gentoo-hardened December 2009 archive
Main Archive Page > Month Archives  > gentoo-hardened archives
gentoo-hardened: Re: [gentoo-hardened] Hardened Targets

Re: [gentoo-hardened] Hardened Targets

From: Shinkan <shinkan_at_nospam>
Date: Tue Dec 01 2009 - 14:36:57 GMT
To: gentoo-hardened@lists.gentoo.org


2009/12/1 Mansour Moufid <mansourmoufid@gmail.com>

>
> You really shouldn't unmerge Portage, but if you want to, it should be
> the last step -- coming *after* emerge -uUDN world && emerge
> --depclean && revdep-rebuild. After which you can safely rm -drf
> /usr/portage.
>

I get the way you would do the things, but that's quite the same thing that catalyst do behind the scene.
But it uses a cache system that avoid re-emerging too often. That's chrooting a stage3, emerging fancy features, then removing others, all of this according to profiles.
I thing that's not very maintainable and that's error prone (because you're not sure of what is unmerged, or what dependencies it could break).

Anyway, thanks for your help that brings fresh meat to me. I'm interrested if there's a magic command to unmerge & clean every dev related things once system is built.

ONE OFF-TOPIC MORE GENERAL QUESTION :
Is there a gentoo hardened toolchain with SSP and PIE BEFORE gcc 4 ? -- Pierre. "Sometimes when I'm talking, my words can't keep up with my thoughts. I wonder why we think faster than we speak. Probably so we can think twice." - Bill Watterson