| 1 |
===================================== |
| 2 |
Title: New 17.0 profiles in the Gentoo repository |
| 3 |
Author: Andreas K. Hüttel <dilfridge@g.o> |
| 4 |
Posted: xxxxxxx |
| 5 |
Revision: 1 |
| 6 |
News-Item-Format: 2.0 |
| 7 |
Display-If-Installed: >=sys-devel/gcc-6.4.0 |
| 8 |
|
| 9 |
We have just added a new set of profiles with release version 17.0 |
| 10 |
to the Gentoo repository. These bring three changes: |
| 11 |
1) The default C++ language version for applications is now C++14. |
| 12 |
This change is mostly relevant to Gentoo developers. It also |
| 13 |
means, however, that compilers earlier than GCC 6 are masked |
| 14 |
and not supported for use as a system compiler anymore. Feel |
| 15 |
free to unmask them if you need them for specific applications. |
| 16 |
2) Where supported, GCC will now build position-independent |
| 17 |
executables (PIE) by default. This improves the overall |
| 18 |
security fingerprint. The switch from non-PIE to PIE binaries, |
| 19 |
however, requires some steps by users, as detailed below. |
| 20 |
3) Up to now, hardened profiles were separate from the default |
| 21 |
profile tree. Now they are moving into the 17.0 profile |
| 22 |
as a feature there, similar to "no-multilib" and "systemd". |
| 23 |
|
| 24 |
Please consider switching from your current 13.0 profile to the |
| 25 |
corresponding 17.0 profile soon after GCC 6.4.0 has been |
| 26 |
stabilized on your architecture. The 13.0 profiles will be deprecated |
| 27 |
and removed in the near future. |
| 28 |
|
| 29 |
Switching involves the following steps: |
| 30 |
If not already done, |
| 31 |
* Use gcc-config to select gcc-6.4.0 (or later) as system compiler |
| 32 |
* Re-source /etc/profile: |
| 33 |
. /etc/profile |
| 34 |
* Re-emerge libtool |
| 35 |
Then, |
| 36 |
* Select the new profile with eselect |
| 37 |
* Re-emerge, in this sequence, the selected gcc, binutils, and glibc |
| 38 |
emerge -1 sys-devel/gcc:6.4.0 |
| 39 |
emerge -1 sys-devel/binutils |
| 40 |
emerge -1 sys-libs/glibc |
| 41 |
* Rebuild your entire system |
| 42 |
emerge -e world |
| 43 |
|
| 44 |
Switching the profile modifies the use-flags of GCC 6 to generate |
| 45 |
PIE executables by default; thus, you need to do the rebuilds |
| 46 |
even if you already used GCC 6 beforehand. |
| 47 |
|
| 48 |
If you do not follow these steps you may get spurious build |
| 49 |
failures when the linker tries unsuccessfully to combine non-PIE |
| 50 |
and PIE code. |
| 51 |
===================================== |
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
-- |
| 56 |
Andreas K. Hüttel |
| 57 |
dilfridge@g.o |
| 58 |
Gentoo Linux developer (council, perl, libreoffice) |
Archives