Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Natanael Copa <natanael.copa@×××××.com>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] Web app stack on top of hardened gentoo anyone?
Date: Thu, 22 Nov 2007 23:53:33
Message-Id: 1195775499.6346.24.camel@nc.nor.wtbts.org
In Reply to: Re: [gentoo-hardened] Web app stack on top of hardened gentoo anyone? by Albretch Mueller
1 On Thu, 2007-11-22 at 09:30 -0500, Albretch Mueller wrote:
2 > > Primarily because what you're asking would require a lot of juggling
3 > to get right (database storage, for one thing)
4 > ~
5 > > anyway..i cannot understand why you need a live cd with a db and an
6 > ap... well..let's us know :)
7 > ~
8 > Of course, the DB itself could be burned on to a CD/DVD media, but it
9 > would need some randomly writable disk(s) or disk arrays and other
10 > programs like web servers need append-only disks for their logs, etc
11
12 ...
13
14 > Any docs or ideas you would share with me?
15
16 I have postgresql on my alpine linux distro. Boots from cd/usb, runs
17 from RAM by default, built with hardened gentoo uclibc.
18
19 Running a database itself from this setup is not that interesting,
20 naturally enough. But alpine also ships a hardened vserver[1] kernel, so
21 its possible to set up a disk array - lvm, raid, scsi, ide, iscsi (both
22 target and initiator supported), sata and install your vserver(s) on
23 disks.
24
25 Now you can run the vserver host from USB or cdrom and just mount up
26 your disk array. Combine with iscsi/lvm and you have suddnely a HA
27 cluster with a SAN backend on comodity hardware.
28
29 On your vserver guest you can run debian, standard gentoo, or alpine.
30 (other distros might work as well but is not tested). Since alpine is so
31 small, its possible to configure new vservers in seconds. (alpine base
32 system is 3MB while minimal debian is 200MB?). Even if you run debian as
33 a vserver it would be protected the by PaX'ed kernel.
34
35 The alpine wiki[1] itself is running on alpine with postgres as backend,
36 in a vserver.
37
38 Unfortunally, no java at all, but it does not prevent you to run your
39 hardened gentoo in an alpine vserver.
40
41 [1] http://linux-vserver.org/Welcome_to_Linux-VServer.org
42 [2] http://wiki.alpinelinux.org
43
44 -nc
45
46
47 --
48 gentoo-hardened@g.o mailing list
Report Message
Find on MARC Find on Google Groups