From 407525b571b48cfd65e1ad7a02d250a927c967c9 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 1 Dec 2017 03:04:39 +0000 Subject: gentoo resync : 01.12.2017 --- profiles/features/hardened/amd64/package.use | 7 ++++--- profiles/features/hardened/amd64/package.use.force | 7 ------- profiles/features/hardened/make.defaults | 13 ++++++++++++- profiles/features/hardened/package.use.mask | 9 ++++++++- profiles/features/hardened/packages | 2 +- profiles/features/hardened/use.force | 2 +- profiles/features/prefix/package.use.mask | 4 ---- profiles/features/prefix/standalone/legacy/make.defaults | 2 +- 8 files changed, 27 insertions(+), 19 deletions(-) delete mode 100644 profiles/features/hardened/amd64/package.use.force (limited to 'profiles/features') diff --git a/profiles/features/hardened/amd64/package.use b/profiles/features/hardened/amd64/package.use index 0cef7f8d1d92..dff56ad8871d 100644 --- a/profiles/features/hardened/amd64/package.use +++ b/profiles/features/hardened/amd64/package.use @@ -3,10 +3,11 @@ # Magnus Granberg (14 Jan, 2015) # We need to have the pic flag on. -# Bugs 490276, 513464, 523736 and 512208. +# Bugs 358929, 490276, 513464, 523736 and 512208. media-libs/x264 pic media-video/ffmpeg pic media-video/libav pic ->=media-libs/mesa-10.1.6 pic +media-libs/mesa pic media-libs/libpostproc pic ->=media-libs/xvid-1.3.3 pic +media-libs/xvid pic +app-emulation/open-vm-tools pic diff --git a/profiles/features/hardened/amd64/package.use.force b/profiles/features/hardened/amd64/package.use.force deleted file mode 100644 index ef833f2d1b51..000000000000 --- a/profiles/features/hardened/amd64/package.use.force +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# Magnus Granberg (14 Jan, 2015) -# We need to have the pic flag on. -# Bugs 358929 -app-emulation/open-vm-tools pic diff --git a/profiles/features/hardened/make.defaults b/profiles/features/hardened/make.defaults index d83d7eab8856..1f5030f9a41b 100644 --- a/profiles/features/hardened/make.defaults +++ b/profiles/features/hardened/make.defaults @@ -5,7 +5,7 @@ # Rename STAGE1_USE to BOOTSTRAP_USE and stack it to the parent value BOOTSTRAP_USE="${BOOTSTRAP_USE} hardened pic xtpax -jit -orc" -USE="hardened pic urandom xtpax -fortran -jit -orc" +USE="hardened pic xtpax -jit -orc" # Ian Stakenvicius, 2014-09-03 # Set a variable just to indicate that the current profile is a hardened one @@ -13,3 +13,14 @@ USE="hardened pic urandom xtpax -fortran -jit -orc" # indicate said package is, say, configured in a way that defeats the purpose # of running hardened. PROFILE_IS_HARDENED=1 + +# We set the default markings to XATTR_PAX +PAX_MARKINGS="XT" + +# Default starting set of USE flags for all default/linux profiles. +# We unset them so we get a clean use flag profile. +USE="${USE} -berkdb -gdbm -tcpd" +USE="${USE} -fortran" +USE="${USE} -cli -session" +USE="${USE} -dri" +USE="${USE} -modules" diff --git a/profiles/features/hardened/package.use.mask b/profiles/features/hardened/package.use.mask index e3320e1e4d9d..cdab4d608d05 100644 --- a/profiles/features/hardened/package.use.mask +++ b/profiles/features/hardened/package.use.mask @@ -3,9 +3,16 @@ sys-apps/hwloc gl -sys-devel/gcc -hardened +sys-devel/gcc -hardened sanitize sys-libs/glibc -hardened +# Ian Stakenvicius (03 Dec 2014) +# Have no way of knowing what Gecko Media Plugins will install in profiles +www-client/firefox gmp-autoupdate + # net-fs/openafs-kernel module can't be used on hardened, # see bug 540196. net-fs/openafs modules + +# jit don't work on hardened. +dev-vcs/git pcre-jit diff --git a/profiles/features/hardened/packages b/profiles/features/hardened/packages index 2524abdd0c4f..3790c915840d 100644 --- a/profiles/features/hardened/packages +++ b/profiles/features/hardened/packages @@ -1,4 +1,4 @@ -# Copyright 1999-2013 Gentoo Foundation. +# Copyright 1999-2017 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 # This file extends the base packages file for all hardened profiles diff --git a/profiles/features/hardened/use.force b/profiles/features/hardened/use.force index 35e56536ec64..2f57880682b1 100644 --- a/profiles/features/hardened/use.force +++ b/profiles/features/hardened/use.force @@ -1,4 +1,4 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # Make sure people don't accidentally turn of ssp/pie in important packages. diff --git a/profiles/features/prefix/package.use.mask b/profiles/features/prefix/package.use.mask index f02bc5775fe9..fb96f38ce63a 100644 --- a/profiles/features/prefix/package.use.mask +++ b/profiles/features/prefix/package.use.mask @@ -20,10 +20,6 @@ sys-devel/gcc vanilla # (amd64-linux and x86-linux) sci-electronics/gtkwave judy -# Jonathan Callen (22 Feb 2010) -# ppp is not available in Prefix -kde-apps/kdenetwork-meta ppp - # Christian Faulhammer (09 Jan 2010) # hesiod and m17n-lib are not available in Prefix app-editors/emacs-vcs hesiod m17n-lib diff --git a/profiles/features/prefix/standalone/legacy/make.defaults b/profiles/features/prefix/standalone/legacy/make.defaults index 254b730a79c4..22044de87632 100644 --- a/profiles/features/prefix/standalone/legacy/make.defaults +++ b/profiles/features/prefix/standalone/legacy/make.defaults @@ -14,4 +14,4 @@ ac_cv_func_utimensat=no ac_cv_func_pipe2=no # >=python-3 is masked. -PYTHON_TARGETS="-python3_4" +PYTHON_TARGETS="-python3_5" -- cgit v1.2.3