On Thu, Jul 14, 2011 at 8:41 AM, Anthony G. Basile <bluen...@gentoo.org> wrote: > Hi Markus, > > It looks like you missed something in the process. The steps to > converting are (skipping details): > > 1) switch profile > 2) recompile the toolchain: emerge glibc gcc binutils > 3) recompile system: emerge -e system > 4) recompile world: emerge -e world > > If you didn't do these, its possible you have some binaries left that > will trigger pax violations.
<snip> > -- > Anthony G. Basile, Ph.D. > Gentoo Linux Developer [Hardened] > E-Mail : bluen...@gentoo.org > GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 > GnuPG ID : D0455535 I might add a step in there after #2, lets call it step "2+to-be-sure" check the output of gcc-config -l and select the hardened gcc if its not been selected already. Its been a long time since I did a non- to a hardened system conversion, so I am uncertain whether this is in fact necessary. In any case it cannot hurt anything to simply check the situation out. -- M. Summers "...there are no rules here -- we're trying to accomplish something." - Thomas A. Edison
