1 |
>> Hi everyone, |
2 |
>> |
3 |
>> I am very new to Gentoo and I am currently migrating from Arch. |
4 |
>> Gentoo attracts me with a freedom of system configuration and with multiple |
5 |
>> supported architectures. |
6 |
>> |
7 |
>> I was attracted by Hardened profile described at [1][2][3] |
8 |
>> But reading [1] I also got confused because it looks like it is no longer |
9 |
>> maintained. |
10 |
>> |
11 |
>> So the question is it just outdated wiki page? Is anyone using Hardened |
12 |
>> profile? Is it maintained? In Archlinux SELinux is not supported officially |
13 |
>> so this is why I am looking around. |
14 |
>> |
15 |
>> Thanks/ |
16 |
>> |
17 |
>> [1] https://wiki.gentoo.org/wiki/Project:Hardened[1] |
18 |
>> [2] https://wiki.gentoo.org/wiki/Hardened/FAQ[2] |
19 |
>> [3] https://wiki.gentoo.org/wiki/Hardened_Gentoo[3] |
20 |
|
21 |
>I have never used a Hardened profile and have not followed up what happened |
22 |
>after the GRSecurity developer abandoned his code development.[1] |
23 |
>https://grsecurity.net/passing_the_baton |
24 |
>Someone else could comment on the future of Gentoo Hardened, but I am posting |
25 |
>this message having noticed your message may have not made it through to some |
26 |
>recipients (the dreaded DMARC caused a DKIM header failure again). |
27 |
|
28 |
I have fairly recently (in the last six months) converted my Gentoo systems to
|
29 |
use SELinux. The process was relatively painless and the quality of the
|
30 |
documentation was very good. Already in this short period of time I have
|
31 |
updated all systems with a new SELinux policy. Portage (Gentoo's package
|
32 |
manager) appears to handle policy updates quite well and the update took place
|
33 |
without any major problems. The main dev responsible of SELinux on Gentoo is
|
34 |
approachable and knowledgeable.
|
35 |
|
36 |
I'd say that SELinux on Gentoo seems to be in rather good health!
|
37 |
|
38 |
Tully. |