diff options
author | John P. Davis <zhen@gentoo.org> | 2003-10-05 01:57:24 +0000 |
---|---|---|
committer | John P. Davis <zhen@gentoo.org> | 2003-10-05 01:57:24 +0000 |
commit | c9728acabaca449794e15c366c6d80eea9ca99f5 (patch) | |
tree | a9a6de91eeccfed87db0e10eab7bab6b182a6d24 /profiles | |
parent | marking stable on x86, and added a metadata.xml (diff) | |
download | gentoo-2-c9728acabaca449794e15c366c6d80eea9ca99f5.tar.gz gentoo-2-c9728acabaca449794e15c366c6d80eea9ca99f5.tar.bz2 gentoo-2-c9728acabaca449794e15c366c6d80eea9ca99f5.zip |
adding the default profile for the hardened team to the repository
Diffstat (limited to 'profiles')
-rw-r--r-- | profiles/hardened-x86-1.4/make.defaults | 11 | ||||
-rw-r--r-- | profiles/hardened-x86-1.4/packages | 108 | ||||
-rw-r--r-- | profiles/hardened-x86-1.4/packages.build | 31 | ||||
-rw-r--r-- | profiles/hardened-x86-1.4/use.defaults | 57 | ||||
-rw-r--r-- | profiles/hardened-x86-1.4/virtuals | 48 |
5 files changed, 255 insertions, 0 deletions
diff --git a/profiles/hardened-x86-1.4/make.defaults b/profiles/hardened-x86-1.4/make.defaults new file mode 100644 index 000000000000..a1bdd8c342f7 --- /dev/null +++ b/profiles/hardened-x86-1.4/make.defaults @@ -0,0 +1,11 @@ +# Copyright 2002 Gentoo Technologies, Inc. +# System-wide defaults for the gcc 3.2 Portage system + +USE="x86 oss apm arts avi berkdb crypt cups encode foomaticdb gdbm gif gpm gtk imlib +java jpeg kde gnome libg++ libwww mad mikmod mmx motif mpeg ncurses nls oggvorbis +opengl pam pdflib png python qt quicktime readline sdl slang spell ssl +svga tcpd truetype X xml2 xmms xv zlib" + +ARCH="x86" +COMPILER="gcc3" +ACCEPT_KEYWORDS="x86" diff --git a/profiles/hardened-x86-1.4/packages b/profiles/hardened-x86-1.4/packages new file mode 100644 index 000000000000..848fc06b3ff8 --- /dev/null +++ b/profiles/hardened-x86-1.4/packages @@ -0,0 +1,108 @@ +# IMPORTANT: In order to parse this new format, you need Portage 1.6 or later! + +# OK; you're staring at this file and you have no idea what these stars are +# for. Here's the scoop. An initial "*" marks a package that is part of the +# official "base" system profile. If there's a "*", then "emerge system" will +# use the line in its calculations of what "should" be installed for this +# profile. Lines without a "*" prefix will be ignored for profile +# calculations. + +# Now, this is new: *all* lines (star or no star) will be used as a special +# package *inclusion* mask. For example, the line *=sys-devel/gcc-2.95.3-r1 +# will cause Portage to totally ignore all gcc ebuilds other than +# gcc-2.95.3-r1. >=, <=, <, > and ~ can be used to offer a bit more +# flexibility. For example, >=sys-libs/glibc-2.2.4 will cause emerge to ignore +# all glibc ebuilds with a version less than 2.2.4. This allows us to have +# profile-specific package.mask settings. *All* lines are used for this +# masking process, whether they are prefixed with a * or not. And if a generic +# dep is used, like "sys-apps/foo", then all versions of foo are included. If +# there is no entry, then all versions of an app are included. The key thing +# to note is that this file does not need to end up being an exhaustive list +# of portage packages; just the ones critical to this profile. + +# So, what happens to /usr/portage/profiles/package.mask? It's still around, +# and still useful. But it should mainly be used for broken ebuilds only. +# package.mask continues to function as normal, masking out ebuilds from *all* +# system profiles. + +# Which to use? Use the profile-specific stuff to "lock down" specific +# versions of ebuilds. Gentoo Linux 1.0_rc6 uses certain known-compatible +# versions of binutils, gcc and glibc, so we lock them down here. This +# prevents the user from shooting himself/herself in the foot by installing a +# wacky version. + +>dev-lang/gpc-2.1 +*>=sys-apps/baselayout-1.8.6.10-r1 +*>=sys-apps/portage-2.0.49-r3 +*>=sys-devel/binutils-2.13.90.0.6-r2 +*>=sys-devel/gcc-3.2.3-r1 +*>=sys-devel/hardened-gcc-2.4.1 +*>=sys-libs/glibc-2.3.2-r1 +#*>=sys-apps/module-init-utils-0.9.10-r5 +*virtual/modutils +virtual/os-headers +>=app-admin/sysklogd-1.4.1 +*dev-lang/python + + +>=x11-base/xfree-4.1.0-r12 +# sash - static shell for system recovery +*app-shells/sash +*dev-lang/perl +*virtual/editor +*net-misc/dhcpcd +*net-misc/iputils +*net-misc/rsync +*net-misc/wget +*app-shells/bash +*sys-apps/bzip2 +*sys-apps/kbd +*sys-apps/cpio +*sys-apps/coreutils +*sys-apps/debianutils +*sys-apps/diffutils +*sys-fs/e2fsprogs +*sys-apps/ed +*sys-apps/fbset +*sys-apps/file +*sys-apps/findutils +*sys-apps/slocate +*sys-apps/gawk +*sys-apps/grep +*sys-apps/groff +*sys-apps/gzip +*sys-apps/hdparm +*sys-apps/less +*sys-apps/man +*sys-apps/man-pages +*sys-apps/net-tools +*sys-apps/procps +*sys-apps/psmisc +*sys-apps/sed +*sys-apps/setserial +*<sys-apps/shadow-5 +*sys-apps/pam-login +*sys-apps/sharutils +*sys-apps/tar +*>=sys-apps/texinfo-4.2-r1 +*sys-apps/util-linux +*sys-apps/which +*sys-devel/autoconf +*>=sys-devel/automake-1.6.1-r5 +*sys-devel/bc +*sys-devel/bin86 +*sys-devel/bison +*sys-devel/flex +*>=sys-devel/libtool-1.4.1-r4 +*sys-devel/m4 +*sys-devel/make +*sys-devel/patch +*sys-libs/cracklib +*<sys-libs/db-4.1.0 +*>=sys-libs/ncurses-5.2.20020112a +*>=sys-libs/pam-0.75-r9 +*sys-libs/pwdb +*sys-libs/readline +*sys-libs/zlib +*virtual/ssh +*sys-fs/devfsd diff --git a/profiles/hardened-x86-1.4/packages.build b/profiles/hardened-x86-1.4/packages.build new file mode 100644 index 000000000000..2105d836e117 --- /dev/null +++ b/profiles/hardened-x86-1.4/packages.build @@ -0,0 +1,31 @@ +sys-apps/baselayout +sys-libs/glibc +sys-apps/texinfo +app-shells/bash +sys-apps/bzip2 +sys-apps/debianutils +sys-apps/diffutils +sys-apps/file +sys-apps/fileutils +sys-apps/findutils +sys-apps/gawk +sys-apps/grep +sys-apps/gzip +sys-apps/portage +sys-apps/sed +sys-apps/sh-utils +sys-apps/tar +sys-apps/textutils +sys-devel/binutils +sys-devel/bison +sys-devel/flex +sys-devel/gcc +sys-devel/make +sys-devel/patch +sys-devel/gettext +dev-lang/python +net-misc/wget +net-misc/rsync +app-editors/nano +sys-apps/net-tools +sys-apps/less diff --git a/profiles/hardened-x86-1.4/use.defaults b/profiles/hardened-x86-1.4/use.defaults new file mode 100644 index 000000000000..8b9be0c1f091 --- /dev/null +++ b/profiles/hardened-x86-1.4/use.defaults @@ -0,0 +1,57 @@ +#gif +#mmx +#3dnow +#odbc +#fbcon +#oss +#libg++ +#objprelink +#nls +#mitshm +#sse +xinerama +directfb dev-libs/DirectFB +ungif media-libs/ungif +gtkhtml gnome-extra/gtkhtml +alsa media-libs/alsa-lib +gdbm sys-libs/gdbm +berkdb sys-libs/db +slang sys-libs/slang +readline sys-libs/readline +arts kde-base/arts +tetex app-text/tetex +aalib media-libs/aalib +nas media-libs/nas +bonobo gnome-base/bonobo +svga media-libs/svgalib +ggi media-libs/libggi +tcltk dev-lang/tcl dev-lang/tk +java virtual/jre +guile dev-util/guile +ruby dev-lang/ruby +mysql dev-db/mysql +postgres dev-db/postgresql +X x11-base/xfree +sdl media-libs/libsdl +gpm sys-libs/gpm +tcpd sys-apps/tcp-wrappers +pam sys-libs/pam +libwww net-libs/libwww +ssl dev-libs/openssl +perl dev-lang/perl +python dev-lang/python +esd media-sound/esound +imlib media-libs/imlib +oggvorbis media-libs/libvorbis +gnome gnome-base/gnome +gtk x11-libs/gtk+ +qt x11-libs/qt +kde kde-base/kdebase +motif x11-libs/openmotif +opengl virtual/opengl +mozilla net-www/mozilla +gphoto2 media-gfx/gphoto2 +ldap net-nds/openldap +snmp net-analyzer/ucd-snmp +cdr app-cdr/cdrtools +scanner media-gfx/sane-backends diff --git a/profiles/hardened-x86-1.4/virtuals b/profiles/hardened-x86-1.4/virtuals new file mode 100644 index 000000000000..208ce89e77b5 --- /dev/null +++ b/profiles/hardened-x86-1.4/virtuals @@ -0,0 +1,48 @@ +virtual/lpr net-print/cups +virtual/python dev-lang/python +virtual/mta net-mail/ssmtp +virtual/alsa media-sound/alsa-driver +virtual/kernel sys-kernel/linux-headers +virtual/linux-sources sys-kernel/gentoo-sources +virtual/glibc sys-libs/glibc +virtual/x11 x11-base/xfree +virtual/opengl x11-base/xfree +virtual/glu x11-base/xfree +virtual/glut media-libs/glut +virtual/imapUW net-mail/uw-imap +virtual/jdk dev-java/blackdown-jdk +virtual/jre dev-java/blackdown-jre +virtual/imapd net-mail/courier-imap +sys-apps/console-tools sys-apps/kbd +virtual/blackbox x11-wm/blackbox +virtual/emacs app-editors/emacs +virtual/cron sys-apps/dcron +virtual/xemacs app-editors/xemacs +virtual/sylpheed net-mail/sylpheed +virtual/php dev-php/mod_php +virtual/textbrowser net-www/links +virtual/mda net-mail/procmail +virtual/xft x11-base/xfree +virtual/krb5 app-crypt/heimdal +virtual/motif x11-libs/openmotif +virtual/bootloader sys-apps/grub +virtual/editor app-editors/nano +virtual/jack media-sound/jack-audio-connection-kit +virtual/quicktime media-libs/libquicktime +virtual/os-headers sys-kernel/linux-headers +virtual/ghc dev-lang/ghc-bin +virtual/modutils sys-apps/modutils +virtual/inetd sys-apps/xinetd +virtual/antivirus net-mail/clamav +virtual/aspell-dict app-dicts/aspell-en +virtual/skkserv app-i18n/skkserv +virtual/snmp net-analyzer/net-snmp +virtual/winkernel sys-kernel/win4lin-sources +virtual/imap-c-client net-libs/c-client +virtual/wine app-emulation/wine app-emulation/winex app-emulation/winex-cvs +virtual/flim app-emacs/flim +virtual/semi app-emacs/semi +virtual/tetex app-text/tetex +virtual/bittorrent net-p2p/bittorrent +virtual/logger app-admin/sysklogd +virtual/ssh net-misc/openssh |