| 1 |
On Sun, Oct 26, 2008 at 03:32:10PM -0400, Mike Edenfield wrote: |
| 2 |
> Matt Harrison wrote: |
| 3 |
> |
| 4 |
>> The problem is that even though the selinux USE flag isn't exabled, |
| 5 |
>> packages |
| 6 |
>> like coreutils are still linking into libselinux. So if I remove |
| 7 |
>> libselinux |
| 8 |
>> and all the selinux related packages, it breaks a whole load of binaries |
| 9 |
>> on |
| 10 |
>> the system, so much so that I can't recompile packages afterwards. |
| 11 |
> |
| 12 |
> Once you switch to a non-SELinux profile you still need to rebuild the |
| 13 |
> packages that used the library. Building them without the selinux USE flag |
| 14 |
> will prevent them from linking to the library. Once they're all rebuilt, |
| 15 |
> then you can remove the SELinux userland stuff. |
| 16 |
|
| 17 |
But I've already rebuilt the packages, like coreutils, yet ldd on /bin/mv |
| 18 |
still shows libselinux linked in. |
| 19 |
|
| 20 |
> To easily get this list of packages you have multiple options. The easiest |
| 21 |
> way is to use revdep-rebuild with the --library option, but last time I |
| 22 |
> checked revdep-rebuild crashed when you supplied a library. Alternately, |
| 23 |
> you could run emerge with the --newuse flag, which will pick up any |
| 24 |
> packages that used to have the selinux USE flag and now don't. Of course, |
| 25 |
> if you want to be extra safe, just rebuild everything: |
| 26 |
|
| 27 |
I'll have a go with revdep-rebuild. |
| 28 |
|
| 29 |
Thanks |
| 30 |
|
| 31 |
Matt |
Archives