| View previous topic :: View next topic |
| Author |
Message |
quickshiftin
Guru
Joined: 27 Jul 2004
Posts: 345
Location: Denver, CO
|
 Posted: Mon Dec 11, 2006 12:33 am Post subject: misunderstanding with hardened profile - SOLVED |
 |
|
hi,
so ive run into what appears to be a fairly serious problem. lately, trying to install gentoo, via stage3 tarballs; when i reboot the system after completing the steps in the handbook the boot process reaches a point where it declares 'cannot open initial console'.
i have discovered, reading other threads in the gentoo forums, that this is a udev issue. the gentoo udev guide suggests to manually create /dev/console and /dev/null, but that didnt seem to work for me. a thread suggested to copy /dev from the live cd to the new installation on disk; that might be a nice temp fix, but i dont like the idea, because then the /dev tree is probly populated with static nodes it doesnt need. id rather have udev work properly and gentoo keep around the min set of static nodes it needs to make the system work smoothly. that being said, on one installation attempt i did copy over /dev from the live cd to the new installation and then i was able to sucessfully boot. at that point there was a message at the end of the boot process saying that critical device nodes were missing from the root filesystem.
admitedly, i had installed from a 2006.0 disc, and the gentoo udev guide says the issue can arrise from installing with old media; so i re-installed with 2006.1, only to have the same issue! at first i thought this was old hardware of mine, but ive tried 2 systems with varying pieces of component hardware and every time i think i have a complete install i reboot only to see this problem with the initial console.
i have also tried upgrading to the latest stable version of udev and removing coldplug as a last step in the installation process, but this has not helped. i have installed gentoo on numerous systems for the past 2 years, this appears to be something that has been happening for the last week or so, since ive been trying to build a new system.
the biggest problem is, once i reach a point where a have an installation ready to boot into, and i run into the udev issue; ill boot back into the livecd to check the install... well sometimes the filesystem has become corrupted during the faulty boot process, which destroys hours of work and puts me back to square 1.
can someone please suggest a solution to the udev problem or provide me with a workaround to get this new system setup?
useful information about my installation attempt details:
> i have been using the hardened x86 profile
> i have not installed any ustable packages from ~x86
> im using grub as a boot loader
> kernel is gentoo-sources-2.6.18-r3/r4
thanks,
~quickshiftin`
Last edited by quickshiftin on Tue Dec 12, 2006 1:34 pm; edited 2 times in total |
|
| Back to top |
|
 |
IQgryn
l33t
Joined: 05 Sep 2005
Posts: 764
Location: WI, USA
|
| Posted: Mon Dec 11, 2006 1:50 am Post subject: |
|
|
| If you copy /dev/console and /dev/null from the livecd, everything else should work. Make sure you do this before you mount anything in /mnt/gentoo/dev, though. |
|
| Back to top |
|
|
nixnut
Bodhisattva
Joined: 09 Apr 2004
Posts: 10974
Location: the dutch mountains
|
| Posted: Mon Dec 11, 2006 4:55 pm Post subject: |
|
|
If you use a regular stage3 file you install glibc-2.4 and gcc-4.1. If you then use the hardened profile you'll end up downgrading glibc which will break your system. glibc-2.4 and gcc-4.1 are masked in the hardened profiles.
_________________
Please add [solved] to the initial post's subject line if you feel your problem is resolved. Help answer the unanswered
talk is cheap. supply exceeds demand |
|
| Back to top |
|
|
quickshiftin
Guru
Joined: 27 Jul 2004
Posts: 345
Location: Denver, CO
|
| Posted: Tue Dec 12, 2006 1:32 pm Post subject: |
|
|
nixnut,
i switched to the hardened profile and was able to boot up on the first attempt.
i guess the hardened profile is designed to go with a hardened kernel, indeed i found this in
/etc/make.profile/profile.bashrc
ewarn "This profile has not been tested thoroughly and is not considered to be"
ewarn "a supported server profile at this time. For a supported server"
ewarn "profile, please check the Hardened project (http://hardened.gentoo.org)."
echo
ewarn "This profile is merely a convenience for people who require a more"
ewarn "minimal profile, yet are unable to use hardened due to restrictions in"
ewarn "the software being used on the server. This profile should also be used"
ewarn "if you require GCC 4.1 or Glibc 2.4 support. If you don't know if this"
ewarn "applies to you, then it doesn't and you should probably be using"
ewarn "Hardened, instead."
i think i have made myself a vicitim of doing something i dont know much about and running into trouble when i get there 
well thanks for your help, ill be sure to read up on security stuff when i have more time; i was just trying to get some minimal restrictions in place on this particular box.
thanks,
~quickshiftin` |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Installing Gentoo
