[prev in list] [next in list] [prev in thread] [next in thread]
List: secure-desktops
Subject: Re: [Secure Desktops] How to build subgraph from source code?
From: David McKinney <mckinney () subgraph ! com>
Date: 2016-05-17 21:31:01
Message-ID: 20160517213101.GA4751 () subgraph
[Download RAW message or body]
On Wed, May 04, 2016 at 06:23:54PM +0000, Patrick Schleizer wrote:
> David McKinney:
> > Subgraph OS ISOs are built using Debian live-build.
> >
> > The live-config is here:
> > https://github.com/subgraph/subgraph_desktop_stretch
> >
> > However, at the moment just running this in live-build will not be sufficient
> > to create an ISO. A few extra things are required:
> > 1. Kernel packages must be dropped into the live-build and the config must
> > specify the correct kernel version
> >
> > 2. Live-build must be patched, see:
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816204
> >
> > 3. Occasionally other Debian packages must be dropped into the live config to
> > fix dependencies if packages get removed from testing or are broken.
> >
> > 4. A few live-config variables are set dynamically at runtime (for staging and
> > testing different build scenarios, pointing to an apt-cache, dealing with
> > occasional debian-installer probz, etc.)
>
> This sounds rather difficult.
It is more difficult for others to build than for us but we do plan to
address this.
> Did you consider being based on Debian stable?
We considered it and decided against it.
> Otherwise stability to build released versions can be gained by using
> http://snapshot.debian.org. They are providing frozen states of the
> Debian testing repository and more. So if you released a version that
> was build using snapshot.debian.org, then issues like 3. should not
> happen at all. snapshot.debian.org is also a prerequisite for
> deterministic builds.
We're setting up our own repos that will allow us to stage stuff from
testing and provide snapsnots. It will also make it easier to live-build
Subgraph OS as the patched version can be obtained from our repository.
_______________________________________________
Desktops mailing list
Desktops@secure-os.org
https://secure-os.org/cgi-bin/mailman/listinfo/desktops
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic