| 1 |
Hello, |
| 2 |
|
| 3 |
I am running gentoo-hardened kernel 2.6.11-r15 on an amd64 system. I have |
| 4 |
followed the convert howto and found it very straightforward and clear. |
| 5 |
|
| 6 |
However, I noticed my list of deps was rather large during a recent emerge |
| 7 |
pretend and so I checked my setup and found SELinux to be not enabled - |
| 8 |
|
| 9 |
!!!SELinux not enabled:... |
| 10 |
|
| 11 |
So I checked my profile, and it was not the hardened profile! I updated |
| 12 |
the profile, and reloaded the profile, and so now when I run sestatus it |
| 13 |
gives me the desired response: |
| 14 |
|
| 15 |
sestatus |
| 16 |
SELinux status: enabled |
| 17 |
SELinuxfs mount: /selinux |
| 18 |
Current mode: permissive |
| 19 |
Policy version: 18 |
| 20 |
|
| 21 |
Policy booleans: |
| 22 |
secure_mode inactive |
| 23 |
ssh_sysadm_login inactive |
| 24 |
user_ping inactive |
| 25 |
|
| 26 |
However, when I run gcc-config -l, I am running the vanilla gcc-3.4.4. I |
| 27 |
searched for information on whether I need to be using the hardened and |
| 28 |
can't find much. Do I need to enabled the hardened compiler, and |
| 29 |
re-compile everything under the new selinux profile and policy? |
| 30 |
|
| 31 |
Thank you, |
| 32 |
|
| 33 |
Alby Lash |
| 34 |
|
| 35 |
-- |
| 36 |
gentoo-hardened@g.o mailing list |
Archives