On Wed, 30 Jan 2008 11:49:48 +0100 Alex Schuster <[EMAIL PROTECTED]> wrote:
> Dan Farrell writes: > > > Alex Schuster <[EMAIL PROTECTED]> wrote: > > > I want to harden the gentoo running on my little server, but I'm a > > > little worried about possible problems. Like, services not coming > > > up when rebooting after an emerge -e world. Do you see any > > > possibility for that? > > > > Absolutely. These problems can be overcome with a little attention, > > but outdated config files that were not updated with dispatch-conf > > or etc-update might not work with newer versions of software. > > Sure. But the system is up to date, emerge -uN world gives nothing. > It's only the re-compiling of everything with a hardened gcc that > worries me a little. If something might go wrong there, I would wait > with re-compiling until I know I have physical access to the machine > for a while, while most of the time I am away some 100 km from it. > > I must admit that I should know more about the hardened stuff, but I > thought I'd start with the preparations. Configuring things like Pax > would come later, when emerge -e world has finished on this slow > machine (and when I have read all the howtos). > > Wonko You might consider building packages but not installing them -- I think could use --buildpkgonly (aka -B) to achieve this end. If the world emerge with a -B flag finishes successfully, I think that means all packages were built and you are ready to emerge world with --usepkgonly (-K) without having to worry about build-time issues that could cause conflicting packages on the system. But what does everyone else think? -- gentoo-user@lists.gentoo.org mailing list
