1 |
Hi, |
2 |
|
3 |
I wanted to install *Hardened* Gentoo Linux 2007.0 on my AMD64 architecture |
4 |
box with *SELinux* support and no *multilib* support. I'm in the initial |
5 |
stage of installation. I've just extracted the stage3 'hardened' tarball and |
6 |
portage snapshot. |
7 |
|
8 |
The 'hardened' stage3 tarball ships with a default hardened profile, to which |
9 |
I wanted to add *selinux* support. I've created a profile, which is not |
10 |
working as expected. Following is the my profile, which I saved |
11 |
in "/usr/local/portage/profiles/selinux-hardened-amd64" . |
12 |
|
13 |
- ----8<----8<---- |
14 |
chatteau selinux-hardened-amd64 # file * |
15 |
make.defaults: symbolic link to |
16 |
`../../../../portage/profiles/selinux/2007.0/amd64/hardened/make.defaults' |
17 |
package.mask: symbolic link to |
18 |
`../../../../portage/profiles/selinux/2007.0/amd64/hardened/package.mask' |
19 |
parent: ASCII text |
20 |
use.mask: symbolic link to |
21 |
`../../../../portage/profiles/selinux/2007.0/amd64/hardened/use.mask' |
22 |
chatteau selinux-hardened-amd64 # cat parent |
23 |
../../../../portage/profiles/selinux/2007.0/amd64 |
24 |
../../../../portage/profiles/hardened/amd64 |
25 |
selinux-hardened-amd64 # file /etc/make.profile |
26 |
/etc/make.profile: symbolic link to |
27 |
`/usr/local/portage/profiles/selinux-hardened-amd64' |
28 |
- ---->8---->8---- |
29 |
|
30 |
Following is my "make.conf" : |
31 |
|
32 |
- ----8<----8<---- |
33 |
CFLAGS="-O2 -pipe -ggdb -fforce-addr -mtune=nocona -march=nocona |
34 |
- -fstack-protector-all" |
35 |
CXXFLAGS="${CFLAGS}" |
36 |
CHOST="x86_64-pc-linux-gnu" |
37 |
FEATURES="ccache collision-protect buildpkg parallel-fetch splitdebug |
38 |
userfetch" |
39 |
- ---->8---->8---- |
40 |
|
41 |
Following is the output of 'euse -a', on the basis of which I'm concluding |
42 |
its not working: |
43 |
|
44 |
- ----8<----8<---- |
45 |
chatteau selinux-hardened-amd64 # euse -a |
46 |
berkdb [+ D ] |
47 |
cli [+ D ] |
48 |
cracklib [+ ] |
49 |
crypt [+ D ] |
50 |
cups [+ D ] |
51 |
dri [+ D ] |
52 |
fbdev [+ ] |
53 |
fortran [+ D ] |
54 |
gdbm [+ D ] |
55 |
gpm [+ D ] |
56 |
hardened [+ D ] |
57 |
iconv [+ D ] |
58 |
ipv6 [+ D ] |
59 |
isdnlog [+ D ] |
60 |
justify [+ ] |
61 |
ladspa [+ ] |
62 |
midi [+ ] |
63 |
mudflap [+ D ] |
64 |
ncurses [+ D ] |
65 |
nls [+ D ] |
66 |
nptl [+ D ] |
67 |
nptlonly [+ D ] |
68 |
openmp [+ D ] |
69 |
pam [+ D ] |
70 |
pcre [+ D ] |
71 |
perl [+ D ] |
72 |
pic [+ D ] |
73 |
pppd [+ D ] |
74 |
python [+ D ] |
75 |
readline [+ D ] |
76 |
reflection [+ D ] |
77 |
session [+ D ] |
78 |
spl [+ D ] |
79 |
sse [+ D ] |
80 |
sse2 [+ D ] |
81 |
ssl [+ D ] |
82 |
tcpd [+ D ] |
83 |
text [+ ] |
84 |
tga [+ ] |
85 |
unicode [+ D ] |
86 |
urandom [+ ] |
87 |
v4l [+ ] |
88 |
vga [+ ] |
89 |
xorg [+ D ] |
90 |
zlib [+ D ] |
91 |
- ---->8---->8---- |
92 |
|
93 |
I'm not expert in gentoo, so if I'm wrong somewhere please correct me. |
94 |
|
95 |
[I've also posted this message alt.os.linux.gentoo.] |
96 |
|
97 |
TIA |
98 |
-- |
99 |
Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/ |
100 |
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- -- |