From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-44262-garchives=archives.gentoo.org@gentoo.org>)
	id 1FsiFJ-0007K2-Su
	for garchives@archives.gentoo.org; Tue, 20 Jun 2006 15:34:30 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k5KFWIZr032554;
	Tue, 20 Jun 2006 15:32:18 GMT
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173])
	by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k5KFQWEK029071
	for <gentoo-user@lists.gentoo.org>; Tue, 20 Jun 2006 15:26:32 GMT
Received: by ug-out-1314.google.com with SMTP id j40so1255812ugd
        for <gentoo-user@lists.gentoo.org>; Tue, 20 Jun 2006 08:26:32 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
        b=pSZb5Dy1ZLw7YRF/UBqA43cdcrqMrSqUoO3wyRJrufcBnIYUYBcSMVU2VZePXbNOh4aJJSX/pgoalasUEFcu3pwiP6gsG1HOd9shFmSQmyHjb5NiA/jbwOn8v6ptDFCmUku7f7f80oyHFA1abD795cH6f2YhnBBWJ6NbjG8FT/s=
Received: by 10.66.252.4 with SMTP id z4mr6718327ugh;
        Tue, 20 Jun 2006 08:26:32 -0700 (PDT)
Received: by 10.67.29.8 with HTTP; Tue, 20 Jun 2006 08:26:31 -0700 (PDT)
Message-ID: <558b73fb0606200826n5c14e2dbg482a9748e3e3f2d1@mail.gmail.com>
Date: Tue, 20 Jun 2006 11:26:31 -0400
From: "Michael Crute" <mcrute@gmail.com>
To: "Gentoo Lists" <gentoo-user@lists.gentoo.org>
Subject: [gentoo-user] Grub, Hardened, and AMD64
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Archives-Salt: 48a91a71-f7ec-4875-ba93-43a031a31eeb
X-Archives-Hash: 3b7968ff7f300bf65ef90a9e731e6da5

I am building a server (AMD Opteron 64) and as a matter of policy I
always run the hardened profile on my servers. Now this is my first
time doing an install on an AMD64 architecture with hardened and so
far it has gone relatively well. The thing that is giving me the most
problems is Grub. When I try to emerge it in the hardened chroot the
config script bombs out with an error 'C compiler cannot create
executables'. One suggested solution was to disable sandbox in
features and try again, no such luck. My next thought was to build a
second chroot with a regular (non-hardened) tarball and build a
package of grub (compiled using the static useflag) then emerge that
in the hardened environment. Does this make sense? Is it likely to
work or should I be doing something else? Any help would be
appreciated.

Note that simply not using the hardened profile is not an option here.

-Mike

-- 
________________________________
Michael E. Crute
http://mike.crute.org

I may not have gone where I intended to go, but I think I have ended
up where I intended to be. --Douglas Adams
-- 
gentoo-user@gentoo.org mailing list