1 |
> Also, if I wanted to revert to a NON-SELinux system, would switching |
2 |
> my profile and running an `emerge -DuatvN world' work? Or am I |
3 |
> looking at a complete reload at this point? |
4 |
|
5 |
I would probably rebuild the toolchain, then emerge -e system, then emerge -e world. I used the emwrap.sh script found in the forums to help with this on my Sunblade 100. I realize the jury is still out on this (and particularly this script), but it made sense to me given how everything is linked. I am still a little confused on the proper arguments to use (horrible documentation), but I believe emwrap.sh -Sb1 will rebuild the toolchain, then the system minus the toolchain. Then running emwrap.sh -W takes care of the world. |
6 |
|
7 |
Running though this exercise solved a lot of the general weirdness that was going on after I switched from 2006.0/2.4 to the 2006.0/2.6 profile. |
8 |
|
9 |
-Chris |
10 |
|
11 |
-----Original Message----- |
12 |
From: gentuxx [mailto:gentuxx@×××××.com] |
13 |
Sent: Monday, July 10, 2006 5:01 PM |
14 |
To: gentoo-sparc@l.g.o |
15 |
Subject: Re: [gentoo-sparc] >=sys-devel/gcc-3.4 on Sparc U5 SeLinux |
16 |
|
17 |
-----BEGIN PGP SIGNED MESSAGE----- |
18 |
Hash: SHA1 |
19 |
|
20 |
Gustavo Zacharias wrote: |
21 |
> gentuxx wrote: |
22 |
> |
23 |
> >> I'm in the process of migrating my U5 system to an SELinux profile. |
24 |
> >> Thanks to Gustavo Zacarias and his excellent kernel work, I've |
25 |
> managed |
26 |
> >> to get through the most of the migration guide (after an ugly battle |
27 |
> >> trying to get a functional hardened-sources kernel). Now I'm sort of |
28 |
> >> at a "time to jump off the cliff" point. I'm booted in the new |
29 |
> >> environment, with the hardened kernel, selinux profile, selinux |
30 |
> policy |
31 |
> >> tools, and selinux base policy. I'm about to run an `emerge -DuatvN |
32 |
> >> world' to pull in all of the remaining selinux-policy packages, and |
33 |
> >> recompile installed packages that need it with the new USE flags. |
34 |
> >> But, alas, if it were only that easy. |
35 |
> >> |
36 |
> >> Emerge fails right away stating "All ebuilds that could satisfy |
37 |
> >> ">=sys-devel/gcc-3.4" have been masked.". All of the versions are |
38 |
> >> masked by profile (and missing keyword). So my question is |
39 |
> three-fold: |
40 |
> |
41 |
> I'd venture to say the SELinux profile hasn't been updated/tested in |
42 |
> some time. It's handled by the selinux/hardened team so we can't help |
43 |
> much there. |
44 |
> |
45 |
> >> 1) If I put '<=sys-devel/gcc-4.2.0 ~sparc' in the |
46 |
> >> /etc/portage/package.keywords file, will that satisfy the masking and |
47 |
> >> allow me to install gcc-4.1.1-r1- even if it's masked by my profile? |
48 |
> >> |
49 |
BTW, I realized rather quickly that this wouldn't work. I had to |
50 |
modify the profile. |
51 |
> >> 2) I am currently running the selinux/2005.1/sparc64 profile. Is |
52 |
> >> there a newer one that would satisfy the above maskings? If so, what |
53 |
> >> do I need to emerge to get it on my system? Portage? I'm already |
54 |
> >> running portage-2.1-r1. |
55 |
> |
56 |
> I'd say try with the current stable toolchain for sparc rather than |
57 |
> venturing into higher things. |
58 |
> |
59 |
OK, are you suggesting that I stick with gcc-3.4.6 then? |
60 |
|
61 |
Also, if I wanted to revert to a NON-SELinux system, would switching |
62 |
my profile and running an `emerge -DuatvN world' work? Or am I |
63 |
looking at a complete reload at this point? |
64 |
> >> 3) Finally, what are your experiences with running a newer (>=4.0) |
65 |
> >> version of gcc on sparc? I want this system to be rock solid, so I'm |
66 |
> >> a little apprehensive about unmasking and running the |
67 |
> >> newest-greatest-fastest gcc, being such a fundamental part of a |
68 |
> gentoo |
69 |
> >> system. |
70 |
> |
71 |
> The greatest and fastest gcc won't let you emerge system as it currently |
72 |
> stands. Mostly other ebuilds need fixing, out of the top of my head |
73 |
> linux-headers needs love and at least kbd will break without it. |
74 |
|
75 |
OK, that may explain the funkiness I'm getting with the keyboard under |
76 |
the 2.6 kernel then, unless I'm misunderstanding you. |
77 |
> |
78 |
> -- |
79 |
> gentux |
80 |
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' |
81 |
> |
82 |
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 |
83 |
> 39E2 18D3 4A9E |
84 |
-----BEGIN PGP SIGNATURE----- |
85 |
Version: GnuPG v1.4.4 (GNU/Linux) |
86 |
|
87 |
iD8DBQFEssAcTPA54hjTSp4RAj7iAJ4gwZObUNj9pDnm0vpaSUhR1xiamACfVL4F |
88 |
4X0KuLxdxmLcNdCfWfhsMA8= |
89 |
=c621 |
90 |
-----END PGP SIGNATURE----- |
91 |
|
92 |
-- |
93 |
gentoo-sparc@g.o mailing list |
94 |
-- |
95 |
gentoo-sparc@g.o mailing list |