Summary: | sys-fs/aufs2: all ebuilds should remove the 'hardened' useflag | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Anthony Basile <blueness> |
Component: | Current packages | Assignee: | Justin Lecher (RETIRED) <jlec> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hardened-kernel+disabled, hardened |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 375561 |
Description
Anthony Basile
2011-07-20 20:45:31 UTC
I don't have any experience nor real knowledge about those things. I really need to rely on your suggestions. Are you really sure applying the pax.patch in all cases is fine? (In reply to comment #1) > I don't have any experience nor real knowledge about those things. I really > need to rely on your suggestions. Are you really sure applying the pax.patch in > all cases is fine? The other option is to introduce a local use flag like "pax_kernel" instead of "hardened". Reading the patch, I see the author does have some concerns about future possible problems and we don't want to pollute mainline gentoo with hardened issues. The reason for concern is that "hardened" means toolchain hardening and not the kernel hardening, which is what pax is. A user can have a vanilla toolchain (ie USE="-hardened") and still have a pax kernel. We would then be in a situation where aufs2 would need the patch, but not get it. The worse case scenario is a user who keeps switching back and forth between pax and non-pax kernels. You could say in the description of the use flag to set it if the user anticipates *ever* running under a pax kernel. + 15 Aug 2011; Justin Lecher <jlec@gentoo.org> aufs2-0_p20110627.ebuild, + aufs2-2.2_p20110815.ebuild, metadata.xml: + Changed USE hardened to pax_kernel, #375811 + |