summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2004-10-20 23:43:08 +0000
committerNed Ludd <solar@gentoo.org>2004-10-20 23:43:08 +0000
commit9d99d6b6828cf5030fe0f56c8b72db94d4645a1e (patch)
tree6b29e516883153979b1abd38693bcedf35306af9 /profiles
parent~s390 KEYWORD for #67170 (diff)
downloadhistorical-9d99d6b6828cf5030fe0f56c8b72db94d4645a1e.tar.gz
historical-9d99d6b6828cf5030fe0f56c8b72db94d4645a1e.tar.bz2
historical-9d99d6b6828cf5030fe0f56c8b72db94d4645a1e.zip
moving hardened to subfolder of x86
Diffstat (limited to 'profiles')
-rw-r--r--profiles/uclibc/x86/hardened/make.defaults42
-rw-r--r--profiles/uclibc/x86/hardened/packages2
-rw-r--r--profiles/uclibc/x86/hardened/parent1
3 files changed, 45 insertions, 0 deletions
diff --git a/profiles/uclibc/x86/hardened/make.defaults b/profiles/uclibc/x86/hardened/make.defaults
new file mode 100644
index 000000000000..b5c34c28d41e
--- /dev/null
+++ b/profiles/uclibc/x86/hardened/make.defaults
@@ -0,0 +1,42 @@
+USE="x86 berkdb crypt ncurses readline ssl tcpd zlib pic pie hardened uclibc"
+STAGE1_USE="uclibc hardened pic"
+GRP_STAGE23_USE="x86 berkdb crypt ncurses readline ssl tcpd zlib pic pie hardened uclibc"
+
+ARCH="x86"
+ACCEPT_KEYWORDS="x86"
+
+#
+# FEATURES are settings that affect the functionality of portage. Most of
+# these settings are for developer use, but some are available to non-
+# developers as well.
+#
+# 'nodoc' remove 'doc' in the preinstall phase.
+# functionality equivalent to rm -rf usr/share/doc/
+#
+# 'noinfo' remove 'info' pages in the preinstall phase.
+# functionality equivalent to rm -rf usr/share/info/
+#
+# 'noman' remove 'man' pages in the preinstall phase.
+# functionality equivalent to rm -rf usr/share/man/
+#
+# 'sandbox' enable sandbox-ing when running emerge and ebuild
+#
+# 'sfperms' feature for security minded people that causes portage to
+# remove group+other readable bits on setuid files and
+# remove the other readable bits on setgid files.
+#
+# 'strict' causes portage to react strongly to conditions that
+# have the potential to be dangerous -- like missing or
+# incorrect Manifest files.
+#
+# 'userpriv' allows portage to drop root privleges while it is compiling
+# as a security measure, and as a side effect this can remove
+# sandbox access violations for users.
+#
+# 'usersandbox' enables sandboxing while portage is running under userpriv.
+# unpack -- for debugging purposes only.
+
+FEATURES="sandbox sfperms strict nodoc noinfo noman"
+#FEATURES="${FEATURES} userpriv usersandbox"
+PORTDIR=/usr/portage/
+PKGDIR=${PORTDIR}/packages/${CHOST}/
diff --git a/profiles/uclibc/x86/hardened/packages b/profiles/uclibc/x86/hardened/packages
new file mode 100644
index 000000000000..dadbd89fb0a6
--- /dev/null
+++ b/profiles/uclibc/x86/hardened/packages
@@ -0,0 +1,2 @@
+-*<sys-devel/binutils-2.14.90.0.7
+*>=sys-devel/binutils-2.14.90.0.8
diff --git a/profiles/uclibc/x86/hardened/parent b/profiles/uclibc/x86/hardened/parent
new file mode 100644
index 000000000000..f3229c5b9876
--- /dev/null
+++ b/profiles/uclibc/x86/hardened/parent
@@ -0,0 +1 @@
+..