summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn P. Davis <zhen@gentoo.org>2003-10-05 01:57:24 +0000
committerJohn P. Davis <zhen@gentoo.org>2003-10-05 01:57:24 +0000
commitc9728acabaca449794e15c366c6d80eea9ca99f5 (patch)
treea9a6de91eeccfed87db0e10eab7bab6b182a6d24 /profiles
parentmarking stable on x86, and added a metadata.xml (diff)
downloadgentoo-2-c9728acabaca449794e15c366c6d80eea9ca99f5.tar.gz
gentoo-2-c9728acabaca449794e15c366c6d80eea9ca99f5.tar.bz2
gentoo-2-c9728acabaca449794e15c366c6d80eea9ca99f5.zip
adding the default profile for the hardened team to the repository
Diffstat (limited to 'profiles')
-rw-r--r--profiles/hardened-x86-1.4/make.defaults11
-rw-r--r--profiles/hardened-x86-1.4/packages108
-rw-r--r--profiles/hardened-x86-1.4/packages.build31
-rw-r--r--profiles/hardened-x86-1.4/use.defaults57
-rw-r--r--profiles/hardened-x86-1.4/virtuals48
5 files changed, 255 insertions, 0 deletions
diff --git a/profiles/hardened-x86-1.4/make.defaults b/profiles/hardened-x86-1.4/make.defaults
new file mode 100644
index 000000000000..a1bdd8c342f7
--- /dev/null
+++ b/profiles/hardened-x86-1.4/make.defaults
@@ -0,0 +1,11 @@
+# Copyright 2002 Gentoo Technologies, Inc.
+# System-wide defaults for the gcc 3.2 Portage system
+
+USE="x86 oss apm arts avi berkdb crypt cups encode foomaticdb gdbm gif gpm gtk imlib
+java jpeg kde gnome libg++ libwww mad mikmod mmx motif mpeg ncurses nls oggvorbis
+opengl pam pdflib png python qt quicktime readline sdl slang spell ssl
+svga tcpd truetype X xml2 xmms xv zlib"
+
+ARCH="x86"
+COMPILER="gcc3"
+ACCEPT_KEYWORDS="x86"
diff --git a/profiles/hardened-x86-1.4/packages b/profiles/hardened-x86-1.4/packages
new file mode 100644
index 000000000000..848fc06b3ff8
--- /dev/null
+++ b/profiles/hardened-x86-1.4/packages
@@ -0,0 +1,108 @@
+# IMPORTANT: In order to parse this new format, you need Portage 1.6 or later!
+
+# OK; you're staring at this file and you have no idea what these stars are
+# for. Here's the scoop. An initial "*" marks a package that is part of the
+# official "base" system profile. If there's a "*", then "emerge system" will
+# use the line in its calculations of what "should" be installed for this
+# profile. Lines without a "*" prefix will be ignored for profile
+# calculations.
+
+# Now, this is new: *all* lines (star or no star) will be used as a special
+# package *inclusion* mask. For example, the line *=sys-devel/gcc-2.95.3-r1
+# will cause Portage to totally ignore all gcc ebuilds other than
+# gcc-2.95.3-r1. >=, <=, <, > and ~ can be used to offer a bit more
+# flexibility. For example, >=sys-libs/glibc-2.2.4 will cause emerge to ignore
+# all glibc ebuilds with a version less than 2.2.4. This allows us to have
+# profile-specific package.mask settings. *All* lines are used for this
+# masking process, whether they are prefixed with a * or not. And if a generic
+# dep is used, like "sys-apps/foo", then all versions of foo are included. If
+# there is no entry, then all versions of an app are included. The key thing
+# to note is that this file does not need to end up being an exhaustive list
+# of portage packages; just the ones critical to this profile.
+
+# So, what happens to /usr/portage/profiles/package.mask? It's still around,
+# and still useful. But it should mainly be used for broken ebuilds only.
+# package.mask continues to function as normal, masking out ebuilds from *all*
+# system profiles.
+
+# Which to use? Use the profile-specific stuff to "lock down" specific
+# versions of ebuilds. Gentoo Linux 1.0_rc6 uses certain known-compatible
+# versions of binutils, gcc and glibc, so we lock them down here. This
+# prevents the user from shooting himself/herself in the foot by installing a
+# wacky version.
+
+>dev-lang/gpc-2.1
+*>=sys-apps/baselayout-1.8.6.10-r1
+*>=sys-apps/portage-2.0.49-r3
+*>=sys-devel/binutils-2.13.90.0.6-r2
+*>=sys-devel/gcc-3.2.3-r1
+*>=sys-devel/hardened-gcc-2.4.1
+*>=sys-libs/glibc-2.3.2-r1
+#*>=sys-apps/module-init-utils-0.9.10-r5
+*virtual/modutils
+virtual/os-headers
+>=app-admin/sysklogd-1.4.1
+*dev-lang/python
+
+
+>=x11-base/xfree-4.1.0-r12
+# sash - static shell for system recovery
+*app-shells/sash
+*dev-lang/perl
+*virtual/editor
+*net-misc/dhcpcd
+*net-misc/iputils
+*net-misc/rsync
+*net-misc/wget
+*app-shells/bash
+*sys-apps/bzip2
+*sys-apps/kbd
+*sys-apps/cpio
+*sys-apps/coreutils
+*sys-apps/debianutils
+*sys-apps/diffutils
+*sys-fs/e2fsprogs
+*sys-apps/ed
+*sys-apps/fbset
+*sys-apps/file
+*sys-apps/findutils
+*sys-apps/slocate
+*sys-apps/gawk
+*sys-apps/grep
+*sys-apps/groff
+*sys-apps/gzip
+*sys-apps/hdparm
+*sys-apps/less
+*sys-apps/man
+*sys-apps/man-pages
+*sys-apps/net-tools
+*sys-apps/procps
+*sys-apps/psmisc
+*sys-apps/sed
+*sys-apps/setserial
+*<sys-apps/shadow-5
+*sys-apps/pam-login
+*sys-apps/sharutils
+*sys-apps/tar
+*>=sys-apps/texinfo-4.2-r1
+*sys-apps/util-linux
+*sys-apps/which
+*sys-devel/autoconf
+*>=sys-devel/automake-1.6.1-r5
+*sys-devel/bc
+*sys-devel/bin86
+*sys-devel/bison
+*sys-devel/flex
+*>=sys-devel/libtool-1.4.1-r4
+*sys-devel/m4
+*sys-devel/make
+*sys-devel/patch
+*sys-libs/cracklib
+*<sys-libs/db-4.1.0
+*>=sys-libs/ncurses-5.2.20020112a
+*>=sys-libs/pam-0.75-r9
+*sys-libs/pwdb
+*sys-libs/readline
+*sys-libs/zlib
+*virtual/ssh
+*sys-fs/devfsd
diff --git a/profiles/hardened-x86-1.4/packages.build b/profiles/hardened-x86-1.4/packages.build
new file mode 100644
index 000000000000..2105d836e117
--- /dev/null
+++ b/profiles/hardened-x86-1.4/packages.build
@@ -0,0 +1,31 @@
+sys-apps/baselayout
+sys-libs/glibc
+sys-apps/texinfo
+app-shells/bash
+sys-apps/bzip2
+sys-apps/debianutils
+sys-apps/diffutils
+sys-apps/file
+sys-apps/fileutils
+sys-apps/findutils
+sys-apps/gawk
+sys-apps/grep
+sys-apps/gzip
+sys-apps/portage
+sys-apps/sed
+sys-apps/sh-utils
+sys-apps/tar
+sys-apps/textutils
+sys-devel/binutils
+sys-devel/bison
+sys-devel/flex
+sys-devel/gcc
+sys-devel/make
+sys-devel/patch
+sys-devel/gettext
+dev-lang/python
+net-misc/wget
+net-misc/rsync
+app-editors/nano
+sys-apps/net-tools
+sys-apps/less
diff --git a/profiles/hardened-x86-1.4/use.defaults b/profiles/hardened-x86-1.4/use.defaults
new file mode 100644
index 000000000000..8b9be0c1f091
--- /dev/null
+++ b/profiles/hardened-x86-1.4/use.defaults
@@ -0,0 +1,57 @@
+#gif
+#mmx
+#3dnow
+#odbc
+#fbcon
+#oss
+#libg++
+#objprelink
+#nls
+#mitshm
+#sse
+xinerama
+directfb dev-libs/DirectFB
+ungif media-libs/ungif
+gtkhtml gnome-extra/gtkhtml
+alsa media-libs/alsa-lib
+gdbm sys-libs/gdbm
+berkdb sys-libs/db
+slang sys-libs/slang
+readline sys-libs/readline
+arts kde-base/arts
+tetex app-text/tetex
+aalib media-libs/aalib
+nas media-libs/nas
+bonobo gnome-base/bonobo
+svga media-libs/svgalib
+ggi media-libs/libggi
+tcltk dev-lang/tcl dev-lang/tk
+java virtual/jre
+guile dev-util/guile
+ruby dev-lang/ruby
+mysql dev-db/mysql
+postgres dev-db/postgresql
+X x11-base/xfree
+sdl media-libs/libsdl
+gpm sys-libs/gpm
+tcpd sys-apps/tcp-wrappers
+pam sys-libs/pam
+libwww net-libs/libwww
+ssl dev-libs/openssl
+perl dev-lang/perl
+python dev-lang/python
+esd media-sound/esound
+imlib media-libs/imlib
+oggvorbis media-libs/libvorbis
+gnome gnome-base/gnome
+gtk x11-libs/gtk+
+qt x11-libs/qt
+kde kde-base/kdebase
+motif x11-libs/openmotif
+opengl virtual/opengl
+mozilla net-www/mozilla
+gphoto2 media-gfx/gphoto2
+ldap net-nds/openldap
+snmp net-analyzer/ucd-snmp
+cdr app-cdr/cdrtools
+scanner media-gfx/sane-backends
diff --git a/profiles/hardened-x86-1.4/virtuals b/profiles/hardened-x86-1.4/virtuals
new file mode 100644
index 000000000000..208ce89e77b5
--- /dev/null
+++ b/profiles/hardened-x86-1.4/virtuals
@@ -0,0 +1,48 @@
+virtual/lpr net-print/cups
+virtual/python dev-lang/python
+virtual/mta net-mail/ssmtp
+virtual/alsa media-sound/alsa-driver
+virtual/kernel sys-kernel/linux-headers
+virtual/linux-sources sys-kernel/gentoo-sources
+virtual/glibc sys-libs/glibc
+virtual/x11 x11-base/xfree
+virtual/opengl x11-base/xfree
+virtual/glu x11-base/xfree
+virtual/glut media-libs/glut
+virtual/imapUW net-mail/uw-imap
+virtual/jdk dev-java/blackdown-jdk
+virtual/jre dev-java/blackdown-jre
+virtual/imapd net-mail/courier-imap
+sys-apps/console-tools sys-apps/kbd
+virtual/blackbox x11-wm/blackbox
+virtual/emacs app-editors/emacs
+virtual/cron sys-apps/dcron
+virtual/xemacs app-editors/xemacs
+virtual/sylpheed net-mail/sylpheed
+virtual/php dev-php/mod_php
+virtual/textbrowser net-www/links
+virtual/mda net-mail/procmail
+virtual/xft x11-base/xfree
+virtual/krb5 app-crypt/heimdal
+virtual/motif x11-libs/openmotif
+virtual/bootloader sys-apps/grub
+virtual/editor app-editors/nano
+virtual/jack media-sound/jack-audio-connection-kit
+virtual/quicktime media-libs/libquicktime
+virtual/os-headers sys-kernel/linux-headers
+virtual/ghc dev-lang/ghc-bin
+virtual/modutils sys-apps/modutils
+virtual/inetd sys-apps/xinetd
+virtual/antivirus net-mail/clamav
+virtual/aspell-dict app-dicts/aspell-en
+virtual/skkserv app-i18n/skkserv
+virtual/snmp net-analyzer/net-snmp
+virtual/winkernel sys-kernel/win4lin-sources
+virtual/imap-c-client net-libs/c-client
+virtual/wine app-emulation/wine app-emulation/winex app-emulation/winex-cvs
+virtual/flim app-emacs/flim
+virtual/semi app-emacs/semi
+virtual/tetex app-text/tetex
+virtual/bittorrent net-p2p/bittorrent
+virtual/logger app-admin/sysklogd
+virtual/ssh net-misc/openssh