Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
question about installation
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
pabloblo
n00b
n00b


Joined: 24 Jan 2024
Posts: 71

PostPosted: Tue Jul 30, 2024 2:11 pm    Post subject: question about installation Reply with quote

hello everyone, I am currently on gentoo, openrc+xfce, the computer works very well, but I would like to know if it is possible to upgrade to the "hardened" version when everything is already installed, is that what it is? complicated ?
Back to top
View user's profile Send private message
Banana
Moderator
Moderator


Joined: 21 May 2004
Posts: 1716
Location: Germany

PostPosted: Wed Jul 31, 2024 7:53 am    Post subject: Reply with quote

Can currently give you the general documentation advice: https://wiki.gentoo.org/wiki/Profile_(Portage)#Switching_between_profiles

https://wiki.gentoo.org/wiki/Hardened_Gentoo

[Administrator edit: added [url] tag. Forum auto-linking does not work when the URL contains parentheses. -Hu]
_________________
Forum Guidelines

PFL - Portage file list - find which package a file or command belongs to.
My delta-labs.org snippets do expire
Back to top
View user's profile Send private message
pabloblo
n00b
n00b


Joined: 24 Jan 2024
Posts: 71

PostPosted: Wed Jul 31, 2024 12:18 pm    Post subject: Reply with quote

thank you banana, i go look this
Back to top
View user's profile Send private message
pabloblo
n00b
n00b


Joined: 24 Jan 2024
Posts: 71

PostPosted: Mon Aug 05, 2024 12:13 pm    Post subject: Reply with quote

hello, I took the steps to upgrade to the hardened version by following the tutorial, how can I check that everything is working properly?
Back to top
View user's profile Send private message
Banana
Moderator
Moderator


Joined: 21 May 2004
Posts: 1716
Location: Germany

PostPosted: Mon Aug 05, 2024 2:04 pm    Post subject: Reply with quote

I do not use this profile. But in general you should have a testcase/usecase which you can use to validate if the usage of the hardened profile works.

If you do not have a usecase to validate against, the usage or switch could be useless, but not wrong.
_________________
Forum Guidelines

PFL - Portage file list - find which package a file or command belongs to.
My delta-labs.org snippets do expire
Back to top
View user's profile Send private message
pabloblo
n00b
n00b


Joined: 24 Jan 2024
Posts: 71

PostPosted: Mon Aug 05, 2024 6:40 pm    Post subject: Reply with quote

testcase/usecase?
i don t know what is it
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 20484

PostPosted: Mon Aug 05, 2024 7:53 pm    Post subject: Reply with quote

pabloblo wrote:
hello, I took the steps to upgrade to the hardened version by following the tutorial, how can I check that everything is working properly?
How do you check that everything is working properly without switching to the hardened profile?

Quote:
The base of Gentoo Hardened is a hardened toolchain by enabling specific options in the toolchain (compiler, linker ...) such as forcing position-independent executables (PIE), stack smashing protection and compile-time buffer checks. See the table.
Without knowing the specifics of what you want to do, it seems most of the changes that come with the profile are compile options. So the first check is whether or not everything compiles. The second more involved check is using everything on the system to see that it works.

An additional step that may or may not be mentioned when switching profiles is to see what will change before completing the switch. An example without the actual steps, switch to the profile, then run the command to upgrade using the --pretend option. See what is going to happen based on that output. Before finishing the switch, you can go back to the previous profile because you haven't actually changed anything. Then once you've decided you want to make the switch, you can do so, knowing what to expect about the changes that will occur.
_________________
Quis separabit? Quo animo?
Back to top
View user's profile Send private message
Banana
Moderator
Moderator


Joined: 21 May 2004
Posts: 1716
Location: Germany

PostPosted: Tue Aug 06, 2024 5:58 am    Post subject: Reply with quote

pabloblo wrote:
testcase/usecase?
i don t know what is it


I was referring to the why you want to switch.
Making sure that everything works as pjp said, is one part. The other would be the advantages from the hardened profile. Do you have the need for SELinux and its access control or any of the toolchain settings https://wiki.gentoo.org/wiki/Hardened/Toolchain#Changes?
_________________
Forum Guidelines

PFL - Portage file list - find which package a file or command belongs to.
My delta-labs.org snippets do expire
Back to top
View user's profile Send private message
pabloblo
n00b
n00b


Joined: 24 Jan 2024
Posts: 71

PostPosted: Wed Aug 07, 2024 12:00 pm    Post subject: Reply with quote

i choose apparmor
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum