| 1 |
On Tue, 2009-02-10 at 19:17 +0100, Thomas Sachau wrote: |
| 2 |
> Cyprien Nicolas schrieb: |
| 3 |
> > 2009/2/10 Matthew Summers <msummers42@×××××.com>: |
| 4 |
> >> On Tue, Feb 10, 2009 at 4:04 AM, Tom Hendrikx <tom@×××××××××.net> wrote: |
| 5 |
> >>> Clemente Aguiar schreef: |
| 6 |
> >>>> I understand that the profiles where updated recently (last year?). |
| 7 |
> >>>> |
| 8 |
> >>>> Available profile symlink targets: |
| 9 |
> >>>> [1] hardened/amd64 * |
| 10 |
> >>>> [2] hardened/amd64/multilib |
| 11 |
> >>>> [3] selinux/2007.0/amd64 |
| 12 |
> >>>> [4] selinux/2007.0/amd64/hardened |
| 13 |
> >>>> [5] default/linux/amd64/2008.0 |
| 14 |
> >>>> [6] default/linux/amd64/2008.0/desktop |
| 15 |
> >>>> [7] default/linux/amd64/2008.0/developer |
| 16 |
> >>>> [8] default/linux/amd64/2008.0/no-multilib |
| 17 |
> >>>> [9] default/linux/amd64/2008.0/server |
| 18 |
> >>>> [10] hardened/linux/amd64 |
| 19 |
> >>>> |
| 20 |
> >>>> Available profile symlink targets: |
| 21 |
> >>>> [1] hardened/x86/2.6 * |
| 22 |
> >>>> [2] selinux/2007.0/x86 |
| 23 |
> >>>> [3] selinux/2007.0/x86/hardened |
| 24 |
> >>>> [4] default/linux/x86/2008.0 |
| 25 |
> >>>> [5] default/linux/x86/2008.0/desktop |
| 26 |
> >>>> [6] default/linux/x86/2008.0/developer |
| 27 |
> >>>> [7] default/linux/x86/2008.0/server |
| 28 |
> >>>> [8] hardened/linux/x86 |
| 29 |
> >>>> |
| 30 |
> >>>> |
| 31 |
> >>>> I would like to know what hardened profile I should use when I build new |
| 32 |
> >>>> machines? (AMD64 as well as x86) |
| 33 |
> >>>> |
| 34 |
> >>>> Thanks. |
| 35 |
> >>>> |
| 36 |
> >>>> |
| 37 |
> >>>> |
| 38 |
> >>> A few days ago I switched an x86 machine from "default/linux/x86/2008.0" |
| 39 |
> >>> to "hardened/linux/x86/2008.0/server" after some arbitrary rummaging in |
| 40 |
> >>> the profiles directory. This gave me no problems other than the expected |
| 41 |
> >>> gcc-4 -> gcc-3 downgrade. |
| 42 |
> >>> |
| 43 |
> >>> I'm not sure why this profile isn't listed in the eselect profile |
| 44 |
> >>> listing above. It doesn't give me a big fat "unsupported profile" |
| 45 |
> >>> warning though... |
| 46 |
> >>> |
| 47 |
> >>> Regards, |
| 48 |
> >>> Tom |
| 49 |
> >>> |
| 50 |
> >> |
| 51 |
> >> This is a confusing situation. I am currently using |
| 52 |
> >> /usr/portage/profiles/hardened/linux/amd64/2008.0. |
| 53 |
> >> |
| 54 |
> >> This is not explicitly listed in the output of 'eselect profile list'. |
| 55 |
> >> |
| 56 |
> >> Perhaps we could sort this out on the list & then I will write a quick doc |
| 57 |
> >> to place in the hardened web space to assist other users. |
| 58 |
> >> |
| 59 |
> >> -- |
| 60 |
> >> M. Summers |
| 61 |
> >> |
| 62 |
> >> "...there are no rules here -- we're trying to accomplish something." |
| 63 |
> >> - Thomas A. Edison |
| 64 |
> >> |
| 65 |
> > |
| 66 |
> > On #gentooo-hardened, I got this answer : |
| 67 |
> > |
| 68 |
> > Feb 04 20:10:51 <Tommy[D]> Anyone can say, which profile of the 2 |
| 69 |
> > hardened ones are supported here? |
| 70 |
> > Feb 04 20:12:01 <gengor> Tommy[D]: use hardened/${ARCH}/2.6 |
| 71 |
> > |
| 72 |
> > But it was not listed by Clemente for amd64 |
| 73 |
> > |
| 74 |
> > -- |
| 75 |
> > Cyprien |
| 76 |
> > |
| 77 |
> > |
| 78 |
> |
| 79 |
> So he should use either /hardened/amd64 or /hardened/amd64/multilib. If i rememember it right, the |
| 80 |
> other profile (/hardened/linux/* ) is not under control by the hardened team and because of that not |
| 81 |
> supported. |
| 82 |
|
| 83 |
Correct. |
| 84 |
|
| 85 |
amd64 #1 or #2 (suggested #2) |
| 86 |
x86 #1 |
| 87 |
|
| 88 |
|
| 89 |
-- |
| 90 |
Ned Ludd <solar@g.o> |
| 91 |
Gentoo Linux |
Archives