| 1 |
commit: a95fcafba0cf0871356b89d6704ea440b54a3f8d |
| 2 |
Author: Matthew Thode (prometheanfire) <prometheanfire <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Wed Nov 23 21:09:30 2011 +0000 |
| 4 |
Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Nov 23 21:09:30 2011 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=a95fcafb |
| 7 |
|
| 8 |
notes I found while following the guide added |
| 9 |
|
| 10 |
--- |
| 11 |
XT_PAX-howto.txt | 8 +++++++- |
| 12 |
1 files changed, 7 insertions(+), 1 deletions(-) |
| 13 |
|
| 14 |
diff --git a/XT_PAX-howto.txt b/XT_PAX-howto.txt |
| 15 |
index 3a956be..5d1a2a9 100644 |
| 16 |
--- a/XT_PAX-howto.txt |
| 17 |
+++ b/XT_PAX-howto.txt |
| 18 |
@@ -12,7 +12,7 @@ is much appreciated and will help to make this approach to PaX robust. |
| 19 |
|
| 20 |
-------------------------------------------------------------------------------- |
| 21 |
|
| 22 |
-*Step 0. Get yourself a gentoo system. Switch to an appropriate hardened profile |
| 23 |
+*Step 0. Get yourself a gentoo system. Then switch to an appropriate hardened profile |
| 24 |
using |
| 25 |
|
| 26 |
eselect profile set hardened/linux/x86 |
| 27 |
@@ -70,6 +70,10 @@ If you see a PT_PAX header, or possibly one called LOOS+5041580 at the end of th |
| 28 |
|
| 29 |
emerge --keep-going -eq world |
| 30 |
|
| 31 |
+#packages that were not remerged |
| 32 |
+ nano - manual remerge fixes it |
| 33 |
+ grub - manual remerge fails it (still paxmarked) |
| 34 |
+ |
| 35 |
6. And finally, let's do any post-world rebuild cleanup: |
| 36 |
|
| 37 |
etc-update |
| 38 |
@@ -138,6 +142,8 @@ you want to use. I also recommend xattr support on tmpfs: |
| 39 |
|
| 40 |
3. Compile the kernel and boot. |
| 41 |
|
| 42 |
+# I had to reinstall grub to /dev/sda before I could boot |
| 43 |
+ |
| 44 |
-------------------------------------------------------------------------------- |
| 45 |
|
| 46 |
*Step 3. The new system should be now be a pure XT_PAX system. Let's test that |
Archives