Re: [gentoo-dev] [PATCH] gnome2-utils.eclass add support for gdk-pixbuf cache update

Le mardi 10 septembre 2013 à 17:10 +0200, Fabian Groffen a écrit : > On 10-09-2013 06:22:38 -0400, Ian Stakenvicius wrote: > > > pkg_preinst() { > > >gnome2_gdk_pixbuf_savelist > > > + > > > + # Make sure loaders.cache belongs to gdk-pixbuf alone > > > + local cache="usr/$(get_l

[gentoo-dev] Re: Improve the security of the default profile

On Wed, 11 Sep 2013 04:49:55 + (UTC) Duncan <1i5t5.dun...@cox.net> wrote: > If I'm not mistaken, dirtyepic intends to patch gcc directly to enable > -fstack-protector, changing the default at that level so it'll be used > unless -fno-stack-protector is in CFLAGS. At least, that's how I > i

[gentoo-dev] Re: Improve the security of the default profile

On Tue, 10 Sep 2013 18:41:34 -0400 Richard Yao wrote: > A few thoughts: > > 1. The kernel expects -fno-stack-protector to be the default. What will > the effect be on kernel configuration once -fstack-protector is the default? The kernel has supported building with -fstack-protector since 2.6.1

[gentoo-dev] Re: Improve the security of the default profile

Rich Freeman posted on Tue, 10 Sep 2013 21:17:33 -0400 as excerpted: > On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote: >> 1. The kernel expects -fno-stack-protector to be the default. What will >> the effect be on kernel configuration once -fstack-protector is the >> default? > > Nothing, si

Re: [gentoo-dev] Re: Improve the security of the default profile

On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote: > 1. The kernel expects -fno-stack-protector to be the default. What will > the effect be on kernel configuration once -fstack-protector is the default? Nothing, since the kernel build system doesn't source make.conf. If somebody creates an ebu

Re: [gentoo-dev] Re: Improve the security of the default profile

On 09/08/2013 08:06 PM, Ryan Hill wrote: > On Sat, 07 Sep 2013 19:08:57 -0400 > "Rick \"Zero_Chaos\" Farina" wrote: > >> Personally I think this would be a great stepping stone. If we add >> - -fstack-protector to 4.8.1 it will improve security (only a little I >> know) and give us an idea of wh

Re: [gentoo-dev] [PATCH] gnome2-utils.eclass add support for gdk-pixbuf cache update

On 10-09-2013 06:22:38 -0400, Ian Stakenvicius wrote: > > pkg_preinst() { > >gnome2_gdk_pixbuf_savelist > > + > > + # Make sure loaders.cache belongs to gdk-pixbuf alone > > + local cache="usr/$(get_libdir)/${PN}-2.0/2.10.0/loaders.cache" > > + > > + if [[ -e ${ROOT}${cach

Re: [gentoo-dev] Re: [PATCH systemd.eclass] Introduce systemd_install_serviced().

Dnia 2013-09-10, o godz. 11:57:31 "Steven J. Long" napisał(a): > Michał Górny wrote: > > +systemd_install_serviced() { > > + debug-print-function ${FUNCNAME} "${@}" > > + > > + local src=${1} > > + local service=${2} > > + > > + if [[ ! ${service} ]]; then > > + [[ ${src} == *.c

[gentoo-dev] gnome2-utils.eclass: Add support new gtk-query-immodules handling introduced in gtk+-2.24.20

We need to handle this in a different way for gtk+-2.24.20 and newer as explained at: https://bugs.gentoo.org/show_bug.cgi?id=476100 The patch is here: https://476100.bugs.gentoo.org/attachment.cgi?id=358136 If you have any problems with it, please tell me so. Thanks

Re: [gentoo-dev] Re: Improve the security of the default profile

On Sun, 8 Sep 2013 18:06:56 -0600 Ryan Hill wrote: > So does anyone have any objections to making -fstack-protector the > default? Now is the time to speak up. On PARISC you get plenty of warning of how well it's going to work out: (cc1|gcc|foo): warning: -fstack-protector not supported for thi

Re: [gentoo-dev] Re: [PATCH systemd.eclass] Introduce systemd_install_serviced().

On Tue, Sep 10, 2013 at 12:36 PM, Michał Górny wrote: >> > Nope. 'insinto' sets INSDESTTREE. Due to lack of proper scoping >> > support in bash, we need to localize this variable to restore previous >> > 'insinto' scope after leaving the function. >> >> Actually the only reason you are able to do

[gentoo-dev] Re: bash-completion-2.1-r1

On Tue, Sep 10, 2013 at 10:43:53AM +, Martin Vaeth wrote: > Duncan <1i5t5.dun...@cox.net> wrote: > > > > Indeed. The general gentoo policy is that "trivial" files such as bash- > > completions, systemd unit files, etc, aren't to be install-controlled via > > USE flags > > Then why is bash-com

[gentoo-dev] Re: [PATCH systemd.eclass] Introduce systemd_install_serviced().

Michał Górny wrote: > +systemd_install_serviced() { > + debug-print-function ${FUNCNAME} "${@}" > + > + local src=${1} > + local service=${2} > + > + if [[ ! ${service} ]]; then > + [[ ${src} == *.conf ]] || die "Source file needs .conf suffix" I would hoist this check

[gentoo-dev] Re: bash-completion-2.1-r1

Duncan <1i5t5.dun...@cox.net> wrote: > > Indeed. The general gentoo policy is that "trivial" files such as bash- > completions, systemd unit files, etc, aren't to be install-controlled via > USE flags Then why is bash-completion still a global USE-flag? Those few cases where it has a different ef

Re: [gentoo-dev] [PATCH] gnome2-utils.eclass add support for gdk-pixbuf cache update

On 2013-09-09, at 7:31 PM, Alex Xu wrote: > On 09/09/13 08:29 PM, Gilles Dartiguelongue wrote: >> >> Index: gdk-pixbuf-2.28.2.ebuild >> === >> RCS file: >> /var/cvsroot/gentoo-x86/x11-libs/gdk-pixb

Re: [gentoo-dev] git-r3: initial draft for review

Michał Górny wrote: > > > the whole eclass is inside the " if [[ ! ${_GIT_R3} ]] " block. > > > > Rather than putting the whole eclass inside a block like that maybe > > it's possible to test for that condition and "exit" early? > > exiting ebuild process in middle of inheritance chain is *not* a

Re: [gentoo-dev] git-r3: initial draft for review

Dnia 2013-09-10, o godz. 07:04:49 Peter Stuge napisał(a): > Markos Chandras wrote: > > the whole eclass is inside the " if [[ ! ${_GIT_R3} ]] " block. > > Rather than putting the whole eclass inside a block like that maybe > it's possible to test for that condition and "exit" early? Could you t