1 files changed, 6 insertions, 151 deletions
diff --git a/core/hardening.html b/core/hardening.html
index 478c911..024c4c9 100644
--- a/core/hardening.html
+++ b/core/hardening.html
@@ -2,20 +2,20 @@
 <html dir="ltr" lang="en">
     <head>
         <meta charset='utf-8'>
-        <title>Hardening</title>
+        <title>2.2. Hardening</title>
     </head>
     <body>
 
-        <a href="index.html">Tools Index</a>
+        <a href="index.html">Core OS Index</a>
 
-        <h1>Hardening</h1>
+        <h1>2.2. Hardening</h1>
 
         <p>Kernel in ports have upstream linux kernel and
         grsecurity patch, it should break some functionality
         for the user and pkgmk user if tpe protection is active.</p>
 
         <pre>
-        $ sudo prt-get depinst gradm paxtest paxd checksec lynis
+        $ sudo prt-get depinst gradm paxtest paxctld checksec lynis
         </pre>
 
         <p>Check <a href="grsecurity.html">grsecurity</a> on how to setup
@@ -40,154 +40,9 @@
 
         <p>Add unnecessary tests to profile to have less noise.</p>
 
-        <h2 id="toolchain">Rebuild Toolchain</h2>
 
-        <p>Add flags to pkgmk configuration and change specific ports that
-        don't build with hardening flags. More information about
-        <a href="https://wiki.archlinux.org/index.php/DeveloperWiki:Security">arch security</a>,
-        gentoo security,
-        <a href="http://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options">gcc</a> instrumentation-options
-        and <a href="http://www.gnu.org/software/libc/manual/html_node/Configuring-and-compiling.html">glibc</a>
-        configuring and compiling. Edit /etc/pkgmk.conf;</p>
-
-        <pre>
-        export CPPFLAGS="-D_FORTIFY_SOURCE=2"
-        export CFLAGS="-O2 -march=native -mtune=native -fstack-protector-strong --param=ssp-buffer-size=4"
-        export CXXFLAGS="${CFLAGS}"
-        export LDFLAGS="-z relro"
-        </pre>
-
-        <h3>Core</h3>
-
-        <p>Ports in core collection that need to be changed in order
-        to build with pkgmk harden configuration.</p>
-
-        <h4>Glibc</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/lfs/view/development/chapter06/glibc.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/glibc">arch</a></li>
-        </ul>
-
-        <pre>
-        export CPPFLAGS=""
-        export CFLAGS="-O2 -march=native -mtune=native"
-        export CXXFLAGS="${CFLAGS}"
-        export LDFLAGS=""
-        </pre>
-
-        <pre>
-        ../$name-${version:0:4}/configure --prefix=/usr \
-                --libexecdir=/usr/lib \
-                --with-headers=$PKG/usr/include \
-                --enable-kernel=3.12 \
-                --enable-add-ons \
-                --enable-static-nss \
-                --disable-profile \
-                --disable-werror \
-                --without-gd \
-                --enable-obsolete-rpc \
-                --enable-multi-arch \
-                --enable-stackguard-randomization \
-                --enable-stack-protector=strong
-        </pre>
-
-        <h4>Gcc</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/lfs/view/development/chapter06/gcc.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/gcc">arch</a></li>
-        </ul>
-
-        <pre>
-        export CPPFLAGS=""
-        export CFLAGS="-O2 -march=native -mtune=native"
-        export CXXFLAGS="${CFLAGS}"
-        export LDFLAGS=""
-        </pre>
-
-        <h4>libcap</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/lfs/view/development/chapter06/libcap.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/libcap">arch</a></li>
-        </ul>
-
-        <h4>bzip2</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/lfs/view/development/chapter06/bzip2.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/bzip2">arch</a></li>
-        </ul>
-
-        <h4>hdparm</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/blfs/view/svn/general/hdparm.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/hdparm">arch</a></li>
-        </ul>
-
-        <h3>Opt</h3>
-
-        <h4>lsof</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/blfs/view/svn/general/lsof.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/lsof">arch</a></li>
-        </ul>
-
-        <h4>python</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/blfs/view/svn/general/python2.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/python2">arch</a></li>
-        </ul>
-
-        <h4>zip</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/blfs/view/svn/general/zip.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/zip">arch</a></li>
-        </ul>
-
-        <h4>glew</h4>
-
-        <ul>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/glew">arch</a></li>
-        </ul>
-
-        <h4>dmenu</h4>
-
-        <ul>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/dmenu">arch</a></li>
-        </ul>
-
-        <h4>Boost</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/blfs/view/svn/general/boost.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/boost">arch</a></li>
-        </ul>
-
-        <pre>
-        export CPPFLAGS=""
-        export CFLAGS="-O2 -march=native -mtune=native"
-        export CXXFLAGS="${CFLAGS}"
-        export LDFLAGS=""
-        </pre>
-
-        <h3>Contrib</h3>
-
-        <h4>gsl</h4>
-
-        <ul>
-            <li><a href="http://www.linuxfromscratch.org/blfs/view/svn/general/gsl.html">lfs</a></li>
-            <li><a href="https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/gsl">arch</a></li>
-        </ul>
-
-
-        <a href="index.html">Tools Index</a>
-        <p>This is part of the c9-doc Manual.
+        <a href="index.html">Core OS Index</a>
+        <p>This is part of the c9 Manual.
         Copyright (C) 2017
         c9 team.
         See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a>