Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Jaded stage3 hardened Guide With Grsecurity & PaX ver2.0
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
Master One
l33t
l33t


Joined: 25 Aug 2003
Posts: 754
Location: Austria

PostPosted: Sat Feb 18, 2006 5:54 pm    Post subject: Reply with quote

dbasetrinity, I am curious, you used hardened for a desktop installation? I thought, hardened was not doing well with quite some (mostly desktop/gui) apps, it even should be not that simple to get X going on a hardened system.

I am just starting to read on the hardened project, and it would indeed be interesting, not only for server use, but also for a desktop / notebook installation, if I can get all my usual software to work properly.
_________________
Las torturas mentales de la CIA
Back to top
View user's profile Send private message
dbasetrinity
Apprentice
Apprentice


Joined: 25 Jun 2005
Posts: 167

PostPosted: Mon Feb 20, 2006 1:50 pm    Post subject: Reply with quote

Yep works great, Running kde3.5
The only aplication i have any issues with is beep-media-player and it doesnt have anything to do with hardened its a Pax permissions issues other then that i havent found any software i cant install and use just like before. So Desktop or server i think you'll be happy with it

Only thing to be aware of is use-flags with hardened. They are not defined by default like on a normal install. So it would be wise to get a list of all those use-flags which i have listed in this guide.

The one use-flag that is important when it comes to X is dlloader you will need that which should be selected by default when using the hardened stage or hardened profile.

Well hope that helped
_________________
Jaded Team Leader
Dbasetrinity
Mem Id #1002
Jaded Guide V2.0
Back to top
View user's profile Send private message
Master One
l33t
l33t


Joined: 25 Aug 2003
Posts: 754
Location: Austria

PostPosted: Mon Feb 20, 2006 9:33 pm    Post subject: Reply with quote

Nice, I am already pretty convinced to go for hardened on my upcoming laptop reinstall... :)

So could you fix the beep-media-player issue using chpax? I don't think there could be any show-stopper, if being able to change the PaX flags as needed. The USE flags should be no problem, I'll go with the hardened profile, and go along with this famous installation method.
_________________
Las torturas mentales de la CIA
Back to top
View user's profile Send private message
dbasetrinity
Apprentice
Apprentice


Joined: 25 Jun 2005
Posts: 167

PostPosted: Tue Feb 21, 2006 2:37 am    Post subject: Reply with quote

Yep there is a way to get beep-media-player to work but i couldnt tell you exactly how i've honestly never tried. I've heard that its just a matter of changing the permissions for it chpax automatically does most of the applications like java mplayer xorg but the ones the dont then you will need to use paxctl

I'll try to figure it out myself on how to get it working when i get some time

Worse comes to worse you can always disable pax or maybe certain options and theres always another kernel image also. i actually have it that way

i have just a normally hardened-source kernel without grsecurity and pax and then one with it all.

Which i do remember that Catalyst was giving me troubles with the grsecurity and pax kernel.

Well good luck with the install.
_________________
Jaded Team Leader
Dbasetrinity
Mem Id #1002
Jaded Guide V2.0
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum