On Tue, 6 Oct 2015 19:39:42 +0100 Markos Chandras wrote: > On 10/06/2015 06:58 PM, Andrew Savchenko wrote: > > Hi, > > > > On Tue, 6 Oct 2015 17:32:07 +0100 Markos Chandras wrote: > >> Hi, > >> > >> The following packages currently use the 'audit' local useflag > >> > >> ~$ qgrep -N -s -l -e "^IUSE.*audit" | sed "s@-[0-9].*@@" | sort -n | uniq > >> > >> app-emulation/libvirt > >> app-forensics/aide > >> dev-util/perf > >> gnome-base/gdm > >> net-dns/opendnssec > >> sys-apps/openrc > >> sys-apps/policycoreutils > >> sys-apps/shadow > >> sys-apps/systemd > >> sys-freebsd/freebsd-ubin > >> sys-freebsd/freebsd-usbin > >> sys-libs/pam > >> > >> (+ lightdm which I just committed) > >> > >> How about making it global with the following description? > > > > Audit support != sys-process/audit support. > > > > 1) sys-freebsd/us?bin packages does not depend on the audit > > package. This flag controls their own auditing tools. > > > > 2) net-dns/opendnssec uses this flag to build auditing tools (and > > doesn't depend on the audit package). > > > > 3) sys-apps/policycoreutils implies more than dependency on the > > audit package: > > Enable support for <pkg>sys-process/audit</pkg> and use the audit_* > > functions (like audit_getuid instead of getuid()) > > > >> "Enable support for <pkg>sys-process/audit</pkg>" > >> > >> which is similar to what most packages use? > > > > Best regards, > > Andrew Savchenko > > > > Yeah I obviously didn't check all packages. How about those that really > use sys-process/audit? They seem to be more than 5 anyway. Looks fine, though it will be good to make use flag description more informative, like:
Enable support for Linux audit subsystem using <pkg>sys-process/audit</pkg> For special packages listed above, just keep their local audit use flag descriptions. I'm not really sure it is OK to have global flag conflicting with local flags, but apparently we have majority of packages using the audit flag for sys-process/audit support, so it should be fine. Best regards, Andrew Savchenko
pgpjC86DlyTMR.pgp
Description: PGP signature
