Changeset 328eb6f for chapter08/glibc.xml
- Timestamp:
- 02/27/2024 03:52:31 PM (6 months ago)
- Branches:
- xry111/arm64
- Children:
- e4e7ffb
- Parents:
- 648f145 (diff), 23f4367 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter08/glibc.xml
r648f145 r328eb6f 50 50 51 51 <screen><userinput remap="pre">patch -Np1 -i ../&glibc-fhs-patch;</userinput></screen> 52 52 <!-- 53 53 <para>Now fix two security vulnerabilities and a regression causing the 54 54 posix_memalign() function very slow in some conditions:</para> 55 55 56 56 <screen><userinput remap="pre">patch -Np1 -i ../&glibc-upstream-fixes-patch;</userinput></screen> 57 57 --> 58 58 <para>The Glibc documentation recommends building Glibc 59 59 in a dedicated build directory:</para> … … 74 74 --enable-kernel=&min-kernel; \ 75 75 --enable-stack-protector=strong \ 76 --with-headers=/usr/include \77 76 --disable-nscd \ 78 77 libc_cv_slibdir=/usr/lib</userinput></screen> … … 104 103 <para>This option increases system security by adding 105 104 extra code to check for buffer overflows, such as stack 106 smashing attacks.</para> 107 </listitem> 108 </varlistentry> 109 <!-- do we need this one? --> 110 <varlistentry> 111 <term><parameter>--with-headers=/usr/include</parameter></term> 112 <listitem> 113 <para>This option tells the build system where to find the 114 kernel API headers.</para> 105 smashing attacks. Note that Glibc always explicitly overrides 106 the default of GCC, so this option is still needed even though 107 we've already specified <option>--enable-default-ssp</option> for 108 GCC.</para> 115 109 </listitem> 116 110 </varlistentry> … … 170 164 </listitem> 171 165 172 <!-- Did not fail with glibc-2.38173 <listitem>174 <para><emphasis>misc/tst-ttyname</emphasis>175 is known to fail in the LFS chroot environment.</para>176 </listitem>177 -->178 179 <!-- https://sourceware.org/pipermail/libc-alpha/2022-August/141567.html -->180 <listitem>181 <para>The <emphasis>stdlib/tst-arc4random-thread</emphasis>182 test is known to fail if the host kernel is relatively old.</para>183 </listitem>184 185 166 <listitem> 186 167 <para>Some tests, for example 187 <emphasis>nss/tst-nss-files-hosts-multi</emphasis>, 188 are known to fail on relatively slow systems due to an internal 189 timeout.</para> 168 <emphasis>nss/tst-nss-files-hosts-multi</emphasis> and 169 <emphasis>nptl/tst-thread-affinity*</emphasis> 170 are known to fail due to a timeout (especially when the system is 171 relatively slow and/or running the test suite with multiple 172 parallel make jobs). These tests can be identified with:</para> 173 174 <!-- TODO: Using nodump for freeze. Change it to role="test" after 175 12.1 release so jhalfs can list these in the log. --> 176 <screen role="nodump"><userinput>grep "Timed out" -l $(find -name \*.out)</userinput></screen> 177 178 <para>It's possible to re-run a single test with enlarged timeout 179 with 180 <command>TIMEOUTFACTOR=<replaceable><factor></replaceable> 181 make test t=<replaceable><test name></replaceable></command>. 182 For example, <command>TIMEOUTFACTOR=10 make test 183 t=nss/tst-nss-files-hosts-multi</command> will re-run 184 <emphasis>nss/tst-nss-files-hosts-multi</emphasis> with ten times 185 the original timeout.</para> 190 186 </listitem> 191 187 192 188 <listitem> 193 189 <para>Additionally, some tests may fail with a relatively old CPU 194 model or host kernel version.</para> 190 model (for example 191 <emphasis>elf/tst-cpu-features-cpuinfo</emphasis>) or host kernel 192 version (for example 193 <emphasis>stdlib/tst-arc4random-thread</emphasis>).</para> 195 194 </listitem> 196 195 </itemizedlist> … … 207 206 208 207 <screen><userinput remap="install">sed '/test-installation/s@$(PERL)@echo not running@' -i ../Makefile</userinput></screen> 208 209 <important> 210 <para> 211 If upgrading Glibc to a new minor version (for example, from 212 Glibc-2.36 to Glibc-&glibc-version;) on a running LFS system, you 213 need to take some extra precautions to avoid breaking the system: 214 </para> 215 216 <itemizedlist> 217 <listitem> 218 <!-- There are two reasons we don't support this: 219 1. Upgrading on a system with separate /lib and /usr/lib is 220 tricky. 221 2. With Glibc prior to 2.34 libc.so.6 etc. are symlinks to 222 libc-2.33.so etc., again causing the upgradation tricky. 223 The Glibc NEWS file explicit states they no longer use 224 symlinks for the ABI names to avoid upgradation 225 issues. --> 226 <para> 227 Upgrading Glibc on a LFS system prior to 11.0 (exclusive) is 228 not supported. Rebuild LFS if you are running such an old LFS 229 system but you need a newer Glibc. 230 </para> 231 </listitem> 232 233 <!-- https://sourceware.org/pipermail/libc-alpha/2024-January/154095.html --> 234 <listitem> 235 <para> 236 If upgrading on a LFS system prior to 12.0 (exclusive), install 237 <application>Libxcrypt</application> following 238 <xref role='.' linkend='ch-system-libxcrypt'/> In addition to 239 a normal <application>Libxcrypt</application> installation, 240 <emphasis role='bold'>you MUST follow the note in Libxcrypt 241 section to install 242 <filename class='libraryfile'>libcrypt.so.1*</filename> 243 (replacing 244 <filename class='libraryfile'>libcrypt.so.1</filename> from the 245 prior Glibc installation)</emphasis>. 246 </para> 247 </listitem> 248 249 <!-- Otherwise on lfs-systemd nscd will fail to start on boot, 250 and on both lfs-sysv and lfs-systemd useradd etc. will try 251 to start nscd, then nscd will fail to start as well and 252 produce some spurious error message. --> 253 <listitem> 254 <para> 255 If upgrading on a LFS system prior to 12.1 (exclusive), 256 remove the <command>nscd</command> program: 257 </para> 258 259 <screen role='nodump'><userinput>rm -f /usr/sbin/nscd</userinput></screen> 260 261 <para revision='systemd'> 262 If this system (prior to LFS 12.1, exclusive) is based on 263 Systemd, it's also needed to disable and stop the 264 <command>nscd</command> service now: 265 </para> 266 267 <screen revision='systemd' role='nodump'><userinput>systemctl disable --now nscd</userinput></screen> 268 </listitem> 269 270 <listitem> 271 <para> 272 Upgrade the kernel and reboot if it's older than &min-kernel; 273 (check the current version with <command>uname -r</command>) 274 or if you want to upgrade it anyway, following 275 <xref linkend='ch-bootable-kernel' role='.'/> 276 </para> 277 </listitem> 278 279 <listitem> 280 <para> 281 Upgrade the kernel API headers if it's older than &min-kernel; 282 (check the current version with 283 <command>cat /usr/include/linux/version.h</command>) 284 or if you want to upgrade it anyway, following 285 <xref linkend='ch-tools-linux-headers'/> (but removing 286 <envar>$LFS</envar> from the <command>cp</command> command). 287 </para> 288 </listitem> 289 290 <!-- This is to ensure we don't start a process at the time point 291 where some Glibc shared libraries are updated but the others 292 are not. Such mismatches can cause programs crash on startup, 293 esp. a mismatch between ld-linux-x86-64.so.2 and 294 libc.so.6. Note that a crash in the installation process 295 will leave the system in a state with the mismatch forever, 296 unrecoverable without the help of another distro. --> 297 <listitem> 298 <para> 299 Perform a <envar>DESTDIR</envar> installation and upgrade 300 the Glibc shared libraries on the system using one single 301 <command>install</command> command: 302 </para> 303 304 <screen role='nodump'><userinput>make DESTDIR=$PWD/dest install 305 install -vm755 dest/usr/lib/*.so.* /usr/lib</userinput></screen> 306 </listitem> 307 </itemizedlist> 308 309 <para> 310 It's imperative to strictly follow these steps above unless you 311 completely understand what you are doing. 312 <emphasis role='bold'>Any unexpected deviation may render the 313 system completely unusable. YOU ARE WARNED.</emphasis> 314 </para> 315 316 <para> 317 Then continue to run the <command>make install</command> command, 318 the <command>sed</command> command against 319 <filename>/usr/bin/ldd</filename>, and the commands to install 320 the locales. Once they are finished, reboot the system 321 immediately. 322 </para> 323 </important> 209 324 210 325 <para>Install the package:</para> … … 421 536 <listitem> 422 537 <para>This creates the <filename>posixrules</filename> file. We use 423 New York because POSIX requires the daylight saving stime rules538 New York because POSIX requires the daylight saving time rules 424 539 to be in accordance with US rules.</para> 425 540 </listitem>
Note:
See TracChangeset
for help on using the changeset viewer.