[gentoo-commits] repo/gentoo:master commit in: profiles/base/

Sam James Sat, 31 Dec 2022 06:53:31 -0800

commit:     45c610a03a0686bb89dbea1f45018aa1cd034612
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 31 14:52:18 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Dec 31 14:53:20 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=45c610a0


profiles/base: mask sys-apps/pax-utils[seccomp]

As noted in mask message, this is far too risky for new libcs/newer versions
of libc/sandbox changes and it leads to Portage generating invalid metadata.

Portage does warn on it right now though, at least.

Bug: https://bugs.gentoo.org/815877
Signed-off-by: Sam James <sam <AT> gentoo.org>

 profiles/base/package.use.mask | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/profiles/base/package.use.mask b/profiles/base/package.use.mask
index 26983de4b5a7..9bc955e09478 100644
--- a/profiles/base/package.use.mask
+++ b/profiles/base/package.use.mask
@@ -6,6 +6,11 @@
 # This file is only for generic masks. For arch-specific masks (i.e.
 # mask everywhere, unmask on arch/*) use arch/base.
 
+# Sam James <[email protected]> (2022-12-31)
+# seccomp cannot be disabled via a runtime toggle which introduces substantial
+# fragility to Portage which relies on pax-utils' scanelf heavily. bug #815877.
+app-misc/pax-utils seccomp
+
 # Sam James <[email protected]> (2022-12-29)
 # Needs yet-unpackaged libxmlpp-5.0, bug #888898
 www-client/elinks javascript

[gentoo-commits] repo/gentoo:master commit in: profiles/base/

Reply via email to