diff options
-rw-r--r-- | profiles/hardened/amd64/make.defaults | 4 | ||||
-rw-r--r-- | profiles/hardened/ia64/make.defaults | 4 | ||||
-rw-r--r-- | profiles/hardened/linux/amd64/make.defaults | 4 | ||||
-rw-r--r-- | profiles/hardened/linux/package.mask | 38 | ||||
-rw-r--r-- | profiles/hardened/linux/x86/make.defaults | 6 | ||||
-rw-r--r-- | profiles/hardened/linux/x86/minimal/make.defaults | 4 | ||||
-rw-r--r-- | profiles/hardened/package.mask | 38 | ||||
-rw-r--r-- | profiles/hardened/ppc64/make.defaults | 4 | ||||
-rw-r--r-- | profiles/hardened/x86/make.defaults | 4 |
9 files changed, 55 insertions, 51 deletions
diff --git a/profiles/hardened/amd64/make.defaults b/profiles/hardened/amd64/make.defaults index 6bd031d0a657..c5437778d30c 100644 --- a/profiles/hardened/amd64/make.defaults +++ b/profiles/hardened/amd64/make.defaults @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/amd64/make.defaults,v 1.17 2008/10/22 14:49:32 remi Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/amd64/make.defaults,v 1.18 2009/07/09 00:47:43 gengor Exp $ ARCH="amd64" ACCEPT_KEYWORDS="${ARCH}" @@ -11,7 +11,7 @@ ABI="amd64" # amd64 CHOST="x86_64-pc-linux-gnu" -CFLAGS="-mtune=k8 -O2 -pipe -fforce-addr" +CFLAGS="-O2 -pipe" CXXFLAGS="${CFLAGS}" CFLAGS_amd64="" diff --git a/profiles/hardened/ia64/make.defaults b/profiles/hardened/ia64/make.defaults index 1a05799f00da..4e0a303a6125 100644 --- a/profiles/hardened/ia64/make.defaults +++ b/profiles/hardened/ia64/make.defaults @@ -1,12 +1,12 @@ # Copyright 1999-2007 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/ia64/make.defaults,v 1.4 2009/03/27 22:33:47 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/ia64/make.defaults,v 1.5 2009/07/09 00:47:44 gengor Exp $ ARCH="ia64" ACCEPT_KEYWORDS="ia64" CHOST="ia64-unknown-linux-gnu" -CFLAGS="-O2 -pipe -fforce-addr" +CFLAGS="-O2 -pipe" CXXFLAGS="${CFLAGS}" FEATURES="sandbox sfperms" diff --git a/profiles/hardened/linux/amd64/make.defaults b/profiles/hardened/linux/amd64/make.defaults index 7ca23249aacf..51e59c6cdc11 100644 --- a/profiles/hardened/linux/amd64/make.defaults +++ b/profiles/hardened/linux/amd64/make.defaults @@ -1,8 +1,8 @@ # Copyright 1999-2008 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/amd64/make.defaults,v 1.1 2008/04/01 17:41:11 wolf31o2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/amd64/make.defaults,v 1.2 2009/07/09 00:47:47 gengor Exp $ USE="justify" -CFLAGS="-mtune=k8 -O2 -pipe -fforce-addr" +CFLAGS="-O2 -pipe" CXXFLAGS="${CFLAGS}" diff --git a/profiles/hardened/linux/package.mask b/profiles/hardened/linux/package.mask index 35ac6214ba8e..fbcc08bacb31 100644 --- a/profiles/hardened/linux/package.mask +++ b/profiles/hardened/linux/package.mask @@ -1,21 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/package.mask,v 1.18 2009/07/08 11:34:02 yngwin Exp $ - -# Requires glibc-2.10 -=x11-libs/fltk-1.1.9-r1 -=x11-libs/fltk-2.0_pre6786-r1 - -# Requires gcc-4*, unmask when stable. Bug #217927. -media-libs/libopenraw -media-gfx/raw-thumbnailer -media-gfx/gnome-raw-thumbnailer - -# >=acml-3.6 depends on gcc-4*. ->=sci-libs/acml-3.6 - -# net-im/skype requires gcc-4* runtime. -net-im/skype +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/package.mask,v 1.19 2009/07/09 00:47:45 gengor Exp $ # Hardened versions of gcc-4.0* through gcc-4.2* are not available. =sys-devel/gcc-4.0* @@ -29,8 +14,17 @@ net-im/skype # No hardened >=sys-devel/gcc-4.4 available. >=sys-devel/gcc-4.4 -# Patch fails, mask for now. Bug #270274. ->=sys-libs/glibc-2.10 +# Requires gcc-4*, unmask when stable. Bug #217927. +media-libs/libopenraw +media-gfx/raw-thumbnailer +media-gfx/gnome-raw-thumbnailer + +# net-im/skype requires gcc-4* runtime. +net-im/skype + +# >=sci-libs/acml-3.6 requires gcc-4*. +>=sci-libs/acml-3.6 + # Mask off glibc-2.4 until the approach for SSP compatibilty is # resolved in a way that doesn't break running systems, and we @@ -39,6 +33,14 @@ net-im/skype # 2006-03-13 kevquinn =sys-libs/glibc-2.4* +# Patch fails, mask for now. Bug #270274. +>=sys-libs/glibc-2.10 + +# Requires >=sys-libs/glibc-2.10 +=x11-libs/fltk-1.1.9-r1 +=x11-libs/fltk-2.0_pre6786-r1 + + # These packages do more harm than good w/ hardened. # Users must now the opensource xorg nv driver with nvidia cards # by placing Driver "nv" in xorg.conf. diff --git a/profiles/hardened/linux/x86/make.defaults b/profiles/hardened/linux/x86/make.defaults index c114e55c4ec5..e04b217fb78a 100644 --- a/profiles/hardened/linux/x86/make.defaults +++ b/profiles/hardened/linux/x86/make.defaults @@ -1,12 +1,12 @@ # Copyright 1999-2006 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/make.defaults,v 1.3 2008/10/22 14:49:33 remi Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/make.defaults,v 1.4 2009/07/09 00:47:48 gengor Exp $ ARCH="x86" ACCEPT_KEYWORDS="x86" -CHOST="i486-pc-linux-gnu" -CFLAGS="-O2 -mcpu=i486 -pipe -fforce-addr" +CHOST="i686-pc-linux-gnu" +CFLAGS="-march=i686 -O2 -pipe" CXXFLAGS="${CFLAGS}" USE="berkdb crypt hardened nptl nptlonly pam pic readline ssl tcpd zlib" diff --git a/profiles/hardened/linux/x86/minimal/make.defaults b/profiles/hardened/linux/x86/minimal/make.defaults index 7231ba0b372c..041631692101 100644 --- a/profiles/hardened/linux/x86/minimal/make.defaults +++ b/profiles/hardened/linux/x86/minimal/make.defaults @@ -1,6 +1,6 @@ # Copyright 2007 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/minimal/make.defaults,v 1.1 2008/04/01 17:41:34 wolf31o2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/linux/x86/minimal/make.defaults,v 1.2 2009/07/09 00:47:49 gengor Exp $ # - TESTING PROFILE - TESTING PROFILE - # ------ USE AT YOUR OWN RISK ------ @@ -9,7 +9,7 @@ USE="-* crypt hardened minimal multicall ncurses pic readline zlib" PORTDIR=/usr/portage PKGDIR=${PORTDIR}/packages/${ARCH}/ -CFLAGS="-Os -pipe" +CFLAGS="-march=i686 -Os -pipe" CXXFLAGS="${CFLAGS}" FEATURES="nodoc noinfo noman" diff --git a/profiles/hardened/package.mask b/profiles/hardened/package.mask index a824ce09f533..89ce2c3f3e00 100644 --- a/profiles/hardened/package.mask +++ b/profiles/hardened/package.mask @@ -1,21 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/package.mask,v 1.59 2009/07/08 11:08:47 yngwin Exp $ - -# Requires glibc-2.10 -=x11-libs/fltk-1.1.9-r1 -=x11-libs/fltk-2.0_pre6786-r1 - -# Requires gcc-4*, unmask when stable. Bug #217927. -media-libs/libopenraw -media-gfx/raw-thumbnailer -media-gfx/gnome-raw-thumbnailer - -# >=acml-3.6 depends on gcc-4*. ->=sci-libs/acml-3.6 - -# net-im/skype requires gcc-4* runtime. -net-im/skype +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/package.mask,v 1.60 2009/07/09 00:47:41 gengor Exp $ # Hardened versions of gcc-4.0* through gcc-4.2* are not available. =sys-devel/gcc-4.0* @@ -29,8 +14,17 @@ net-im/skype # No hardened >=sys-devel/gcc-4.4 available. >=sys-devel/gcc-4.4 -# Patch fails, mask for now. Bug #270274. ->=sys-libs/glibc-2.10 +# Requires gcc-4*, unmask when stable. Bug #217927. +media-libs/libopenraw +media-gfx/raw-thumbnailer +media-gfx/gnome-raw-thumbnailer + +# net-im/skype requires gcc-4* runtime. +net-im/skype + +# >=sci-libs/acml-3.6 requires gcc-4*. +>=sci-libs/acml-3.6 + # Mask off glibc-2.4 until the approach for SSP compatibilty is # resolved in a way that doesn't break running systems, and we @@ -39,6 +33,14 @@ net-im/skype # 2006-03-13 kevquinn =sys-libs/glibc-2.4* +# Patch fails, mask for now. Bug #270274. +>=sys-libs/glibc-2.10 + +# Requires >=sys-libs/glibc-2.10 +=x11-libs/fltk-1.1.9-r1 +=x11-libs/fltk-2.0_pre6786-r1 + + # These packages do more harm than good w/ hardened. # Users must now the opensource xorg nv driver with nvidia cards # by placing Driver "nv" in xorg.conf. diff --git a/profiles/hardened/ppc64/make.defaults b/profiles/hardened/ppc64/make.defaults index 1e895cbff144..56404a1b9e08 100644 --- a/profiles/hardened/ppc64/make.defaults +++ b/profiles/hardened/ppc64/make.defaults @@ -1,6 +1,6 @@ # Copyright 2005 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/ppc64/make.defaults,v 1.8 2007/02/20 22:43:17 wolf31o2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/ppc64/make.defaults,v 1.9 2009/07/09 00:47:50 gengor Exp $ ARCH="ppc64" ACCEPT_KEYWORDS="${ARCH}" @@ -8,6 +8,6 @@ USE="${ARCH} berkdb crypt hardened pam pic readline ssl zlib" # ppc64 CHOST="powerpc64-unknown-linux-gnu" -CFLAGS="-O2 -pipe -fforce-addr" +CFLAGS="-O2 -pipe" CXXFLAGS="${CFLAGS}" FEATURES="-sandbox" diff --git a/profiles/hardened/x86/make.defaults b/profiles/hardened/x86/make.defaults index 45d83c1d87de..10d1a6cff374 100644 --- a/profiles/hardened/x86/make.defaults +++ b/profiles/hardened/x86/make.defaults @@ -1,12 +1,12 @@ # Copyright 1999-2006 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/x86/make.defaults,v 1.17 2009/03/27 22:33:48 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/hardened/x86/make.defaults,v 1.18 2009/07/09 00:47:51 gengor Exp $ ARCH="x86" ACCEPT_KEYWORDS="x86" CHOST="i486-pc-linux-gnu" -CFLAGS="-O2 -mcpu=i486 -pipe -fforce-addr" +CFLAGS="-mcpu=i486 -O2 -pipe" CXXFLAGS="${CFLAGS}" USE="berkdb crypt hardened nls nptl nptlonly pam pic readline ssl tcpd zlib" |