) may fail, in which case you are asked whether you want to send the report to the PHP developers. If you want to automate the test, you may prefix the command with yes "n" | .
Now, as the root
user:
make install && install -v -m644 php.ini-production /etc/php.ini && install -v -m755 -d /usr/share/doc/php-8.0.2 && install -v -m644 CODING_STANDARDS* EXTENSIONS NEWS README* UPGRADING* \ /usr/share/doc/php-8.0.2
The default configuration files for the fastCGI process
manager are installed only if they do not already exist on
the system. If this is the first installation, they should be
renamed, as the root
user:
if [ -f /etc/php-fpm.conf.default ]; then mv -v /etc/php-fpm.conf{.default,} && mv -v /etc/php-fpm.d/www.conf{.default,} fi
The pre-built HTML documentation is packaged in two forms: a
tarball containing many individual files, useful for quick
loading into your browser, and one large individual file,
which is useful for using the search utility of your browser.
If you downloaded either, or both, of the documentation
files, issue the following commands as the root
user to install them (note these
instructions assume English docs, modify the tarball names
below if necessary).
For the “Single HTML” file:
install -v -m644 ../php_manual_en.html.gz \ /usr/share/doc/php-8.0.2 && gunzip -v /usr/share/doc/php-8.0.2/php_manual_en.html.gz
For the “Many HTML files” tarball:
tar -xvf ../php_manual_en.tar.gz \ -C /usr/share/doc/php-8.0.2 --no-same-owner
The bundled pear is not installed because of a bug which might pollute the filesystem with several hidden files and directories. If pear is needed, execute the following commands to install it:
wget http://pear.php.net/go-pear.phar php ./go-pear.phar
--datadir=/usr/share/php
: This
works around a bug in the build machinery, which installs
some data to a wrong location.
--enable-fpm
: This
parameter allows building the fastCGI Process Manager.
--with-fpm-systemd
:
This parameter allows the FastCGI Process Manager to
integrate with systemd.
--without-pear
: This
switch disables installation of bundled pear software.
--with-config-file-path=/etc
:
This parameter makes PHP
look for the php.ini
configuration file in /etc
.
--with-zlib
: This
parameter adds support for Zlib compression.
--enable-bcmath
:
Enables bc
style precision math functions.
--with-bz2
: Adds
support for Bzip2
compression functions.
--enable-calendar
:
This parameter provides support for calendar conversion.
--enable-dba=shared
:
This parameter enables support for database (dbm-style)
abstraction layer functions.
--enable-ftp
: This
parameter enables FTP functions.
--with-gettext
:
Enables functions that use Gettext text translation.
--enable-mbstring
:
This parameter enables multibyte string support.
--with-readline
: This
parameter enables command line Readline support.
--disable-libxml
: This option
allows building PHP without libxml2 installed.
--with-apxs2
: Instead of building
the fastCGI process manager, it is possible to build an
apache module. This has some
performance penalty for heavy loaded servers, but may be
easier to set up. This switch is incompatible with the
--enable-fpm
and
--with-fpm-...
switches.
--with-mysqli=shared
: This option
includes MySQLi support.
--with-mysql-sock=/run/mysqld/mysqld.sock
:
Location of the MySQL unix socket pointer.
--with-pdo-mysql=shared
: This
option includes PDO: MySQL support.
--with-tidy=shared
: This option
includes tidy library support.
The file used as the default /etc/php.ini
configuration file is
recommended by the PHP
development team. This file modifies the default behavior
of PHP. If no /etc/php.ini
is used, all configuration
settings fall to the defaults. You should review the
comments in this file and ensure the changes are acceptable
in your particular environment.
The fastCGI process manager uses the configuration file
/etc/php-fpm.conf
. The
default file shipped with PHP includes all the /etc/php-fpm.d/*.conf
in turn. There is a
shipped /etc/php-fpm.d/www.conf
file, that
contains the parameters related to the interaction with the
Apache Web server.
You may have noticed the following from the output of the make install command:
You may want to add: /usr/lib/php to your php.ini include_path
If desired, add the entry using the following command as
the root
user:
sed -i 's@php/includes"@&\ninclude_path = ".:/usr/lib/php"@' \ /etc/php.ini
To enable fastCGI support in the Apache web server, two LoadModule
directives must be added to the httpd.conf
file. They are commented out,
so just issue the following command as root
user:
sed -i -e '/proxy_module/s/^#//' \ -e '/proxy_fcgi_module/s/^#//' \ /etc/httpd/httpd.conf
Those modules accept various ProxyPass directives. One
possibility is (as the root
user):
echo \ 'ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/srv/www/$1' >> \ /etc/httpd/httpd.conf
Additionally, it may be useful to add an entry for
index.php
to the
DirectoryIndex directive of the httpd.conf
file. Lastly, adding a line to
setup the .phps
extension to
show highlighted PHP
source may be desirable:
AddType application/x-httpd-php-source .phps
You'll need to restart the Apache web server after making any
modifications to the httpd.conf
file.
To start the php-fpm daemon at boot,
install the systemd unit from the blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-php-fpm
Last updated on 2021-02-23 12:52:46 -0800
The Python 2 package contains the Python development environment. It is useful for object-oriented programming, writing scripts, prototyping large programs or developing entire applications. This version is for backward compatibility with other dependent packages.
Python2 has been deprecated by the upstream developers. Support for Python2 was discontinued on January 1st, 2020.
BLFS is attempting to use Python3 as much as possible, but some packages have not been updated to support Python3.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.python.org/ftp/python/2.7.18/Python-2.7.18.tar.xz
Download MD5 sum: fd6cc8ec0a78c44036f825e739f36e5a
Download size: 12.2 MB
Estimated disk space required: 134 MB (add 17 MB for tests)
Estimated build time: 0.7 SBU (Using parallelism=4; add 7.1 SBU for tests)
Optional HTML Documentation
BlueZ-5.55 and Valgrind-3.16.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/Python
First, disable the installation of a script that overwrites a more recent script:
sed -i '/2to3/d' ./setup.py
Install Python 2 by running the following commands:
./configure --prefix=/usr \ --enable-shared \ --with-system-expat \ --with-system-ffi \ --enable-unicode=ucs4 && make
To test the results, issue: make -k test.
Now, as the root
user:
make altinstall && ln -s python2.7 /usr/bin/python2 && ln -s python2.7-config /usr/bin/python2-config && chmod -v 755 /usr/lib/libpython2.7.so.1.0
Since Python 2 is in
maintenance mode, and Python
3 is recommended by upstream for development, you
probably do not need to install the documentation. However,
if you still want to install documentation for both
Python versions, be sure to
define the PYTHONDOCS
variable for
the version you want to use, each time you need to consult
the documentation. If you have downloaded the preformatted
documentation from http://docs.python.org/download.html,
install it as the root
user:
install -v -dm755 /usr/share/doc/python-2.7.18 && tar --strip-components=1 \ --no-same-owner \ --directory /usr/share/doc/python-2.7.18 \ -xvf ../python-2.7.18-docs-html.tar.bz2 && find /usr/share/doc/python-2.7.18 -type d -exec chmod 0755 {} \; && find /usr/share/doc/python-2.7.18 -type f -exec chmod 0644 {} \;
--with-system-expat
:
This switch enables linking against system version of
Expat.
--with-system-ffi
:
This switch enables linking against system version of
libffi.
--enable-unicode=ucs4
: This
switch enables 32bit Unicode support in Python.
--with-ensurepip=yes
: This
switch enables building pip and setuptools packaging
programs. setuptools is needed for
building some Python modules. This switch is not recommended
because this version of Python is being phased out.
--with-dbmliborder=bdb:gdbm:ndbm
:
Use this switch if you want to build Python DBM Module against Berkeley DB instead of GDBM.
make altinstall: This make target omits some default symbolic links that may interfere with Python 3.
chmod ...: Fix permissions for libraries to be consistent with other libraries.
In order for python to find the installed documentation, you must add the following environment variable to individual user's or the system's profile:
export PYTHONDOCS=/usr/share/doc/python-2.7.18
is a wrapper script that opens a Python aware GUI editor. For this script to run, you must have installed Tk before Python so that the Tkinter Python module is built |
|
is the Python documentation tool |
|
is an interpreted, interactive, object-oriented programming language |
|
is a version-specific name for the python program |
|
is an SMTP proxy implemented in Python |
Last updated on 2021-02-19 21:30:09 -0800
The Python 3 package contains the Python development environment. This is useful for object-oriented programming, writing scripts, prototyping large programs or developing entire applications.
Python 3 was installed in LFS. The only reason to rebuild it here is if optional modules are needed.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.python.org/ftp/python/3.9.2/Python-3.9.2.tar.xz
Download MD5 sum: f0dc9000312abeb16de4eccce9a870ab
Download size: 18 MB
Estimated disk space required: 379 MB (add 36 MB for tests)
Estimated build time: 0.5 SBU (using parallelism=4; add 1.7 SBU for tests)
SQLite-3.34.1 (required if building firefox or thunderbird)
BlueZ-5.55, GDB-10.1 (required for some tests), Valgrind-3.16.1, and libmpdec
Berkeley DB-5.3.28 and Tk-8.6.11.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/Python3
Install Python 3 by running the following commands:
CXX="/usr/bin/g++" \ ./configure --prefix=/usr \ --enable-shared \ --with-system-expat \ --with-system-ffi \ --with-ensurepip=yes && make
To test the result, issue make test. Some tests may need Internet connection.
Now, as the root
user:
make install
CXX="/usr/bin/g++" ./configure ...: Avoid an annoying message during configuration.
--with-system-expat
:
This switch enables linking against the system version of
Expat.
--with-system-ffi
:
This switch enables linking against system version of
libffi.
--with-ensurepip=yes
: This switch enables building pip and setuptools packaging
programs. setuptools is needed for
building some Python modules.
--with-dbmliborder=bdb:gdbm:ndbm
:
Use this switch if you want to build Python DBM Module against Berkeley DB instead of GDBM.
--enable-optimization
: Use this
switch if you want to enable expensive optimizations (i.e.
Profile Guided Optimizations). This adds around 20 SBU, but
can slightly speed up
some uses, such as using Sphinx for creating documentation, or
use of Python3 scripts.
--with-lto
: This optional switch
enables thick Link Time Optimization. Unusually, it creates a
much larger /usr/lib/python3.9/config-3.9-<arch>-linux-gnu/libpython3.9.a
with a small increase in the time to compile Python. Run-time results do not appear
to show any benefit from doing this.
In order for python3 to find the installed documentation, create the following version independent symlink:
ln -svfn python-3.9.2 /usr/share/doc/python-3
and add the following environment variable to the individual user's or system's profile:
export PYTHONDOCS=/usr/share/doc/python-3/html
is a frontend to pip3 to make it easier to configure python modules through the PIP package manager |
|
is a wrapper script that opens a Python aware GUI editor. For this script to run, you must have installed Tk before Python so that the Tkinter Python module is built |
|
is the Python documentation tool |
|
is an interpreted, interactive, object-oriented programming language |
|
is a version-specific name for the python program |
Last updated on 2021-02-21 11:05:24 -0800
The Python module packages add useful objects to the Python language. Modules utilized by packages throughout BLFS are listed here, along with their dependencies.
D-Bus Python provides Python bindings to the D-Bus API interface.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://dbus.freedesktop.org/releases/dbus-python/dbus-python-1.2.16.tar.gz
Download MD5 sum: 51a45c973d82bedff033a4b57d69d5d8
Download size: 564 KB
Estimated disk space required: 11 MB (both versions, with tests)
Estimated build time: 0.4 SBU (both versions, with tests)
Python-2.7.18 (some applications in the book require the Python 2 module)
PyGObject-3.38.0 and tap.py (required for some tests)
docutils-0.16 and Sphinx with sphinx_rtd_theme
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dbus-python
Both Python 2 and Python 3 modules can be built and installed without any conflicts.
To build D-Bus Python as the Python 2 module, run the following commands:
mkdir python2 && pushd python2 && PYTHON=/usr/bin/python2 \ ../configure --prefix=/usr --disable-documentation && make && popd
To test the results, issue: make -C python2 check. Several tests report an error due to dbus issues.
To build D-Bus Python as the Python 3 module, run the following commands:
mkdir python3 && pushd python3 && PYTHON=/usr/bin/python3 \ ../configure --prefix=/usr --docdir=/usr/share/doc/dbus-python-1.2.16 && make && popd
To test the results, issue: make -C python3 check.
To install the Python 2
module, run the following command as the root
user:
make -C python2 install
To install the Python 3
module, run the following command as the root
user:
make -C python3 install
The goal of the decorator module is to make it easy to define signature-preserving function decorators and decorator factories.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/d/decorator/decorator-4.4.2.tar.gz
Download MD5 sum: d83c624cce93e6bdfab144821b526e1d
Download size: 36 KB
Estimated disk space required: 244 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/decorator
Install decorator with the following commands:
python3 setup.py build
This package does not come with a test suite.
To install the decorator package with the following command
as the root
user:
python3 setup.py install --optimize=1
docutils is a set of Python modules and programs for processing plaintext docs into formats such as HTML, XML, or LaTeX.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://downloads.sourceforge.net/docutils/docutils-0.16.tar.gz
Download MD5 sum: 9ccb6f332e23360f964de72c8ea5f0ed
Download size: 1.8 MB
Estimated disk space required: 12 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/docutils
To build the Python 3 applications, run the following command:
python3 setup.py build
To install the Python
applications run the following as the root
user:
python3 setup.py install --optimize=1 && for f in /usr/bin/rst*.py; do ln -svf $(basename $f) /usr/bin/$(basename $f .py) done
Py3c helps you port C extensions to Python 3. It provides a detailed guide, and a set of macros to make porting easy and reduce boilerplate.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/encukou/py3c/archive/v1.3.1/py3c-1.3.1.tar.gz
Download MD5 sum: 57f6518f3a7bcd501425bb23f2de15a7
Download size: 48 KB
Estimated disk space required: 1.4 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/py3c
The Py3c package is a headers-only package and because of that, no configuration and compilation is required.
To test the package, issue: make test-python3.
To install the Python 3
module, run the following command as the root
user:
make prefix=/usr install
The PyAtSpi2 package contains Python bindings for the core components of the GNOME Accessibility.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/pyatspi/2.38/pyatspi-2.38.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/pyatspi/2.38/pyatspi-2.38.0.tar.xz
Download MD5 sum: 7909957aac797725741959078f098ba7
Download size: 312 KB
Estimated disk space required: 3.7 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pyatspi2
To build PyAtSpi2 as a Python 3 module, run the following commands:
./configure --prefix=/usr --with-python=/usr/bin/python3
This package does not come with a testsuite.
To install the Python 3
module, run the following command as the root
user:
make install
PyCairo provides Python bindings to Cairo.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/pygobject/pycairo/releases/download/v1.20.0/pycairo-1.20.0.tar.gz
Download MD5 sum: a1f9b661a0000c2f42281db933284451
Download size: 340 KB
Estimated disk space required: 3.6 MB
Estimated build time: less than 0.1 SBU
Hypothesis (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pycairo
The current version of pycairo no longer builds the Python2 module. If you need that module for packages such as Gimp-2.10.22, use PyCairo-1.18.2
Install PyCairo for Python3 by running the following commands:
python3 setup.py build
This package does not come with a test suite.
Now, as the root
user:
python3 setup.py install --optimize=1 && python3 setup.py install_pycairo_header && python3 setup.py install_pkgconfig
This version of PyCairo provides Python2 bindings to Cairo.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/pygobject/pycairo/releases/download/v1.18.2/pycairo-1.18.2.tar.gz
Download MD5 sum: be2ba51f234270dec340f28f1695a95e
Download size: 196 KB
Estimated disk space required: 2.3 MB
Estimated build time: less than 0.1 SBU
Cairo-1.17.2+f93fc72c03e and Python-2.7.18
Hypothesis (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pycairo
This version of PyCairo is only retained for packages such as Gimp-2.10.22 which is stuck on Python2 until Gimp-3 is released.
Install PyCairo for Python2 by running the following commands:
python2 setup.py build
This package does not come with a test suite.
Now, as the root
user:
python2 setup.py install --optimize=1 && python2 setup.py install_pycairo_header && python2 setup.py install_pkgconfig
PyCryptodome is a collection of both secure hash functions (such as SHA256 and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal, etc.), and is a drop-in replacement for PyCrypto.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/Legrandin/pycryptodome/archive/v3.10.1/pycryptodome-3.10.1.tar.gz
Download MD5 sum: 31f5e8c91e8e0fa45da14271b394bba4
Download size: 15 MB
Estimated disk space required: 58 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pycryptodome
To build PyCryptodome as a Python 3 module, run the following command:
python3 setup.py build
To install the module, run the following command as the
root
user:
python3 setup.py install --optimize=1
dbusmock is a Python library useful for writing tests for software which talks to D-Bus services.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/martinpitt/python-dbusmock/releases/download/0.22.0/python-dbusmock-0.22.0.tar.gz
Download MD5 sum: 4a3ac7bc9b24b784e2649d1b1760bc8d
Download size: 68 KB
Estimated disk space required: 1.2 KB
Estimated build time: less than 0.1 SBU
D-Bus Python-1.2.16 (runtime)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dbusmock
Build the package with:
python3 setup.py build
To install the package run the following as the
root
user:
python3 setup.py install --optimize=1
Pygments is a general syntax highlighter written in Python, for more than 300 languages.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/P/Pygments/Pygments-2.8.0.tar.gz
Download MD5 sum: 9e26c2dff77bf7bf1e7cb16062ac1b3c
Download size: 3.8 MB
Estimated disk space required: 53 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pygments
Build and install the Python
3 module by running the following commands as the
root
user:
python3 setup.py install --optimize=1
PyGObject-2.28.7 provides Python 2 bindings to the GObject class from GLib.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/pygobject/2.28/pygobject-2.28.7.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/pygobject/2.28/pygobject-2.28.7.tar.xz
Download MD5 sum: ae48b60c690c4aa894e69e0c97802745
Download size: 728 KB
Estimated disk space required: 17 MB
Estimated build time: 0.1 SBU
GLib-2.66.7, PyCairo-1.18.2 and Python-2.7.18
gobject-introspection-1.66.1 and libxslt-1.1.34 (to Build Documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pygobject2
Install PyGObject by running the following commands:
./configure --prefix=/usr --disable-introspection && make
This package does not have a working testsuite.
Now, as the root
user:
make install
--disable-introspection
: Omit
this switch if you have installed gobject-introspection-1.66.1.
Note that it conflicts with PyGObject-3.38.0.
--disable-docs
: This option
disables the rebuilding of the html documentation if
libxslt-1.1.34 is installed.
PyGObject3 provides Python bindings to the GObject class from GLib.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/pygobject/3.38/pygobject-3.38.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/pygobject/3.38/pygobject-3.38.0.tar.xz
Download MD5 sum: 2ad8d8f10d1f12a8c66d8179659d5eb9
Download size: 544 KB
Estimated disk space required: 15 MB
Estimated build time: 0.1 SBU (Using parallelism=4)
gobject-introspection-1.66.1 and PyCairo-1.20.0 (Python 3 module)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pygobject3
Install pygobject3 by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test. An already
active graphical session with a bus address is necessary to
run the tests. One test, tests/test_gdbus.py
, is known to fail.
Now, as the root
user:
ninja install
PyGTK lets you to easily create programs with a graphical user interface using the Python programming language.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/pygtk/2.24/pygtk-2.24.0.tar.bz2
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/pygtk/2.24/pygtk-2.24.0.tar.bz2
Download MD5 sum: a1051d5794fd7696d3c1af6422d17a49
Download size: 2.2 MB
Estimated disk space required: 83 MB
Estimated build time: 0.7 SBU
PyGObject-2.28.7 and Python-2.7.18
PyCairo-1.18.2 and Pango-1.48.2
PyCairo-1.18.2 and GTK+-2.24.33.
PyCairo-1.18.2 and libglade-2.6.4.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pygtk
First, adapt PyGTK to changes in Pango by removing undefined APIs:
sed -i '1394,1402 d' pango.defs
Install PyGTK by running the following commands:
./configure --prefix=/usr && make
The tests must be run from an active X display. If this is so, issue: make check.
Now, as the root
user:
make install
--enable-docs
: This
option enables rebuilding the html documentation if
libxslt-1.1.34 is installed.
PyXDG is a Python library to access freedesktop.org standards.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/6f/2e/2251b5ae2f003d865beef79c8fcd517e907ed6a69f58c32403cec3eba9b2/pyxdg-0.27.tar.gz
Download MD5 sum: 2a2844c21b1b038d74433a0c4aef0a88
Download size: 60 KB
Estimated disk space required: 708 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/pyxdg
To install the module, run the following command as the
root
user:
python3 setup.py install --optimize=1
These instructions provide the Python2 bindings for libxml2: the Python3 bindings are built as part of libxml2-2.9.10 and most packages in the book do not use these bindings for the older Python2.
By building these bindings after libxml2-2.9.10 has been installed, there is no need to rebuild the time-consuming (if all dependencies are used) main part of that package.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://xmlsoft.org/sources/libxml2-2.9.10.tar.gz
Download (FTP): ftp://xmlsoft.org/libxml2/libxml2-2.9.10.tar.gz
Download MD5 sum: 10942a1dc23137a8aa07f0639cbfece5
Download size: 5.4 MB
Estimated disk space required: 53 MB (2.3 MB installed)
Estimated build time: less than 0.1 SBU
libxml2-2.9.10 and Python-2.7.18
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/libxml2
To build the Python 2 module, run:
cd python && python2 setup.py build
To install the Python 2
module, as the root
user
run:
python2 setup.py install --optimize=1
lxml provides Python bindings for libxslt-1.1.34 and libxml2-2.9.10.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/l/lxml/lxml-4.6.2.tar.gz
Download MD5 sum: 2e39c6e17d61f61e5be68fd328ba6a51
Download size: 3.0 MB
Estimated disk space required: 168 MB (add 51 MB for tests)
Estimated build time: 1.6 SBU (add 1.6 SBU for tests)
GDB-10.1, Valgrind-3.16.1, and cssselect
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/lxml
Both Python 2 and Python 3 modules can be built and installed without any conflicts.
To build both Python 2 and Python 3 modules, run:
python2 setup.py build && python3 setup.py build
If you wish to run the tests, enter: make PYTHON=python2 test and make PYTHON=python3 test. This will rebuild the package for inplace use before running the tests.
To install both modules, issue the following commands as
the root
user:
python2 setup.py install --optimize=1 && python3 setup.py install --optimize=1
MarkupSafe is a Python module that implements a XML/HTML/XHTML Markup safe string.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/M/MarkupSafe/MarkupSafe-1.1.1.tar.gz
Download MD5 sum: 43fd756864fe42063068e092e220c57b
Download size: 20 KB
Estimated disk space required: 412 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/MarkupSafe
Install MarkupSafe with the following commands:
python3 setup.py build
Then, as the root
user:
python3 setup.py install --optimize=1
Jinja2 is a Python module that implements a simple pythonic template language.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/J/Jinja2/Jinja2-2.11.3.tar.gz
Download MD5 sum: 231dc00d34afb2672c497713fa9cdaaa
Download size: 252 KB
Estimated disk space required: 3.1 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/Jinja2
To install the Python 3
module, run the following command as the root
user:
python3 setup.py install --optimize=1
Mako is a Python module that implements hyperfast and lightweight templating for the Python platform.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/M/Mako/Mako-1.1.4.tar.gz
Download MD5 sum: 2cd02c14d08c2180b3e10d3c2e749b9e
Download size: 469 KB
Estimated disk space required: 3.8 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/Mako
To install the Python 3
module, run the following command as the root
user:
python3 setup.py install --optimize=1
python-slip provides convenience, extension and workaround code for Python and some Python modules.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/nphilipp/python-slip/releases/download/python-slip-0.6.5/python-slip-0.6.5.tar.bz2
Download MD5 sum: 28ae5f93853466c44ec96706ba2a1eb4
Download size: 28 KB
Estimated disk space required: 612 KB
Estimated build time: 0.1 SBU
D-Bus Python-1.2.16, decorator-4.4.2, and six-1.15.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/python-slip
To build the python-slip module, run the following commands:
sed 's/@VERSION@/0.6.5/' setup.py.in > setup.py && python3 setup.py build
To install the python-slip
module, run the following command as the root
user:
python3 setup.py install --optimize=1
PyYAML is a Python module that implements the next generation YAML parser and emitter.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://pyyaml.org/download/pyyaml/PyYAML-5.3.1.tar.gz
Download MD5 sum: d3590b85917362e837298e733321962b
Download size: 264 KB
Estimated disk space required: 15 MB
Estimated build time: 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/PyYAML
Both Python 2 and Python 3 modules can be built and installed without any conflicts.
To build both Python 2 and Python 3 modules, run the following commands:
python2 setup.py build && python3 setup.py build
To install both modules, run the following commands as the
root
user:
python2 setup.py install --optimize=1 && python3 setup.py install --optimize=1
Scour is an SVG (Scalable Vector Graphics) optimizer/cleaner that reduces their size by optimizing structure and removing unnecessary data.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/scour-project/scour/archive/v0.38.2/scour-0.38.2.tar.gz
Download MD5 sum: ae30f52602802f8c7df3a32e1f72b325
Download size: 100 KB
Estimated disk space required: 1.3 MB
Estimated build time: less than 0.1 SBU
six-1.15.0 (will be automatically downloaded and installed if not already present)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/scour
To build the Python 3 module run the following commands:
python3 setup.py build
To partially test the results, issue: python3 test_css.py. If you have installed Six you can run the main tests by issuing: python3 test_scour.py.
To install the module, run the following command as the
root
user:
python3 setup.py install --optimize=1
Six is a Python 2 and 3 compatibility library.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://files.pythonhosted.org/packages/source/s/six/six-1.15.0.tar.gz
Download MD5 sum: 9f90a0eaa0ea7747fda01ca79d21ebcb
Download size: 36 KB
Estimated disk space required: 376 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/six
Both Python 2 and Python 3 modules can be built and installed without any conflicts.
Install six for Python 2 and Python 3 by running the following commands:
python2 setup.py build && python3 setup.py build
This package does not come with a test suite.
Now, as the root
user:
python2 setup.py install --optimize=1 && python3 setup.py install --optimize=1
Last updated on 2020-05-29 02:43:04 -0700
The Ruby package contains the Ruby development environment. This is useful for object-oriented scripting.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.0.tar.xz
Download MD5 sum: fefb57db58b5c3f11534710bab2bba47
Download size: 14 MB
Estimated disk space required: 629 MB (add 533 MB for C API docs)
Estimated build time: 1.3 SBU (using parallelism=4; add 5.5 SBU for tests; add 0.8 SBU for C API docs)
Berkeley DB-5.3.28, Doxygen-1.9.1, Graphviz-2.44.1, libyaml-0.2.4, Tk-8.6.11.1, Valgrind-3.16.1, and DTrace
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ruby
Install Ruby by running the following command:
./configure --prefix=/usr \ --enable-shared \ --docdir=/usr/share/doc/ruby-3.0.0 && make
Optionally, build the CAPI documents by running the following commands:
make capi
To test the results, issue: make check. There are almost 21,000 tests. Some tests related to ipv6 may indicate errors. If the tests are run in a directory that has a world writable component (e.g. /tmp) then several additional tests may fail. A few tests my fail due to system configuration expectations.
Now, as the root
user:
make install
--enable-shared
: This
switch enables building of the libruby
shared library.
--disable-install-doc
: This
switch disables building and installing rdoc indexes and C
API documents.
--disable-install-rdoc
: This
switch disables building and installing rdoc indexes.
--disable-install-capi
: This
switch disables building and installing C API documents.
creates bundles of Ruby Gems |
|
manages an application's dependencies throughout it's lifecycle |
|
is Tiny eRuby. It interprets a Ruby code embedded text file |
|
command for RubyGems - a sophisticated package manager for Ruby |
|
is the interactive interface for Ruby |
|
a make-like build utility for Ruby |
|
generates Ruby documentation |
|
displays documentation from a database on Ruby classes, modules, and methods |
|
is an interpreted scripting language for quick and easy object-oriented programming |
|
contains the API functions required by Ruby |
Last updated on 2021-02-21 17:43:43 -0800
The Rust programming language is designed to be a safe, concurrent, practical language.
This package is updated on a six-weekly release cycle. Because it is such a large and slow package to build, is at the moment only required by a few packages in this book, and particularly because newer versions tend to break older mozilla packages, the BLFS editors take the view that it should only be updated when that is necessary (either to fix problems, or to allow a new version of a package to build).
As with many other programming languages, rustc (the rust compiler) needs a binary from which to bootstrap. It will download a stage0 binary and many cargo crates (these are actually .tar.gz source archives) at the start of the build, so you cannot compile it without an internet connection.
These crates will then remain in various forms (cache,
directories of extracted source), in ~/.cargo
for ever more. It is common for
large rust packages to use
multiple versions of some crates. If you purge the files
before updating this package, very few crates will need to be
updated by the packages in this book which use it (and they
will be downloaded as required). But if you retain an older
version as a fallback option and then use it (when
not building in
/usr
), it is likely that it
will then have to re-download some crates. For a full
download (i.e. starting with an empty or missing ~/.cargo
) downloading the external cargo
files for this version only takes a minute or so on a fast
network.
Although BLFS usually installs in /usr
, when you later upgrade to a newer
version of rust the old
libraries in /usr/lib/rustlib
will remain, with various hashes in their names, but will
not be usable and will waste space. The editors recommend
placing the files in the /opt
directory. In particular, if you have reason to rebuild
with a modified configuration (e.g. using the shipped LLVM
after building with shared LLVM, or for the reverse
situation) it is possible for the install to leave a broken
cargo
program. In such a situation, either remove the existing
installation first, or use a different prefix such as
/opt/rustc-1.47.0-build2.
If you prefer, you can of course change the prefix to
/usr
and omit the
ldconfig and
the actions to add rustc to the PATH.
The current rustbuild
build-system will use all processors, although it does not
scale well and often falls back to just using one core while
waiting for a library to compile. However it can be mostly
limited to a specified number of processors by a combination
of adding the switch --jobs
<N>
(e.g. '--jobs 4' to limit to 4 processors)
on each invocation of python3
./x.py and using an environment variable
CARGO_BUILD_JOBS=<N>
. At the
moment this is not effective when some of the rustc tests are
run.
The current version of rust's num_cpus crate now recognizes that cgroups can be used to restrict which processors it is allowed to use. So if your machine lacks DRAM (typically, less than 2GB DRAM per core) that might be an alternative to taking CPUs offline. That can apparently be achieved by writing custom unit files.
At the moment Rust does not provide any guarantees of a stable ABI.
Rustc defaults to building for ALL supported architectures, using a shipped copy of LLVM. In BLFS the build is only for the X86 architecture. If you intend to develop rust crates, this build may not be good enough for your purposes.
The build times of this version when repeated on the same machine are often reasonably consistent, but as with all compilations using rustc there can be some very slow outliers.
Unusually, a DESTDIR-style method is being used to install
this package. This is because running the install as root
not only downloads all of the cargo files again (to
/root/.cargo
), it then spends
a very long time recompiling. Using this method saves a lot
of time, at the cost of extra disk space.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://static.rust-lang.org/dist/rustc-1.47.0-src.tar.gz
Download MD5 sum: a460bed79b92f6a7833ba6e6390ee6ae
Download size: 145 MB
Estimated disk space required: 7.6 GB (369 MB installed) including 294 MB of ~/.cargo files for the user building this. Add 3.3 GB if running the tests
Estimated build time: 39 SBU (add 31 SBU for tests, both on a 4-core machine)
cURL-7.75.0, CMake-3.19.5, and libssh2-1.9.0
clang from LLVM-11.1.0 (built with -DLLVM_LINK_LLVM_DYLIB=ON so that rust can link to system LLVM instead of building its shipped version) If using an older version, see the config.toml file below re using the shipped llvm, because of rust issue 69225.
GDB-10.1 (used by the testsuite if it is present)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/rust
To install into the /opt
directory, remove the symlink and create a new directory
(i.e. with a different name if trying a modified build). As
the root
user:
mkdir /opt/rustc-1.47.0 && ln -svfin rustc-1.47.0 /opt/rustc
If multiple versions of Rust are installed in /opt
, changing to another version only
requires changing the /opt/rustc
symbolic link and then running
ldconfig.
Create a suitable config.toml
file which will configure the build.
cat << EOF > config.toml
# see config.toml.example for more possible options
# See the 8.4 book for an example using shipped LLVM
# e.g. if not installing clang, or using a version before 10.0
[llvm]
# by default, rust will build for a myriad of architectures
targets = "X86"
# When using system llvm prefer shared libraries
link-shared = true
[build]
# omit docs to save time and space (default is to build them)
docs = false
# install cargo as well as rust
extended = true
[install]
prefix = "/opt/rustc-1.47.0"
docdir = "share/doc/rustc-1.47.0"
[rust]
channel = "stable"
rpath = false
# BLFS does not install the FileCheck executable from llvm,
# so disable codegen tests
codegen-tests = false
[target.x86_64-unknown-linux-gnu]
# NB the output of llvm-config (i.e. help options) may be
# dumped to the screen when config.toml is parsed.
llvm-config = "/usr/bin/llvm-config"
[target.i686-unknown-linux-gnu]
# NB the output of llvm-config (i.e. help options) may be
# dumped to the screen when config.toml is parsed.
llvm-config = "/usr/bin/llvm-config"
EOF
Compile Rust by running the following commands:
export RUSTFLAGS="$RUSTFLAGS -C link-args=-lffi" && python3 ./x.py build --exclude src/tools/miri
The testsuite will generate some messages in the systemd journal for traps on invalid opcodes, and for segmentation faults. In themselves these are nothing to worry about, just a way for the test to be terminated.
To run the tests issue python3 ./x.py test --verbose --no-fail-fast | tee rustc-testlog: as with the build, that will use all available CPUs.
At a minimum, two tests (run-make-fulldeps/long-linker-command-lines and run-make-fulldeps/sysroot-crates-are-unstable) may fail. If a version of gdb which was released after this version of rust is used, such as GDB-10.1, four more failures (debuginfo/extern-c-fn.rs, debuginfo/generator-objects.rs, debuginfo/issue-57822.rs, debuginfo/pretty-huge-vec.rs) can be expected.
As with all large testsuites, other tests might fail on some machines - if the number of additional failures is in the single digits, check the log for 'FAILED' and review lines above that, particularly the 'stderr:' lines. Any mention of SIGSEGV or signal 11 in a failing test is a cause for concern.
If you get any other failing test which reports an issue number then you should search for that issue. For example, when rustc >= 1.41.1 was built with a version of sysllvm before 10.0 the test for issue 69225 failed https://github.com/rust-lang/rust/issues/69225 and that should be regarded as a critical failure (they released 1.41.1 because of it). Most other failures will not be critical.
Therefore, you should determine the number of failures.
The number of tests which failed can be found by running:
grep '^test result:' rustc-testlog | awk '{ sum += $6 } END { print sum }'
And similarly if you care about how many tests passed use $4, for those which were ignored (i.e. skipped) use $8 (and $10 for 'measured', $12 for 'filtered out' but both are probably zero).
Still as your normal user, do a DESTDIR install:
export LIBSSH2_SYS_USE_PKG_CONFIG=1 && DESTDIR=${PWD}/install python3 ./x.py install && unset LIBSSH2_SYS_USE_PKG_CONFIG
Now, as the root
user install
the files from the DESTDIR:
chown -R root:root install && cp -a install/* /
ln -svfn rustc-1.47.0
/opt/rustc: if this is not the first use of
the /opt/rustc
symlink,
overwrite it by forcing, and use the '-n' flag to avoid
getting confusing results from e.g. ls -l.
targets =
"X86": this avoids building all the available
linux cross-compilers (Aarch64, MIPS, PowerPC, SystemZ, etc).
Unfortunately, rust insists on installing source files for
these below /opt/rustc/lib/src
.
extended = true: this installs Cargo alongside Rust.
channel =
"stable": this ensures only stable features
can be used, the default in config.toml
is to use development features,
which is not appropriate for a released version.
rpath = false: by default, rust can be run from where it was built, without being installed. That adds DT_RPATH entries to all of the ELF files, which produces very messy output from ldd, showing the libraries in the place they were built, even if they have been deleted from there after the install.
[target.x86_64-unknown-linux-gnu]:
the syntax of config.toml
requires an llvm-config
entry
for each target for which system-llvm is to be used. Change
the target to [target.i686-unknown-linux-gnu]
if you are
building on 32-bit x86. This whole section may be omitted if
you wish to build against the shipped llvm, or do not have
clang, but the resulting build will be larger and take
longer.
export RUSTFLAGS="$RUSTFLAGS -C link-args=-lffi": This adds a link to libffi to any RUSTFLAGS you may already be passing to the build. On some systems, linking fails to include libffi unless this is used. The reason why this is needed is not clear.
--exclude src/tools/miri: For a long time, the miri crate (an interpreter for the Midlevel Intermediate Representation) has failed to build on releases. It is optional, but the failure messages can persuade people that the whole build failed. However, although it is not built in the main compile, with rustc-1.35.0 it now got compiled during the install, but it was broken in that version. Omitting it should save a little time.
--verbose: this switch can sometimes provide more information about a test which fails.
--no-fail-fast: this switch ensures that the testsuite will not stop at the first error.
export LIBSSH2_SYS_USE_PKG_CONFIG=1: On some systems, cairo fails to link during the install because it cannot find libssh2. This seems to fix it, but again the reason why the problem occurs is not understood.
DESTDIR=${PWD}/install python3
./x.py install: This effects a DESTDIR-style
install in the source tree,creating an install
directory. Note that DESTDIR
installs need an absolute path, passing 'install' will not
work.
chown -R root:root install: the DESTDIR install was run by a regular user, who owns the files. For security, change their owner before doing a simple copy to install them.
If you installed rustc in
/opt
, you need to update the
following configuration files so that rustc is correctly found by other
packages and system processes.
As the root
user, update
the /etc/ld.so.conf
file and
the dynamic linker's run-time cache file:
cat >> /etc/ld.so.conf << EOF
# Begin rustc addition
/opt/rustc/lib
# End rustc addition
EOF
ldconfig
As the root
user, create
the /etc/profile.d/rustc.sh
file:
cat > /etc/profile.d/rustc.sh << "EOF"
# Begin /etc/profile.d/rustc.sh
pathprepend /opt/rustc/bin PATH
# End /etc/profile.d/rustc.sh
EOF
Immediately after installation, update the current PATH for your current shell as a normal user:
source /etc/profile.d/rustc.sh
provides lint checks for a cargo package |
|
formats all bin and lib files of the current crate using rustfmt |
|
is for use by Miri to interpret bin crates and tests |
|
is the Package Manager for Rust |
|
provides lint checks for Rust |
|
is an interpreter for Rust's mid-level intermediate representation (MIR). It is broken in this version |
|
is the Rust Language Server. This can run in the background to provide IDEs, editors, and other tools with information about Rust programs |
|
is a wrapper script for gdb, pulling in Python
pretty-printing modules installed in |
|
is a wrapper script for a graphical front end to gdb that runs in a browser |
|
is a wrapper script for LLDB (the LLVM debugger) pulling in the Python pretty-printing modules |
|
is the rust compiler |
|
generates documentation from rust source code |
|
formats rust code |
|
is the Rust Standard Library, the foundation of portable Rust software |
Last updated on 2021-02-20 14:53:06 -0800
SCons is a tool for building software (and other files) implemented in Python.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/scons/scons-4.1.0.tar.gz
Download MD5 sum: f083e00f6ecfc940edd6a0eb168ffe8c
Download size: 2.9 MB
Estimated disk space required: 71 MB
Estimated build time: less than 0.1 SBU
docbook-xsl-1.79.2 and libxslt-1.1.34
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/scons
Install SCons by running the
following commands as the root
user:
sed -i 's/env python/&3/' SCons/Utilities/*.py && sed -i 's:build/doc/man/::' setup.cfg && python3 setup.py install --prefix=/usr \ --optimize=1 \ --install-data=/usr/share/man/man1 && cp scons{,ign}.1 /usr/share/man/man1
Last updated on 2021-02-20 11:35:58 -0800
S-Lang (slang) is an interpreted language that may be embedded into an application to make the application extensible. It provides facilities required by interactive applications such as display/screen management, keyboard input and keymaps.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.jedsoft.org/releases/slang/slang-2.3.2.tar.bz2
Download MD5 sum: c2d5a7aa0246627da490be4e399c87cb
Download size: 1.5 MB
Estimated disk space required: 29 MB (add 4 MB for tests)
Estimated build time: 0.4 SBU (add 0.2 SBU for tests)
libpng-1.6.37, PCRE-8.44, and Oniguruma
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/slang
This package does not support parallel build.
Install slang by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --with-readline=gnu && make -j1
To test the results, issue: make check. Note that this will also create a static version of the library which will then be installed in the next step.
Now, as the root
user:
make install_doc_dir=/usr/share/doc/slang-2.3.2 \ SLSH_DOC_DIR=/usr/share/doc/slang-2.3.2/slsh \ install-all && chmod -v 755 /usr/lib/libslang.so.2.3.2 \ /usr/lib/slang/v2/modules/*.so
--with-readline=gnu
:
This parameter sets GNU Readline to be used by the parser
interface instead of the slang internal version.
make install_doc_dir=/usr/share/doc/slang-2.3.2 SLSH_DOC_DIR=/usr/share/doc/slang-2.3.2/slsh install-all: This command installs the static library as well as the dynamic shared version and related modules. It also changes the documentation installation directories to a versioned directory.
Last updated on 2021-02-20 11:35:58 -0800
Subversion is a version control system that is designed to be a compelling replacement for CVS in the open source community. It extends and enhances CVS' feature set, while maintaining a similar interface for those already familiar with CVS. These instructions install the client and server software used to manipulate a Subversion repository. Creation of a repository is covered at Running a Subversion Server.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.apache.org/dist/subversion/subversion-1.14.1.tar.bz2
Download MD5 sum: 2eccc2c7451397e01a13682600af9563
Download size: 8.1 MB
Estimated disk space required: 208 MB (add 228 MB for bindings, 52 MB for docs, 1.3 GB for tests)
Estimated build time: 0.5 SBU (Using parallelism=4; add 1.9 SBU for bindings, 35 SBU for tests)
Apr-Util-1.6.1 and SQLite-3.34.1
Serf-1.3.9 (for handling http:// and https:// URLs)
Apache-2.4.46, Boost-1.75.0, Cyrus SASL-2.1.27, dbus-1.12.20, Doxygen-1.9.1 (for generating HTML documentation), gnome-keyring-3.36.0, libsecret-0.20.4, Py3c-1.3.1 (for tests) Python-2.7.18 (with sqlite support for the tests), Ruby-3.0.0, SWIG-4.0.2 (for building Perl, Python and Ruby bindings), LZ4, and UTF8proc
One of OpenJDK-15.0.2, Dante or Jikes, JUnit 4 (to test the Java bindings) and apache-ant-1.10.9.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/subversion
Install Subversion by running the following commands:
PYTHON=python3 ./configure --prefix=/usr \ --disable-static \ --with-apache-libexecdir \ --with-lz4=internal \ --with-utf8proc=internal && make
If you have Doxygen-1.9.1 installed and you wish to build the API documentation, issue:
doxygen doc/doxygen.conf
If you wish to build the Java bindings pass the --enable-javahl
parameter to the configure command. In
addition, if you want to run the Java test suite, you have to
specify the location of the JUnit file by adding --with-junit=<path to junit jar>
(for
instance --with-junit=/usr/local/java/lib/junit-4.13.jar
)
to configure.
The JUnit jar file is no longer included in apache-ant-1.10.9 and must be
downloaded seperatly. To build the Java bindings, issue the
following command:
make javahl
If you want to compile Perl, Python, or Ruby bindings, issue any of the following command:
make swig-pl # for Perl make swig-py \ swig_pydir=/usr/lib/python3.9/site-packages/libsvn \ swig_pydir_extra=/usr/lib/python3.9/site-packages/svn # for Python make swig-rb # for Ruby
To test the results, issue: make check. Four tests in
the commit_tests.py
,
prop_tests.py
, and update_tests.py
suites are known to fail.
To test the results of the Java bindings build, issue LANG=C make check-javahl.
To test the results of any of the SWIG bindings, you can use any of the following commands: make check-swig-pl, make check-swig-py, or make check-swig-rb.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/subversion-1.14.1 && cp -v -R doc/* /usr/share/doc/subversion-1.14.1
If you built the Java bindings, issue the following command
as the root
user to install
them:
make install-javahl
If you built the Perl,
Python, or Ruby bindings, issue any of the
following commands as the root
user to install them:
make install-swig-pl make install-swig-py \ swig_pydir=/usr/lib/python3.9/site-packages/libsvn \ swig_pydir_extra=/usr/lib/python3.9/site-packages/svn make install-swig-rb
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--with-apache-libexecdir
: If
Apache-2.4.46 is installed, the shared
Apache modules are built.
This switch allows to have those modules installed to
Apache's configured module
dir instead of /usr/libexec
. It
has no effect if Apache is
not installed.
--with-lz4=internal,
--with-utf8proc=internal
: Remove these switches
if you have installed the optional dependencies.
--enable-javahl
: enables
compilation of Java high level bindings. Running make javahl is necessary to
do the compilation.
--with-junit=<location of the junit
jar file>
: gives the location of the junit jar,
otherwise the javahl tests cannot be run.
--disable-gmock
: Do not use the
Googlemock testing framework.
/etc/subversion/config
is the
Subversion system-wide
configuration file. This file is used to specify defaults
for different svn commands.
~/.subversion/config
is the
user's personal configuration file. It is used to override
the system-wide defaults set in /etc/subversion/config
.
is a command-line client program used to access Subversion repositories |
|
is a tool for creating, tweaking or repairing a Subversion repository |
|
is a benchmarking tool |
|
is a program for filtering Subversion repository dumpfile format streams |
|
is the FSFS (FileSystem atop of the FileSystem - Subversion filesystem implementation) repository manipulation tool |
|
is a tool for inspecting a Subversion repository |
|
is a Multiple URL Command Client for Subversion |
|
is a tool for dumping or loading a remote Subversion repository |
|
is a custom standalone server program, able to run as a daemon process or invoked by SSH |
|
is a Subversion repository synchronisation tool |
|
is used to report the version number and state of a working Subversion repository copy |
|
are the support libraries used by the Subversion programs |
|
is a plug-in module for the Apache HTTP server, used to authenticate users to a Subversion repository over the Internet or an intranet |
|
is a plug-in module for the Apache HTTP server, used to make a Subversion repository available to others over the Internet or an intranet |
Last updated on 2021-02-21 19:28:54 -0800
This section will describe how to set up, administer and secure a Subversion server.
The following instructions will install a Subversion server, which will be set up to use OpenSSH as the secure remote access method, with svnserve available for anonymous access.
Configuration of the Subversion server consists of the following steps:
You'll need to be user root
for the initial portion of configuration. Create the
svn
user and group with the
following commands:
groupadd -g 56 svn && useradd -c "SVN Owner" -d /home/svn -m -g svn -s /bin/false -u 56 svn
If you plan to have multiple repositories, you should have
a group dedicated to each repository for ease of
administration. Create the svntest
group for the test repository
and add the svn
user to
that group with the following commands:
groupadd -g 57 svntest && usermod -G svntest -a svn
Additionally you should set umask 002 while working with a repository so that all new files will be writable by owner and group. This is made mandatory by creating a wrapper script for svn and svnserve:
mv /usr/bin/svn /usr/bin/svn.orig && mv /usr/bin/svnserve /usr/bin/svnserve.orig && cat >> /usr/bin/svn << "EOF"#!/bin/sh umask 002 /usr/bin/svn.orig "$@"
EOF cat >> /usr/bin/svnserve << "EOF"#!/bin/sh umask 002 /usr/bin/svnserve.orig "$@"
EOF chmod 0755 /usr/bin/svn{,serve}
If you use Apache for working with the repository over HTTP, even for anonymous access, you should wrap /usr/sbin/httpd in a similar script.
There are several ways to set up a subversion repository. It is recommended to have a look at the SVN Book corresponding chapter. A basic repository can be set up with the instructions below.
Create a new Subversion
repository with the following commands (as the root
user):
install -v -m 0755 -d /srv/svn && install -v -m 0755 -o svn -g svn -d /srv/svn/repositories && svnadmin create /srv/svn/repositories/svntest
Now that the repository is created, it should be populated
with something useful. You'll need to have a predefined
directory layout set up exactly as you want your repository
to look. For example, here is a sample BLFS layout setup
with a root of svntest/
.
You'll need to setup a directory tree similar to the
following:
svntest/ # The name of the repository
trunk/ # Contains the existing source tree
BOOK/
bootscripts/
edguide/
patches/
scripts/
branches/ # Needed for additional branches
tags/ # Needed for tagging release points
Once you've created your directory layout as shown above, you are ready to do the initial import:
svn import -m "Initial import." \
</path/to/source/tree>
\
file:///srv/svn/repositories/svntest
Now change owner and group information on the repository,
and add an unprivileged user to the svn
and svntest
groups:
chown -R svn:svntest /srv/svn/repositories/svntest &&
chmod -R g+w /srv/svn/repositories/svntest &&
chmod g+s /srv/svn/repositories/svntest/db &&
usermod -G svn,svntest -a <username>
svntest
is the group
assigned to the svntest repository. As mentioned earlier,
this eases administration of multiple repositories when
using OpenSSH for
authentication. Going forward, you'll need to add your
unprivileged user, and any additional users that you wish
to have write access to the repository, to the svn
and svntest
groups.
In addition, you'll notice that the new repository's
db
directory is set-groupID.
If the reasoning is not immediately obvious, when using any
external authentication method (such as ssh), the sticky bit is
set so that all new files will be owned by the user, but
group of svntest
. Anyone in
the svntest
group can
create files, but still give the entire group write access
to those files. This avoids locking out other users from
the repository.
Now, return to an unprivileged user account, and take a look at the new repository using svnlook:
svnlook tree /srv/svn/repositories/svntest/
You may need to log out and back in again to refresh your
group memberships. su
<username>
should work as well.
As mentioned previously, these instructions will configure the server to use only ssh for write access to the repository and to provide anonymous access using svnserve. There are several other ways to provide access to the repository. These additional configurations are best explained at http://svnbook.red-bean.com/.
Access configuration needs to be done for each repository.
Create the svnserve.conf
file
for the svntest repository using the following commands:
cp /srv/svn/repositories/svntest/conf/svnserve.conf \
/srv/svn/repositories/svntest/conf/svnserve.conf.default &&
cat > /srv/svn/repositories/svntest/conf/svnserve.conf << "EOF"
[general]
anon-access = read
auth-access = write
EOF
There is not a lot to the configuration file at all. You'll
notice that only the general section is required. Take a
look at the svnserve.conf.default
file for
information on using svnserve's built-in
authentication method.
To start the server at boot time, install the svnserve.service
unit from the blfs-systemd-units-20210122
package:
make install-svnserve
Additionally, the instructions above require that svn server uses umask 002 so that all new files will be writable by owner and group. This can be achieved by creating a systemd unit override file by running the following command:
mkdir -p /etc/systemd/system/svnserve.service.d echo "UMask=0002" > /etc/systemd/system/svnserve.service.d/99-user.conf
Options which are passed to svnserve daemon can be
changed in /etc/default/svnserve
.
Last updated on 2020-03-12 02:24:44 -0700
SWIG (Simplified Wrapper and Interface Generator) is a compiler that integrates C and C++ with languages including Perl, Python, Tcl, Ruby, PHP, Java, C#, D, Go, Lua, Octave, R, Scheme, and Ocaml. SWIG can also export its parse tree into Lisp s-expressions and XML.
SWIG reads annotated C/C++ header files and creates wrapper code (glue code) in order to make the corresponding C/C++ libraries available to the listed languages, or to extend C/C++ programs with a scripting language.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/swig/swig-4.0.2.tar.gz
Download MD5 sum: 7c3e46cb5af2b469722cafa0d91e127b
Download size: 7.7 MB
Estimated disk space required: 118 MB (1.3 GB with tests)
Estimated build time: 0.2 SBU (add 9.3 SBU for tests; both using parallelism=4)
Boost-1.75.0 for tests, and any of the languages mentioned in the introduction, as run-time dependencies
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/swig
Install SWIG by running the following commands:
./configure --prefix=/usr \ --without-maximum-compile-warnings && make
To test the results, issue: PY3=1 make -k check
TCL_INCLUDE=. The unsetting of the variable
TCL_INCLUDE
is necessary since it
is not correctly set by configure. The tests are only
executed for the languages installed on your machine, so the
disk space and SBU values given for the tests may vary, and
should be considered as mere orders of magnitude. According
to SWIG's documentation, the
failure of some tests should not be considered harmful. The
go tests are buggy and may generate a lot of meaningless
output.
Now, as the root
user:
make install && install -v -m755 -d /usr/share/doc/swig-4.0.2 && cp -v -R Doc/* /usr/share/doc/swig-4.0.2
--without-maximum-compile-warnings
:
disables compiler ansi conformance enforcement, which
triggers errors in the Lua
headers (starting with Lua 5.3).
--without-<language>
:
allows disabling the building of tests and examples for
<language>, but all the languages capabilities of
SWIG are always built.
Last updated on 2021-02-19 22:13:48 -0800
The sysprof package contains a statistical and system-wide profiler for Linux.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/sysprof/3.38/sysprof-3.38.1.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/sysprof/3.38/sysprof-3.38.1.tar.xz
Download MD5 sum: b4398e0cd3673cee95fdb3c70d4c5e77
Download size: 448 KB
Estimated disk space required: 28 MB
Estimated build time: 0.1 SBU (using parallelism=4)
GTK+-3.24.25, libdazzle-3.38.0, and Polkit-0.118
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/sysprof
Install Sysprof by running the following commands:
mkdir build && cd build && meson --prefix=/usr .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
is a graphical interface to sysprof |
|
is a command line interface to sysprof |
|
provides API functions for profiling processes running on a system |
|
provides a hook used to capture statistics from a process |
|
provides API functions for capturing memory statistics |
|
provides API functions for tracking the speed of a running process |
|
provides API functions for the sysprof GUI |
Last updated on 2021-02-21 11:05:24 -0800
The Tk package contains a TCL GUI Toolkit.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/tcl/tk8.6.11.1-src.tar.gz
Download MD5 sum: 964d69b6307f86bb7e51f7c189666880
Download size: 4.3 MB
Estimated disk space required: 31 MB
Estimated build time: 0.3 SBU (add 2.0 SBU for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/tk
Install Tk by running the following commands:
cd unix && ./configure --prefix=/usr \ --mandir=/usr/share/man \ $([ $(uname -m) = x86_64 ] && echo --enable-64bit) && make && sed -e "s@^\(TK_SRC_DIR='\).*@\1/usr/include'@" \ -e "/TK_B/s@='\(-L\)\?.*unix@='\1/usr/lib@" \ -i tkConfig.sh
Running the tests is not recommended. Failures will be reported during the tests, depending on the screen resolution/capabilities, fonts installed and other X related parameters, but the end report can show 0 failures. Some tests will steal focus and some might crash your X Server. To test the results anyway, issue: make test. Ensure you run it from an X Window display device with the GLX extensions loaded, but even so, tests might hang.
Now, as the root
user:
make install && make install-private-headers && ln -v -sf wish8.6 /usr/bin/wish && chmod -v 755 /usr/lib/libtk8.6.so
$([ $(uname -m) = x86_64 ]
&& echo --enable-64bit)
: This switch is
used to enable 64 bit support in Tk on 64 bit operating systems.
make install-private-headers: This command is used to install the Tk library interface headers used by other packages if they link to the Tk library.
ln -v -sf wish8.6 /usr/bin/wish: This command is used to create a compatibility symbolic link to the wish8.6 file as many packages expect a file named wish.
sed -e ... tkConfig.sh: The Tk package expects that its source tree is preserved so that packages depending on it for their compilation can utilize it. This sed removes the references to the build directory and replaces them with saner system-wide locations.
Last updated on 2021-02-21 17:43:43 -0800
Vala is a new programming language that aims to bring modern programming language features to GNOME developers without imposing any additional runtime requirements and without using a different ABI compared to applications and libraries written in C.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/vala/0.50/vala-0.50.3.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/vala/0.50/vala-0.50.3.tar.xz
Download MD5 sum: 4431e41bce5380ed6481376e927ac0e3
Download size: 3.4 MB
Estimated disk space required: 220 MB (add 18 MB for tests)
Estimated build time: 0.5 SBU (using parallelism=4; add 2.3 SBU for tests)
Graphviz-2.44.1 (Required for valadoc)
dbus-1.12.20 (Required for the tests), libxslt-1.1.34 (Required for generating the documentation), help2man, and weasyprint
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/vala
Install Vala by running the following commands:
./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
--disable-valadoc
: This option is
required if Graphviz-2.44.1 is not installed.
is a compiler that translates Vala source code into C source and header files |
|
is a documentation generator for generating API documentation from Vala source code based on libvala |
|
generates a GI file for GObject and GLib based packages |
|
is an utility which generates Vala API (VAPI) files from GI files |
|
contains the Vala API functions |
Last updated on 2021-02-19 22:13:48 -0800
Valgrind is an instrumentation framework for building dynamic analysis tools. There are Valgrind tools that can automatically detect many memory management and threading bugs, and profile programs in detail. Valgrind can also be used to build new tools.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://sourceware.org/ftp/valgrind/valgrind-3.16.1.tar.bz2
Download (FTP): ftp://sourceware.org/pub/valgrind/valgrind-3.16.1.tar.bz2
Download MD5 sum: d1b153f1ab17cf1f311705e7a83ef589
Download size: 16 MB
Estimated disk space required: 615 MB (add 100 MB for tests)
Estimated build time: 0.6 SBU (Using parallelism=4; add 7.7 SBU for tests)
GDB-10.1 (for tests), LLVM-11.1.0 (with Clang), and Which-2.21 (for tests)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/valgrind
First, adapt the tests to glibc-2.33:
sed -i 's/arm64/amd64/' gdbserver_tests/nlcontrolc.vgtest
Install Valgrind by running the following commands:
sed -i 's|/doc/valgrind||' docs/Makefile.in && ./configure --prefix=/usr \ --datadir=/usr/share/doc/valgrind-3.16.1 && make
To test the results, issue: make regtest. The tests may
hang forever if GDB-10.1 is not installed. Some tests are
known to hang also, depending on the version of glibc. Some
tests in the "drd" test suite are known to fail as well.
Problematic tests can be disabled by changing the
prereq:
line
in the corresponding .vgtest
file to prereq:
false
. For example:
sed -e 's@prereq:.*@prereq: false@' \ -i {helgrind,drd}/tests/pth_cond_destroy_busy.vgtest
The OpenMP tests are
skipped if libgomp has been compiled with --enable-linux-futex
(the default). If
needed, just recompile the libgomp library from the gcc
build tree, passing --disable-linux-futex
to configure, storing
the library to some place and changing the link from
/usr/lib/libgomp.so.1
to
point to the new library.
Now, as the root
user:
make install
sed -i ... docs/Makefile.in : This sed provides for installing the documentation in a versioned directory.
--enable-lto=yes
: This option
allows building Valgrind with LTO (link time optimization).
This produces a smaller/faster Valgrind (up to 10%), but
build time increases to about 5.5 SBU.
is a program for debugging and profiling Linux executables |
|
takes an output file produced by the Valgrind tool Callgrind and prints the information in an easy-to-read form |
|
controls programs being run by the Valgrind tool Callgrind |
|
is a post-processing tool for the Valgrind tool Cachegrind |
|
compares two Cachegrind output files |
|
merges multiple Cachegrind output files into one |
|
takes an output file produced by the Valgrind tool Massif and prints the information in an easy-to-read form |
|
is a server that reads debuginfo from objects stored on a different machine |
|
listens on a socket for Valgrind commentary |
|
is an intermediary between Valgrind and GDB or a shell |
Last updated on 2021-02-20 10:43:29 -0800
Yasm is a complete rewrite of the NASM-2.15.05 assembler. It supports the x86 and AMD64 instruction sets, accepts NASM and GAS assembler syntaxes and outputs binary, ELF32 and ELF64 object formats.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz
Download MD5 sum: fc9e586751ff789b34b1f21d572d96af
Download size: 1.5 MB
Estimated disk space required: 27 MB (additional 12 MB for the tests)
Estimated build time: 0.1 SBU (additional 0.1 SBU for the tests)
Python-2.7.18 and Cython
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/yasm
Install yasm by running the following commands:
sed -i 's#) ytasm.*#)#' Makefile.in && ./configure --prefix=/usr && make
To test the results, issue: make check.
Now, as the root
user:
make install
sed -i 's#) ytasm.*#)#' Makefile.in: This sed prevents it compiling 2 programs (vsyasm and ytasm) that are only of use on Microsoft Windows.
is a portable, retargetable assembler that supports the x86 and AMD64 instruction sets, accepts NASM and GAS assembler syntaxes and outputs binaries in ELF32 and ELF64 object formats |
|
provides all of the core functionality of yasm, for manipulating machine instructions and object file constructs |
Last updated on 2021-02-20 14:53:06 -0800
Java is different from most of the packages in LFS and BLFS. It is a programming language that works with files of byte codes to obtain instructions and executes then in a Java Virtual Machine (JVM). An introductory java program looks like:
public class HelloWorld
{
public static void main(String[] args)
{
System.out.println("Hello, World");
}
}
This program is saved as HelloWorld.java
. The file name,
HelloWorld, must match
the class name. It is then converted into byte code with
javac
HelloWorld.java. The output file is
HelloWorld.class
. The program
is executed with java
HelloWorld. This creates a JVM and runs the
code. The 'class' extension must not be specified.
Several class files can be combined into one file with the jar command. This is similar to the standard tar command. For instance, the command jar cf myjar.jar *.class will combine all class files in a directory into one jar file. These act as library files.
The JVM can search for and use classes in jar files
automatically. It uses the CLASSPATH
environment variable to search for
jar files. This is a standard list of colon-separated
directory names similar to the PATH
environment variable.
Creating a JVM from source requires a set of circular dependencies. The first thing that's needed is a set of programs called a Java Development Kit (JDK). This set of programs includes java, javac, jar, and several others. It also includes several base jar files.
To start, we set up a binary installation of the JDK created
by the BLFS editors. It is installed in the /opt
directory to allow for multiple
installations, including a source based version.
This package is known to build and work properly using an LFS-10.1 platform.
Binary download (x86): http://anduin.linuxfromscratch.org/BLFS/OpenJDK/OpenJDK-15.0.2/OpenJDK-15.0.2+7-i686-bin.tar.xz
Download MD5 sum: 8093b7f2d38fbfc39c63abd57462315b
Download size (binary): 148 MB
Estimated disk space required: 281 MB
Binary download (x86_64): https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz
Download MD5 sum: 9209edbd74358ccb1c54cf54004f0bb9
Download size (binary): 186 MB
Estimated disk space required: 321 MB
alsa-lib-1.2.4, Cups-2.3.3, giflib-5.2.1, and Xorg Libraries
Begin by extracting the appropriate binary tarball for your
architecture and changing to the extracted directory. Install
the binary OpenJDK with the
following commands as the root
user:
install -vdm755 /opt/OpenJDK-15.0.2+7-bin && mv -v * /opt/OpenJDK-15.0.2+7-bin && chown -R root:root /opt/OpenJDK-15.0.2+7-bin
The binary version is now installed. You may create a symlink
to that version by issuing, as the root
user:
ln -sfn OpenJDK-15.0.2+7-bin /opt/jdk
You may now proceed to Configuring the JAVA environment, where the instructions assume that the above link exists.
Last updated on 2021-02-23 13:28:17 -0800
OpenJDK is an open-source implementation of Oracle's Java Standard Edition platform. OpenJDK is useful for developing Java programs, and provides a complete runtime environment to run Java programs.
This package is known to build and work properly using an LFS-10.1 platform.
OpenJDK is GPL'd code, with a special exception made for non-free projects to use these classes in their proprietary products. In similar fashion to the LGPL, which allows non-free programs to link to libraries provided by free software, the GNU General Public License, version 2, with the Classpath Exception allows third party programs to use classes provided by free software without the requirement that the third party software also be free. As with the LGPL, any modifications made to the free software portions of a third party application, must also be made freely available.
The OpenJDK source includes a very thorough, open source test suite using the JTreg test harness. The testing instructions below allow to test the just built JDK for reasonable compatibility with the proprietary Oracle JDK. However, in order for an independent implementation to claim compatibility, it must pass a proprietary JCK/TCK test suite. No claims of compatibility, even partial compatibility, may be made without passing an approved test suite.
Oracle does provide free community access, on a case by case basis, to a closed toolkit to ensure 100% compatibility with its proprietary JDK. Neither the binary version provided on the Java-15.0.2 page nor the JVM built with the instructions below have been tested against the TCK. Any version that is built using the instructions given, cannot claim to be compatible with the proprietary JDK, without the user applying for, and completing the compatibility tests themselves.
With that in mind, the binaries produced using this build method are regularly tested against the TCK by the members listed on the site above. In addition to the community license above, an educational, non-commercial license for the TCK can be obtained from here.
Download (HTTP): https://github.com/openjdk/jdk15u/archive/jdk-15.0.2-ga.tar.gz
Download MD5 sum: e516e5e14ded6f91a89c9b4c83a87005
Download Size: 97 MB
Estimated disk space required: 4.5 GB (add 399 MB for tests)
Estimated build time: 4.5 SBU with 4 jobs (add 55 SBU for tests with 4 jobs)
http://anduin.linuxfromscratch.org/BLFS/OpenJDK/OpenJDK-15.0.2/jtreg-4.2.0-tip.tar.gz
Download MD5 sum: 11818f2ae4be19d2c7ae6501be60ee98
Download Size: 6.9 MB
An existing binary (Java-15.0.2 or an earlier built version of this package. The instructions below assume that you are using Configuring the JAVA environment), alsa-lib-1.2.4, cpio-2.13, Cups-2.3.3, UnZip-6.0, Which-2.21, Xorg Libraries, and Zip-3.0
make-ca-1.7, giflib-5.2.1, Little CMS-2.12, libjpeg-turbo-2.0.6, libpng-1.6.37, and Wget-1.21.1
git-2.30.1, Graphviz-2.44.1, Mercurial-5.7, and pandoc
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/openjdk
If you have downloaded the optional test harness, unpack it now:
tar -xf ../jtreg-4.2.0-tip.tar.gz
Before proceeding, you should ensure that your environment
PATH
variable contains the
location of the Java compiler used for bootstrapping
OpenJDK. This is the only
requirement for the environment. Modern Java installations
do not need JAVA_HOME
and
CLASSPATH
is not used here.
Furthermore, OpenJDK developers recommend to unset
JAVA_HOME
.
The build system does not allow the -j
switch in MAKEFLAGS
. See the command explanation for
--with-jobs=
for more
information on customizing parallelization.
Configure and build the package with the following commands (--with-milestone value can be modified to fit user preferences):
unset JAVA_HOME && bash configure --enable-unlimited-crypto \ --disable-warnings-as-errors \ --with-stdc++lib=dynamic \ --with-giflib=system \ --with-jtreg=$PWD/jtreg \ --with-lcms=system \ --with-libjpeg=system \ --with-libpng=system \ --with-zlib=system \ --with-version-build="7" \ --with-version-pre="" \ --with-version-opt="" \ --with-cacerts-file=/etc/pki/tls/java/cacerts && make images
To test the results, you will need to execute the jtreg
program. You can set the number of concurrent tests by adding
the -conc:
value
in the below command (tests will run sequentially otherwise):
<X>
export JT_JAVA=$(echo $PWD/build/*/jdk) && jtreg/bin/jtreg -jdk:$JT_JAVA -automatic -ignore:quiet -v1 \ test/jdk:tier1 test/langtools:tier1 && unset JT_JAVA
For more control over the test suite, review the
documentation available in jtreg/doc/jtreg/usage.txt
. To review the
results, see the files JTreport/test_{jdk,langtools}/text/stats.txt
and JTreport/test_{jdk,langtools}/text/summary.txt
.
You should expect to see around 40 failures and about the
same number of errors.
Install the package with the following commands as the
root
user:
install -vdm755 /opt/jdk-15.0.2+7 && cp -Rv build/*/images/jdk/* /opt/jdk-15.0.2+7 && chown -R root:root /opt/jdk-15.0.2+7 && for s in 16 24 32 48; do install -vDm644 src/java.desktop/unix/classes/sun/awt/X11/java-icon${s}.png \ /usr/share/icons/hicolor/${s}x${s}/apps/java.png done
If you only wish to install the Java Runtime Environment,
you can substitute build/*/images/jre
in the above
cp command.
There are now two OpenJDK
SDKs installed in /opt
. You
should decide on which one you would like to use as the
default. Normally, you would opt for the just installed
OpenJDK. If so, do the
following as the root
user:
ln -v -nsf jdk-15.0.2+7 /opt/jdk
If desired, you may create .desktop files to add entries in
the menu for java and jconsole. The needed icons
have already been installed. As the root
user:
mkdir -pv /usr/share/applications && cat > /usr/share/applications/openjdk-java.desktop << "EOF" &&[Desktop Entry] Name=OpenJDK Java 15.0.2 Runtime Comment=OpenJDK Java 15.0.2 Runtime Exec=/opt/jdk/bin/java -jar Terminal=false Type=Application Icon=java MimeType=application/x-java-archive;application/java-archive;application/x-jar; NoDisplay=true
EOF cat > /usr/share/applications/openjdk-jconsole.desktop << "EOF"[Desktop Entry] Name=OpenJDK Java 15.0.2 Console Comment=OpenJDK Java 15.0.2 Console Keywords=java;console;monitoring Exec=/opt/jdk/bin/jconsole Terminal=false Type=Application Icon=java Categories=Application;System;
EOF
bash
configure...: the top level configure
is a wrapper around the autotools
one. It is not executable and must be run through
bash.
--enable-unlimited-crypto
:
Because of limitations on the usage of cryptography in some
countries, there is the possibility to limit the size of
encryption keys and the use of some algorithms in a policy
file. This switch allows to ship a policy file with no
restriction. It is the responsibility of the user to ensure
proper adherence to the law.
--disable-warnings-as-errors
:
This switch disables use of -Werror
in the build.
--with-stdc++lib=dynamic
: This
switch forces the build system to link to libstdc++.so
(dynamic) instead of
libstdc++.a
(static).
--with-jobs=
: The
<X>
-j
passed to make
does not work with make as invoked here. By default, the
build system will use the number of CPUs - 1.
--with-jtreg=$PWD/jtreg
: This
switch tells configure where to find jtreg. Omit if you have
not downloaded the optional test suite.
--with-{giflib,lcms,libjpeg,libpng,zlib}=system
:
These switches force the build system to use the system
libraries instead of the bundled versions.
--with-version-build
:
Currently, the build system does not include the build number
in the version string. It has to be specified here.
--with-version-pre
:
This switch allows you to prefix the version string with a
custom string.
--with-version-opt
:
This switch allows you to add an optional build description
to the version string.
--with-cacerts-file=/etc/pki/tls/java/cacerts
:
Specifies where to find a cacerts
file, /etc/pki/tls/java/
on a BLFS system.
Otherwise, an empty one is created. You can use the
/usr/sbin/make-ca
--force command to generate it, once you have
installed the Java binaries.
--with-boot-jdk
: This switch
provides the location of the temporary JDK. It is normally not needed if
java is found
in the PATH
.
Normally, the JAVA environment has been configured after installing the binary version, and can be used with the just built package as well. Review Configuring the JAVA environment in case you want to modify something.
To test if the man pages are correctly installed, issue source /etc/profile and man java to display the respective man page.
If you have run the instructions on the make-ca-1.7 page,
you only need to create a symlink in the default location
for the cacerts
file. As user
root
:
ln -sfv /etc/pki/tls/java/cacerts /opt/jdk/lib/security/cacerts
To check the installation, issue:
cd /opt/jdk bin/keytool -list -cacerts
At the prompt Enter keystore
password:
, enter changeit
(the default) or
just press the “Enter” key. If the cacerts
file was installed correctly, you
will see a list of the certificates with related
information for each one. If not, you need to reinstall
them.
is an “ahead-of-time” java class compiler |
|
combines multiple files into a single jar archive |
|
signs jar files and verifies the signatures and integrity of a signed jar file |
|
launches a Java application by starting a Java runtime environment, loading a specified class and invoking its main method |
|
reads class and interface definitions, written in the Java programming language, and compiles them into bytecode class files |
|
parses the declarations and documentation comments in a set of Java source files and produces a corresponding set of HTML pages describing the classes, interfaces, constructors, methods, and fields |
|
disassembles a Java class file |
|
is a utility to send diagnostic command requests to a running Java Virtual Machine |
|
is a graphical console tool to monitor and manage both local and remote Java applications and virtual machines |
|
is a simple command-line debugger for Java classes |
|
scans class or jar files for uses of deprecated API elements |
|
shows the package-level or class-level dependencies of Java class files |
|
is a tool for working with “Flight Recorder” files |
|
is a tool to analyze the content of a core dump from a crashed Java Virtual Machine (JVM) |
|
is used to list, extract, verify, or get information about modules in jimage format |
|
prints Java configuration information for a given Java process, core file, or a remote debug server |
|
is used to assemble and optimize a set of modules and their dependencies into a custom runtime image |
|
prints shared object memory maps or heap memory details of a given process, core file, or a remote debug server |
|
creates JMOD files and lists the content of existing JMOD files |
|
generates java application packages and images |
|
lists the instrumented JVMs on the target system |
|
is a command line script shell |
|
is an interactive tool for learning the Java programming language and prototyping Java code |
|
prints Java stack traces of Java threads for a given Java process, core file, or a remote debug server |
|
displays performance statistics for an instrumented JVM |
|
is an RMI server application that monitors for the creation and termination of instrumented JVMs |
|
is a key and certificate management utility |
|
starts the activation system daemon |
|
creates and starts a remote object registry on the specified port on the current host |
|
returns the serialVersionUID for one or more classes in a form suitable for copying into an evolving class |
Last updated on 2021-02-24 13:26:42 -0800
After the package installation is complete, the next step is
to make sure that the system can properly find the files. If
you set up your login scripts as recommended in The Bash Shell Startup
Files, update the environment by creating the
openjdk.sh
script, as the
root
user:
cat > /etc/profile.d/openjdk.sh << "EOF"
# Begin /etc/profile.d/openjdk.sh
# Set JAVA_HOME directory
JAVA_HOME=/opt/jdk
# Adjust PATH
pathappend $JAVA_HOME/bin
# Add to MANPATH
pathappend $JAVA_HOME/man MANPATH
# Auto Java CLASSPATH: Copy jar files to, or create symlinks in, the
# /usr/share/java directory. Note that having gcj jars with OpenJDK 8
# may lead to errors.
AUTO_CLASSPATH_DIR=/usr/share/java
pathprepend . CLASSPATH
for dir in `find ${AUTO_CLASSPATH_DIR} -type d 2>/dev/null`; do
pathappend $dir CLASSPATH
done
for jar in `find ${AUTO_CLASSPATH_DIR} -name "*.jar" 2>/dev/null`; do
pathappend $jar CLASSPATH
done
export JAVA_HOME
unset AUTO_CLASSPATH_DIR dir jar
# End /etc/profile.d/openjdk.sh
EOF
If Sudo-1.9.5p2 is installed, the super user
should have access to the above variables. Execute the
following commands as the root
user:
cat > /etc/sudoers.d/java << "EOF"
Defaults env_keep += JAVA_HOME
Defaults env_keep += CLASSPATH
EOF
For allowing mandb to include the
OpenJDK man pages in its database, issue, as the root
user:
cat >> /etc/man_db.conf << "EOF" &&
# Begin Java addition
MANDATORY_MANPATH /opt/jdk/man
MANPATH_MAP /opt/jdk/bin /opt/jdk/man
MANDB_MAP /opt/jdk/man /var/cache/man/jdk
# End Java addition
EOF
mkdir -p /var/cache/man &&
mandb -c /opt/jdk/man
OpenJDK uses its own format
for the CA certificates. The Java security modules use
$JAVA_HOME
/lib/security/cacerts
by default. In order
to keep all the certificates in one place, we use
/etc/ssl/java/cacerts
. The
instructions on the make-ca-1.7 page previously created the
file located in /etc/ssl/java
.
Setup a symlink in the default location as the root
user:
ln -sfv /etc/pki/tls/java/cacerts /opt/jdk/lib/security/cacerts
Use the following command to check if the cacerts
file has been successfully
installed:
/opt/jdk/bin/keytool -list -cacerts
At the prompt Enter keystore
password:
, enter changeit
(the default) or
just press the “Enter” key. If the cacerts
file was installed correctly, you
will see a list of the certificates with related information
for each one. If not, you need to reinstall them.
If you later install a new JVM, you just have to create the symlink in the default location to be able to use the cacerts.
Last updated on 2019-02-09 18:26:31 -0800
The Apache Ant package is a Java-based build tool. In theory, it is like the make command, but without make's wrinkles. Ant is different. Instead of a model that is extended with shell-based commands, Ant is extended using Java classes. Instead of writing shell commands, the configuration files are XML-based, calling out a target tree that executes various tasks. Each task is run by an object that implements a particular task interface.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://archive.apache.org/dist/ant/source/apache-ant-1.10.9-src.tar.xz
Download MD5 sum: 700443388a718591dc1e031e52e9be3b
Download size: 4.3 MB
Estimated disk space required: 142 MB
Estimated build time: 0.3 SBU (excluding download time)
A JDK (Java Binary or OpenJDK-15.0.2) and GLib-2.66.7
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/apache-ant
First fix an incompatibility issue between the documentation standard used in the build tree, and the one expected by OpenJDK-15.0.2:
sed -i 's/--add-modules java.activation/-html4/' build.xml
Build a limited bootstrap version of Apache Ant using the following command:
./bootstrap.sh
Download the runtime dependencies using the fetch.xml
ant build script:
bootstrap/bin/ant -f fetch.xml -Ddest=optional
Build Apache Ant by running the following command:
./build.sh -Ddist.dir=$PWD/ant-1.10.9 dist
Install, as the root
user:
cp -rv ant-1.10.9 /opt/ && chown -R root:root /opt/ant-1.10.9 && ln -sfv ant-1.10.9 /opt/ant
bootstrap/bin/ant -f fetch.xml
-Ddest=optional: Downloads the missing
dependencies to user's home directory, and copy them into the
source tree (in the lib/optional
directory, where ant picks them up at build
time).
./build.sh -Ddist.dir=$PWD/ant-1.10.9 dist: This command builds, tests, then installs the package into a temporary directory.
Some packages will require ant to be in the search
path and the ANT_HOME
environment variable defined. Satisfy these requirements by
issuing, as the root
user:
cat > /etc/profile.d/ant.sh << EOF
# Begin /etc/profile.d/ant.sh
pathappend /opt/ant/bin
export ANT_HOME=/opt/ant
# End /etc/profile.d/ant.sh
EOF
The above instructions assume you have configured your system as described in The Bash Shell Startup Files.
ant*.jar
and dependant libraries in
$ANT_HOME
/lib
is a Java based build tool used by many packages instead of the conventional make program |
|
is a support script used to start ant build scripts in a given directory |
|
is a Perl script that provides similar functionality offered by the antRun script |
|
is a Perl script that allows Bash to complete an ant command-line |
|
is a Perl wrapper script used to invoke ant |
|
is a Python wrapper script used to invoke ant |
|
files are the Apache Ant Java class libraries |
Last updated on 2021-02-23 12:52:46 -0800
The LFS book covers setting up networking by connecting to a LAN with a static IP address. There are other methods used to obtain an IP address and connect to a LAN and other networks (such as the Internet). The most popular methods (DHCP and PPP) are covered in this chapter.
DHCP stands for Dynamic Host Configuration Protocol. It is a protocol used by many sites to automatically provide information such as IP addresses, subnet masks and routing information to computers. If your network uses DHCP, you will need a DHCP client in order to connect to it.
Enable the following options in the kernel configuration and recompile the kernel if necessary:
Networking support: Y
Networking options:
802.1d Ethernet Bridging: M or Y
In this section we are are going to discuss how to set up a
network bridge using systemd-networkd. In the
examples below, eth0
represents the
external interface that is being bridged, while br0
represents the bridge
interface.
To create a bridge interface, create the following
configuration file by running the following command as the
root
user:
cat > /etc/systemd/network/50-br0.netdev << EOF
[NetDev]
Name=br0
Kind=bridge
EOF
To assign a network interface to a bridge, create the
following configuration file by running the following
command as the root
user:
cat > /etc/systemd/network/51-eth0.network << EOF
[Match]
Name=eth0
[Network]
Bridge=br0
EOF
Repeat the process for any other interfaces that need to be bridged. Note that it is important that nothing assigns any addresses to the bridged interfaces. If you are using NetworkManager-1.30.0, make sure you configure them to ignore the bridged interfaces, as well as the bridge interface itself.
If you are on a network which uses DHCP for assigning ip
addresses, create the following configuration file by
running the following command as the root
user:
cat > /etc/systemd/network/60-br0.network << EOF
[Match]
Name=br0
[Network]
DHCP=yes
EOF
Alternatively, if using a static ip setup, create the
following configuration file by running the following
command as the root
user:
cat > /etc/systemd/network/60-br0.network << EOF
[Match]
Name=br0
[Network]
Address=192.168.0.2/24
Gateway=192.168.0.1
DNS=192.168.0.1
EOF
To bring up the bridge interface, simply restart the
systemd-networkd daemon
by running the following command as the root
user:
systemctl restart systemd-networkd
Last updated on 2019-02-24 17:09:00 -0800
dhcpcd is an implementation of the DHCP client specified in RFC2131. A DHCP client is useful for connecting your computer to a network which uses DHCP to assign network addresses. dhcpcd strives to be a fully featured, yet very lightweight DHCP client.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://roy.marples.name/downloads/dhcpcd/dhcpcd-9.4.0.tar.xz
Download (FTP): ftp://roy.marples.name/pub/dhcpcd/dhcpcd-9.4.0.tar.xz
Download MD5 sum: c36715fc629bc40aa94aae06fa1724c2
Download size: 252 KB
Estimated disk space required: 3.6 MB (with tests)
Estimated build time: less than 0.1 SBU (with tests)
LLVM-11.1.0 (with Clang), ntp-4.2.8p15, chronyd, and ypbind
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dhcpcd
Recent releases of dhcpcd
implement privilege separation. Additional installation steps
are necessary to set up the proper environment, which are
performed by issuing the following commands as the
root
user:
install -v -m700 -d /var/lib/dhcpcd && groupadd -g 52 dhcpcd && useradd -c 'dhcpcd PrivSep' \ -d /var/lib/dhcpcd \ -g dhcpcd \ -s /bin/false \ -u 52 dhcpcd && chown -v dhcpcd:dhcpcd /var/lib/dhcpcd
Install dhcpcd by running the following commands:
./configure --libexecdir=/lib/dhcpcd \ --dbdir=/var/lib/dhcpcd \ --privsepuser=dhcpcd && make
To test the results, issue: make test.
Now, as the root
user:
make install
--libexecdir=/lib/dhcpcd
: The
default /libexec
is not
FHS-compliant. Since this directory may need to be available
early in the boot, /usr/libexec
cannot be used either.
--dbdir=/var/lib/dhcpcd
: The
default /var/db
is not
FHS-compliant
--with-hook=...
: You can
optionally install more hooks, for example to install some
configuration files such as ntp.conf
. The set of hooks is in the
dhcpcd-hooks
directory in the
build tree.
If you want to configure network interfaces at boot using
dhcpcd, you
need to install the systemd unit included in blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-dhcpcd
The
default behavior of dhcpcd is to set the
hostname and the mtu. It also overwrites /etc/resolv.conf
and /etc/ntp.conf
. These modifications to
system configuration files are done by hooks which are
stored in /lib/dhcpcd/dhcpcd-hooks
. Setup
dhcpcd by
removing or adding hooks from/to that directory. The
execution of hooks can be disabled by using the
--nohook
(-C
) command line option or by the
nohook
option in the
/etc/dhcpcd.conf
file.
Make sure that you disable the systemd-networkd service or configure it not to manage the interfaces you want to manage with dhcpcd.
At this point you can test if dhcpcd is behaving as
expected by running the following command as the
root
user:
systemctl start dhcpcd@eth0
To start dhcpcd on a specific
interface at boot, enable the previously installed systemd
unit by running the following command as the root
user:
systemctl enable dhcpcd@eth0
Replace eth0
with
the actual interface name.
Last updated on 2021-02-19 11:42:41 -0800
The ISC DHCP package contains both the client and server programs for DHCP. dhclient (the client) is used for connecting to a network which uses DHCP to assign network addresses. dhcpd (the server) is used for assigning network addresses on private networks.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): ftp://ftp.isc.org/isc/dhcp/4.4.2/dhcp-4.4.2.tar.gz
Download MD5 sum: 2afdaf8498dc1edaf3012efdd589b3e1
Download size: 9.4 MB
Estimated disk space required: 115 MB
Estimated build time: 0.4 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/dhcp
You must have Packet Socket support. IPv6 support is optional.
[*] Networking support ---> [CONFIG_NET]
Networking options --->
<*> Packet socket [CONFIG_PACKET]
<*> The IPv6 Protocol ---> [CONFIG_IPV6]
First, fix a build issue with GCC 10 and later:
sed -i '/o.*dhcp_type/d' server/mdb.c && sed -r '/u.*(local|remote)_port/d' \ -i client/dhclient.c \ relay/dhcrelay.c
This package does not support parallel build.
Be careful with the instructions below. The single and double quotes are important because the defined variables are used verbatim in the code.
Install ISC DHCP by running the following commands:
( export CFLAGS="${CFLAGS:--g -O2} -Wall -fno-strict-aliasing \ -D_PATH_DHCLIENT_SCRIPT='\"/sbin/dhclient-script\"' \ -D_PATH_DHCPD_CONF='\"/etc/dhcp/dhcpd.conf\"' \ -D_PATH_DHCLIENT_CONF='\"/etc/dhcp/dhclient.conf\"'" && ./configure --prefix=/usr \ --sysconfdir=/etc/dhcp \ --localstatedir=/var \ --with-srv-lease-file=/var/lib/dhcpd/dhcpd.leases \ --with-srv6-lease-file=/var/lib/dhcpd/dhcpd6.leases \ --with-cli-lease-file=/var/lib/dhclient/dhclient.leases \ --with-cli6-lease-file=/var/lib/dhclient/dhclient6.leases ) && make -j1
This package does not come with a test suite.
If you only want to install the ISC
DHCP client, issue the following commands as the
root
user:
make -C client install && mv -v /usr/sbin/dhclient /sbin && install -v -m755 client/scripts/linux /sbin/dhclient-script
Skip to the section called “Client Configuration” in order to configure the client
If you only want to install the ISC
DHCP server, issue the following command as the
root
user:
make -C server install
Skip to the section called “Server Configuration” in order to configure the server.
Alternatively, you can install whole package which includes
the client, server, relay, static libraries and development
headers by running the following commands as the root
user:
make install && mv -v /usr/sbin/dhclient /sbin && install -v -m755 client/scripts/linux /sbin/dhclient-script
Create a basic /etc/dhcp/dhclient.conf
by running the
following command as the root
user:
install -vdm755 /etc/dhcp &&
cat > /etc/dhcp/dhclient.conf << "EOF"
# Begin /etc/dhcp/dhclient.conf
#
# Basic dhclient.conf(5)
#prepend domain-name-servers 127.0.0.1;
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, domain-search, host-name,
netbios-name-servers, netbios-scope, interface-mtu,
ntp-servers;
require subnet-mask, domain-name-servers;
#timeout 60;
#retry 60;
#reboot 10;
#select-timeout 5;
#initial-interval 2;
# End /etc/dhcp/dhclient.conf
EOF
See man 5 dhclient.conf for additional options.
Now create the /var/lib/dhclient
directory which will
contain DHCP Client leases by running the following command
as the root
user:
install -v -dm 755 /var/lib/dhclient
If you want to configure
network interfaces at boot using dhclient, you need to
install the [email protected]
unit included in the blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-dhclient
Make sure that you disable the systemd-networkd service or configure it not to manage the interfaces you want to manage with dhclient.
At this point you can test if dhclient is behaving as
expected by running the following command as the
root
user:
systemctl start dhclient@eth0
To start dhclient on a specific
interface at boot, enable the previously installed systemd
unit by running the following command as the root
user:
systemctl enable dhclient@eth0
Replace eth0
with
the actual interface name.
Note that you only need the DHCP server if you want to issue LAN addresses over your network. The DHCP client doesn't need the server in order to function properly.
Start with creating /etc/dhcp/dhcpd.conf
by running the
following command as the root
user:
cat > /etc/dhcp/dhcpd.conf << "EOF"
# Begin /etc/dhcp/dhcpd.conf
#
# Example dhcpd.conf(5)
# Use this to enable / disable dynamic dns updates globally.
ddns-update-style none;
# option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# This is a very basic subnet declaration.
subnet 10.254.239.0 netmask 255.255.255.224 {
range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
# End /etc/dhcp/dhcpd.conf
EOF
Adjust the file to suit your needs. See man 5 dhcpd.conf for additional options.
Now create the /var/lib/dhcpd
directory which will contain DHCP Server leases by running
the following command as the root
user:
install -v -dm 755 /var/lib/dhcpd
If you want to start the DHCP Server at boot, install the
dhcpd.service
unit included in the
blfs-systemd-units-20210122
package:
make install-dhcpd
You will need to edit the /etc/default/dhcpd
in order to set
the interface on which dhcpd will serve the DHCP
requests.
is the implementation of the DHCP client |
|
is used by dhclient to (re)configure interfaces. It can make extra changes by invoking custom dhclient-{entry,exit}-hooks |
|
implements Dynamic Host Configuration Protocol (DHCP) and Internet Bootstrap Protocol (BOOTP) requests for network addresses |
|
provides a means to accept DHCP and BOOTP requests on a subnet without a DHCP server and relay them to a DHCP server on another subnet |
|
provides an interactive way to connect to, query and possibly change the ISC DHCP Server's state via OMAPI, the Object Management API |
Last updated on 2021-02-26 10:39:02 -0800
These applications are generally client applications used to access the appropriate server across the building or across the world. Tcpwrappers and portmap are support programs for daemons that you may have running on your machine.
The bridge-utils package contains a utility needed to create and manage bridge devices. This is useful in setting up networks for a hosted virtual machine (VM).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/utils/net/bridge-utils/bridge-utils-1.6.tar.xz
Download MD5 sum: 541ae1c50cc268056693608920e6c908
Download size: 32 KB
Estimated disk space required: 916 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bridge
Enable the following options in the kernel configuration and recompile the kernel if necessary:
[*] Networking support ---> [CONFIG_NET]
Networking options --->
<*/M> 802.1d Ethernet Bridging [CONFIG_BRIDGE]
Install bridge-utils by running the following commands:
autoconf && ./configure --prefix=/usr && make
Testing the results requires running the six shell scripts in
the tools/
directory. Two of
the tests require two ethernet ports. Some tests will not
preserve the current network configuration. See tests/README
for details.
Now, as the root
user:
make install
Last updated on 2021-02-22 15:55:36 -0800
The cifs-utils package provides a means for mounting SMB/CIFS shares on a Linux system.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.samba.org/ftp/linux-cifs/cifs-utils/cifs-utils-6.12.tar.bz2
Download MD5 sum: b49b10692bcae7f28669173a472077dd
Download size: 404 KB
Estimated disk space required: 4.7 MB
Estimated build time: 0.1 SBU
keyutils-1.6.1 (required to build PAM module), Linux-PAM-1.5.1, MIT Kerberos V5-1.19.1, Samba-4.13.4, and libcap-2.48 with PAM or libcap-ng
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cifsutils
Enable the following options in the kernel configuration and recompile the kernel if necessary:
File systems --->
[*] Network File Systems ---> [CONFIG_NETWORK_FILESYSTEMS]
<*/M> SMB3 and CIFS support (advanced network filesystem) [CONFIG_CIFS]
Depending on your server configuration, additional kernel options may be required.
Install cifs-utils by running the following commands:
./configure --prefix=/usr \ --disable-pam && make
This package does not come with a test suite.
Now, as the root
user:
make install
--disable-pam
: Do not
build PAM support. Remove it and use --with-pamdir
(see below), if Linux-PAM-1.5.1
is installed and you wish PAM support.
--with-pamdir=/lib/security
:
Install the PAM module in /lib/security
.
is a userspace helper program for the linux CIFS client filesystem. There are a number of activities that the kernel cannot easily do itself. This program is a callout program that does these things for the kernel and then returns the result. It is not intended to be run from the command-line |
|
is a userspace helper program for the linux CIFS client filesystem. It is intended to be run when the kernel calls request-key for a particular key type. It is not intended to be run from the command-line |
|
is a tool for managing credentials (username and password) for the purpose of establishing sessions in multiuser mounts |
|
is a userspace helper to display an ACL in a security descriptor for Common Internet File System (CIFS) |
|
mounts a Linux CIFS filesystem. It is usually invoked indirectly by the mount(8) command when using the "-t cifs" option |
|
mounts a SMB3-based filesystem. It is usually invoked indirectly by the mount(8) command when using the "-t smb3" option |
|
is intended to alter an ACL of a security descriptor for a file system object |
|
displays quota information for a SMB filesystem |
|
displays SMB-specific file information, such as security descriptors and quotas |
Last updated on 2021-02-21 22:53:11 -0800
iw is a new nl80211 based CLI configuration utility for wireless devices. It supports all new drivers that have been added to the kernel recently. The old tool iwconfig, which uses Wireless Extensions interface, is deprecated and it's strongly recommended to switch to iw and nl80211.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/software/network/iw/iw-5.9.tar.xz
Download MD5 sum: 7a47d6f749ec69afcaf351166fd12f6f
Download size: 144 KB
Estimated disk space required: 4.6 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/iw
To use iw, the kernel must have the appropriate drivers and other support available. The appropriate bus must also be available. For older laptops, the PCMCIA bus (CONFIG_PCCARD) needs to be built. In some cases, this bus support will also need to be built for embedded iw cards. The appropriate bridge support also needs to be built. For many modern laptops, the CardBus host bridge (CONFIG_YENTA) will be needed.
In addition to the bus, the actual driver for the specific wireless card must also be available. There are many wireless cards and they don't all work with Linux. The first place to look for card support is the kernel. The drivers are located in Device Drivers → Network Device Support → Wireless LAN (non-hamradio). There are also external drivers available for some very common cards. For more information, look at the user notes.
After the correct drivers are loaded, the interface will
appear in /proc/net/wireless
.
To install iw, use the following commands:
sed -i "/INSTALL.*gz/s/.gz//" Makefile && make
This package does not come with a test suite.
Now, as the root
user:
make SBINDIR=/sbin install
sed ...: Install uncompressed manual pages in accordance with other man pages.
Last updated on 2021-02-22 15:55:36 -0800
The NcFTP package contains a powerful and flexible interface to the Internet standard File Transfer Protocol. It is intended to replace or supplement the stock ftp program.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): ftp://ftp.ncftp.com/ncftp/ncftp-3.2.6-src.tar.xz
Download MD5 sum: 42d0f896d69a4d603ec097546444245f
Download size: 412 KB
Estimated disk space required: 6.6 MB
Estimated build time: 0.2 SBU
LLVM-11.1.0 (with Clang, used by default if installed)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ncftp
There are two ways to build NcFTP. The first (and optimal) way
builds most of the functionality as a shared library and then
builds and installs the program linked against this library.
The second method simply links all of the functionality into
the binary statically. This doesn't make the dynamic library
available for linking by other applications. You need to
choose which method best suits you. Note that the second
method does not create
an entirely statically linked binary; only the libncftp
parts are statically linked in, in
this case. Be aware that building and using the shared
library is covered by the Clarified Artistic License;
however, developing applications that utilize the shared
library is subject to a different license.
First, fix an issue caused by a change in behavior in GCC-10:
sed -i 's/^Bookmark/extern Bookmark/' sh_util/gpshare.c
To install NcFTP using the first (and optimal) method, run the following commands:
./configure --prefix=/usr --sysconfdir=/etc && make -C libncftp shared && make
This package does not come with a test suite.
Now, as the root
user:
make -C libncftp soinstall && make install
To install NcFTP using the
second method (with the libncftp
functionality linked in
statically) run the following commands:
./configure --prefix=/usr --sysconfdir=/etc && make
This package does not come with a test suite.
Now, as the root
user:
make install
make -C ... && make -C
...: These commands make and install the
dynamic library libncftp
which
is then used to link against when compiling the main program.
Most NcFTP configuration
is done while in the program, and the configuration files
are dealt with automatically. One exception to this is
~/.ncftp/prefs_v3
. There are
various options to alter in there, including:
yes-i-know-about-NcFTPd=yes
This disables the splash screen advertising the NcFTPd server.
There are other options in the prefs_v3
file. Most of these are
self-explanatory. Global defaults can be set in
/etc/ncftp.prefs_v3
.
is a browser program for File Transfer Protocol |
|
is an individual batch FTP job processor |
|
is the NcFTP Bookmark Editor (NCurses-based) |
|
is an internet file transfer program for scripts used to retrieve files |
|
is an internet file transfer program for scripts used to list files |
|
is an internet file transfer program for scripts used to transfer files |
|
is a global batch FTP job processor daemon |
Last updated on 2021-02-21 22:53:11 -0800
The Net-tools package is a collection of programs for controlling the network subsystem of the Linux kernel.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://anduin.linuxfromscratch.org/BLFS/net-tools/net-tools-CVS_20101030.tar.gz
Download (FTP): ftp://anduin.linuxfromscratch.org/BLFS/net-tools/net-tools-CVS_20101030.tar.gz
Download MD5 sum: 6be14ed473cacdd68edeaa9605adc469
Download size: 288 KB
Estimated disk space required: 7.0 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/net-tools
The instructions below automate the configuration process by piping yes to the make config command. If you wish to run the interactive configuration process (by changing the instruction to just make config), but you are not sure how to answer all the questions, then just accept the defaults. This will be just fine in the majority of cases. What you're asked here is a bunch of questions about which network protocols you've enabled in your kernel. The default answers will enable the tools from this package to work with the most common protocols: TCP, PPP, and several others. You still need to actually enable these protocols in the kernel—what you do here is merely tell the package to include support for those protocols in its programs, but it's up to the kernel to make the protocols available.
This package has several unneeded protocols and hardware device specific functions that are obsolete. To only build the minimum needed for your system, skip the yes command and answer each question interactively. The minimum needed options are 'UNIX protocol family' and 'INET (TCP/IP) protocol family'.
The patch below cleans up the installation so that it does not overwrite the ifconfig and hostname programs that were installed in LFS.
Install Net-tools by running the following commands:
patch -Np1 -i ../net-tools-CVS_20101030-remove_dups-1.patch && sed -i '/#include <netinet\/ip.h>/d' iptunnel.c && yes "" | make config && make
This package does not come with a test suite.
Now, as the root
user:
make update
sed -i '/#include <netinet\/ip.h>/d' iptunnel.c: This fixes build breakage with linux-4.8 headers.
yes "" | make config: Piping yes to make config skips the interactive configuration and accepts the defaults.
is used to manipulate the kernel's ARP cache, usually to add or delete an entry, or to dump the entire cache |
|
adds, deletes and shows an interface's multicast addresses |
|
adds, changes, deletes and shows an interface's tunnels |
|
checks or sets the status of a network interface's Media Independent Interface (MII) unit |
|
names network interfaces based on MAC addresses |
|
is used to report network connections, routing tables, and interface statistics |
|
is used to fine tune the PLIP device parameters, to improve its performance |
|
is used to manipulate the kernel's RARP table |
|
is used to manipulate the IP routing table |
|
attaches a network interface to a serial line. This allows you to use normal terminal lines for point-to-point links to others computers |
Last updated on 2021-02-20 14:15:01 -0800
The NFS Utilities package contains the userspace server and client tools necessary to use the kernel's NFS abilities. NFS is a protocol that allows sharing file systems over the network.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.kernel.org/pub/linux/utils/nfs-utils/2.5.2/nfs-utils-2.5.2.tar.xz
Download MD5 sum: 8c2a746325cb620f55751563356b0804
Download size: 684 KB
Estimated disk space required: 20 MB
Estimated build time: 0.2 SBU
libtirpc-1.3.1 and rpcsvc-proto-1.4.2
Cyrus SASL-2.1.27 (for SASL authentication), LVM2-2.03.11 (libdevmapper for NFSv4 support), libnsl-1.3.0 (for NIS client support), OpenLDAP-2.4.57 (for LDAP authentication), SQLite-3.34.1, MIT Kerberos V5-1.19.1 or libgssapi , and librpcsecgss (for GSS and RPC security support), and libcap-2.48 with PAM
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nfs-utils
Enable the following options in the kernel configuration (choose client and/or server support as appropriate) and recompile the kernel if necessary:
File systems --->
[*] Network File Systems ---> [CONFIG_NETWORK_FILESYSTEMS]
<*/M> NFS client support [CONFIG_NFS_FS]
<*/M> NFS server support [CONFIG_NFSD]
Select the appropriate sub-options that appear when the above options are selected.
In BLFS we assume that nfs v3 will be used. If the
server offers nfs v4
(for linux, CONFIG_NFSD_V4) then auto-negotiation for v3
will fail and you will need to add nfsver=3
to the mount options. This also
applies if that option is enabled in the client's kernel, for example in
a distro trying to mount from a BLFS v3 server.
Even if neither end of the connection supports nfs v4,
adding nfsver=3
is still
beneficial because it prevents an error message "NFS: bad
mount option value specified: minorversion=1" being logged
on every mount.
Before you compile the program, ensure that the nobody
user and nogroup
group have been created as done
in the current LFS book. You can add them by running the
following commands as the root
user:
groupadd -g 99 nogroup && useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \ -s /bin/false -u 99 nobody
The classic uid and gid values are 65534 which is also -2
when interpreted as a signed 16-bit number. These values
impact other files on some filesystems that do not have
support for sparse files. The nobody
and nogroup
values are relatively
arbitrary. The impact on a server is nil if the
exports
file is configured
correctly. If it is misconfigured, an ls -l or ps listing will show a
uid or gid number of 65534 instead of a name. The client
uses nobody
only as the
user running rpc.statd.
Install NFS Utilities by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --sbindir=/sbin \ --disable-nfsv4 \ --disable-gss && make
This package does not come with a working test suite.
Now, as the root
user:
make install && chmod u+w,go+r /sbin/mount.nfs && chown nobody.nogroup /var/lib/nfs
--disable-gss
:
Disables support for RPCSEC GSS (RPC Security).
chown nobody.nogroup /var/lib/nfs: The rpc.statd program uses the ownership of this directory to set it's UID and GID. This command sets those to unprivileged entries.
/etc/exports
contains the
exported directories on NFS servers. Refer to the
exports.5
manual page for the
syntax of this file. Also refer to the "NFS HowTo"
available at http://nfs.sourceforge.net/nfs-howto/
for information on how to configure the servers and clients
in a secure manner. For example, for sharing the
/home
directory over the
local network, the following line may be added:
cat >> /etc/exports << EOF
/home 192.168.0.0/24
(rw,subtree_check,anonuid=99,anongid=99)
EOF
Be sure to replace the directory, network address. and prefix above to match your network. The only space in the line above should be between the directory and the network address.
Install the NFSv4 server units included in the blfs-systemd-units-20210122 package to start the server at boot.
make install-nfsv4-server
If you have disabled NFSv4 support, run the following
command as the root
user
to omit the NFSv4 specific systemd units:
make install-nfs-server
You can edit the /etc/default/nfs-utils
file to change
the startup options for NFS daemons. Defaults should be
fine for most use cases.
/etc/fstab
contains the
directories that are to be mounted on the client.
Alternately the partitions can be mounted by using the
mount command
with the proper options. To mount the /home
and /usr
partitions, add the following to the
/etc/fstab
:
<server-name>
:/home /home nfs rw,_netdev 0 0<server-name>
:/usr /usr nfs ro,_netdev 0 0
The options which can be used are specified in man 5 nfs . If both the
client and server are running recent versions of linux,
most of the options will be negotiated (but see the Note
above on nfsver=3). You can specify either rw
or ro
,
_netdev
if the filesystem is
to be automatically mounted at boot, or noauto
(and perhaps user
) for other filesystems.
If the fileserver is not running a recent version of linux, you may need to specifiy other options.
You may need to enable autofs v4 in your kernel, and add
the option comment=systemd.automount
. Some machines
may need this because systemd tries to mount the external
filesystems before the network is up. An alternative is to
run mount -a
as the root
user after the
system has started.
The following systemd units are not required if the nfs-server units are installed.
Install the units included in the blfs-systemd-units-20210122 package to start the client services at boot.
make install-nfs-client
maintains a list of NFS exported file systems |
|
displays NFS client per-mount statistics |
|
is used to mount a network share using NFS |
|
is used to mount a network share using NFSv4 |
|
can be used to test for and retrieve configuration settings from a range of nfs-utils configuration files |
|
prints information about NFS clients |
|
reports input/output statistics for network filesystems |
|
displays statistics kept about NFS client and server activity |
|
implements the NFS mount protocol on an NFS server |
|
implements the user level part of the NFS service on the server |
|
is used by the NFS file locking service. Run on both sides, client as well as server, when you want file locking enabled |
|
sets or clears the kernel's NFS client and server debug flags |
|
displays mount information for an NFS server |
|
is used to send Network Status Monitor reboot messages |
|
is a script called by nfsmount when mounting a filesystem with locking enabled, if statd does not appear to be running. It can be customised with whatever flags are appropriate for the site |
|
is used to unmount a network share using NFS |
|
is used to unmount a network share using NFSv4 |
Last updated on 2021-02-22 07:54:45 -0800
The ntp package contains a client and server to keep the time synchronized between various computers over a network. This package is the official reference implementation of the NTP protocol.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p15.tar.gz
Download MD5 sum: e1e6b23d2fc75cced41801dbcd6c2561
Download size: 6.7 MB
Estimated disk space required: 108 MB (with tests)
Estimated build time: 0.4 SBU (Using parallelism=4; with tests)
libcap-2.48 with PAM, libevent-2.1.12, libedit, and libopts from AutoGen
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/ntp
There should be a dedicated user and group to take control of
the ntpd daemon
after it is started. Issue the following commands as the
root
user:
groupadd -g 87 ntp && useradd -c "Network Time Protocol" -d /var/lib/ntp -u 87 \ -g ntp -s /bin/false ntp
The update-leap command needs to be fixed in order to run properly:
sed -e 's/"(\\S+)"/"?([^\\s"]+)"?/' \ -i scripts/update-leap/update-leap.in
Install ntp by running the following commands:
./configure CFLAGS="-O2 -g -fPIC -fcommon $CFLAGS" \ --prefix=/usr \ --bindir=/usr/sbin \ --sysconfdir=/etc \ --enable-linuxcaps \ --with-lineeditlibs=readline \ --docdir=/usr/share/doc/ntp-4.2.8p15 && make
To test the results, issue: make check.
Now, as the root
user:
make install && install -v -o ntp -g ntp -d /var/lib/ntp
CFLAGS="-O2 -g -fPIC"
: This
environment variable is necessary to generate Position
Independent Code needed for use in the package libraries.
--bindir=/usr/sbin
:
This parameter places the administrative programs in
/usr/sbin
.
--enable-linuxcaps
:
ntpd is run as user ntp, so use Linux capabilities for
non-root clock control.
--with-lineeditlibs=readline
:
This switch enables Readline
support for ntpdc and ntpq programs. If omitted,
libedit will be used if
installed, otherwise no readline capabilites will be
compiled.
The following configuration file first defines various ntp
servers with open access from different continents. Second,
it creates a drift file where ntpd stores the frequency
offset and a pid file to store the ntpd process ID. Third,
it defines the location for the leap-second definition file
/etc/ntp.leapseconds
, that
the update-leap script checks
and updates, when necessary. This script can be run as a
cron job and the ntp
developers recommend a frequency of about three weeks for
the updates. Since the documentation included with the
package is sparse, visit the ntp website at http://www.ntp.org/
and http://www.pool.ntp.org/ for
more information.
cat > /etc/ntp.conf << "EOF"
# Asia
server 0.asia.pool.ntp.org
# Australia
server 0.oceania.pool.ntp.org
# Europe
server 0.europe.pool.ntp.org
# North America
server 0.north-america.pool.ntp.org
# South America
server 2.south-america.pool.ntp.org
driftfile /var/lib/ntp/ntp.drift
pidfile /var/run/ntpd.pid
leapfile /var/lib/ntp/ntp.leapseconds
EOF
You may wish to add a “Security session”. For explanations, see https://www.eecis.udel.edu/~mills/ntp/html/accopt.html#restrict.
cat >> /etc/ntp.conf << "EOF"
# Security session
restrict default limited kod nomodify notrap nopeer noquery
restrict -6 default limited kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict ::1
EOF
There are two options. Option one is to run ntpd continuously and allow it to synchronize the time in a gradual manner. The other option is to run ntpd periodically (using cron) and update the time each time ntpd is scheduled.
If you choose Option one, then install the ntpd.service
unit included in the blfs-systemd-units-20210122
package.
make install-ntpd
If you prefer to run ntpd periodically, add
the following command to root
's crontab
:
ntpd -q
calculates optimal value for tick given ntp drift file |
|
generates cryptographic data files used by the NTPv4 authentication and identification schemes |
|
is useful at boot time, to delay the boot sequence until ntpd has set the time |
|
is a ntp daemon that runs in the background and keeps the date and time synchronized based on response from configured ntp servers. It also functions as a ntp server |
|
is a client program that sets the date and time based on the response from an ntp server. This command is deprecated |
|
is used to query the ntp daemon about its current state and to request changes in that state |
|
is a utility program used to monitor ntpd operations and determine performance |
|
reads and displays time-related kernel variables |
|
traces a chain of ntp servers back to the primary source |
|
is a Simple Network Time Protocol (SNTP) client |
|
reads, and optionally modifies, several timekeeping-related variables in older kernels that do not have support for precision timekeeping |
|
is a script to verify and, if necessary, update the leap-second definition file |
Last updated on 2021-02-22 07:54:45 -0800
The rpcbind program is a replacement for portmap. It is required for import or export of Network File System (NFS) shared directories.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/rpcbind/rpcbind-1.2.5.tar.bz2
Download MD5 sum: ed46f09b9c0fa2d49015f6431bc5ea7b
Download size: 124 KB
Estimated disk space required: 1.7 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/rpcbind
There should be a dedicated user and group to take control of
the rpcbind
daemon after it is started. Issue the following commands as
the root
user:
groupadd -g 28 rpc && useradd -c "RPC Bind Daemon Owner" -d /dev/null -g rpc \ -s /bin/false -u 28 rpc
In order to get rpcbind to work properly, first fix the package to use correct service name:
sed -i "/servname/s:rpcbind:sunrpc:" src/rpcbind.c
Install rpcbind by running the following commands:
patch -Np1 -i ../rpcbind-1.2.5-vulnerability_fixes-1.patch && ./configure --prefix=/usr \ --bindir=/sbin \ --sbindir=/sbin \ --enable-warmstarts \ --with-rpcuser=rpc && make
This package does not come with a test suite.
Now, as the root
user:
make install
--with-rpcuser=rpc
:
This switch is used so the rpcbind daemon will run as
an unprivileged user instead of the root
user.
Install the rpcbind.service
unit included in
the blfs-systemd-units-20210122
package.
make install-rpcbind
Last updated on 2021-02-19 11:32:42 -0800
The rsync package contains the rsync utility. This is useful for synchronizing large file archives over a network.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.samba.org/ftp/rsync/src/rsync-3.2.3.tar.gz
Download MD5 sum: 209f8326f5137d8817a6276d9577a2f1
Download size: 1.0 MB
Estimated disk space required: 10 MB (with tests - additional 47 MB for HTML API documentation)
Estimated build time: 0.7 SBU (with tests)
Doxygen-1.9.1, lz4, and xxhash
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/rsync
For security reasons, running the rsync server as an unprivileged user and
group is encouraged. If you intend to run rsync as a daemon, create
the rsyncd
user and group
with the following commands issued by the root
user:
groupadd -g 48 rsyncd && useradd -c "rsyncd Daemon" -m -d /home/rsync -g rsyncd \ -s /bin/false -u 48 rsyncd
Install rsync by running the following commands:
./configure --prefix=/usr \ --disable-lz4 \ --disable-xxhash \ --without-included-zlib && make
If you have Doxygen-1.9.1 installed and wish to build HTML API documentation, issue:
doxygen
To test the results, issue: make check.
Now, as the root
user:
make install
If you built the documentation, install it using the
following commands as the root
user:
install -v -m755 -d /usr/share/doc/rsync-3.2.3/api && install -v -m644 dox/html/* /usr/share/doc/rsync-3.2.3/api
--disable-lz4
: This
switch disables LZ4 compression support. Note that it uses
the superior 'zstd' algorithm when this switch is in use, and
zstd is provided in LFS.
--disable-xxhash
:
This switch disables advanced xxhash checksum support. Remove
this switch if you have installed xxhash.
--without-included-zlib
: This
switch enables compilation with the system-installed zlib
library.
For client access to remote files, you may need to install the OpenSSH-8.4p1 package to connect to the remote server.
This is a simple download-only configuration to set up running rsync as a server. See the rsyncd.conf(5) man-page for additional options (i.e., user authentication).
cat > /etc/rsyncd.conf << "EOF"
# This is a basic rsync configuration file
# It exports a single module without user authentication.
motd file = /home/rsync/welcome.msg
use chroot = yes
[localhost]
path = /home/rsync
comment = Default rsync module
read only = yes
list = yes
uid = rsyncd
gid = rsyncd
EOF
You can find additional configuration information and general documentation about rsync at https://rsync.samba.org/documentation.html.
Note that you only need to start the rsync server if you want to provide an rsync archive on your local machine. You don't need this unit to run the rsync client.
Install the rsyncd.service
unit included in
the blfs-systemd-units-20210122
package.
make install-rsyncd
This package comes with two types of units: A service file and a socket file. The service file will start rsync daemon once at boot and it will keep running until the system shuts down. The socket file will make systemd listen on rsync port (Default 873, needs to be edited for anything else) and will start rsync daemon when something tries to connect to that port and stop the daemon when the connection is terminated. This is called socket activation and is analogous to using {,x}inetd on a SysVinit based system.
By default, the first method is used - rsync daemon is
started at boot and stopped at shutdown. If the socket
method is desired, you need to run as the root
user:
systemctl stop rsyncd && systemctl disable rsyncd && systemctl enable rsyncd.socket && systemctl start rsyncd.socket
Note that socket method is only useful for remote backups. For local backups you'll need the service method.
is a replacement for rcp (and scp) that has many more features. It uses the “rsync algorithm” which provides a very fast method of syncing remote files. It does this by sending just the differences in the files across the link, without requiring that both sets of files are present at one end of the link beforehand |
|
is a helper script used when connecting to an rsync daemon that has SSL support built in |
Last updated on 2021-02-19 21:30:09 -0800
The Samba package provides file and print services to SMB/CIFS clients and Windows networking to Linux clients. Samba can also be configured as a Windows Domain Controller replacement, a file/print server acting as a member of a Windows Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which among other things provides LAN browsing support).
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.samba.org/ftp/samba/stable/samba-4.13.4.tar.gz
Download MD5 sum: ba89901019e05585f9511f52a4667d4f
Download size: 18 MB
Estimated disk space required: 629 MB (add 380 MB for quicktest)
Estimated build time: 3.1 SBU (using parallelism=4; add 4.9 SBU for quicktest)
GnuTLS-3.7.0, jansson-2.13.1, libtirpc-1.3.1, lmdb-0.9.28, and rpcsvc-proto-1.4.2
Fuse-3.10.2, GPGME-1.15.1, ICU-68.2, libxslt-1.1.34 (for documentation), Linux-PAM-1.5.1, Parse-Yapp-1.21, PyCryptodome-3.10.1, and OpenLDAP-2.4.57
Avahi-0.8, BIND-9.16.11, Cups-2.3.3, Cyrus SASL-2.1.27, GDB-10.1, git-2.30.1, GnuPG-2.2.27 (required for ADS and testsuite), libaio-0.3.112, libarchive-3.5.1, libcap-2.48 with PAM, libgcrypt-1.9.2, libnsl-1.3.0, MIT Kerberos V5-1.19.1, NSS-3.61, popt-1.18, Talloc-2.3.2 (included), Vala-0.50.3, Valgrind-3.16.1 (optionally used by the test suite), xfsprogs-5.10.0, cmocka, ctdb (included), cwrap, dnspython, FAM, Gamin, GlusterFS, Heimdal (included), libunwind, ldb (included), M2Crypto (required for ADS), OpenAFS, PyGPGME (recommended for ADS), tevent (included), and tdb (included)
Install in listed order: six-1.15.0, argparse, extras, py, enum34, hypothesis, pytest, coverage, pytest-cov, doctools, unittest2, testtools, fixtures, python-mimeparse, contextlib2, traceback2, linecache2, testscenarios, testresources, virtualenv, pbr, and python-subunit
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/samba4
Fix a test that always fails:
echo "^samba4.rpc.echo.*on.*ncacn_np.*with.*object.*nt4_dc" >> selftest/knownfail
Install Samba by running the following commands:
CFLAGS="-I/usr/include/tirpc" \ LDFLAGS="-ltirpc" \ ./configure \ --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --with-piddir=/run/samba \ --with-pammodulesdir=/lib/security \ --enable-fhs \ --without-ad-dc \ --enable-selftest && make
To test the results, as the root
user, issue: make quicktest. The test
suite will produce lines that look like failures, but these
are innocuous. The last few lines of output should report
"ALL OK" for a good
test run. A summary of any failures can be found in
./st/summary
. With
Samba-4.12.0, many tests are known to fail.
Additionally, developer test suites are available. If you've installed the optional python modules above, you can run these tests with make test. It is not recommended for the average builder at around 290 SBU and over a gigabyte of disk space, and you should expect ~73 errors and ~30 failures from the 3000+ tests.
Now, as the root
user:
make install && mv -v /usr/lib/libnss_win{s,bind}.so.* /lib && ln -v -sf ../../lib/libnss_winbind.so.2 /usr/lib/libnss_winbind.so && ln -v -sf ../../lib/libnss_wins.so.2 /usr/lib/libnss_wins.so && install -v -m644 examples/smb.conf.default /etc/samba && mkdir -pv /etc/openldap/schema && install -v -m644 examples/LDAP/README \ /etc/openldap/schema/README.LDAP && install -v -m644 examples/LDAP/samba* \ /etc/openldap/schema && install -v -m755 examples/LDAP/{get*,ol*} \ /etc/openldap/schema
--enable-fhs
: Assigns
all other file paths in a manner compliant with the
Filesystem Hierarchy Standard (FHS).
--without-ad-dc
:
Disables Active Directory Domain Controller functionality.
See
Setup a Samba Active Directory Domain Controller for
detailed information. Remove this switch if you've installed
the Python modules needed for ADS support. Note that BLFS
does not provide a samba bootscript or systemd unit for an
Active Directory domain controller.
--with-selftest-prefix=SELFTEST_PREFIX
: This
option specifies the test suite work directory
(default=./st).
mv -v
/usr/lib/libnss_win{s,bind}.so* /lib: The nss
libraries are installed in /usr/lib
by default. Move them to
/lib
.
ln -v -sf ../../lib/libnss_winbind.so.2 /usr/lib/libnss_winbind.so and ln -v -sf ../../lib/libnss_wins.so.2 /usr/lib/libnss_wins.so: These symlinks are required when applications build against these libraries.
install -v -m644
examples/LDAP/* /etc/openldap/schema: These
commands are used to copy sample Samba schemas to the
OpenLDAP schema
directory.
install -v -m644
../examples/smb.conf.default /etc/samba: This
copies a default smb.conf
file
into /etc/samba
. This sample
configuration will not work until you copy it to /etc/samba/smb.conf
and make the
appropriate changes for your installation. See the
configuration section for minimum values which must be set.
If you use CUPS for print
services, and you wish to print to a printer attached to an
SMB client, you need to create an SMB backend device. To
create the device, issue the following command as the
root
user:
install -dvm 755 /usr/lib/cups/backend && ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb
Due to the complexity and the many various uses for
Samba, complete
configuration for all the package's capabilities is well
beyond the scope of the BLFS book. This section provides
instructions to configure the /etc/samba/smb.conf
file for two common
scenarios. The complete contents of /etc/samba/smb.conf
will depend on the
purpose of Samba
installation.
You may find it easier to copy the configuration
parameters shown below into an empty /etc/samba/smb.conf
file instead of
copying and editing the default file as mentioned in the
“Command
Explanations” section. How you
create/edit the /etc/samba/smb.conf
file will be left
up to you. Do ensure the file is only writeable by the
root
user (mode 644).
Choose this variant if you only want to transfer files using smbclient, mount Windows shares and print to Windows printers, and don't want to share your files and printers to Windows machines.
A /etc/samba/smb.conf
file
with the following three parameters is sufficient:
[global]
workgroup = MYGROUP
dos charset = cp850
unix charset = ISO-8859-1
The values in this example specify that the computer
belongs to a Windows workgroup named “MYGROUP
”,
uses the “cp850
”
character set on the wire when talking to MS-DOS and MS
Windows 9x, and that the filenames are stored in the
“ISO-8859-1
”
encoding on the disk. Adjust these values appropriately
for your installation. The “unix
charset” value must be the same as
the output of locale
charmap when executed with the
LANG
variable set to your
preferred locale, otherwise the ls command may not
display correct filenames of downloaded files.
There is no need to run any Samba servers in this scenario, thus you don't need to install the provided bootscripts.
Choose this variant if you want to share your files and printers to Windows machines in your workgroup in addition to the capabilities described in Scenario 1.
In this case, the /etc/samba/smb.conf.default
file may be
a good template to start from. Also add “dos
charset” and “unix
charset” parameters to the
“[global]” section as
described in Scenario 1 in order to prevent filename
corruption. For security reasons, you may wish to define
path =
/home/alice/shared-files
, assuming your user
name is alice
and you only want to share the files in that directory,
instead of your entire home. Then, replace homes
by shared-files
and change
also the “comment
” if used the
configuration file below or the /etc/samba/smb.conf.default
to create
yours.
The following configuration file creates a separate share for each user's home directory and also makes all printers available to Windows machines:
[global]
workgroup = MYGROUP
dos charset = cp850
unix charset = ISO-8859-1
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
printable = yes
Other parameters you may wish to customize in the “[global]” section include:
server string =
security =
hosts allow =
load printers =
log file =
max log size =
socket options =
local master =
Reference the comments in the /etc/samba/smb.conf.default
file for
information regarding these parameters.
Since the smbd and nmbd daemons are needed
in this case, install the samba
bootscript. Be sure to run
smbpasswd
(with the -a
option to add
users) to enable and set passwords for all accounts that
need Samba access. Using
the default Samba passdb
backend, any user you attempt to add will also be
required to exist in the /etc/passwd
file.
More complex scenarios involving domain control or membership are possible. Such setups are advanced topics and cannot be adequately covered in BLFS. Many complete books have been written on these topics alone. Note that in some domain membership scenarios, the winbindd daemon and the corresponding bootscript are needed.
The default Samba
installation uses the nobody
user for guest access to the
server. This can be overridden by setting the
guest account =
parameter in
the /etc/samba/smb.conf
file. If you utilize the guest
account =
parameter, ensure this user exists in
the /etc/passwd
file.
To start the Samba
daemons at boot, install the systemd units from the
blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-samba
To start the winbindd daemon at
boot, install the systemd unit from the blfs-systemd-units-20210122
package by running the following command as the
root
user:
make install-winbindd
This package comes with two types of units: A service file and a socket file. The service file will start the smbd daemon once at boot and it will keep running until the system shuts down. The socket file will make systemd listen on the smbd port (Default 445, needs to be edited for anything else) and will start the smbd daemon when something tries to connect to that port and stop the daemon when the connection is terminated. This is called socket activation and is analogous to using {,x}inetd on a SysVinit based system.
By default, the first method is used - the smbd daemon
is started at boot and stopped at shutdown. If the
socket method is desired, you need to run the following
commands as the root
user:
systemctl stop smbd && systemctl disable smbd && systemctl enable smbd.socket && systemctl start smbd.socket
Note that only the smbd daemon can be socket activated.
is the dd command for SMB |
|
is used to read and manipulate TDB/CTDB databases using the dbwrap interface |
|
is used to write records to eventlogs from STDIN,
add the specified source and DLL eventlog registry
entries and display the active eventlog names (from
|
|
is used to list info about machines that respond to SMB name queries on a subnet |
|
is used to run random generic SMB operations against two SMB servers and show the differences in behavior |
|
is a command-line utility for adding records to an LDB database |
|
is a command-line program for deleting LDB database records |
|
allows you to edit LDB databases using your preferred editor |
|
allows you to modify records in an LDB database |
|
allows you to rename LDB databases |
|
searches an LDB database for records matching a specified expression |
|
is used to find differences in locking between two SMB servers |
|
is used to find differences in wildcard matching between Samba's implementation and that of a remote server |
|
runs Spotlight searches against a SMB server |
|
is used to recursively rename extended attributes |
|
is a DCE/RPC Packet Parser and Dumper |
|
is a tool for administration of Samba and remote CIFS servers, similar to the net utility for DOS/Windows |
|
is the Samba NetBIOS name server |
|
is used to query NetBIOS names and map them to IP addresses |
|
is a tool to allow external access to Winbind's NTLM authentication function |
|
converts LDAP schema's to LDB-compatible LDIF |
|
is a tool used to manage the SAM database |
|
is a utility that reports and changes SIDs in Windows registry files. It currently only supports Windows NT |
|
is a Diff program for Windows registry files |
|
applies registry patches to registry files |
|
is a Windows registry file browser using readline |
|
is a text-mode registry viewer |
|
is used to execute MS-RPC client side functions |
|
is a server to provide AD and SMB/CIFS services to clients |
|
is used to update the DNS names using TSIG-GSS |
|
downgrades the Samba AD database to be compatible with a previous version of Samba |
|
is a script used to compute your KCC (Knowledge Consistency Checker) topology |
|
allows you to edit Microsoft Group Policy Objects (GPOs) |
|
is a ncurses based tool to manage the Samba registry |
|
is a script to update the servicePrincipalName names from spn_update_list |
|
is the main Samba administration tool |
|
upgrades the DNS records in a Samba server to a newer version |
|
manipulates share ACL permissions on SMB file shares |
|
is used to manipulate Windows NT access control lists |
|
is a SMB/CIFS access utility, similar to FTP |
|
is used to control running smbd, nmbd and winbindd daemons |
|
is used to manipulate Windows NT quotas on SMB file shares |
|
is the main Samba daemon which provides SMB/CIFS services to clients |
|
is a simple utility with wget-like semantics, that can download files from SMB servers. You can specify the files you would like to download on the command-line |
|
changes a user's Samba password |
|
sends a print job to an SMB printer |
|
reports current Samba connections |
|
is a shell script used for backing up SMB/CIFS shares directly to Linux tape drives or a file |
|
is a testsuite that runs several tests against a SMB server |
|
is a text-based SMB network browser |
|
is a tool for backing up or validating the
integrity of Samba
|
|
is a tool used to print the contents of a
Samba |
|
is a tool for creating a Samba |
|
is a tool which allows simple database manipulation from the command line |
|
checks an |
|
queries a running winbindd daemon |
|
resolves names from Windows NT servers |
|
provides Name Service Switch API functions for resolving names from NT servers |
|
provides API functions for Samba's implementation of the Windows Internet Naming Service |
|
provides the API functions for the administration tools used for Samba and remote CIFS servers |
|
provides the API functions for the Samba SMB client tools |
|
provides API functions for Windows domain client services |
Last updated on 2021-02-23 18:13:38 -0800
The Wget package contains a utility useful for non-interactive downloading of files from the Web.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://ftp.gnu.org/gnu/wget/wget-1.21.1.tar.gz
Download (FTP): ftp://ftp.gnu.org/gnu/wget/wget-1.21.1.tar.gz
Download MD5 sum: b939ee54eabc6b9b0a8d5c03ace879c9
Download size: 4.6 MB
Estimated disk space required: 76 MB (with tests)
Estimated build time: 0.5 SBU (with tests)
make-ca-1.7 (runtime)
GnuTLS-3.7.0, HTTP-Daemon-6.12 (for the test suite), IO-Socket-SSL-2.069 (for the test suite), libidn2-2.3.0, libpsl-0.21.1, PCRE-8.44 or pcre2-10.36, and Valgrind-3.16.1 (for the test suite)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/wget
Install Wget by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --with-ssl=openssl && make
To test the results, issue: make check.
HTTPS tests are known to fail if Perl module IO::Socket::INET6 is installed.
Now, as the root
user:
make install
--sysconfdir=/etc
:
This relocates the configuration file from /usr/etc
to /etc
.
--with-ssl=openssl
:
This allows the program to use openssl instead of GnuTLS-3.7.0.
--enable-valgrind-tests
: This
allows the tests to be run under valgrind.
Last updated on 2021-02-19 22:13:48 -0800
The Wireless Extension (WE) is a generic API in the Linux kernel allowing a driver to expose configuration and statistics specific to common Wireless LANs to user space. A single set of tools can support all the variations of Wireless LANs, regardless of their type as long as the driver supports Wireless Extensions. WE parameters may also be changed on the fly without restarting the driver (or Linux).
The Wireless Tools (WT) package is a set of tools allowing manipulation of the Wireless Extensions. They use a textual interface to support the full Wireless Extension.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://hewlettpackard.github.io/wireless-tools/wireless_tools.29.tar.gz
Download MD5 sum: e06c222e186f7cc013fd272d023710cb
Download size: 288 KB
Estimated disk space required: 2.0 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/WirelessTools
To use Wireless Tools, the kernel must have the appropriate drivers and other support available. The appropriate bus must also be available. For many laptops, the PCMCIA bus (CONFIG_PCCARD) needs to be built. In some cases, this bus support will also need to be built for embedded wireless cards. The appropriate bridge support also needs to be built. For many modern laptops, the CardBus host bridge (CONFIG_YENTA) will be needed.
In addition to the bus, the actual driver for the specific wireless card must also be available. There are many wireless cards and they don't all work with Linux. The first place to look for card support is the kernel. The drivers are located in Device Drivers → Network Device Support → Wireless LAN (non-hamradio). There are also external drivers available for some very common cards. For more information, look at the user notes.
After the correct drivers are loaded, the interface will
appear in /proc/net/wireless
.
First, apply a patch that fixes a problem when numerous networks are available:
patch -Np1 -i ../wireless_tools-29-fix_iwlist_scanning-1.patch
To install Wireless Tools, use the following commands:
make
This package does not come with a test suite.
Now, as the root
user:
make PREFIX=/usr INSTALL_MAN=/usr/share/man install
INSTALL_MAN=/usr/share/man:
Install manual pages in /usr/share/man
instead of /usr/man
.
renames network interfaces based on various static criteria |
|
configures a wireless network interface |
|
displays wireless events generated by drivers and setting changes |
|
reports ESSID, NWID or AP/Cell Address of wireless networks |
|
gets detailed wireless information from a wireless interface |
|
configures optional (private) parameters of a wireless network interface |
|
gets wireless statistics from specific node |
|
contains functions required by the wireless programs and provides an API for other programs |
Last updated on 2021-02-20 14:15:01 -0800
WPA Supplicant is a Wi-Fi Protected Access (WPA) client and IEEE 802.1X supplicant. It implements WPA key negotiation with a WPA Authenticator and Extensible Authentication Protocol (EAP) authentication with an Authentication Server. In addition, it controls the roaming and IEEE 802.11 authentication/association of the wireless LAN driver. This is useful for connecting to a password protected wireless access point.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://w1.fi/releases/wpa_supplicant-2.9.tar.gz
Download MD5 sum: 2d2958c782576dc9901092fbfecb4190
Download size: 3.1 MB
Estimated disk space required: 35 MB
Estimated build time: 0.5 SBU (with optional gui)
desktop-file-utils-0.26 (for running update-desktop-database) and libnl-3.5.0
dbus-1.12.20, libxml2-2.9.10, and Qt-5.15.2
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/wpa_supplicant
Enable the following options in the kernel configuration as well as specific device drivers for your hardware and recompile the kernel if necessary:
[*] Networking support ---> [CONFIG_NET]
[*] Wireless ---> [CONFIG_WIRELESS]
<*/M> cfg80211 - wireless configuration API [CONFIG_CFG80211]
[*] cfg80211 wireless extensions compatibility [CONFIG_CFG80211_WEXT]
<*/M> Generic IEEE 802.11 Networking Stack (mac80211) [CONFIG_MAC80211]
Device Drivers --->
[*] Network device support ---> [CONFIG_NETDEVICES]
[*] Wireless LAN ---> [CONFIG_WLAN]
Open the submenu and select the options that support your hardware: lspci from pciutils-3.7.0 can be used to view your hardware configuration.
First you will need to create an initial configuration file
for the build process. You can read wpa_supplicant/README
and wpa_supplicant/defconfig
for the
explanation of the following options as well as other options
that can be used. Create a build configuration file that
should work for standard WiFi setups by running the following
command:
cat > wpa_supplicant/.config << "EOF"
CONFIG_BACKEND=file
CONFIG_CTRL_IFACE=y
CONFIG_DEBUG_FILE=y
CONFIG_DEBUG_SYSLOG=y
CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
CONFIG_DRIVER_NL80211=y
CONFIG_DRIVER_WEXT=y
CONFIG_DRIVER_WIRED=y
CONFIG_EAP_GTC=y
CONFIG_EAP_LEAP=y
CONFIG_EAP_MD5=y
CONFIG_EAP_MSCHAPV2=y
CONFIG_EAP_OTP=y
CONFIG_EAP_PEAP=y
CONFIG_EAP_TLS=y
CONFIG_EAP_TTLS=y
CONFIG_IEEE8021X_EAPOL=y
CONFIG_IPV6=y
CONFIG_LIBNL32=y
CONFIG_PEERKEY=y
CONFIG_PKCS12=y
CONFIG_READLINE=y
CONFIG_SMARTCARD=y
CONFIG_WPS=y
CFLAGS += -I/usr/include/libnl3
EOF
If you wish to use WPA Supplicant with NetworkManager-1.30.0, make sure that you have installed dbus-1.12.20 and libxml2-2.9.10, then add the following options to the WPA Supplicant build configuration file by running the following command:
cat >> wpa_supplicant/.config << "EOF"
CONFIG_CTRL_IFACE_DBUS=y
CONFIG_CTRL_IFACE_DBUS_NEW=y
CONFIG_CTRL_IFACE_DBUS_INTRO=y
EOF
Install WPA Supplicant by running the following commands:
cd wpa_supplicant && make BINDIR=/sbin LIBDIR=/lib
If you have installed Qt-5.15.2 and wish to build the WPA Supplicant GUI program, run the following commands:
The following directory name is labelled qt4, but is compatible with Qt-5.15.2.
pushd wpa_gui-qt4 && qmake wpa_gui.pro && make && popd
This package does not come with a test suite.
Now, as the root
user:
install -v -m755 wpa_{cli,passphrase,supplicant} /sbin/ && install -v -m644 doc/docbook/wpa_supplicant.conf.5 /usr/share/man/man5/ && install -v -m644 doc/docbook/wpa_{cli,passphrase,supplicant}.8 /usr/share/man/man8/
Install the systemd support
files by running the following command as the root
user:
install -v -m644 systemd/*.service /lib/systemd/system/
If you have built WPA
Supplicant with D-Bus
support, you will need to install D-Bus configuration files. Install them
by running the following commands as the root
user:
install -v -m644 dbus/fi.w1.wpa_supplicant1.service \ /usr/share/dbus-1/system-services/ && install -v -d -m755 /etc/dbus-1/system.d && install -v -m644 dbus/dbus-wpa_supplicant.conf \ /etc/dbus-1/system.d/wpa_supplicant.conf
Additionally, enable the wpa_supplicant.service
so that systemd can properly activate the
D-Bus service. Note that the
per-connection service and the D-Bus service cannot be
enabled at the same time. Run the following command as the
root
user:
systemctl enable wpa_supplicant
If you have built the WPA
Supplicant GUI program, install it by running the
following commands as the root
user:
install -v -m755 wpa_gui-qt4/wpa_gui /usr/bin/ && install -v -m644 doc/docbook/wpa_gui.8 /usr/share/man/man8/ && install -v -m644 wpa_gui-qt4/wpa_gui.desktop /usr/share/applications/ && install -v -m644 wpa_gui-qt4/icons/wpa_gui.svg /usr/share/pixmaps/
You will need to restart the system D-Bus daemon before you can use the WPA Supplicant D-Bus interface.
This package installs desktop files into the /usr/share/applications
hierarchy and you
can improve system performance and memory usage by updating
/usr/share/applications/mimeinfo.cache
.
To perform the update you must have desktop-file-utils-0.26
installed and issue the following command as the
root
user:
update-desktop-database -q
To connect to an access point that uses a password, you
need to put the pre-shared key in /etc/wpa_supplicant/wpa_supplicant-
.
SSID is the string that the access point/router transmits
to identify itself. Run the following command as the
wifi0
.confroot
user:
install -v -dm755 /etc/wpa_supplicant && wpa_passphraseSSID
SECRET_PASSWORD
> /etc/wpa_supplicant/wpa_supplicant-wifi0
.conf
/etc/wpa_supplicant/wpa_supplicant-
can hold the details of several access points. When
wpa_supplicant is
started, it will scan for the SSIDs it can see and choose
the appropriate password to connect.
wifi0
.conf
If you want to connect to an access point that isn't
password protected, put an entry like this in /etc/wpa_supplicant/wpa_supplicant-
.
Replace "Some-SSID" with the SSID of the access
point/router.
wifi0
.conf
network={
ssid="Some-SSID
"
key_mgmt=NONE
}
Connecting to a new access point that is not in the configuration file can be accomplished manually via the command line or GUI, but it must be done via a privileged user. To do that, add the following to the configuration file:
ctrl_interface=DIR=/run/wpa_supplicant GROUP=<privileged group> update_config=1
Replace the <privileged group> above with a system group where members have the ability to connect to a wireless access point.
There are many options that you could use to tweak how you
connect to each access point. They are described in some
detail in the wpa_supplicant/wpa_supplicant.conf
file
in the source tree.
There are 3 types of systemd units that were installed:
The only difference between 3 of them is what driver is used for connecting (-D option). The first one uses the default driver, the second one uses the nl80211 driver and the third one uses the wired driver.
You can connect to the wireless access point by running the
following command as the root
user:
systemctl start wpa_supplicant@wlan0
To connect to the wireless access point at boot, simply
enable the appropriate wpa_supplicant service by
running the following command as the root
user:
systemctl enable wpa_supplicant@wlan0
Depending on your setup, you can replace the [email protected]
with any other
listed above.
To assign a network address to your wireless interface, consult the General Network Configuration page in LFS.
is a graphical frontend program for interacting with wpa_supplicant |
|
is a daemon that can connect to a password protected wireless access point |
|
takes an SSID and a password and generates a simple configuration that wpa_supplicant can understand |
|
is a command line interface used to control a running wpa_supplicant daemon |
Last updated on 2021-02-19 11:42:41 -0800
This chapter contains some tools that come in handy when the network needs investigating.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/basicnetworkingutilities
The Avahi package is a system which facilitates service discovery on a local network.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/lathiat/avahi/releases/download/v0.8/avahi-0.8.tar.gz
Download MD5 sum: 229c6aa30674fc43c202b22c5f8c2be7
Download size: 1.5 MB
Estimated disk space required: 32 MB
Estimated build time: 0.3 SBU
gobject-introspection-1.66.1, GTK+-2.24.33, GTK+-3.24.25, libdaemon-0.14, libglade-2.6.4, and Qt-5.15.2
D-Bus Python-1.2.16, libevent-2.1.12, PyGTK-2.24.0, Doxygen-1.9.1 and xmltoman (for generating documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/avahi
There should be a dedicated user and group to take control of
the avahi-daemon daemon after
it is started. Issue the following commands as the
root
user:
groupadd -fg 84 avahi && useradd -c "Avahi Daemon Owner" -d /var/run/avahi-daemon -u 84 \ -g avahi -s /bin/false avahi
There should also be a dedicated priviliged access group for
Avahi clients. Issue the
following command as the root
user:
groupadd -fg 86 netdev
Fix a regression that results in a race condition when IPv6 is in use and multiple network adapters are present on the system:
patch -Np1 -i ../avahi-0.8-ipv6_race_condition_fix-1.patch
Install Avahi by running the following commands:
./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --disable-static \ --disable-libevent \ --disable-mono \ --disable-monodoc \ --disable-python \ --disable-qt3 \ --disable-qt4 \ --enable-core-docs \ --with-distro=none \ --with-systemdsystemunitdir=/lib/systemd/system && make
This package does not come with a test suite.
Now, as the root
user:
make install
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--disable-libevent
:
This parameter disables the use of libevent-2.1.12.
Remove if you have it installed.
--disable-mono
: This
parameter disables the Mono
bindings.
--disable-monodoc
:
This parameter disables documentation for the Mono bindings.
--disable-python
:
This parameter disables the scripts that depend on
Python. It also allows a
regular install to complete successfully.
--disable-qt3
: This
parameter disables the attempt to build the obsolete
Qt3 portions of the package.
--disable-qt4
: This
parameter disables the attempt to build the obsolete
Qt4Core portions of the
package.
--enable-core-docs
:
This parameter enables the building of documentation.
--with-distro=none
:
There is an obsolete boot script in the distribution for LFS.
This option disables it.
--with-systemdsystemunitdir=/lib/systemd/system
:
This parameter is used to set the correct installation
directory for systemd units.
--disable-dbus
: This parameter
disables the use of D-Bus.
--disable-gtk
: This parameter
disables the use of GTK+2.
--disable-gtk3
: This parameter
disables the use of GTK+3.
--disable-qt5
: This parameter
disables the use of Qt5, and
allows building without it.
--disable-libdaemon
: This
parameter disables the use of libdaemon. If you use this option,
avahi-daemon
won't be built.
--enable-tests
: This option
enables the building of tests and examples.
--enable-compat-howl
: This option
enables the compatibility layer for HOWL.
--enable-compat-libdns_sd
: This
option enables the compatibility layer for libdns_sd.
To start the avahi-daemon daemon at
boot, enable the previously installed systemd unit by
running the following command as the root
user:
systemctl enable avahi-daemon
To start the avahi-dnsconfd daemon at
boot, enable the previously installed systemd unit by
running the following command as the root
user:
systemctl enable avahi-dnsconfd
is a IPv4LL network address configuration daemon |
|
browses for mDNS/DNS-SD services using the Avahi daemon |
|
browses for mDNS/DNS-SD services using the Avahi daemon |
|
is the Avahi mDNS/DNS-SD daemon |
|
browses for mDNS/DNS-SD services using the Avahi daemon |
|
is a Unicast DNS server from mDNS/DNS-SD configuration daemon |
|
registers a mDNS/DNS-SD service or host name or address mapping using the Avahi daemon |
|
registers a mDNS/DNS-SD service or host name or address mapping using the Avahi daemon |
|
registers a mDNS/DNS-SD service or host name or address mapping using the Avahi daemon |
|
resolves one or more mDNS/DNS host name(s) to IP address(es) (and vice versa) using the Avahi daemon |
|
resolves one or more mDNS/DNS host name(s) to IP address(es) (and vice versa) using the Avahi daemon |
|
resolves one or more mDNS/DNS host name(s) to IP address(es) (and vice versa) using the Avahi daemon |
|
changes the mDNS host name |
|
browses for SSH servers on the local network |
|
browses for VNC servers on the local network |
Last updated on 2021-02-22 15:55:36 -0800
BIND Utilities is not a separate package, it is a collection of the client side programs that are included with BIND-9.16.11. The BIND package includes the client side programs nslookup, dig and host. If you install BIND server, these programs will be installed automatically. This section is for those users who don't need the complete BIND server, but need these client side applications.
This package is known to build and work properly using an LFS-10.1 platform.
Download (FTP): ftp://ftp.isc.org/isc/bind9/9.16.11/bind-9.16.11.tar.xz
Download MD5 sum: 58cbc23121e43ec934d644c4f412ceea
Download size: 4.7 MB
Estimated disk space required: 154 MB
Estimated build time: 0.6 SBU
libcap-2.48 with PAM, libxml2-2.9.10, and Sphinx
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/bind-utils
Install BIND Utilities by running the following commands:
./configure --prefix=/usr --without-python && make -C lib/dns && make -C lib/isc && make -C lib/bind9 && make -C lib/isccfg && make -C lib/irs && make -C bin/dig && make -C doc
This portion of the package does not come with a test suite.
Now, as the root
user:
make -C bin/dig install && cp -v doc/man/{dig.1,host.1,nslookup.1} /usr/share/man/man1
--without-python
:
This option eliminates the need for an unused python module.
make -C lib/...: These commands build the libraries that are needed for the client programs.
make -C bin/dig: This command builds the client programs.
make -C doc: This command builds the manual pages.
cp -v ... /usr/share/man/man1: This command installs the manual pages.
See the program descriptions in the BIND-9.16.11 section.
Last updated on 2021-02-21 22:53:11 -0800
NetworkManager is a set of co-operative tools that make networking simple and straightforward. Whether you use WiFi, wired, 3G, or Bluetooth, NetworkManager allows you to quickly move from one network to another: Once a network has been configured and joined once, it can be detected and re-joined automatically the next time it's available.
This package is known to build and work properly using an LFS-10.1 platform.
Make sure that you disable the systemd-networkd service or configure it not to manage the interfaces you want to manage with NetworkManager.
Download (HTTP): https://download.gnome.org/sources/NetworkManager/1.30/NetworkManager-1.30.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/NetworkManager/1.30/NetworkManager-1.30.0.tar.xz
Download MD5 sum: dce168235c2b86ebc598d0e13e078ee3
Download size: 5.0 MB
Estimated disk space required: 917 MB (with tests)
Estimated build time: 0.9 SBU (with tests, using parallelism=4)
cURL-7.75.0, DHCP-4.4.2 (client only), gobject-introspection-1.66.1, iptables-1.8.7, newt-0.52.21 (for nmtui), NSS-3.61, Polkit-0.118, PyGObject-3.38.0, Systemd-247, UPower-0.99.11, Vala-0.50.3, and wpa_supplicant-2.9 (built with D-Bus support),
BlueZ-5.55, D-Bus Python-1.2.16 (for the test suite), GnuTLS-3.7.0 (used if NSS-3.61 is not found), GTK-Doc-1.33.2, libpsl-0.21.1, Qt-5.15.2 (for examples), ModemManager-1.14.10, Valgrind-3.16.1, dnsmasq, firewalld, libaudit, libteam, mobile-broadband-provider-info, PPP, and RP-PPPoE
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/NetworkManager
If you wish to run the tests, enable the following options in the kernel configuration and recompile the kernel if necessary:
Device Drivers --->
[*] Network device support [CONFIG_NETDEVICES] --->
[*] Bonding driver support [CONFIG_BONDING]
[*] Dummy net driver support [CONFIG_DUMMY]
[*] Ethernet team driver support [CONFIG_NET_TEAM]
If Qt-5.15.2 is installed and the Qt based examples are desired, fix two meson.build files:
sed -e 's/-qt4/-qt5/' \ -e 's/moc_location/host_bins/' \ -i examples/C/qt/meson.build && sed -e 's/Qt/&5/' \ -i meson.build
Fix a missing meson.build file for initrd hooks (not used in BLFS):
sed '/initrd/d' -i src/core/meson.build
Fix the python scripts so that they use Python 3:
grep -rl '^#!.*python$' | xargs sed -i '1s/python/&3/'
Install NetworkManager by running the following commands:
mkdir build && cd build && CXXFLAGS+="-O2 -fPIC" \ meson --prefix /usr \ -Dlibaudit=no \ -Dlibpsl=false \ -Dnmtui=true \ -Dovs=false \ -Dppp=false \ -Dselinux=false \ -Dqt=false \ -Dudev_dir=/lib/udev \ -Dsession_tracking=systemd \ -Dmodem_manager=false \ -Dsystemdsystemunitdir=/lib/systemd/system \ .. && ninja
An already active graphical session with a bus address is
necessary to run the tests. To test the results, as the root
user, issue: ninja
test. Five tests, devices/test-acd
, platform/test-tc-linux
, platform/test-route-linux
, platform/test-link-linux
, and platform/test-cleanup-linux
, are known to
fail.
Now, as the root
user:
ninja install && mv -v /usr/share/doc/NetworkManager{,-1.30.0}
CXXFLAGS="-O2 -fPIC"
: These
compiler options are necessary to build the Qt5 based
examples.
-Ddocs=true
: Use this switch to
enable building man pages and documentation if GTK-Doc-1.33.2 is installed.
-Dnmtui=true
: This
parameter enables building nmtui.
-Dlibpsl=false
and
-Dovs=false
: These
switches disable building with the respective libraries.
Remove if you have the needed libraries installed.
-Dmodem_manager=false
: This
switch is requried if ModemManager is not installed. Omit if
you have built ModemManager
and mobile-broadband-provider-info.
-Dsession_tracking=systemd
:
This switch is used to set systemd-logind as the
default program for session tracking.
-Dsystemdsystemunitdir=/lib/systemd/system
:
This switch is used to set the correct installation directory
for systemd units.
-Dppp=false
: This
parameter disables PPP
support in NetworkManager.
-Dlibaudit=no
and
-Dselinux=false
:
libaudit and SELinux are not used in BLFS.
-Dqt=false
: disables
the QT examples. Omit if you
have QT available and wish
to install the examples.
For NetworkManager to
work, at least a minimal configuration file must be
present. Such a file is not installed with make install. Issue the
following command as the root
user to create a minimal
NetworkManager.conf
file:
cat >> /etc/NetworkManager/NetworkManager.conf << "EOF"
[main]
plugins=keyfile
EOF
This file should not be modified directly by users of the
system. Instead, system specific changes should be made
using configuration files in the /etc/NetworkManager/conf.d
directory.
To allow polkit to manage authorizations, add the following configuration file:
cat > /etc/NetworkManager/conf.d/polkit.conf << "EOF"
[main]
auth-polkit=true
EOF
To use something other than the built-in dhcp client (recommended if using only nmcli), use the following configuration (valid values include either dhclient or internal):
cat > /etc/NetworkManager/conf.d/dhcp.conf << "EOF"[main] dhcp=
dhclient
EOF
To prevent NetworkManager
from updating the /etc/resolv.conf
file, add the following
configuration file:
cat > /etc/NetworkManager/conf.d/no-dns-update.conf << "EOF"
[main]
dns=none
EOF
For additional configuation options, see man 5 NetworkManager.conf.
To allow regular users to configure network connections,
you should add them to the netdev
group, and create a polkit rule that grants access. Run
the following commands as the root
user:
groupadd -fg 86 netdev && /usr/sbin/usermod -a -G netdev<username>
cat > /usr/share/polkit-1/rules.d/org.freedesktop.NetworkManager.rules << "EOF"polkit.addRule(function(action, subject) { if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("netdev")) { return polkit.Result.YES; } });
EOF
To start the NetworkManager daemon at
boot, enable the previously installed systemd unit by
running the following command as the root
user:
If using Network Manager to manage an interface, any previous configuration for that interface should be removed, and the interface brought down prior to starting Network Manager.
systemctl enable NetworkManager
Starting in version 1.11.2 of NetworkManager, a systemd unit named
NetworkManager-wait-online.service
is
enabled, which is used to prevent services that require
network connectivity from starting until NetworkManager establishes a
connection. To disable this behavior, run the following
command as the root
user:
systemctl disable NetworkManager-wait-online
is a command-line tool for controlling NetworkManager and getting its status |
|
is an utility to determine whether you are online |
|
is an interactive ncurses-based user interface for nmcli |
|
is an interactive ncurses-based user interface to activate/deactivate connections |
|
is an interactive ncurses-based user interface to edit connections |
|
is an interactive ncurses-based user interface to edit the hostname |
|
is the network management daemon |
|
contains functions used by NetworkManager |
Last updated on 2021-02-24 04:40:21 -0800
The NetworkManager Applet provides a tool and a panel applet used to configure wired and wireless network connections through GUI. It's designed for use with any desktop environment that uses GTK+, such as Xfce and LXDE.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://download.gnome.org/sources/network-manager-applet/1.20/network-manager-applet-1.20.0.tar.xz
Download (FTP): ftp://ftp.acc.umu.se/pub/gnome/sources/network-manager-applet/1.20/network-manager-applet-1.20.0.tar.xz
Download MD5 sum: 33dc7ec7170b12fd8595acbf53055870
Download size: 1.9 MB
Estimated disk space required: 49 MB (with tests)
Estimated build time: 0.2 SBU (with tests)
GTK+-3.24.25, libnma-1.8.30, libnotify-0.7.9, and libsecret-0.20.4
gobject-introspection-1.66.1 and ModemManager-1.14.10
Since this package uses Polkit-0.118 for authorization, one Polkit Authentication Agent should be running when the functionality of this package is used.
gnome-bluetooth-3.34.3, jansson-2.13.1, and libindicator
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/network-manager-applet
Install NetworkManager Applet by running the following commands:
mkdir build && cd build && meson --prefix=/usr \ -Dappindicator=no \ -Dselinux=false \ -Dteam=false .. && ninja
To test the results, issue: ninja test.
Now, as the root
user:
ninja install
-Dappindicator=no
:
This switch disables AppIndicator support in
network-manager-applet because it requires libindicator,
which is not in BLFS. The build will fail without this
option.
-Dteam=false
: This
switch disables the team configuration editor since it
requires jansson-2.13.1. If you have Jansson
installed, remove this option or set it to "true".
-Dselinux=false
: This
switch forcibly disables SELinux support since it is not
currently in BLFS and the build will fail without it.
-Dwwan=false
: This switch
disables WWAN support. Use this if you do not have ModemManager-1.14.10 installed.
Last updated on 2021-02-24 11:35:31 -0800
Nmap is a utility for network exploration and security auditing. It supports ping scanning, port scanning and TCP/IP fingerprinting.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): http://nmap.org/dist/nmap-7.91.tar.bz2
Download MD5 sum: 239cef725863ab454590a1bb8793b72b
Download size: 10 MB
Estimated disk space required: 148 MB (add 24 MB for tests)
Estimated build time: 0.3 SBU (Using parallelism=4; add 0.2 SBU for tests)
These packages are recommended because if they're not installed, the build process will compile and link against its own (often older) version.
libpcap-1.10.0, Lua-5.4.2, PCRE-8.44, and liblinear-242
PyGTK-2.24.0 (required for zenmap), Python-2.7.18 (required for ndiff), and libssh2-1.9.0
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/nmap
Install Nmap by running the following commands:
./configure --prefix=/usr && make
If you wish to run the test suite, run the following command:
sed -i 's/lib./lib/' zenmap/test/run_tests.py
To test the results, issue: make check as the
root
user. Tests need a
graphical session.
Now, as the root
user:
make install
is a utility for reading and writing data across networks from the command line |
|
is a tool to aid in the comparison of Nmap scans |
|
is a utility for network exploration and security auditing. It supports ping scanning, port scanning and TCP/IP fingerprinting |
|
is an open-source tool for network packet generation, response analysis and response time measurement |
|
is a Python script to uninstall ndiff |
|
is a Python script to uninstall zenmap |
|
is a Python based graphical nmap frontend viewer |
Last updated on 2021-02-22 15:55:36 -0800
The Traceroute package contains a program which is used to display the network route that packets take to reach a specified host. This is a standard network troubleshooting tool. If you find yourself unable to connect to another system, traceroute can help pinpoint the problem.
This package overwrites the version of traceroute that was installed in the inetutils package in LFS. This version is more powerful and allows many more options than the standard version.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://downloads.sourceforge.net/traceroute/traceroute-2.1.0.tar.gz
Download MD5 sum: 84d329d67abc3fb83fc8cb12aeaddaba
Download size: 72 KB
Estimated disk space required: 588 KB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/traceroute
Install Traceroute by running the following commands:
make
This package does not come with a test suite.
Now, as the root
user:
make prefix=/usr install && mv /usr/bin/traceroute /bin && ln -sv -f traceroute /bin/traceroute6 && ln -sv -f traceroute.8 /usr/share/man/man8/traceroute6.8 && rm -fv /usr/share/man/man1/traceroute.1
The traceroute.1 file that was installed in LFS by inetutils is no longer relevant. This package overwrites that version of traceroute and installs the man page in man chapter 8.
Last updated on 2021-02-21 22:53:11 -0800
Whois is a client-side application which queries the whois directory service for information pertaining to a particular domain name. This package will install two programs by default: whois and mkpasswd. The mkpasswd command is also installed by the expect package in LFS.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://github.com/rfc1036/whois/archive/v5.4.3/whois-5.4.3.tar.gz
Download MD5 sum: 381dce8db7c6e38ef013b5d6527f494c
Download size: 100 KB
Estimated disk space required: 1.2 MB
Estimated build time: less than 0.1 SBU
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/whois
Build the application with:
make
You can install the whois program, the
mkpasswd
program, and the locale files independently. Control your
choice of what is installed with the following commands
issued as the root
user:
Installing this version of mkpasswd will overwrite the same command installed in LFS.
make prefix=/usr install-whois make prefix=/usr install-mkpasswd make prefix=/usr install-pos
Last updated on 2021-02-21 22:53:11 -0800
The Wireshark package contains a network protocol analyzer, also known as a “sniffer”. This is useful for analyzing data captured “off the wire” from a live network connection, or data read from a capture file.
Wireshark provides both a graphical and a TTY-mode front-end for examining captured network packets from over 500 protocols, as well as the capability to read capture files from many other popular network analyzers.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://www.wireshark.org/download/src/all-versions/wireshark-3.4.3.tar.xz
Download MD5 sum: 7988932a5e3930fa6035b8f8b584f0d8
Download size: 31 MB
Estimated disk space required: 749 MB (with all optional dependencies available in the BLFS book)
Estimated build time: 2.4 SBU (with parallelism=4 and all optional dependencies available in the BLFS book)
Additional Documentation: https://www.wireshark.org/download/docs/ (contains links to several different docs in a variety of formats)
CMake-3.19.5, GLib-2.66.7, libgcrypt-1.9.2, and Qt-5.15.2
libpcap-1.10.0 (required to capture data)
Brotli-1.0.9, c-ares-1.17.1, Doxygen-1.9.1, git-2.30.1, GnuTLS-3.7.0, libnl-3.5.0, libxslt-1.1.34, libxml2-2.9.10, Lua-5.2.4, MIT Kerberos V5-1.19.1, nghttp2-1.43.0, SBC-1.5, Speex-1.2.0, Asciidoctor, BCG729, libsmi, lz4, libssh, MaxMindDB, Minizip, Snappy, and Spandsp
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/wireshark
The kernel must have the Packet protocol enabled for Wireshark to capture live packets from the network:
[*] Networking support ---> [CONFIG_NET]
Networking options --->
<*/M> Packet socket [CONFIG_PACKET]
If built as a module, the name is af_packet.ko
.
Wireshark is a very large
and complex application. These instructions provide
additional security measures to ensure that only trusted
users are allowed to view network traffic. First, set up a
system group for wireshark. As the root
user:
groupadd -g 62 wireshark
Continue to install Wireshark by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_DOCDIR=/usr/share/doc/wireshark-3.4.3 \ -G Ninja \ .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install && install -v -m755 -d /usr/share/doc/wireshark-3.4.3 && install -v -m644 ../README.linux ../doc/README.* ../doc/{*.pod,randpkt.txt} \ /usr/share/doc/wireshark-3.4.3 && pushd /usr/share/doc/wireshark-3.4.3 && for FILENAME in ../../wireshark/*.html; do ln -s -v -f $FILENAME . done && popd unset FILENAME
If you downloaded any of the documentation files from the
page listed in the 'Additional Downloads', install them by
issuing the following commands as the root
user:
install -v -m644 <Downloaded_Files>
\
/usr/share/doc/wireshark-3.4.3
Now, set ownership and permissions of sensitive applications
to only allow authorized users. As the root
user:
chown -v root:wireshark /usr/bin/{tshark,dumpcap} && chmod -v 6550 /usr/bin/{tshark,dumpcap}
Finally, add any users to the wireshark group (as
root
user):
usermod -a -G wireshark <username>
If you are installing wireshark for the first time, it will be necessary to logout of your session and login again. This will put wireshark in your groups, because otherwise Wireshark will not function properly.
/etc/wireshark.conf
and
~/.config/wireshark/*
(unless
there is already ~/.wireshark/*
in the system)
Though the default configuration parameters are very sane, reference the configuration section of the Wireshark User's Guide for configuration information. Most of Wireshark 's configuration can be accomplished using the menu options of the wireshark graphical interfaces.
If you want to look at packets, make sure you don't filter them out with iptables-1.8.7. If you want to exclude certain classes of packets, it is more efficient to do it with iptables than it is with Wireshark.
reads a saved capture file and returns any or all of several statistics about that file. It is able to detect and read any capture supported by the Wireshark package |
|
prints the file types of capture files |
|
is a network traffic dump tool. It lets you capture packet data from a live network and write the packets to a file |
|
edits and/or translates the format of capture files. It knows how to read libpcap capture files, including those of tcpdump, Wireshark and other tools that write captures in that format |
|
is a program that takes a user specified CORBA IDL
file and generates “C” source code for a
Wireshark
“plugin”. It relies on
two Python programs wireshark_be.py
and wireshark_gen.py,
which are not installed by default. They have to be
copied manually from the |
|
combines multiple saved capture files into a single output file |
|
creates random-packet capture files |
|
dumps and analyzes raw libpcap data |
|
reorders timestamps of input file frames into an output file |
|
is a daemon that listens on UNIX sockets |
|
reads in an ASCII hex dump and writes the data described into a libpcap-style capture file |
|
is a TTY-mode network protocol analyzer. It lets you capture packet data from a live network or read packets from a previously saved capture file |
|
is the Qt GUI network protocol analyzer. It lets you interactively browse packet data from a live network or from a previously saved capture file |
|
contains functions used by the Wireshark programs to perform filtering and packet capturing |
|
is a library being developed as a future
replacement for |
Last updated on 2021-02-22 15:55:36 -0800
These applications are support libraries for other applications in the book. It is unlikely that you would just install these libraries, you will generally find that you will be referred to this chapter to satisfy a dependency of other applications.
c-ares is a C library for asynchronous DNS requests.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://c-ares.haxx.se/download/c-ares-1.17.1.tar.gz
Download MD5 sum: 28f65c8ee6c097986bd902fd4f0804e2
Download size: 1.4 MB
Estimated disk space required: 10 MB
Estimated build time: 0.1 SBU
Install c-ares by running the following commands:
mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/usr .. && make
This package does not include a test suite.
Now, as the root
user:
make install
Last updated on 2021-02-19 21:30:09 -0800
The cURL package contains an utility and a library used for transferring files with URL syntax to any of the following protocols: FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS and FILE. Its ability to both download and upload files can be incorporated into other programs to support functions like streaming media.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://curl.haxx.se/download/curl-7.75.0.tar.xz
Download MD5 sum: 9730df8636d67b4e256ebc49daf27246
Download size: 2.4 MB
Estimated disk space required: 100 MB (add 17 MB for tests)
Estimated build time: 0.3 SBU (add 14 SBU for tests)
make-ca-1.7 (runtime)
Brotli-1.0.9, c-ares-1.17.1, GnuTLS-3.7.0, libidn2-2.3.0, libpsl-0.21.1, libssh2-1.9.0, MIT Kerberos V5-1.19.1, nghttp2-1.43.0, OpenLDAP-2.4.57, Samba-4.13.4, impacket, libmetalink, librtmp, ngtcp2, quiche, and SPNEGO
stunnel-5.58 (for the HTTPS and FTPS tests) and Valgrind-3.16.1 (this will slow the tests down and may cause failures.)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/curl
First, adapt the tests to python3:
grep -rl '#!.*python$' | xargs sed -i '1s/python/&3/'
Install cURL by running the following commands:
./configure --prefix=/usr \ --disable-static \ --enable-threaded-resolver \ --with-ca-path=/etc/ssl/certs && make
To run the test suite, issue: make test.
Now, as the root
user:
make install && rm -rf docs/examples/.deps && find docs \( -name Makefile\* -o -name \*.1 -o -name \*.3 \) -exec rm {} \; && install -v -d -m755 /usr/share/doc/curl-7.75.0 && cp -v -R docs/* /usr/share/doc/curl-7.75.0
Simple tests to the new installed curl: curl --trace-ascii debugdump.txt
http://www.example.com/ and curl --trace-ascii d.txt --trace-time
http://example.com/. Inspect the locally
created trace files debugdump.txt
and d.txt
, which contain version downloaded
files information, etc. One file has the time for each action
logged.
--disable-static
:
This switch prevents installation of static versions of the
libraries.
--enable-threaded-resolver
:
This switch enables cURL's
builtin threaded DNS resolver.
--with-ca-path=/etc/ssl/certs
:
This switch sets the location of the BLFS Certificate
Authority store.
--with-gssapi
: This parameter
adds Kerberos 5 support to
libcurl
.
--without-ssl --with-gnutls
: Use
to build with GnuTLS support
instead of OpenSSL for
SSL/TLS.
--with-ca-bundle=/etc/pki/tls/certs/ca-bundle.crt
:
Use this switch instead of --with-ca-path
if building with
GnuTLS support instead of
OpenSSL for SSL/TLS.
--with-libssh2
: This paramater
adds SSH support to cURL.
This is disabled by default.
--enable-ares
: This paramater
adds support for DNS resolution through the c-ares library.
It is disabled by default, but does speed up DNS resolution
queries.
find docs ... -exec rm {}
\;: This command removes Makefiles
and man files from the
documentation directory that would otherwise be installed by
the commands that follow.
Last updated on 2021-02-19 21:30:09 -0800
GeoClue is a modular geoinformation service built on top of the D-Bus messaging system. The goal of the GeoClue project is to make creating location-aware applications as simple as possible.
This package is known to build and work properly using an LFS-10.1 platform.
Download (HTTP): https://gitlab.freedesktop.org/geoclue/geoclue/-/archive/2.5.7/geoclue-2.5.7.tar.bz2
Download MD5 sum: f6e731a21d458168eda613816797eb73
Download size: 84 KB
Estimated disk space required: 6.2 MB
Estimated build time: less than 0.1 SBU
JSON-GLib-1.6.2 and libsoup-2.72.0
ModemManager-1.14.10, Vala-0.50.3, and Avahi-0.8
GTK-Doc-1.33.2 and libnotify-0.7.9
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/geoclue2
Install GeoClue by running the following commands:
mkdir build && cd build && meson --prefix=/usr -Dgtk-doc=false .. && ninja
This package does not come with a test suite.
Now, as the root
user:
ninja install
-D3g-source=false
: This switch
disables the 3G backend. Use it if you have not installed the
ModemManager package.
-Dmodem-gps-source=false
: This
switch disables the modem GPS backend. Use it if you have not
installed the ModemManager
package.
-Dcdma-source=false
: This switch
disables the CDMA source backend. Use it if you have not
installed the ModemManager
package.
-Dnmea-source=false
: This switch
disables the NMEA source. Use it if you have not installed
the Avahi package.
Last updated on 2021-02-22 15:55:36 -0800