Kindly support DOTSLASHLINUX on Patreon to keep the website up and running while remaining ads free.
|2||[∗] Gentoo Linux support --->||Click Here|
|3||General setup --->||Click Here|
|4||[∗] Enable loadable module support --->||Click Here|
|5||[∗] Enable the block layer --->||Click Here|
|6||Processor type and features --->||Click Here|
|7||Power management and ACPI options --->||Click Here|
|8||Bus options (PCI etc.) --->||Click Here|
|9||Executable file formats / Emulations --->||Click Here|
|10||[∗] Networking support --->||Click Here|
|11||Device Drivers --->||Click Here|
|12||Firmware Drivers --->||Click Here|
|13||File systems --->||Click Here|
|14||Kernel hacking --->||Click Here|
|15||Security options --->||Click Here|
|16||-∗- Cryptographic API --->||Click Here|
|17||[∗] Virtualization --->||Click Here|
|18||Library routines --->||Click Here|
Kernel Sources: sys-kernel/gentoo-sources Kernel Version: 4.14.12 Last Updated on: 06/01/2018 Update Notice: 1- Excluded 'CONFIG_PAGE_TABLE_ISOLATION' in 'Security options --->' 2- Included 'CONFIG_STANDALONE' in 'Device Drivers --->' 3- Included 'CONFIG_PREVENT_FIRMWARE_BUILD' in 'Device Drivers --->' 4- Included 'CONFIG_X86_5LEVEL' in 'Processor type and features --->' 5- Included 'CONFIG_ORC_UNWINDER' in 'Kernel hacking --->' 6- Excluded QEMU-virtualization-related options in favor of VirtualBox 7- Excluded swap-related options 8- Excluded 32-bit support 9- Switched from XFS to EXT4 Priorities: 1- high performance 2- minimal 3- low memory footprint 4- small size 5- power saving 6- security 7- low-latency Total Options: 2469 (grep -c 'CONFIG_' DOTSLASHLINUX.config) Included Options: 645 (grep -c '=y' DOTSLASHLINUX.config) Excluded Options: 1761 (grep -c 'is not set' DOTSLASHLINUX.config) Final Size (LZ4): 5,644,240 Bytes Patches Applied: 1- UKSM-4.14 Patch (https://github.com/dolohow/uksm/blob/master/uksm-4.14.patch) Contributors: Firas Khalil Khana [irc: firas] [email: email@example.com] Side Notes: 1- Options that aren't listed here are excluded [ ]. 2- These guides provide users with a solid starting setup to build on. 3- These guides are constantly being updated. 4- If there's something I didn't explain properly or I misexplained then please do let me know either by kindly leaving a comment below or by sending me an email on: firstname.lastname@example.org
While security is important, it isn’t a high priority in this series (although we’ve gone through some options related to security).
You know what they say “There isn’t a 100% secure system”. You have to find the right balance between conveniency, usability and security otherwise you can easily render a system unusable if you beefed security up to an insane level.
I’d recommend (at least as a starting point) that you leave all options in this section excluded (or only include those required by other options).
Help: Select the security module that will be used by default if the kernel parameter security= is not specified.
Symbol: CONFIG_DEFAULT_SECURITY_DAC Help: There is no help available for this option. Type: boolean Choice: built-in (X) Reason: It's highly recommended that you include this option in your kernel (that is if it isn't already forcibly included as it's the only option available on many systems).