> Also, if I wanted to revert to a NON-SELinux system, would switching
> my profile and running an `emerge -DuatvN world' work? Or am I
> looking at a complete reload at this point?
I would probably rebuild the toolchain, then emerge -e system, then emerge -e world. I used the emwrap.sh script found in the forums to help with this on my Sunblade 100. I realize the jury is still out on this (and particularly this script), but it made sense to me given how everything is linked. I am still a little confused on the proper arguments to use (horrible documentation), but I believe emwrap.sh -Sb1 will rebuild the toolchain, then the system minus the toolchain. Then running emwrap.sh -W takes care of the world.
Running though this exercise solved a lot of the general weirdness that was going on after I switched from 2006.0/2.4 to the 2006.0/2.6 profile.
From: gentuxx [mailto:gentuxx@...]
Sent: Monday, July 10, 2006 5:01 PM
Subject: Re: [gentoo-sparc] >=sys-devel/gcc-3.4 on Sparc U5 SeLinux
-----BEGIN PGP SIGNED MESSAGE-----
Gustavo Zacharias wrote:
> gentuxx wrote:
> >> I'm in the process of migrating my U5 system to an SELinux profile.
> >> Thanks to Gustavo Zacarias and his excellent kernel work, I've
> >> to get through the most of the migration guide (after an ugly battle
> >> trying to get a functional hardened-sources kernel). Now I'm sort of
> >> at a "time to jump off the cliff" point. I'm booted in the new
> >> environment, with the hardened kernel, selinux profile, selinux
> >> tools, and selinux base policy. I'm about to run an `emerge -DuatvN
> >> world' to pull in all of the remaining selinux-policy packages, and
> >> recompile installed packages that need it with the new USE flags.
> >> But, alas, if it were only that easy.
> >> Emerge fails right away stating "All ebuilds that could satisfy
> >> ">=sys-devel/gcc-3.4" have been masked.". All of the versions are
> >> masked by profile (and missing keyword). So my question is
> I'd venture to say the SELinux profile hasn't been updated/tested in
> some time. It's handled by the selinux/hardened team so we can't help
> much there.
> >> 1) If I put '<=sys-devel/gcc-4.2.0 ~sparc' in the
> >> /etc/portage/package.keywords file, will that satisfy the masking and
> >> allow me to install gcc-4.1.1-r1- even if it's masked by my profile?
BTW, I realized rather quickly that this wouldn't work. I had to
modify the profile.
> >> 2) I am currently running the selinux/2005.1/sparc64 profile. Is
> >> there a newer one that would satisfy the above maskings? If so, what
> >> do I need to emerge to get it on my system? Portage? I'm already
> >> running portage-2.1-r1.
> I'd say try with the current stable toolchain for sparc rather than
> venturing into higher things.
OK, are you suggesting that I stick with gcc-3.4.6 then?
Also, if I wanted to revert to a NON-SELinux system, would switching
my profile and running an `emerge -DuatvN world' work? Or am I
looking at a complete reload at this point?
> >> 3) Finally, what are your experiences with running a newer (>=4.0)
> >> version of gcc on sparc? I want this system to be rock solid, so I'm
> >> a little apprehensive about unmasking and running the
> >> newest-greatest-fastest gcc, being such a fundamental part of a
> >> system.
> The greatest and fastest gcc won't let you emerge system as it currently
> stands. Mostly other ebuilds need fixing, out of the top of my head
> linux-headers needs love and at least kbd will break without it.
OK, that may explain the funkiness I'm getting with the keyboard under
the 2.6 kernel then, unless I'm misunderstanding you.
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0
> 39E2 18D3 4A9E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
-----END PGP SIGNATURE-----
email@example.com mailing list
firstname.lastname@example.org mailing list