| 1 |
Cyprien Nicolas schrieb: |
| 2 |
> 2009/2/10 Matthew Summers <msummers42@×××××.com>: |
| 3 |
>> On Tue, Feb 10, 2009 at 4:04 AM, Tom Hendrikx <tom@×××××××××.net> wrote: |
| 4 |
>>> Clemente Aguiar schreef: |
| 5 |
>>>> I understand that the profiles where updated recently (last year?). |
| 6 |
>>>> |
| 7 |
>>>> Available profile symlink targets: |
| 8 |
>>>> [1] hardened/amd64 * |
| 9 |
>>>> [2] hardened/amd64/multilib |
| 10 |
>>>> [3] selinux/2007.0/amd64 |
| 11 |
>>>> [4] selinux/2007.0/amd64/hardened |
| 12 |
>>>> [5] default/linux/amd64/2008.0 |
| 13 |
>>>> [6] default/linux/amd64/2008.0/desktop |
| 14 |
>>>> [7] default/linux/amd64/2008.0/developer |
| 15 |
>>>> [8] default/linux/amd64/2008.0/no-multilib |
| 16 |
>>>> [9] default/linux/amd64/2008.0/server |
| 17 |
>>>> [10] hardened/linux/amd64 |
| 18 |
>>>> |
| 19 |
>>>> Available profile symlink targets: |
| 20 |
>>>> [1] hardened/x86/2.6 * |
| 21 |
>>>> [2] selinux/2007.0/x86 |
| 22 |
>>>> [3] selinux/2007.0/x86/hardened |
| 23 |
>>>> [4] default/linux/x86/2008.0 |
| 24 |
>>>> [5] default/linux/x86/2008.0/desktop |
| 25 |
>>>> [6] default/linux/x86/2008.0/developer |
| 26 |
>>>> [7] default/linux/x86/2008.0/server |
| 27 |
>>>> [8] hardened/linux/x86 |
| 28 |
>>>> |
| 29 |
>>>> |
| 30 |
>>>> I would like to know what hardened profile I should use when I build new |
| 31 |
>>>> machines? (AMD64 as well as x86) |
| 32 |
>>>> |
| 33 |
>>>> Thanks. |
| 34 |
>>>> |
| 35 |
>>>> |
| 36 |
>>>> |
| 37 |
>>> A few days ago I switched an x86 machine from "default/linux/x86/2008.0" |
| 38 |
>>> to "hardened/linux/x86/2008.0/server" after some arbitrary rummaging in |
| 39 |
>>> the profiles directory. This gave me no problems other than the expected |
| 40 |
>>> gcc-4 -> gcc-3 downgrade. |
| 41 |
>>> |
| 42 |
>>> I'm not sure why this profile isn't listed in the eselect profile |
| 43 |
>>> listing above. It doesn't give me a big fat "unsupported profile" |
| 44 |
>>> warning though... |
| 45 |
>>> |
| 46 |
>>> Regards, |
| 47 |
>>> Tom |
| 48 |
>>> |
| 49 |
>> |
| 50 |
>> This is a confusing situation. I am currently using |
| 51 |
>> /usr/portage/profiles/hardened/linux/amd64/2008.0. |
| 52 |
>> |
| 53 |
>> This is not explicitly listed in the output of 'eselect profile list'. |
| 54 |
>> |
| 55 |
>> Perhaps we could sort this out on the list & then I will write a quick doc |
| 56 |
>> to place in the hardened web space to assist other users. |
| 57 |
>> |
| 58 |
>> -- |
| 59 |
>> M. Summers |
| 60 |
>> |
| 61 |
>> "...there are no rules here -- we're trying to accomplish something." |
| 62 |
>> - Thomas A. Edison |
| 63 |
>> |
| 64 |
> |
| 65 |
> On #gentooo-hardened, I got this answer : |
| 66 |
> |
| 67 |
> Feb 04 20:10:51 <Tommy[D]> Anyone can say, which profile of the 2 |
| 68 |
> hardened ones are supported here? |
| 69 |
> Feb 04 20:12:01 <gengor> Tommy[D]: use hardened/${ARCH}/2.6 |
| 70 |
> |
| 71 |
> But it was not listed by Clemente for amd64 |
| 72 |
> |
| 73 |
> -- |
| 74 |
> Cyprien |
| 75 |
> |
| 76 |
> |
| 77 |
|
| 78 |
So he should use either /hardened/amd64 or /hardened/amd64/multilib. If i rememember it right, the |
| 79 |
other profile (/hardened/linux/* ) is not under control by the hardened team and because of that not |
| 80 |
supported. |
| 81 |
|
| 82 |
-- |
| 83 |
Thomas Sachau |
| 84 |
|
| 85 |
Gentoo Linux Developer |
Archives