Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Monitoring make
May 6, 2005, 12:00 am
rate this thread
files require root for the install, I would like to watch the files
that make, configure, src rpms, or any install script modifes or
creates. Are there any other security concerns regarding compiling
and installing software and is there any software to monitor these
Re: Monitoring make
Well, first and foremost, you have the makefile, and the source. Read
every line of it all to see what it does, if you don't trust the
software you are making.
You will note that just doing make puts copious output to the screen.
Save it all in a file, if you wish to review it.
make 2>&1 |tee makelog
will save all the information, including errors, to the file makelog in
the directory in which you run make.
Similarly with make install. Of course, if there is damage to be done,
it is likely done at that point.
I guess my non-expert advice would be, if you don't think you can trust
the code, don't make it and for heaven's sake don't install it as root.
Stick to code from reputable sources (established project on
sourceforge and such). Check the md5 sums.
And unless you are dealing with something really in the knickers of system
will end up doing the installation in your home directory and not
Re: Monitoring make
Then why don't use -n flag? When I build Slackware's package then last
thing before `make install' is to check whether makefile recognizes
DESTDIR variable: `make -n install DESTDIR=/bleble | less -S'
One might use checkinstall as well. Checkinstall monitors which files
are going to be changed and saves them in safe place. The result will be
two packages (*.deb, RPM or *.tgz, depending on configuration): one with
program, one with original versions of modified files.
Feel free to correct my English
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security