Changeset 606b1a5
- Timestamp:
- 12/08/2010 03:07:37 AM (13 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 3531524
- Parents:
- 7fcffad
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
general.ent
r7fcffad r606b1a5 4 4 --> 5 5 6 <!ENTITY day "0 5"> <!-- Always 2 digits -->6 <!ENTITY day "08"> <!-- Always 2 digits --> 7 7 <!ENTITY month "12"> <!-- Always 2 digits --> 8 8 <!ENTITY year "2010"> … … 103 103 <!ENTITY gpgme-version "1.3.0"> 104 104 <!ENTITY tripwire-version "2.4.1.2"> 105 <!ENTITY heimdal-version "1. 3.1">105 <!ENTITY heimdal-version "1.4"> 106 106 <!ENTITY mitkrb-version "1.6"> 107 107 <!ENTITY cyrus-sasl-version "2.1.23"> -
introduction/welcome/changelog.xml
r7fcffad r606b1a5 41 41 42 42 --> 43 44 <listitem> 45 <para>December 8th, 2010</para> 46 <itemizedlist> 47 <listitem> 48 <para>[randy] - Updated to Heimdal-1.4.</para> 49 </listitem> 50 </itemizedlist> 51 </listitem> 43 52 44 53 <listitem> -
postlfs/security/heimdal.xml
r7fcffad r606b1a5 7 7 <!ENTITY heimdal-download-http "http://www.h5l.org/dist/src/heimdal-&heimdal-version;.tar.gz"> 8 8 <!ENTITY heimdal-download-ftp "ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-&heimdal-version;.tar.gz"> 9 <!ENTITY heimdal-md5sum " 4ce17deae040a3519e542f48fd901f21">10 <!ENTITY heimdal-size " 5.6MB">11 <!ENTITY heimdal-buildsize "20 0MB">12 <!ENTITY heimdal-time " 4.0 SBU (additional 2.5SBU to run the test suite)">9 <!ENTITY heimdal-md5sum "31d08bbf47a77827fe97ef3f52b4c9c4"> 10 <!ENTITY heimdal-size "6.0 MB"> 11 <!ENTITY heimdal-buildsize "205 MB"> 12 <!ENTITY heimdal-time "3.9 SBU (additional 2.3 SBU to run the test suite)"> 13 13 ]> 14 14 … … 29 29 <sect2 role="package"> 30 30 <title>Introduction to Heimdal</title> 31 32 <warning>33 <para>If you are using an LFS-&lfs-version; based system, building34 <application>Heimdal</application> will overwrite <filename35 class='libraryfile'>/usr/lib/libcom_err.so</filename> and install an36 additional <filename class='libraryfile'>libcom_err</filename> library in37 <filename class='directory'>/usr/lib</filename>. This will directly38 conflict with the <filename class='libraryfile'>/lib/libcom_err</filename>39 library installed by the <application>E2fsprogs</application> package in LFS.40 Both upstream maintainers have taken steps to eliminate this condition.41 However, the combination that currently exists causes this problem.</para>42 43 <para>There is a fix for the problem, but it will require you to recompile44 the LFS-&lfs-version; <application>E2fsprogs</application> package to a45 newer version than the &lfs-e2fsprogs-version; version used in that book.46 Any version equal to or greater than the one used in the47 <ulink url="&lfs-dev;">LFS-Development</ulink> book will do. After48 recompiling <application>E2fsprogs</application>, you are now ready to49 install <application>Heimdal</application>.</para>50 </warning>51 31 52 32 <para><application>Heimdal</application> is a free implementation … … 64 44 all the files and commands to rename each of them.</para> 65 45 66 <!-- FIXME --> 67 <para>If you intend to link this application to <xref linkend="openssl"/> 68 you will need to use the heimdal-1.4 series.</para> 46 <para>&lfssvn_checked;20101029&lfssvn_checked2;</para> 69 47 70 48 <bridgehead renderas="sect3">Package Information</bridgehead> … … 94 72 <listitem> 95 73 <para>Required Patch: <ulink 96 url="&patch-root;/heimdal-&heimdal-version;- blfs_docs-1.patch"/></para>74 url="&patch-root;/heimdal-&heimdal-version;-otp_fixes-1.patch"/></para> 97 75 </listitem> 98 76 <!-- <listitem> … … 105 83 106 84 <bridgehead renderas="sect4">Required to Build the Server-Side Tools</bridgehead> 107 <para role="required"> 108 <xref linkend="db"/> (recommended) or GDBM (GDBM is installed in LFS)</para> 109 <!-- <xref linkend="db"/> is recommended (installed in LFS) 110 or <xref linkend="gdbm"/></para> --> 85 <para role="required"><xref linkend="db"/></para> 111 86 112 87 <bridgehead renderas="sect4">Recommended</bridgehead> … … 114 89 115 90 <bridgehead renderas="sect4">Optional</bridgehead> 116 <para role="optional"><xref linkend="linux-pam"/>, 117 <xref linkend="openldap"/>, 118 <xref linkend="x-window-system"/>, and 119 <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink></para> 91 <para role="optional"><xref linkend="openldap"/>, 92 <xref linkend="sqlite"/>, 93 <xref linkend="x-window-system"/>, 94 <ulink url="http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/">libcap2</ulink>, and 95 <ulink url="http://people.redhat.com/sgrubb/libcap-ng/">libcap-ng</ulink> (with this 96 <ulink url="&patch-root;/libcap-ng-0.6.4-2.6.36_kernel_fix-1.patch">patch</ulink> 97 if the Linux kernel version is >=2.6.36)</para> 120 98 121 99 <note> … … 143 121 commands:</para> 144 122 145 <screen><userinput>patch -Np1 -i ../heimdal-&heimdal-version;- blfs_docs-1.patch &&146 sed -i .bak 's/struct krb5_cccol_cursor/&_data/' \147 lib/krb5/{krb5.h,cache.c}123 <screen><userinput>patch -Np1 -i ../heimdal-&heimdal-version;-otp_fixes-1.patch && 124 sed -i 's|/var/heimdal|/var/lib/heimdal|' \ 125 `grep -lr "/var/heimdal" doc kadmin kdc lib` && 148 126 149 127 ./configure --prefix=/usr \ … … 155 133 --with-readline=/usr \ 156 134 --enable-kcm && 157 make</userinput></screen> 135 make && 136 137 install -v -m755 -d doc/html && 138 make -C doc html && 139 mv -v doc/heimdal.html doc/html/heimdal && 140 mv -v doc/hx509.html doc/html/hx509 && 141 makeinfo --html --no-split -o doc/heimdal.html doc/heimdal.texi && 142 makeinfo --html --no-split -o doc/hx509.html doc/hx509.texi && 143 makeinfo --plaintext -o doc/heimdal.txt doc/heimdal.texi && 144 makeinfo --plaintext -o doc/hx509.txt doc/hx509.texi</userinput></screen> 158 145 159 146 <para>If you have <xref linkend="tetex"/> installed and wish to create 160 alternateforms of the documentation, change into the147 PDF and Postscript forms of the documentation, change into the 161 148 <filename class='directory'>doc</filename> directory and issue any or all 162 of the following commands (the <command>makeinfo</command> commands do not 163 require a <application>teTex</application> installation:</para> 164 165 <screen><userinput>pushd doc && 166 167 make html && 168 169 texi2pdf heimdal.texi && 170 texi2dvi heimdal.texi && 171 dvips -o heimdal.ps heimdal.dvi && 172 makeinfo --plaintext -o heimdal.txt heimdal.texi && 173 174 texi2pdf hx509.texi && 175 texi2dvi hx509.texi && 176 dvips -o hx509.ps hx509.dvi && 177 makeinfo --plaintext -o hx509.txt hx509.texi && 178 149 of the following commands:</para> 150 151 <screen><userinput>pushd doc && 152 texi2pdf heimdal.texi && 153 texi2dvi heimdal.texi && 154 dvips -o heimdal.ps heimdal.dvi && 155 texi2pdf hx509.texi && 156 texi2dvi hx509.texi && 157 dvips -o hx509.ps hx509.dvi && 179 158 popd</userinput></screen> 180 159 181 160 <para>To test the results, issue: <command>make -k check</command>. The 182 <command>check-iprop d</command> test is known to fail but all others should161 <command>check-iprop</command> test is known to fail but all others should 183 162 pass.</para> 184 163 185 164 <para>Now, as the <systemitem class="username">root</systemitem> user:</para> 186 165 187 <!-- <screen role="root"><?dbfo keep-together="auto"?><userinput>mv -v /usr/include/ss/ss.h /usr/include/ss/ss.h.e2fsprogs &&188 mv -v /usr/lib/libss.a /usr/lib/libss.a.e2fsprogs &&189 mv -v /usr/lib/libss.so /usr/lib/libss.so.e2fsprogs &&190 mv -v /usr/bin/mk_cmds /usr/bin/mk_cmds.e2fsprogs &&191 -->192 193 166 <screen role="root"><userinput>make install && 194 167 195 install -v -m755 -d /usr/share/doc/heimdal-&heimdal-version; && 196 install -v -m644 doc/{init-creds,layman.asc} \ 197 /usr/share/doc/heimdal-&heimdal-version; && 198 199 ln -sfv mech.5 /usr/share/man/man5/qop.5 && 200 ln -sfv ../man5/mech.5 /usr/share/man/cat5/qop.5 && 201 ln -sfv ../man5/mech.5 /usr/share/man/cat5 && 168 install -v -m755 -d /usr/share/doc/heimdal-&heimdal-version; && 169 install -v -m644 doc/{heimdal,hx509}.{html,txt} \ 170 doc/{init-creds,layman.asc} \ 171 /usr/share/doc/heimdal-&heimdal-version; && 172 cp -v -R doc/html \ 173 destdir/usr/share/doc/heimdal-&heimdal-version; && 202 174 203 175 mv -v /bin/login /bin/login.SHADOW && … … 207 179 208 180 for LINK in \ 209 lib{otp,kafs,krb5,hx509, asn1,roken,crypto,heimsqlite,wind}; do181 lib{otp,kafs,krb5,hx509,sqlite3,asn1,roken,crypto,wind}; do 210 182 mv -v /usr/lib/${LINK}.so.* /lib && 211 183 ln -v -sf ../../lib/$(readlink /usr/lib/${LINK}.so) \ … … 221 193 ldconfig</userinput></screen> 222 194 223 <!-- mv -v /usr/include/ss/ss.h /usr/include/ss/ss.h.heimdal && 224 mv -v /usr/include/ss/ss.h.e2fsprogs /usr/include/ss/ss.h && 225 mv -v /usr/lib/libss.a /usr/lib/libss.a.heimdal && 226 mv -v /usr/lib/libss.a.e2fsprogs /usr/lib/libss.a && 227 mv -v /usr/lib/libss.so /usr/lib/libss.so.heimdal && 228 mv -v /usr/lib/libss.so.e2fsprogs /usr/lib/libss.so && 229 mv -v /usr/lib/libss.la /usr/lib/libss.la.heimdal && 230 mv -v /usr/bin/mk_cmds /usr/bin/mk_cmds.heimdal && 231 mv -v /usr/bin/mk_cmds.e2fsprogs /usr/bin/mk_cmds && --> 232 233 <para>If you built any of the alternate forms of documentation, install it 195 <para>If you built any of the additional forms of documentation, install it 234 196 using the following commands as the 235 197 <systemitem class="username">root</systemitem> user:</para> 236 198 237 <screen role="root"><userinput>install -v -m644 doc/{heimdal,hx509}.{dvi,ps,pdf ,html,txt} \199 <screen role="root"><userinput>install -v -m644 doc/{heimdal,hx509}.{dvi,ps,pdf} \ 238 200 /usr/share/doc/heimdal-&heimdal-version;</userinput></screen> 239 201 … … 246 208 -e 's|/var/heimdal|/var/lib/heimdal|' \ 247 209 lib/kadm5/check-cracklib.pl \ 248 > /bin/krb5-check-cracklib.pl &&210 > /bin/krb5-check-cracklib.pl && 249 211 250 212 chmod -v 755 /bin/krb5-check-cracklib.pl</userinput></screen> … … 255 217 <title>Command Explanations</title> 256 218 257 <!-- <para><command>mv -v /usr/include/...</command>, 258 <command>mv -v /usr/lib/libss.* ...</command> and 259 <command>mv -v /usr/bin/mk_cmds ...</command>: The 260 <application>Heimdal</application> installation will overwrite an 261 interface header, static library, library symbolic link and a 262 shell script from the 263 <application>E2fsprogs</application> package. These commands rename the 264 original files before the installation, and then restore them (after 265 renaming the new <application>Heimdal</application> files) after the 266 installation.</para> --> 267 268 <para><command>sed -i.bak ... lib/krb5/{krb5.h,cache.c}</command>: This 269 command is an upstream fix for a multiple declaration.</para> 219 <para><command>sed -i ... `grep -lr "/var/heimdal" 220 doc kadmin kdc lib`</command>: This command is used to change the 221 hard-coded references in the documentation files from 222 <filename class='directory'>/var/heimdal</filename> to the FHS compliant 223 <filename class='directory'>/var/lib/heimdal</filename> directory 224 name.</para> 270 225 271 226 <para><parameter>--libexecdir=/usr/sbin</parameter>: This switch causes … … 302 257 the Kerberos Credentials Manager.</para> 303 258 304 <para><command>ln -sfv .../mech.5 /usr/share/man/...</command>: These 305 commands are used to fix some broken symbolic links.</para> 259 <para><option>--with-sqlite3=/usr</option>: This parameter must be 260 used so that the <command>configure</command> script properly locates the 261 installed <application>Sqlite3</application> package.</para> 262 263 <para><option>--with-openldap=/usr</option> and 264 <option>--enable-hdb-openldap-module</option>: These parameters must be 265 used so that the <command>configure</command> script properly locates the 266 installed <application>OpenLDAP</application> package in order to build the 267 module allowing an LDAP backend database.</para> 306 268 307 269 <para><command>mv ... ...SHADOW</command>, <command>mv ... /bin</command> … … 453 415 <screen role="root"><userinput>ext host/<replaceable><hostname.example.com></replaceable></userinput></screen> 454 416 455 <para>This should have created two files in 456 <filename class="directory">/etc/heimdal</filename>: 457 <filename>krb5.keytab</filename> (Kerberos 5) and 458 <filename>srvtab</filename> (Kerberos 4). Both files should have 600 459 (root rw only) permissions. Keeping the keytab files from public access 417 <para>This should have created a file in 418 <filename class="directory">/etc/heimdal</filename> named 419 <filename>krb5.keytab</filename>. This file should have 600 420 (root rw only) permissions. Keeping the keytab file from public access 460 421 is crucial to the overall security of the Kerberos installation.</para> 461 422 … … 516 477 <application>Perl</application> module. Download it from the CPAN 517 478 site. The URL at the time of this writing is <ulink 518 url="http:// cpan.org/authors/id/D/DA/DANIEL/Crypt-Cracklib-1.2.tar.gz"/>.479 url="http://www.cpan.org/authors/id/D/DA/DANIEL/Crypt-Cracklib-1.5.tar.gz"/>. 519 480 After unpacking the tarball and changing into the newly created 520 481 directory, issue the following command to add the BLFS … … 526 487 <para>Then use the standard <command>perl Makefile.PL</command>; 527 488 <command>make</command>; <command>make test</command>; 528 <command>make install</command> commands. Note that one test fails 529 due to an unknown reason.</para> 489 <command>make install</command> commands.</para> 530 490 531 491 <para id="heimdal-init">Install the … … 597 557 telnet, telnetd, tenletxr, verify_krb5_conf and xnlock</seg> 598 558 599 <seg>hdb_ldap.{so,a}, libasn1.{so,a}, libeditline.{so,a},559 <seg>hdb_ldap.{so,a}, libasn1.{so,a}, 600 560 libgssapi.{so,a}, libhdb.{so,a}, libheimntlm.{so,a}, libhx509.{so,a}, 601 561 libkadm5clnt.{so,a}, libkadm5srv.{so,a}, libkafs.{so,a}, 602 562 libkdc.{so,a}, libkrb5.{so,a}, libotp.{so,a}, libroken.{so,a}, 603 libsl.{so,a}, libss-krb5.{so,a} and wind c.{so,a}</seg>563 libsl.{so,a}, libss-krb5.{so,a} and wind.{so,a}</seg> 604 564 605 565 <seg>/etc/heimdal, /usr/include/gssapi, /usr/include/kadm5, 606 /usr/include/krb5, /usr/include/roken, /usr/include/ss,566 /usr/include/krb5, /usr/include/roken, 607 567 /usr/share/doc/heimdal-&heimdal-version; and /var/lib/heimdal</seg> 608 568 </seglistitem> … … 1083 1043 <indexterm zone="heimdal libasn1"> 1084 1044 <primary sortas="c-libasn1">libasn1.{so,a}</primary> 1085 </indexterm>1086 </listitem>1087 </varlistentry>1088 1089 <varlistentry id="libeditline">1090 <term><filename class='libraryfile'>libeditline.a</filename></term>1091 <listitem>1092 <para>is a command-line editing library with history.</para>1093 <indexterm zone="heimdal libeditline">1094 <primary sortas="c-libeditline">libeditline.a</primary>1095 1045 </indexterm> 1096 1046 </listitem>
Note:
See TracChangeset
for help on using the changeset viewer.