Gentoo Archives: gentoo-dev

From: Ned Ludd <solar@g.o>
To: gentoo-hardened@l.g.o
Cc: gentoo-dev@l.g.o
Subject: [gentoo-dev] Portage Toys
Date: Thu, 30 Sep 2004 23:44:37
Message-Id: 1096587807.18326.279.camel@simple
1 Portage has this really great feature-file that's often overlooked which
2 can be used in almost unlimited ways to customize your gentoo linux
3 install or preform tasks that you would otherwise have to open a bug
4 for. Sometimes your bug may not even be appropriate or suited for the
5 masses. But thankfully there is bashrc to the rescue.
7 quoting from the manpage:
8 "If needed this file can be used to setup a different environment for
9 ebuilds than the root environment. Syntax is the
10 same as any other bash script."
12 Ok sounds good lets take it for a drive.....
13 Yada yada crunch etc and stuff...
15 About a week later here..
17 Ok so now I want to share an example which I'm now using on my own box
18 which have made my life easier.. these examples require bash3 but that
19 easy enough to backport.
21 ------------------------------------------------------------------------
23 Per package CFLAGS
24 /etc/portage/package.cflags
26 Like many others I'm always fighting for space. I want some
27 optimizations on some packages but not the same optimizations on others
28 and portage has no way to handle this currently and I got tired of
29 waiting for package.env so I wrote a simple way to handle cflags on a
30 per package or category basis. (this is what started it all)
32 ------------------------------------------------------------------------
34 I've seen alot of people ask about this feature.
35 Never knew why it does not exists. None the less here you go.
37 FEATURES="distclean"
38 This feature will automatically remove files that portage downloads to
39 $DISTDIR based on what's defined in an ebuilds SRC_URI.
41 In one of the final ebuild phases of (postinst) we check that
42 file exists and is a regular file then that the user (me) has
43 FEATURES="distclean" defined and all conditions are met we simply remove
44 the file to save space/memory after we don't need it anymore.
46 -------------------------------------------------------------------------
48 # Source Based Auto Auditing Features.
50 These two features for people who have nothing better to do that look
51 for flaws in packages via portage semi automatically.
52 This feature should not be used by people who have no clue what they are
53 doing.
55 FEATURES=flawfinder
57 Flawfinder searches through source code for potential security flaws,
58 listing potential security flaws sorted by risk, with the most
59 potentially dangerous flaws shown first. This risk level depends not
60 only on the function, but on the values of the parameters of the
61 function.
62 Flawfinder can only process .c / .cpp files.
64 FEATURES=rats
65 This feature is a lot like flawfinder. Only it can process c/cpp/php/pl
66 vs flawfinder c/cpp. Each auditing tool each has it's own advantages and
67 disadvantages.
69 If FEATURE_AUDIT_LOGPATH is found in the environment then we will save
70 the audit logs to the dir defined by that variable.
72 To use either one of these you must have rats || flawfinder installed
73 accordingly.
75 ------------------------------------------------------------------------
76 This code is all experimental and if it does not work for you, breaks
77 something or you think my bash sucks I really don't care. I just wanted
78 to share the idea that with /etc/portage/bashrc you can do some really
79 cool things.
81 -enjoy
83 --
84 Ned Ludd <solar@g.o>
85 Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer


File name MIME type
bashrc text/plain
package.cflags text/plain
signature.asc application/pgp-signature


Subject Author
Re: [gentoo-dev] Portage Toys Michael Tindal <mtindal@××××××××××××.com>