December hardened meeting
by Sven Vermeulen, post on Fri 20 December 2013Yesterday evening (UTC, that is) the members of the Gentoo Hardened project filled the #gentoo-hardened IRC channel again - it was time for another online follow-up meeting.
Toolchain
A few patches on the toolchain need to be created to mark SSP as default, but this is just a minor workload.
And …
GPT or MBR in the Gentoo Handbook
by Sven Vermeulen, post on Wed 18 December 2013I just committed a set of changes against the Gentoo Handbook (x86 and amd64) with the intent to have better instructions on GPT (GUID Partition Table) layout versus MBR (Master Boot Record) or MSDOS-style layout.
The part on "Preparing the Disks" saw the most changes. It starts with explaining the …
Updated Linux Sea, now with viewport thingie
by Sven Vermeulen, post on Mon 16 December 2013I just pushed out an update to Linux Sea (an online resource to introduce you to Linux, using Gentoo Linux as an example), including its PDF and ePub versions. The changes are pretty small (see its ChangeLog).
Together with the update, it now also includes a
<meta name="viewport"...> so …
Gentoo SELinux policy release script
by Sven Vermeulen, post on Wed 11 December 2013A few months ago, I wrote a small script that aids in the creation of
new SELinux policy packages. The script is on the
repository
itself, in the gentoo/ subdirectory, and is called
release-prepare.sh.
The reason for the script is that there are a number of steps to perform …
November online hardened meeting
by Sven Vermeulen, post on Wed 11 December 2013Later than usual, as I wasn't able to make the meeting myself (thus had to wait for the meeting logs in order to draft up this summary), so here it is. The next meeting is scheduled for next week, btw ;-)
Toolchain
The 4.8.2 ebuild for GCC is available …
Majority of GDP documents moved to Gentoo wiki
by Sven Vermeulen, post on Tue 10 December 2013The majority of the English gentoo documents that resided in www.gentoo.org/doc/en have now been moved to the Gentoo Wiki. All those documents have been made available in the main namespace, meaning that non-developers can continue to contribute on those articles and guides, fully in the spirit …
The mix of libffi with other changes
by Sven Vermeulen, post on Sun 03 November 2013I once again came across libffi. Not only does the libffi approach fight with SELinux alone, it also triggers the TPE (Trusted Path Execution) protections in grSecurity. And when I tried to reinstall Portage, Portage seemed to create some sort of runtime environment in a temporary directory as well, and …
Gentoo Hardened meeting 201310
by Sven Vermeulen, post on Thu 24 October 2013We gathered online again to talk about the progress, changes and other stuff related to the Gentoo Hardened project.
New Developer
We welcomed Zero_Chaos as a new addition to our team. Big welcome, with the usual IRC kick in between, ensued.
Toolchain
GCC 4.8.x is unmasked and …
A bug please...
by Sven Vermeulen, post on Mon 30 September 2013I know contacting me (or other developers) through IRC is often fast, but having a bug report on our bugzilla is very important to me and other developers. Allow me to explain a bit why.
First of all, IRC is ephemeral. If we are not immediately on IRC noticing it …
It has finally arrived: SELinux System Administration
by Sven Vermeulen, post on Fri 27 September 2013Almost everyone has it - either physical or in their heads: a list of things you want to do or achieve before you... well, stop existing. Mine still has numerous things on it (I should get on it, I know) but one of the items on that list has recently been …