mirror of
git://slackware.nl/current.git
synced 2024-11-16 07:48:02 +01:00
8b19227b58
a/bcachefs-tools-1.7.0-x86_64-1.txz: Added.
a/kernel-generic-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-huge-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-modules-6.9.0-x86_64-2.txz: Upgraded.
d/git-2.45.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002
https://www.cve.org/CVERecord?id=CVE-2024-32004
https://www.cve.org/CVERecord?id=CVE-2024-32020
https://www.cve.org/CVERecord?id=CVE-2024-32021
https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
d/kernel-headers-6.9.0-x86-2.txz: Upgraded.
d/strace-6.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.0-noarch-2.txz: Upgraded.
BCACHEFS_FS m -> y
CRYPTO_CHACHA20 m -> y
CRYPTO_LIB_CHACHA_GENERIC m -> y
CRYPTO_LIB_POLY1305_GENERIC m -> y
CRYPTO_POLY1305 m -> y
MITIGATION_GDS_FORCE y -> n
kde/wcslib-8.3-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.12-x86_64-1.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
l/gtk+3-3.24.42-x86_64-1.txz: Upgraded.
n/bind-9.18.27-x86_64-1.txz: Upgraded.
This is a bugfix release.
n/popa3d-1.0.3-x86_64-8.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
x/xorg-server-xwayland-23.2.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
99 lines
3.5 KiB
Text
99 lines
3.5 KiB
Text
|
|
Slackware initrd mini HOWTO
|
|
by Patrick Volkerding, volkerdi@slackware.com
|
|
Thu May 16 00:12:19 UTC 2024
|
|
|
|
This document describes how to create and install an initrd, which may be
|
|
required to use the 4.x kernel. Also see "man mkinitrd".
|
|
|
|
1. What is an initrd?
|
|
2. Why to I need an initrd?
|
|
3. How do I build the initrd?
|
|
4. Now that I've built an initrd, how do I use it?
|
|
|
|
|
|
1. What is an initrd?
|
|
|
|
Initrd stands for "initial ramdisk". An initial ramdisk is a very small
|
|
Linux filesystem that is loaded into RAM and mounted as the kernel boots,
|
|
and before the main root filesystem is mounted.
|
|
|
|
2. Why do I need an initrd?
|
|
|
|
The usual reason to use an initrd is because you need to load kernel
|
|
modules before mounting the root partition. Usually these modules are
|
|
required to support the filesystem used by the root partition (ext3, ext4,
|
|
btrfs, xfs), or perhaps the controller that the hard drive is attached
|
|
to (SCSI, RAID, etc). Essentially, there are so many different options
|
|
available in modern Linux kernels that it isn't practical to try to ship
|
|
many different kernels to try to cover everyone's needs. It's a lot more
|
|
flexible to ship a generic kernel and a set of kernel modules for it.
|
|
|
|
3. How do I build the initrd?
|
|
|
|
The easiest way to make the initrd is to use the mkinitrd script included
|
|
in Slackware's mkinitrd package. We'll walk through the process of
|
|
upgrading to the generic 6.9 Linux kernel using the packages
|
|
found in Slackware's slackware/a/ directory.
|
|
|
|
First, make sure the kernel, kernel modules, and mkinitrd package are
|
|
installed (the current version numbers might be a little different, so
|
|
this is just an example):
|
|
|
|
installpkg kernel-generic-6.9.0-x86_64-2.txz
|
|
installpkg kernel-modules-6.9.0-x86_64-2.txz
|
|
installpkg mkinitrd-1.4.11-x86_64-34.txz
|
|
|
|
Change into the /boot directory:
|
|
|
|
cd /boot
|
|
|
|
Now you'll want to run "mkinitrd". I'm using ext4 for my root filesystem,
|
|
and since the disk controller requires no special support the ext4 module
|
|
will be the only one I need to load:
|
|
|
|
mkinitrd -c -k 6.9 -m ext4
|
|
|
|
This should do two things. First, it will create a directory
|
|
/boot/initrd-tree containing the initrd's filesystem. Then it will
|
|
create an initrd (/boot/initrd.gz) from this tree. If you wanted to,
|
|
you could make some additional changes in /boot/initrd-tree/ and
|
|
then run mkinitrd again without options to rebuild the image. That's
|
|
optional, though, and only advanced users will need to think about that.
|
|
|
|
Here's another example: Build an initrd image using Linux 6.9
|
|
kernel modules for a system with an ext4 root partition on /dev/sdb3:
|
|
|
|
mkinitrd -c -k 6.9 -m ext4 -f ext4 -r /dev/sdb3
|
|
|
|
|
|
4. Now that I've built an initrd, how do I use it?
|
|
|
|
Now that you've got an initrd (/boot/initrd.gz), you'll want to load
|
|
it along with the kernel at boot time. If you use LILO for your boot
|
|
loader you'll need to edit /etc/lilo.conf and add a line to load the
|
|
initrd. Here's an example section of lilo.conf showing how this is
|
|
done:
|
|
|
|
# Linux bootable partition config begins
|
|
image = /boot/vmlinuz-generic
|
|
initrd = /boot/initrd.gz
|
|
root = /dev/sda6
|
|
label = Slackware
|
|
read-only
|
|
# Linux bootable partition config ends
|
|
|
|
The initrd is loaded by the "initrd = /boot/initrd.gz" line.
|
|
Just add the line right below the line for the kernel image you use.
|
|
Save the file, and then run LILO again ('lilo' at the command line).
|
|
You'll need to run lilo every time you edit lilo.conf or rebuild the
|
|
initrd.
|
|
|
|
Other bootloaders such as syslinux also support the use of an initrd.
|
|
See the documentation for those programs for details on using an
|
|
initrd with them.
|
|
|
|
|
|
---------
|
|
|
|
Have fun!
|