Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Setup for special gentoo: hardened, calling convention,...
View unanswered posts
View posts from last 24 hours

Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message

Joined: 08 Sep 2006
Posts: 2

PostPosted: Thu Sep 14, 2006 11:56 pm    Post subject: Setup for special gentoo: hardened, calling convention,... Reply with quote

I am planning to build up a gentoo system with some rarely used and/or very young features.

Before doing so I need to collect some more information to avoid running in trouble, e.g. by trying to combine things that do not fit together. Please read this posting as a call for feedback.

I think some of these techniques and features will be standard in end-user desktop/pda/mobile phone linux systems in 1-5 years.

    1. Reiser4 FS
    Although probably not rock solid at the very time (summer '06), there are enough reports of reiser4 FS running stable for several month. Can grub read a Reiser4 partition?
    Are there any pitfalls with Reiser4?

    2. The "hardened gentoo" setup; maybe with an additional/alternative special memory tracker to detect buffer overflows or avoid them at all
    Several malloc libraries exist that provide stack protection and memory leak and buffer overflow detection; some also provide garbage collection.
    Do you have experience with one of these? Can you compare them? How does "hardened gentoo" compare to them?
    Does wine and X run? Does grub work?
    FYI the "hardened gentoo" setup provides executable protected memory regions, a fine grained access rights management and a memory tracker to detect buffer overflows.

    3. Compile flags: Standard calling convention and parameters in registers
    I want these optimizations system wide. Do I have to expect any other trouble than binary packages (e.g. graphics device drivers) will not run? Does wine, X (Xorg) run? What other software does make trouble?
    What is the over-all runtime speedup? 3, 5, 10%? Is it worth the effort and/or trouble? (If it's so easy to identify a 5-10% speedup I can probably find 2-5 other topics to tune easily, maybe distinct for different systems based on a simple automated system analysis, summing up to 25-50%)

    4. password-less root account
    IMHO the Ubuntu way with a password-less root account and adding administrator users to the wheel group is superior to the standard UNIX way.
    Is this technique compatible with the fine grained access right management in "hardened gentoo" setup? (I.e. corresponding groups for password-less administrators for different tasks)
    Do you have experience patching a GUI (KDE,Gnome) for this?
    Are the standard gentoo admin utilities prepared for this?

    5. Interactive performance
    Did anyone try pre-compiled bash, perl or python startup scripts? Are you aware of a make-like mechanism to watch these files and re-compile when needed (e.g. a daemon using FAM)?
    Do (which do not?) filesystems group together blocks that are commonly read in the same sequence? Do they store most-read blocks at the fastest areas on disk? Do patches exist that do this?
    Do you have experience dalaying start-up tasks after graphical login?
    My neighbor, a musician, just installed Agnula Linux (a Debian derivate tuned for sound recording and music production) and this system has impressive desktop performance on a 4 year old hardware. I will certainly have a look at that. For sure some of the tweaks they did will be valuable to tune common desktop performance, too.

    6. GCC hacking
    Where can I find good resources about dynamic compiling?
    Probably there are many pitfalls with dynamic compiling and hardened gentoo?!

    Desktop firewall
    Which one is suitable for the avarage user? Does a zero-conf firewall exist?

Other questions

    - Can I start this with one of the Reiser4 enabled gentoo install CD's or do I have to do a stage1 installation from a LiveCD (I have Kubuntu)?
    - Is there a repository for localized keyboard mappings and foreign language translations for grub?
    - Is there a repository for a systematicly categorized database for hardware detection and the hardware piece's special setup? (E.g. I _once_ get to run suspend to disk on my laptop 2 years ago but some day I re-installed linux and forgot how to do it again)
    - distcc: I have access to a pool of 4 or 5 networked computers running Debian, Ubuntu and Solaris. Is the effort installing and maintaining distcc worth the compilation speedup?

Please do not quote the whole article, only the keyword or sentence you are corresponding.
Thanks in advance
Back to top
View user's profile Send private message

Joined: 09 Apr 2004
Posts: 10974
Location: the dutch mountains

PostPosted: Fri Sep 15, 2006 4:55 pm    Post subject: Reply with quote

Moved from Installing Gentoo to Gentoo Chat.
Lots of questions that have little to do with a normal gentoo install using the handbook. Therefore moved here.
Please add [solved] to the initial post's subject line if you feel your problem is resolved. Help answer the unanswered

talk is cheap. supply exceeds demand
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum