Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Nils Freydank <nils.freydank@××××××.de>
To: gentoo-user@l.g.o
Cc: perfinion@g.o
Subject: Re: [gentoo-user] Is Hardened profile and SELinux support active?
Date: Thu, 09 Apr 2020 13:42:42
Message-Id: 2164631.ElGaqSPkdT@pygoscelis
In Reply to: [gentoo-user] Is Hardened profile and SELinux support active? by Ihor Antonov
1 Hi Ihor,
2
3 myself I use only hardened profiles without SELinux on my machines, and
4 AFAICT it mostly boils down *this* way to some default toolchain flags for
5 C/C++ and a nearly-default kernel (sys-kernel/gentoo-soures package)[a].
6
7 I dropped a note about your question on the IRC channel #gentoo-hardened on
8 freenode[b] and got mostly instant responses from people telling they run
9 SELinux fine on Gentoo (so it seems you're right and only our docs are a
10 bit dusty) -- you might want to ask there for details ;-)
11
12 I'm top-posting here and Cc'ing one of the gentoo devs maintaing SELinux,
13 so he get's your original question aswell (he hasn't subscribed to this
14 list).
15
16 hope this helps and from my side also a warm welcome to Gentoo!
17
18 [a] side note: it's similar to archs default kernel mostly vanilla upstream
19 only with security or bugfix patches and optional patches for
20 convenience, e.g. -march=native or systemd vs openrc.
21 [b] https://webchat.freenode.net/
22
23 Am Dienstag, 7. April 2020, 06:40:30 CEST schrieb Ihor Antonov:
24 > Hi everyone,
25 >
26 > I am very new to Gentoo and I am currently migrating from Arch.
27 > Gentoo attracts me with a freedom of system configuration and with
28 > multiple supported architectures.
29 >
30 > I was attracted by Hardened profile described at [1][2][3]
31 > But reading [1] I also got confused because it looks like it is no longer
32 > maintained.
33 >
34 > So the question is it just outdated wiki page? Is anyone using Hardened
35 > profile? Is it maintained? In Archlinux SELinux is not supported
36 > officially so this is why I am looking around.
37 >
38 > Thanks/
39 >
40 > [1] https://wiki.gentoo.org/wiki/Project:Hardened[1]
41 > [2] https://wiki.gentoo.org/wiki/Hardened/FAQ[2]
42 > [3] https://wiki.gentoo.org/wiki/Hardened_Gentoo[3]
43
44
45 --
46 PGP fingerprint: '00EF D31F 1B60 D5DB ADB8 31C1 C0EC E696 0E54 475B'
47 keybase.io/nfreydank

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups