Add v2refpolicy selinux profile for version 2.xxxxxxxx Reference Policy usage.

author: Chris PeBenito <pebenito@gentoo.org> 2009-08-09 18:21:18 +0000
committer: Chris PeBenito <pebenito@gentoo.org> 2009-08-09 18:21:18 +0000
commit: a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df (patch)
tree: 94c3125d6da54d19068a69d7b76eb8a9db15414c /profiles/selinux
parent: Masking net-misc/bo2k_console for QA removal. (diff)
download: gentoo-2-a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df.tar.gz
gentoo-2-a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df.tar.bz2
gentoo-2-a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df.zip
20 files changed, 167 insertions, 1 deletions
diff --git a/profiles/selinux/ChangeLog b/profiles/selinux/ChangeLog
index 29be35bb4f2b..6593f7b89292 100644
--- a/profiles/selinux/ChangeLog
+++ b/profiles/selinux/ChangeLog
@@ -1,6 +1,21 @@
 # ChangeLog for Gentoo/sparc-fbsd profile directory
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/ChangeLog,v 1.3 2009/08/08 02:19:11 pebenito Exp $
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/ChangeLog,v 1.4 2009/08/09 18:21:16 pebenito Exp $
+
+  09 Aug 2009; Chris PeBenito <pebenito@gentoo.org>
+  +v2refpolicy/amd64/desktop/parent, +v2refpolicy/amd64/developer/parent,
+  +v2refpolicy/amd64/hardened/make.defaults,
+  +v2refpolicy/amd64/hardened/package.mask,
+  +v2refpolicy/amd64/hardened/package.use.mask,
+  +v2refpolicy/amd64/hardened/parent, +v2refpolicy/amd64/hardened/use.mask,
+  +v2refpolicy/amd64/parent, +v2refpolicy/amd64/server/parent,
+  +v2refpolicy/package.mask, +v2refpolicy/parent,
+  +v2refpolicy/x86/desktop/parent, +v2refpolicy/x86/developer/parent,
+  +v2refpolicy/x86/hardened/make.defaults,
+  +v2refpolicy/x86/hardened/package.mask, +v2refpolicy/x86/hardened/parent,
+  +v2refpolicy/x86/hardened/use.mask, +v2refpolicy/x86/parent,
+  +v2refpolicy/x86/server/parent:
+  Add v2refpolicy profile for version 2.xxxxxxxx Reference Policy usage.
 
   08 Aug 2009; Chris PeBenito <pebenito@gentoo.org> 2007.0/make.defaults,
   -2007.0/packages, make.defaults, packages:
diff --git a/profiles/selinux/v2refpolicy/amd64/desktop/parent b/profiles/selinux/v2refpolicy/amd64/desktop/parent
new file mode 100644
index 000000000000..8bd863038bbe
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../targets/desktop
diff --git a/profiles/selinux/v2refpolicy/amd64/developer/parent b/profiles/selinux/v2refpolicy/amd64/developer/parent
new file mode 100644
index 000000000000..b558d90594ab
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../targets/developer
diff --git a/profiles/selinux/v2refpolicy/amd64/hardened/make.defaults b/profiles/selinux/v2refpolicy/amd64/hardened/make.defaults
new file mode 100644
index 000000000000..643b9fc038cd
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/hardened/make.defaults
@@ -0,0 +1,5 @@
+# Copyright 1999-2004 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/v2refpolicy/amd64/hardened/make.defaults,v 1.1 2009/08/09 18:21:17 pebenito Exp $
+
+USE="hardened pic"
diff --git a/profiles/selinux/v2refpolicy/amd64/hardened/package.mask b/profiles/selinux/v2refpolicy/amd64/hardened/package.mask
new file mode 100644
index 000000000000..36678695110e
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/hardened/package.mask
@@ -0,0 +1,22 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/v2refpolicy/amd64/hardened/package.mask,v 1.1 2009/08/09 18:21:17 pebenito Exp $
+
+# Mask off gcc-4 for all hardened arches until SSP is sorted out (i.e.
+# backport for gcc-4.0 and 4.0/4.1 rigged for SSP support in the C
+# library).  After that, may still need to be masked on x86 as some
+# PIC assembler that worked pre-4 fails post-4, e.g. bug #104966).
+# If you want to play with it, unmask in /etc/portage/package.unmask
+# but be prepared to rebuild anything you build with gcc-4, later.
+# 2006-01-11 kevquinn
+=sys-devel/gcc-4*
+
+# Mask off glibc-2.4 until the approach for SSP compatibilty is
+# resolved in a way that doesn't break running systems, and we
+# have a sensible upgrade path.  Advise having a static busybox
+# around if you try it in a live system.
+# 2006-03-13 kevquinn
+=sys-libs/glibc-2.4*
+
+# Patch fails, mask for now. Bug #270274.
+>=sys-libs/glibc-2.10
diff --git a/profiles/selinux/v2refpolicy/amd64/hardened/package.use.mask b/profiles/selinux/v2refpolicy/amd64/hardened/package.use.mask
new file mode 100644
index 000000000000..f6b4ebac3651
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/hardened/package.use.mask
@@ -0,0 +1,7 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/v2refpolicy/amd64/hardened/package.use.mask,v 1.1 2009/08/09 18:21:17 pebenito Exp $
+
+# 2008/08/01 Jean-Noël Rivasseau <elvanor@gentoo.org>
+# Disabling gcj flag, no gcc-4.3.1 yet
+dev-java/eclipse-ecj gcj
diff --git a/profiles/selinux/v2refpolicy/amd64/hardened/parent b/profiles/selinux/v2refpolicy/amd64/hardened/parent
new file mode 100644
index 000000000000..f3229c5b9876
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/hardened/parent
@@ -0,0 +1 @@
+..
diff --git a/profiles/selinux/v2refpolicy/amd64/hardened/use.mask b/profiles/selinux/v2refpolicy/amd64/hardened/use.mask
new file mode 100644
index 000000000000..e57804586058
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/hardened/use.mask
@@ -0,0 +1 @@
+-hardened
diff --git a/profiles/selinux/v2refpolicy/amd64/parent b/profiles/selinux/v2refpolicy/amd64/parent
new file mode 100644
index 000000000000..c90a808d444c
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/parent
@@ -0,0 +1,2 @@
+../../../default/linux/amd64
+..
diff --git a/profiles/selinux/v2refpolicy/amd64/server/parent b/profiles/selinux/v2refpolicy/amd64/server/parent
new file mode 100644
index 000000000000..9c7a195197bd
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/amd64/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../targets/server
diff --git a/profiles/selinux/v2refpolicy/package.mask b/profiles/selinux/v2refpolicy/package.mask
new file mode 100644
index 000000000000..9d6a5f118677
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/package.mask
@@ -0,0 +1,69 @@
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/v2refpolicy/package.mask,v 1.1 2009/08/09 18:21:16 pebenito Exp $
+
+# force version 2.YYYYMMDD policy over version YYYYMMDD policy
+>=selinux-acpi-3
+>=selinux-apache-3
+>=selinux-arpwatch-3
+>=selinux-asterisk-3
+>=selinux-audio-entropyd-3
+>=selinux-avahi-3
+>=selinux-base-policy-3
+>=selinux-bind-3
+>=selinux-bluez-3
+>=selinux-clamav-3
+>=selinux-clockspeed-3
+>=selinux-courier-imap-3
+>=selinux-cups-3
+>=selinux-cyrus-sasl-3
+>=selinux-daemontools-3
+>=selinux-dante-3
+>=selinux-dbus-3
+>=selinux-desktop-3
+>=selinux-dhcp-3
+>=selinux-distcc-3
+>=selinux-djbdns-3
+>=selinux-dnsmasq-3
+>=selinux-ftpd-3
+>=selinux-games-3
+>=selinux-gnupg-3
+>=selinux-gpm-3
+>=selinux-hal-3
+>=selinux-inetd-3
+>=selinux-ipsec-tools-3
+>=selinux-jabber-server-3
+>=selinux-kerberos-3
+>=selinux-logrotate-3
+>=selinux-lpd-3
+>=selinux-lvm-3
+>=selinux-mdadm-3
+>=selinux-munin-3
+>=selinux-mysql-3
+>=selinux-nfs-3
+>=selinux-ntop-3
+>=selinux-ntp-3
+>=selinux-openldap-3
+>=selinux-openvpn-3
+>=selinux-pcmcia-3
+>=selinux-portmap-3
+>=selinux-postfix-3
+>=selinux-postgresql-3
+>=selinux-ppp-3
+>=selinux-privoxy-3
+>=selinux-procmail-3
+>=selinux-publicfile-3
+>=selinux-pyzor-3
+>=selinux-qmail-3
+>=selinux-razor-3
+>=selinux-samba-3
+>=selinux-screen-3
+>=selinux-snmpd-3
+>=selinux-snort-3
+>=selinux-spamassassin-3
+>=selinux-squid-3
+>=selinux-stunnel-3
+>=selinux-sudo-3
+>=selinux-tcpd-3
+>=selinux-tftpd-3
+>=selinux-ucspi-tcp-3
+>=selinux-wireshark-3
diff --git a/profiles/selinux/v2refpolicy/parent b/profiles/selinux/v2refpolicy/parent
new file mode 100644
index 000000000000..f3229c5b9876
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/parent
@@ -0,0 +1 @@
+..
diff --git a/profiles/selinux/v2refpolicy/x86/desktop/parent b/profiles/selinux/v2refpolicy/x86/desktop/parent
new file mode 100644
index 000000000000..8bd863038bbe
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/desktop/parent
@@ -0,0 +1,2 @@
+..
+../../../../targets/desktop
diff --git a/profiles/selinux/v2refpolicy/x86/developer/parent b/profiles/selinux/v2refpolicy/x86/developer/parent
new file mode 100644
index 000000000000..b558d90594ab
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/developer/parent
@@ -0,0 +1,2 @@
+..
+../../../../targets/developer
diff --git a/profiles/selinux/v2refpolicy/x86/hardened/make.defaults b/profiles/selinux/v2refpolicy/x86/hardened/make.defaults
new file mode 100644
index 000000000000..02cba0154c17
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/hardened/make.defaults
@@ -0,0 +1,5 @@
+# Copyright 1999-2004 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/v2refpolicy/x86/hardened/make.defaults,v 1.1 2009/08/09 18:21:18 pebenito Exp $
+
+USE="hardened pic"
diff --git a/profiles/selinux/v2refpolicy/x86/hardened/package.mask b/profiles/selinux/v2refpolicy/x86/hardened/package.mask
new file mode 100644
index 000000000000..3b67e05603e1
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/hardened/package.mask
@@ -0,0 +1,22 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/v2refpolicy/x86/hardened/package.mask,v 1.1 2009/08/09 18:21:18 pebenito Exp $
+
+# Mask off gcc-4 for all hardened arches until SSP is sorted out (i.e.
+# backport for gcc-4.0 and 4.0/4.1 rigged for SSP support in the C
+# library).  After that, may still need to be masked on x86 as some
+# PIC assembler that worked pre-4 fails post-4, e.g. bug #104966).
+# If you want to play with it, unmask in /etc/portage/package.unmask
+# but be prepared to rebuild anything you build with gcc-4, later.
+# 2006-01-11 kevquinn
+=sys-devel/gcc-4*
+
+# Mask off glibc-2.4 until the approach for SSP compatibilty is
+# resolved in a way that doesn't break running systems, and we
+# have a sensible upgrade path.  Advise having a static busybox
+# around if you try it in a live system.
+# 2006-03-13 kevquinn
+=sys-libs/glibc-2.4*
+
+# Patch fails, mask for now. Bug #270274.
+>=sys-libs/glibc-2.10
diff --git a/profiles/selinux/v2refpolicy/x86/hardened/parent b/profiles/selinux/v2refpolicy/x86/hardened/parent
new file mode 100644
index 000000000000..f3229c5b9876
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/hardened/parent
@@ -0,0 +1 @@
+..
diff --git a/profiles/selinux/v2refpolicy/x86/hardened/use.mask b/profiles/selinux/v2refpolicy/x86/hardened/use.mask
new file mode 100644
index 000000000000..e57804586058
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/hardened/use.mask
@@ -0,0 +1 @@
+-hardened
diff --git a/profiles/selinux/v2refpolicy/x86/parent b/profiles/selinux/v2refpolicy/x86/parent
new file mode 100644
index 000000000000..0e8c09bb1087
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/parent
@@ -0,0 +1,2 @@
+../../../default/linux/x86
+..
diff --git a/profiles/selinux/v2refpolicy/x86/server/parent b/profiles/selinux/v2refpolicy/x86/server/parent
new file mode 100644
index 000000000000..9c7a195197bd
--- /dev/null
+++ b/profiles/selinux/v2refpolicy/x86/server/parent
@@ -0,0 +1,2 @@
+..
+../../../../targets/server
author	Chris PeBenito <pebenito@gentoo.org>	2009-08-09 18:21:18 +0000
committer	Chris PeBenito <pebenito@gentoo.org>	2009-08-09 18:21:18 +0000
commit	a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df (patch)
tree	94c3125d6da54d19068a69d7b76eb8a9db15414c /profiles/selinux
parent	Masking net-misc/bo2k_console for QA removal. (diff)
download	gentoo-2-a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df.tar.gz gentoo-2-a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df.tar.bz2 gentoo-2-a63a6a9e00cbbe3b0c99821873a98bfbbaebe2df.zip