From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LFdyW-0008WD-Dm for garchives@archives.gentoo.org; Thu, 25 Dec 2008 00:21:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E59D8E03E7; Thu, 25 Dec 2008 00:21:14 +0000 (UTC) Received: from titan.bumpin.org (mail.bumpin.org [69.62.137.202]) by pigeon.gentoo.org (Postfix) with ESMTP id B8CE0E03E7 for ; Thu, 25 Dec 2008 00:21:14 +0000 (UTC) Received: from a (barrier.bumpin.org [69.62.137.201]) by titan.bumpin.org (ESMTP) with ESMTPSA id 17F85897DB for ; Wed, 24 Dec 2008 16:21:14 -0800 (PST) From: Gordon Malm To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] Profile switch: hardened to non-hardened? Date: Wed, 24 Dec 2008 16:21:13 -0800 User-Agent: KMail/1.9.9 References: <49bf44f10812231323t7b5371eaj6a082f56f17b01e0@mail.gmail.com> <49515B9F.4030006@moremagic.com> <49bf44f10812240903r5de4963blb6c9c4e295adf7f7@mail.gmail.com> In-Reply-To: <49bf44f10812240903r5de4963blb6c9c4e295adf7f7@mail.gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200812241621.13188.gengor@gentoo.org> X-Archives-Salt: b349f250-0382-4c24-9e8a-12bbe6ea6863 X-Archives-Hash: e2df17d65ab70140d69fe4d0580cd974 Hardened profiles: Yes there's a difference, no you should not switch to hardened/linux/${ARCH} at this time. You can get skype working by downloading or building gcc 4.1.x and pointing LD_LIBRARY_PATH at the shared object directory when starting skype. skype won't be using hardened toolchain but since its closed source and you're willing to switch the whole machine to non-hardened I figure you probably don't mind. ;) Example: 1. Download http://tinderbox.dev.gentoo.org/default-linux/x86/sys-devel/gcc-4.1.2.tbz2 2. unpack the archive to ${HOME}/tinderbox-pkgs/sys-devel/gcc/ 3. Run it: LD_LIBRARY_PATH="${HOME}/tinderbox-pkgs/sys-devel/gcc/usr/lib/gcc/i686-pc-linux-gnu/4.1.2/" skype If you only require VoIP capability and not skype specifically you might be interested net-im/ekiga. Gordon Malm (gengor) On Wednesday, December 24, 2008 09:03:21 Grant wrote: > > I've been able to do so; basically I switched over to the standard > > profile, disabled selinux in the kernel, and re-emerged system for new > > use flags. There were some other details but overall the process was > > pretty painless, anyone ambitious enough to configure a hardened system > > can probably handle the switch without much problem. Not that I'm > > encouraging you to drop hardened (especially on a laptop that could be > > exposed to random wifi networks ;-) > > Is there any difference between 1 and 8 here? Should I switch to 8? > > # eselect profile list > Available profile symlink targets: > [1] hardened/x86/2.6 * > [2] selinux/2007.0/x86 > [3] selinux/2007.0/x86/hardened > [4] default/linux/x86/2008.0 > [5] default/linux/x86/2008.0/desktop > [6] default/linux/x86/2008.0/developer > [7] default/linux/x86/2008.0/server > [8] hardened/linux/x86 > > - Grant > > >> Can I switch my laptop's profile from a hardened one to a non-hardened > >> one? I thought this was impossible without a complete reinstall but > >> folks on the gentoo-user list seem to think it's not a problem. > >> > >> - Grant