| 1 |
On 06/15/11 07:35, Jean-François Maeyhieux wrote: |
| 2 |
> Hi ! |
| 3 |
> |
| 4 |
> another "hardcore" solution could be to create a chroot fresh |
| 5 |
> installation whithin you import your system's preferences: |
| 6 |
> |
| 7 |
> - Create directory - Untar last hardened stage 3 - Copy your /etc in |
| 8 |
> the chroot - Copy your world file in the chroot - Copy any kind of |
| 9 |
> data or local aplication to your chroot - chroot and update your |
| 10 |
> system - when things is done, test it - wipe your old gentoo and |
| 11 |
> move your chrooted one on / |
| 12 |
> |
| 13 |
> |
| 14 |
> that's "hardcore" but permit me several times to ressucite a old |
| 15 |
> gentoo system. |
| 16 |
> |
| 17 |
> IF you can't do it, the normal way is: |
| 18 |
> |
| 19 |
> - Recompile your toolchain by compiling twice this ports: |
| 20 |
> virtual/portage virtual/os-headers sys-libs/glibc |
| 21 |
> sys-devel/binutils-config sys-devel/binutils sys-devel/gcc-config |
| 22 |
> (don't forget to switch your gcc on the way and to clean your ccache |
| 23 |
> if you use it) - Recompile your system (emerge -Davut system) - |
| 24 |
> Finally recompile your world. |
| 25 |
> |
| 26 |
|
| 27 |
|
| 28 |
Somewhere you need to fool with profiles and make.conf. I *think* the |
| 29 |
profiles will add, e.g., "hardened" to your gcc flag |
| 30 |
|
| 31 |
There used to be a wiki somewhere that described the building of |
| 32 |
hardened-gentoo step by step after branching off from the gentoo |
| 33 |
handbook - to upgrade a standard box. It may have been called |
| 34 |
gentooexperimental, but appears now dead. |
| 35 |
|
| 36 |
IF anyone can point me to current documentation about building a |
| 37 |
hardened box (which should include the make.conf and other hardened |
| 38 |
settings), please post it here. |
| 39 |
|
| 40 |
TIA |
Archives