1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Gustavo Zacharias wrote: |
5 |
> gentuxx wrote: |
6 |
> |
7 |
> >> I'm in the process of migrating my U5 system to an SELinux profile. |
8 |
> >> Thanks to Gustavo Zacarias and his excellent kernel work, I've |
9 |
> managed |
10 |
> >> to get through the most of the migration guide (after an ugly battle |
11 |
> >> trying to get a functional hardened-sources kernel). Now I'm sort of |
12 |
> >> at a "time to jump off the cliff" point. I'm booted in the new |
13 |
> >> environment, with the hardened kernel, selinux profile, selinux |
14 |
> policy |
15 |
> >> tools, and selinux base policy. I'm about to run an `emerge -DuatvN |
16 |
> >> world' to pull in all of the remaining selinux-policy packages, and |
17 |
> >> recompile installed packages that need it with the new USE flags. |
18 |
> >> But, alas, if it were only that easy. |
19 |
> >> |
20 |
> >> Emerge fails right away stating "All ebuilds that could satisfy |
21 |
> >> ">=sys-devel/gcc-3.4" have been masked.". All of the versions are |
22 |
> >> masked by profile (and missing keyword). So my question is |
23 |
> three-fold: |
24 |
> |
25 |
> I'd venture to say the SELinux profile hasn't been updated/tested in |
26 |
> some time. It's handled by the selinux/hardened team so we can't help |
27 |
> much there. |
28 |
> |
29 |
> >> 1) If I put '<=sys-devel/gcc-4.2.0 ~sparc' in the |
30 |
> >> /etc/portage/package.keywords file, will that satisfy the masking and |
31 |
> >> allow me to install gcc-4.1.1-r1- even if it's masked by my profile? |
32 |
> >> |
33 |
BTW, I realized rather quickly that this wouldn't work. I had to |
34 |
modify the profile. |
35 |
> >> 2) I am currently running the selinux/2005.1/sparc64 profile. Is |
36 |
> >> there a newer one that would satisfy the above maskings? If so, what |
37 |
> >> do I need to emerge to get it on my system? Portage? I'm already |
38 |
> >> running portage-2.1-r1. |
39 |
> |
40 |
> I'd say try with the current stable toolchain for sparc rather than |
41 |
> venturing into higher things. |
42 |
> |
43 |
OK, are you suggesting that I stick with gcc-3.4.6 then? |
44 |
|
45 |
Also, if I wanted to revert to a NON-SELinux system, would switching |
46 |
my profile and running an `emerge -DuatvN world' work? Or am I |
47 |
looking at a complete reload at this point? |
48 |
> >> 3) Finally, what are your experiences with running a newer (>=4.0) |
49 |
> >> version of gcc on sparc? I want this system to be rock solid, so I'm |
50 |
> >> a little apprehensive about unmasking and running the |
51 |
> >> newest-greatest-fastest gcc, being such a fundamental part of a |
52 |
> gentoo |
53 |
> >> system. |
54 |
> |
55 |
> The greatest and fastest gcc won't let you emerge system as it currently |
56 |
> stands. Mostly other ebuilds need fixing, out of the top of my head |
57 |
> linux-headers needs love and at least kbd will break without it. |
58 |
|
59 |
OK, that may explain the funkiness I'm getting with the keyboard under |
60 |
the 2.6 kernel then, unless I'm misunderstanding you. |
61 |
> |
62 |
> -- |
63 |
> gentux |
64 |
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' |
65 |
> |
66 |
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 |
67 |
> 39E2 18D3 4A9E |
68 |
-----BEGIN PGP SIGNATURE----- |
69 |
Version: GnuPG v1.4.4 (GNU/Linux) |
70 |
|
71 |
iD8DBQFEssAcTPA54hjTSp4RAj7iAJ4gwZObUNj9pDnm0vpaSUhR1xiamACfVL4F |
72 |
4X0KuLxdxmLcNdCfWfhsMA8= |
73 |
=c621 |
74 |
-----END PGP SIGNATURE----- |
75 |
|
76 |
-- |
77 |
gentoo-sparc@g.o mailing list |