User Tools
linux_hardened
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
linux_hardened [2018/02/07 17:38] val [Hardened Gentoo] |
linux_hardened [2020/06/23 20:55] val [Hardened Gentoo] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| ===== Hardened Gentoo ===== | ===== Hardened Gentoo ===== | ||
| - | * [[https://wiki.gentoo.org/wiki/Hardened/Introduction_to_Hardened_Gentoo|Introduction to Hardened Gentoo]] | ||
| - | * [[https://wiki.gentoo.org/wiki/Hardened_Gentoo/ru|Hardened Gentoo]] | ||
| - | * [[Управление ядром и модулями в Linux#Сборка ядра в Gentoo]] | ||
| * Видео урок: [[https://youtu.be/-6aM7q27NbM|Использование GRSecurity в Gentoo]] | * Видео урок: [[https://youtu.be/-6aM7q27NbM|Использование GRSecurity в Gentoo]] | ||
| + | |||
| + | * [[https://wiki.gentoo.org/wiki/Hardened/Introduction_to_Hardened_Gentoo|Introduction to Hardened Gentoo]] | ||
| + | * [[https://wiki.gentoo.org/wiki/Hardened_Gentoo/ru|Hardened Gentoo]] (ru) | ||
| + | |||
| <code> | <code> | ||
| - | HW: 2048GB 2CPU, HDD 16Gb (удалил /usr/src/) | + | gentoo ~ # eselect profile list |
| + | ... | ||
| + | [27] default/linux/amd64/17.1/no-multilib/hardened (stable | ||
| + | ... | ||
| + | gentoo ~ # eselect profile set 27 | ||
| - | gentoo ~ # rm /usr/src | + | gentoo ~ # source /etc/profile |
| gentoo ~ # time emerge --oneshot gcc | gentoo ~ # time emerge --oneshot gcc | ||
| Line 19: | Line 24: | ||
| user 127m57.571s | user 127m57.571s | ||
| sys 13m31.611s | sys 13m31.611s | ||
| + | |||
| + | real 615m28.005s | ||
| + | user 580m34.331s | ||
| + | sys 31m48.699s | ||
| gentoo ~ # time emerge --oneshot binutils virtual/libc | gentoo ~ # time emerge --oneshot binutils virtual/libc | ||
| Line 29: | Line 38: | ||
| user 41m13.918s | user 41m13.918s | ||
| sys 12m43.084s | sys 12m43.084s | ||
| + | </code> | ||
| - | gentoo ~ # emerge --ask hardened-sources | + | * [[Управление ядром и модулями в Linux#Сборка ядра в Gentoo]] |
| - | gentoo ~ # echo "=sys-kernel/hardened-sources-4.8.17-r2" >> /etc/portage/package.unmask | + | ===== Hardened Debian ===== |
| - | gentoo ~ # emerge --ask hardened-sources | + | |
| - | # make defconfig | ||
| - | |||
| - | ... | ||
| - | |||
| - | gentoo /usr/src/linux # time make -j3 | ||
| - | |||
| - | real 20m6.287s | ||
| - | user 34m28.865s | ||
| - | sys 4m4.605s | ||
| - | |||
| - | ... | ||
| - | |||
| - | ... | ||
| - | |||
| - | grub-mkconfig -o /boot/grub/grub.cfg | ||
| - | </code> | ||
| - | ===== Hardened Debian/Ubuntu ===== | ||
| - | |||
| - | * [[http://compilefailure.blogspot.ru/2011/02/grsecurity-patched-ubuntu-server-lts.html|grsecurity patched kernel for Ubuntu server (LTS)]] | ||
| * [[https://wiki.debian.org/Hardening|Hardening Debian]] | * [[https://wiki.debian.org/Hardening|Hardening Debian]] | ||
| - | <code> | ||
| - | # cd /usr/src | ||
| - | |||
| - | # wget http://grsecurity.net/stable/grsecurity-X.X.X-X.X.X-201XXXXXXXX.patch | ||
| - | |||
| - | # cd linux-* | ||
| - | |||
| - | # patch -p1 < ../grsecurity-X.X.X-X.X.X-201XXXXXXXX.patch | ||
| - | |||
| - | # apt-get install gcc-4.6-plugin-dev | ||
| - | </code> | ||
linux_hardened.txt · Last modified: 2020/06/23 21:51 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
