diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-04-25 20:25:57 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-04-25 20:25:57 +0000 |
commit | 03d0b4b5cb9404386dc785d88a0d40a85bbdfa67 (patch) | |
tree | bde9b95c2748abd1dc4ffc52a11b228994fc9393 | |
parent | version bump (diff) | |
download | gentoo-2-03d0b4b5cb9404386dc785d88a0d40a85bbdfa67.tar.gz gentoo-2-03d0b4b5cb9404386dc785d88a0d40a85bbdfa67.tar.bz2 gentoo-2-03d0b4b5cb9404386dc785d88a0d40a85bbdfa67.zip |
Make sure that SElinux packages are not unmasked in the wild, only unmask them in the selinux profile.
-rw-r--r-- | profiles/ChangeLog | 7 | ||||
-rw-r--r-- | profiles/package.mask | 75 | ||||
-rw-r--r-- | profiles/selinux/package.mask | 75 |
3 files changed, 154 insertions, 3 deletions
diff --git a/profiles/ChangeLog b/profiles/ChangeLog index b702f7ccd21c..3449378b6ae7 100644 --- a/profiles/ChangeLog +++ b/profiles/ChangeLog @@ -1,11 +1,16 @@ # ChangeLog for profile directory # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.4136 2010/04/25 18:25:24 halcy0n Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.4137 2010/04/25 20:25:56 flameeyes Exp $ # # This ChangeLog should include records for all changes in profiles directory. # Only typo fixes which don't affect portage/repoman behaviour could be avoided # here. If in doubt put a record here! + 25 Apr 2010; Diego E. Pettenò <flameeyes@gentoo.org> package.mask, + selinux/package.mask: + Make sure that SElinux packages are not unmasked in the wild, only unmask + them in the selinux profile. + 25 Apr 2010; Mark Loeser <halcy0n@gentoo.org> package.mask: Block all revisions of tar-1.23 for now as well diff --git a/profiles/package.mask b/profiles/package.mask index e50ab2387b29..54e2d45bd5fc 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -1,5 +1,5 @@ #################################################################### -# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.11492 2010/04/25 18:25:24 halcy0n Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.11493 2010/04/25 20:25:56 flameeyes Exp $ # # When you add an entry to the top of this file, add your name, the date, and # an explanation of why something is getting masked. Please be extremely @@ -31,6 +31,79 @@ #--- END OF EXAMPLES --- +# Diego E. Pettenò <flameeyes@gentoo.org> (25 Apr 2010) +# on behalf of QA team <qa@gentoo.org +# +# Mask SElinux packages on all the profile and unmask it only for +# selinux itself; automagic dependencies can break systems otherwise +# +# Please keep this mask in sync between profiles/package.mask and +# selinux/package.mask (with - prefix there). +sys-libs/libselinux +sec-policy/selinux-acpi +sec-policy/selinux-apache +sec-policy/selinux-arpwatch +sec-policy/selinux-asterisk +sec-policy/selinux-audio-entropyd +sec-policy/selinux-avahi +sec-policy/selinux-base-policy +sec-policy/selinux-bind +sec-policy/selinux-bluez +sec-policy/selinux-clamav +sec-policy/selinux-clockspeed +sec-policy/selinux-courier-imap +sec-policy/selinux-cups +sec-policy/selinux-cyrus-sasl +sec-policy/selinux-daemontools +sec-policy/selinux-dante +sec-policy/selinux-dbus +sec-policy/selinux-desktop +sec-policy/selinux-dhcp +sec-policy/selinux-distcc +sec-policy/selinux-djbdns +sec-policy/selinux-dnsmasq +sec-policy/selinux-ftpd +sec-policy/selinux-games +sec-policy/selinux-gnupg +sec-policy/selinux-gpm +sec-policy/selinux-hal +sec-policy/selinux-inetd +sec-policy/selinux-ipsec-tools +sec-policy/selinux-jabber-server +sec-policy/selinux-kerberos +sec-policy/selinux-logrotate +sec-policy/selinux-lpd +sec-policy/selinux-munin +sec-policy/selinux-mysql +sec-policy/selinux-nfs +sec-policy/selinux-ntop +sec-policy/selinux-ntp +sec-policy/selinux-openldap +sec-policy/selinux-openvpn +sec-policy/selinux-pcmcia +sec-policy/selinux-portmap +sec-policy/selinux-postfix +sec-policy/selinux-postgresql +sec-policy/selinux-ppp +sec-policy/selinux-privoxy +sec-policy/selinux-procmail +sec-policy/selinux-publicfile +sec-policy/selinux-pyzor +sec-policy/selinux-qmail +sec-policy/selinux-razor +sec-policy/selinux-samba +sec-policy/selinux-screen +sec-policy/selinux-snmpd +sec-policy/selinux-snort +sec-policy/selinux-spamassassin +sec-policy/selinux-squid +sec-policy/selinux-stunnel +sec-policy/selinux-sudo +sec-policy/selinux-tcpd +sec-policy/selinux-tftpd +sec-policy/selinux-ucspi-tcp +sec-policy/selinux-wireshark + # Peter Volkov <pva@gentoo.org> (25 Apr 2010) # Beta version, for tests. See bug 316583#c12 =sys-devel/autogen-5.10.2_pre1 diff --git a/profiles/selinux/package.mask b/profiles/selinux/package.mask index 5726236dc9e2..22384c2729b6 100644 --- a/profiles/selinux/package.mask +++ b/profiles/selinux/package.mask @@ -1,4 +1,77 @@ -# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/package.mask,v 1.49 2010/04/08 13:47:54 ssuominen Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/selinux/package.mask,v 1.50 2010/04/25 20:25:57 flameeyes Exp $ # >=sci-libs/acml-3.6 requires gcc-4.2. >=sci-libs/acml-3.6 + +# Diego E. Pettenò <flameeyes@gentoo.org> (25 Apr 2010) +# on behalf of QA team <qa@gentoo.org +# +# Mask SElinux packages on all the profile and unmask it only for +# selinux itself; automagic dependencies can break systems otherwise +# +# Please keep this mask in sync between profiles/package.mask and +# selinux/package.mask (with - prefix there). +-sys-libs/libselinux +-sec-policy/selinux-acpi +-sec-policy/selinux-apache +-sec-policy/selinux-arpwatch +-sec-policy/selinux-asterisk +-sec-policy/selinux-audio-entropyd +-sec-policy/selinux-avahi +-sec-policy/selinux-base-policy +-sec-policy/selinux-bind +-sec-policy/selinux-bluez +-sec-policy/selinux-clamav +-sec-policy/selinux-clockspeed +-sec-policy/selinux-courier-imap +-sec-policy/selinux-cups +-sec-policy/selinux-cyrus-sasl +-sec-policy/selinux-daemontools +-sec-policy/selinux-dante +-sec-policy/selinux-dbus +-sec-policy/selinux-desktop +-sec-policy/selinux-dhcp +-sec-policy/selinux-distcc +-sec-policy/selinux-djbdns +-sec-policy/selinux-dnsmasq +-sec-policy/selinux-ftpd +-sec-policy/selinux-games +-sec-policy/selinux-gnupg +-sec-policy/selinux-gpm +-sec-policy/selinux-hal +-sec-policy/selinux-inetd +-sec-policy/selinux-ipsec-tools +-sec-policy/selinux-jabber-server +-sec-policy/selinux-kerberos +-sec-policy/selinux-logrotate +-sec-policy/selinux-lpd +-sec-policy/selinux-munin +-sec-policy/selinux-mysql +-sec-policy/selinux-nfs +-sec-policy/selinux-ntop +-sec-policy/selinux-ntp +-sec-policy/selinux-openldap +-sec-policy/selinux-openvpn +-sec-policy/selinux-pcmcia +-sec-policy/selinux-portmap +-sec-policy/selinux-postfix +-sec-policy/selinux-postgresql +-sec-policy/selinux-ppp +-sec-policy/selinux-privoxy +-sec-policy/selinux-procmail +-sec-policy/selinux-publicfile +-sec-policy/selinux-pyzor +-sec-policy/selinux-qmail +-sec-policy/selinux-razor +-sec-policy/selinux-samba +-sec-policy/selinux-screen +-sec-policy/selinux-snmpd +-sec-policy/selinux-snort +-sec-policy/selinux-spamassassin +-sec-policy/selinux-squid +-sec-policy/selinux-stunnel +-sec-policy/selinux-sudo +-sec-policy/selinux-tcpd +-sec-policy/selinux-tftpd +-sec-policy/selinux-ucspi-tcp +-sec-policy/selinux-wireshark |