129 lines
5.7 KiB
Markdown
129 lines
5.7 KiB
Markdown
# Lisp (SBCL + emacs + slime) on Hardened-ish Gentoo on Xen (take 2) #
|
||
*Sep 16, 2010*
|
||
|
||
A while ago I tried with mixed success to get Lisp onto my Gentoo Hardened server. I had to go a binary only route and kind of stopped there not taking it any farther. Now, 2 years later, I need the full meal deal, lisp + emacs + slime, on my server, which is now a Xen VPS with as much hardening as I could get (much less kernel based hardening since it's the VPS's kernel). It was still too much for SBCL to compile in portage so here's what I did to get it all working.
|
||
|
||
So you need an out of tree binary copy of SBCL. Live with it. It works. The problem with going with out of tree software, especially for a language, is that what ever binary you get isn't supported and hasn't been tested against all the software in-tree. For instance I initially tried the newest version of SBCL (1.0.42) but ran into problems with portage's stable slime.
|
||
Ultimately I went with the closest I could get to portage's stable version. Portage has 1.0.19 marked as the most recent stable version so I went out and downloaded the binary of that version
|
||
|
||
$ wget http://sourceforge.net/projects/sbcl/files/sbcl/1.0.19/sbcl-1.0.19-x86-linux-binary.tar.bz2/download
|
||
$ tar -xjf sbcl-1.0.19-x86-linux-binary.tar.bz2
|
||
|
||
So change into the directory and check out INSTALL. Basically installation is easy. Binary SBCL is configured around installing into /usr/local but that can be gotten around. So we'll go with a more traditional install into /usr
|
||
|
||
*Note*: My test box is a VPS with a Xen kernel not a hardened kernel so I didn't have any PaX problems, but my notes for the last time I tired this on a full hardened install mention that you need do disable some PaX features before SBCL will work:
|
||
|
||
$ paxctl -p -e -m -r -x -s " on src/runtime/sbcl
|
||
|
||
Install to /usr
|
||
|
||
# INSTALL_ROOT=/usr sh install.sh
|
||
|
||
Now SBCL is installed but it won't work because the binary is preconfigured to look for the core in /usr/local. So we'll borrow the gentoo SBCL config files to get that setup properly.
|
||
|
||
**/etc/env.d/50sbcl**
|
||
|
||
SBCL_HOME=/usr/lib/sbcl
|
||
SBCL_SOURCE_ROOT=/usr/lib/sbcl/src
|
||
|
||
then
|
||
|
||
# env-update
|
||
|
||
The above file and command set up the system environment variables to tell SBCL where it's really installed. Now is as good a time as and to `source /etc/profile` to get those changes.
|
||
|
||
Now SBCL is installed and working, we need to let portage know that. There used to be a `emerge --inject` method, but that's been deprecated in place of a new provides file
|
||
|
||
**/etc/portage/profile/package.provided**
|
||
|
||
=dev-lisp/sbcl-1.0.19
|
||
|
||
Now portage knows about our SBCL so we can start installing things that depend on it like the rest of our tool chain
|
||
|
||
# emerge cl-asdf emacs slime -va
|
||
|
||
So now we have all the pieces, all they need is some gluing together. Again we'll borrow from the Gentoo SBCL files.
|
||
|
||
**/etc/sbclrc**
|
||
|
||
;;; The following is required if you want source location functions to
|
||
;;; work in SLIME, for example.
|
||
|
||
(setf (logical-pathname-translations "SYS")
|
||
'(("SYS:SRC;**;*.*.*" #p"/usr/$(get_libdir)/sbcl/src/**/*.*")
|
||
("SYS:CONTRIB;**;*.*.*" #p"/usr/$(get_libdir)/sbcl/**/*.*")))
|
||
|
||
;;; Setup ASDF
|
||
(load "/etc/gentoo-init.lisp")
|
||
|
||
|
||
**/etc/gentoo-init.lisp**
|
||
|
||
(in-package #:cl-user)
|
||
#+(or sbcl ecl) (require :asdf)
|
||
#-(or sbcl ecl) (load #p"/usr/share/common-lisp/source/asdf/asdf.lisp")
|
||
(push #p"/usr/share/common-lisp/systems/" asdf:*central-registry*)
|
||
(asdf:oos 'asdf:load-op :asdf-binary-locations)
|
||
(setf asdf:*centralize-lisp-binaries* t)
|
||
(setf asdf:*source-to-target-mappings* '((#p"/usr/lib/sbcl/" nil) (#p"/usr/lib64/sbcl/" nil)))
|
||
|
||
Now everything should work. You just need to set up your emacs and slime
|
||
|
||
**~/.emacs**
|
||
|
||
; your SLIME directory
|
||
(add-to-list 'load-path "/usr/share/emacs/site-lisp/slime/")
|
||
; your Lisp system
|
||
(setq inferior-lisp-program "/usr/bin/sbcl")
|
||
(require 'slime)
|
||
(slime-setup)
|
||
|
||
(global-set-key (kbd "C-c C-q") 'slime-close-all-parens-in-sexp)
|
||
|
||
|
||
Now It's all glued together, give it a go
|
||
|
||
$ emacs
|
||
M-x slime
|
||
|
||
If you don't get any compilation errors you should be in emacs + slime.
|
||
|
||
And there you have it, SBCL emacs and slime on Gentoo Hardened.
|
||
|
||
## Cavets ##
|
||
**1)** For some reason this approach adds some annoying extra text to vanilla SBCL start up that I can't seem to get rid of
|
||
|
||
$ sbcl
|
||
This is SBCL 1.0.19, an implementation of ANSI Common Lisp.
|
||
More information about SBCL is available at <http: //www.sbcl.org/>.
|
||
|
||
SBCL is free software, provided as is, with absolutely no warranty.
|
||
It is mostly in the public domain; some portions are provided under
|
||
BSD-style licenses. See the CREDITS and COPYING files in the
|
||
distribution for more information.
|
||
; loading system definition from
|
||
; /usr/share/common-lisp/systems/asdf-binary-locations.asd into
|
||
; #<package "ASDF0">
|
||
; registering #<system ASDF-BINARY-LOCATIONS {AAF8F51}> as ASDF-BINARY-LOCATIONS
|
||
|
||
**2)** The system I tested this on is a VPS so the kernel is a Xen kernel, not a hardened kernel, so there may be additional complications on a full hardened install. Please let me know if you have any, and especially any working solutions.
|
||
|
||
## Comments ##
|
||
|
||
**Lisper** Says:
|
||
|
||
September 17th, 2010
|
||
|
||
What version of Xen are you running?
|
||
|
||
**Dan Ballard** Says:
|
||
|
||
September 17th, 2010
|
||
|
||
What ever version linode.com uses. The kernel I’m using is 2.6.32.12-linode25 #1 SMP, their Paravirt version of the kernel.
|
||
|
||
**Stelian Ionescu** Says:
|
||
|
||
September 18th, 2010
|
||
|
||
In order to get up-to-date CL packages on Gentoo you need to use the lisp overlay – of which I maintain the CL packages – and to keyword all packages as ~arch, since they won’t be stabilized any time soon given the shortage of manpower |