[gentoo-user] How to harden a system

Hello list, Now that grsecurity is off-limits, I'm left wondering how to go about hardening a no-multilib box that will be exposed to the Big Bad World. To start with, it's not obvious which profile to use: $ eselect profile list | grep no-multi | grep hardened [23] default/linux/amd64/17.0/

Re: [gentoo-user] How to harden a system

On 12/23/2017 09:09 AM, Peter Humphrey wrote: > Hello list, > > Now that grsecurity is off-limits, I'm left wondering how to go about > hardening a no-multilib box that will be exposed to the Big Bad World. You can still use grsec/pax if you're willing to stick with an older (LTS) kernel: https

Re: [gentoo-user] How to harden a system

On Saturday, 23 December 2017 17:46:20 GMT Michael Orlitzky wrote: > On 12/23/2017 09:09 AM, Peter Humphrey wrote: > > Hello list, > > > > Now that grsecurity is off-limits, I'm left wondering how to go about > > hardening a no-multilib box that will be exposed to the Big Bad World. > > You can s

Re: [gentoo-user] after finally doing my emerge -e world successfully, my regular world update fails

On Sat, 23 Dec 2017 11:32:16 +1100, Adam Carter wrote: > But virtual/service-manager is using openrc. How do i point this to > systemd? By having systemd installed. A virtual is just a list of packages that provide the functionality needed. As long as one of them is installed, it is happy. If not

[gentoo-user] xosview fails to launch with missing font 7x13bold

After a reboot today, to switch to 4.14.8-r1, x11-misc/xosview-1.19 (installed last March) fails to launch with "xosview: display :0 cannot load font 7x13bold" 7x13bold is from media-fonts/font-misc-misc - I have 1.1.2-r1 installed 12/16. I can't tell what changed in the font file, as pa

Re: [gentoo-user] after finally doing my emerge -e world successfully, my regular world update fails

On Sun, Dec 24, 2017 at 7:04 AM, Neil Bothwick wrote: > On Sat, 23 Dec 2017 11:32:16 +1100, Adam Carter wrote: > > > But virtual/service-manager is using openrc. How do i point this to > > systemd? > > By having systemd installed. A virtual is just a list of packages that > provide the functional

Re: [gentoo-user] How to harden a system

On Sun, Dec 24, 2017 at 1:09 AM, Peter Humphrey wrote: > Hello list, > > Now that grsecurity is off-limits, I'm left wondering how to go about > hardening a no-multilib box that will be exposed to the Big Bad World. > > To start with, it's not obvious which profile to use: > > $ eselect profile l

Re: [gentoo-user] 'firmware_install' won't on 4.14.7-gentoo

> > Comparing firmware between kernels 4.12.12 and 4.14.7 I see: > > $ ls -l /usr/src/linux-4.12.12-gentoo/firmware/radeon/RV730* > -rw-r--r-- 1 root root 5440 Dec 7 09:02 /usr/src/linux-4.12.12-gentoo/ > firmware/radeon/RV730_me.bin > -rw-r--r-- 1 root root 454 Dec 7 09:02 /usr/src/linux-4.12

Re: [gentoo-user] Radeon RV730 blobs changed

On Thu, Dec 21, 2017 at 7:20 AM, Mick wrote: > On Wednesday, 20 December 2017 19:55:40 GMT Mick wrote: > > On Wednesday, 20 December 2017 18:31:03 GMT Mike Gilbert wrote: > > > On Wed, Dec 20, 2017 at 12:39 PM, Mick > wrote: > > > > [1.072525] [drm] Loading RV730 Microcode > > > > [1.072

Re: [gentoo-user] Kernel 4.14.7 no longer switches to VT7

That sounds like a possible issue with your X configuration. Did you double check /etc/conf.d/xdm and the like to make sure that your VT is indeed set to 7. Also double check your display manager configuration. If your manual VT switch works fine I'd suspect a misbehaving display manager possibl