| 1 |
> Hardened profiles: Yes there's a difference, no you should not switch to |
| 2 |
> hardened/linux/${ARCH} at this time. |
| 3 |
|
| 4 |
Is hardened/x86/2.6 still available for new installations? My other |
| 5 |
systems are amd64 but none of them list hardened/amd64/2.6. |
| 6 |
|
| 7 |
> You can get skype working by downloading or building gcc 4.1.x and pointing |
| 8 |
> LD_LIBRARY_PATH at the shared object directory when starting skype. skype |
| 9 |
> won't be using hardened toolchain but since its closed source and you're |
| 10 |
> willing to switch the whole machine to non-hardened I figure you probably |
| 11 |
> don't mind. ;) |
| 12 |
> |
| 13 |
> Example: |
| 14 |
> 1. Download |
| 15 |
> http://tinderbox.dev.gentoo.org/default-linux/x86/sys-devel/gcc-4.1.2.tbz2 |
| 16 |
> 2. unpack the archive to ${HOME}/tinderbox-pkgs/sys-devel/gcc/ |
| 17 |
> 3. Run it: |
| 18 |
> LD_LIBRARY_PATH="${HOME}/tinderbox-pkgs/sys-devel/gcc/usr/lib/gcc/i686-pc-linux-gnu/4.1.2/" |
| 19 |
> skype |
| 20 |
> |
| 21 |
> If you only require VoIP capability and not skype specifically you might be |
| 22 |
> interested net-im/ekiga. |
| 23 |
|
| 24 |
Thank you very much for that, but I'm trying to simplify. You see, |
| 25 |
I'm only a fake sysadmin. Does using a hardened kernel with a |
| 26 |
non-hardened profile still offer good protection? |
| 27 |
|
| 28 |
- Grant |
| 29 |
|
| 30 |
>> > I've been able to do so; basically I switched over to the standard |
| 31 |
>> > profile, disabled selinux in the kernel, and re-emerged system for new |
| 32 |
>> > use flags. There were some other details but overall the process was |
| 33 |
>> > pretty painless, anyone ambitious enough to configure a hardened system |
| 34 |
>> > can probably handle the switch without much problem. Not that I'm |
| 35 |
>> > encouraging you to drop hardened (especially on a laptop that could be |
| 36 |
>> > exposed to random wifi networks ;-) |
| 37 |
>> |
| 38 |
>> Is there any difference between 1 and 8 here? Should I switch to 8? |
| 39 |
>> |
| 40 |
>> # eselect profile list |
| 41 |
>> Available profile symlink targets: |
| 42 |
>> [1] hardened/x86/2.6 * |
| 43 |
>> [2] selinux/2007.0/x86 |
| 44 |
>> [3] selinux/2007.0/x86/hardened |
| 45 |
>> [4] default/linux/x86/2008.0 |
| 46 |
>> [5] default/linux/x86/2008.0/desktop |
| 47 |
>> [6] default/linux/x86/2008.0/developer |
| 48 |
>> [7] default/linux/x86/2008.0/server |
| 49 |
>> [8] hardened/linux/x86 |
| 50 |
>> |
| 51 |
>> - Grant |
| 52 |
>> |
| 53 |
>> >> Can I switch my laptop's profile from a hardened one to a non-hardened |
| 54 |
>> >> one? I thought this was impossible without a complete reinstall but |
| 55 |
>> >> folks on the gentoo-user list seem to think it's not a problem. |
| 56 |
>> >> |
| 57 |
>> >> - Grant |
Archives