1 |
Hi everyone- |
2 |
|
3 |
can anyone enlighten me as to what the above stages are? |
4 |
Is the tool-chain included pax, pie, ssp enabled? |
5 |
Are the other compiled binaries compiled with with pax, pie, ssp? |
6 |
|
7 |
They're a lot newer than the SE Linux stages in the experimental |
8 |
directory; would they be a good place to start to get a working SE |
9 |
linux system? I.e. would a reasonable installation process be |
10 |
1. burn the 2005.0 x86-universal live cd |
11 |
2. use it to setup the base configuration |
12 |
3. use the stage 3 hardened stage |
13 |
4. boot the system, verify things are ok |
14 |
5. follow the SE Linux upgrade guide |
15 |
6. install/compile apache & asterisk (the two server aps this machine will run) |
16 |
|
17 |
I've tried the SE Linux install CD and stage 3 tarball, but emerge seg |
18 |
faults whenever I try to install anything, at the end of the |
19 |
installation process. |
20 |
|
21 |
I'm trying to avoid as much compilation as possible as I'm installing |
22 |
this onto an older machine (500MHz k6II), and don't have the week or |
23 |
two it'll take to recompile everything :-). |
24 |
|
25 |
If I can't avoid compiling from stage2, how do I set up distcc on |
26 |
another machine- I assume somework has to be done there to ensure the |
27 |
other machines are also using the same versions of the toolchain and |
28 |
generate pie/pax/ssp code- or am I wrong? |
29 |
On my faster gentoo machine I notice gcc_config -l gives a list of |
30 |
installed gcc options, is it enough to just select the hardened |
31 |
version of gcc and then restart distcc? (Assuming the major version |
32 |
numbers of GCC are the same on both.) |
33 |
|
34 |
Thanks in advance for your advice- |
35 |
|
36 |
Julian |
37 |
|
38 |
-- |
39 |
gentoo-hardened@g.o mailing list |