Re: [gentoo-dev] New global use-flag [pax_kernel]
On Sunday 25 November 2012 18:57:12 Matthew Thode wrote: pax_kernel is used by 21 packages. The description would generally be 'make changes to the package so it works under a pax enabled kernel'. Currently it is used to either patch or (inclusive) to pax mark. What think you? `paxctl` should be run if it exists, and a hardened profile should list that in its @system imo. that cuts out quite a number of users. as for patches applied to the source, i can't say w/out reading the actual patches if there's a better way (keying off defines, or runtime detection based on errno which we've done in glibc). -mike signature.asc Description: This is a digitally signed message part.
[gentoo-dev] New global use-flag [pax_kernel]
pax_kernel is used by 21 packages. The description would generally be 'make changes to the package so it works under a pax enabled kernel'. Currently it is used to either patch or (inclusive) to pax mark. What think you? -- -- Matthew Thode (prometheanfire) signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] New global use-flag [pax_kernel]
On Sun, Nov 25, 2012 at 3:57 PM, Matthew Thode prometheanf...@gentoo.org wrote: pax_kernel is used by 21 packages. The description would generally be 'make changes to the package so it works under a pax enabled kernel'. Currently it is used to either patch or (inclusive) to pax mark. What think you? This seems more like a profile mixin flag than a normal flagis it set in the hardened profile already? -A -- -- Matthew Thode (prometheanfire)
Re: [gentoo-dev] New global use-flag [pax_kernel]
On 11/25/2012 07:02 PM, Alec Warner wrote: On Sun, Nov 25, 2012 at 3:57 PM, Matthew Thode prometheanf...@gentoo.org wrote: pax_kernel is used by 21 packages. The description would generally be 'make changes to the package so it works under a pax enabled kernel'. Currently it is used to either patch or (inclusive) to pax mark. What think you? This seems more like a profile mixin flag than a normal flagis it set in the hardened profile already? -A it is defined here, but if you use a pax kernel (you don't have to use the hardened profile, though you probably should) you should probably set this flag. /usr/portage/profiles/hardened/linux/make.defaults -- -- Matthew Thode (prometheanfire) -- -- Matthew Thode (prometheanfire) signature.asc Description: OpenPGP digital signature