FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

 
 
LinkBack Thread Tools
 
Old 01-11-2008, 07:38 PM
Tobias Scherbaum
 
Default Fwd: hardened gentoo mailman/postfix/apache notes?

Hi Baojun,

late response though, but I came across the same problem just today and
found your post

Wang, Baojun wrote:
> Now I think all the configuration is working but the permission have some
> problem, since I'm using gentoo hardened, I think the problems are because
> I'm using hardened gentoo, How can I solve this problem, and any hints?

When using TPE use the following Kernel-Options (you might want to
select another gid):

CONFIG_GRKERNSEC_TPE=y
# CONFIG_GRKERNSEC_TPE_ALL is not set
CONFIG_GRKERNSEC_TPE_INVERT=y
CONFIG_GRKERNSEC_TPE_GID=2000

after booting the fresh-built kernel create a new group "tpeexcl" with
gid 2000, add both mailman and apache users to the "tpeexcl" group,
mailman and its webinterface now should work.

hth,
Tobias

PS: I'd suggest deploying the -r2 (currently _not_ marked stable) which
uses "proper" paths (i.e. doesn't install to /usr/local plus separates
application binaries (/usr) from application data (/var)).
--
Gentoo Linux - Die Metadistribution
http://www.mitp.de/1769

--
gentoo-hardened@lists.gentoo.org mailing list
 

Thread Tools




All times are GMT. The time now is 09:56 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org