On 03/15/2011 03:20 PM, Grant wrote: >>> A dev is asking me to switch to a hardened profile in order to test a >>> fix. I'm happy to go through the process, but is there a chance my >>> laptop could be unusable after the switch? If that happens I'll be in >>> real trouble. Will I be able to switch back to a non-hardened profile >>> afterward? I plan to follow this guide: >>> >>> http://www.gentoo.org/proj/en/hardened/hardenedfaq.xml#hardenedprofile >>> >>> BTW, are emerge -e world and emerge -e system both necessary? I >>> thought emerge -e world would rebuild everything. >> >> Switching to hardened is safe. The switch back should be, too, although >> I haven't personally tried it. (Why would you switch back?) > > I originally had my laptop on a hardened profile (I think it was a > couple laptops back) but there were so many problems I eventually gave > up. I remember doing a lot of system reinstalling as I switched > profiles around. I don't have time to reinstall my system right now > so I'm trying to be sure I can switch to hardened (and from hardened > if necessary) without reinstalling.
If you don't run a hardened kernel, "sudo gcc-config 5" (assuming 5 is the vanilla gcc on your machine...) will switch you back to the vanilla gcc. No need to switch profiles or recompile anything. >> You emerge system first, and then world so that your world is built by a >> hardened toolchain. When you compile gcc/glibc with USE=hardened, it >> gives them super powers. > > Would 'emerge gcc glibc && emerge -e world' have the same affect? There are a couple of other packages you're supposed to re-emerge along with gcc and glibc. Binutils was one, but I don't remember the whole list. Just suck it up and spend the extra hour to re-emerge system; that way, you're sure you haven't missed anything.
