Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: Hardened

keyword: amd64 or ~amd64?

  

 
Gentoo hardened RSS feed   Index | Next | Previous | View Threaded


alain.toussaint at securivm

Apr 9, 2012, 3:36 PM

Post #1 of 3 (161 views)
Permalink
keyword: amd64 or ~amd64?
Hello everyone,

I’m building from scratch a Samba file server which I may
use samba4 git version (i.e. not a package from Gentoo) but the rest will
be stock Gentoo and for the moment, I’m running stable and the profile is
amd64/no-multilib/selinux. In order to have a good set of policies, should
I run ~amd64 or the default will be fine?



This is for a small workgroup server with 5 clients.



The machine is a dual core AMD Athlon 4600 with 4GB of ram and, for the
moment, 280GB of disk space.



Alain


titanofold at gentoo

Apr 9, 2012, 3:40 PM

Post #2 of 3 (156 views)
Permalink
Re: keyword: amd64 or ~amd64? [In reply to]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 04/09/2012 06:36 PM, Alain Toussaint wrote:
> Hello everyone,
>
> I’m building from scratch a Samba file server which I may use
> samba4 git version (i.e. not a package from Gentoo) but the rest
> will be stock Gentoo and for the moment, I’m running stable and
> the profile is amd64/no-multilib/selinux. In order to have a good
> set of policies, should I run ~amd64 or the default will be fine?
>
>
>
> This is for a small workgroup server with 5 clients.
>
>
>
> The machine is a dual core AMD Athlon 4600 with 4GB of ram and, for
> the moment, 280GB of disk space.
>
>
>
> Alain
>

You should go with 'amd64'. Things happen in testing which can really
screw things up if your dependent on the machine always just working.

- - Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAk+DZU4ACgkQVxOqA9G7/aD4CAD+M3WOuLFYcBdT4RF72uy7eoAx
IxaL7HeyJ9YWQJ1lIxsA/3Y4J5biKmjBEhcWk6Q9hWdcBl2rY1Ze2v7E/qSKtSyS
=fpIT
-----END PGP SIGNATURE-----


swift at gentoo

Apr 10, 2012, 10:35 AM

Post #3 of 3 (163 views)
Permalink
Re: keyword: amd64 or ~amd64? [In reply to]
On Mon, Apr 09, 2012 at 06:36:00PM -0400, Alain Toussaint wrote:
> I’m building from scratch a Samba file server which I may
> use samba4 git version (i.e. not a package from Gentoo) but the rest will
> be stock Gentoo and for the moment, I’m running stable and the profile is
> amd64/no-multilib/selinux. In order to have a good set of policies, should
> I run ~amd64 or the default will be fine?

I definitely don't recommend running the entire system in ~arch with
SELinux. I'm not able to work out the policies for ~arch in time as soon as
they are needed (in other words, I can use the 30 days "stabilization" just
to make sure the policies don't make your system unworkable).

However, the policies themselves might be a candidate for running in ~arch.

That being said, if the stable policies work for you, keep them in the
stable state ;)

Sven

Gentoo hardened RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.