On Wed, 30 Jan 2008 11:49:48 +0100
Alex Schuster <email@example.com> wrote:
> Dan Farrell writes:
> > Alex Schuster <firstname.lastname@example.org> wrote:
> > > I want to harden the gentoo running on my little server, but I'm a
> > > little worried about possible problems. Like, services not coming
> > > up when rebooting after an emerge -e world. Do you see any
> > > possibility for that?
> > Absolutely. These problems can be overcome with a little attention,
> > but outdated config files that were not updated with dispatch-conf
> > or etc-update might not work with newer versions of software.
> Sure. But the system is up to date, emerge -uN world gives nothing.
> It's only the re-compiling of everything with a hardened gcc that
> worries me a little. If something might go wrong there, I would wait
> with re-compiling until I know I have physical access to the machine
> for a while, while most of the time I am away some 100 km from it.
> I must admit that I should know more about the hardened stuff, but I
> thought I'd start with the preparations. Configuring things like Pax
> would come later, when emerge -e world has finished on this slow
> machine (and when I have read all the howtos).
You might consider building packages but not installing them -- I think
could use --buildpkgonly (aka -B) to achieve this end. If the world
emerge with a -B flag finishes successfully, I think that means all
packages were built and you are ready to emerge world with --usepkgonly
(-K) without having to worry about build-time issues that could cause
conflicting packages on the system.
But what does everyone else think?
email@example.com mailing list