Gentoo, a friend of Devuan's run in Qemu/Libvirt with grsecurity policy enabled (12)
(No. 0) No. 1 No. 2 No. 3 No. 4 No. 5 No. 6 No. 7 No. 8 No. 9 No. 10 No. 11 No. 12 No. 13 No. 14
To understand how much work it is for me (and the American very dear to me, to whom lots of us are thankful for his privacy-friendly revelations, so useful for democracy in the world, is quoted to have said how --paraphrasing-- grsecurity is too hard to be easily used by the general public), you should visit the developing topic in the grsecurity forumsLibvirt virtualization policies
So, I installed --in the libvirt way-- Gentoo installation CD with virt-install, and ran it with virt-viewer.
Importantly, virt-install is part of my sans-dbus virt-manager installation. dbus --or d-bus-- is not in my system, it's a dangerous friend of systemd's, I don't want it at home here:GUI-less (non-dbus) virt-manager (to run Tails in Gentoo)
First I had to run it with grsecurity's RBAC policy disabled.
Then I eventually (see how complex it is in the grsecurity forums topic linked above) figured out what was missing in the policy, and I ran it with grsecurity enabled --with the programs around libvirt in learning mode.
The files necessary for this study are listed in:
dump_170306_0026_g0n.pcap dump_170306_0026_g0n_SSLKEYLOGFILE.txt dump_170306_1430_g0n.pcap Screen_170306_0026_g0n.webm Screen_170306_1430_g0n.webmand verify to: ls-1pg12.sum signed by: ls-1pg12.sum.asc
You might find dump_dlo.sh script from my uncenz program more useful then downloading each file separately.