I tried out SELinux some weeks ago and decided to switch back to normal Gentoo. Now, when running "emerge --depclean" i get the following: * In order to avoid breakage of link level dependencies, one or more * packages will not be removed. This can be solved by rebuilding the * packages that pulled them in. * * sys-libs/libselinux-2.0.85 pulled in by: * app-cdr/brasero-2.28.3 needs libselinux.so.1 * app-editors/gedit-2.28.3 needs libselinux.so.1 * gnome-base/gnome-control-center-2.28.1-r2 needs libselinux.so.1 * gnome-base/gvfs-1.4.3 needs libselinux.so.1 * gnome-extra/gucharmap-2.28.2 needs libselinux.so.1 * mail-client/claws-mail-3.7.4 needs libselinux.so.1 * media-gfx/graphviz-2.26.0 needs libselinux.so.1 * media-video/totem-2.28.5 needs libselinux.so.1 * net-dns/avahi-0.6.25 needs libselinux.so.1 * net-misc/openvpn-2.1.0-r1 needs libselinux.so.1 * sys-apps/coreutils-8.4 needs libselinux.so.1 * sys-apps/devicekit-disks-009 needs libselinux.so.1 * x11-libs/gtksourceview-2.8.2 needs libselinux.so.1 * x11-themes/gtk-engines-2.18.5 needs libselinux.so.1 Of course, I used revdep-rebuild, reemerged the packages several times, have USE="-selinux" and use a normal 10.0 profile. The only real problem in the list is coreutils. If I could get coreutils running without selinux.so.1 I would simply remove the lib and reemerge everything. Reproducible: Always Steps to Reproduce: 1. Have a SELinux enabled system. 2. eselect profile set $normal_10.0_profile; do emerge -uDvNA @system @world, revdep-rebuild and all the stuff. 3. emerge --depclean -p Actual Results: libselinux cannot be removed because coreutils (and other packages) depend on it. Expected Results: libselinux gets removed. Portage 2.2_rc61 (default/linux/amd64/10.0, gcc-4.4.2, glibc-2.11-r1, 2.6.32-gentoo-r1 x86_64) ================================================================= System uname: Linux-2.6.32-gentoo-r1-x86_64-AMD_Phenom-tm-_II_X4_945_Processor-with-gentoo-2.0.1 Timestamp of tree: Thu, 21 Jan 2010 01:45:01 +0000 app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.10 dev-lang/python: 2.6.4, 3.1.1-r1 dev-python/pycrypto: 2.1.0 dev-util/cmake: 2.8.0 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.0-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.65 sys-devel/automake: 1.9.6-r2, 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=amdfam10 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=amdfam10 -O2 -pipe" DISTDIR="/mnt/space/gentoo/distfiles" EMERGE_DEFAULT_OPTS="--keep-going --alphabetical --binpkg-respect-use y --load-average=5" FEATURES="assume-digests buildpkg collision-protect distlocks fixpackages news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo http://gentoo.inode.at/ http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" INSTALL_MASK="" LDFLAGS="-Wl,-O1,--hash-style=gnu,--sort-common,--as-needed" LINGUAS="en" MAKEOPTS="--jobs=4 --load-average=5 --silent" PKGDIR="/mnt/space/gentoo/packages/jesper" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage /usr/portage/local/layman/science /usr/portage/local/layman/x11 /usr/portage/local/layman/java-overlay /usr/portage/local/layman/sunrise /usr/portage/local/layman/stoile /usr/portage/local/layman/nx /usr/portage/local/layman/mpd /usr/portage/local/layman/pure-funtoo" SYNC="rsync://rsync.de.gentoo.org/gentoo-portage" USE="3dnow X a52 aac aalib acl acpi ada alsa amd64 apm applet audiofile avahi berkdb blas branding bzip2 cairo caps cdr cli consolekit cracklib crypt cups curl cxx daap dbus dri dts dvb dvd dvdr encode exif fam ffmpeg flac foomaticdb gd gdbm gif gimp git gnome gnome-keyring gnuplot gphoto2 gpm graphviz gstreamer gtk hal iconv idn imagemagick imap imlib ipv6 jpeg lapack latex lcms ldap libnotify logrotate lua lzo mad matroska mikmod mmx modules mp3 mpeg mudflap multilib musepack musicbrainz nautilus ncurses nls nntp nptl nptlonly nsplugin offensive ogg openal opengl openmp pam pch pcre pdf perl png policykit ppds pppd python quicktime readline reflection sdl session smp sound spell spl sse sse2 ssl startup-notification subversion svg sysfs syslog tcpd tetex theora threads tiff truetype unicode usb vorbis wmf x264 xcb xml xml2 xorg xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CAMERAS="adc65 agfa-cl20 agfa_cl20 aox barbie canon casio casio_qv clicksmart310 digigr8 digita dimagev dimera dimera3500 directory enigma13 fuji gsmart300 hp215 iclick jamcam jd11 kodak kodak_dc120 kodak_dc210 kodak_dc240 kodak_dc3200 kodak_ez200 konica konica_qm150 largan lg_gsm mars minolta mustek panasonic panasonic_coolshot panasonic_dc1000 panasonic_dc1580 panasonic_l859 pccam300 pccam600 polaroid polaroid_pdc320 polaroid_pdc640 polaroid_pdc700 ptp2 ricoh ricoh_g3 samsung sierra sipix sipix_blink sipix_blink2 sipix_web2 smal sonix sony_dscf1 sony_dscf55 sonydscf1 sonydscf55 soundvision spca50x sq905 stv0674 stv0680 sx330z template toshiba toshiba_pdrm11 topfield" DVB_CARDS="dibusb-usb2" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" RUBY_TARGETS="ruby18" SANE_BACKENDS="genesys" USERLAND="GNU" VIDEO_CARDS="fbdev radeon vesa" Unset: CPPFLAGS, CTARGET, FFLAGS, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS The same happens on a ~x86 system.
It sounds like coreutils is not respecting USE=-selinux if libselinux.so exists on the system.
Looks like that, yes. I still have all the selinux stuff compiled into the kernel but I have SELinux boot parameter enabled and set to 0, so it should all be switched of. /selinux is not mounted. I was thinking about compiling coreutils without libselinux.so.1 dependency in a changeroot, installing the binpackage, removing libselinux and then recompiling everything, but that's not the real fix. Is there anything I can do to help?
should be working now http://sources.gentoo.org/sys-apps/coreutils/coreutils-8.4.ebuild?r1=1.1&r2=1.2
