# ls etc/portage/package.mask/ libtool openrc perl # cat etc/portage/package.use/iputils net-misc/iputils -caps -filecaps ... wtf is this doing in the final stage3? At best these are build-time hacks that shouldn't be user visible
(In reply to Patrick Lauer from comment #0) > # ls etc/portage/package.mask/ > libtool openrc perl I don't think these are needed anymore to build stage1,2,3 from our current stage1,2,3. If they ever were needed, then the correct approach would have been to identify the problems in the tree and fix them so that we don't need maskings in the stages. Only "experimental" stages (eg my musl stages) should be allowed to have customizations in /etc/portage. > > # cat etc/portage/package.use/iputils > net-misc/iputils -caps -filecaps > I get this one, and its unfortunate. We really should be defaulting to USE=-filecaps anyhow since older kernels may not support capabilities xattrs. (Sometimes upgrading a kernel isn't an option, eg embedded boards.) ping still works without caps by the traditional setuid root bit.
(In reply to Anthony Basile from comment #1) > (In reply to Patrick Lauer from comment #0) > > # ls etc/portage/package.mask/ > > libtool openrc perl > > I don't think these are needed anymore to build stage1,2,3 from our current > stage1,2,3. If they ever were needed, then the correct approach would have > been to identify the problems in the tree and fix them so that we don't need > maskings in the stages. They were needed to build stages. Without them, we would get unsolvable blockers. I've resisted for years to add an /etc/portage to the stages, but in the end I had to cave in as the tree got to a state that it would be impossible to build any stages otherwise. The issue is so relevant, that it affected most (all?) arches. > Only "experimental" stages (eg my musl stages) should be allowed to have > customizations in /etc/portage. My plan has been for a long time, and I've told it to Patrick a few times already, to change catalyst so that we can split customizations required for building from settings we want to keep in the stages when catalyst finishes building them. I'm waiting to dol-sen to complete the merge for catalyst-3 so we can start working on this. > > # cat etc/portage/package.use/iputils > > net-misc/iputils -caps -filecaps > > > > I get this one, and its unfortunate. We really should be defaulting to > USE=-filecaps anyhow since older kernels may not support capabilities > xattrs. (Sometimes upgrading a kernel isn't an option, eg embedded boards.) > ping still works without caps by the traditional setuid root bit. It does, but we got complaints about this issue - bug 531788.
https://gitweb.gentoo.org/proj/catalyst.git/log/?h=catalyst_use We're finally adding a CATALYST_USE spec and a PORTAGE_PREFIX variables to address this issue.
We finally fixed this by using portage_prefix in the catalyst spec files[1]: [1] - https://gitweb.gentoo.org/proj/releng.git/commit/?id=73dfdcaca31dd32d560a7e042cd2147542025ec2 http://distfiles.gentoo.org/releases/amd64/autobuilds/20180109T214501Z/
