View previous topic :: View next topic |
Author |
Message |
pabloblo n00b
Joined: 24 Jan 2024 Posts: 71
|
Posted: Tue Jul 30, 2024 2:11 pm Post subject: question about installation |
|
|
hello everyone, I am currently on gentoo, openrc+xfce, the computer works very well, but I would like to know if it is possible to upgrade to the "hardened" version when everything is already installed, is that what it is? complicated ? |
|
Back to top |
|
|
Banana Moderator
Joined: 21 May 2004 Posts: 1729 Location: Germany
|
|
Back to top |
|
|
pabloblo n00b
Joined: 24 Jan 2024 Posts: 71
|
Posted: Wed Jul 31, 2024 12:18 pm Post subject: |
|
|
thank you banana, i go look this |
|
Back to top |
|
|
pabloblo n00b
Joined: 24 Jan 2024 Posts: 71
|
Posted: Mon Aug 05, 2024 12:13 pm Post subject: |
|
|
hello, I took the steps to upgrade to the hardened version by following the tutorial, how can I check that everything is working properly? |
|
Back to top |
|
|
Banana Moderator
Joined: 21 May 2004 Posts: 1729 Location: Germany
|
|
Back to top |
|
|
pabloblo n00b
Joined: 24 Jan 2024 Posts: 71
|
Posted: Mon Aug 05, 2024 6:40 pm Post subject: |
|
|
testcase/usecase?
i don t know what is it |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20485
|
Posted: Mon Aug 05, 2024 7:53 pm Post subject: |
|
|
pabloblo wrote: | hello, I took the steps to upgrade to the hardened version by following the tutorial, how can I check that everything is working properly? | How do you check that everything is working properly without switching to the hardened profile?
Quote: | The base of Gentoo Hardened is a hardened toolchain by enabling specific options in the toolchain (compiler, linker ...) such as forcing position-independent executables (PIE), stack smashing protection and compile-time buffer checks. See the table. | Without knowing the specifics of what you want to do, it seems most of the changes that come with the profile are compile options. So the first check is whether or not everything compiles. The second more involved check is using everything on the system to see that it works.
An additional step that may or may not be mentioned when switching profiles is to see what will change before completing the switch. An example without the actual steps, switch to the profile, then run the command to upgrade using the --pretend option. See what is going to happen based on that output. Before finishing the switch, you can go back to the previous profile because you haven't actually changed anything. Then once you've decided you want to make the switch, you can do so, knowing what to expect about the changes that will occur. _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
Banana Moderator
Joined: 21 May 2004 Posts: 1729 Location: Germany
|
|
Back to top |
|
|
pabloblo n00b
Joined: 24 Jan 2024 Posts: 71
|
Posted: Wed Aug 07, 2024 12:00 pm Post subject: |
|
|
i choose apparmor |
|
Back to top |
|
|
|