| 1 |
Hi there ! |
| 2 |
|
| 3 |
I'm quite new to Gentoo, and I looked for something hardened that I can |
| 4 |
control entirely from kernel build to use. So I found Gentoo-Hardened (then |
| 5 |
I started to have less and less time... strange). |
| 6 |
My aim is to have an hardened host which will build hardened targets. |
| 7 |
Targets will then be deployed on real machines by installing them or by |
| 8 |
running them on a LiveCD. |
| 9 |
The main problem I can see from my rookie level is that I want each target |
| 10 |
to be built with its own version of GCC/LIBC/(basethings) and its own |
| 11 |
"snapshot" of a portage tree at a T time. I want the final target to be |
| 12 |
buildtools-less, portage-less, |
| 13 |
almost-everything-except-the-kernel-and-bash-less... |
| 14 |
|
| 15 |
I don't know how to achieve that. I looked to Catalyst but I don't like some |
| 16 |
points : it uses profiles (and I would have to maintain many profiles, which |
| 17 |
seems hard as custom profile are not easily usable), its internal mechanic |
| 18 |
is 'hidden', and for LiveCD or Stage4, it has a substractive behavior (it |
| 19 |
keeps everything from previous stages from where it builds, then it unmerges |
| 20 |
and removes things to get the final target). |
| 21 |
|
| 22 |
I would prefer a "2 step" additive way. Step 1 : I would like to build, for |
| 23 |
each target, a "build" dir which contains an hardened toolchain with |
| 24 |
specified versions of GCC/LIBC/etc, Step 2 : then from this build dir I |
| 25 |
would emerge things I need by hand from zero in a target dir, and build a |
| 26 |
kernel. |
| 27 |
|
| 28 |
Is someone having some ideas on that ? |
| 29 |
Many thanks in advance :) |
| 30 |
|
| 31 |
-- |
| 32 |
Pierre. |
| 33 |
"Sometimes when I'm talking, my words can't keep up with my thoughts. I |
| 34 |
wonder why we think faster than we speak. Probably so we can think twice." - |
| 35 |
Bill Watterson |
Archives