1 |
On Thu, 2005-11-24 at 16:14 +0100, Mivz wrote: |
2 |
> When I use the hardened portage profile (/usr/portage/profiles/hardened/x86) |
3 |
> I can not merge a 2.6 kernel. It reports it is masked by profile. |
4 |
> Then a again. When I want to use SELinux it is advised to use a 2.6 kernel. |
5 |
> This is no problem whit the SELinux profile. |
6 |
> But when the SELinux distro is hardened, why can't I use a 2.6 kernel |
7 |
> whit the default hardened profile? |
8 |
> Is 2.6 not secure enoughe? Is 2.6 onley secure enoughe whit SELinux enabled? |
9 |
> |
10 |
> What does the hardened/SELinux profile actually do, except for the |
11 |
> CFLAGS, LDFLAGS and the package masks? Could I just use a normal profile |
12 |
> and add the correct flags to my make.conf? |
13 |
> Or are the use flags (hardened, pic and pie) enough to build a Hardened |
14 |
> Gentoo system and will the ebuilds addapt the FLAGS to those? |
15 |
|
16 |
If you want selinux + hardened features, then use the selinux profile |
17 |
and add +hardened +pic to your USE= flags; then |
18 |
|
19 |
emerge gcc |
20 |
emerge -e world |
21 |
|
22 |
If you want to use 2.6 and not selinux then you need to link to the |
23 |
correct sub profile. |
24 |
|
25 |
$PORTDIR/profiles/hardened/x86/2.6/ |
26 |
|
27 |
|
28 |
-- |
29 |
Ned Ludd <solar@g.o> |
30 |
Gentoo Linux |
31 |
|
32 |
-- |
33 |
gentoo-hardened@g.o mailing list |