Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Grant Goodyear <g2boojum@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] turning off a default compile option
Date: Mon, 05 Jul 2004 13:55:19
Message-Id: 20040705135419.GG32383@violet.grantgoodyear.org
In Reply to: [gentoo-dev] turning off a default compile option by Jeffrey Forman
1 > The user would like a way to disable linux compatability if your kernel
2 > does not support it by using the 'caps' use flag. Maybe I dont fully
3 > understand 'linux compatability' but if we're all running Gentoo, arent
4 > we all running linux in the first place?
5
6 It's "capabilities", not "compatability [sic]". My understanding
7 is that capabilities allow for partitioning of root's all-powerful
8 nature into fine-grained permissions. Thus, obtaining root is no longer
9 sufficient to do massive harm. I believe this notion is central to
10 selinux, but I'm not sure if anything else uses it at the moment.
11
12 > My problem surfaces: Bind enables 'linux compatability' by default.
13 > Gentoo does have a linux compability flag (caps), but this is only to
14 > ENABLE linux compatability, not to disable it. I attempted to use the
15 > bugger's suggestion, but repoman got pissed on a full scan. Grant
16 > mentioned maybe making 'caps' part of the default use flag.
17
18 Actually, what I said is that capabilities should be disabled _unless_
19 USE=caps, and that if there seemed to be a broad need for capabilities
20 for our users then we might want to discuss making it a default USE
21 flag.
22
23 > Basically I'd like a way of using a "reverse" use flag, -caps, and if
24 > -caps is set, disable linux compat; if the flag is not set, do not add
25 > any --config-option at all.
26
27 I don't think a reverse flag is needed here. The fact that bind only
28 has a --disable setting for capabilities and not an --enable is a bit
29 odd, but it doesn't require us to change how our USE flags work. If
30 USE=caps, then no flag needs to be sent to configure (but comment the
31 ebuild so there's a record that bind's configure is warped), but if
32 "caps" is not in USE, then send the --disable.
33
34 Best,
35 g2boojum
36 --
37 Grant Goodyear
38 Gentoo Developer
39 g2boojum@g.o
40 http://www.gentoo.org/~g2boojum
41 GPG Fingerprint: D706 9802 1663 DEF5 81B0 9573 A6DC 7152 E0F6 5B76

Replies

Subject Author
Re: [gentoo-dev] turning off a default compile option Joshua Brindle <method@g.o>
Report Message
Find on MARC Find on Google Groups