Gentoo Archives: gentoo-hardened

From: "आशीष Ashish" <wahjava.ml@×××××.com>
To: Gentoo Hardened Mailing List <gentoo-hardened@l.g.o>
Subject: [gentoo-hardened] Help required in creating a new profile
Date: Tue, 27 Nov 2007 20:20:53
Message-Id: 200711280148.18329.wahjava.ml@gmail.com
1 Hi,
2
3 I wanted to install *Hardened* Gentoo Linux 2007.0 on my AMD64 architecture
4 box with *SELinux* support and no *multilib* support. I'm in the initial
5 stage of installation. I've just extracted the stage3 'hardened' tarball and
6 portage snapshot.
7
8 The 'hardened' stage3 tarball ships with a default hardened profile, to which
9 I wanted to add *selinux* support. I've created a profile, which is not
10 working as expected. Following is the my profile, which I saved
11 in "/usr/local/portage/profiles/selinux-hardened-amd64" .
12
13 - ----8<----8<----
14 chatteau selinux-hardened-amd64 # file *
15 make.defaults: symbolic link to
16 `../../../../portage/profiles/selinux/2007.0/amd64/hardened/make.defaults'
17 package.mask: symbolic link to
18 `../../../../portage/profiles/selinux/2007.0/amd64/hardened/package.mask'
19 parent: ASCII text
20 use.mask: symbolic link to
21 `../../../../portage/profiles/selinux/2007.0/amd64/hardened/use.mask'
22 chatteau selinux-hardened-amd64 # cat parent
23 ../../../../portage/profiles/selinux/2007.0/amd64
24 ../../../../portage/profiles/hardened/amd64
25 selinux-hardened-amd64 # file /etc/make.profile
26 /etc/make.profile: symbolic link to
27 `/usr/local/portage/profiles/selinux-hardened-amd64'
28 - ---->8---->8----
29
30 Following is my "make.conf" :
31
32 - ----8<----8<----
33 CFLAGS="-O2 -pipe -ggdb -fforce-addr -mtune=nocona -march=nocona
34 - -fstack-protector-all"
35 CXXFLAGS="${CFLAGS}"
36 CHOST="x86_64-pc-linux-gnu"
37 FEATURES="ccache collision-protect buildpkg parallel-fetch splitdebug
38 userfetch"
39 - ---->8---->8----
40
41 Following is the output of 'euse -a', on the basis of which I'm concluding
42 its not working:
43
44 - ----8<----8<----
45 chatteau selinux-hardened-amd64 # euse -a
46 berkdb [+ D ]
47 cli [+ D ]
48 cracklib [+ ]
49 crypt [+ D ]
50 cups [+ D ]
51 dri [+ D ]
52 fbdev [+ ]
53 fortran [+ D ]
54 gdbm [+ D ]
55 gpm [+ D ]
56 hardened [+ D ]
57 iconv [+ D ]
58 ipv6 [+ D ]
59 isdnlog [+ D ]
60 justify [+ ]
61 ladspa [+ ]
62 midi [+ ]
63 mudflap [+ D ]
64 ncurses [+ D ]
65 nls [+ D ]
66 nptl [+ D ]
67 nptlonly [+ D ]
68 openmp [+ D ]
69 pam [+ D ]
70 pcre [+ D ]
71 perl [+ D ]
72 pic [+ D ]
73 pppd [+ D ]
74 python [+ D ]
75 readline [+ D ]
76 reflection [+ D ]
77 session [+ D ]
78 spl [+ D ]
79 sse [+ D ]
80 sse2 [+ D ]
81 ssl [+ D ]
82 tcpd [+ D ]
83 text [+ ]
84 tga [+ ]
85 unicode [+ D ]
86 urandom [+ ]
87 v4l [+ ]
88 vga [+ ]
89 xorg [+ D ]
90 zlib [+ D ]
91 - ---->8---->8----
92
93 I'm not expert in gentoo, so if I'm wrong somewhere please correct me.
94
95 [I've also posted this message alt.os.linux.gentoo.]
96
97 TIA
98 --
99 Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/
100 ·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-hardened] Help required in creating a new profile John Eckhart <jweckhart@×××××.com>