sys-process/lsof-4.78-r1 automagically depends on sys-libs/libselinux: $ readelf -d /usr/bin/lsof Dynamic section at offset 0x1fbc8 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libselinux.so.1] 0x00000001 (NEEDED) Shared library: [libc.so.6] [...] 00DIST in the lsof tarball says: 4.78 April 24, 2007 [...] Added SELinux security context support, provided by James Antill <james.antill@redhat.com>. I have not tested this, but James and Karel Zak <kzak@redhat.com> have. Portage 2.1.3.3 (selinux/2007.0/x86/hardened, gcc-3.4.6, glibc-2.6-r0, 2.6.21-hardened-r3 i686) ================================================================= System uname: 2.6.21-hardened-r3 i686 Intel(R) Pentium(R) 4 CPU 1.60GHz Gentoo Base System release 2.0.0_rc2 Timestamp of tree: Thu, 09 Aug 2007 15:50:01 +0000 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.6.3, 1.7.9-r1, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17-r1 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.22-r2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -pipe -march=pentium4 -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -pipe -march=pentium4 -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protect distlocks loadpolicy parallel-fetch sandbox selinux sesandbox sfperms strict unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo ftp://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/" LANG="de_DE.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--sort-common" LINGUAS="de ja" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from /etc/portage/rsync_excludes" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="X a52 aac alsa bzip2 cairo caps cjk crypt cups dbus dri dts dvd dvdread ffmpeg flac gif hardened iconv idn jpeg kdeenablefinal mmap mmx nls nptl offensive ogg pam pic png selinux spell sse sse2 ssl symlink theora threads tiff truetype unicode vorbis x264 x86 xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="asym dmix dsnoop empty file hooks ioplug multi plug rate route shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de ja" USERLAND="GNU" VIDEO_CARDS="nv" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
It's not only lsof. There are a lot of packages that get screwed by libselinux (especially gnome/gtk related packages). This is something that should be really solved somehow, sys-libs/libselinux is not listed anywhere and if you mistakenly forget about the issue and compile it, you won't be able remove it easily. Other bitches are sys-process/audit and sys-libs/libxcrypt. masking masking masking! :)
Created attachment 153075 [details, diff] lsof-4.78-r1-selinux.ebuild.patch Gives the pesky Configure script a sed up the wazoo! Untested, believed to fix the problem.
Adding base-system to CC -- it's their ebuild.
thanks Peter. added as -r2