i decided to recompile with your changes to the test node - and its all working exceedingly well ... its the only system that has these latest changes ... and this is after all the seednodes were compiled to 1.4.0.0 ... so tanx a heap for the extra work that i now have to do for all the seednodes ... 
...
steven was having a bit of a giggle when he was telling me about the changes - and also suggested i wait before the full upgrade to the latest for all the seednodes ... so im lucky its only the single test node im upgrading
... hehehe ...
...steven was having a bit of a giggle when he was telling me about the changes - and also suggested i wait before the full upgrade to the latest for all the seednodes ... so im lucky its only the single test node im upgrading
... hehehe ...Hi crysx,
I figured I would share with you and others precisely how I build a hardened EverGreenCoin daemon since the guidance in doc/build-unix.txt had led me astray.
Here is a diff of my hardened makefile.unix.
Code:
--- makefile.unix 2016-11-10 12:08:16.596121994 -0600
+++ makefile.gentoo 2016-11-10 12:08:17.796194427 -0600
@@ -4,8 +4,10 @@
# x15 Version by mammix2 ([email protected])
-USE_UPNP:=0
+USE_UPNP:=-
USE_IPV6:=1
+STATIC=1
+PIE=1
LINK:=$(CXX)
ARCH:=$(system lscpu | head -n 1 | awk '{print $2}')
@@ -91,7 +93,7 @@
#
-DEBUGFLAGS=-g
+DEBUGFLAGS=
ifeq (${ARCH}, i686)
'ldd evergreencoind' returns
Code:
linux-vdso.so.1 (0x00007ffdce1fc000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007fa3c241d000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fa3c2200000)
libstdc++.so.6 => /usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/libstdc++.so.6 (0x00007fa3c1e89000)
libm.so.6 => /lib64/libm.so.6 (0x00007fa3c1b83000)
libgcc_s.so.1 => /usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1 (0x00007fa3c196c000)
libc.so.6 => /lib64/libc.so.6 (0x00007fa3c15bf000)
/lib64/ld-linux-x86-64.so.2 (0x00007fa3c2621000)
'scanelf -e evergreencoind' returns
Code:
TYPE STK/REL/PTL FILE
ET_DYN RW- R-- RW- /usr/bin/evergreencoind
'hardening-check evergreencoind' returns
Code:
evergreencoind:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: yes
Read-only relocations: yes
Immediate binding: yes
evergreencoin.conf recommendations
Code:
noirc=1
synctime=0
cppolicy=strict
The server must be running ntpd if synctime=0 has been set within evergreencoin.conf.
Static Libraries of OpenSSL, Boost, GMP and ZLIB must all be available in order to build EverGreenCoin statically.
Notice: No UPnP support has been included (per the makefile specification).
The above process is optimized for a headless evergreencoind binary which uses only the command line.
Best Regards,
-Chicago
this is how egc daemons are built on all the seednodes - statically and without upnp support also ...
this was a necessity for me as the redhat based systems ( centos 7 x64 - in this case ) had crippled openssl implementations ... where redhat legal removed the ecc required to build the daemons ... so i was left with no choice but to build statically every time ... its a better implementation in my opinion also ...
so the scripts we use - build the applications first - then the daemon ... and all of them build at reasonably the same time ...
but those extra conf parameters are not used ... id be interested to see how well they work with the current test node i have running with 1.4.1.0 ...
tanx for all the info - those parameters in the conf are new to me ... so its always good to learn something new ...
...#crysx
