1 |
> Hardened profiles: Yes there's a difference, no you should not switch to |
2 |
> hardened/linux/${ARCH} at this time. |
3 |
|
4 |
Is hardened/x86/2.6 still available for new installations? My other |
5 |
systems are amd64 but none of them list hardened/amd64/2.6. |
6 |
|
7 |
> You can get skype working by downloading or building gcc 4.1.x and pointing |
8 |
> LD_LIBRARY_PATH at the shared object directory when starting skype. skype |
9 |
> won't be using hardened toolchain but since its closed source and you're |
10 |
> willing to switch the whole machine to non-hardened I figure you probably |
11 |
> don't mind. ;) |
12 |
> |
13 |
> Example: |
14 |
> 1. Download |
15 |
> http://tinderbox.dev.gentoo.org/default-linux/x86/sys-devel/gcc-4.1.2.tbz2 |
16 |
> 2. unpack the archive to ${HOME}/tinderbox-pkgs/sys-devel/gcc/ |
17 |
> 3. Run it: |
18 |
> LD_LIBRARY_PATH="${HOME}/tinderbox-pkgs/sys-devel/gcc/usr/lib/gcc/i686-pc-linux-gnu/4.1.2/" |
19 |
> skype |
20 |
> |
21 |
> If you only require VoIP capability and not skype specifically you might be |
22 |
> interested net-im/ekiga. |
23 |
|
24 |
Thank you very much for that, but I'm trying to simplify. You see, |
25 |
I'm only a fake sysadmin. Does using a hardened kernel with a |
26 |
non-hardened profile still offer good protection? |
27 |
|
28 |
- Grant |
29 |
|
30 |
>> > I've been able to do so; basically I switched over to the standard |
31 |
>> > profile, disabled selinux in the kernel, and re-emerged system for new |
32 |
>> > use flags. There were some other details but overall the process was |
33 |
>> > pretty painless, anyone ambitious enough to configure a hardened system |
34 |
>> > can probably handle the switch without much problem. Not that I'm |
35 |
>> > encouraging you to drop hardened (especially on a laptop that could be |
36 |
>> > exposed to random wifi networks ;-) |
37 |
>> |
38 |
>> Is there any difference between 1 and 8 here? Should I switch to 8? |
39 |
>> |
40 |
>> # eselect profile list |
41 |
>> Available profile symlink targets: |
42 |
>> [1] hardened/x86/2.6 * |
43 |
>> [2] selinux/2007.0/x86 |
44 |
>> [3] selinux/2007.0/x86/hardened |
45 |
>> [4] default/linux/x86/2008.0 |
46 |
>> [5] default/linux/x86/2008.0/desktop |
47 |
>> [6] default/linux/x86/2008.0/developer |
48 |
>> [7] default/linux/x86/2008.0/server |
49 |
>> [8] hardened/linux/x86 |
50 |
>> |
51 |
>> - Grant |
52 |
>> |
53 |
>> >> Can I switch my laptop's profile from a hardened one to a non-hardened |
54 |
>> >> one? I thought this was impossible without a complete reinstall but |
55 |
>> >> folks on the gentoo-user list seem to think it's not a problem. |
56 |
>> >> |
57 |
>> >> - Grant |