1 |
On 7/15/11 3:51 AM, Anthony G. Basile wrote: |
2 |
> So, here's the glitch. For example, in dev-lang/mono, following the |
3 |
> above plan, we would drop the "hardened" flag, remove |
4 |
> |
5 |
> DEPEND=" ... hardened? ( sys-apps/paxctl )" |
6 |
|
7 |
In the cited scenario, if you're not inheriting the pax-utils eclass, |
8 |
you can keep paxctl undonditionally in DEPEND. It's a rather lightweight |
9 |
dependency I think. |
10 |
|
11 |
> But this assumes that paxctl is on the user's system which is not |
12 |
> guaranteed unless the users has emerged hardened-sources (which will |
13 |
> depend on paxctl). scanelf would have to be the replacement in such |
14 |
> cases because it is guaranteed to be there by the profiles. |
15 |
|
16 |
Yeah, I think the pax-utils eclass handles that fallback, it's just not |
17 |
used by the ebuild (it seems a bit harder here because of the sed call). |