1 |
Paweł Hajdan, Jr. posted on Thu, 27 Oct 2011 18:08:36 +0200 as excerpted: |
2 |
|
3 |
> On 10/27/11 11:03 AM, "Paweł Hajdan, Jr." wrote: |
4 |
>> In glibc: DEPEND="gcc[hardened?]" |
5 |
>> In gcc: PDEPEND="elibc_glibc? glibc[hardened?]" |
6 |
> |
7 |
> I even got an OK on #gentoo-hardened, but I just realized that EAPI-0 |
8 |
> (that both packages in question use) doesn't allow use deps like |
9 |
> [hardened?]. |
10 |
> |
11 |
> I guess bumping the EAPI on those packages is not an option (is it?), so |
12 |
> I'm going to do some more experiments to see if there are more possible |
13 |
> problems. |
14 |
|
15 |
AFAIK, it's an option, but a tough one. But as with profiles, at some |
16 |
point it's worth considering whether holding back on toolchain EAPI bumps |
17 |
is worth it any longer. It'll need to happen eventually, and AFAIK, for |
18 |
a system without EAPI-1 or 2 or whatever, portage is already borked. |
19 |
Same with the tree in general, since a bash of that vintage isn't going |
20 |
to parse certain ebuilds due to the bash 4.1 thing. |
21 |
|
22 |
Actually, but for the patience of toolchain maintainers, that bump might |
23 |
have already happened. So I guess it's sort of up to them, tho getting |
24 |
the blessing of council on something that big is probably a reasonable |
25 |
idea. But that's probably a good idea for moving toward hardened by |
26 |
default anyway, so I don't see that as a huge block. |
27 |
|
28 |
I'm reminded of the move to cascading profiles... Plus the bash 4.1 |
29 |
thing. At some point, you just accept current reality and move on. But |
30 |
toolchain's say will matter a lot. If they don't believe it's time to |
31 |
leave EAPI-0 for gcc and glibc, I don't think it's worth pushing against |
32 |
them on their own packages. |
33 |
|
34 |
-- |
35 |
Duncan - List replies preferred. No HTML msgs. |
36 |
"Every nonfree program has a lord, a master -- |
37 |
and if you use the program, he is your master." Richard Stallman |