1 |
Hi everyone, |
2 |
|
3 |
The number of profiles in gentoo is growing *again* with the addition of |
4 |
release 13.0 profiles. Because of the way stacking works, adding these |
5 |
to hardened means a repetition of code in a way that is not good. I'll |
6 |
decide how to proceed in a week or so, let everyone know and then |
7 |
implement something. Right now I'm leaning towards "test" profiles for |
8 |
amd64 and x86 and after some good period of testing (6 months?) just |
9 |
switch all of hardened from 10.0 to 13.0. |
10 |
|
11 |
While I'm at the business of rethinking the profiles, I've been |
12 |
wondering, does anyone use the /desktop, /developer, /server sub |
13 |
profiles? I've officially only listed the following |
14 |
|
15 |
[18] hardened/linux/amd64 * |
16 |
[19] hardened/linux/amd64/selinux |
17 |
[20] hardened/linux/amd64/no-multilib |
18 |
[21] hardened/linux/amd64/no-multilib/selinux |
19 |
|
20 |
for amd64, and similarly for other arches. But there also exist |
21 |
profiles like: |
22 |
|
23 |
hardened/linux/amd64/desktop |
24 |
hardened/linux/amd64/developer |
25 |
hardened/linux/amd64/server |
26 |
|
27 |
for ia64, ppc, ppc64 and x86. I didn't even bother to add these for |
28 |
mips or arm. These are not listed in profiles.desc, so you can't |
29 |
eselect them, but a user could manually create those links. |
30 |
|
31 |
If no one is using them, I'll mark them deprecated, and dump them in a |
32 |
month or two. |
33 |
|
34 |
Comments? |
35 |
|
36 |
|
37 |
-- |
38 |
Anthony G. Basile, Ph. D. |
39 |
Chair of Information Technology |
40 |
D'Youville College |
41 |
Buffalo, NY 14201 |
42 |
(716) 829-8197 |