[gentoo-dev] News item: sys-apps/s6 ftrig ABI change

Author: Luis Ressel Posted: 2019-03

[gentoo-dev] Package up for grab: dev-util/rebar

. @aidecoe: CC'ing you as the maintainer of rebar.eclass. Cheers, Luis Ressel

Re: [gentoo-dev] The status of grsecurity upstream and hardened-sources downstream

ven't encountered any problems after switching on my own hosts. Just keep in mind that vanilla-sources doesn't support the PaX xattrs properly (AFAIR), so if you ever want to switch *back* from vanilla to hardened, some pax markings will be missing. This shouldn't be an issue for gentoo-sources,

Re: [gentoo-dev] Re: [gentoo-commits] repo/gentoo:master commit in: eclass/

; time and just skipping them if there's already an update pending? I'm generating metadata locally. There are changes to some of the more important eclasses roughly every other week; and after such a change, the regen takes 10-25 minutes on my hardware. I don't understand your question (3

Re: [gentoo-dev] Re: [RFC] News item: GCC 6 defaults to USE="pie ssp"

gcc? I've never had any issues compiling vanilla-sources with my hardened gcc. Regards, Luis Ressel pgpcIzUTAKWA0.pgp Description: OpenPGP digital signature

Re: [gentoo-dev] Packages up for grabs

On Thu, 27 Apr 2017 12:58:23 +0200 Dirkjan Ochtman wrote: > I also want to drop the following: > > - dev-lang/erlang It'd be great if whoever takes over maintainership of erlang could also take care of dev-util/rebar. Dirkjan is currently proxying it for me, but I don't use it

Re: [gentoo-dev] Commit signing for metadata/* repos

would probably notice after a while). At the same time, I don't see any disadvantages to requiring commit signatures; does anyone else? Regards, Luis Ressel

[gentoo-dev] Commit signing for metadata/* repos

don't really care about dtd and xml-schema, but for the other two, I think this would make much sense.) Currently, it looks like commits to xml-schema aren't signed at all, all commits to glsa are signed, and commits to the other two repos are partly signed. Regards, Luis Ressel

Re: [gentoo-dev] Proposal for changes for the next EAPI version

erefore, I think we'd be better off providing such tests out-of-band (test plans in the wiki), or perhaps stuffing them into pkg_config(). Don't get me wrong, I'm not at all opposed to your idea of easing the ATs' life, I'm just not convinced of the neccessity of EAPI changes. :) -- Regards, Lui

Re: [gentoo-dev] Proposal for changes for the next EAPI version

tests after the package has been merged? -- Regards, Luis Ressel Luis Ressel <ara...@aixah.de> GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD pgpBC7jG9HFAG.pgp Description: OpenPGP digital signature

Re: [gentoo-dev] Re: Bug #565566: Why is it still not fixed?

se who still want Changelogs are trying to avoid. -- Regards, Luis Ressel pgpq6zs8rkL_V.pgp Description: OpenPGP digital signature

Re: [gentoo-dev] New USE_EXPAND NGINX_MODULES_STREAM

obal USE's this way matters very much. If enable geoip or ldap in my make.conf, I expect packages with optional geoip/ldap support to enable this support. Also, if you wish to document this mapping in more detail, that's exactly what we have the tags in metadata.xml for. You can even write whole sentences in there! :) Regards, Luis Ressel

Re: [gentoo-dev] New USE_EXPAND NGINX_MODULES_STREAM

ttp_rewrite -> pcre * nginx_modules_http_image_filter -> gd Introduce new USE flags for the remaining few modules -- voilà, there you go, no need for a new USE_EXPAND and the users will even get a useful set of default modules enabled based on their global USE flags. -- Luis Ressel

Re: [gentoo-dev] New USE_EXPAND NGINX_MODULES_STREAM

right? > Because NGINX is monolithic, but its sources are aggregated from a > bunch of different authors for some fun reason, sort of like having a > `linux-kernel` ebuild with a SRC_URI for every single vendor name ( > *barf* ) > > I really do not envy the nginx maintainer. > Me neither. @mrueg or whoever's the maintainer: Thanks for sparing the rest of us from this insanity. :) Regards, Luis Ressel

Re: [gentoo-dev] New USE_EXPAND NGINX_MODULES_STREAM

On Tue, 9 Feb 2016 11:34:12 +1300 Kent Fredric wrote: > nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? > ( dev-lang/luajit:2= ) ) This should of course also be changed to the global 'lua' useflag. Currently, you're even mixing NGINX_MODULES and

Re: [gentoo-dev] GLEP 67 is in, please update your metadata.dtd!

ot; unix user isn't a member of the portage group. By the way, the herds.xml file is still available at https://api.gentoo.org/packages/herds.xml and can probably be removed from there as well. -- Regards, Luis Ressel

Re: [gentoo-dev] Herd up for grabs: gpe

ettings-client doesn't have any revdeps and looks like it could be removed along with the other GPE stuff. libfakekey still has some revdeps, though. -- Luis Ressel

Re: [gentoo-dev] ChangeLogs: Digest verification failed

ing ChangeLogs seems a bit useless to me. Regards, Luis Ressel

Re: [gentoo-dev] ssl vs openssl vs libressl vs gnutls USE flag foo

bm and berkdb use flags are enabled), but for ssl, we might want to specify "REQUIRED_USE = ^^ (..)" so it's possible to use USE dependencies in order to avoid namespace conflicts. If there's no REQUIRED_USE, "somelibrary[libressl]" might be satisfied even though somelibrary is actually linked to openssl. -- Regards, Luis Ressel

[gentoo-dev] Non-fast-forward push to gentoo repository

, they were overwritten by cbb7cfa sys-kernel/tuxonice-sources: Version bumps. Was this intended? If not, @nerdboy: You might want to commit these changes again. Regards, Luis Ressel

Re: [gentoo-dev] Policies for games dirs, new group gamestat for sgid binaries

feature for which implementations are available, for example grSecurity's TPE) -- well, then the GCC won't be of any help for the attacker, because he can't execute the compiled binary. Not that it matters. :) -- Luis Ressel ara...@aixah.de GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029

Re: [gentoo-dev] Automated Package Removal and Addition Tracker, for the week ending 2015-02-22 23:59 UTC

, just one or two months ago several of the sys-firmware/iwl*-ucode packages were lastrited with the recommendation of using sys-kernel/linux-firmware instead. So why are we adding new firmware ebuilds now? The iwl7625 firmware seems to be in linux-firmware, too. Regards, Luis Ressel -- Luis

Re: [gentoo-dev] Last rites: app-emulation/fig

On Thu, 26 Feb 2015 10:13:14 -0600 Alex Brandt alund...@gentoo.org wrote: # Alex Brandt alund...@gentoo.org (21 Feb 2015) # Upstream renamed to docker-compose for all future releases app-emulation/fig Wouldn't a pkgmove be the better way to handle this? -- Luis Ressel ara...@aixah.de GPG

Re: [gentoo-dev] Figuring out the solution to in-network-sandbox distcc

be difficult to set up in an automated fashion. So my proposal would be just to stay with the status quo, and document the above in the wiki for those who really want to use both network-sandbox and distcc despite the hassle. Regards, Luis Ressel

Re: [gentoo-dev] Re: qa last rites -- long list

On Thu, 8 Jan 2015 09:16:36 -0600 William Hubbs willi...@gentoo.org wrote: Rich is correct, maintainers are no longer bound by the games team policy. I didn't know this. If that's the case, I'd like to proxy-maintain nethack. I'll try and prepare the neccessary ebuild changes. Luis Ressel

Re: [gentoo-dev] Re: [gentoo-commits] gentoo-x86 commit in media-libs/x265: x265-1.0.ebuild ChangeLog x265-1.2.ebuild x265-0.8.ebuild

package.masking - is a bit uncommon and clutters package.mask, but it's not all *that* bad and it eases the workflow. Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] Re: [gentoo-commits] gentoo-x86 commit in media-libs/x265: x265-1.0.ebuild ChangeLog x265-1.2.ebuild x265-0.8.ebuild

replying in this thread.) - Samuli Thanks for the clarification. This approach seems to be the optimum. Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] RFC: USE flags in virtuals, to allow a specific provider to be determined

, why not just let him do it? Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] RFC: USE flags in virtuals, to allow a specific provider to be determined

constraints are unsatisfied: heimdal? ( !mit-krb5 ) mit-krb5? ( !heimdal ) might be a bit confusing to some people, and remember that constraint string would grow much longer if there were more providers, as grows quadratically. Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] local repo kernel ebuild search for tar.bz2 instead of tar.xz

The kernel-2.eclass calls epatch_user, so AFAIK you don't have to create a local ebuild copy in order to patch the kernel, just drop your patches in /etc/portage/patches/sys-kernel/hardened-sources/. Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] Re: RFC: enabling ipc-sandbox network-sandbox by default

. -- Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] RFC: enabling ipc-sandbox network-sandbox by default

supporting it), I'd strongly recommend doing so even with network-sandbox being disabled. -- Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] Packages up for grabs

On Wed, 09 Apr 2014 22:34:07 +0200 Pacho Ramos pa...@gentoo.org wrote: mail-filter/bogofilter If no dev wants it, I'll proxy-maintain it. Regards, Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] Packages up for grabs

On Wed, 9 Apr 2014 22:48:55 +0200 Luis Ressel ara...@aixah.de wrote: On Wed, 09 Apr 2014 22:34:07 +0200 Pacho Ramos pa...@gentoo.org wrote: mail-filter/bogofilter If no dev wants it, I'll proxy-maintain it. Okay, that's obsolete now that johu stepped up... Regards, Luis Ressel

[gentoo-dev] [PATCH] gnome2-utils.eclass: Fix SELinux labeling issue in gnome2_gdk_pixbuf_update()

} ${EROOT}usr/$(get_libdir)/gdk-pixbuf-2.0/2.10.0/loaders.cache + rm ${tmp_file} # don't replace this with mv, required for SELinux support eend $? } -- Luis Ressel ara...@aixah.de GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD signature.asc Description: PGP

Re: [gentoo-dev] [OT] pkgcore bikeshed (was Portage team)

. Determinism results in more or less the same time, that's correct; proper benchmarks would show you a similar result. I guess he means that the (according to the file sizes) extensive caching doesn't seem to be of much use. -- Luis Ressel ara...@aixah.de GPG fpr: F08D 2AF6 655E 25DE 52BC E53D

Re: [gentoo-dev] [OT] pkgcore bikeshed (was Portage team)

On Mon, 13 Jan 2014 16:46:08 +0100 Tom Wijsman tom...@gentoo.org wrote: On Mon, 13 Jan 2014 16:38:59 +0100 Luis Ressel ara...@aixah.de wrote: On Mon, 13 Jan 2014 15:58:13 +0100 Tom Wijsman tom...@gentoo.org wrote: Half a minute if you disable backtracking which you don't need

Re: [gentoo-dev] RFC: storing predefined INSTALL_MASK directory lists in repos

I've got an additional proposal: It would be interesting if this feature could also make use of the LINGUAS var for selectively filtering /usr/share/man and and /usr/share/locale, as most ebuilds don't respect this variable natively. -- Luis Ressel ara...@aixah.de GPG fpr: F08D 2AF6 655E 25DE

Re: [gentoo-dev] RFC: storing predefined INSTALL_MASK directory lists in repos

, but if it eases the implementation, that shouldn't be much of a problem. But imho it'd be nice if this approach didn't require a separate config entry for each language (that'd be 233 entries). -- Luis Ressel ara...@aixah.de GPG fpr: F08D 2AF6 655E 25DE 52BC E53D 08F5 7F90 3029 B5BD

Re: [gentoo-dev] Re: RFC: new global USE flag srcdist

On Thu, 02 Jan 2014 11:10:54 -0500 Ian Stakenvicius a...@gentoo.org wrote: ..or we could just do this, using the existing RESTRICT=mirror that's already in ebuilds -- have a DISTDIR and a NODISTCACHEDIR, NODISTCACHEDIR defaults to DISTDIR; if RESTRICT=mirror then distfiles are saved to

Re: [gentoo-dev] Re: RFC: new global USE flag srcdist

On Fri, 3 Jan 2014 05:37:33 +1300 Kent Fredric kentfred...@gmail.com wrote: Fair point. I was more seeing a pattern emerging and exploring where that might lead. Though I figure it a useful distinction for convenience sake. Consider if you wanted to archive some files to make a subsequent

Re: [gentoo-dev] Re: RFC: new global USE flag srcdist

On Thu, 2 Jan 2014 17:53:45 +0100 Ulrich Mueller u...@gentoo.org wrote: RESTRICT is somewhat complementary to LICENSE and cannot provide as much information. Especially, RESTRICT=mirror doesn't say under what license the restricted pieces are, and doesn't allow for ACCEPT_LICENSE filtering.

Re: [gentoo-dev] Re: RFC: new global USE flag srcdist

On Thu, 02 Jan 2014 12:13:47 -0500 Ian Stakenvicius a...@gentoo.org wrote: RESTRICT=fetch requires the user to do their own fetching; since they're doing that, it should be pretty obvious that the distfile is restricted somehow. Of course, they are still able to do whatever they want, but I

Re: [gentoo-dev] openrc 0.12 - netifrc/newnet mix-up

this, a handbook entry should suffice. Luis Ressel signature.asc Description: PGP signature

Re: [gentoo-dev] Packages up for grabs

On Sat, 23 Mar 2013 10:52:00 +0100 Martin Dummer martin.dum...@gmx.net wrote: If I manage one day to achieve the gentoo dev status then I am willing to pick up maintainership of app-laptop/nvidiabl but until then? What about proxy-maintainership? Luis signature.asc Description: PGP

Re: [gentoo-dev] RFC: Gentoo GPG key policies

On Tue, 26 Feb 2013 17:10:56 +0700 (NOVT) gro...@gentoo.org wrote: Hello *, I am stuck and have many questions. [In the process of becoming a dev, I've generated a gpg key, of course. It vwas on an old notebook. When I switched to a newer notebook, I forgot to copy it, because I don't use

Re: [gentoo-dev] RFC: Gentoo GPG key policies

On Mon, 18 Feb 2013 23:27:46 + Robin H. Johnson robb...@gentoo.org wrote: 3. Dedicated Gentoo signing subkey What's the point of this, btw? Luis signature.asc Description: PGP signature

Re: [gentoo-dev] RFC: Gentoo GPG key policies

On Wed, 20 Feb 2013 21:37:38 + Robin H. Johnson robb...@gentoo.org wrote: Ideally keeping your primary key offline to increase security. However, the original theory was that if there was some attack that required a large amount of ciphertext or a targeted plaintext input, you would be