From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-150851-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 7551F1381F3
	for <garchives@archives.gentoo.org>; Sat, 21 Sep 2013 04:35:18 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 800E5E0BFE;
	Sat, 21 Sep 2013 04:35:01 +0000 (UTC)
Received: from mail-qe0-f41.google.com (mail-qe0-f41.google.com [209.85.128.41])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 76D14E0BBB
	for <gentoo-user@lists.gentoo.org>; Sat, 21 Sep 2013 04:35:00 +0000 (UTC)
Received: by mail-qe0-f41.google.com with SMTP id 1so827938qee.0
        for <gentoo-user@lists.gentoo.org>; Fri, 20 Sep 2013 21:34:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=mxLu8zrNUy0fvjH31OM2QdSwtEzf4ZS/GPOE73QaGlk=;
        b=UgWRa/oxkwg63Vd5bgMVEXAHSL8ovWLI5fdFVhH/ePnYMgV8HkcyvjGZhfdCqPszpK
         Rvvzyf6tXS41JZPLHmU1VAeDGyF1hobiVdg98Ibmlh4adGq5oVzWcx6PZ4XD3gG958Qw
         F1J3rQ+CVTWTCnviZeaXiTVRHkJycktRjfyKkq/AJJm3RKu3apxxo/eG2izPLNTEKg5S
         m99Xop2b7OssRyJlxC1/Cv64SjqM6TJNNM3qoxYu3ps1XdQV4G8uiwwI93Pv1mx6OB7I
         RSzevGMrPw5P5V8HQPWnOiVdfp6F7bt5syQH24zcYYsJWx4xYSO5YDcYj/u0aTZ+ac5m
         8y9A==
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
X-Received: by 10.229.181.4 with SMTP id bw4mr16068601qcb.15.1379738099535;
 Fri, 20 Sep 2013 21:34:59 -0700 (PDT)
Received: by 10.140.25.83 with HTTP; Fri, 20 Sep 2013 21:34:59 -0700 (PDT)
In-Reply-To: <20130920230738.GC27740@TranscendTheRubicon.fritz.box>
References: <CAN0CFw1nGVZxJGGsq4TZidEPuyLDkcD0oYRDOOfNzFFM2vQ-tg@mail.gmail.com>
	<523898A3.7000404@googlemail.com>
	<2097.1379441483@ccs.covici.com>
	<5238ADD7.8020700@googlemail.com>
	<CAN0CFw0RtRX0+pCXtR_gAOioM056z3viJ+28bVBAUvreC80_SQ@mail.gmail.com>
	<CAN0CFw261bY8e5Fc2RW5xErC80pPzjUTW6Vt5tsHZ8uqK5DRYw@mail.gmail.com>
	<20130920230738.GC27740@TranscendTheRubicon.fritz.box>
Date: Fri, 20 Sep 2013 21:34:59 -0700
Message-ID: <CAN0CFw22VTvQpZEkPCTYACFW4G+F9Lw=u5W7w4RaCa31JJAahw@mail.gmail.com>
Subject: Re: [gentoo-user] ZFS
From: Grant <emailgrant@gmail.com>
To: Gentoo mailing list <gentoo-user@lists.gentoo.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Archives-Salt: fa2477cd-29ae-44e2-b770-8057ac268a6a
X-Archives-Hash: f56e1f258cb13d4c95e74a7118dacc7b

>> > How about hardened?  Does ZFS have any problems interacting with
>> > grsecurity or a hardened profile?
>>
>> Has anyone tried hardened and ZFS together?
>
> I did - I had some problems, but I'm not sure if they were caused by the
> combination of ZFS and hardened. There were some issues updating kernel and ZFS
> (most likely due to ZFS on root and me using ~arch hardened-sources and the
> live ebuild for zfs).
> There are some hardened options that are known to be not working (constify was
> one of them but that should be patched now). I think another one was HIDESYM.
>
> There is a (more or less regularly updated blogpost by prometheanfire
> (installation guide zfs+hardened+luks [1]).
> So you could ask him or ryao (he seems to support hardened+zfs at least to
> a certain degree).
> [1] https://mthode.org/posts/2013/Sep/gentoo-hardened-zfs-rootfs-with-dm-cryptluks-062/

Thanks for the link.  It doesn't look too bad.

- Grant