[gentoo-dev] [PATCH] Convert 'apparmor' to a global USE flag - gentoo-dev

From:	Mike Gilbert <floppym@g.o>
To:	gentoo-dev@l.g.o
Cc:	kensington@g.o, hardened@g.o, Mike Gilbert <floppym@g.o>
Subject:	[gentoo-dev] [PATCH] Convert 'apparmor' to a global USE flag
Date:	Fri, 09 Sep 2022 16:08:08
Message-Id:	`20220909160735.787136-1-floppym@gentoo.org`

1

Signed-off-by: Mike Gilbert <floppym@g.o>

2

---

3

 app-benchmarks/stress-ng/metadata.xml  | 1 -

4

 app-containers/containerd/metadata.xml | 1 -

5

 app-containers/docker/metadata.xml     | 3 ---

6

 app-containers/lxc/metadata.xml        | 1 -

7

 app-containers/lxd/metadata.xml        | 3 ---

8

 app-containers/podman/metadata.xml     | 3 ---

9

 app-containers/runc/metadata.xml       | 3 ---

10

 app-containers/snapd/metadata.xml      | 3 ---

11

 app-emulation/libvirt/metadata.xml     | 1 -

12

 media-libs/libextractor/metadata.xml   | 1 -

13

 profiles/use.desc                      | 1 +

14

 sys-apps/dbus-broker/metadata.xml      | 1 -

15

 sys-apps/systemd/metadata.xml          | 1 -

16

 13 files changed, 1 insertion(+), 22 deletions(-)

17

18

diff --git a/app-benchmarks/stress-ng/metadata.xml b/app-benchmarks/stress-ng/metadata.xml

19

index 70cc3234093..70bbe8858a5 100644

20

--- a/app-benchmarks/stress-ng/metadata.xml

21

+++ b/app-benchmarks/stress-ng/metadata.xml

22

@@ -14,7 +14,6 @@

23

 		and over 20 virtual memory stress tests.

24

 	</longdescription>

25

 	<use>

26

-		<flag name="apparmor">Add support for AppArmor.</flag>

27

 	</use>

28

 	<upstream>

29

 		<bugs-to>https://github.com/ColinIanKing/stress-ng/issues</bugs-to>

30

diff --git a/app-containers/containerd/metadata.xml b/app-containers/containerd/metadata.xml

31

index 5641ef37219..5d63e8606e9 100644

32

--- a/app-containers/containerd/metadata.xml

33

+++ b/app-containers/containerd/metadata.xml

34

@@ -17,7 +17,6 @@

35

 		<name>Georgy Yakovlev</name>

36

 	</maintainer>

37

 	<use>

38

-	<flag name="apparmor">Support for AppArmor</flag>

39

 	<flag name="btrfs">Support for BTRFS snapshot driver</flag>

40

 	<flag name="cri">Support for Kubernetes CRI</flag>

41

 	<flag name="device-mapper">Support for device mapper snapshot driver</flag>

42

diff --git a/app-containers/docker/metadata.xml b/app-containers/docker/metadata.xml

43

index bc364de188b..5f163941881 100644

44

--- a/app-containers/docker/metadata.xml

45

+++ b/app-containers/docker/metadata.xml

46

@@ -21,9 +21,6 @@

47

 			Enables dependencies for the "aufs" graph driver, including

48

 			necessary kernel flags.

49

 		</flag>

50

-		<flag name="apparmor">

51

-			Enable AppArmor support.

52

-		</flag>

53

 		<flag name="btrfs">

54

 			Enables dependencies for the "btrfs" graph driver, including

55

 			necessary kernel flags.

56

diff --git a/app-containers/lxc/metadata.xml b/app-containers/lxc/metadata.xml

57

index 8c08b596f2e..2d20f0346cc 100644

58

--- a/app-containers/lxc/metadata.xml

59

+++ b/app-containers/lxc/metadata.xml

60

@@ -10,7 +10,6 @@

61

     <name>Gentoo Virtualization Project</name>

62

   </maintainer>

63

   <use>

64

-    <flag name="apparmor">Enable AppArmor support</flag>

65

     <flag name="io-uring">Enable io_uring support, and use io_uring instead of epoll</flag>

66

     <flag name="tools">Build and install additional command line tools</flag>

67

   </use>

68

diff --git a/app-containers/lxd/metadata.xml b/app-containers/lxd/metadata.xml

69

index a666d3414c4..dd209643cdb 100644

70

--- a/app-containers/lxd/metadata.xml

71

+++ b/app-containers/lxd/metadata.xml

72

@@ -9,9 +9,6 @@

73

     <email>virtualization@g.o</email>

74

     <name>Gentoo Virtualization Project</name>

75

   </maintainer>

76

-  <use>

77

-    <flag name="apparmor">Enable AppArmor support</flag>

78

-  </use>

79

   <longdescription>

80

     LXD is a modern, secure and powerful system container and virtual machine manager.

81

82

diff --git a/app-containers/podman/metadata.xml b/app-containers/podman/metadata.xml

83

index 11d7dc7603d..3a429ae4898 100644

84

--- a/app-containers/podman/metadata.xml

85

+++ b/app-containers/podman/metadata.xml

86

@@ -15,9 +15,6 @@

87

 		and volumes.

88

 	</longdescription>

89

 	<use>

90

-		<flag name="apparmor">

91

-			Enable AppArmor support.

92

-		</flag>

93

 		<flag name="btrfs">

94

 			Enables dependencies for the "btrfs" graph driver, including

95

 			necessary kernel flags.

96

diff --git a/app-containers/runc/metadata.xml b/app-containers/runc/metadata.xml

97

index d27ad6413b0..76423a90314 100644

98

--- a/app-containers/runc/metadata.xml

99

+++ b/app-containers/runc/metadata.xml

100

@@ -14,9 +14,6 @@

101

 		<name>Georgy Yakovlev</name>

102

 	</maintainer>

103

 	<use>

104

-		<flag name="apparmor">

105

-			Enable AppArmor support.

106

-		</flag>

107

 		<flag name="kmem">

108

 			Enable Kernel Memory Accounting.

109

 		</flag>

110

diff --git a/app-containers/snapd/metadata.xml b/app-containers/snapd/metadata.xml

111

index 0109791c93f..730665fd01e 100644

112

--- a/app-containers/snapd/metadata.xml

113

+++ b/app-containers/snapd/metadata.xml

114

@@ -9,9 +9,6 @@

115

 		<remote-id type="github">snapcore/snapd</remote-id>

116

 	</upstream>

117

 	<use>

118

-		<flag name="apparmor">

119

-			Enable AppArmor support.

120

-		</flag>

121

 		<flag name="forced-devmode">

122

 			Automatically disable application confinement if feature detection fails.

123

 		</flag>

124

diff --git a/app-emulation/libvirt/metadata.xml b/app-emulation/libvirt/metadata.xml

125

index aa7a5f87067..9784c19f417 100644

126

--- a/app-emulation/libvirt/metadata.xml

127

+++ b/app-emulation/libvirt/metadata.xml

128

@@ -52,7 +52,6 @@

129

 			Support management of VirtualBox virtualisation (<pkg>app-emulation/virtualbox</pkg>)

130

 		</flag>

131

 		<!-- Miscellaneous flags -->

132

-		<flag name="apparmor">Enable AppArmor support</flag>

133

 		<flag name="dtrace">Enable dtrace support via <pkg>dev-util/systemtap</pkg></flag>

134

 		<flag name="fuse">Allow LXC to use <pkg>sys-fs/fuse</pkg> for mountpoints</flag>

135

 		<flag name="numa">

136

diff --git a/media-libs/libextractor/metadata.xml b/media-libs/libextractor/metadata.xml

137

index c746a433d52..bcc04da57cc 100644

138

--- a/media-libs/libextractor/metadata.xml

139

+++ b/media-libs/libextractor/metadata.xml

140

@@ -3,7 +3,6 @@

141

 <pkgmetadata>

142

   <!--maintainer-needed-->

143

   <use>

144

-    <flag name="apparmor">Enable apparmor support using <pkg>sys-libs/libapparmor</pkg></flag>

145

     <flag name="archive">Enable archive support using <pkg>app-arch/libarchive</pkg></flag>

146

     <flag name="gsf">Enable OLE2 (MS Office) plug-in support using <pkg>gnome-extra/libgsf</pkg></flag>

147

     <flag name="midi">Enable MIDI support through <pkg>media-libs/libsmf</pkg></flag>

148

diff --git a/profiles/use.desc b/profiles/use.desc

149

index 6438ef0eab9..83c3e70d13c 100644

150

--- a/profiles/use.desc

151

+++ b/profiles/use.desc

152

@@ -18,6 +18,7 @@ ao - Use libao audio output library for sound playback

153

 apache2 - Add Apache2 support

154

 aqua - Include support for the Mac OS X Aqua (Carbon/Cocoa) GUI

155

 atm - Enable Asynchronous Transfer Mode protocol support

156

+apparmor - Enable support for the AppArmor application security system

157

 appindicator - Build in support for notifications using the libindicate or libappindicator plugin

158

 audiofile - Add support for libaudiofile where applicable

159

 audit - Enable support for Linux audit subsystem using sys-process/audit

160

diff --git a/sys-apps/dbus-broker/metadata.xml b/sys-apps/dbus-broker/metadata.xml

161

index 38ad8e3af8d..4c5fa33d8b0 100644

162

--- a/sys-apps/dbus-broker/metadata.xml

163

+++ b/sys-apps/dbus-broker/metadata.xml

164

@@ -6,7 +6,6 @@

165

 		<name>Mike Gilbert</name>

166

 	</maintainer>

167

 	<use>

168

-		<flag name="apparmor">Enable AppArmor support</flag>

169

 		<flag name="launcher">dbus-daemon compatibility launcher</flag>

170

 	</use>

171

 </pkgmetadata>

172

diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml

173

index d258d4fa7cf..34a269d81d8 100644

174

--- a/sys-apps/systemd/metadata.xml

175

+++ b/sys-apps/systemd/metadata.xml

176

@@ -9,7 +9,6 @@

177

 		<subslots>Incremented for ABI breaks in libudev or libsystemd</subslots>

178

 	</slots>

179

 	<use>

180

-		<flag name="apparmor">Enable AppArmor support</flag>

181

 		<flag name="audit">Enable support for <pkg>sys-process/audit</pkg></flag>

182

 		<flag name="cgroup-hybrid">Default to hybrid (legacy) cgroup hierarchy instead of unified (modern).</flag>

183

 		<flag name="curl">Enable support for uploading journals</flag>

184

--

185

2.37.3

1	Signed-off-by: Mike Gilbert <floppym@g.o>
2	---
3	app-benchmarks/stress-ng/metadata.xml \| 1 -
4	app-containers/containerd/metadata.xml \| 1 -
5	app-containers/docker/metadata.xml \| 3 ---
6	app-containers/lxc/metadata.xml \| 1 -
7	app-containers/lxd/metadata.xml \| 3 ---
8	app-containers/podman/metadata.xml \| 3 ---
9	app-containers/runc/metadata.xml \| 3 ---
10	app-containers/snapd/metadata.xml \| 3 ---
11	app-emulation/libvirt/metadata.xml \| 1 -
12	media-libs/libextractor/metadata.xml \| 1 -
13	profiles/use.desc \| 1 +
14	sys-apps/dbus-broker/metadata.xml \| 1 -
15	sys-apps/systemd/metadata.xml \| 1 -
16	13 files changed, 1 insertion(+), 22 deletions(-)
17
18	diff --git a/app-benchmarks/stress-ng/metadata.xml b/app-benchmarks/stress-ng/metadata.xml
19	index 70cc3234093..70bbe8858a5 100644
20	--- a/app-benchmarks/stress-ng/metadata.xml
21	+++ b/app-benchmarks/stress-ng/metadata.xml
22	@@ -14,7 +14,6 @@
23	and over 20 virtual memory stress tests.
24	</longdescription>
25	<use>
26	- <flag name="apparmor">Add support for AppArmor.</flag>
27	</use>
28	<upstream>
29	<bugs-to>https://github.com/ColinIanKing/stress-ng/issues</bugs-to>
30	diff --git a/app-containers/containerd/metadata.xml b/app-containers/containerd/metadata.xml
31	index 5641ef37219..5d63e8606e9 100644
32	--- a/app-containers/containerd/metadata.xml
33	+++ b/app-containers/containerd/metadata.xml
34	@@ -17,7 +17,6 @@
35	<name>Georgy Yakovlev</name>
36	</maintainer>
37	<use>
38	- <flag name="apparmor">Support for AppArmor</flag>
39	<flag name="btrfs">Support for BTRFS snapshot driver</flag>
40	<flag name="cri">Support for Kubernetes CRI</flag>
41	<flag name="device-mapper">Support for device mapper snapshot driver</flag>
42	diff --git a/app-containers/docker/metadata.xml b/app-containers/docker/metadata.xml
43	index bc364de188b..5f163941881 100644
44	--- a/app-containers/docker/metadata.xml
45	+++ b/app-containers/docker/metadata.xml
46	@@ -21,9 +21,6 @@
47	Enables dependencies for the "aufs" graph driver, including
48	necessary kernel flags.
49	</flag>
50	- <flag name="apparmor">
51	- Enable AppArmor support.
52	- </flag>
53	<flag name="btrfs">
54	Enables dependencies for the "btrfs" graph driver, including
55	necessary kernel flags.
56	diff --git a/app-containers/lxc/metadata.xml b/app-containers/lxc/metadata.xml
57	index 8c08b596f2e..2d20f0346cc 100644
58	--- a/app-containers/lxc/metadata.xml
59	+++ b/app-containers/lxc/metadata.xml
60	@@ -10,7 +10,6 @@
61	<name>Gentoo Virtualization Project</name>
62	</maintainer>
63	<use>
64	- <flag name="apparmor">Enable AppArmor support</flag>
65	<flag name="io-uring">Enable io_uring support, and use io_uring instead of epoll</flag>
66	<flag name="tools">Build and install additional command line tools</flag>
67	</use>
68	diff --git a/app-containers/lxd/metadata.xml b/app-containers/lxd/metadata.xml
69	index a666d3414c4..dd209643cdb 100644
70	--- a/app-containers/lxd/metadata.xml
71	+++ b/app-containers/lxd/metadata.xml
72	@@ -9,9 +9,6 @@
73	<email>virtualization@g.o</email>
74	<name>Gentoo Virtualization Project</name>
75	</maintainer>
76	- <use>
77	- <flag name="apparmor">Enable AppArmor support</flag>
78	- </use>
79	<longdescription>
80	LXD is a modern, secure and powerful system container and virtual machine manager.
81
82	diff --git a/app-containers/podman/metadata.xml b/app-containers/podman/metadata.xml
83	index 11d7dc7603d..3a429ae4898 100644
84	--- a/app-containers/podman/metadata.xml
85	+++ b/app-containers/podman/metadata.xml
86	@@ -15,9 +15,6 @@
87	and volumes.
88	</longdescription>
89	<use>
90	- <flag name="apparmor">
91	- Enable AppArmor support.
92	- </flag>
93	<flag name="btrfs">
94	Enables dependencies for the "btrfs" graph driver, including
95	necessary kernel flags.
96	diff --git a/app-containers/runc/metadata.xml b/app-containers/runc/metadata.xml
97	index d27ad6413b0..76423a90314 100644
98	--- a/app-containers/runc/metadata.xml
99	+++ b/app-containers/runc/metadata.xml
100	@@ -14,9 +14,6 @@
101	<name>Georgy Yakovlev</name>
102	</maintainer>
103	<use>
104	- <flag name="apparmor">
105	- Enable AppArmor support.
106	- </flag>
107	<flag name="kmem">
108	Enable Kernel Memory Accounting.
109	</flag>
110	diff --git a/app-containers/snapd/metadata.xml b/app-containers/snapd/metadata.xml
111	index 0109791c93f..730665fd01e 100644
112	--- a/app-containers/snapd/metadata.xml
113	+++ b/app-containers/snapd/metadata.xml
114	@@ -9,9 +9,6 @@
115	<remote-id type="github">snapcore/snapd</remote-id>
116	</upstream>
117	<use>
118	- <flag name="apparmor">
119	- Enable AppArmor support.
120	- </flag>
121	<flag name="forced-devmode">
122	Automatically disable application confinement if feature detection fails.
123	</flag>
124	diff --git a/app-emulation/libvirt/metadata.xml b/app-emulation/libvirt/metadata.xml
125	index aa7a5f87067..9784c19f417 100644
126	--- a/app-emulation/libvirt/metadata.xml
127	+++ b/app-emulation/libvirt/metadata.xml
128	@@ -52,7 +52,6 @@
129	Support management of VirtualBox virtualisation (<pkg>app-emulation/virtualbox</pkg>)
130	</flag>
131	<!-- Miscellaneous flags -->
132	- <flag name="apparmor">Enable AppArmor support</flag>
133	<flag name="dtrace">Enable dtrace support via <pkg>dev-util/systemtap</pkg></flag>
134	<flag name="fuse">Allow LXC to use <pkg>sys-fs/fuse</pkg> for mountpoints</flag>
135	<flag name="numa">
136	diff --git a/media-libs/libextractor/metadata.xml b/media-libs/libextractor/metadata.xml
137	index c746a433d52..bcc04da57cc 100644
138	--- a/media-libs/libextractor/metadata.xml
139	+++ b/media-libs/libextractor/metadata.xml
140	@@ -3,7 +3,6 @@
141	<pkgmetadata>
142	<!--maintainer-needed-->
143	<use>
144	- <flag name="apparmor">Enable apparmor support using <pkg>sys-libs/libapparmor</pkg></flag>
145	<flag name="archive">Enable archive support using <pkg>app-arch/libarchive</pkg></flag>
146	<flag name="gsf">Enable OLE2 (MS Office) plug-in support using <pkg>gnome-extra/libgsf</pkg></flag>
147	<flag name="midi">Enable MIDI support through <pkg>media-libs/libsmf</pkg></flag>
148	diff --git a/profiles/use.desc b/profiles/use.desc
149	index 6438ef0eab9..83c3e70d13c 100644
150	--- a/profiles/use.desc
151	+++ b/profiles/use.desc
152	@@ -18,6 +18,7 @@ ao - Use libao audio output library for sound playback
153	apache2 - Add Apache2 support
154	aqua - Include support for the Mac OS X Aqua (Carbon/Cocoa) GUI
155	atm - Enable Asynchronous Transfer Mode protocol support
156	+apparmor - Enable support for the AppArmor application security system
157	appindicator - Build in support for notifications using the libindicate or libappindicator plugin
158	audiofile - Add support for libaudiofile where applicable
159	audit - Enable support for Linux audit subsystem using sys-process/audit
160	diff --git a/sys-apps/dbus-broker/metadata.xml b/sys-apps/dbus-broker/metadata.xml
161	index 38ad8e3af8d..4c5fa33d8b0 100644
162	--- a/sys-apps/dbus-broker/metadata.xml
163	+++ b/sys-apps/dbus-broker/metadata.xml
164	@@ -6,7 +6,6 @@
165	<name>Mike Gilbert</name>
166	</maintainer>
167	<use>
168	- <flag name="apparmor">Enable AppArmor support</flag>
169	<flag name="launcher">dbus-daemon compatibility launcher</flag>
170	</use>
171	</pkgmetadata>
172	diff --git a/sys-apps/systemd/metadata.xml b/sys-apps/systemd/metadata.xml
173	index d258d4fa7cf..34a269d81d8 100644
174	--- a/sys-apps/systemd/metadata.xml
175	+++ b/sys-apps/systemd/metadata.xml
176	@@ -9,7 +9,6 @@
177	<subslots>Incremented for ABI breaks in libudev or libsystemd</subslots>
178	</slots>
179	<use>
180	- <flag name="apparmor">Enable AppArmor support</flag>
181	<flag name="audit">Enable support for <pkg>sys-process/audit</pkg></flag>
182	<flag name="cgroup-hybrid">Default to hybrid (legacy) cgroup hierarchy instead of unified (modern).</flag>
183	<flag name="curl">Enable support for uploading journals</flag>
184	--
185	2.37.3

Gentoo Archives: gentoo-dev