Gentoo/Hardened on BAFM

stages

Sat, 16 Aug 2014 10:12:01 +0000

For what it’s worth, I’ve been trying to get some stages together the last few days. Thanks to solar and Brent, the ppc-stages are now coming along quite fast.

I haven’t really tested them yet, but for what it’s worth, you’ll find stages based on Saturday’s snapshot (that is 200780105 for those not smart enough to take a look at the calendar) here for the following profiles:

uclibc/ppc (normal/-softfloat)
uclibc/ppc/hardened
uclibc/x86
uclibc/x86/hardened
hardened/amd64
hardened/amd64/nomultilib
hardened/x86/2.6 (x86/i686)

Now remember, this isn’t official release material. This is just MY effort ( for now) to provide current stages.

packages-barfoo-org is going away

Fri, 08 Aug 2014 09:09:37 +0000

For those of you, still using my binary packages. It’s just a waste of disk space for me (6.8G to be exact), so I decided to remove them. I’m gonna give people one week to grab yourself a copy. I’m gonna keep the bashrc and all the other stuff I wrote back when I was still interested in binary packages, but the binary packages are gonna vanish!

EPIA fun

Tue, 04 Mar 2008 19:39:07 +0000

Well, as for replacing my current fileserver (which I seriously need to consider replacing), I’ll just pick up these things:

3WARE 9550SXU-8LP (that’s 399,00€) plus riser card
VIA EPIA EK 8000EG (that’s 201,69€)
Kingston ValueRAM DIMM 1 GB DDR-400 (that’s 57,00€)
4x Seagate ST31000340NS (that’s 279,00€ each - making a subtotal of 1.116,00€)

So after browsing some more for a replacement for my current fileserver, I’d like to share the latest stages with you people. Thanks to Mike (who mentioned that binutils-2.18* already does the LDFLAGS="-Wl,-z,relro" part) I replaced it with "-Wl,-O1". Same old place, there’s fresh stages … (and thanks again to Mike, with working util-linux-2.13-r2).

Saying thank you

Thu, 19 Apr 2007 21:28:14 +0000

As I’m way better writing stuff than saying it with my own words, here a short " Thank you! "

Christel, you have been a gracious and honest person, thanks for all the advice and help in the last year
Chrissy, thanks for the inspiring words, you really made/make me feel better
Alec (antarus), you’ve been a real friend and to say it with your own words “It sucks to be you”; to phrase it differently, I’m really going to miss you
Bryan, thanks for all the help, thanks for all the fun at FOSDEM (and after FOSDEM, hah)
Ned, Alexander (pappy); you’ve both been an inspiration, thanks for letting me work on hardened foo; it has been real fun
Mike (vapier), thanks for being a smart ass and inspiration at the same time
Chris, thanks for the inspiration and for being a sarcastic person 😉
Andrew, thanks for trying to make a fun out of me 😛 and thanks for warning me of Chris’s sarcasm

Gentoo/hardened and the new toolchain

Mon, 26 Feb 2007 09:28:44 +0000

OK, as some of you have noticed; I prepared my box for the new toolchain, recompiled the stuff Kevin mentioned in the exact same order wrote down in his README, and it looks like it actually works with all my stuff I have on my box; except sys-libs/grub! sigh

Apparently, grub segfaults at boot and/or while running it from the chroot in the exact same spot, the new QA warnings complain about ..

hardened-sources-2-6-18

Fri, 10 Nov 2006 23:56:45 +0000

Today (OK, it’s yesterday now, it’s again after 12:00) I had a little fun with pappy (Alexander Gabert) preparing 2.6.18 for prime time 😀

 1
 2
 3
 4
 5
 6
 7
 8
 9
10


$ ls -AGg 2.6.18
-rw-r--r-- 1 1593 Jan 25 23:25 1500_cvs-2007-1000.patch
-rw-r--r-- 1 797 Jan 25 23:25 4000_deprecate-sk98lin.patch
-rw-r--r-- 1 32192 Jan 25 23:25 4105_dm-bbr.patch
-rw-r--r-- 1 125781 Jan 25 23:25 4300_squashfs-3.1.patch
-rw-r--r-- 1 5710 Jan 25 23:25 4405_alpha-sysctl-uac.patch
-rw-r--r-- 1 864955 Jan 25 23:25 4450_grsec-2.1.9-2.6.18.6-200611100917.patch
-rw-r--r-- 1 910 Jan 25 23:25 4451_grsec-2.1.9-2.6.18.2-mute-warnings.patch
-rw-r--r-- 1 1034 Jan 25 23:25 4452_selinux-avc_audit-log-curr_ip-grsec.patch
-rw-r--r-- 1 2097 Jan 25 23:25 4453_pax_curr_ip-fixes.patch

So far all patches are applying fine and according to Alexander it even works on his workstation. But I’ll wait for Steve/Ned to get back to me telling me if this release works for them or not (as they had serious issues with their hardened desktops - something about the cursor being stuck in the corners).