1 |
On 07/16/2011 12:55 PM, "Paweł Hajdan, Jr." wrote: |
2 |
> On 7/15/11 3:51 AM, Anthony G. Basile wrote: |
3 |
>> So, here's the glitch. For example, in dev-lang/mono, following the |
4 |
>> above plan, we would drop the "hardened" flag, remove |
5 |
>> |
6 |
>> DEPEND=" ... hardened? ( sys-apps/paxctl )" |
7 |
> In the cited scenario, if you're not inheriting the pax-utils eclass, |
8 |
> you can keep paxctl undonditionally in DEPEND. It's a rather lightweight |
9 |
> dependency I think. |
10 |
> |
11 |
>> But this assumes that paxctl is on the user's system which is not |
12 |
>> guaranteed unless the users has emerged hardened-sources (which will |
13 |
>> depend on paxctl). scanelf would have to be the replacement in such |
14 |
>> cases because it is guaranteed to be there by the profiles. |
15 |
> Yeah, I think the pax-utils eclass handles that fallback, it's just not |
16 |
> used by the ebuild (it seems a bit harder here because of the sed call). |
17 |
> |
18 |
|
19 |
Looks like the list discussion on this issues is petering out. I've |
20 |
opened up a tracker [1]. I'll start going through the tree an opening |
21 |
up bugs against ebuilds that should be discussed. I'm leaning towards |
22 |
Mike's suggestion and avoiding another global use flag. Let's see where |
23 |
the discussion goes on the bugs. |
24 |
|
25 |
|
26 |
Ref. |
27 |
|
28 |
[1] https://bugs.gentoo.org/show_bug.cgi?id=375561 |
29 |
|
30 |
-- |
31 |
Anthony G. Basile, Ph.D. |
32 |
Gentoo Linux Developer [Hardened] |
33 |
E-Mail : blueness@g.o |
34 |
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 |
35 |
GnuPG ID : D0455535 |