[gentoo-dev] Re: [PATCH] profiles: update pie use-flag masks for sys-devel/gcc
Jonathan Callen posted on Thu, 11 May 2017 23:25:24 -0400 as excerpted:
> In this case, you would add a line like:
>
> >=sys-devel/gcc-6.3.0 -pie
>
> to the /etc/portage/profile/package.use.mask file (creating the
> file/parent directory as needed). If a flag is masked/forced for all
> packages in use.{mask,force}, then you would add a line like "-foo" to
> the use.{mask,force} file in /etc/portage/profile/.
Thanks. As I said I doubt I'm the only one who will find this useful.
=:^)
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
[gentoo-dev] Re: [PATCH] profiles: update pie use-flag masks for sys-devel/gcc
On 05/11/2017 10:45 PM, Duncan wrote:
> Matthias Maier posted on Thu, 11 May 2017 19:17:51 -0500 as excerpted:
>
>> In light of the recent discussion, I will restore the status quo for the
>> pie use-flag: masked on non-hardened profiles, unmasked and forced on
>> hardened profiles.
>>
>> The next step will be to switch the pie use-flag on default profiles
>> from masked to unmasked/forced with a profile update.
>
> For those of us who already have a default-pie system and now that we do,
> don't want to go back, what's the prescribed override? I've never felt
> the need to override a masked flag like that, before.
>
> (I'm sure I could find the general documentation and handle it myself,
> but I'm equally sure that there's likely to be others in my situation by
> now, and we shouldn't /all/ need to figure it out on our own.)
>
> (As some may remember, yes, I do have USE="-* ..." set, so didn't get pie
> with the initial gcc6 emerge and @world rebuild, but I was persuaded by
> the discussion here to try it, second global rebuild, and so far it
> works. So both because it's supposed to be safer and because I don't
> want to do now a /third/ global rebuild, I strongly prefer to keep it,
> now that I have it, and no issues so far.)
>
In general, to override a package.use{,.stable}.{mask,force} entry in
your profile, you add an entry to the same file in /etc/portage/profile/
that turns off the mask/force value in the profile. In this case, you
would add a line like:
>=sys-devel/gcc-6.3.0 -pie
to the /etc/portage/profile/package.use.mask file (creating the
file/parent directory as needed). If a flag is masked/forced for all
packages in use.{mask,force}, then you would add a line like "-foo" to
the use.{mask,force} file in /etc/portage/profile/.
--
Jonathan Callen
signature.asc
Description: OpenPGP digital signature
[gentoo-dev] Re: [PATCH] profiles: update pie use-flag masks for sys-devel/gcc
Matthias Maier posted on Thu, 11 May 2017 19:17:51 -0500 as excerpted: > In light of the recent discussion, I will restore the status quo for the > pie use-flag: masked on non-hardened profiles, unmasked and forced on > hardened profiles. > > The next step will be to switch the pie use-flag on default profiles > from masked to unmasked/forced with a profile update. For those of us who already have a default-pie system and now that we do, don't want to go back, what's the prescribed override? I've never felt the need to override a masked flag like that, before. (I'm sure I could find the general documentation and handle it myself, but I'm equally sure that there's likely to be others in my situation by now, and we shouldn't /all/ need to figure it out on our own.) (As some may remember, yes, I do have USE="-* ..." set, so didn't get pie with the initial gcc6 emerge and @world rebuild, but I was persuaded by the discussion here to try it, second global rebuild, and so far it works. So both because it's supposed to be safer and because I don't want to do now a /third/ global rebuild, I strongly prefer to keep it, now that I have it, and no issues so far.) -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman
