[Freeswitch-users] RPMs and Yum repo for EL5 and EL6 based system in beta

Ken Rice krice at freeswitch.org
Wed Feb 15 18:26:50 MSK 2012


Source0 is a tarball generated from either scripts/tagscript.sh or
scripts/dailys.sh both of these roll the tar ball

the other Source# are tar balls we require to build and are not in the git
tree

As far as the BuildRequires those are there because they are required to
build all the modules the whole point of rolling modular RPMs like this is
so that we can build everything at one time and you can roll your own
config package (see package config-vanilla) and thats all you need to build
everything else is done for you

Changing UserNames doesn't add any security really... you should be running
freeswitch as a non-root user and then it should be a locked account
possibly with /bin/nologin or /bin/false as the shell unless you have other
reasons that make the last thing not needed...

Changing the usernames increases support problems (as does doing stupid
stuff like changing the UserAgent string) this is NOT securing the system
as its just Security By Obscurity and we have been taught many times over
the years that security by obscurity does not work.







On Wed, Feb 15, 2012 at 9:15 AM, Josh <mojo1736 at privatedemail.net> wrote:

>
> > yeah its pretty complete... still needs some testing... and I still
> > want to make a couple more adjustments to it for FHS compliancy..  end
> > goal is to use this to get us into EPEL and eventually in to EL7 when
> > it rolls out!
> Excellent! As my distro is Fedora Core, I would certainly make a few
> tweaks to the .spec file to adapt it. I will also cross-compile the
> whole thing, so I am bound to hit a few issues, but if this file is
> near-enough complete, then that's good enough for me. I've just finished
> a long-overdue upgrade of my build environment (have been postponing it
> for over a month) and I am ready to roll...
>
> > if you want to look at WIP see my working branch on github at
> > http://github.com/swk/fs_test/
> Thanks for that - I already have it (you've last updated it 2 days ago
> according to the git logs). One of the tweaks I'll do is make the build
> a bit more modular. For example, I do not need ODBC/PostgreSQL, so the
> ODBC/PostgreSQL-related BuildRequires are not needed, so I'll probably
> encapsulate the whole package with %define, %if...%endif block. I'll
> also add a separate %define for the FS user and group names (so that
> they are configurable - just as a security precaution).
>
> I also notice you are not building h323 due to dependency issues. What
> kind of issues?
>
> Also, I take it Source0 is the compressed archive of the current git, is
> that so? If that is not the case, are the files listed as
> Source1...Source13 necessary if I download directly from git and then
> compress that into an archive?
>
> It is important for me to know, because my intention is to check out the
> latest git, compress it and use that as the main source for the build,
> therefore need to know whether the additional sources
> (Source1...Source13) are in fact part of the main git tree.
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120215/8d0b374d/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list