1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Clonch, Christopher A (Chris) wrote: |
5 |
>> Also, if I wanted to revert to a NON-SELinux system, would switching |
6 |
>> my profile and running an `emerge -DuatvN world' work? Or am I |
7 |
>> looking at a complete reload at this point? |
8 |
> |
9 |
> I would probably rebuild the toolchain, then emerge -e system, then |
10 |
emerge -e world. I used the emwrap.sh script found in the forums to |
11 |
help with this on my Sunblade 100. I realize the jury is still out on |
12 |
this (and particularly this script), but it made sense to me given how |
13 |
everything is linked. I am still a little confused on the proper |
14 |
arguments to use (horrible documentation), but I believe emwrap.sh -Sb1 |
15 |
will rebuild the toolchain, then the system minus the toolchain. Then |
16 |
running emwrap.sh -W takes care of the world. |
17 |
> |
18 |
|
19 |
I'll play around with the tool. It looks like, if I want to revert to |
20 |
non-SELinux, I'm going to have several days of recompiling and or |
21 |
reloading anyway, so messing with this script might be fun while I |
22 |
have a "disposable" system. ;-) |
23 |
|
24 |
Thanks for the tip. I don't usually visit the forum, so I would like |
25 |
not have caught this. |
26 |
|
27 |
> Running though this exercise solved a lot of the general weirdness that |
28 |
was going on after I switched from 2006.0/2.4 to the 2006.0/2.6 profile. |
29 |
> |
30 |
> -Chris |
31 |
> |
32 |
> -----Original Message----- |
33 |
> From: gentuxx [mailto:gentuxx@×××××.com] |
34 |
> Sent: Monday, July 10, 2006 5:01 PM |
35 |
> To: gentoo-sparc@l.g.o |
36 |
> Subject: Re: [gentoo-sparc] >=sys-devel/gcc-3.4 on Sparc U5 SeLinux |
37 |
> |
38 |
> Gustavo Zacharias wrote: |
39 |
> >> gentuxx wrote: |
40 |
> >> |
41 |
> >>>> I'm in the process of migrating my U5 system to an SELinux profile. |
42 |
> >>>> Thanks to Gustavo Zacarias and his excellent kernel work, I've |
43 |
> >> managed |
44 |
> >>>> to get through the most of the migration guide (after an ugly |
45 |
> battle |
46 |
> >>>> trying to get a functional hardened-sources kernel). Now I'm |
47 |
> sort of |
48 |
> >>>> at a "time to jump off the cliff" point. I'm booted in the new |
49 |
> >>>> environment, with the hardened kernel, selinux profile, selinux |
50 |
> >> policy |
51 |
> >>>> tools, and selinux base policy. I'm about to run an `emerge |
52 |
> -DuatvN |
53 |
> >>>> world' to pull in all of the remaining selinux-policy packages, and |
54 |
> >>>> recompile installed packages that need it with the new USE flags. |
55 |
> >>>> But, alas, if it were only that easy. |
56 |
> >>>> |
57 |
> >>>> Emerge fails right away stating "All ebuilds that could satisfy |
58 |
> >>>> ">=sys-devel/gcc-3.4" have been masked.". All of the versions are |
59 |
> >>>> masked by profile (and missing keyword). So my question is |
60 |
> >> three-fold: |
61 |
> >> |
62 |
> >> I'd venture to say the SELinux profile hasn't been updated/tested in |
63 |
> >> some time. It's handled by the selinux/hardened team so we can't help |
64 |
> >> much there. |
65 |
> >> |
66 |
> >>>> 1) If I put '<=sys-devel/gcc-4.2.0 ~sparc' in the |
67 |
> >>>> /etc/portage/package.keywords file, will that satisfy the |
68 |
> masking and |
69 |
> >>>> allow me to install gcc-4.1.1-r1- even if it's masked by my |
70 |
> profile? |
71 |
> >>>> |
72 |
> BTW, I realized rather quickly that this wouldn't work. I had to |
73 |
> modify the profile. |
74 |
> >>>> 2) I am currently running the selinux/2005.1/sparc64 profile. Is |
75 |
> >>>> there a newer one that would satisfy the above maskings? If |
76 |
> so, what |
77 |
> >>>> do I need to emerge to get it on my system? Portage? I'm already |
78 |
> >>>> running portage-2.1-r1. |
79 |
> >> I'd say try with the current stable toolchain for sparc rather than |
80 |
> >> venturing into higher things. |
81 |
> >> |
82 |
> OK, are you suggesting that I stick with gcc-3.4.6 then? |
83 |
> |
84 |
> Also, if I wanted to revert to a NON-SELinux system, would switching |
85 |
> my profile and running an `emerge -DuatvN world' work? Or am I |
86 |
> looking at a complete reload at this point? |
87 |
> >>>> 3) Finally, what are your experiences with running a newer (>=4.0) |
88 |
> >>>> version of gcc on sparc? I want this system to be rock solid, |
89 |
> so I'm |
90 |
> >>>> a little apprehensive about unmasking and running the |
91 |
> >>>> newest-greatest-fastest gcc, being such a fundamental part of a |
92 |
> >> gentoo |
93 |
> >>>> system. |
94 |
> >> The greatest and fastest gcc won't let you emerge system as it |
95 |
> currently |
96 |
> >> stands. Mostly other ebuilds need fixing, out of the top of my head |
97 |
> >> linux-headers needs love and at least kbd will break without it. |
98 |
> |
99 |
> OK, that may explain the funkiness I'm getting with the keyboard under |
100 |
> the 2.6 kernel then, unless I'm misunderstanding you. |
101 |
> >> -- |
102 |
> >> gentux |
103 |
> >> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' |
104 |
> >> |
105 |
> >> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 |
106 |
> >> 39E2 18D3 4A9E |
107 |
> |
108 |
> -- |
109 |
> gentux |
110 |
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' |
111 |
> |
112 |
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 |
113 |
> 39E2 18D3 4A9E |
114 |
-----BEGIN PGP SIGNATURE----- |
115 |
Version: GnuPG v1.4.4 (GNU/Linux) |
116 |
|
117 |
iD8DBQFEssukTPA54hjTSp4RAhkkAKCJ8yDat4UholHje5p2359h+Q5cxQCfRZ0U |
118 |
+zlwkp3wnYt1uaCFNvoI9i4= |
119 |
=pO0k |
120 |
-----END PGP SIGNATURE----- |
121 |
|
122 |
-- |
123 |
gentoo-sparc@g.o mailing list |