From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from <gentoo-user+bounces-120681-garchives=archives.gentoo.org@lists.gentoo.org>) id 1PzZpO-0003pf-Hv for garchives@archives.gentoo.org; Tue, 15 Mar 2011 19:22:46 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A33FA1C02F; Tue, 15 Mar 2011 19:20:10 +0000 (UTC) Received: from mail-yi0-f53.google.com (mail-yi0-f53.google.com [209.85.218.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 735B91C02F for <gentoo-user@lists.gentoo.org>; Tue, 15 Mar 2011 19:20:10 +0000 (UTC) Received: by yia25 with SMTP id 25so572729yia.40 for <gentoo-user@lists.gentoo.org>; Tue, 15 Mar 2011 12:20:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=yoCjDerkyc+gusFgTiRUTVj26X1JvG7glVKNOiLdHSM=; b=grtuiYxk5gYGezON6GmrA+U3n56LFrCpRf3WoT8ksSc99pHI5rC912A3uSICh7Svq1 Ys/oJ5JBZlgOJkoOt8FspBmBvk5ZJhZNCYu7vMNsg9+Wi62YlZH3yULbFRbZyQkzzE9r jvHIRQlOBpDh/DuxClpcB2V9dQa9MiUPi9FC8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=swRC+L57nA3222F3hKqmkaH3cFc0EuHXLMJHkL5R/8kHg7gSrpFuZacG/mXpsQFkTW E05DGJAHJXNFrpEKECxp+wx6B/4QunK6t1hXvyChyj/1kBFFq2rme7KLQqKmvFGTH0E2 gFTgtojy4WAK+HOPiDQd+s2RswJ97lmb4Ai7E= Precedence: bulk List-Post: <mailto:gentoo-user@lists.gentoo.org> List-Help: <mailto:gentoo-user+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-user.gentoo.org> X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.43.45.10 with SMTP id ui10mr5133871icb.430.1300216809771; Tue, 15 Mar 2011 12:20:09 -0700 (PDT) Received: by 10.43.131.66 with HTTP; Tue, 15 Mar 2011 12:20:09 -0700 (PDT) In-Reply-To: <4D7FB70E.8070600@orlitzky.com> References: <AANLkTi=h=8dRLufX2F=Yupkbn=GLHdLz7T6zLCw4CdFc@mail.gmail.com> <4D7FB70E.8070600@orlitzky.com> Date: Tue, 15 Mar 2011 12:20:09 -0700 Message-ID: <AANLkTinKTg_7fwn8HS4aapLnx+5T5+gYJcHrnsyyMFZ+@mail.gmail.com> Subject: Re: [gentoo-user] Switching to a hardened profile and back again From: Grant <emailgrant@gmail.com> To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: 57c873ade6a3cce4d0ffdca8ef194c92 >> A dev is asking me to switch to a hardened profile in order to test a >> fix. =A0I'm happy to go through the process, but is there a chance my >> laptop could be unusable after the switch? =A0If that happens I'll be in >> real trouble. =A0Will I be able to switch back to a non-hardened profile >> afterward? =A0I plan to follow this guide: >> >> http://www.gentoo.org/proj/en/hardened/hardenedfaq.xml#hardenedprofile >> >> BTW, are emerge -e world and emerge -e system both necessary? =A0I >> thought emerge -e world would rebuild everything. > > Switching to hardened is safe. The switch back should be, too, although > I haven't personally tried it. (Why would you switch back?) I originally had my laptop on a hardened profile (I think it was a couple laptops back) but there were so many problems I eventually gave up. I remember doing a lot of system reinstalling as I switched profiles around. I don't have time to reinstall my system right now so I'm trying to be sure I can switch to hardened (and from hardened if necessary) without reinstalling. > You emerge system first, and then world so that your world is built by a > hardened toolchain. When you compile gcc/glibc with USE=3Dhardened, it > gives them super powers. Would 'emerge gcc glibc && emerge -e world' have the same affect? - Grant