Changeset d40737d
- Timestamp:
- 03/07/2010 12:34:03 AM (14 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 2cc7a668
- Parents:
- 0e5a229a
- Location:
- postlfs
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/config/devices.xml
r0e5a229a rd40737d 79 79 If a package maintainer forgot to write a rule for your device, 80 80 report a bug to both BLFS (if the package is there) and upstream, and 81 you will need otwrite your own rule.</para>81 you will need to write your own rule.</para> 82 82 83 83 <para>There is one situation when such fine-grained access control with -
postlfs/security/iptables.xml
r0e5a229a rd40737d 109 109 commands:</para> 110 110 111 <screen><userinput>./configure --prefix=/usr && 111 <screen><userinput> 112 ./configure --prefix=/usr \ 113 --bindir=/sbin \ 114 --sbindir=/sbin \ 115 --libdir=/lib \ 116 --libexecdir=/lib \ 117 --with-pkgconfigdir=/usr/lib/pkgconfig && 112 118 make</userinput></screen> 113 119 … … 119 125 120 126 </sect2> 121 <!-- 127 122 128 <sect2 role="commands"> 123 129 <title>Command Explanations</title> 124 130 125 <para><command>sed -i 's/name="$node/name="node/' iptables.xslt</command>: 126 This corrects a syntax error in the XSLT stylesheet for use with 127 <command>iptables-xml</command>.</para> 128 129 <para><parameter>PREFIX=/usr LIBDIR=/lib BINDIR=/sbin</parameter>: 130 Compiles and installs <application>iptables</application> modules 131 into <filename class="directory">/lib</filename>, binaries into 132 <filename class="directory">/sbin</filename> and the remainder into 133 the <filename class="directory">/usr</filename> hierarchy instead of 134 <filename class="directory">/usr/local</filename>. Firewalls are 135 generally activated during the boot process and 136 <filename class="directory">/usr</filename> may not be mounted at 137 that time.</para> 138 139 <para><parameter>KERNEL_DIR=/usr</parameter>: This parameter is used to 140 point at the sanitized kernel headers in 141 <filename class='directory'>/usr</filename> and not use the raw kernel 142 headers in <filename class='directory'>/usr/src/linux</filename>.</para> 143 144 </sect2> 145 --> 131 <para><parameter>--bindir=/sbin</parameter>, 132 <parameter>--sbindir=/sbin</parameter>: Ensure all the executables go 133 in <filename class="directory">/sbin</filename>.</para> 134 135 <para><parameter>--libdir=/lib</parameter>, 136 <parameter>--libexecdir=/lib</parameter>: Ensure all the libraries are 137 in the <filename class="directory">/lib</filename> directory tree.</para> 138 139 <para><parameter>--with-pkgconfigdir=/usr/lib/pkgconfig</parameter>: 140 Ensure all the pkgconfig files are in the standard location.</para> 141 142 </sect2> 143 146 144 <sect2 role="configuration"> 147 145 <title>Configuring Iptables</title> … … 180 178 and ip6tables-multii</seg> 181 179 <seg>libip4tc.so, libip6tc.so, libiptc.so, libxtables.so, 182 and numerous modules in / usr/libexec/xtables/</seg>183 <seg>/ usr/libexec/xtables and /usr/include/libiptc</seg>180 and numerous modules in /lib/xtables/</seg> 181 <seg>/lib/xtables/xtables and /usr/include/libiptc</seg> 184 182 </seglistitem> 185 183 </segmentedlist>
Note:
See TracChangeset
for help on using the changeset viewer.