diff options
| author |   Ned Ludd <solar@gentoo.org> | 2004-10-20 23:43:08 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2004-10-20 23:43:08 +0000 |
| commit | fec4407aad65f3b4c93e3d318544c2b5a4bb7510 (patch) | |
| tree | dafd96916fef3d8f5580eacd6e20711bd54bc4a0 /profiles/uclibc/x86 | |
| parent | ~s390 KEYWORD for #67170 (Manifest recommit) (diff) | |
| download | gentoo-2-fec4407aad65f3b4c93e3d318544c2b5a4bb7510.tar.gz gentoo-2-fec4407aad65f3b4c93e3d318544c2b5a4bb7510.tar.bz2 gentoo-2-fec4407aad65f3b4c93e3d318544c2b5a4bb7510.zip | |
moving hardened to subfolder of x86
Diffstat (limited to 'profiles/uclibc/x86')
| -rw-r--r-- | profiles/uclibc/x86/hardened/make.defaults | 42 | ||||
| -rw-r--r-- | profiles/uclibc/x86/hardened/packages | 2 | ||||
| -rw-r--r-- | profiles/uclibc/x86/hardened/parent | 1 |
3 files changed, 45 insertions, 0 deletions
diff --git a/profiles/uclibc/x86/hardened/make.defaults b/profiles/uclibc/x86/hardened/make.defaults new file mode 100644 index 000000000000..b5c34c28d41e --- /dev/null +++ b/profiles/uclibc/x86/hardened/make.defaults @@ -0,0 +1,42 @@ +USE="x86 berkdb crypt ncurses readline ssl tcpd zlib pic pie hardened uclibc" +STAGE1_USE="uclibc hardened pic" +GRP_STAGE23_USE="x86 berkdb crypt ncurses readline ssl tcpd zlib pic pie hardened uclibc" + +ARCH="x86" +ACCEPT_KEYWORDS="x86" + +# +# FEATURES are settings that affect the functionality of portage. Most of +# these settings are for developer use, but some are available to non- +# developers as well. +# +# 'nodoc' remove 'doc' in the preinstall phase. +# functionality equivalent to rm -rf usr/share/doc/ +# +# 'noinfo' remove 'info' pages in the preinstall phase. +# functionality equivalent to rm -rf usr/share/info/ +# +# 'noman' remove 'man' pages in the preinstall phase. +# functionality equivalent to rm -rf usr/share/man/ +# +# 'sandbox' enable sandbox-ing when running emerge and ebuild +# +# 'sfperms' feature for security minded people that causes portage to +# remove group+other readable bits on setuid files and +# remove the other readable bits on setgid files. +# +# 'strict' causes portage to react strongly to conditions that +# have the potential to be dangerous -- like missing or +# incorrect Manifest files. +# +# 'userpriv' allows portage to drop root privleges while it is compiling +# as a security measure, and as a side effect this can remove +# sandbox access violations for users. +# +# 'usersandbox' enables sandboxing while portage is running under userpriv. +# unpack -- for debugging purposes only. + +FEATURES="sandbox sfperms strict nodoc noinfo noman" +#FEATURES="${FEATURES} userpriv usersandbox" +PORTDIR=/usr/portage/ +PKGDIR=${PORTDIR}/packages/${CHOST}/ diff --git a/profiles/uclibc/x86/hardened/packages b/profiles/uclibc/x86/hardened/packages new file mode 100644 index 000000000000..dadbd89fb0a6 --- /dev/null +++ b/profiles/uclibc/x86/hardened/packages @@ -0,0 +1,2 @@ +-*<sys-devel/binutils-2.14.90.0.7 +*>=sys-devel/binutils-2.14.90.0.8 diff --git a/profiles/uclibc/x86/hardened/parent b/profiles/uclibc/x86/hardened/parent new file mode 100644 index 000000000000..f3229c5b9876 --- /dev/null +++ b/profiles/uclibc/x86/hardened/parent @@ -0,0 +1 @@ +.. |