| View previous topic :: View next topic |
| Author |
Message |
Randy Kahle
n00b
Joined: 10 Jan 2003
Posts: 22
Location: Tucson, AZ
|
 Posted: Thu Apr 29, 2004 3:34 pm Post subject: Building servers with Gentoo |
 |
|
I seek advise on the best way to install Gentoo on a set of servers.
The machines are in roles of firewall, smtp (qmail) server, web server, etc.
I seek a configuration that is hardened and that only will be updated to fix security problems.
I understand that release 2004.1 now has the capability to upgrade software only for security fixes. I also understand that there is a version of Gentoo supporting SELinux.
I am confused about the state of the various releases and permutations.
Which release should I use (and master) to support my need for secure, stable, and reliable Gentoo based servers? |
|
| Back to top |
|
 |
30726
Veteran
Joined: 24 Sep 2003
Posts: 1501
|
| Posted: Thu Apr 29, 2004 3:55 pm Post subject: |
|
|
You'll definitively want to do an install with SELinux if security is a big issue.
Check out this for more info about Gentoo Linux and SELinux. The Gentoo Linux SELinux install guide can be found here.
As for security-only upgrades, it's not yet availabe in portage AFAIK, but if you emerge gentoolkit, glsa-check will provide a temporay solution until security-only updates are merged into portage. |
|
| Back to top |
|
|
jstuart
n00b
Joined: 03 Dec 2002
Posts: 57
|
| Posted: Tue Jun 01, 2004 2:19 pm Post subject: |
|
|
Is there any way to upgrade to a hardened linux on an existing server? IE say I installed gentoo normal and have now decided I want to upgrade to the hardened kernel and selinux?
Can I do this? If so, is it "relatively" easy? Can I do this remotely? (IE over ssh)
Ok, ignore the first part of this question.  However, I see that devfs doesn't work with selinux. What about udev?
_________________
Jeff Stuart
JAHGU (Just another happy Gentoo User) |
|
| Back to top |
|
|
|
Installing Gentoo
