Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

hardened -> desktop switch
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
LukynZ
Apprentice
Apprentice


Joined: 19 Dec 2008
Posts: 230
Location: The Czech Republic
PostPosted: Sun Apr 13, 2014 9:02 am    Post subject: hardened -> desktop switch Reply with quote
Is entire world reemerge really necessary? Or just packages with pax_kernel use flag and gcc itsefl will be fine?
Back to top
View user's profile Send private message
Moonboots
Apprentice
Apprentice


Joined: 02 Dec 2006
Posts: 161
PostPosted: Tue Apr 15, 2014 4:43 pm    Post subject: Re: hardened -> desktop switch Reply with quote
LukynZ wrote:
Is entire world reemerge really necessary? Or just packages with pax_kernel use flag and gcc itsefl will be fine?


Certainly when you change from a hardened profile you're going to lose the "hardened" flag and gain some others that were previously masked.
emerge --newuse etc will reveal those packages that are in need of re-emerging.
Weather you need to re-emerge the entire world i'm not sure, perhaps if there are no problems ?........
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6747
PostPosted: Tue Apr 15, 2014 9:17 pm    Post subject: Reply with quote
After emerging hardened gcc you should recompile everything in order to make use of the hardened CFLAGS which implicitly go with hardened gcc.
Otherwise, your binaries will e.g. not use PIE, even if corresponding support is activated in your kernel.
Back to top
View user's profile Send private message
Moonboots
Apprentice
Apprentice


Joined: 02 Dec 2006
Posts: 161
PostPosted: Wed Apr 16, 2014 6:32 am    Post subject: Reply with quote
mv wrote:
After emerging hardened gcc you should recompile everything in order to make use of the hardened CFLAGS which implicitly go with hardened gcc.
Otherwise, your binaries will e.g. not use PIE, even if corresponding support is activated in your kernel.


Unless I've misread the post he wants to go in the opposite direction ie from a hardened to non-hardened profile (desktop) ?
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6747
PostPosted: Wed Apr 16, 2014 9:11 am    Post subject: Reply with quote
Moonboots wrote:
Unless I've misread the post he wants to go in the opposite direction

That should be no problem. Of course, the binaries will remain slower (e.g. because of the implicit -fstack-protector-all) until recompiled.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy