1 |
Hello, |
2 |
|
3 |
I am running gentoo-hardened kernel 2.6.11-r15 on an amd64 system. I have |
4 |
followed the convert howto and found it very straightforward and clear. |
5 |
|
6 |
However, I noticed my list of deps was rather large during a recent emerge |
7 |
pretend and so I checked my setup and found SELinux to be not enabled - |
8 |
|
9 |
!!!SELinux not enabled:... |
10 |
|
11 |
So I checked my profile, and it was not the hardened profile! I updated |
12 |
the profile, and reloaded the profile, and so now when I run sestatus it |
13 |
gives me the desired response: |
14 |
|
15 |
sestatus |
16 |
SELinux status: enabled |
17 |
SELinuxfs mount: /selinux |
18 |
Current mode: permissive |
19 |
Policy version: 18 |
20 |
|
21 |
Policy booleans: |
22 |
secure_mode inactive |
23 |
ssh_sysadm_login inactive |
24 |
user_ping inactive |
25 |
|
26 |
However, when I run gcc-config -l, I am running the vanilla gcc-3.4.4. I |
27 |
searched for information on whether I need to be using the hardened and |
28 |
can't find much. Do I need to enabled the hardened compiler, and |
29 |
re-compile everything under the new selinux profile and policy? |
30 |
|
31 |
Thank you, |
32 |
|
33 |
Alby Lash |
34 |
|
35 |
-- |
36 |
gentoo-hardened@g.o mailing list |