| 1 |
On Mon, Mar 21, 2011 at 8:26 AM, "Paweł Hajdan, Jr." wrote: |
| 2 |
> On 3/17/11 11:18 PM, Mike Frysinger wrote: |
| 3 |
>> also, this code is run at the pkg_* stage, so it's not the normal src host |
| 4 |
>> feature detection. and we're talking about minor output behavior. |
| 5 |
> |
| 6 |
> Is calling pax-mark in src_compile a misuse then? At least one ebuild I |
| 7 |
> maintain does that (and at least in one case it'd have to be either in |
| 8 |
> src_compile or src_test because the test binary has to be pax-mark-ed). |
| 9 |
|
| 10 |
because the PaX markings live in the ELF itself, calling in src_* is |
| 11 |
valid. i might even propose that this should be done only in src_* |
| 12 |
steps and not the pkg_* steps. the less crap needed to execute at |
| 13 |
pkg_* time the better. |
| 14 |
|
| 15 |
> By the way, what do you think about using the "hardened" USE flag to |
| 16 |
> control the elog behavior, and forcing it on the hardened profile? In my |
| 17 |
> opinion it's a bit hacky. |
| 18 |
|
| 19 |
not worth the time |
| 20 |
|
| 21 |
> Would it make more sense to scan all installed files in pkg_postinst for |
| 22 |
> pax-mark-ed files, and then elog something? |
| 23 |
|
| 24 |
that'd work for me, and would make the output much more concise |
| 25 |
-mike |
Archives