From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Qc4iU-0005UJ-1q for garchives@archives.gentoo.org; Thu, 30 Jun 2011 00:02:46 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6238B1C002 for ; Thu, 30 Jun 2011 00:02:40 +0000 (UTC) Received: from mail-vw0-f53.google.com (mail-vw0-f53.google.com [209.85.212.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 2B06F1C002 for ; Wed, 29 Jun 2011 23:45:48 +0000 (UTC) Received: by vws13 with SMTP id 13so1581419vws.40 for ; Wed, 29 Jun 2011 16:45:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=7abs0ce5SWOohh9tVejPF2pN7DPghlF7RO+slbyObEk=; b=Xu60lj9EOw++7BJtSHrRSztdl0rxEcKaU+Y2s5W+cYBP1ORRCvRmpjPVA3MPP+B8M3 bUM5inio9Ck2bfo21GQkwFJ7MHnnRPxZ2qdjH5C4OPQRp3LDigybEPEG00iXqCSwj1RF dPeYjFC4V3LDaEtxVaKtAypKK5qdP5HX3zpyU= Received: by 10.52.96.69 with SMTP id dq5mr1882108vdb.313.1309391147350; Wed, 29 Jun 2011 16:45:47 -0700 (PDT) Received: from [127.0.0.1] (chomsky.torservers.net [77.247.181.162]) by mx.google.com with ESMTPS id l15sm605247vdt.46.2011.06.29.16.45.44 (version=SSLv3 cipher=OTHER); Wed, 29 Jun 2011 16:45:46 -0700 (PDT) Message-ID: <4E0BB8F5.8020204@gmail.com> Date: Wed, 29 Jun 2011 19:44:53 -0400 From: 7v5w7go9ub0o <7v5w7go9ub0o@gmail.com> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110623 Lightning/1.0b2 Thunderbird/3.1.11 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: for hard list Subject: [gentoo-hardened] Re: Tips for upgrading to the current stable gentoo hardened? References: <201106151055.12918.karlis.repsons@gmail.com> <4DFF5746.9030500@wildgooses.com> <4E0B0A42.4060302@gentoo.org> <4E0B3AE4.4050204@gmail.com> <4E0B9BA4.3060707@whyscream.net> In-Reply-To: <4E0B9BA4.3060707@whyscream.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: cf71f10b062e3ac6f15f9afdf968b31f On 06/29/11 17:39, Tom Hendrikx wrote: > On 29/06/11 16:47, 7v5w7go9ub0o wrote: >> >> 2. At this point, the 'clearest' way to build a hardened box from >> scratch seems to go a few steps into the Gentoo handbook, then >> migrate using the steps above. Not ideal, but until the >> documentation can be refined, how about either putting these steps >> into the handbook, or alternatively a reference *in the handbook* >> to wherever you find a home for these steps (e.g. QandA). > > I built a hardened box last week by grabbing a hardened autobuild, > then following the regular handbook for my arch. Above steps are only > needed when you start from a regular stage, or when you are > converting a regular install. > > Usage of autobuilds is missing in the handbook now, but iirc there > are some open bugs on getting this changed. > > -- Regards, Tom > > Geeze... I've built a couple of hardened boxes from scratch; most recently two or three years ago; never *heard* of autobuild. Maybe my experience precedes it (I was using experimental.org). Perhaps the perfect (as in the traditionally excellent Gentoo documentation) has become the enemy of the good (the documentation of the autobuild is good, but not perfect enough to be entered into official docs.) If "Q and A" is now the official hardened documentation, then 'twould be nice if someone put a couple of imperfect sentences in there about autobuild. Good to know; so autobuilds are probably the clearest way to build a hardened box. Thanks for posting. (p.s. I think of ALL of the work that Zorry, Blueness, and a myriad of other folks put into bringing Hardened Gentoo up to date - truly *heroic* contributions - and I now fear that a lack of documentation will result in a loss of the benefit of all of that work) killall rant