| 1 |
Joachim Blaabjerg wrote: |
| 2 |
>Mikael Hallendal <hallski@g.o> wrote: |
| 3 |
> |
| 4 |
>I was planning to use Gentoo as a base, kind of, and make "secure" Portage |
| 5 |
>packages (with safe defaults etc., plus a few packages that aren't made for |
| 6 |
>Gentoo yes (AFAIK), like LIDS and libsafe, plus the patched kernel). |
| 7 |
|
| 8 |
Very cool. |
| 9 |
|
| 10 |
>> An interesting thought here would be to have some variable set in |
| 11 |
>> make.conf that if set only lets you install packages from a list of |
| 12 |
>> trusted apps/version. This would be a very flexible solution. Since it |
| 13 |
>> lets you have the exact same operating system on your workstation/server |
| 14 |
>> while having a really secure setup on your server. |
| 15 |
> |
| 16 |
>Hmm... Sounds interesting! |
| 17 |
|
| 18 |
Yes, I think you'll find that Gentoo (like BSD) has very good control over |
| 19 |
the system from a very few centralized files. There should be very little |
| 20 |
reason to make your changes at the lowest level. If there is, then |
| 21 |
something in portage itself probably needs attention so that kind of work |
| 22 |
can be avoided. It's undesirable because of the maintenance cost. |
| 23 |
|
| 24 |
>My only "problem" right now is to figure out where to start... ;) I guess I'll |
| 25 |
>have to, more or less, modify each and every one of the .ebuild files. |
| 26 |
|
| 27 |
I think this is where eclasses could really help. Eclasses should allow |
| 28 |
you to create a meta ebuild that looks for certain make.conf vars set and |
| 29 |
react accordingly. danarmak and drobbins are the ones to ask for more |
| 30 |
details on eclasses. |
| 31 |
|
| 32 |
>> Otherwise the only thing I have to say, welcome to the Gentoo community! |
| 33 |
|
| 34 |
Ditto! |
| 35 |
|
| 36 |
kabau |
| 37 |
|
| 38 |
-- |
| 39 |
"UNIX was not designed to stop you from doing stupid things, because that |
| 40 |
would also stop you from doing clever things." --Doug Gwyn |
Archives