slackware-current

mirror of git://slackware.nl/current.git synced 2024-12-26 09:58:59 +01:00

History

Patrick J Volkerding 8b19227b58 Thu May 16 02:31:40 UTC 2024 a/bcachefs-tools-1.7.0-x86_64-1.txz: Added. a/kernel-generic-6.9.0-x86_64-2.txz: Upgraded. a/kernel-huge-6.9.0-x86_64-2.txz: Upgraded. a/kernel-modules-6.9.0-x86_64-2.txz: Upgraded. d/git-2.45.1-x86_64-1.txz: Upgraded. This update fixes security issues: Recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion that can be exploited to execute just-cloned code during the clone operation. Repositories can be configured to execute arbitrary code during local clones. To address this, the ownership checks introduced in v2.30.3 are now extended to cover cloning local repositories. Local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. When cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the objects/ directory. It is supposed to be safe to clone untrusted repositories, even those unpacked from zip archives or tarballs originating from untrusted sources, but Git can be tricked to run arbitrary code as part of the clone. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-32002 https://www.cve.org/CVERecord?id=CVE-2024-32004 https://www.cve.org/CVERecord?id=CVE-2024-32020 https://www.cve.org/CVERecord?id=CVE-2024-32021 https://www.cve.org/CVERecord?id=CVE-2024-32465 (* Security fix ) d/kernel-headers-6.9.0-x86-2.txz: Upgraded. d/strace-6.9-x86_64-1.txz: Upgraded. k/kernel-source-6.9.0-noarch-2.txz: Upgraded. BCACHEFS_FS m -> y CRYPTO_CHACHA20 m -> y CRYPTO_LIB_CHACHA_GENERIC m -> y CRYPTO_LIB_POLY1305_GENERIC m -> y CRYPTO_POLY1305 m -> y MITIGATION_GDS_FORCE y -> n kde/wcslib-8.3-x86_64-1.txz: Upgraded. l/gdk-pixbuf2-2.42.12-x86_64-1.txz: Upgraded. ani: Reject files with multiple INA or IART chunks. ani: Reject files with multiple anih chunks. ani: validate chunk size. Thanks to 0xvhp, pedrib, and Benjamin Gilbert. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-48622 ( Security fix ) l/gtk+3-3.24.42-x86_64-1.txz: Upgraded. n/bind-9.18.27-x86_64-1.txz: Upgraded. This is a bugfix release. n/popa3d-1.0.3-x86_64-8.txz: Rebuilt. This is a bugfix release: Build with AUTH_PAM, not AUTH_SHADOW. Thanks to jayjwa. x/xorg-server-xwayland-23.2.7-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.		2024-05-16 05:20:07 +02:00
..
sources	Thu May 16 02:31:40 UTC 2024	2024-05-16 05:20:07 +02:00
build_installer.sh	Thu May 16 02:31:40 UTC 2024	2024-05-16 05:20:07 +02:00
ChangeLog.txt	Thu May 16 02:31:40 UTC 2024	2024-05-16 05:20:07 +02:00
installer.SlackBuild	Mon Dec 11 22:18:13 UTC 2023	2023-12-12 00:13:38 +01:00
module-blacklist	Sat Feb 29 19:20:21 UTC 2020	2020-03-01 08:59:47 +01:00
README	Mon May 28 19:12:29 UTC 2018	2018-05-31 23:39:35 +02:00
repack_installer.SlackBuild	Mon Dec 11 22:18:13 UTC 2023	2023-12-12 00:13:38 +01:00

README

The build_installer.sh script
=============================

The 'build_installer.sh' script has the following characteristics:

* It works for all Slackware ARCH'es (tested with i586 and x86_64)
* It can be started from any directory, because resulting output files will
  be written to the current directory.  This means that the script directory
  can be on a read-only filesystem.
* It can update a pre-existing initrd.img file with kernel modules
  for a new kernel in one single command
* It can build a complete Slackware installer set (initrd.img , usbboot.img
  and pxelinux.cfg_default files) from scratch
* It can create a tarball containing a 'skeleton' for an initrd, which does
  not contain any ARCH specific binary code; only the directory structure,
  symlinks, configuration files and scripts.  This skeleton can be used as a
  base for creating a new initrd from scratch, in which case no previous
  initrd.img file needs to be present to obtain the scripts etc from.  The
  skeleton file will be called 'skeleton_initrd.tar.gz' and will be written to
  the current directory.

Command line parameters and detailed usage
==========================================

Running "./build_installer.sh -h" shows this message:

# ----------------------------------------------------------------------------#
Usage: build_installer.sh <parameters>
Parameters:
  -h|--help              Show this help
  -c|--compressmods      Compress the kernel modules inside the initrd.img
  -m|--multiple          Multiple initrd files (for SMP and non-SMP kernels)
  -n|--netmods           Add network modules to the initrd
  -nc|--no-compressmods  Do _not_ compress kernel modules
  -nm|--no-multiple      Do _not_ create multiple initrd files
  -nn|--no-netmods       Do _not_ add network modules to the initrd
  -np|--no-pcmciamods    Do _not_ add pcmcia modules to the initrd
  -nr|--no-recompile     Do _not_ recompile /re-add binaries
  -nu|--no-usbboot       Do _not_ create a USB boot image
  -p|--pcmciamods        Add pcmcia modules to the initrd
  -q|--quiet             Be (fairly) quiet during progress
  -r|--recompile         Recompile /re-add binaries (busybox,bash,dropbear as
                         well as any required bin/lib from Slackware packages)
  -s|--skeleton          Stop after creating a skeleton_initrd.tar.gz
                         (which only contains directories and scripts) 
  -u|--usbboot           Create a USB boot image
  -v|--verbose           Be (very) verbose during progress
  -I|--initrd <file>     Specify location of the initrd.img file
  -S|--slackroot <dir>   Specify location of the Slackware directory tree

Actions to be taken (ARCH=x86_64):
* Be (very) verbose during progress
* Recompile /re-add binaries
* Add network modules to the initrd
* Add pcmcia modules to the initrd
* Compress all kernel modules
* Do _not_ split the initrd
* Create a USB boot image

Use Slackware root: 
  /mnt/nfs/door/non-public/slackware-current
Use initrd file: 
  /mnt/nfs/door/non-public/slackware-current/isolinux/initrd.img

# Note: [1] If you want to build your own specific bash, busybox and dropbear #
#           instead of using the sources provided by the Slackware tree,      #
#           you should have these sources ready below                         #
#           ./sources/{bash,busybox,dropbear}                                 #
#           Delete the directory if you don't want to use it!                 #
#       [2] If you want to use your own _skeleton_ initrd (containing only    #
#           the directory layout plus all the scripts) you just make it       #
#           available as ./sources/initrd/skeleton_initrd.tar.gz              #
#                                                                             #
#          The script will look for the directory 'sources' first in your     #
#          working directory, and next in the script's directory (whatever is #
#          found in your working directory takes precedence).                 #
# ----------------------------------------------------------------------------#


The default actions performed by the script may be different for each ARCH -
they are parametrized in the script and can be modified by adding commandline
switches to the script's invocation.  The examples below use explicit
switches to make them are valid commands for all ARCHes.

Examples of  usage
==================

(1) Specify a different ARCH than the default, and point the script to a
    non-default root directory of the Slackware tree:

    # ARCH=i486 SLACKROOT=~ftp/pub/slackware-current ./build_installer.sh

(2) Slackware gets a new kernel, and the initrd needs to be updated with
    new modules:

    # ./build_installer.sh -n -p -nr -u

    This command adds updated net/pcmcia modules to the initrd.img (and removes
    old modules of course), will not recompile any of the binary software inside
    (notably bash, busybox and dropbear) and will create a USB boot image as
    the final action.  Output files are created in the current directory.

(3) Strip Slackware's existing initrd.img until it's skeleton remains:

    # ./build_installer.sh -s

    This command takes the file '$SLACKROOT/isolinux/initrd.img' and writes
    the resulting 'skeleton_initrd.tar.gz' to the current directory.
    NOTE: If you ever need to create a skeleton tarball, be sure to use a 32bit
          slackware tree's initrd.img file for this.  That way, the pathname
          'slackware' will be present in the tarball, and the build_installer.sh
          script will be able to translate that to an ARCH-specific directory
          name like for instance "slackware64" for the x86_64 platform.
          Even on x86_64 you can run this command:

          # ARCH=i486 SLACKROOT=/stuff/slackware32 ./build_installer.sh -s

          to use a 32bit initrd.img file as the source.

(4) Create a new initrd.img file from scratch, using a pre-existing skeleton
    initrd tarball, and my own busybox sources/patches (while using the sources
    for bash and dropbear that are present in the slackware directory tree):

    # mkdir -p ./sources/{busybox,initrd}
    # cp /home/slackware64/installer/skeleton_initrd.tar.gz ./sources/initrd/
    # cp -a my_busybox_stuff/* ./sources/busybox/
    # ARCH=x86_64 ./build_installer.sh -c -n -p -u 

    This will build initrd.img from the ground up, compiling binaries for bash,
    busybox and dropbear (used in the installer) from their sources and
    extracting library/binary files from several of the Slackware packages
    found in the slackware directory tree. Network and pcmcia kernel modules
    will be added and compressed (cutting down the client's RAM requirements
    with 9 MB during installation), and finally a USB bootable image named
    'usbboot.img' will be created.