Differences between LFS, blfs, alfs, and HLFS

Linux from scratch (LFS) and its descendants represent a new method to reveal how the Linux operating system works. LFS is based on the assumption that part of the compilation of a complete operating system can not only reveal how the operating system works, it also allows independent operators to build a system for speed, memory usage, or security.

Many writers have written books on UNIX styles and have thoroughly studied scheduling, memory management, multi-process and thread, file systems, and interactions between users and the kernel. Writers who write Linux books have an advantage over UNIX writers: despite the drastic changes in the group, the Linux kernel cannot be divided into several competing branches due to the GNU Public License (GPL) centralized research laboratories open source development lab (osdl) and Linus Torvalds are unshakable, making Linux lucky enough to become a slow moving target ).

Why is the Unix kernel important?

Apart from some similarities, different UNIX kernels are different. A variety of UNIX styles also have a lack of advantages in Linux: All UNIX styles are assumed to be completely operating systems. Linux is often described as "just a kernel" (if such a definition is used, it is also an arbitrary definition), which provides the core of Public Functions and implementations, whether the kernel is running in a less powerful Pentium? These public functions and implementations will not change in essence on the II server or on the initric multiprocessing (SMP) system. To simplify the process, it may be said that the farther away from the Linux kernel, more changes will be discovered, while the UNIX system tends to be a discrete implementation of various Unix/POSIX standards.

It's not that easy. Detecting the Linux kernel and system-level code may be time-consuming and will be restricted in the real world. The LFS project aims to solve limited system-level comprehensibility issues on Linux. We have discussed the fact that the kernel requires a large number of libraries and tools to run the most basic tasks on the Linux system, however, if a skilled user has a slim-line Linux release, what should he do if he doesn't want to download a few gib bytes so that he won't let him optimize the system or leave him away with the binary code of all these troublesome and unnecessary tools? If a very skilled user refuses to accept the harsh conditions (diktat) of various community releases and wants to run a Linux/Apache/MySQL/PHP (LAMP) from CD) what should I do if it is an application stack of the type? LFS can solve these problems.

Linux from scratch (LFS)

The LFS project is clearly based on source files that are adequate and unnecessary for basic Linux systems. It has gone beyond the Linux kernel and device drivers, because it needs to generate a workable Linux system, you must add a complete compiler tool chain, many Linux assembler utilities, glibc system libraries, system configuration tools, and tools connected to userland shell access. LFS is built on the assumption that Linux or Unix allows users with some scripting knowledge to understand how a completely useful system works, instead of studying the kernel code itself.

To understand how the Linux system works, the LFS creators determine that compiling the system by following module dependencies may be the most natural way to understand general operating systems and specific Linux mechanisms. After you have mastered the compilation process, you can start to eliminate the components that are connected to the system components that are irrelevant to the basic purpose of supporting the operating system. For example, it is feasible to eliminate the compiler tool chain after compilation. If you do not have a full set of command line utilities, you can use the embedded LAMP stack together. The Configuration Utility can also be discarded. Most users can use a file system that is not supported by too many Linux instances.

Linux Components

An important part of the LFS system is that it can be used as a large number of source files produced by the tar ball. Document is another important part and the most important. In fact, it is very likely to use the latest LFS book file and create an LFS release, because the LFS book details each download location and each source file and its dependent features. The process for compiling each set of source files from the kernel to the compiler to the shell has been written. If possible, you can also find replacement routines in LFS books that describe systems with different features. Another component of the LFS system that is unlikely to appear in the general user toolbox is the boot script required to guide the system after the basic LFS system is combined.

The biggest warning to the LFS release is that brave release builders need a workable Linux release, includes a complete compiler toolchain and a set of file system creation utilities. Naturally, all source code-based Linux distributions must be guided by a specific compiler version of each release. LFS is not the only system in this field, but it is the only system that allows you to directly process a single source file. Most other source-based Linux systems, such as sourcemage and mygeos, provide a complete download, which is recommended for users. LFS does not make such assumptions and encourages the splitting of the LFS framework.

It is assumed that the active Linux release has been installed on non-external (nonexotic) hardware, even if LFS may not be followed by configuration tools and scripts. To compile LFS, you must prepare a partition and a file system, and compile a compiler and system library. If you do it manually, this is a very frustrating process, but it does increase your confidence in handling other installations. It takes an hour to four days to compile the entire system. The specific time depends on the age of the underlying hardware and your command line technical proficiency.

Make a considerable assumption that, if you are willing to retain the book installation to a large extent and minimize the changes to the installation proposed in the LFS book, you can also use automated installation routines to install LFS-based releases. The installation routine is not provided in the LFS book, but can be obtained as an XML-based release under the name of automated Linux from scratch (alfs. Active installation can be obtained as a C-based script, which uses ncurses to simulate graphical installation. This installation is also called nalfs and provides an extremely flexible package installation framework. Working requires a Linux system with a C compiler and XML parser that can work. A working LFS system is enough.

Automatic Linux from scratch (alfs)

Alfs aims to surpass LFS itself. LFS guides the internal work of Linux-based operating systems by itself, but it does not have a single graphical user interface (GUI ). LFS neither allows connection to the network nor the internet. Alfs can simplify system expansion, such as adding libraries that support Internet access, or installing the X libraries required by the graphic desktop.

Beyond LFS (blfs)

The LFS creators recognize the requirements for various other source-based Linux systems. For those who want to surpass LFS and add X Window System, gnome, and network support, another LFS school creature is created: Beyond Linux from scratch (blfs ). The third LFS book (so we will not forget to talk about books rather than the release version) forms a triangle based on an angle: for automatically compiled and fully source-based Linux distributions, the basic LFS version is the foundation. Blfs converts basic Linux systems into a fully accepted Linux system. AFlS simplifies installation and extension of source code-based Linux installation. The compilation of the entire source code-based system is guided by a script. After you adjust the script's hardware, you can run the script yourself. After you (or the installation engineer) determine which packages to run, that is, the specific office application suite, you can easily expand the installation sequence. Alfs will also come in handy sooner or later because it is suitable for installing the network scope from the source code.

Hardened LFS (HLFS)

The last member of the LFS family solves a particularly important aspect of source code-based Linux: security. For those who do not want to rely on the patches delivered by the selected Linux release server, the common security method is to track the Security Report for the selected core library and application. For LFS implementers, the problem is somewhat different: Although not impossible, it is difficult to audit Linux kernel code, it may also include many libraries and utilities that focus on the internal functions of Linux-based operating systems.

Code auditing is quite time-consuming. it is wise to add a large number of patches only when the patch server is centrally maintained by dedicated personnel. However, some libraries can be rewritten to reflect security issues. A good example is that it is extremely difficult to guess the process identifier by randomly assigning numbers from an appropriate large random number pool. This method was first adopted in the OpenBSD project, followed by various Unix styles and Linux releases.

A fairly new project is called hardened Linux from scratch (HLFS). This security method is used in Linux. This project assumes that you have mastered some components of LFS and blfs in a fairly formal manner, and will not use several practical tools and libraries that will become the standard in most Linux systems.

The most important part added to HLFS may be Stack-smashing protector (SSP), which can be enabled by using the GCC command. SSP is developed to defend against Stack-smashing attacks. These attacks are the most common security threats that affect Linux systems. Other security measures include first-class random number generator and independent executable program compilation, which is usually converted into executable code of static link object code as a shared library, the executable database with independent locations can hide these addresses by randomizing the addresses. Of course, you can obtain a large number of patches from the HLFS web site and view its source code.

Growing LFS family

In many aspects, the Linux LFS family is a method that allows hackers to construct Linux-based operating systems. However, for the LFS creators, the most important result seems to be that through LFS, all Linux distributions become intelligent for the users involved. By allowing users to build a Linux release in part and helping users regard a Linux-based operating system as a system composed of many components, you can also use another method to build the Linux release.

In general, you need to change the way you build a Linux release without having to be a programmer: just a bit of script writing capability you have learned from building an LFS system. LFS experts can change and extend the perfect combination of Linux releases without affecting its basic structure. This feature is especially important for organizations with personnel and experts who maintain the Linux system but have no funds to purchase commercial support from consulting agencies and companies. The Linux System Based on LFS has been demonstrated for teaching purposes and large-scale networks. They may also be used in other fields.

Http://www.linuxfromscratch.org