Author: Luis Ressel
Posted: 2019-03
.
@aidecoe: CC'ing you as the maintainer of rebar.eclass.
Cheers,
Luis Ressel
ven't encountered any problems after switching on my own hosts.
Just keep in mind that vanilla-sources doesn't support the PaX xattrs
properly (AFAIR), so if you ever want to switch *back* from vanilla to
hardened, some pax markings will be missing. This shouldn't be an issue
for gentoo-sources,
; time and just skipping them if there's already an update pending?
I'm generating metadata locally. There are changes to some of the more
important eclasses roughly every other week; and after such a change,
the regen takes 10-25 minutes on my hardware.
I don't understand your question (3
gcc? I've never
had any issues compiling vanilla-sources with my hardened gcc.
Regards,
Luis Ressel
pgpcIzUTAKWA0.pgp
Description: OpenPGP digital signature
On Thu, 27 Apr 2017 12:58:23 +0200
Dirkjan Ochtman wrote:
> I also want to drop the following:
>
> - dev-lang/erlang
It'd be great if whoever takes over maintainership of erlang could also
take care of dev-util/rebar. Dirkjan is currently proxying it for me,
but I don't use it
would probably notice after a
while).
At the same time, I don't see any disadvantages to requiring commit
signatures; does anyone else?
Regards,
Luis Ressel
don't really care about dtd and xml-schema, but for the other
two, I think this would make much sense.)
Currently, it looks like commits to xml-schema aren't signed at all,
all commits to glsa are signed, and commits to the other two repos are
partly signed.
Regards,
Luis Ressel
erefore, I think we'd be better off providing such tests
out-of-band (test plans in the wiki), or perhaps stuffing them into
pkg_config().
Don't get me wrong, I'm not at all opposed to your idea of easing the
ATs' life, I'm just not convinced of the neccessity of EAPI changes. :)
--
Regards,
Lui
tests after the
package has been merged?
--
Regards,
Luis Ressel
Luis Ressel <ara...@aixah.de>
GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD
pgpBC7jG9HFAG.pgp
Description: OpenPGP digital signature
se who
still want Changelogs are trying to avoid.
--
Regards,
Luis Ressel
pgpq6zs8rkL_V.pgp
Description: OpenPGP digital signature
obal USE's this way matters very
much. If enable geoip or ldap in my make.conf, I expect packages with
optional geoip/ldap support to enable this support.
Also, if you wish to document this mapping in more detail, that's
exactly what we have the tags in metadata.xml for. You can even
write whole sentences in there! :)
Regards,
Luis Ressel
ttp_rewrite -> pcre
* nginx_modules_http_image_filter -> gd
Introduce new USE flags for the remaining few modules -- voilĂ , there
you go, no need for a new USE_EXPAND and the users will even get a
useful set of default modules enabled based on their global USE flags.
--
Luis Ressel
right?
> Because NGINX is monolithic, but its sources are aggregated from a
> bunch of different authors for some fun reason, sort of like having a
> `linux-kernel` ebuild with a SRC_URI for every single vendor name (
> *barf* )
>
> I really do not envy the nginx maintainer.
>
Me neither. @mrueg or whoever's the maintainer: Thanks for sparing the
rest of us from this insanity. :)
Regards,
Luis Ressel
On Tue, 9 Feb 2016 11:34:12 +1300
Kent Fredric wrote:
> nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit?
> ( dev-lang/luajit:2= ) )
This should of course also be changed to the global 'lua' useflag.
Currently, you're even mixing NGINX_MODULES and
ot; unix user isn't a member of the portage
group.
By the way, the herds.xml file is still available at
https://api.gentoo.org/packages/herds.xml and can probably be removed
from there as well.
--
Regards,
Luis Ressel
ettings-client doesn't have any revdeps and
looks like it could be removed along with the other GPE stuff.
libfakekey still has some revdeps, though.
--
Luis Ressel
ing ChangeLogs seems a bit useless to
me.
Regards,
Luis Ressel
bm and berkdb use flags are
enabled), but for ssl, we might want to specify "REQUIRED_USE = ^^
(..)" so it's possible to use USE dependencies in order to avoid
namespace conflicts. If there's no REQUIRED_USE,
"somelibrary[libressl]" might be satisfied even though somelibrary is
actually linked to openssl.
--
Regards,
Luis Ressel
, they were overwritten by
cbb7cfa sys-kernel/tuxonice-sources: Version bumps.
Was this intended? If not, @nerdboy: You might want to commit these
changes again.
Regards,
Luis Ressel
feature for which
implementations are available, for example grSecurity's TPE) -- well,
then the GCC won't be of any help for the attacker, because he can't
execute the compiled binary.
Not that it matters. :)
--
Luis Ressel ara...@aixah.de
GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029
, just one or two months ago several of the sys-firmware/iwl*-ucode
packages were lastrited with the recommendation of using
sys-kernel/linux-firmware instead. So why are we adding new firmware
ebuilds now? The iwl7625 firmware seems to be in linux-firmware, too.
Regards,
Luis Ressel
--
Luis
On Thu, 26 Feb 2015 10:13:14 -0600
Alex Brandt alund...@gentoo.org wrote:
# Alex Brandt alund...@gentoo.org (21 Feb 2015)
# Upstream renamed to docker-compose for all future releases
app-emulation/fig
Wouldn't a pkgmove be the better way to handle this?
--
Luis Ressel ara...@aixah.de
GPG
be difficult to set up in an automated fashion. So
my proposal would be just to stay with the status quo, and document the
above in the wiki for those who really want to use both network-sandbox
and distcc despite the hassle.
Regards,
Luis Ressel
On Thu, 8 Jan 2015 09:16:36 -0600
William Hubbs willi...@gentoo.org wrote:
Rich is correct, maintainers are no longer bound by the games team
policy.
I didn't know this. If that's the case, I'd like to proxy-maintain
nethack. I'll try and prepare the neccessary ebuild changes.
Luis Ressel
package.masking - is a bit uncommon and clutters package.mask, but
it's not all *that* bad and it eases the workflow.
Regards,
Luis Ressel
signature.asc
Description: PGP signature
replying in this thread.)
- Samuli
Thanks for the clarification. This approach seems to be the optimum.
Regards,
Luis Ressel
signature.asc
Description: PGP signature
, why not just
let him do it?
Regards,
Luis Ressel
signature.asc
Description: PGP signature
constraints are unsatisfied:
heimdal? ( !mit-krb5 ) mit-krb5? ( !heimdal )
might be a bit confusing to some people, and remember that constraint
string would grow much longer if there were more providers, as grows
quadratically.
Regards,
Luis Ressel
signature.asc
Description: PGP signature
The kernel-2.eclass calls epatch_user, so AFAIK you don't have to
create a local ebuild copy in order to patch the kernel, just drop your
patches in /etc/portage/patches/sys-kernel/hardened-sources/.
Regards,
Luis Ressel
signature.asc
Description: PGP signature
.
--
Regards,
Luis Ressel
signature.asc
Description: PGP signature
supporting it), I'd strongly recommend doing so even with
network-sandbox being disabled.
--
Regards,
Luis Ressel
signature.asc
Description: PGP signature
On Wed, 09 Apr 2014 22:34:07 +0200
Pacho Ramos pa...@gentoo.org wrote:
mail-filter/bogofilter
If no dev wants it, I'll proxy-maintain it.
Regards,
Luis Ressel
signature.asc
Description: PGP signature
On Wed, 9 Apr 2014 22:48:55 +0200
Luis Ressel ara...@aixah.de wrote:
On Wed, 09 Apr 2014 22:34:07 +0200
Pacho Ramos pa...@gentoo.org wrote:
mail-filter/bogofilter
If no dev wants it, I'll proxy-maintain it.
Okay, that's obsolete now that johu stepped up...
Regards,
Luis Ressel
}
${EROOT}usr/$(get_libdir)/gdk-pixbuf-2.0/2.10.0/loaders.cache
+ rm ${tmp_file} # don't replace this with mv, required for SELinux
support
eend $?
}
--
Luis Ressel ara...@aixah.de
GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD
signature.asc
Description: PGP
.
Determinism results in more or less the same time, that's correct;
proper benchmarks would show you a similar result.
I guess he means that the (according to the file sizes) extensive
caching doesn't seem to be of much use.
--
Luis Ressel ara...@aixah.de
GPG fpr: F08D 2AF6 655E 25DE 52BC E53D
On Mon, 13 Jan 2014 16:46:08 +0100
Tom Wijsman tom...@gentoo.org wrote:
On Mon, 13 Jan 2014 16:38:59 +0100
Luis Ressel ara...@aixah.de wrote:
On Mon, 13 Jan 2014 15:58:13 +0100
Tom Wijsman tom...@gentoo.org wrote:
Half a minute if you disable backtracking which you don't need
I've got an additional proposal: It would be interesting if this
feature could also make use of the LINGUAS var for selectively
filtering /usr/share/man and and /usr/share/locale, as most ebuilds
don't respect this variable natively.
--
Luis Ressel ara...@aixah.de
GPG fpr: F08D 2AF6 655E 25DE
,
but if it eases the implementation, that shouldn't be much of a problem.
But imho it'd be nice if this approach didn't require a separate config
entry for each language (that'd be 233 entries).
--
Luis Ressel ara...@aixah.de
GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD
On Thu, 02 Jan 2014 11:10:54 -0500
Ian Stakenvicius a...@gentoo.org wrote:
..or we could just do this, using the existing RESTRICT=mirror
that's already in ebuilds -- have a DISTDIR and a NODISTCACHEDIR,
NODISTCACHEDIR defaults to DISTDIR; if RESTRICT=mirror then
distfiles are saved to
On Fri, 3 Jan 2014 05:37:33 +1300
Kent Fredric kentfred...@gmail.com wrote:
Fair point. I was more seeing a pattern emerging and exploring where
that might lead.
Though I figure it a useful distinction for convenience sake.
Consider if you wanted to archive some files to make a subsequent
On Thu, 2 Jan 2014 17:53:45 +0100
Ulrich Mueller u...@gentoo.org wrote:
RESTRICT is somewhat complementary to LICENSE and cannot provide as
much information. Especially, RESTRICT=mirror doesn't say under
what license the restricted pieces are, and doesn't allow for
ACCEPT_LICENSE filtering.
On Thu, 02 Jan 2014 12:13:47 -0500
Ian Stakenvicius a...@gentoo.org wrote:
RESTRICT=fetch requires the user to do their own fetching; since
they're doing that, it should be pretty obvious that the distfile is
restricted somehow. Of course, they are still able to do whatever
they want, but I
this, a handbook entry should suffice.
Luis Ressel
signature.asc
Description: PGP signature
On Sat, 23 Mar 2013 10:52:00 +0100
Martin Dummer martin.dum...@gmx.net wrote:
If I manage one day to achieve the gentoo dev status then I am willing
to pick up maintainership of
app-laptop/nvidiabl
but until then?
What about proxy-maintainership?
Luis
signature.asc
Description: PGP
On Tue, 26 Feb 2013 17:10:56 +0700 (NOVT)
gro...@gentoo.org wrote:
Hello *,
I am stuck and have many questions.
[In the process of becoming a dev, I've generated a gpg key, of course. It
vwas on an old notebook. When I switched to a newer notebook, I forgot to
copy it, because I don't use
On Mon, 18 Feb 2013 23:27:46 +
Robin H. Johnson robb...@gentoo.org wrote:
3. Dedicated Gentoo signing subkey
What's the point of this, btw?
Luis
signature.asc
Description: PGP signature
On Wed, 20 Feb 2013 21:37:38 +
Robin H. Johnson robb...@gentoo.org wrote:
Ideally keeping your primary key offline to increase security.
However, the original theory was that if there was some attack that
required a large amount of ciphertext or a targeted plaintext input,
you would be
48 matches
Mail list logo