1 |
On 19/04/2010 17:53, Joseph C. Lininger wrote: |
2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
3 |
> Hash: SHA256 |
4 |
> |
5 |
> Hey folks, |
6 |
> Has anyone else noticed that the entire hardened-sources package has |
7 |
> vanished from the hardened-development overlay? I know it's a |
8 |
> development overlay and all, but I figured I should mention it because |
9 |
> it's just gone. All versions. It struck me as a bit odd. Any reason for |
10 |
> this? |
11 |
> |
12 |
|
13 |
|
14 |
I guess others will disagree, but I have never been a huge fan of the |
15 |
kernel ebuilds. I'm just not clear what they buy you over downloading |
16 |
and compiling your own? I think there are a few extra patches in the |
17 |
case of gentoo-sources, but that seems to be about it? |
18 |
|
19 |
|
20 |
If you don't yet have an alternative in place then my choice is for the |
21 |
vserver+grsec patches that you can grab from the linux-vserver.org site |
22 |
and this gives you a very easy way to setup chroot style jails with |
23 |
lightweight virtualisation, plus all the grsec patches. If you just |
24 |
want Pax then it's a fast moving target and you are best to grab and |
25 |
patch your own kernel anyway, and don't forget to keep an archive of pax |
26 |
patches used since they don't archive them on the site (annoying if you |
27 |
are trying to diff the diff or whatever) |
28 |
|
29 |
|
30 |
I realise everyone has different needs, but perhaps try pulling your own |
31 |
kernel down and applying your own patches - I think it's about easier to |
32 |
maintain in most cases? |
33 |
|
34 |
Good luck |
35 |
|
36 |
Ed W |