source: postlfs/security/nss.xml@ 3373ecb

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 3373ecb was 3373ecb, checked in by Randy McMurchy <randy@…>, 13 years ago

Added a command to create an environment variable in the NSS instructions

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@8792 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 9.1 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY nss-download-http "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_8_RTM/src/nss-&nss-version;.tar.gz">
8 <!ENTITY nss-download-ftp "ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_8_RTM/src/nss-&nss-version;.tar.gz">
9 <!ENTITY nss-md5sum "40bf1bb0c7567827d3768d1fc6081100">
10 <!ENTITY nss-size "5.7 MB">
11 <!ENTITY nss-buildsize "73 MB (more than double this to run the test suite)">
12 <!ENTITY nss-time "0.9 SBU (at least an additional 3.5 SBU to run the test suite)">
13]>
14
15<sect1 id="nss" xreflabel="NSS-&nss-version;">
16 <?dbhtml filename="nss.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>NSS-&nss-version;</title>
24
25 <indexterm zone="nss">
26 <primary sortas="a-NSS">NSS</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to NSS</title>
31
32 <para>The Network Security Services (<application>NSS</application>)
33 package is a set of libraries designed to support cross-platform
34 development of security-enabled client and server applications.
35 Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5,
36 PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other
37 security standards. This is useful for implementing SSL and S/MIME or
38 other Internet security standards into an application.</para>
39
40 &lfs67_checked;
41
42 <bridgehead renderas="sect3">Package Information</bridgehead>
43 <itemizedlist spacing="compact">
44 <listitem>
45 <para>Download (HTTP): <ulink url="&nss-download-http;"/></para>
46 </listitem>
47 <listitem>
48 <para>Download (FTP): <ulink url="&nss-download-ftp;"/></para>
49 </listitem>
50 <listitem>
51 <para>Download MD5 sum: &nss-md5sum;</para>
52 </listitem>
53 <listitem>
54 <para>Download size: &nss-size;</para>
55 </listitem>
56 <listitem>
57 <para>Estimated disk space required: &nss-buildsize;</para>
58 </listitem>
59 <listitem>
60 <para>Estimated build time: &nss-time;</para>
61 </listitem>
62 </itemizedlist>
63
64 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
65 <itemizedlist spacing="compact">
66 <listitem>
67 <para>Required patch: <ulink
68 url="&patch-root;/nss-&nss-version;-standalone-1.patch"/></para>
69 </listitem>
70 </itemizedlist>
71
72 <bridgehead renderas="sect3">NSS Dependencies</bridgehead>
73
74 <bridgehead renderas="sect4">Required</bridgehead>
75 <para role="required"><xref linkend="nspr"/></para>
76
77 <bridgehead renderas="sect4">Recommended</bridgehead>
78 <para role="recommended"><xref linkend="sqlite"/> (internal sqlite is
79 incompatable with existing or future installations)</para>
80
81
82 <para condition="html" role="usernotes">User Notes:
83 <ulink url="&blfs-wiki;/nss"/></para>
84
85 </sect2>
86
87 <sect2 role="installation">
88 <title>Installation of NSS</title>
89
90 <para>Install <application>NSS</application> by running the following
91 commands:</para>
92
93<screen><userinput>bash
94
95export BUILD_OPT=1 &amp;&amp;
96export NSS_USE_SYSTEM_SQLITE=1 &amp;&amp;
97export NSPR_INCLUDE_DIR=/usr/include/nspr &amp;&amp;
98export USE_SYSTEM_ZLIB=1 &amp;&amp;
99export ZLIB_LIBS=-lz &amp;&amp;
100patch -Np1 -i ../nss-&nss-version;-standalone-1.patch &amp;&amp;
101make -C mozilla/security/nss nss_build_all</userinput></screen>
102
103 <para>If you wish to test the results, you'll need to set the domain name of
104 your system in the <envar>DOMSUF</envar> environment variable. Most of the
105 tests will fail if you don't provide the correct domain name. The voluminous
106 output will report how many of the several thousand tests passed, and if any
107 failed. To review the details of any failures, you may wish to capture
108 stdout and stderr in a file.</para>
109
110 <para>To run the tests, ensure you change the
111 <command>export DOMSUF</command> command below to an appropriate value,
112 e.g., <parameter>mydomain.com</parameter> or, if you do not have any domain
113 in your <filename>/etc/hosts</filename> replace this with the developers'
114 recommendation of
115 <command>"export HOST=localhost DOMSUF=localdomain"</command> and issue the
116 following commands:</para>
117
118<screen><userinput>bash
119
120export NSS_LINUXDIR=$(basename `ls -d $PWD/mozilla/dist/Linux*`) &amp;&amp;
121export DOMSUF=<replaceable>&lt;validdomain.name&gt;</replaceable> &amp;&amp;
122export PATH=$PATH:$PWD/mozilla/dist/$NSS_LINUXDIR/bin &amp;&amp;
123export TEST_RESULTSDIR=$PWD/mozilla/tests_results/security &amp;&amp;
124
125cd mozilla/security/nss/tests &amp;&amp;
126sed -i 's/gmake/make/' common/init.sh &amp;&amp;
127./all.sh &amp;&amp;
128
129grep Passed $TEST_RESULTSDIR/$(hostname).1/results.html | wc -l &amp;&amp;
130
131exit</userinput></screen>
132
133 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
134
135<screen role="root"><userinput>export NSS_LINUXDIR=$(basename `ls -d $PWD/mozilla/dist/Linux*`) &amp;&amp;
136cd mozilla/dist &amp;&amp;
137install -v -m755 $NSS_LINUXDIR/lib/*.so /usr/lib &amp;&amp;
138install -v -m644 $NSS_LINUXDIR/lib/{*.chk,libcrmf.a} /usr/lib &amp;&amp;
139install -v -m755 -d /usr/include/nss &amp;&amp;
140install -v -m755 $NSS_LINUXDIR/bin/{certutil,nss-config,pk12util} /usr/bin &amp;&amp;
141install -v -m644 $NSS_LINUXDIR/lib/pkgconfig/nss.pc /usr/lib/pkgconfig &amp;&amp;
142cp -v -RL {public,private}/nss/* /usr/include/nss &amp;&amp;
143chmod 644 /usr/include/nss/*</userinput></screen>
144
145 <para>Now as the unprivileged user, exit the <command>bash</command>
146 shell started at the beginning of the installation to restore the
147 environment to the original state.</para>
148
149<screen><userinput>exit</userinput></screen>
150
151 </sect2>
152
153 <sect2 role="commands">
154 <title>Command Explanations</title>
155
156 <para><command>bash</command>: Shells are started as many environment
157 variables are created during the installation process. Exiting the shells
158 serves the purpose of restoring the environment and returning back to the
159 original directory when the installation is complete.</para>
160
161 <para><command>export USE_64=1</command>:This command is
162 <emphasis>required on x86_64</emphasis>, otherwise the build will attempt
163 to create 32-bit objects and fail in a non-multilib system.</para>
164
165 <para><command>export BUILD_OPT=1</command>: This variable is set so that
166 the build is performed with no debugging symbols built into the binaries
167 and that the default compiler optimizations are used.</para>
168
169 <para><command>export NSPR_INCLUDE_DIR=/usr/include/nspr</command>: This
170 command sets the location of the nspr headers.</para>
171
172 <para><command>export USE_SYSTEM_*</command>: These commands ensure that
173 the system installed libraries are used instead of the in-tree
174 versions.</para>
175
176 <para><command>export ZLIB_LIBS=-lz</command>: This command provides the
177 needed linker flags to link to the system zlib.</para>
178
179 <para><command>export NSS_LINUXDIR=...</command>: This variable is set so
180 that the exact name of the architecture specific directories where the
181 binaries are stored in the source tree can be determined.</para>
182
183 <para><command>make -C mozilla/security/nss nss_build_all</command>: This
184 command builds the <application>NSS</application> libraries and creates a
185 <filename class='directory'>dist</filename> directory which houses all the
186 programs, libraries and interface headers. None of the programs created by
187 this process are installed onto the system using the default instructions
188 (except for <application>nss-config</application>). If you need any of
189 these programs installed, you can find them in the
190 <filename class='directory'>mozilla/*.OBJ/dist/bin</filename> directory of
191 the source tree.</para>
192
193 <para><command>sed -i 's/gmake/make/' common/init.sh</command>: This
194 command changes the command used to compile some test programs.</para>
195
196 </sect2>
197
198 <sect2 role="content">
199 <title>Contents</title>
200
201 <segmentedlist>
202 <segtitle>Installed Programs</segtitle>
203 <segtitle>Installed Libraries</segtitle>
204 <segtitle>Installed Directories</segtitle>
205
206 <seglistitem>
207 <seg>nss-config</seg>
208 <seg>libcrmf.a, libfreebl3.so, libnss3.so, libnssckbi.so,
209 libnssdbm3.so, libnssutil3.so, libsmime3.so, libsoftokn3.so
210 and libssl3.so</seg>
211 <seg>/usr/include/nss</seg>
212 </seglistitem>
213 </segmentedlist>
214
215 <variablelist>
216 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
217 <?dbfo list-presentation="list"?>
218 <?dbhtml list-presentation="table"?>
219
220 <varlistentry id="nss-config">
221 <term><command>nss-config</command></term>
222 <listitem>
223 <para>is used to determine the NSS library settings
224 of the installed NSS libraries.</para>
225 <indexterm zone="nss nss-config">
226 <primary sortas="b-nss-config">nss-config</primary>
227 </indexterm>
228 </listitem>
229 </varlistentry>
230 </variablelist>
231
232 </sect2>
233
234</sect1>
Note: See TracBrowser for help on using the repository browser.